Upload
others
View
17
Download
0
Embed Size (px)
Citation preview
© Copyright 2018 Pivotal Software, Inc. All rights Reserved.
Spring and Pivotal Application Service
Younjin Jeong
Principal Technologist, Pivotal
Cover w/ Image
Agenda
■ Why Spring and PAS?■ Market Leading Spring Support■ Services Ecosystem for Spring Apps■ Next Steps
How much time do developers spend developing?
Source: Forrester Business
Technographics Global
Developer Survey, 2016
Base: 719 Developers who work
for a software company, as a
game developer, for internal IT,
or in technology services
13%
18%
34%
33%
25%
24%
42%
31%
23%
26%
30%
26%
15%
17%
19%
18%
7%
7%
9%
6%
10%
5%
3%
4%
4%
None
<15 Min
15-59 Min
1-2 Hr
3-4 Hr
4+ Hr
Writing new / changing existing code
miscellaneous tasks
deploying code
configuring infrastructure
How much time do developers spend operating?
Source: Forrester Business
Technographics Global
Developer Survey, 2016
13%
14%
16%
21%
21%
24%
30%
30%
29%
32%
30%
27%
32%
28%
22%
18%
14%
10%
12%
8%
10%
7%
4%
5%
3%
None
<15 Min
15-59 Min
1-2 Hr
3-4 Hr
4+ Hr
Writing new / changing existing code
Building or integrating code
Debugging / production support
Designing new functionality
Unit testing
You Build It, You Run It
You Support It
CULTURE PRINCIPAL
© Copyright 2018 Pivotal Software, Inc. All rights reserved.
https://medium.com/netflix-techblog/full-cycle-developers-at-netflix-a08c31f83249
May 18, Netflix announced a concept of “Full Cycle Developers”
Software Development Lifecycle, SDLC
Each specialist team creates tools for each cycles,
But the costs increased for communications, feedback loops, and bottlenecks.
Netflix created a team called “Cloud Platform”, which includes
“Performance and Reliability Eng.”, “Engineering Tools”
To support each development teams by “Tools” that can be easily re-used.
They have been created Common Netflix Tools and that was a key to scale their services.
Hardware
IaaS
Container Orchestrator
Application Platform
Landing your workload on the right target is key to
balancing automation vs. desired flexibility required
Higher flexibility and less
enforcement of standards
Lower development complexity and higher operational efficiency
FunctionPlatform
vSphere Openstack AWSGoogleCloud
Azure & Azure Stack
Shared Services
Shared Security
Shared Networking
Logging & Metrics / Services Brokers / API Management
Credhub / UAA / Single Sign On
VMWare NSX
Embedded Operating System (Windows / Linux)
Application Code & Frameworks
Buildpacks / Spring Boot / Spring Cloud / Steeltoe
PASPivotal Application
Service
PKSPivotal Container
Service
PFSPivotal Function
Service
Pivotal Services
Marketplace
Pivotal and Partner Products
Any AppEvery CloudOne Platform
PCF 2.0 — for
everything that matters
Co
nco
urs
e
Pivotal Application Service (PAS) App Runtime
DYNAMIC ROUTE SERVICES / API MANAGEMENT
APP MICROSERVICES TECHNOLOGY
Spring Boot SteeltoeSpring Cloud
Services
DATA MICROSERVICES TECHNOLOGY
Spring Cloud Data
Flow
Cloud Cache
RabbitMQ MySQL
YOUR APPLICATIONS
PLATFORM
Elastic Runtime ConcourseApp
AutoscalerPCF Metrics CredHub
Orgs, Spaces, Roles and
Permissions
EMBEDDED OS
CLOUD ORCHESTRATION
CONTAINER ORCHESTRATIONWindows Linux
AmazonWeb Services
MicrosoftAzure
GoogleCloud
PlatformOpen Stack VMWare
SERVICE
BROKER API
PIVOTAL
APPLICATION
SERVICE
PIVOTAL
CLOUD FOUNDRY
BOSH
MODERN
CLOUD NATIVE
PLATFORM
MULTI CLOUD
Eliminate Boilerplate Code, Focus on Business Logic
Spring Framework Spring
Security
Spring Data Reactor Spring Batch Spring Integration
Spring Boot
Spring Cloud
Spring Cloud Pipeilnes
Considerations
Detailed Monitoring
Fault Isolation Control
API base Service interactions
Cloud Based Service Lifecycle Management
Fan-Out effect Control
Various Backing Services Support
Configurations Management for Number of Microservices
Service Auto Healing
Log Aggregation and Analysis
Fault Injection Test
Organizations
Culture
Configuration Server
Service Discovery
Circuit Breaker
API Gateway
Distributed Tracing
Zero Downtime Delivery
Fault Injection Test
Chaos Engineering
Persistence Cache Layer
Sidecar / Library
Freedom and Responsibility
Self-service Paradigm
Solutions
Org
Changes
Te
ch
Ch
an
ge
s
Cloud Foundry UAA
OAuth 2 Server for centralized ID
management
Implemented as a standard Spring MVC Webapp
Deploy Local Tomcat for testing, Cloud Foundry for
production
Support for open Auth / AuthZ standards:
● Oauth
● OpenID Connect
● SAML
● LDAP
● SCIM
Spring Security and CF SSO
Cloud Foundry UAA (built-in)
Active Directory FS
Azure Active Directory
(SAML/OIDC)
CA SSO
GCP OpenID Connect
Okta
PingFederate
PingOne Cloud
Integrates to any ID Federation via (SAML/OpenID)
IDMs are self – service for DevOps via a marketplace
Converts complex SAML interactions into basic OAuth
tokens
Works great with Spring Security (Java), Steeltoe.io (.NET)
CredHub
Secure credential management
Implemented as a Spring Boot app
Provides an API for storing, generating, and retrieving
credentials
Supports credentials of different types: simple strings,
passwords, certificates, keypairs, JSON objects
Supports pluggable Hardware Security Modules
Implementing monolith or
microservice patterns on the cloud
with Spring Boot
I. One Codebase, One App
II. Dependency Management
V. Build, Release, Run
XI. Logs
IX. Disposability
IV. Backing Services
X. Environmental Parity
XII. Administrative Process
VII. Port Binding
VI. Process
VIII. Concurrency
III. Configuration
Spring Boot makes 12+ factor
style apps easy. Microservices
requires a lot of repetitive:
Property Configuration
Port Binding
Connecting to Backing
Services
Logging
Deployment,
Redeployment
12 Factor Apps
Spring DeploymentProfiles
Transition between environments
without recompiling / rewriting
Automatic enablement of “cloud” @Profile on
deploy
Any @Configuration class in this profile will be
automatically applied
No recompile required to adapt to deployment envs
https://spring.io/blog/2015/01/13/configuring-it-all-out-or-12-factor-app-style-configuration-with-spring
Spring Cloud Connector for Cloud Foundry
Bring Cloud Foundry service
connection data directly into your
Spring Beans
Auto-enabled if VCAP_APPLICATION is detected
Check for VCAP_SERVICES and parse common data
for supported services *
Java Buildpack
Immutable Infrastructure
for JVM frameworks
Build Containers from a single control point
Robust JRE / JVM Framework options
Self executable JAR / Java main()
Advanced JVM memory calculator
JVM heap dump histograms
Spring Boot CLI apps
Robust 3rd party framework & product support
Spring Cloud & Spring Cloud Services (SCS)
Developing on the Desktop
vs.
Deploying in Production
DEV PROD
Security: OAUTH2, TLS, PAS
UAA integration, RBAC
Ops: BOSH release for Config
Server, Service Registry, Circuit
Breaker
SCS:Config Server
Zero downtime app updates –
dynamically update application
configuration
app C
greeting: hi
app B
greeting: hi
app A
greeting: hi
Config Server
2. Source config
1. Push config
1. Pull config
Hashicorp Vault
Git Source Repos
greeting: hi
2. API keys, secrets
Dev Desktop
SCS:Service Registry
NetflixOSS Eureka Intelligent
Routing Foundation
Service
Registry
ConsumerProducer
1. register
2. discover
3. connect
Service
RegistryService
RegistryService
Registry
SCS:Circuit Breaker
Fault Tolerance Library for
Distributed Systems
Closedon call / pass through
call succeeds / reset count
call fails / count failure
threshold reached / trip
breaker
Half-Openon call / pass through
call succeeds / reset
call fails / trip breaker
Openon call / fail
on timeout / attempt reset
trip
breaker
reset
attempt
reset
trip
breaker
SCS:CF CLI Plugin
Spring Cloud Services integration
for the CF Command Line
Interface
Provides SCS Dev Tools directly from CF CLI
- List apps in eureka instance
-Enable/disable Eureka registration
-Deregister service in Eureka
- Encrypt config server values
Spring Cloud Pipelines
Opinionated template of a
deployment pipeline
Jumpstart your CI / CD pipeline setup!
Packaged up best practices from Pivotal
Each pipeline step is an (editable) bash script
Supports Jenkins, Concourse, Maven, Gradle
Target PAS or PKS
Container to Container Networking
Enabling direct microservice to
microservice communication
Improve on legacy CF ASG experience:
Order of magnitude latency reduction
No expensive “hairpin” trip through LB/FW
Support for multiple TCP/UDP ports
Allow SDN traffic like VMware NSX
Support for “Zero Trust” security posture
B
C
A
Apps Manager
Rich management and
observability of Spring Boot
applications
Transparent security integration with Pivotal Cloud
Foundry UAA, icon recognition for boot apps
/loggers to list or modify log levels at runtime
/mapping for all @RequestMapping paths
/info for env, build & Git info
/health information
/dump and /heapdump
/trace for recent HTTP requests
PCF Metrics
Trace Explorer:
Distributed trace call graph &
visually correlated logs
Understand failures and latency in
microservice architecture, no manual zipkin
management
Your custom Spring Boot /metrics automatically
display as graphs
Interactive, graphical displays of request traffic
through an app
View correlated logs to time window
Visualize and filter metrics by AI
Integrated with PCF UAA Security
Container Health & Performance
1st responder troubleshooting
tools for DevOps
Shows app developers a real-time view of data
Network metrics: HTTP req/err, and avg latency
(every second)
Container metrics: CPU, disk, and memory (every 30
seconds)
App events: create, update, start, stop, crash (on
occurrence)
Spring Cloud Data Flow for PCF
Streaming & Batch orchestration
via Cloud Native Data Pipelines
PAS & UAA Security
1. Provision for Ops
SCDF for PCF
tileBOSH Director
2. Devs make instances
3. Write Apps!
mySQL RabbitMQ RedisMetrics
Collector
Spring
Cloud
Skipper
CUPS
(e.g.
Kafka)
© Copyright 2018 Pivotal Software, Inc. All rights Reserved.
Services Ecosystem for your Spring Apps
Pivotal Cloud Cache
● High performance, in-memory, data at scale for microservices
● Look-aside caches &HTTP session state caching
● NEW: WAN replication
MySQL for PCF RabbitMQ for PCF
● Enterprise-ready MySQL for your developers
● Automate database operations in developer workflows
● NEW: Leader-follower for multi-site HA
● Easily connect distributed applications with the most widely deployed open source message broker
● Enable connected scalable, distributed applications
● NEW: On-demand clusters
● In-Memory cache and datastore, configured for the enterprise
● Efficient provisioning matched to use cases
Redis for PCF
Enterprise Ready Services
BOSH Managed | On-Demand Provisioning | Dedicated Instances | Custom Service Plans
The Growing PCF EcosystemMobile Networking
Storage
BPM
App Integration
DevOps Tooling
Data Management
Microservices Management
CRM
CommerceIAMIDE/CodeOtherAPM/Monitoring
Search
Security
SIEM/Log/AuditAPI Gateways
Messaging
IaaS
Cover w/ Image
Agenda
■ Why Spring and PAS?■ Market Leading Spring Support■ Services Ecosystem for Spring Apps■ Next Steps
© Copyright 2017 Pivotal Software, Inc. All rights Reserved. Version 1.0
● Contact your account team with questions
● Try hosted software now at run.pivotal.io
● On prem software published to network.pivotal.io
● Sign up for the next roadmap call roadmap-registration.cfapps.io
(First Thursday of every month, 2pm ET/11am PT)