Web Platform as a Service (PaaS) A Combat Support Agency Defense Information Systems Agency 17...
-
Upload
dylan-manning -
Category
Documents
-
view
216 -
download
0
Transcript of Web Platform as a Service (PaaS) A Combat Support Agency Defense Information Systems Agency 17...
Web Platform as a Service (PaaS) Web Platform as a Service (PaaS)
A Combat Support Agency
Defense Information Systems Agency
17 August 2011
A Combat Support Agency
DISA Cloud ServicesDISA Cloud ServicesCloud Service ModelsCloud Service Models
Platform Service Definition
Software as a Service (SaaS)
Platform as a Service(PaaS)
Physical infrastructure is abstracted to provide computing, storage, and networking as a service, avoiding the expense and need for dedicated systems
Physical infrastructure is abstracted to provide computing, storage, and networking as a service, avoiding the expense and need for dedicated systems
Application platform or middleware as a service on which custom applications and services can be deployed.
Application platform or middleware as a service on which custom applications and services can be deployed.
End-user application is delivered as a service instead of on-site software installations. Platform and infrastructure are abstracted.
End-user application is delivered as a service instead of on-site software installations. Platform and infrastructure are abstracted.
PaaS (Web)
RACE
Forge.Mil
From NIST: The capability provided by PaaS to the consumer is to deploy onto the cloud infrastructure consumer-created or acquired applications created using programming languages and tools supported by the provider. The consumer does not manage or control the underlying cloud infrastructure including network, servers, operating systems, or storage, but has control over the deployed applications
Infrastructure as a Service(IaaS)
On-demand self-service On-demand self-service
Broad network access
Broad network access
Resource pooling Resource pooling
Rapid elasticity Rapid elasticity
Measured Service Measured Service
A Combat Support Agency
3
Platform BenefitsPlatform Benefits
• Standardized development, test, and production environments with pre-integrated services allowing developer to focus on business logic– Remove IT infrastructure burden from developers
• Reduce development costs (H/W, S/W, administration)• No lab infrastructure startup issues• Allow developers to focus on application development• No waste of resources due to over provisioning
• Fast and inexpensive path to production • Dynamic resource allocation
– Scale applications when necessary– No waste of resources due to over provisioning
• Shared situational awareness for platform services• Utility-based billing
A Combat Support Agency
4
Air Force Air Force Platform Hosting ModelPlatform Hosting Model
• DISA provides Hardware, Basic and Database infrastructure & support
• ITIL based operations model
• Runtime Environment and Shared Services defined by DISA
• Initial capability includes DISA infrastructure plus adoption of ELS authentication
• Follow-on capability adds jointly confirmed shared services
• Custom hosting for unique applications that leverage IaaS and shared services
• Customer builds and delivers Custom Code for DISA to execute in Runtime Environment
• DISA provides path-to-production lifecycle services
Customer Responsibility
DISA Enhanced Services to Air Force
AF/DISA Shared Responsibility
DISA Standard Services
ERP PlatformWeb Platform CustomHosting
Infrastructure Services (IaaS)-Database Support
-Basic Support-Servers, Storage, Network, Facilities
Shared Services
Security Services (ELS / Direct Access )
Custom Code Delivery
Runtime Environment (.Net/Java)
Program Configuration
Operations Support Services
Data Exposure Services
On-boarding
Operations Model
Customer Unique SolutionRuntime
Environment (ERP App)
Development / Integration / Test Services
SDDP/Governance
A Combat Support Agency
5
PaaS DecompositionPaaS Decomposition
Dev
Infrastructure
Network
Storage
Red Hat Enterprise Linux / Windows 2008
DISA’s Platform as a Service (PaaS)
Customer Facing Services
Service Technologies
Ops
STS
LDAP
Apache
IIS
Oracle
TransformPBAC
Messaging
OWF
MySQL
Sync
Test
Presentation AccessControl
DataStore
DataServices
DevToolkit
DevPlatform
ForgeTools
TestTools
TestPlatform
ForgeTools
ServiceCatalog
ServiceLevel Mgmt
SharedSituationalAwareness
UtilityBilling
PaaS PaaS-STS
JBoss
WebPlatform
.NET
Enterprise Services
Messaging MetadataRegistry
ServiceRegistry
IdAM Monitoring
A Combat Support Agency
6
PaaS ApproachPaaS Approach• Two Platform as a Service (PaaS) Offerings
– General purpose cloud platform model – Secure Token Service (STS) to support Air Force Enterprise Level Security (ELS)
• Elastic, Self-service, Utility Pricing, Rapid Deployment• JBoss Enterprise Application Platform for Java Web Apps / Services
PaaS• DoD adoptable cloud platform• Standard dev / test / production
– Java / .NET
• DoD access controls• Virtual OE• Leverage Enterprise Services
– Registries, Security, Messaging…
• Elastic CPU / Memory resources• Exposure Services
Self-service PortalDevelopment / Integration / Test Environments
Open Source Software + COTS Infrastructure Technologies
PaaS-STS• Required for new AF applications• Standard dev / test / production
• Java / .NET
• Air Force ELS Access Controls
• Physical OE
• Dedicated Metadata Environment
• Elastic CPU / Memory resources
• Exposure Services
Op
era
tion
s /
Sh
are
d S
itua
tion
al A
wa
ren
ess
Rap
id P
ath
to P
rodu
ctio
n
A Combat Support AgencyJava Platform ArchitectureJava Platform Architecture
7
Network
Storage
Physical OE (4 x 6-core sockets, 256GB Mem)
Redhat Enterprise Linux
JBoss Enterprise Application Platform
Azul Zing JRE
JVM (1GB Heap)
CustomerApp
JVM (1GB Heap)
CustomerApp
JVM (1GB Heap)
CustomerApp
JVM (1GB Heap)
CustomerApp
JVM (1GB Heap)
CustomerApp
Maximize PaaS Customers for Resource Efficiencies
Dynamic Elasticity through Memory Insurance Pool 7
A Combat Support Agency
PaaS Path To ProductionPaaS Path To Production
8Rapid, standard, self-service capabilities
– Standardized platform from development through production
– More controlled than commercial for safe, secure cloud services
– Meets DoD standards for secure computing
– Smooth path to production with security validation
– Enterprise Portal will provide access to all services
– Orchestration tools will support more mature cloud services
– Location independent capabilities
Developer Toolkit
Shared Dev / Test Servicesfor Application Development
Test Tools
RuntimeEngine
PlatformInfrastructure
Shared SOA Services
SharedSituationalAwareness
ITILOps Model
SID
Develop Test Execute Operate
Self-ServicePortal
DynamicElasticity
Pa a S
Platform Infrastructure
Self-ServicePortal
Platform Infrastructure
A Combat Support Agency
9
PaaS Feature OverviewPaaS Feature Overview
Industry competitive capabilities with strong security and faster acquisition
A Combat Support Agency
10
Type Accreditation for PaaSType Accreditation for PaaS
Goal: Significantly reduce C&A timeline• Concept grounded on principal of reciprocity between
developed applications and DISA’s platform execution environment
• Accreditation authorities for the PaaS platform (DISA) and the developed web services and applications (Customer) will reciprocate on acceptance of each others accreditation work
• Approach– CSD will develop a DIACAP package for type accreditation of
the PaaS execution environment – The customer’s development, testing and fielding process will
need to ensure rigor for application code (above the line system)
– Acceptance of above the line and below the line IA work will be reciprocal
A Combat Support Agency
11
PaaS RoadmapPaaS Roadmap
Funding Acquired
Java Platform
IIS/ .NET
180 SAMLs / Sec
MDE v1.8
New STS Solution
JBoss Platform
Ozone Widget Framework
WebLogic Platform
Secure Token Services
IdAM
Data Store
Data Services
.Net Web PlatformOracle DB Oracle DB
SID
Web Services Monitoring
Log Monitoring / Reporting
Development Environment
Test Environment
MDE v1.7
Integration Services Environment
1666 SAMLs / Sec
OST / SID
Data Store
Legacy Exposure Services
Data Synchronization
Incident Mgmt Info Sharing
Price Model Complete
Upgrade STS Solution
1 Dec 2011(IOC)
1 Apr 2012(FOC)
1 Sep 2011
Legacy Exposure Services
Self-service Catalog
Service Registry
Auto-provisioning
Thales HSM
SA Dashboards
SA Widgets
JBoss Platform
A Combat Support AgencyHow do we get started?How do we get started?
• Web PaaS will be available 3 Qtr FY12• Contact Air Force CME group to become an early
adopter and take advantage of this service• Email [email protected]
12