Introduction to the Open Service Broker API Doug Davis | IBM - - PowerPoint PPT Presentation
Introduction to the Open Service Broker API Doug Davis | IBM dug@us.ibm.com | @duginabox A Brief History... u PaaS with a mission to make managing Cloud apps simple $ cf push myapp $ cf scale myapp -i 5 u CF manages deployment, orchestration,
Doug Davis | IBM dug@us.ibm.com | @duginabox
u PaaS with a mission to make managing Cloud apps simple
$ cf push myapp $ cf scale myapp -i 5
u CF manages deployment, orchestration, routing ... u Let's developers focus on coding, not infrastructure
2
u Often applications leverage ancillary "Services"
u E.g. Application stores data in database
u Critical to application's success
u But developers shouldn't spend their time managing them
3
u Creating and managing services is non-trivial
u Duplication of effort across teams, or u Ops team manages it for you on their schedule u Managing credentials could be problematic
u Sent via email, sticky-notes, etc... u Where are they stored? Plain text in config files?
u CF shifts the burden to the Platform via self-service model
u "Tell us what you need and we'll manage it for you" u Service Credentials are protected and provided at runtime
4
u Easy user experience
$ cf create-service mysql free myDB $ cf bind-service myApp myDB
u Credentials are made available to "myApp" via an env var
VCAP_SERVICE = { "mysql":[{ "credentials": "username":"fd7d1b58", "password":"c07750d55", "host":"fd7d1b58.db-svc.com", "port":443, ... }] }
5
6
Platform Broker
App
u API between the Platform and a Service Broker u Abstracts the Service Lifecycle APIs u Service Brokers
u Manage all aspects of Service's lifecycle u User Initiated: Create, Delete, Provide Credentials u Automatic: Auto-Scale, Backup, Recovery, QoS, ... u Hosted anywhere – in or out of the Platform
u Application is usually unaware
7
Platform Broker
u A service can be just about anything u Data & Analytics – e.g. DBs, ElasticSearch u Integration – e.g. Box, Twitter, SendGrid u Utilities – e.g conversions, speech to text u Infrastructure – networks, volumes, routing u DevOps – monitoring, metrics, auto-scaling
8
u Application Developers / Managers
u Can focus on their business logic u Services managed by the experts u Self-service model speeds up CI/CD timelines
u Service Providers
u Low barrier or entry for new Service Providers u Interop: easily integrated into environments that supports the API u With ease of access to services, an increase in their usage ($)
9
u CFF donated SB API to the Open Service Broker API Project u OSB API Project
u Evolve API into a community specification u To promote interoperability across Cloud Platforms (beyond CF)
u Cloud Foundry, Kubernetes, OpenShift
u Support of key Cloud leaders:
u Fujitsu, Google, IBM, Pivotal, RedHat and SAP
10
u Removing CF specifics in the spec
u Org, space to be replaced with "context" u Define a Context Profile for each Platform
u Parameter Schemas
u To define the shape of the "parameters" u Enables more advanced UI/presentation
u Enable additional Auth mechanisms
u Beyond Basic Auth
11
u Define additional Service Lifecycle Actions
u E.g. Backup/restore for DBs u Allow for Service specific extensions
u Allow for a more RESTful model – e.g. GET u Allow all operations to be asynchronous u Originating Identity
12
u Container Orchestration u A DB with an asynchronous HTTP/REST front-end
u User is exposed to all of the resources in the model
u A set of watchers that act as resources change
u Controllers react to CRUD operations to manage the resources u Schedulers watch to make sure desired state == action state u Workers/Kubelet watch for new Pods to be deployed on their Nodes
u Pod: set of containers that must be co-located on same Node u Labels: filtering/searching mechanism u KubeProxy to manage intra-cluster communications
13
K8s
Node Node Control Plane
K8s Client
Kubelet KubeProxy API Server Kubelet KubeProxy
...
Ctrs Sch DB
Pod
u New OSB API specific resources
u Broker u ServiceClass
"service" was already taken / "Plan" is nested
u Instance u Binding
Credentials stored in Secrets in "core"
u New "core" resource
u PodPreSet
Auto-injects new Pods with credentials. Defined as part of the Binding resource
14
u Since not part of "core" we needed a separate API Server
u Basically a mini-Kubernetes u Accessed via API aggregation u Can use the "core" API Server's DB or its own
u Our work has been on the bleeding-edge
u API Server: first to actually create a new one u API Aggregation: to share a single endpoint across API Servers u PodPreset
15
K8s Core API Server K8s Client
API Server DB
SB API Server
API Server DB
u Can work with resources directly
$ kubectl create -f broker.yaml # Admin action $ kubectl create -f instance.yaml # Dev action $ kubectl create -f binding.yaml # Dev action
u Or, kubectl plugin for better UX
$ kubectl create-service-instance SERVICE_CLASS_NAME \ PLAN_NAME NAMESPACE INSTANCE_NAME $ kubectl bind-service-instance INSTANCE_NAME \ BINDING_NAME NAMESPACE
16
u Incubator project/SIG: Service Catalog u Will be fully OSB API specification compliant u Very involved in the OSB API WG
u Via IBM, RedHat and Google's participation
u Currently in 'alpha' but 'beta' will be soon
u Beta implies backwards compatible from then on u So its relatively safe for enterprises to pick-up and play with
17
u Web Site: https://www.openservicebrokerapi.org/ u Github: https://github.com/openservicebrokerapi/servicebroker/ u Google Group: https://groups.google.com/forum/#!forum/open-service-
broker-api
u Slack: http://slack.openservicebrokerapi.org/ u Weekly Calls (Tuesdays 12:30pm ET):
https://github.com/openservicebrokerapi/servicebroker/wiki/Weekly-Call
u Kubernetes: https://github.com/kubernetes-incubator/service-catalog
18
Thank You!
19