Download presentation
Presentation is loading. Please wait.
Published byBrendan Hall Modified over 8 years ago
1
Except where noted contents © 2014 Development Partners Software Corporation http://www.devpartners.com http://www.devpartners.com Cloud Architecture Anti-Patterns A concise overview of some bad ideas Bill Wilder, Finomial CTO @codingoutloud codingoutloud@gmail.com blog.codingoutloud.com linkedin.com/in/billwilder.NET Architecture Group 20-May-2015
2
Except where noted contents © 2014 Development Partners Software Corporation http://www.devpartners.com http://www.devpartners.com Cloud Architecture Anti-Patterns A concise overview of some bad ideas Bill Wilder, Finomial CTO @codingoutloud codingoutloud@gmail.com blog.codingoutloud.com linkedin.com/in/billwilder.NET Architecture Group 20-May-2015 Find this slide deck here
3
Except where noted contents © 2014 Development Partners Software Corporation http://www.devpartners.com http://www.devpartners.com Cloud Micro-Service Anti- Patterns for the Internet of Things written in Go A certifiably buzzworthy presentation Bill Wilder, Finomial CTO @codingoutloud codingoutloud@gmail.com blog.codingoutloud.com linkedin.com/in/billwilder
4
Who is Bill Wilder? www.devpartners.com www.bostonazure.org www.cloudarchitecturepatterns.com
5
My name is Bill Wilder Bill Wilder @codingoutloud blog.codingoutloud.com
6
Lots of ♥ to all the clouds etc…
7
7
8
Architect Skills Technical Business Decisions
9
9 Famous Architect: Aristotle On Properties: Essential property = must have Accidental property = happens to have but could lack For effective software architect, all are Essential Properties Technology Skills Ability to Communicate Business Awareness
10
10 Business Awareness
11
11 Top 10 “Blunders” by Enterprise Architects #3. Not engaging the business partners #2. Insufficient understanding and support from stakeholders #1. The Wrong Lead Architect (for non- technical reasons) #7. Not … Communicating the Impact #10. Not Spending Enough Time on Communications Source http://www.sdtimes.com/link/33787 The top 10 enterprise architecture blunders By Alex Handy, September 25, 2009http://www.sdtimes.com/link/33787Alex Handy
12
To cloud or not to cloud? control vs. cost
13
Ctrl € $¥
14
Ctrl € $¥ Technology Skills Ability to Communicate Business Awareness
15
Cloud Services … in the Cloud “who would’ve thought” Cloud is a business innovation technology services + flexible rental model new types and combinations of services
16
1/9 th above water Services: TTM & Sleeping well SOA
17
Treating your ops team as equivalent to the cloud vendor’s ops team (They are not. Let cloud vendor handle service operations. Use services. You focus on your app.) Anti-Pattern #1
18
What is an Anti-Pattern Wikipedia says: (http://en.wikipedia.org/wiki/Anti-pattern)http://en.wikipedia.org/wiki/Anti-pattern “A common response to a recurring problem that is usually ineffective and risks being highly counterproductive.” Bill’s amplification: “An anti-pattern approach may seem reasonable, or actually be reasonable in other contexts. There may be problems that are not yet be apparent.” Often depends on the situation. This talk will span: Architecture and Architects
19
N-tier, SOA, μSvcs Multi-data center Horizontal scaling Expects failure Eventual consist Traditional Cloud-Native 2-tier Single data center Vertical scaling Ignores failure Transactional consist Less flexible More manual/attention Less reliable (SPoF) Maintenance window Less scalable, more $$ Agile/faster TTM Auto-scaling Self-healing HA Geo-LB/FO TELLS/CLUES CONSEQUENCES Tells: Traditional vs Cloud-Native Which is “best” architecture? There is no “best” architecture – it is situational, a Technical Business Decision. Cloud-native popularity growing in proportion to the shrinking cost and competitive benefits.
20
One-size-fits-all architecture Anti-Pattern #2
21
[Cloud] Anti-Pattern Causes Abstraction misalignment Not reading the fine print Insufficient ongoing attention to cost Insufficient ongoing attention to automation
22
www.pageofphotos.com (PoP)
23
Move Simple PoP App to Cloud WHAT NOW?
24
Scalability & Performance & Cost & Automation
25
Are Cloud Resources Infinite? “We often hear that public cloud platforms offer the illusion of infinite resources. Obviously, resources are not literally infinite (infinite is rather a lot), but you can expect that any time you need more resources, they will be available (though not always instantly). This does not mean each resource has infinite capacity, just that you can request as many instances of the type of resource that you need.” Page 21, my (Bill Wilder’s) Cloud Architecture Patterns book
26
Time passes… PoP has lots of photos
27
www.pageofphotos.com
28
One-size-fits-all data storage (perf, scalability, cost) Anti-Pattern #3
29
Upgrade to scenario-specific storage Some $, Perf, Scale benefits
30
PoP uses Valet Key Pattern Even more $, Perf, Scale benefits
31
CDN for public content Many, many other storage options also available: NoSQL varieties, caches, etc.
32
Always access raw data (regardless of distance, cost) (performance, scalability, cost) Anti-Pattern #4
33
Scalability != Performance ∞ performance does not imply ∞ scale (but sure would be a good start!) “Performance is what an individual user experiences; scalability is how many users get to experience it.” Page 8, my (Bill Wilder’s) Cloud Architecture Patterns book
34
PoP web tier goes multi-instance… Users experiencing login issues * *Depending on configuration …
35
Are Cloud Resources Infinite? “We often hear that public cloud platforms offer the illusion of infinite resources. … This does not mean each resource has infinite capacity, just that you can request as many instances of the type of resource that you need.” Page 21, my (Bill Wilder’s) Cloud Architecture Patterns book
36
Running stateful VMs in web / service tiers (Limits horizontal scalability & complicates autoscale – but sometimes is reasonable option) Anti-Pattern #5
37
I don’t have a slide on this, but … sharding
38
Reliability
39
Treating commodity cloud VMs like the super- reliable iron your company buys. (Not internally redundant; failure is routine (not frequent); optimized for value.*) Anti-Pattern #99
40
PoP Adding Video Support (uh oh!)
41
Current
42
Let’s extend PoP with a Service Tier
43
REQUEST / RESPONSE (http + json) OPTION 1: Request/Response Services Services Tier Web Tier Data Tier Stateless Services web browser
44
Coupling Between Tiers (reliability, scalability, cost) (Situational: I frequently violate! Also relates to microservices.) Anti-Pattern #6
45
Cloud Platform Reliable Queues Azure Storage or ServiceBus Queue AWS Simple Queue Service Google Pub/Sub Durable – won’t lose your data Reliable – backed by SLA and ops team Scalable – Internet scale Approachable – REST + many SDKs
46
Basic Idea Reliable Queue Work Producers Work Consumers
47
OPTION 2: Async Services Services Tier Web Tier Data Tier Stateless Services web browser push pull
48
Stateless Services Notice anything “missing” ? There is no transaction Get used to idea of eventual consistency
49
Enables Responsive UX Response to interactive users is as fast as a work request can be persisted UX challenge due to async processing – Eventual consistency processing – Eventual satisfaction for users
50
Enables More Reliable Service Decoupled front/back provides insulation Blocking is bane of scalability
51
Limit yourself to transactionally-friendly operations (reliability, scalability, cost) Anti-Pattern #99
52
General Case: Many Queue Types Web Role (IIS) Web Role (IIS) Worker Role Worker Role Web Role (IIS) Web Role (IIS) Web Tier (Public) Web Tier (Public) Worker Role Worker Role Worker Role Worker Role Service Tier Type 1 Worker Role Worker Role Worker Role Worker Role Worker Role Worker Role Worker Role Type 2 Worker Role Type 2 Queue Type 1 Queue Type 2 Queue Type 1 Queue Type 2 Queue Type 3 Worker Role Type 2 Worker Role Type 2 Worker Role Type 2 Worker Role Type 2 Service Tier Type 2 Service Tier Type 2 Web Tier (Admin) Web Tier (Admin)
53
Enables Cost-Efficient Scaling Loosely coupled, concern-independent scaling Get Scale Units right Optimize for CO$T EFFICIENCY GOAL: cost α benefit
54
How about the queue API?
55
A reliable queue works just like any other queue, right? (beware the abstraction mismatch) Anti-Pattern #7
56
Reliable Queue & 2-step Delete Web Tier Web Tier Service Tier var url = “http://pageofphotos.blob.core.windows.net/up/.png”; queue.AddMessage( new CloudQueueMessage( url ) ); var invisibilityWindow = TimeSpan.FromSeconds( 10 ); CloudQueueMessage msg = queue.GetMessage( invisibilityWindow ); (… do some processing then …) Queue queue.DeleteMessage( msg );
57
Idempotent Processing An idempotent operation can be performed more than once without changing the end result. Key technique in lieue of distributed transactions
58
Poison Message Detection A poison message is a flawed message that can never be successfully processed.
59
QCW requires “Plan for Failure” VM restarts will happen – Hardware failure, O/S patching, crash (bug) Bake in handling of restarts into our apps – Restarts are routine: system “just keeps working” – Idempotent support needed important – Event Sourcing (commonly seen with CQRS) may help Not an exception case! Expect it! Consider N+1 Rule
60
Typical SiteAny 1 Role InstOverall System Operating System Upgrade Application Code Update Scale Up, Down, or In Hardware Failure Software Failure (Bug) Security Patch What’s Up? Reliability as EMERGENT PROPERTY
61
What about the DATA? You: Azure Web Roles and Azure Worker Roles – Taking user input, dispatching work, doing work – Follow a decoupled queue-in-the-middle pattern – Stateless compute nodes Cloud: “Hard Part”: persistent, scalable data – Azure Queue & Blob Services – Three copies of each byte – Geo-replicated to sister data center – Busy Signal Pattern
62
Tiers of Cloud Failure Transient API/DB connection failures Temporary/Ephemeral drive loss DC outage (or smoking hole) Zone/Region outage (or smoking hole) Global outage
63
“Failure is not an option” (Failure is routine, at least at lower tiers.) Anti-Pattern #8
64
Programming against Cloud Services as though they were reliable (Transient Failures handled using Busy Signal Pattern) Anti-Pattern #9
65
Security
66
A1-Injection A2-Broken Authentication and Session Management A2-Broken Authentication and Session Management A3-Cross-Site Scripting (XSS) A4-Insecure Direct Object References A5-Security Misconfiguration A6-Sensitive Data Exposure A7-Missing Function Level Access Control A8-Cross-Site Request Forgery (CSRF) A9-Using Components with Known Vulnerabilities A10-Unvalidated Redirects and Forwards
67
unicorn cloud security for apps Copyright © 2013 Elizabeth B. O’Connor used with permission www.elizabethboconnor.comwww.elizabethboconnor.com SQL INJECTION SESSION HIJACKING CSRF XSS
68
Belief in cloud app security unicorns Reality: your app’s vulnerabilities will port very cleanly to your favorite cloud platform Anti-Pattern #10
69
Little Bobby Tables (still a problem)
70
Conflating App & Platform security secure compliant Anti-Pattern #11
71
Cloud News from June 2014 http://www.codespaces.com/ A cautionary tale… – DDoS – Security Breach – Ransom / Extortion – Fighting Back – Malicious Destruction of Assets – Business Failure ELAPSED TIME 12 HOURS
72
1FA single-factor auth (2FA/MFA is widely available) Anti-Pattern #12
73
Service Level Agreements (SLA)
74
PoP (pageofphotos.com) adds paid plans to corporate partners – wants to offer an SLA
75
What is “the SLA” for storage?
76
SLA Responsibilities From Google Storage (https://cloud.google.com/storage/sla) :https://cloud.google.com/storage/sla "Back-off Requirements" means, when an error occurs, the Application is responsible for waiting for a period of time before issuing another request. This means that after the first error, there is a minimum back-off interval of 1 second and for each consecutive error, the back-off interval increases exponentially up to 32 seconds.”
77
SLA Math All required: 99.99 4 = 99.96 All required: 99.95 x 99.9 2 x 99.99 = 99.74 Period of time over which an SLA applies matters
78
SLA Penalties Limited to the service costs – Service costs != your business losses Multiple instances might be needed to be eligible
79
Passing along the SLA The cloud SLA becomes my service’s SLA Anti-Pattern #13
80
Compose to boost reliability
81
Affordability
82
Maximizing value from public cloud platforms Key Concept Turn off or delete unused resources Leverage very aggressive pricing for non- production workloads Enhance agility & productivity ASIDE: Will your test team be ahead of – or behind – the curve when your company moves production apps to public cloud?
83
The term “cloud” is nebulous… Public cloud platforms are global (and getting “globalier”)
84
Automation
85
– – – – – –
86
86 What is Architecture? "Architecture is the fundamental organization of a system embodied in its components, their relationships to each other, and to the environment, and the principals guiding its design and evolution." [IEEE 1471]
87
The architecture of a cloud-native application is aligned with the architecture of the underlying cloud platform.
88
Hiring! HIRING at Finomial Corporation Are you a talented senior engineer/architect interested in financial services in Boston area? Technology stack is ASP.NET on Azure + SPA Downtown Boston (startup space) bill.wilder@finomial.com (or grab a biz card) bill.wilder@finomial.com
89
Except where noted, slide deck is © 2014 Development Partners Software Corporation http://www.devpartners.com http://www.devpartners.com And…. Bill Wilder @codingoutloud codingoutloud@gmail.com blog.codingoutloud.com linkedin.com/in/billwilder Find this slide deck here See you at Boston Azure bostonazure.org
91
des questions?
Similar presentations
© 2024 SlidePlayer.com Inc.
All rights reserved.