Hitchhikers guide to the enterprise grade platform
-
Upload
sap-cloud-platform -
Category
Technology
-
view
363 -
download
0
Transcript of Hitchhikers guide to the enterprise grade platform
Hitchhiker’s Guide to the Enterprise-Grade Platform
Agenda• SAP’s Journey• Speed• Multi-Cloud• Security• Other Topics
SAP’s Journey
About SAP• Focus on business applications since 1971• 20k+ developers in R&D• Helping customers with digitization
– IoT, Industrie 4.0– cloud offerings, e.g.:
• 2011: SuccessFactors (HCM)• 2012: Ariba (business network)• 2012: SAP HANA Cloud Platform (PaaS)• 2013: Hybris (E-Commerce)• 2014: Concur (travel)• 2015: SAP S/4 HANA (business suite)
How development evolved @SAPwaterfall agile devOps
monolith n-tier microservices
regular shipments continuousdelivery
physical servers virtualservers containers
datacenter hosted cloud
ownIaaS OpenStack multi cloud
proprietarytools open source&standards
What SAP needs to ensure• Help customers to digitize their business– fast, secure, scalable, non-disruptive
• 24x7 support – every day• Traceability / auditability / certification• Focus on differentiating technology• Engage in and use standards & open source
How to proceed with the learnings?
• Multiple options– Let others have the same experience
(“I've just had an unhappy love affair, so I don't see why anybody else should have a good time.”*)
– Be a good open source citizen and share the learnings
*Quotefromthenovel“Hitchhiker'sGuidetotheGalaxy”byDouglasAdams(1979)
Co-Innovation, Open Source and Standards• Learn from customers what is needed• Engage with strong partners to provide
customers with specific solutions• Contribute useful technology to open
source communities• Concentrate on differentiating
technologies and capabilities
SAP contributions to Cloud Foundry
Speed:Service Fabrik
*Quotefromthenovel“Hitchhiker'sGuidetotheGalaxy”byDouglasAdams(1979)
“therestofyou...keepbangingtherockstogether”*
Challenge• No default services available in off-the-shelf CF• Every provider needs to take care of this task• Service broker API leaves room to pick any
provisioning technology, but this also means, there is no built-in support/solution for this task
• Higher level capabilities like backup & restore or maintenance time windows are not covered
• Cloud controller model is minimal as well, especially in regards to version management
Requirements• Easily setup backing services• Inexpensive services for dev+test• Reliable, isolated and scalable HA/cluster
services for productive usage• Focus on a few provisiong technologies to
ease devops• Backup & Restore• Multiple versions and upgrade support for
services
Service Fabrik• Generic service broker and BOSH release• Supports Docker/Swarm- and BOSH-based
provisioning• Existing docker-boshrelease images can be
reused• Generic service instance dashboards• Automated stemcell & release updates• Backup&restore for OpenStack and AWS on
the way• Operations tooling on the way
https://github.com/SAP/service-fabrik-broker
Service Fabrik in a nutshellCFCLI
CloudController
Swarm BOSH
ServiceFabrikBroker++
Docker Docker DockerPostgreSQLDeployment
MongoDBDeployment
PostgreSQLDeployment
CloudCockpit PluginEnd-User-Facing
Backend
Agent
ServiceSpecificSecGrp
IaaSBlobStore
Agent Agent
Ops UI
Multi-Cloud:CF OpenStack Validator
“TherequirementslistedhereareconsiderednecessarybutnotsufficientforBOSHtobeabletouseyourOpenStackdeployment.Ifyoucannotperformanyoneofthesetaskssuccessfully,BOSHwillnotwork;however,satisfyingalltheserequirementsdoesnotensurethatBOSHwillwork.”*
*Noquotefrom“Hitchhiker'sGuidetotheGalaxy”,butfromhttps://docs.cloudfoundry.org/deploying/openstack/validate_openstack.html
Challenge• Run one Cloud Foundry installation in
various data centers• Will Cloud Foundry be installable and run
on the customers’ or partners’ OpenStack distribution?
• Deep BOSH expertise necessary for analysis of test results
Requirements• No deep BOSH expertise necessary• Should be easy to use• Error messages with actionable
description
SAP’s solution:CF OpenStack Validator• Response to the question “Will it run on
my OpenStack?”• executable + configuration file• actionable hints for non-BOSH-experts
https://github.com/cloudfoundry-incubator/cf-openstack-validator/
Security:IPSec
*Quotefromthenovel“Hitchhiker'sGuidetotheGalaxy”byDouglasAdams(1979)
”nothingtravelsfasterthanthespeedoflightwiththepossibleexceptionofbadnews,whichobeysitsownspeciallaws*”
Challenge• Attackers listening on network traffic
between nodes can read/modify data
Requirements• Encrypt all traffic between nodes (virtual
machines) so that an attacker listening “on the wire“ cannot read and/or modify data.
• Allow dynamic re-configuration in case of a security breach
• Solution should have no impact on scalability
BOSH Release for IPSecWhat SAP contributes• Can be used to e.g. encrypt all non-
encrypted communication inside CF deployment transparently for the communication partners
• To be used as co-deployment
https://github.com/SAP/ipsec-release
Other Topics
Lifecycle management of cloud native apps• Establish a standard for creating packaged
CF apps• Enable their deployment on all certified CF
platforms via a new deploy tool• Used within SAP to automate deployment,
blue-green deployment, deletion, etc.• Bring it into the Foundation and drive its
development with the community
Ramping up:CF auto scale and auto sleep• Collaboration with IBM
(auto scale)https://github.com/cloudfoundry-incubator/app-autoscaler
• Collaboration with Orange (auto sleep)https://github.com/cloudfoundry-community/autosleep
Diego & Abacus• Contributing to CF with 5 full time
committers
Thanks and DON’T PANIC!
Oh wait!
Here’s SAP’s formula with the answer to life, the universe, and
everything:
ComeandjoinSAPatbooth4 oroneoftheotherSAPsessions.You&theSAPcolleagueattheboothorthesessionwillfindout2-gether.
Yes,theansweris42J - still!
ContactInformationRuiNogueira(@ruinogueira)ProductManagerSAPHANACloudPlatform