Ce diaporama a bien été signalé.
Nous utilisons votre profil LinkedIn et vos données d’activité pour vous proposer des publicités personnalisées et pertinentes. Vous pouvez changer vos préférences de publicités à tout moment.

以容器技術為基礎的混合雲設計架構

567 vues

Publié le

Container Based Hybrid Cloud Architecture
以容器技術為基礎的混合雲設計架構

Level: 200, 中文演講
講師: Kim Kao, Solutions Architect, AWS

容器是一個平台也是一種技術,透過使用容器技術開發雲端原生(Cloud Native)應用系統,可以擺脫舊有技術的限制,從架構的自由與彈性中協助企業進行創新。然而該從哪一步做起?如何結合現有資料中心設備與資源,配合雲端的優勢建立混合雲的架構?
1. 從領域驅動出發的架構設計 Domain Driven Design
2. 如何透過容器技術的架構混合雲的運算環境

  • Soyez le premier à commenter

以容器技術為基礎的混合雲設計架構

  1. 1. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T Container Based Hybrid Cloud Architecture Kim Kao 高翊凱 Solutions Architect Amazon Web Services Domain Driven Design(DDD Taiwan)
  2. 2. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T Agenda Hybrid cloud embrace opportunities Prioritize workloads migrate to Cloud Decoupling legacy with domain experts Modern application development
  3. 3. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T The new normal: companies are increasingly global and products are increasingly digital 47% of CEOs said they are being challenged by the board of directors to make progress in digital business Source: Gartner 79% of CIOs believe that digital business is making their IT organizations better prepared to change 67% of all business leaders believe that they must pick up the pace of digitalization to remain competitive
  4. 4. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T Why are enterprises adopting containers? • Accelerate software development • Build modern applications • Automate operations at web scale © 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential
  5. 5. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T Factors to Success Culture Skill Organization Finance Leadership Systems and Feedback Methodology and Technology Move from Projects to Product Teams Capex Versus Opex
  6. 6. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T To maintain competitive advantage, digital businesses must innovate as rapidly as possible FeedbackIdeas Experiment Innovation Flywheel
  7. 7. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T Hybrid cloud strategy of large enterprises run VMs in the public cloud (IDC) 60% of organizations have a hybrid cloud strategy today (IDC*) 65% of workloads are virtualized today (IDC ) 83%
  8. 8. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T Many worry there are only two choices Build a “private” cloud Rip everything out and move to AWS #1 #2
  9. 9. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T The good news is – it isn’t an “all or nothing” choice On-premises resources Cloud resources Integration
  10. 10. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T What do customers want in hybrid? Run workloads on-premises Run workloads on the cloud Tight integration Without buying new hardware $
  11. 11. S U M M I T © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
  12. 12. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T Manager - “We are going to run workload(s) on AWS. We have new sub-systems/module to develop with legacy services. Container is good. It’s great to have whole cloud native advantage if you guys migrate all service into microservice, serverless...” Developer(s) - “Not a problem. I’ll make it …” A typical day for customer ...
  13. 13. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T Jump into real world... https://vaughnvernon.co/tag/event-storming/ (Earn money as usual) (will it run as usual?)
  14. 14. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T (priority, market expectation) Domain Expert Matters
  15. 15. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T Strategies for Dealing with Legacy Systems • Bubble Context • Place your new functionality in a bubble and have repositories as an anti-corruption layer(ACL) toward the legacy code and data. • Autonomous Bubble • Start a new chapter OUTSIDE the legacy code with its own storage. Thus we need to synchronize ACL and similar information that you shares with the legacy system • Open Host Services in Published Language • Expose legacy assets through an open host service. Using an anti-corruption layer to convert the necessary information to the new system • Event Streams • The systems communicate trough events. The anti-corruption layer now publishes the event and monitor the state of the other system. The solution is similar to event sourcing. (priority, customer expectation)
  16. 16. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T ISV/Package Support sub Domain Out Sourcing General Sub Domain Pay the most efforts on critical business component Talents developing code Core Sub Domain (self employee, out sourcing, ISV)
  17. 17. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T • Incrementally breakout dependencies • Cut-off Database Link • Do not allow cross schema access permissions • Define API contract only for data exchange • Considering to move out store procedure into application code • Leave the legacy system as a data container (CRM, ERP, Payment Gateway ...)
  18. 18. S U M M I T © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
  19. 19. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T (dealing with transaction, service lookup) Monolith Does everything Per Service Do only one thing Business matters Immutable facts - Order Created - Coupon applied - Account Registered Intention Business behavior - Create an Order - Apply Coupon - Register an Account Responsible for Capabilities - Order - Discount - Identity Management Accept & process Presentation Model Help to make decision Composite data type
  20. 20. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T (dealing with transaction, service lookup) Monolith Does everything Per Service Do only one thing
  21. 21. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T • Microservices candidate – Bounded Context • Per Bounded Context form up system Boundary • One Bounded Context may • Contains multiple co-related Aggregates • Or only one Aggregate with Specific business capability (dealing with transaction, service lookup)
  22. 22. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T (by noun, organization, experience?) (CRM, ERP, Payment Gateway ...) (self employee, out sourcing, ISV)
  23. 23. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T • By business Capability • Form up boundary by Bounded Context (by noun, organization, experience?)
  24. 24. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T (by noun, organization, experience?) A Team
  25. 25. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T • Resources allocation by value chain • Talents devote to build up core sub domain • Responsible for general sub domain • Out sourcing or ISV for support domain (self employee, out sourcing, ISV)
  26. 26. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T • Incrementally breakout dependencies • Cut-off Database Link • Do not allow cross schema access permissions • Define API contract only for data exchange • Considering to move out store procedure into application code • Leave the legacy system as a data container (CRM, ERP, Payment Gateway ...)
  27. 27. S U M M I T © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
  28. 28. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T Capabilities of a modern application Secure Resilient Elastic Modular Automated Interoperable
  29. 29. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T Public cloudOn-premises environment Containers and Kubernetes bring them closer… Scalability Speed Portability
  30. 30. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T How are customers using Amazon EKS? Microservices PaaS Enterprise app migrations Machine learning
  31. 31. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T Amazon EKS Architecture mycluster.eks.amazonaws.com EKS workers Kubectl AZ 1 AZ 2 AZ 3 Your AWS account VPC
  32. 32. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T Kubernetes control plane Highly available and single tenant infrastructure All “native AWS” components Fronted by an NLB VPC API Server ASG Etcd ASG NLB AZ-1 AZ-2 AZ-3 ELB Instances Instances
  33. 33. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T Hybrid Cloud on AWS AWS Cloud Corporate data center AWS VPN AWS Direct Connect Customer gatewayAWS Transit Gateway VPC Subnet Subnet Company.aws Company.local DC1 DC2 DC3 Trust Identity integrations AWS Management Console Amazon EC2 AWS Directory Service AWS Directory Service AWS Single Sign-OnAmazon RDS EKS Kubernetes
  34. 34. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T Cross-account ENI EKS VPCCustomer VPC Worker Nodes EKS ENI Kubernetes API calls Exec, Logs, Proxy Internet
  35. 35. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T Amazon VPC CNI plugin ENI Secondary IPs: 10.0.0.1 10.0.0.2 10.0.0.1 10.0.0.2 ENI 10.0.0.20 10.0.0.22 Secondary IPs: 10.0.0.20 10.0.0.22 ec2.associateaddress() VPC Subnet – 10.0.0.0/24 Instance 1 Instance 2 VPC
  36. 36. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T EKS Supports Advanced Networking Architectures VPC - Multiple IP ranges Subnet 1 – 10.0.0.0/16 Subnet 2 – 100.64.0.0/10 Customer gateway Corporate data center On-Premise – 10.1.0.0/16 VPN or DX Pod Outbound Traffic SNAT EKS Worker Node Primary ENI Pod Secondary ENI Pod – 100.64.0.200
  37. 37. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T Migrating data: Five key questions 1) What kind of data is it, and where is it going? 4) How much data and time do you have? 2) One time or continuous movement?3) One way or bi-directional? 5) WAN links & bandwidth constraints? Amazo n S3 Amazo n EC2 Amazo n EFS Amazo n EBS Amazo n AuroraAmazo n EMR Amazo n Glacier Amazon RDS AWS IoT Amazo n Redshif t Files Block volumes Databas es IoT Stream s Amazo n FSx Amazon Dynamo DB AWS Machine Learning
  38. 38. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T Take Away Know Why/What/How • Take benefits from on-premise by hybrid cloud • EKS supports hybrid computing environment • Keep small step to migrate workload • To collaborate Business and Technology guys by speaking Ubiquitous Language • Crunch Problem, then design solution
  39. 39. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T Implementing DDD on AWS Community : DDD Taiwan@FB Telegram : YikaiKao WeChat : YikaiKao Twitter : @YikaiKao GitHub Repos
  40. 40. Thank you! S U M M I T © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.

×