A Cloud Infrastructure for Scaling Innovation Across Autonomous - - PowerPoint PPT Presentation

A Cloud Infrastructure

for Scaling Innovation Across Autonomous Teams

henning.jacobs@zalando.de / @try_except_ GOTO Amsterdam 2015

ARCHITECTURE RADICAL AGILITY ABOUT US HISTORY INFRASTRUCTURE

AGENDA

Henning Jacobs

• STUPS Hacker
• Twitter: @try_except_
• henning.jacobs@zalando.de

ABOUT ME

15 countries 3 fulfillment centers 15+ million active customers 2.2+ billion € revenue 2014 130+ million visits per month 8.000+ employees

ONE OF EUROPE’S LARGEST ONLINE FASHION RETAILERS

Visit us: tech.zalando.com

A BRIEF HISTORY OF ZALANDO TECHNOLOGY

A BRIEF HISTORY OF ZALANDO TECH

ZALANDO PLATFORM

~70% of all applications WAR deployment Single deployment tool On-premise data center

MAIN PRODUCTION STACK SINCE 2010

Platform

THE CHALLENGE

Platform team

request servers deploy

Platform

THE CHALLENGE

80+ delivery teams Platform team

deploy request servers request storage

RADICAL AGILITY

GOAL

DELIVER AMAZING PRODUCTS EFFICIENTLY AT SCALE, AND FEELING GREAT ABOUT IT.

3 PRINCIPLES

PURPOSE

AUTONOMY

MASTERY

LEADERSHIP

FROM CONTROL & COMMAND TO PURPOSE AND TRUST

NEW LEADERSHIP

DELIVERY LEAD PEOPLE LEAD

ARCHITECTURE

AN ARCHITECTURE FOR INNOVATION

API FIRST

REST

SAAS

MICRO SERVICES

CLOUD

STUPS

STUPS To Unleash Penguin Swarms

AWS STUPS

DOCKER DEPLOY SSH ACCESS AUDIT REPORTS FULL AWS ACCESS A PLATFORM ON TOP OF AMAZON WEB SERVICES

AUTONOMY AND COMPLIANCE

STUPS offers maximum freedom for developers while enabling near-real-time audit compliance for every single application.

One AWS account per Team Deployment with Docker Managed SSH Access REST/OAuth 2.0 mandatory Supports Traceability of Changes

STUPS IN A NUTSHELL

Public Internet

*.foo.example.org *.bar.example.org Team “Foo” Team “Bar”

ELB ELB EC2 Instance EC2 Instance EC2 Instance EC2 Instance EC2 Instance EC2 Instance

Data Center

LB EC2 Instance EC2 Instance Legacy Instances

ISOLATED AWS ACCOUNTS

D E P L O Y M E N T

IMMUTABLE STACKS

AWS

DEPLOYMENT WITH SENZA

Senza CLI Pier One

docker pull docker push

Taupage

SENZA: DEFINITION YAML

SENZA: BOOTSTRAP NEW CLOUD FORMATION STACK

SENZA: MANAGE STACKS

L O G G I N G

APPLICATION LOGS: TAUPAGE SUPPORTS LOGENTRIES AND SCALYR

S S H A C C E S S

SSH ACCESS: TIME-LIMITED ACCESS TO ANY TEAM SERVER

M O N I T O R I N G

TODO: Screenshot

ZMON

ZMON APPLIANCE *.foo.example.org *.bar.example.org Team “Foo” Team “Bar”

EC2 Instance EC2 Instance EC2 Instance EC2 Instance

ZMON Appliance ZMON Appliance

KairosDB EC2 Instance EC2 Instance

ZMON Controller

ELB ELB

HYSTRIX TURBINE

FULLSTOP: REPORT VIOLATIONS

O A U T H

OAUTH: APPLICATION REGISTRATION IN YOUR TURN

OAUTH: CREDENTIAL DISTRIBUTION VIA S3 BUCKETS

AWS

YOUR TURN get access token

Taupage

Kio Mint

OAuth Provider

store passwords get password

S3

rotate passwords

STUPS Frontpage http://stups.io STUPS Documentation http://docs.stups.io GitHub Repositories https://github.com/zalando-stups Trying out Senza and Taupage

http://docs.stups.io/en/latest/user-guide/standalone-deployment.html

LINKS

QUESTIONS? http://stups.io @try_except_

BACKUP

STUPS COMPONENTS

• ELB for

inbound traffic

• NAT instances

for outbound

• HTTPS Only
• Internal subnets

for app instances

DMZ DMZ DMZ internal internal

eu-west-1a eu-west-1b eu-west-1c

ELB EC2 internal EC2 NAT STUPS: AWS ACCOUNT VPC SETUP

Pier One Docker Reg. build approve EC2 Instances Docker Container Application “myapp” issue_management: Jira Application Version “1.0” artifact: docker/myart:1.0 Taupage AMI Ticket System Kio Application Registry Ticket System SCM Image “docker/myart:1.0” commit: afb123 Issue “ABC-123” spec: [...] Commit “afb123” msg: ABC-123.. ✓ specs approved ✓ artifact tested ✓ artifact approved

STUPS: TRACEABILITY

ZALANDO TECH CONSTITUTION PT. 1

ZALANDO TECH CONSTITUTION PT. 2