running multiple customer facing application in fargate
play

Running multiple customer-facing application in Fargate! Nils Rhode - PowerPoint PPT Presentation

Jan 15, 2024 •175 likes •608 views

Running multiple customer-facing application in Fargate! Nils Rhode | Haufe.Group | 09.09.2019 Community Day 2019 Sponsors Does it always have to be K8s? Running multiple customer-facing application in Fargate! Nils Rhode | Haufe.Group

  1. Running multiple customer-facing application in Fargate! Nils Rhode | Haufe.Group | 09.09.2019 Community Day 2019 Sponsors

  2. Does it always have to be K8s? Running multiple customer-facing application in Fargate! Nils Rhode | Haufe.Group | AWS Community Day Hamburg 2019 v 1.0

  3. Haufe.Group - 1934 founded as family company - 407 Mio € revenue 2019 - 2.000 employees worldwide distributed over ~20 difgerent locations like Freiburg, Barcelona, Timisoara, St. Gallen All DAX 30 Companies rely on our expertise - We are leading companies in terms of - transformation to digitization

  4. Haufe Talent Managemen t T eam R ecruiting M y O nboarding I nstant F eedback M arketplace ….

  5. Haufe Instant Feedback • Mobile App with Administration Backend for Managers • … with a few clicks, employees can request feedback on their own behavior or provide feedback on a person, meeting or survey — at any time.

  6. Haufe Agile Hats • Web Application for employee and Manager • … helps organizations to establish an agile, self-organized and motivating culture. Give employees access to new work opportunities and help them achieve their career goals, unlock their potential and expand their professional network.

  7. From self-hosted applications to cloud-native applications

  8. Haufe Haufe Instant Feedback Agile Hats 2017 2018 IF 1.0 developed as native app based on a backend, hosted at AzureDE* Start of development of Agile Hats as web application following a microservice approach 2018 Backend reengineering 2019 (better multitenancy, Orchestration, new features) Move to AWS 2019 Hybride App approach with fmutter Move to AWS

  9. Haufe Instant Feedback Backend V 1.0 Reengineerin Move to AWS g V 2.0 (Kubernetes, Docker)

  10. Haufe Instant Feedback Backend V 1.0 Reengineerin Move to AWS g on-prem to cloud native

  11. Haufe Agile Hats Start of Move to AWS Development

  12. Haufe Agile Hats Start of Move to AWS Development on-prem to cloud native

  13. AWS Architecture based on EKS

  14. Move to AWS - Overview Amazon CloudWatch AWS CloudT rail Amazon API Gateway AWS Systems Manager Amazon SQS AWS T rusted Advisor Amazon CloudFront Amazon Pinpoint Amazon Route 53 Amazon Pinpoint AWS T ransit Gateway Amazon GuardDuty Amazon Aurora Amazon Cognito AWS Certifjcate AWS Lambda Manager (Moible) data processing done via AWS Lambda instead of K8s containers AWS WAF

  15. AWS Architecture based on Fargate EKS to Fargate

  16. AWS Architecture based on Fargate Amazon API Gateway VPC Link NLB RBAC Pods Seamless integration Containers DeamonSets into AWS services T ask Deployments RDS Service ConfjgMaps AWS Fargate AWS Lambda S3 IAM s t e r c e ParameterStore S AutoScaler ELB / ALB / WAF PV / PVC N a m e s p a c e s ReplicaSet Role-based access Ingress following S e r v i c e s least privileges Amazon Aurora K8s Updates

  17. AWS Architecture Conclusion - K8s for hybrid-cluster over multiple cloud provider Not the right fjt for our cloud-native applications/approaches - Fargate serves better and easier integration in AWS Services one abstraction layer less and usage of triggers and seamless integration (role-based access for Pods following least privileges in K8s is a mess) - Fargate reduces a lot of overhead like scaling, RBAC, namespaces, Updates & Security of K8s by using managed services - It is cheaper and better scalable

  18. Architectural Deep Dive

  19. Architectural Overview Deep dive

  20. Architectural Overview Separation on product level AWS CLOUD VPC IN EU-CENTRAL 1 Availability Zone 1-3 Product IF Product AH Product *

  21. Architectural Overview Container Orchestration AWS CLOUD VPC IN EU-CENTRAL 1 Availability Zone 1 WWW Container Service T ask Availability Zone 2 Container Service T ask Availability Zone 3 Container Service T ask

  22. Fargate Cluster Availability Zone 1 Availability Zone 2 Availability Zone 3

  23. Fargate Cluster Availability Zone 1 Container Availability Zone 2 Container Availability Zone 3 Container

  24. Fargate Cluster Availability Zone 1 Container T ask Availability Zone 2 Container T ask Availability Zone 3 Container T ask

  25. Fargate Cluster Availability Zone 1 Container Service T ask Availability Zone 2 Container Service T ask Availability Zone 3 Container Service T ask

  26. Network Load Balancer Availability Zone 1 Availability Zone 2 Availability Zone 3

  27. API Gateway with VPC Link Availability Zone 1 Availability Zone 2 Availability Zone 3

  28. API Gateway with VPC Link Availability Zone 1 Availability Zone 2 Availability Zone 3

  29. Architectural Overview Security - Least privileges on each container and service - No IAM users needed at all (deployment via EC2, Login via SSO) - No jump host or “open” port 22 => Transit Gateway in private Subnet - Nothing is deployed in public subnet (except NAT Gateway) - Everything is encrypted (RDS, S3, EFS, Backups, HTTPS-traffjc) - Credentials to RDS shared via Parameter Store - CloudTrail with S3 and Athena - Security Hub with integration of GuardDuty, Inspector and some more tools - …

  30. Quick Journey: environment deployment for multiple production applications

  31. Architectural Overview Setup of Infrastructure - Everything is done by terraform - Workspaces used to split between Dev, Int and Prod environment and also with var-fjles AWS DEV ACCOUNT - Difgerent accounts per environment/workspace AWS INT ACCOUNT AWS PROD ACCOUNT - Gitlab Runner based on EC2 to deploy infrastructure (deployment happens from inside the AWS account) AWS Cloud PRODUCT VPC RUNNER VPC HAUFE Amazon EC2 AWS Direct Connect

  32. Architectural Overview Setup of Infrastructure - Baseline

  33. Architectural Overview Setup of Infrastructure - Instant Feedback

  34. Architectural Overview Setup of Infrastructure - Agile Hats

  35. Architectural Overview Setup of Infrastructure Base infrastructure to serve • VPC (Network) • Security • Backup • SES (setup) • Security Application specifjc infrastructure to serve application services like • API Gateways • Fargate • S3 • Elasticache • Cloudfront • ….

  36. Architectural Overview Setup of Infrastructure - CI/CD Push to feature/bug branch => terraform validate … => merge request to develop => terraform plan … => merged into develop => terraform apply to dev environment … => merge request to master => terraform validate => terraform plan => terraform apply to new AWS account (int) => backup from prod into new AWS account (int) => testing… … => merge to master => terraform apply to prod env

  37. Architectural Overview Setup of Infrastructure - CI/CD - Gitlab (own branch) with validate => request => validate, plan => merge => deploy in dev infra - Gitlab (dev) to master request => validate, plan, deploy to INT => check/test => merge => deploy to master

  38. Architectural Overview Setup of Infrastructure - CI/CD validate plan apply

  39. Architectural Overview CI/CD for our products AWS Cloud RUNNER VPC PRODUCT VPC HAUFE 1. test 2. build (6.)Rollback if required ECR 3. deploy 4. int-test 5. check Fargate

  40. Conclusion

  41. Benefjts of going cloud native - Make use of services and reduce maintenance efgort (Backups, DR, Scalability, Monitoring/Logging) - Reduce development overhead by making use of services (e.g. Lambda instead of own docker) - Handling and applying high security standards - K8s has a difgerent purpose than cloud native – don’t depend on both - Outlook: AWS App Mesh

  42. The big difgerence for cloud native applications is really how they are built, delivered and operated. If you are going cloud native: Rethink your architecture and avoid a lift and shift.

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Cautions About the Data Only Customer Facing services were requested initially, it was

Cautions About the Data Only Customer Facing services were requested initially, it was

Cautions About the Data Only Customer Facing services were requested initially, it was later expanded, some include both and others dont Understanding of what constitutes an IT Service varied Many services were mapped to multiple

292 views • 14 slides
61A Lecture 35 Characteristics of distributed computing: Computers are independent they do

61A Lecture 35 Characteristics of distributed computing: Computers are independent they do

Distributed Computing A distributed computing application consists of multiple programs running on multiple computers that together coordinate to perform some task. Computation is performed in parallel by many computers. Information can be

478 views • 3 slides
Synchronization: why? A running computer has multiple processes and each process may have

Synchronization: why? A running computer has multiple processes and each process may have

2/4/13 Operating Systems ECE344 Ding Yuan Synchronization: why? A running computer has multiple processes and each process may have multiple threads Threads User space Process Kernel space Need proper sequencing Analogy: two

445 views • 17 slides
Empowering Customer-Facing Teams with Voice-Based AI Yev Meyer Sr. Data Scientist Guru

Empowering Customer-Facing Teams with Voice-Based AI Yev Meyer Sr. Data Scientist Guru

Empowering Customer-Facing Teams with Voice-Based AI Yev Meyer Sr. Data Scientist Guru Gurus mission We believe the knowledge you need to do your job should find you Information workers switch windows on average 373 times per day or

546 views • 27 slides
Customer Experience Improvements for Customer Inquiry and Dispute Information (CIDI) application

Customer Experience Improvements for Customer Inquiry and Dispute Information (CIDI) application

Customer Experience Improvements for Customer Inquiry and Dispute Information (CIDI) application Overview Purpose & Background Current Implementation Improvements Walk Through Upcoming Events & References

145 views • 11 slides
Processes A process is an instance of a program running Modern OSes run multiple processes

Processes A process is an instance of a program running Modern OSes run multiple processes

Processes A process is an instance of a program running Modern OSes run multiple processes simultaneously Examples (can all run simultaneously): - gcc file_A.c compiler running on file A - gcc file_B.c compiler running on file B

619 views • 44 slides
Secure, Reliable & Proven Application Performance Management for the Enterprise Web

Secure, Reliable & Proven Application Performance Management for the Enterprise Web

Secure, Reliable & Proven Application Performance Management for the Enterprise Web Performance Matters to the Business Your organization depends on your web applications to do business from customer facing eCommerce, banking or travel

281 views • 6 slides
Multiple co-clustering and its application Tomoki Tokuda, Okinawa Institute of Science and

Multiple co-clustering and its application Tomoki Tokuda, Okinawa Institute of Science and

Multiple co-clustering and its application Tomoki Tokuda, Okinawa Institute of Science and Technology Graduate University 1 / 13 Outline 1. Introduction 2. Method for multiple co-clustering 3. Application to depression data 4. Conclusion 2

469 views • 13 slides
Overview/Questions Creating a GUI application which uses multiple windows working together.

Overview/Questions Creating a GUI application which uses multiple windows working together.

CS108 Lecture 31: Graphical User Interface: Multiple Window GUIs Aaron Stevens 17 April 2009 1 Overview/Questions Creating a GUI application which uses multiple windows working together. Developing a parent/child relationship

421 views • 7 slides
Managing the Hydra: Successfully Running Multiple Projects in a Videogame Studio Dr. Greg Zeschuk

Managing the Hydra: Successfully Running Multiple Projects in a Videogame Studio Dr. Greg Zeschuk

Managing the Hydra: Successfully Running Multiple Projects in a Videogame Studio Dr. Greg Zeschuk and Dr. Ray Muzyka Joint CEOs and Co-Executive Producers, BioWare Corp. This talk examines some of the different options available in forming a

73 views • 6 slides
ROI HSP Project MCR1028 Submission of multiple Customer Service Codes on 010, 013, 016 and 017MMs

ROI HSP Project MCR1028 Submission of multiple Customer Service Codes on 010, 013, 016 and 017MMs

ROI HSP Project MCR1028 Submission of multiple Customer Service Codes on 010, 013, 016 and 017MMs IGG 11-01-12 MCR1028 Submission of multiple Customer Service Codes on 010, 013, 016 and 017 MMs CustomerServiceSpecialNeeds Segment ,

526 views • 3 slides
2 3 7.7 7.7 MILLIONS OF CUSTOMER Instant Loan Application 10+ 10+ 6.4

2 3 7.7 7.7 MILLIONS OF CUSTOMER Instant Loan Application 10+ 10+ 6.4

2 3 7.7 7.7 MILLIONS OF CUSTOMER Instant Loan Application 10+ 10+ 6.4 6.4 Enter the amount Fill out the short Get your Money in form and approve 5 minutes you need digital contracts DIGITAL 4. 4.8

879 views • 42 slides
Batch Systems & Parallel Application Launchers Running your jobs on an HPC machine Funding

Batch Systems & Parallel Application Launchers Running your jobs on an HPC machine Funding

Batch Systems & Parallel Application Launchers Running your jobs on an HPC machine Funding Partners bioexcel.eu Reusing this material This work is licensed under a Creative Commons Attribution- NonCommercial-ShareAlike 4.0 International

782 views • 22 slides
DESIGN SPARK MECHANICAL Martin Keenan RUNNING ORDER Group and Applying to Introduction to

DESIGN SPARK MECHANICAL Martin Keenan RUNNING ORDER Group and Applying to Introduction to

DESIGN SPARK MECHANICAL Martin Keenan RUNNING ORDER Group and Applying to Introduction to Demo customer our customers DesignSpark Q&A overview Mechanical RUNNING ORDER Group and Applying to Introduction to Demo customer our

562 views • 32 slides
Running Valgrind on multiple processors: a prototype Philippe Waroquiers FOSDEM 2015 valgrind

Running Valgrind on multiple processors: a prototype Philippe Waroquiers FOSDEM 2015 valgrind

Running Valgrind on multiple processors: a prototype Philippe Waroquiers FOSDEM 2015 valgrind devroom 1 Valgrind and threads Valgrind runs properly multi-threaded applications But (mostly) runs them using a single CORE Valgrind

233 views • 21 slides
Adaptive filtering in wavelet frames: application to echoe (multiple) suppression in geophysics

Adaptive filtering in wavelet frames: application to echoe (multiple) suppression in geophysics

Context Multiple filtering Wavelets Discretization, unary filters Results What else? Conclusions Adaptive filtering in wavelet frames: application to echoe (multiple) suppression in geophysics S. Ventosa, S. Le Roy, I. Huard, A. Pica, H.

878 views • 56 slides
Computer Communication Networks Link Layer IECE / ICSI 416 Spring 2020 Prof. Dola Saha 1

Computer Communication Networks Link Layer IECE / ICSI 416 Spring 2020 Prof. Dola Saha 1

Computer Communication Networks Link Layer IECE / ICSI 416 Spring 2020 Prof. Dola Saha 1 Link layer and LANs our goals: understand principles behind link layer services: error detection, correction sharing a broadcast channel:

615 views • 29 slides
Symmetric Key Cryptography Introduction to Symmetric Key Cryptography What can we do?

Symmetric Key Cryptography Introduction to Symmetric Key Cryptography What can we do?

PQCRYPTO Summer School on Post-Quantum Cryptography 2017 Stefan Klbl June 20th, 2017 DTU Compute, Technical University of Denmark Symmetric Key Cryptography Introduction to Symmetric Key Cryptography What can we do? Authentication

711 views • 47 slides
Hours Worked Across the World: Facts and Driving Forces Nicola Fuchs-Sch undeln Goethe

Hours Worked Across the World: Facts and Driving Forces Nicola Fuchs-Sch undeln Goethe

Hours Worked Across the World: Facts and Driving Forces Nicola Fuchs-Sch undeln Goethe University Frankfurt Anglo-German Foundation Annual Lecture April 18, 2018 Hours Worked Across the World 1 Hours worked worldwide Hours Worked Across

656 views • 50 slides
Language comparison through sparse multilingual word alignment Thomas Mayer 1 Michael Cysouw 2 1

Language comparison through sparse multilingual word alignment Thomas Mayer 1 Michael Cysouw 2 1

Language comparison through sparse multilingual word alignment Thomas Mayer 1 Michael Cysouw 2 1 Research Unit Quantitative Language Comparison Ludwig-Maximilians-Universit at M unchen thommy.mayer@gmail.com 2 Research Center Deutscher

378 views • 20 slides
Teaching an old DAG new tricks Migrating a decade old pipeline to Airflow Outline Cloud native

Teaching an old DAG new tricks Migrating a decade old pipeline to Airflow Outline Cloud native

Teaching an old DAG new tricks Migrating a decade old pipeline to Airflow Outline Cloud native deployment Cloud native deployment Multi-repo DAG management Manage Airflow Variables with code through Terraform Airflow monitoring

478 views • 30 slides
An Introduction to Topological Data Analysis Yuan Yao Department of Mathematics HKUST April 22,

An Introduction to Topological Data Analysis Yuan Yao Department of Mathematics HKUST April 22,

Outline Why Topology? Simplicial Complex Persistent Homology An Introduction to Topological Data Analysis Yuan Yao Department of Mathematics HKUST April 22, 2020 1 Outline Why Topology? Simplicial Complex Persistent Homology 1 Why

1.01k views • 100 slides
Transplant vs. Surgery for Early HCC Rajesh Ramanathan, MD Surgical Oncology ISIGO October 10 th

Transplant vs. Surgery for Early HCC Rajesh Ramanathan, MD Surgical Oncology ISIGO October 10 th

Transplant vs. Surgery for Early HCC Rajesh Ramanathan, MD Surgical Oncology ISIGO October 10 th , 2019 HPI 56yo with NAFLD undergoing HCC surveillance with AFP elevation to 22. HBV and HCV negative. CT scan with 1.3 cm hepatic dome

173 views • 13 slides
Building Resilient Serverless Systems @johnchapin | symphonia.io John Chapin Partner,

Building Resilient Serverless Systems @johnchapin | symphonia.io John Chapin Partner,

Building Resilient Serverless Systems @johnchapin | symphonia.io John Chapin Partner, Symphonia Former VP Engineering, Technical Lead Data Engineering and Data Science teams 20+ yrs experience in govt, healthcare, travel, and

515 views • 29 slides

More recommend