Architectural Design Patterns for Cloud Computing Rajesh Venkatesan Senior Architect, HCL Technologies rajeshvn@hcl.com
Cloud Computing – NIST Definition • Provision without human On-demand interaction self-service SaaS • Accessible via the internet Broad network • Across heterogeneous platforms access PaaS • Multi Tenant Resource • Location Independence pooling • Dynamic Provisioning and IaaS Release Rapid elasticity • Seemingly Unlimited • Usage is measured Measured • Is monitored, controlled and service reported 2
Business Requirements for the cloud applications Can I keep the cost of adding a customer near Can my Can I quickly zero? partners build have trial additional instances for offerings? customers? Can I have a Can I bill only solution that is based on what completely customer uses. secure? Cloud Architecture Can I have just Can I afford to in time not know when infrastructure my service will capabilities? go viral? Can I Enterprise/ Can I shutdown modularize and Common Concern unused sell based on instances? customers need? ISV Concern Can my Customers Can I quickly aggregate purchase and services? get access to services? 3
Architectural Tenets Elasticity Scalability Availability Interoperability Multi Tenancy Security 4
Architectural Pattern – Loose Coupling The fewer assumptions that a component makes of its environment, the looser it is coupled. Location, Availability abstraction Example All types of messaging. Cons Pros 5
Architectural Pattern – Stateless Design State Implications Components that have heavy in-memory state are near impossible to scale. Failure of the component translates failure of multiple requests. Additional nodes do not solve this problem since state is lost. Stateless Design Move state to a centralized persistent store. Keep components stateless. Cons Pros 6
Architectural Pattern - Auto Scale Elasticity is a primary feature of the cloud. Applications must take advantage of this feature. Monitor load and adjust number of instances. Scale Down is as important as Scale Up Cons Pros 7
Architectural Pattern – Partition Tolerance Brewer’s CAP Theorem. Basically Available, Soft State and Eventually Consistency Consistent (BASE) Some state can be reflected late. Enables Availability and compromises on Consistency. Design to take advantage of moving out “eventually Partition Availability consistent” data. Tolerance Choose Two • Seamless Scale • Complex Programming Model 8
Architectural Pattern – Failure Tolerance Assume everything will fail. With loose coupling and stateless design, failure tolerance is easy to build. Architecture must assume an application will function with minimal impact if parts of it fail. Functional Decomposition and Physical Deployment Decoupling will limit failure to parts of system. The cloud will enable recovery very quickly because of its very nature of instant replenishment. 9
Architectural Pattern – Choice of Storage The type of storage affects COST Data Classifications: Persistent Data – Standard Persistent Storage (File) Simple Data – Key Value Pair, Data Structure, JSON. Static Distribution Data - CDN RDBMS – Standard Relational Data Choose the right storage Use Content Delivery Networks for Static Distributable Content Use Standard Persistent Storage for storing files Use Key Value Pair Databases for Storing Indexes, Shared State (Session) and any data for quick retrieval Use RDBMS for Relational Data 10
Architectural Pattern – Multi-Tenancy Multi Tenant Efficiency lowers the cost of adding a customer. Various Levels IaaS – Multi Tenant Virtualized Infrastructure (AWS, Rackspace etc) [TENANT=Compute, Storage, Network] PaaS – Multi Tenant Application Infrastructure (Google App Engine, Azure, force.com etc) [Tenant=Application] SaaS – Multi Tenant Application (Most SaaS Applications including Salesforce.com, Google Apps etc) [Tenant=Customer] “ Building Multi Tenant Java Applications “, Silicon India Java vs Conference – Aug 2011 Concern spans across architecture. Cons Pros 11
Architectural Pattern – Standard Integration Not a strict cloud concern, but more significant for cloud applications. Once applications move out of premise, integration becomes a key concern. Standard based integration facilitates secure access to applications. Standards Identity (SAML/OpenID/oAuth) API (REST/SOAP/WSRP/JSR 168) vs Cons Pros 12
Architecture Pattern - Security Abstracted very efficiently by IaaS Providers. Multi Tenant IaaS is highly secure. Infrastructure Infrastructure Secure Access to instance Security Security Open Needed Ports Only Keep Certificates Safe All Inbound and Outbound interface points must be secured by default. (SSL) Security Address Security Threats [OWASP Top Ten] Application Use Identity and Access Management Services where Application Data available Security Security Security Know your standards SAML/OpenID for Identity Delegation oAuth for API Access Data at rest Use tenant specific encryption when required. Decouple encryption awareness from the data layer allowing data leaks to still be harmless. TradeOffs Database functions cannot be applied on encrypted fields Data Security Performance Data in transit Use Secure means of transfer (https) and add authentication/ authorization layer on top. Use In Wire Encryption for highly critical data
PaaS – Complexity Abstraction Most PaaS abstract out a lot of complexity They also implicitly force good design. Almost all PaaS provide consistent availability of data. Programming to PaaS enforces most of the design principles including Stateless Design – Instances can be taken off anytime. Loose Coupling – Cost kicks in for additional usage. Auto Scale – Ability to configure scaling thresholds. Partition Tolerance – Most functions like queues and data stores forces consumers to program to their model. Identity – Most PaaS provide support for SAML/OpenID (as SP and IdP) Some PaaS support Multi Tenancy 14
Cloud - Application Fitment Profile Cloud Scale/Parallel Computing Elastic Short Recurring Life time Peripheral Applications (CRM, Security, Communication) Mobile, Tablet, Point Device Based 15
References Architectural Design Patterns for the cloud [http://www.slideshare.net/AmazonWebServices/aws- architectingjvariafinal] Windows Azure Design Patterns [http://www.slideshare.net/dpallmann/windows-azure-design-patterns] Cloud Computing Patterns [http://cloudcomputingpatterns.org/] Open Security Architecture [http://www.opensecurityarchitecture.org/cms/library/patternlandscape/251- pattern-cloudcomputing] Mapping Applications to the Cloud [http://msdn.microsoft.com/en-us/library/dd430340.aspx] Patterns For High Availability, Scalability, And Computing Power With Windows Azure[http://msdn.microsoft.com/en-us/magazine/dd727504.aspx] 16
Questions? 17
Recommend
More recommend