running multiple customer facing application in fargate
play

Running multiple customer-facing application in Fargate! Nils Rhode - PowerPoint PPT Presentation

Jan 15, 2024 •175 likes •608 views

Running multiple customer-facing application in Fargate! Nils Rhode | Haufe.Group | 09.09.2019 Community Day 2019 Sponsors Does it always have to be K8s? Running multiple customer-facing application in Fargate! Nils Rhode | Haufe.Group

  1. Running multiple customer-facing application in Fargate! Nils Rhode | Haufe.Group | 09.09.2019 Community Day 2019 Sponsors

  2. Does it always have to be K8s? Running multiple customer-facing application in Fargate! Nils Rhode | Haufe.Group | AWS Community Day Hamburg 2019 v 1.0

  3. Haufe.Group - 1934 founded as family company - 407 Mio € revenue 2019 - 2.000 employees worldwide distributed over ~20 difgerent locations like Freiburg, Barcelona, Timisoara, St. Gallen All DAX 30 Companies rely on our expertise - We are leading companies in terms of - transformation to digitization

  4. Haufe Talent Managemen t T eam R ecruiting M y O nboarding I nstant F eedback M arketplace ….

  5. Haufe Instant Feedback • Mobile App with Administration Backend for Managers • … with a few clicks, employees can request feedback on their own behavior or provide feedback on a person, meeting or survey — at any time.

  6. Haufe Agile Hats • Web Application for employee and Manager • … helps organizations to establish an agile, self-organized and motivating culture. Give employees access to new work opportunities and help them achieve their career goals, unlock their potential and expand their professional network.

  7. From self-hosted applications to cloud-native applications

  8. Haufe Haufe Instant Feedback Agile Hats 2017 2018 IF 1.0 developed as native app based on a backend, hosted at AzureDE* Start of development of Agile Hats as web application following a microservice approach 2018 Backend reengineering 2019 (better multitenancy, Orchestration, new features) Move to AWS 2019 Hybride App approach with fmutter Move to AWS

  9. Haufe Instant Feedback Backend V 1.0 Reengineerin Move to AWS g V 2.0 (Kubernetes, Docker)

  10. Haufe Instant Feedback Backend V 1.0 Reengineerin Move to AWS g on-prem to cloud native

  11. Haufe Agile Hats Start of Move to AWS Development

  12. Haufe Agile Hats Start of Move to AWS Development on-prem to cloud native

  13. AWS Architecture based on EKS

  14. Move to AWS - Overview Amazon CloudWatch AWS CloudT rail Amazon API Gateway AWS Systems Manager Amazon SQS AWS T rusted Advisor Amazon CloudFront Amazon Pinpoint Amazon Route 53 Amazon Pinpoint AWS T ransit Gateway Amazon GuardDuty Amazon Aurora Amazon Cognito AWS Certifjcate AWS Lambda Manager (Moible) data processing done via AWS Lambda instead of K8s containers AWS WAF

  15. AWS Architecture based on Fargate EKS to Fargate

  16. AWS Architecture based on Fargate Amazon API Gateway VPC Link NLB RBAC Pods Seamless integration Containers DeamonSets into AWS services T ask Deployments RDS Service ConfjgMaps AWS Fargate AWS Lambda S3 IAM s t e r c e ParameterStore S AutoScaler ELB / ALB / WAF PV / PVC N a m e s p a c e s ReplicaSet Role-based access Ingress following S e r v i c e s least privileges Amazon Aurora K8s Updates

  17. AWS Architecture Conclusion - K8s for hybrid-cluster over multiple cloud provider Not the right fjt for our cloud-native applications/approaches - Fargate serves better and easier integration in AWS Services one abstraction layer less and usage of triggers and seamless integration (role-based access for Pods following least privileges in K8s is a mess) - Fargate reduces a lot of overhead like scaling, RBAC, namespaces, Updates & Security of K8s by using managed services - It is cheaper and better scalable

  18. Architectural Deep Dive

  19. Architectural Overview Deep dive

  20. Architectural Overview Separation on product level AWS CLOUD VPC IN EU-CENTRAL 1 Availability Zone 1-3 Product IF Product AH Product *

  21. Architectural Overview Container Orchestration AWS CLOUD VPC IN EU-CENTRAL 1 Availability Zone 1 WWW Container Service T ask Availability Zone 2 Container Service T ask Availability Zone 3 Container Service T ask

  22. Fargate Cluster Availability Zone 1 Availability Zone 2 Availability Zone 3

  23. Fargate Cluster Availability Zone 1 Container Availability Zone 2 Container Availability Zone 3 Container

  24. Fargate Cluster Availability Zone 1 Container T ask Availability Zone 2 Container T ask Availability Zone 3 Container T ask

  25. Fargate Cluster Availability Zone 1 Container Service T ask Availability Zone 2 Container Service T ask Availability Zone 3 Container Service T ask

  26. Network Load Balancer Availability Zone 1 Availability Zone 2 Availability Zone 3

  27. API Gateway with VPC Link Availability Zone 1 Availability Zone 2 Availability Zone 3

  28. API Gateway with VPC Link Availability Zone 1 Availability Zone 2 Availability Zone 3

  29. Architectural Overview Security - Least privileges on each container and service - No IAM users needed at all (deployment via EC2, Login via SSO) - No jump host or “open” port 22 => Transit Gateway in private Subnet - Nothing is deployed in public subnet (except NAT Gateway) - Everything is encrypted (RDS, S3, EFS, Backups, HTTPS-traffjc) - Credentials to RDS shared via Parameter Store - CloudTrail with S3 and Athena - Security Hub with integration of GuardDuty, Inspector and some more tools - …

  30. Quick Journey: environment deployment for multiple production applications

  31. Architectural Overview Setup of Infrastructure - Everything is done by terraform - Workspaces used to split between Dev, Int and Prod environment and also with var-fjles AWS DEV ACCOUNT - Difgerent accounts per environment/workspace AWS INT ACCOUNT AWS PROD ACCOUNT - Gitlab Runner based on EC2 to deploy infrastructure (deployment happens from inside the AWS account) AWS Cloud PRODUCT VPC RUNNER VPC HAUFE Amazon EC2 AWS Direct Connect

  32. Architectural Overview Setup of Infrastructure - Baseline

  33. Architectural Overview Setup of Infrastructure - Instant Feedback

  34. Architectural Overview Setup of Infrastructure - Agile Hats

  35. Architectural Overview Setup of Infrastructure Base infrastructure to serve • VPC (Network) • Security • Backup • SES (setup) • Security Application specifjc infrastructure to serve application services like • API Gateways • Fargate • S3 • Elasticache • Cloudfront • ….

  36. Architectural Overview Setup of Infrastructure - CI/CD Push to feature/bug branch => terraform validate … => merge request to develop => terraform plan … => merged into develop => terraform apply to dev environment … => merge request to master => terraform validate => terraform plan => terraform apply to new AWS account (int) => backup from prod into new AWS account (int) => testing… … => merge to master => terraform apply to prod env

  37. Architectural Overview Setup of Infrastructure - CI/CD - Gitlab (own branch) with validate => request => validate, plan => merge => deploy in dev infra - Gitlab (dev) to master request => validate, plan, deploy to INT => check/test => merge => deploy to master

  38. Architectural Overview Setup of Infrastructure - CI/CD validate plan apply

  39. Architectural Overview CI/CD for our products AWS Cloud RUNNER VPC PRODUCT VPC HAUFE 1. test 2. build (6.)Rollback if required ECR 3. deploy 4. int-test 5. check Fargate

  40. Conclusion

  41. Benefjts of going cloud native - Make use of services and reduce maintenance efgort (Backups, DR, Scalability, Monitoring/Logging) - Reduce development overhead by making use of services (e.g. Lambda instead of own docker) - Handling and applying high security standards - K8s has a difgerent purpose than cloud native – don’t depend on both - Outlook: AWS App Mesh

  42. The big difgerence for cloud native applications is really how they are built, delivered and operated. If you are going cloud native: Rethink your architecture and avoid a lift and shift.

Recommend

Cautions About the Data Only Customer Facing services were requested initially, it was

Cautions About the Data Only Customer Facing services were requested initially, it was

Cautions About the Data Only Customer Facing services were requested initially, it was later expanded, some include both and others dont Understanding of what constitutes an IT Service varied Many services were mapped to multiple

292 views • 14 slides
61A Lecture 35 Characteristics of distributed computing: Computers are independent they do

61A Lecture 35 Characteristics of distributed computing: Computers are independent they do

Distributed Computing A distributed computing application consists of multiple programs running on multiple computers that together coordinate to perform some task. Computation is performed in parallel by many computers. Information can be

478 views • 3 slides
Synchronization: why? A running computer has multiple processes and each process may have

Synchronization: why? A running computer has multiple processes and each process may have

2/4/13 Operating Systems ECE344 Ding Yuan Synchronization: why? A running computer has multiple processes and each process may have multiple threads Threads User space Process Kernel space Need proper sequencing Analogy: two

445 views • 17 slides
Empowering Customer-Facing Teams with Voice-Based AI Yev Meyer Sr. Data Scientist Guru

Empowering Customer-Facing Teams with Voice-Based AI Yev Meyer Sr. Data Scientist Guru

Empowering Customer-Facing Teams with Voice-Based AI Yev Meyer Sr. Data Scientist Guru Gurus mission We believe the knowledge you need to do your job should find you Information workers switch windows on average 373 times per day or

546 views • 27 slides
Customer Experience Improvements for Customer Inquiry and Dispute Information (CIDI) application

Customer Experience Improvements for Customer Inquiry and Dispute Information (CIDI) application

Customer Experience Improvements for Customer Inquiry and Dispute Information (CIDI) application Overview Purpose & Background Current Implementation Improvements Walk Through Upcoming Events & References

145 views • 11 slides
Processes A process is an instance of a program running Modern OSes run multiple processes

Processes A process is an instance of a program running Modern OSes run multiple processes

Processes A process is an instance of a program running Modern OSes run multiple processes simultaneously Examples (can all run simultaneously): - gcc file_A.c compiler running on file A - gcc file_B.c compiler running on file B

619 views • 44 slides
Secure, Reliable & Proven Application Performance Management for the Enterprise Web

Secure, Reliable & Proven Application Performance Management for the Enterprise Web

Secure, Reliable & Proven Application Performance Management for the Enterprise Web Performance Matters to the Business Your organization depends on your web applications to do business from customer facing eCommerce, banking or travel

281 views • 6 slides
Multiple co-clustering and its application Tomoki Tokuda, Okinawa Institute of Science and

Multiple co-clustering and its application Tomoki Tokuda, Okinawa Institute of Science and

Multiple co-clustering and its application Tomoki Tokuda, Okinawa Institute of Science and Technology Graduate University 1 / 13 Outline 1. Introduction 2. Method for multiple co-clustering 3. Application to depression data 4. Conclusion 2

469 views • 13 slides
Overview/Questions Creating a GUI application which uses multiple windows working together.

Overview/Questions Creating a GUI application which uses multiple windows working together.

CS108 Lecture 31: Graphical User Interface: Multiple Window GUIs Aaron Stevens 17 April 2009 1 Overview/Questions Creating a GUI application which uses multiple windows working together. Developing a parent/child relationship

421 views • 7 slides
Managing the Hydra: Successfully Running Multiple Projects in a Videogame Studio Dr. Greg Zeschuk

Managing the Hydra: Successfully Running Multiple Projects in a Videogame Studio Dr. Greg Zeschuk

Managing the Hydra: Successfully Running Multiple Projects in a Videogame Studio Dr. Greg Zeschuk and Dr. Ray Muzyka Joint CEOs and Co-Executive Producers, BioWare Corp. This talk examines some of the different options available in forming a

73 views • 6 slides
ROI HSP Project MCR1028 Submission of multiple Customer Service Codes on 010, 013, 016 and 017MMs

ROI HSP Project MCR1028 Submission of multiple Customer Service Codes on 010, 013, 016 and 017MMs

ROI HSP Project MCR1028 Submission of multiple Customer Service Codes on 010, 013, 016 and 017MMs IGG 11-01-12 MCR1028 Submission of multiple Customer Service Codes on 010, 013, 016 and 017 MMs CustomerServiceSpecialNeeds Segment ,

526 views • 3 slides
2 3 7.7 7.7 MILLIONS OF CUSTOMER Instant Loan Application 10+ 10+ 6.4

2 3 7.7 7.7 MILLIONS OF CUSTOMER Instant Loan Application 10+ 10+ 6.4

2 3 7.7 7.7 MILLIONS OF CUSTOMER Instant Loan Application 10+ 10+ 6.4 6.4 Enter the amount Fill out the short Get your Money in form and approve 5 minutes you need digital contracts DIGITAL 4. 4.8

879 views • 42 slides
Batch Systems & Parallel Application Launchers Running your jobs on an HPC machine Funding

Batch Systems & Parallel Application Launchers Running your jobs on an HPC machine Funding

Batch Systems & Parallel Application Launchers Running your jobs on an HPC machine Funding Partners bioexcel.eu Reusing this material This work is licensed under a Creative Commons Attribution- NonCommercial-ShareAlike 4.0 International

782 views • 22 slides
DESIGN SPARK MECHANICAL Martin Keenan RUNNING ORDER Group and Applying to Introduction to

DESIGN SPARK MECHANICAL Martin Keenan RUNNING ORDER Group and Applying to Introduction to

DESIGN SPARK MECHANICAL Martin Keenan RUNNING ORDER Group and Applying to Introduction to Demo customer our customers DesignSpark Q&A overview Mechanical RUNNING ORDER Group and Applying to Introduction to Demo customer our

562 views • 32 slides
Running Valgrind on multiple processors: a prototype Philippe Waroquiers FOSDEM 2015 valgrind

Running Valgrind on multiple processors: a prototype Philippe Waroquiers FOSDEM 2015 valgrind

Running Valgrind on multiple processors: a prototype Philippe Waroquiers FOSDEM 2015 valgrind devroom 1 Valgrind and threads Valgrind runs properly multi-threaded applications But (mostly) runs them using a single CORE Valgrind

233 views • 21 slides
Adaptive filtering in wavelet frames: application to echoe (multiple) suppression in geophysics

Adaptive filtering in wavelet frames: application to echoe (multiple) suppression in geophysics

Context Multiple filtering Wavelets Discretization, unary filters Results What else? Conclusions Adaptive filtering in wavelet frames: application to echoe (multiple) suppression in geophysics S. Ventosa, S. Le Roy, I. Huard, A. Pica, H.

878 views • 56 slides
EAP Key Derivation For Multiple Application (draft-salowey-eap-key-deriv-00.txt) Pasi Eronen

EAP Key Derivation For Multiple Application (draft-salowey-eap-key-deriv-00.txt) Pasi Eronen

EAP Key Derivation For Multiple Application (draft-salowey-eap-key-deriv-00.txt) Pasi Eronen (pasi.eronen@nokia.com) Joe Salowey (jsalowey@cisco.com) Motivation Key Material needed for multiple applications Independent of EAP-Mech

212 views • 7 slides
Omni-Channel Platform Integrated Channels Integrated Business Functions Customer 360

Omni-Channel Platform Integrated Channels Integrated Business Functions Customer 360

What is Omni-Channel Customer Engagement? 4 % of service organizations can solve an inquiry using a single application Kate Leggett, The Mandate For Intelligent Customer Service, a commissioned study conducted by Forrester Consulting on behalf

424 views • 6 slides
Customer Care Enhancement (CCE) Project Enhancement (CCE) Project CPCN Application Workshop

Customer Care Enhancement (CCE) Project Enhancement (CCE) Project CPCN Application Workshop

B-5 Customer Care Enhancement (CCE) Project Enhancement (CCE) Project CPCN Application Workshop CPCN Application Workshop September 9, 2009 Terasen Gas. A Fortis company. T ERASEN G AS - CPCN C USTOMER C ARE E NHANCEMENTS E XHIBIT Agenda g

397 views • 38 slides
Facing Up to Faults Facing Up to Faults Facing Up to Faults (v.2.0.1) (v.2.0.1) (v.2.0.1)

Facing Up to Faults Facing Up to Faults Facing Up to Faults (v.2.0.1) (v.2.0.1) (v.2.0.1)

Facing Up to Faults Facing Up to Faults Facing Up to Faults (v.2.0.1) (v.2.0.1) (v.2.0.1) Brian Randell Brian Randell Brian Randell WADS-3, May 2004 1 The Menu The Menu The Menu On Dependability Concepts On Fault Assumptions

600 views • 20 slides
The UE facing territorial diversity The role of local development facing the crisis Seminar:

The UE facing territorial diversity The role of local development facing the crisis Seminar:

The UE facing territorial diversity The role of local development facing the crisis Seminar: THE EU AND ITS RURAL AREAS: A CUMBERSOME LEGACY IN THE 21ST CENTURY? Wladyslaw Piskorz Head of Unit - Competence Centre Inclusive Growth, Urban and

449 views • 12 slides
Confinement (Running Untrusted Programs) Chester Rebeiro Indian Institute of Technology Madras

Confinement (Running Untrusted Programs) Chester Rebeiro Indian Institute of Technology Madras

Confinement (Running Untrusted Programs) Chester Rebeiro Indian Institute of Technology Madras Untrusted Programs Untrusted Application Entire Application untrusted Part of application untrusted Modules or library untrusted

797 views • 46 slides
Alpha Presentation Mobile Customer Satisfaction Application The Capstone Experience Team Meijer

Alpha Presentation Mobile Customer Satisfaction Application The Capstone Experience Team Meijer

Alpha Presentation Mobile Customer Satisfaction Application The Capstone Experience Team Meijer Noor Hanan Ahmad Kamel Kaleb Friskey Taylor Jones Department of Computer Science and Engineering Michigan State University Spring 2014 From

255 views • 13 slides
BC HYDROS RATE DESIGN APPLICATION FARM AND IRRIGATION CUSTOMER ISSUES Presentation to the BC

BC HYDROS RATE DESIGN APPLICATION FARM AND IRRIGATION CUSTOMER ISSUES Presentation to the BC

BC HYDROS RATE DESIGN APPLICATION FARM AND IRRIGATION CUSTOMER ISSUES Presentation to the BC Cranberry Marketing Commission (BCCMC) June 15, 2015 AGENDA Background on BC Hydros 2015 Rate Design Application (RDA) Farm and

338 views • 23 slides

More recommend