A Cloud Infrastructure for Scaling Innovation Across Autonomous - PowerPoint PPT Presentation

A Cloud Infrastructure for Scaling Innovation Across Autonomous Teams henning.jacobs@zalando.de / @try_except_ GOTO Amsterdam 2015

AGENDA ABOUT US HISTORY RADICAL AGILITY ARCHITECTURE INFRASTRUCTURE

ABOUT ME Henning Jacobs ● STUPS Hacker ● Twitter: @try_except_ ● henning.jacobs@zalando.de

ONE OF EUROPE’S LARGEST ONLINE FASHION RETAILERS 15 countries 3 fulfillment centers 15+ million active customers 2.2+ billion € revenue 2014 130+ million visits per month 8.000+ employees Visit us: tech.zalando.com

A BRIEF HISTORY OF ZALANDO TECHNOLOGY

A BRIEF HISTORY OF ZALANDO TECH

ZALANDO PLATFORM

MAIN PRODUCTION STACK SINCE 2010 ~70% of all applications WAR deployment Single deployment tool On-premise data center

THE CHALLENGE deploy request servers Platform Platform team

THE CHALLENGE 80+ delivery teams deploy request servers request storage Platform Platform team

RADICAL AGILITY

GOAL DELIVER AMAZING PRODUCTS EFFICIENTLY AT SCALE, AND FEELING GREAT ABOUT IT.

3 PRINCIPLES

PURPOSE

AUTONOMY

MASTERY

LEADERSHIP FROM CONTROL & COMMAND TO PURPOSE AND TRUST

NEW LEADERSHIP DELIVERY PEOPLE LEAD LEAD

ARCHITECTURE AN ARCHITECTURE FOR INNOVATION

API FIRST

REST

SAAS

MICRO SERVICES

CLOUD

STUPS STUPS To Unleash Penguin Swarms

A PLATFORM ON TOP OF AMAZON WEB SERVICES DOCKER SSH AUDIT FULL AWS DEPLOY ACCESS REPORTS ACCESS STUPS AWS

AUTONOMY AND COMPLIANCE STUPS offers maximum freedom for developers while enabling near-real-time audit compliance for every single application .

STUPS IN A NUTSHELL One AWS account per Team Deployment with Docker Managed SSH Access REST/OAuth 2.0 mandatory Supports Traceability of Changes

ISOLATED AWS ACCOUNTS Public Internet *.foo.example.org *.bar.example.org Team “Bar” Team “Foo” ELB ELB EC2 EC2 EC2 EC2 Instance Instance Data Center LB EC2 EC2 Instance Instance Instance Instance EC2 EC2 Instance Legacy Instance Instances

T N E M Y O L P E D

IMMUTABLE STACKS

DEPLOYMENT WITH SENZA Pier One docker push Senza CLI docker pull AWS Taupage

SENZA: DEFINITION YAML

SENZA: BOOTSTRAP NEW CLOUD FORMATION STACK

SENZA: MANAGE STACKS

G N I G G O L

APPLICATION LOGS: TAUPAGE SUPPORTS LOGENTRIES AND SCALYR

S S E C C A H S S

SSH ACCESS: TIME-LIMITED ACCESS TO ANY TEAM SERVER

G N I R O T I N O M

ZMON TODO: Screenshot

ZMON APPLIANCE ZMON KairosDB Controller *.foo.example.org *.bar.example.org Team “Foo” Team “Bar” ELB ELB ZMON ZMON EC2 EC2 EC2 EC2 Instance Appliance Appliance Instance EC2 EC2 Instance Instance Instance Instance

HYSTRIX TURBINE

FULLSTOP: REPORT VIOLATIONS

H T U A O

OAUTH: APPLICATION REGISTRATION IN YOUR TURN

OAUTH: CREDENTIAL DISTRIBUTION VIA S3 BUCKETS YOUR TURN rotate OAuth passwords Provider Kio Mint store get access passwords token AWS S3 get password Taupage

LINKS STUPS Frontpage http://stups.io STUPS Documentation http://docs.stups.io GitHub Repositories https://github.com/zalando-stups Trying out Senza and Taupage http://docs.stups.io/en/latest/user-guide/standalone-deployment.html

QUESTIONS? http://stups.io @try_except_

BACKUP

STUPS COMPONENTS

STUPS: AWS ACCOUNT VPC SETUP eu-west-1a eu-west-1b eu-west-1c ● ELB for DMZ DMZ DMZ inbound traffic NAT ELB ● NAT instances for outbound EC2 EC2 ● HTTPS Only internal internal internal ● Internal subnets for app instances

STUPS: TRACEABILITY Pier One Docker Reg. Ticket System Image “docker/myart:1.0” EC2 Instances Issue “ABC-123” commit: afb123 spec: [...] build Docker Container SCM Ticket System Kio Application Registry Taupage AMI Commit “afb123” msg: ABC-123.. Application “myapp” issue_management: Jira approve Application Version “1.0” ✓ specs approved artifact: docker/myart:1.0 ✓ artifact tested ✓ artifact approved

ZALANDO TECH CONSTITUTION PT. 1

ZALANDO TECH CONSTITUTION PT. 2