- Platform as a Service (PaaS) provides scalable applications and services through standards-based components at multiple levels, robust tooling for cloud deployment, and automated governance.
- Stratos is a full middleware platform available as a service that provides self-service provisioning, multi-tenancy, elastic scaling, metering and billing through a collection of modular services.
- StratosLive is the public PaaS offering from Stratos that provides all the core Stratos services as a fully-managed cloud platform.
2. Paul Fremantle Working in Apache since 2002 Apache Member CTO and Co-Founder of WSO2 VP, Apache Synapse I play the Tin Whistle @tedleung
3. Moore ’ s Law for Data The amount of data online went from 5 exabytes in 2002 281 exabytes in 2009 Doubled every 15 months You cannot deal with this data growth with the same applications A reasonable conclusion is that the number of applications will double every 15 months too
4. Key Enablers for effective development Robust and scalable applications Components at multiple levels (e.g. OSGi and SOA) Standards Internal Standards (e.g. Schema patterns, Security policies) External Standards (SOAP, REST/HTTP, AMQP) Tooling to create cloud-deployable artifacts Low cost of provisioning a platform The right platform services Automated Governance Re-use Consistency lifecycle management Monitoring and SLA managemen
11. What kind of PaaS is it? Google App Engine, Heroku “ Web App” PaaS “ Integration PaaS” “ BPM PaaS” Messaging PaaS etc etc
12. Cloud Middleware Platform and PaaS A PaaS requires an underlying software base Cloud Middleware Platform (CMP), or Cloud Enabled Application Platform (CEAP – Gartner) “ Private PaaS” / On Premise PaaS Not all PaaS have redistributable CMPs The benefit of having a CMP is choice: Run your own PaaS in a private cloud More than one PaaS provider Open PaaS / Open CMP fights lock-in
13. Cloud Economies Public Cloud economy is based on the Central Limit Theorem For private clouds, the CLT sucks Multi-tenancy is the economy of scale for private clouds
14. Lean All the same benefits are magnified in a cloud Efficiency that is valuable in fixed deployments is invaluable in large dynamic deployments! Available on private, public, on-premise Getting locked into a specific public PaaS will have long term repercussions Open Source is a huge protection against this The correct set of core “ services ” Not just App Server, but Identity, Registry, Data, Cache, ESB, BPMS, Billing, Logging, etc Open Standard interfaces to common services Enables modular usage Self-service, multi-tenancy, elasticity, metering, incremental deployment and testing Offers a basis for both single-tenant and multi-tenant models Lots of tenants each with their own stuff, and/or One application that is offered to all or many tenants What to look for in a PaaS/CMP
15. Who are the players in the PaaS market? Those without a Private PaaS Force.com Heroku Google App Engine Amazon Elastic Beanstalk Those with a Private / Public PaaS Tibco Microsoft (nearly) Those with an Open Private / Public PaaS SpringSource CloudFoundry WSO2 Stratos
16. Stratos Overview A full middleware platform available as a service, with self service Fast provisioning Based on OSGi Modular, componentized, standard Multi-tenant, Elastic, Metered and Billed Effective and powerful Available under the Apache License Open Source, Open License, Open Development
18. Installation options 1. Full installation Pre-reqs IaaS – Eucalyptus, vmWare, Ubuntu or Amazon MySQL & Perl & JVM Ability to run a number of VMs (one per service) 2. Laptop/Simple install Pre-reqs A machine with lots of memory (4Gb min, 8GB preferred) JVM MySQL & Perl
19. Installation of Stratos 1.5.1 pack Config mysql max_allowed_packet = 16M ulimit –n 65000 Unzip the distro cd stratos ./stratos-setup.pl export STRATOS_DIR=`pwd`/deploy cd deploy ./stratos.sh start all
21. Complete PaaS Gartner is forecasting that it will be 2015 before vendors have true, integrated, complete PaaS frameworks We believe Stratos is that today
22. Available Services (low level) Multi-tenancy Deployment synchronizer Elastic Load Balancer tenant-aware Tenant-aware identity manager SAML2, OpenId, Oauth, XACML Tenant Metering and Billing Discovery Logging Configuration & Repository Data-as-a-Service Queueing-as-a-Service Health Monitor Private / Public Cloud bridging
23. Every Service has a network API All admin functions and all the low level services are available as SOAP APIs Full SOAP support, REST in some cases Always possible to bridge into REST using the ESB Why? Clear SOA design Allow mashups, BPEL and ESB integration Automated provisioning Support hybrid multi-tenancy models for legacy software
24. Available Services (mid-level) Application Server Webapp deployment Multi-tenant deployment of Tomcat 7 Service Deployment Axis2, JAXWS, POJO, Spring Transaction Manager SaaS deployment model Portal Server Based on the OpenSocial/Google Gadget spec Gadget repository and strong personalization features SAML2 and OpenId Single Sign-on Data Services Enterprise Service Bus Full multi-tenant deployment of Apache Synapse Governance Registry Governance-as-a-Service model
25. Available Services (high-level) Business Process Manager Full BPEL runtime in the cloud Human Task support Business Rules Server Complex Event Processing Business Activity Monitoring
37. Apache Cassandra as a Service & Carbonized Cassandra Users can log in to the Web Console (both in Stratos and in WSO Data Server) and create Cassandra key spaces.
38. Apache Cassandra as a Service & Carbonized Cassandra (Contd.) Key spaces will be allocated from a Cassandra clusters they are isolated from other tenants in Stratos it is integrated with WSO2 Security model. Users can manage and share his key spaces through Stratos Web Console and use those key spaces through Hector Client (Java Client for Cassandra) In essence we provide Cassandra as a part of Stratos as a Service Multi-tenancy support Security integration with WSO2 security model
40. Distributed Logging Every service and custom applications logs are captured by the log4j/commons loggings settings Logs are partitioned by tenant Logs are sent to the manager service via syslog Logs are then viewable / downloadable by tenant admins
45. Identity Server / Service Each tenant is identified by the @tenant-domain Each tenant admin can choose to manage their tenants user store either within the Stratos-internal LDAP store or using an external LDAP Bulk import Each tenant user has a OpenId/Infocard as well as SAML2 tokens Single-signon Single-Signoff is also supported SAML2 is used across the Stratos deployment to ensure a smooth transition between components SAML2 is also available as sign-on for webapps, gadgets and other user-deployed content
46. web.xml – Integrating Identity into WebApps <login-config> <auth-method>BASIC</auth-method> <realm-name>Basic Auth</realm-name> </login-config> Automatically ties into Stratos Identity
47. Identity Service continued As well as a full distributed authentication server, Stratos Identity Server also supports distributed Authorization OAuth XACML
48. Security Management Tenants are isolated at the core: Identity server provides the security model Registry/Repository implements an isolated data-store for configuration and meta-data Services are Isolated at the Axis2 level For services we also restrict classloading using Java Security Webapps are isolated using standard Tomcat techniques Each tenant can only load code from their tenants deployed WARs We apply security policies to stop webapps opening ports, modifying local files, calling OSGi Services These security policies can be changed based on need Sharing is possible across tenants using standard models – e.g. federated security and web/network access
50. Billing and Metering A generic multi-tenanted metering and billing module Written as OSGi Uses Drools to implement service levels E.g. 10 users, 100Mb transfer/month, 15 deployed services for free level of subscription Can be used to meter real business events How many sales transactions / month
51. Usage Data Metering/Throttling Usage Metering Currently available 01. Registry Resource Volume 02.Number of users Planned for next release 01.Appserver Service Bandwidths/Request Response count 02.ESB Mediation Data(Bandwidths Data) Throttling Currently Available 01.Number of users 02.Registry Resource Volume Planned for next release 01.Number of Request and Response counts 02.Service incoming and outgoing bandwidths
52. Stratos Billing Scheduled invoice generation Notifies the customers via email after invoices are generated Ability to view past invoices and the current(interim) invoice Securely pay the invoice via Paypal Notifies the customer via email on received payments Notifies the super-admin on customers exceeding the credit limit Presents a summary view to the super-admin
53.
54. Case Studies (in progress) System Integrator Currently running Stratos for internal projects Examining the use of Stratos for customer projects and SaaS Home Loan Bank WSO2 runs a private deployment of Stratos Developer sandbox and test environment Currently apps are then deployed internally in Carbon Betting/Gaming PaaS Provide an environment (Mashups, WebApps, Gadgets) for sports teams to write their own betting applications In the context of betting legislation/regulation Mobile PaaS Building a PaaS environment for a mobile telco SaaS-enablement of legacy applications
55. Futures SLA management and Priority Execution Better thread/CPU management and instrumentation HDFS support VM deployment End-to-end development lifecycle integration (Maven, SVN, Hudson/Jenkins, Junit)
Data center provisioned for peak capacity Utilization is 5-10% or up to 50% with virt Tight coupling between applications and hardware allocation Bought app silos (e.g. SAP) Provisioned for peak capacity Build apps using enterprise middleware Provisioned for peak capacity Hardware & app provisioning takes months
Has a private IaaS Overflows to one or more public IaaS Uses a bunch of public SaaS Has a bunch of private SaaS, both build & buy Internally built SaaS is HUGE Because that is the competitive differentiator for every business Private SaaS running on PaaS using private hybrid IaaS PaaS also could be private or public Has unified identity, security, audit, etc. across all of these Has federated identity management across public / private infra (SaaS/IaaS)