Design and Architecture
Derek Collison
�What is Cloud Foundry?
�The Open Platform as a Service
�What is PaaS?
�Or more specifically, aPaaS?
�aPaaS
Application Platform as a Service Applications and Services
�aPaaS
Application Platform as a Service Applications and Services Not
VMs Memory Storage Networks CPU
�What is OpenPaaS?
�OpenPaaS
Multi-Language Multi-Framework Multi-Services Multi-Cloud, Multi-IaaS Hybrid - Public or Private or Both OpenSource
9
�OpenPaaS
Multi-Language
Ruby, Java, Scala, Node.js, Erlang, Python, PHP.. Multi-Framework
Multi-Services
Rails, Sinatra, Spring, Grails, Express, Lift
MySQL, Postgres, MongoDB, Redis, RabbitMQ Multi-Cloud, Multi-IaaS
vSphere, MicroCloud, OpenStack,
AWS
10
�The Open PaaS
Ap pli
Int e
Data Services
rfa
vFabric Postgres
Private Clouds
dP
ro
Msg Services
vid
vFabric RabbitMQTM
Other Services
11
Cl
ou
er
ti ca on Se c rvi nte eI rfa ce
Micro Clouds
ce
Public Clouds
�What is our Goal?
12
�What was our Goal? Raise the unit of currency to be the application and its associated services, not the infrastructure
13
�What was our Goal? Best of breed delivery platform for all modern applications and frameworks
14
�What was our Goal? Favor Choice and Openness
15
�How was it Built?
16
�How was it Built?
Kernel (CloudFoundry OSS) Kernel and Orchestrator Shells Orchestrator
orchestration
Core PaaS System
Layered on top of IaaS
IaaS creation, management and
17
�High Level
Clients (VMC, STS, Browser)
CF Kernel
Orchestrator
IaaS
Hardware - CPU/Memory/Disk/Network
18
�Basic Premises
Fail Fast Self Healing Horizontally Scalable Components Distributed State No Single Point of Failure Should be as simple as possible
19
�Basic Patterns
Event-Driven Asynchronous Non-blocking Independent, Idempotent Message Passing Eventually Consistent
20
�Basic Design
All components loosely coupled Messaging as foundation
Few Classes, many Instances Addressing and Component Discovery Command and Control
JSON payloads HTTP or File/Blob for data transport
21
�Kernel Components
All dynamically discoverable Launch and scale in any order Can come and go as needed Monitor via HTTP and JSON Location independent
22
�Kernel Components
Router CloudController DEA HealthManager Service Provisioning Agent Messaging System
23
�Logical View
VMC client STS plugin Browser (user app access)
Routers
CloudControllers
App
App HealthManager
Services
DEA Pool
Messaging
24
�25
Architecture
�Messaging
26
�Messaging
The Nervous System
27
�Messaging
VMC client STS plugin Browser (user app access)
Routers
CloudControllers
App
App HealthManager
Services
DEA Pool
Messaging
28
�Messaging
Addressing and Discovery Command and Control Central communication system Dial tone, fire and forget Protects *itself* at all costs Idempotent semantics
29
No static IPs or DNS lookups reqd Just Layer 4
�Router
30
�Router
Traffic Cop
31
�Router
VMC client STS plugin Browser (user app access)
Routers
CloudControllers
App
App HealthManager
Services
DEA Pool
Messaging
32
�Router
Handles all HTTP traffic Maintains distributed routing state Routes URLs to applications Distributes load among instances Realtime distributed updates to
routing tables from DEAs
33
�CloudController
34
�CloudController
The King
35
�CloudController
VMC client STS plugin Browser (user app access)
Routers
CloudControllers
App
App HealthManager
Services
DEA Pool
Messaging
36
�CloudController
Handles all state transitions Deals with users, apps, and services Packages and Stages applications Binds Services to Applications Presents external REST API
37
�HealthManager
38
�HealthManager
Court Jester
39
�HealthManager
VMC client STS plugin Browser (user app access)
Routers
CloudControllers
App
App HealthManager
Services
DEA Pool
Messaging
40
�HealthManager
Monitors the state of the world Initial value with realtime delta
updates to intended vs real
Determines drift Complains to the CloudControllers
when something is not correct
No power to change state itself
41
�DEA
42
�DEA
Droplet Execution Agent
43
�DEA
VMC client STS plugin Browser (user app access)
Routers
CloudControllers
App
App HealthManager
Services
DEA Pool
Messaging
44
�(Droplet Execution Agent)
DEA
45
Responsible for running all applications Monitors all applications
CPU, Mem, IO, Threads, Disk, FDs, etc
All apps look same to DEA
start and stop
Express ability and desire to run an application
runtimes, options, cluster avoidance, memory/cpu
Alerts on any change in state of applications Provides secure/constrained OS runtime
Hypervisor, Unix File and User, Linux Containers* Single or Multi-Tenant
�How does it all Work?
46
�Pushing an App
Client (VMC/STS) pushes meta-data to CC Client optionally pushes resource
signatures (diff analysis, sys wide)
Client pushes app resources to CC CC puts app together CC stages app asynchronously CC binds and stages services Droplet ready
47
�48
Architecture
�Running an App
49
CC asks DEAs for help First DEA back wins! Simple CC sends start request to selected DEA DEA pushes the green button DEA waits and monitors pid and ephemeral port for app to bind When app is healthy, sends register message Register message is seen by HM and Routers Routers bind URL to host:port
�DEAs answer?
DEAs first determine YES or NO Then calculate a Delay Taint
SHA hash of application memory cpu correct runtime, options, memory, etc
Taint allows balancing and selection
50
�Scale up & down?
Exact steps as running the app
the first time
SHA1 taint helps avoid clustering memory/cpu taint helps distribute
as evenly as possible
Nothing pre-computed Nothing assumed
51
�Crashes?
If your app stops and we did not tell
it to, that is a crash
Crashed apps are immediately
detected by DEA and messaged
Routers disconnect route instantly HM will signal CC CC will issue run sequence again
52
something is wrong
�53
Architecture
�Access to my App?
All routers understand where all
instances of your application are running
Will randomly pick backend, not
semantically aware.
Will remove routes that are stale or
unhealthy
Session stickiness and replication
available, but best to avoid if possible
54
�What about Services?
55
�Services
VMC client STS plugin Browser (user app access)
Routers
CloudControllers
App
App HealthManager
Services
DEA Pool
Messaging
56
�Services
Service Advertisement Service Provisioning Gateway fronts multi-backends Service Nodes scale independent App and service talk directly API to register into system Closure for additional value
57
�Provisioning
VMC/STS
1 2
Routers
CloudControllers
6 5
Services Gateway
3 4
Application
Service Node MySQL
Service Node Redis
Service Node Redis
Messaging
58
�Access (Direct)
Browser (user app access)
Routers
CloudControllers
Services Gateway
Application
Service Node MySQL
2
Service Node Redis
Service Node Redis
Messaging
59
�Services
VMware Dev Tools
Cloud Foundry consume
Partner Dev Tools Enterprise Services
apps
consume bind
provision/bind service controller
core services
Relational DB
Data Director
service broker
SQLFire
vSphere
60
�Learn more:
www.cloudfoundry.org blog.cloudfoundry.com support.cloudfoundry.com
61
�Thank You
62
�Questions?
dcollison@vmware.com derek.collison@gmail.com twitter: derekcollison
63
