modernize your enterprise apps to microserviceswith ibm ... · pdf fileibm internal only...
TRANSCRIPT
IBM Internal Only – Do not share with customers 1
Modernize your Enterprise Apps to Microservices with IBM Cloud Private
Roland Barcia [email protected] Joshi [email protected]
© 2016 IBM Corporation© 2017 IBM Corporation
More ready for cloud May be ready for cloud Not ready for cloud
NOTE: The above is a representative example only
Enterprises are rapidly adopting cloud capabilities …but are encumbered with transforming existing application and infrastructure estate
Example financial services application portfolio• Refactoring complex, interconnected
applications & data
• Maintaining performance & SLA requirements for applications, data and integrations
• Multi-provider shared responsibility models for security & compliance
• Integration, Data management, service assurance & governance across multiple cloud providers
• Rapidly evolving technology choices (IaaS, PaaS, FaaS) and concerns of vendor lock-in
• Organizational & cultural changes to adopt DevOps transformations
CHALLENGES
What are “best” cloud technology choices and process changes needed ?What are the options to optimize environments that are not cloud-ready ?
© 2016 IBM Corporation© 2016 IBM Corporation
ApplicationPortfolio
Customer Information
Payment Systems
Business Process
Evolution to Cloud-based Application• Base Virtualization with
Standardization & Automation
On-premises | Off-premises
VMs | Containers | aPaaS | iPaaSEvent Driven
Transformation uses multiple concurrent approaches… to minimize risk & cost while leveraging new & existing investments to innovate & differentiate
• Cloud native• Loosely-Coupled• 12-factor• Horizontal Scaling• Eventually consistent• Microservices• Auto-scaling• DevOps & CI• Self-recovering
➡️ Lift-Standardize-Consolidate-Automate-Shift
➡️ Contain-Expose-Extend
➡️ Refactor/Create as Cloud-Native/Microservices
New Applications
➡️ Data Classification, Movement & Governance
Bare metal, VMs, Containers, Automation - SDDC
API Creation & Management, Connectivity & Integration
Event-Driven, aPaas, Containers, Microservices
Cognitive Data Classification, High-volume data transfer,Metadata Management
© 2017 IBM Corporation
Example Workload
Web Page
Java
UI
Portal
Mobile
MS SQL
Data & Transactions
DB2
IMS
Warehouse
account-groups
Business Logic
{REST/WS}
Enterprise Java
Mobile BFF
ProcessBPM
Process
Analytics &Reporting
MQ
APIC
DataConnect
Development Tools Management Security Operations
Lift-Optimize-Shift Contain-Expose-Extend Refactor as Microservices
Data Classification
& Governance
Private Cloud Public Cloud
APIC
IaaS CaaS (I & A) PaaS Event
TransformationApproach
Cloud Type
Technology
Service Provider Operator Developer, Integrator, Data Scientist User Persona
Development Choices
Java
Create Cloud Native Java apps
• Two decades of Java Leadership• Create and deploy Java microservices
using Liberty Java Microprofile and IBM Containers
• Create Spring Boot Apps, access to IBM Cloud Services and deploy to IBM Containers
• Active participant in MicroProfileProject
• Java Container Images and Buildpacks
Node.js
Create Cloud Native Apps & APIs
• Platinum member of Node.jsFoundation
• 9 active Node.js contributors• IBM Services SDKs in NPM• IBM SDK for Node.js with expanded
platform support (AIX, z/OS• IBM version of community runtime
with indemnification, monitoring and analytics, security
• Node Containers and buildpacks
Swift
Create IOS Apps and access IBM Cloud Services
• Swift SDKs for IBM Cloud Services in the apple developer community
• Swift Sandbox • Linux support• Extending to server side with Kitura• Swift Container Images and
Buildpacks
Python
Create machine learning applications
• Develop and deploy Python apps to IBM Cloud
• Access to Python libraries• Pre-built data & analytics starters
and also Scala, Perl, Go, php, .Net core, ……
APICon
nect
ContainerManagementandOrchestration
ApplicationStack
FabricLanguages/Platform DevOps
SourceControl
GitHub
CI/CID
Dependencies
Routing/Discovery
Log/Analytics
Monitoring
Messaging
Security
Config
Frameworks
CircuitBreaker
Tracing
Java
CloudFoundryandFaaS
KeyLibraries
Loopback,Express,Kitura,Microprfile,Spring
Drives Development Stack
ISTIO
ISTIO
APIand
Integration
Evolution of architectural styles• Monolithic:
One large application that does everything• Microservices:
Several smaller applications that each does part of the wholeEvolution of service development• SOA:
Focused on reuse, technical integration issues, technical APIs• API:
Focus on Consumability of Interfaces. Driven by Front-end developers and 3rd party consumers
• Microservices: Focused on functional decomposition, business capabilities, driven by team structure. Focus on the full app, not just interfaces
© 2016 IBM Corporation© 2017 IBM Corporation
Managing Microservices - istio
Key tenets of a microservices architecture1. Large monoliths are broken down into many small services
§ Each service runs in its own process§ The applicable cloud rule is one service per container
2. Services are optimized for a single function§ There is only one business function per service§ The Single Responsibility Principle: A microservice should have one, and
only one, reason to change§ Database per service is desired
3. Communication via REST API and message brokers§ Avoid tight coupling introduced by communication through a database
4. Per-service continuous integration and continuous deployment (CI/CD)§ Services evolve at different rates§ You let the system evolve but set architectural principles to guide that
evolution5. Per-service high availability (HA) and clustering decisions
§ One size or scaling policy is not appropriate for all§ Not all services need to scale; others require autoscaling up to large
numbers
10
Refactoring an Existing Application
Current Architecture• Single Relational DB Schema– Products, Customer, Ordering, etc
• Single EAR file – EJB and JPA persistence– Dojo Web Application.
Business Problems• Limited Searching capabilities for
products. • Little Knowledge of Customer for
targeted experience• Ordering system is complex– difficult to add product and customer analytics to
site without breaking Order System.
11
Catalog Data Imported into Elastic Search.
• New Fuzzy SearchCustomer Data Modeled and Stored in Document NOSQL store with analytic and social data. Order Microservice wraps on-prem ordering and uses integration. New Mobile App uses new microservices. Existing Website used with routing / Strangler pattern to evolve.
Not Everything becomes a
Microservice
New Architecture
© 2016 IBM Corporation© 2017 IBM Corporation
IBM’s Private Cloud provides a single platform… to enable enterprises to both innovate & optimize
Flexible Choice of InfrastructureVMware | Openstack | Hardware
Kubernetes-based Platform Developer Productivity | Operational Efficiency
Catalog | Built-in Elasticity | Multi-tenant | Consistent Management
Open Technology | Runs anywhere
Cloud Optimized Software & ServicesMiddleware | Data | Analytics | Machine Learning | Blockchain
Integrated DevOps & ManagementOpen DevOps Toolchain | Hybrid Cloud Management
• Single platform for new cloud-native application development and optimization of existing applications
• Choice of application development models for cloud-native development
- Infrastructure-as-Code, Kubernetes, Cloud Foundry
• Accelerate applications and middleware modernization with catalog of container-based middleware, data & analytics
• Minimize risk by reducing changes to existing applications while leveraging platform and middleware for availability, elasticity & cost
• Integrate within the enterprise and to public cloudservices using API connectivity & management
• Runs on existing infrastructure on-premises to address security, compliance, risk & cost
© 2016 IBM Corporation© 2017 IBM Corporation
IBM Private Cloud – Capabilities
• Reuse existing infrastructure• IBM Data Center transformation to a proven
VMware SDDC architecture• IBM Managed Services• IBM Storage including optimization for container-
based workloads
• Automation & Infrastructure-as-CodeICP Cloud Automation Manager(Terraform, Chef)
• Containers & OrchestrationICP with Kubernetes
• Cloud FoundryICP with Cloud Foundry
• Function-as-a-ServiceICP with OpenWhisk
• IBM API Connect- Containerized on ICP (future)- Open Standards
• ICP Catalog- Helm Charts- Patterns- Cloud Foundry Services
• IBM Supported Languages & Frameworks- Container Images & Buildpacks for Java, Node, Swift. .Net- Frameworks: Spring, JEE, Mobile, Many Node & Reactive
• IBM DevOps Tools + Open Source- Urban Code Release/Deploy- Cloud Automation Manager- Containerized on ICP (future)
• ICP-based Management- For Containers &
Cloud Foundry- Metrics- Common Ops
functions- Identity, RBAC &
Policies- Capacity &
Placement withCloudMatrix
• ICP Common Services- Monitoring: Prometheus, Grafana- Logging: ELK- IAM: Built-in + Federation to Enterprise- Metering: Product insights- Key Management: Vault
© 2016 IBM Corporation© 2017 IBM Corporation
Based on Communities & Standards
Creating a stable, operable and well integrated group of projects for “born in the cloud” applications
An open governance structure for creating open industry standards around container formats and runtime
© 2016 IBM Corporation© 2017 IBM Corporation
Container Platform Security – Vulnerability Advisor• Policy Violations• Vulnerable Packages• Security Misconfigurations• Best Practices• Administrative control over deployments• Live Container Scanning• Integration between Vulnerability Advisor
and IBM X-Force
IBM Bluemix Container Service | IBM Confidential | ©2017 IBM Corporation
© 2016 IBM Corporation© 2017 IBM Corporation
Monitoring
Scaling
© 2016 IBM Corporation© 2017 IBM Corporation
Logging
© 2016 IBM Corporation© 2017 IBM Corporation
IAM
Manage Groups
Identity ManagementManage
ServiceIDsManageUsers
Manage Credentials
ServiceAuthentication
Authentication ManagementUser
Authentication
Identity Federation
Policy Decision
Access Management
Policy EnforcementCRN Management
Token Management
User Interfaces, APIs, CLIs
ICP Identity Service
KubernetesIntegration
Enterprise Directory
Manage Teams
Manage LDAP
Policy Administration
login success à OAuth2 token Role based access on resources represented via CRNs
Private Cloud Identity and Access Management
© 2016 IBM Corporation© 2017 IBM Corporation
Self-Service Catalog
Primarily enables “Developer”
Primarily enables “SRE”
© 2016 IBM Corporation© 2016 IBM Corporation
Demo
© 2016 IBM Corporation© 2017 IBM Corporation
Cloud Private Reference Architecture
https://www.ibm.com/devops/method/content/architecture/private-cloud