using microservices and containers to accelerate ... 27 - using... · • stateless •...
TRANSCRIPT
IBM Watson and Cloud Platform / © 2017 IBM Corporation
Using Microservices and Containers to Accelerate Development and Deployment for Hybrid Cloud—Eric HernessHybrid Cloud CTOIBM Fellow
Introduction
IBM Cloud –The Big Picture
Containers and Container Orchestration
Microservices
IBM Cloud Private –A platform for running containers and microservices
Demonstration
Solutions View –Cloud Architecture and Application Architecture
Conclusion 1
IBM Cloud –The Big Picture
32017 IBM Corporation
Healthcare FinancialServices Logistics
Cloud Infrastructure
Data
AI
Application Suites and Solutions
Ingest
ConversationAPI
Store Enrich Analyze Deploy
Visual RecognitionAP
IDiscoveryAPI
SpeechAPI
Compare and ComplyAP
I
Document ConversionAP
I
DLaaSAPI
Nat Language UnderstandingAP
I Nat Language ClassifierAP
I
ToneAnalyzerAP
I PersonalityInsightAP
I
…more
Cloud Integration
Networking Compute Security Virtual Compute …moreObject
Storage
Platform Services DevOps Tooling
Private Hybrid Public
Dedicated Compute
Data Science Virtual agentIoT
IBM Cloud
Industry leading flexibility, scalability, and simplicity - Cloud Object Storage
5IBM Watson and Cloud Platform / © 2017 IBM Corporation
On-Premise Public Dedicated Public
• Single tenant • Design specific
to client needs• Total control of
system
• Single tenant • Regulatory compliance• No datacenter space
required• Flexible configuration
options• OPEX vs CAPEX
• Multi-tenant• Regulatory compliance• Usage-based pricing• Elastic capacity• No data center space
required• Fully managed• OPEX vs CAPEX
…m
eets
you
r dev
elop
er n
eeds
…
Virtual Servers
Abst
ract
ion
Cont
rol
Bare Metal
• Dedicated Compute
• High Memory
• Intensive Disk I/O• Isolation
• Familiar
• Full OperatingSystem Control
Containers• Portable
• Flexible
• Light-weight
CF Apps• Speed
• Manage code,not infrastructure
• Multiple runtime choices
OpenWhisk• Stateless
• Event-Driven
• Short-lived
Total Control FlexibilityMaximum Efficiency DevOps Minimal Cost Reactive
6
IBM Offers a Spectrum of Compute
Containers and Container Orchestration
72017 IBM Corporation
A standard way to package an application and all its dependencies so that it can be moved between environments and run without changes.
Containers work by isolating the differences between applications inside the container so that everything outside the container can be standardized.
Containers
IBM Bluemix Container Service | IBM Confidential | ©2017 IBM Corporation
Slide Title Goes HereI n t r o t o D o c k e rEnabling application development efficiency, making deployment more efficient, eliminating vendor ‘lock-in’ with true portability
• Open Software–Launched March 2013–2.0+ billion downloads of Docker images
• Open Contribution–3300+ contributors–#2 most popular project –185 community meet-up groups in 58 countries
• Open Design–Contributors include IBM, Red Hat, Google, Microsoft, VMware, AWS, Rackspace, and others
• Open Governance–12 member governance advisory board selected by the community
Slide Title Goes HereDocker Basics – A shipping container for code
Image• A read-only snapshot of a container stored in Docker Hub to be used as a template for
building containersContainer• The standard unit in which the application service resides or transported
Docker Hub• Available in SaaS or Enterprise to deploy anywhere you choose • Stores, distributes and shares container images
Docker Engine• A program that creates, ships and runs application containers• Runs on any physical and virtual machine or server locally, in private or public cloud
(portability) • Client communicates with Engine to execute commands
SaaS Enterprise
Slide Title Goes HereDocker ContainersA technica l v iew in to the shar ed and layer ed f i l e sys tems technology
• Docker uses a copy-on-write (union) filesystem• New files(& edits) are only visible to current/above layer
• Layers allow for reuse• More containers per host (resource effciency)• Faster start-up/download time – base layers are "cached"
• Images• Tarball of layers (each layer is a tarball)
FilesystemBase OS / Kernel
Fedora Ubuntutomcat tomcatliberty
CNTR1 CNTR2 CNTR3 CNTR4
app1 app2 app4app3Layer
Layer
Layer
Everyone’s container journey starts with one container….
At first the growth is easy to handle….
But soon it is overwhelming… chaos reigns
Container Stack
Physical InfrastructureLayer 1
Virtual InfrastructureLayer 2
Operating SystemLayer 3
Container EngineLayer 4
Orchestration/SchedulingService Model
Layer 5
Development WorkflowOpinionated Containers
Layer 6
Regain control with Kubernetes
Slide Title Goes HereWhat is Kubernetes?
• Container orchestrator
• Runs and manages containers
• Supports multiple cloud and bare-metal environments
• Inspired and informed by Google's experiences and internal systems
• 100% Open source, written in Go
• Manage applications, not machines
• Rich ecosystem of plug-ins for scheduling, storage, networking
Slide Title Goes HereKubernetes Architecture
API
UI
CLI
Kubernetes Master
Worker Node 1
Worker Node 2
Worker Node 3
Worker Node nRegistry
• Etcd• API Server• Controller Manager
Server• Scheduler Server
Slide Title Goes HereKubernetes Architecture
API
UI
CLI
Kubernetes Master
Worker Node 1
Worker Node 2
Worker Node 3
Worker Node nRegistry
• Etcd• API Server• Controller Manager
Server• Scheduler Server
Nodes – hosts that run Kubernetes applications
Master nodes:• Controls and manages the cluster• Kubectl (command line)• REST API (communication with workers)• Scheduling and replication logic
Worker nodes:• Hosts the K8s services• Kubelet (K8s agent that accepts commands
from the master)• Kubeproxy (network proxy service
responsible for routing activities for inbound or ingress traffic)
• Docker host
Slide Title Goes HereKubernetes Architecture
API
UI
CLI
Kubernetes Master
Worker Node 1
Worker Node 2
Worker Node 3
Worker Node nRegistry
• Etcd• API Server• Controller Manager
Server• Scheduler Server
Pods:• Smallest deployment unit in K8s• Collection of containers that run on a
worker node• Each has its own IP• Pod shares a PID namespace,
network, and hostname
Replication controller:• Ensures availability and scalability• Maintains the number of pods as requested
by user• Uses a template that describes specifically
what each pod should contain
Labels:• Metadata assigned to K8s resources• Key-value pairs for identification• Critical to K8s as it relies on querying the cluster for
resources that have certain labels
Service:• Collections of pods exposed as an
endpoint• Information stored in the K8s cluster
state and networking info propagated to all worker nodes
Slide Title Goes HereKubernetes Architecture
API
UI
CLI
Kubernetes Master
Worker Node 1
Worker Node 2
Worker Node 3
Worker Node nRegistry
• Etcd• API Server• Controller Manager
Server• Scheduler Server
Secrets:• Sensitive info that containers
need to consume• Encrypted in special volumes
mounted automatically
Proxy - Load balancer for pods
Etcd - a highly-available key value store which K8s uses for persistent storage of all of its REST API objects
cAdvisor - Container Advisor provides resources usage and performance statistics
Scheduler – schedules pods in worker nodes
API Server – Kubernetes API server
Microservices
222017 IBM Corporation
An application architecture designed to leverage the strengths and accommodate the challenges of a standardized cloud environment, including concepts such as elasticscaling, immutabledeployment, disposableinstances, and less predictable infrastructure.
Cloud Native
An engineering approach focused on decomposing an application into single-function modules with well defined interfaces which are independentlydeployed and operated by small teams who own the entire lifecycle of the service.
Microservices accelerate delivery by minimizing communication and coordination between people while reducing the scope and risk of change.
Microservice Definition
Microservices architecture
A microservice is a granular, decoupled componentwithin a broader application
Monolithic application
Silo
Microservices application
Microservice(component)
Microservice(component)
Microservice(component)
• Agility• Scalability• Resilience
Simplistically, microservices architecture is about breaking down large silo applications into more manageable, fully decoupled pieces
Key tenets of a microservices architecture1. Large monoliths are broken down into many small services
• Each service runs in its own process• The applicable cloud rule is one service per container
2. Services are optimized for a single function• There is only one business function per service• The Single Responsibility Principle: A class (microservice) should have one, and
only one, reason to change• Database per service is desired.
3. Communication via REST API and/or message brokers• Avoid tight coupling introduced by communication through a database
4. Per-service continuous integration and continuous deployment (CI/CD)• Services evolve at different rates• You let the system evolve but set architectural principles to guide that evolution
5. Per-service high availability (HA) and clustering decisions• One size or scaling policy is not appropriate for all• Not all services need to scale; others require autoscaling up to large numbers
Sample application that uses microservicesAirline reservation application
• Book flights• Timetable lookup• Calculate fare• Allocate seats• Manage rewards• Update customer• Adjust inventory
Each service includes these features:• Logging• Metrics• Health check• Service endpoint• Service registry• Service management
bookFlights
calculateFare
allocateSeats
manageRewards
timetableLookup
adjustInventory
updateCustomer
Advantages of microservices• In a word: Independent• Developed by a single team
• Small enough for a team fewer than 20 people• All team members can understand the entire code base
• Developed independently• Limited, explicit dependencies on other services
• Developed on its own timetable• New versions delivered independently of other services
• Each can be developed in a different language• Select the best language
• Manages its own data• Select the best technology and schema
• Scales and fails independently• Isolates problems
Through ongoing work with MicroProfile.io• An evolution of Java EE focused on microservices. Open collaboration led by IBM, Red Hat and others• Provide guidance on developing microservices• Consistent qualities of service (scaling, health, analytics) across all envs• Make Java microservices portable and interoperable• Ensure applications have overall control over the environment provided similar checks
Trace Correlation:
A model to provide vendor and application specific data
A model to build a robust microservices
A model of isolating config source from microservicescode
Monitoring:
Fault Tolerance:
Config:
Uses familiar, standard component model CDI:
MicroProfile evolution of Java EE microservices
A model to correlate trace
Health Check: A model to provide health check data
Security: A model to secure microservices29
IBM Cloud University 2017 | October
Eclipse MicroProfile : Microservice innovation• Vendor-neutral programming model, designed in the open, for Java microservices• Provide core capabilities for building fault tolerant, scalable, microservices• Increasing the rate and pace of innovation beyond Java EE
Standardizing microservices in enterprise Java via the MicroProfile community
Config Fault Tolerance Health Check Health Metrics JWT Propagation
externalize configuration to
improve portability
build robust behavior to cope with
unexpected failures
common format to determine service
availability
common REST endpoints for
monitoring service health
interoperable authentication and role-based access
control
MicroProfile v1.2 – Released September 2017http://microprofile.io/ microProfile-1.2 New in Liberty 17.0.0.3
30
IBM Cloud University 2017 | October
Microservice Builder:
https://developer.ibm.com/microservice-builder
Innovate with
In 3 stepsCreate and run your microservices, hybrid and
containerized apps
Developer Center
Set up your environment, fabric and DevOps pipeline in minutes using Microservice Builder.
Helm charts for fabric and pipeline• delivered with IBM Cloud private• available for any Kubernetes environment• support entitled with WebSphere
Application Server licenses.
Create, Configure and Deploy microservices for IBM Cloud
31
IBM Cloud University 2017 | October
ContainersMicroservices+ +Open sourceThe essential Liberty runtime and IBM’s JVM are now open source projects, still fully supported with commercial licenses
WebSphere provides full Java™ EE, but cloud-native apps need new fault tolerant capabilities that are not yet available from the Java EE spec.
Available as pre-built containers from IBM, WebSphere Liberty is ready for production deployment into virtually any cloud environment.
• Five years ago IBM reinvented the application server for the cloud with IBM® WebSphere® LibertyAt that time:
• Open source was starting to receive widespread acceptance in business• Microservices were displaying future potential• Container technology was emerging
Key areas we are evolving with Liberty to bring more disruptive value to developers…
IBM WebSphere Liberty delivers the foundation of innovation
33
Private Cloud –A platform for container-based workloads
342017 IBM Corporation
IBM Cloud
Introducing IBM Cloud Private
Enterprise grade. Open by design.
Rapid Innovation
DifferentiatedIntegration
Investment Leverage
Management and Compliance
Built on 4 Key Entry Points that Drive Enterprise Transformation
Internal and Business Partner Use OnlyIBM Cloud
A Cloud Native platform with Enterprise grade content
Leverageexistinginvestments
Openbydesign,preventingvendorlock-in
Enterprisegradeoperations,acrossyourHybridITenvironment
EnterprisegradeservicesforMiddleware,Data,Analytics,DevOps
IBM Middleware, Data, Analytics and Developer ServicesCloudenabledmiddleware,messaging,databases,analytics,andcognitiveservicestooptimizecurrentinvestmentswhilerapidlyinnovating
Core Operational ServicesSimplifyOperationsManagement,Security,andHybridintegrationProvisioninfrastructureandappsacrossMulti-Cloudenvironments
Kubernetes-based Container PlatformIndustry leading container orchestration platform across private, dedicated & public clouds
Cloud Foundry For prescribed app development & deployment
Runs on existing IaaS: System Z IBM Spectrum
Third Party alliances: DellCiscoNetAppLenovoCanonical…
CMS
IBM Cloud
IBM Cloud Private transforms the way IT operations and developers work
ToddOperations / AdminResponsible for infrastructure, security, and management of the environment.
JaneEnterprise DeveloperResponsible for modernizing existing applications and creating new Cloud Native Workloads.
IBM Cloud private empowers both developers and operationsto meet business demands:
IT Operations and Administrators• Quickly set up a modern, flexible, and
compliant private cloud• Integrate with existing management
tools and processes
Developers • Rapidly create new cloud-native
applications, optimize existing ones, and securely connect their applications with data and services across all clouds
IBM Cloud
IBM Cloud Private Content by Edition
OpenSource*
Toolchains&RuntimesJenkinsApacheTomcatOpenLiberty
MessagingRabbitMQ
DataServicesMongoDBPostgreSQLRedis
ClusteringGalera
HttpServersNginx
TerminalAccessWebTerminal
IBMSoftware
Toolchain&RuntimesIBMMicroservice BuilderIBMWebSphereLibertyforDevelopersIBMSDKforNode.jsMessagingMQAdvancedforDevelopersDataServicesIBMDb2Dev-CIBMDb2WarehouseDev-CIBMDataServerManager(forDb2Dev-C)IBMCloudant DeveloperEditionDataScienceIBMDataScienceExperienceDeveloperEd.IntegrationIBMIntegrationBusforDevelopersIBMDataPower GatewayforDevelopersAppModernizationToolingIBMTransformationAdvisorMonitoringIBMCloudAPMforDevOps(Beta)HPCIBMSpectrumLSFCommunityEdition
AccesstoCommunitycontent,plus…
Toolchain&RuntimesIBMMicroservice BuilderIBMWebSphereLibertyIBMSDKforNode.js
Multi-CloudManagementIBMCloudAutomationManager
CloudFoundryBuildpacks (add-on)IBMWebSphereLiberty,Node.js,Swift,.Net
MessagingIBMMQAdvanced
DataServicesIBMDb2DirectAdvancedEdition/AESE,withDataServerManagerIBMDataScienceExperienceLocal*IBMDb2WarehouseEnterprise*
Availablealacarte
EnterpriseCloudNative
AddtoCloudNativeorEnterprise,orbringyourexistinglicense
AllCloudNativecontent,plus…
Toolchain&RuntimesIBMWebSphereApplicationServerND[1]IBMUrbanCode Deploy(add-oncharge)[1]
IntegrationandMessagingIBMMQAdvancedIBMAPIConnect[1]
DataServicesIBMDb2DirectAdvancedEditionwithDataServerManager(add-oncharge)
Community
IntegrationIBMIntegrationBusIBMDataPower GatewayVirtualEdition
[1]OnlyrunsonVMs|*comingsoon*OpensourceisnotwarrantedbyIBMunlessotherwisespecified
Note:CommunityEditionexistsforIntelandPower
Istio (istio.io)
Intelligent Routing and Load Balancing
Resiliency across Languages and Platforms
Fleet Wide Policy Enforcement
In-Depth Telemetry and Reporting
IBM Cloud
Istio Features (Inbound & Outbound)
Qualities of Service provided without requiring any changes to your application!
Istio 0.2 beta runs today in both public and private IBM Cloud
Istio evolving and will soon support production usage
IBM Cloud
Loyalty Level
Istio Example (Routing Rule)
Side car
v1(Slack)
v2(Twitter)
Portfolio
Routing rules allow you to specify which version of an app gets used when
For example, here our Stock Trader sample sends everyone to v1, except for a particular user that is configured to test out v2
v1 talks to Slack, whereas v2 talks to Twitter
Demonstrating Containers and MicroServicesusing IBM Cloud Private
422017 IBM Corporation
43
Stock Trader App – What We Created – Hybrid App
PublicCloudPrivateCloud
WebApp
Portfolio
StockQuote
LoyaltyLevel
Quandl
Slack
Browser
POSTGETPUTDELETE
APIConnect
OpenWhisk
GET
GET
GET
POST
DB2
MQJMS
NotificationonMessage
JDBC
RedisGETSET
IBM Cloud
Learn more and try IBM Cloud Private today
Learn more and try the IBM Cloud Private Community Edition
http://ibm.biz/IBM-Cloud-Private
https://hub.docker.com/r/ibmcom/icp-inception/
Productwebsite
Communityedition
Hybrid Scenarios and Solution Architectures
452017 IBM Corporation
IBM Cloud University 2017 | October
Hybrid Cloud – What kinds of capabilities?Context for
subsequent slides
LogicComponent
• Surrounds customer-written logic. • Usually microservices, but can be
large monoliths. (eg..java, node.js)• Created & installed as part of a build• Strong affinity to the overall solution
of which they are a part
ServiceonICP
• Capabilities installed on local ICP. • Purpose is to support components. • Installed via Helm charts• Managed via K8s and consoles• Components utilize these • Probably a shared service
Serviceon-
premises
• Existing on-prem capabilities.• Components utilize these as a
service. (eg.. On-premises databases, ESBs, other exposed APIs)
ServiceonaCloud
• Capabilities to which customer subscribes. (eg.. Watson services, Weather, ..)
• Components utilize these as a service.
Responsible for infrastructure, security, and management of the environment.
Responsible for modernizing existing apps and creating new Cloud Native Workloads.
ToddOperations / Admin
JaneEnterprise Developer
ICP Roles
App Architecture of StockTrader
Example
https://www.ibm.com/developerworks/community/blogs/5092bd93-e659-4f89-8de2-a7ac980487f0/entry/Build_and_Continuously_Deliver_a_Java_Microservices_App_in_IBM_Cloud_private
WebApp
Portfolio StockQuote
LoyaltyLevel
DB2
MQ Notification
Redis
QuandlOpenWhisk
SlackAPIConnect
Browser
Github(GHE)
MSB
Application or Solution Architecture – StockTrader Original
47
WebApp
Portfolio
StockQuote
LoyaltyLevel
DB2MQ
Notification
Redis
QuandlOpenWhisk SlackAPI
Connect
This is a demo where the components are built as java micro-services.
Most services used are also local on the same IBM Cloud private Slack
Existing on premises environment
Application or Solution Architecture – StockTrader Hybrid1
48
WebApp
Portfolio
StockQuote
LoyaltyLevel
DB2MQNotification
Redis
QuandlOpenWhisk
APIConnect
MQ and DB2 are now used in their current on-premises formats.
Slack
Consider for production, while leveraging MQ and Db2 in IBM Cloud Private for dev/test
Existing on premises environment
Application or Solution Architecture – Financial Chatbot with Voice Phase 2
49
Orchestrator
DataPower
WatsonConversation
ECM
WatsonDiscovery
Add voice capabilities
PIIScrubber
APIConnect
ActivateCard
GetBalance
PayCard
ChatUI
IIBChat
analytics Redis Postgres
CrawlerIBMVoice
Gateway
WatsonSpeechTo
Text
WatsonTextToSpeech
Existing on premises environment
Application or Solution Architecture – Lift and Shift Option 1a
50
WebApps(monolithicbutonLibertyvia
somedevelopmentworkmaybethatupdatedittofitintoliberty
programmingmodel)
DB2MQ
MQ and DB2 are now used in their current on-premises formats and there are existing queues and databases in place already for this monolithic application to use.
Transformation Advisor will target this type of application, showing modifications to get it to run in Liberty.
Existing on premises environmentIBM Cloud Private on premises
IBM Cloud University 2017 | October
Transformation Advisor End-to-endexperiencefortheAppowner,Developer,ProjectManager
51
Discoversourceenvironment:
Captureuserpreferences:(examples)• WantstomovetoPrivateCloud• Prefernottomovedata• Canrefactorapplicationsifneeded• Optionallyprovidessomeconfigurationdetailsoftargetenvironments
Use/addbestpracticesandconstraints:(examples)• Whataretheavailablecloudoptions?Private,Public,both?
• Moveifrefactoringcostis<100PMs• SeparatelargeNDclustersintomultipletargetLibertyEnvironments
• DonotputahighusageDB>1networkhopaway
Providerecommendation andseendownstreamactions:• Choiceoftargetserversandplatforms
• Effort formovingtoeachtargetoption
LearntheeffortinvolvedtomodernizeandoptimizeyourWebSphereapplicationtorunonIBMCloud- PrivateorPublic
1 2 Manage the Transformation process- modernize code, stage deployment, integrate with new or existing tools & processes
Learn more
Runs on IBM Cloud Private (including CE)
Application or Solution Architecture – Lift and Shift Option 1b
52
WebApp1
DB2MQ
Instead of putting all web apps onto a single Liberty instance, separation occurs as part of the transformation. This isn’t micro-services, but it is some level of refactoring
Separate life-cycle management is now possible – This is a better option, assuming there are not a lot of shared dependencies.
WebApp2
WebApp3 WebApp4
Existing on premises environmentIBM Cloud Private on premises
53IBM Cloud
Multiple Steps towards Transformation, Multiple Paths• TA Gets you started
• Understand what you have and the shape it is in
• Understand what can migration to WebSphere Liberty at an acceptable cost
• Think about public and private plans
Run Transformation Advisor
Review Inventory and Guidance
Begin Moving Pieces onto Liberty and IBM Cloud Private (as monoliths)
Expose some immovable pieces and APIs
Refactor Moved Pieces into macro-services
Expose some of the monolith as APIs
Add New Capabilities as Micro-services
Strangle Refactored Pieces
Add New Capabilities as Micro-services
Strangle Refactored Pieces
Conclusion
542017 IBM Corporation
Conclusion
IBM Hybrid Cloud solutions • Provide choice as to where to run various components and services• Offers options as to how to handle existing systems
• Enable preservation of those ‘working’ existing systems via exposing APIs• Enable existing systems to be optimized
1
IBM Cloud Private• A key component in hybrid cloud solutions• Can provide the ‘velocity boost’ for those existing systems• Is the platform for new cloud native (microservices) content that needs to run
on-premises• Is the platform for cloud-enabled (runs on containers too) content that needs to
run on premises.
Containers and Microservices–Building blocks for the future
• Introductory Blog Entry showing IBM Cloud private• https://t.co/ST1FKnkaTM
• Video showing IBM Cloud private• https://t.co/KC4H3pSuLL
• Building and running a solution on IBM Cloud Private• https://ibm.co/2vGNtZI
• Developing microservices in IBM Cloud Private• https://ibm.co/2wjvGJ8
• Transformation Advisor• https://www.ibm.com/developerworks/community/blogs/5092bd93-e659-4f89-8de2-
a7ac980487f0/entry/Introducing_Transformation_Advisor?lang=en
• Knowledge Center • https://www.ibm.com/support/knowledgecenter/SSBS6K/product_welcome_cloud_private.html
References – IBM Cloud Private (External)