REX on a Micro-Service deployment

Toulouse, September 27th, 2016,

S. MARSOLLE & F. CASSIN

That’s one small step for IT, one giant leap for business agility

Give to your business the moon as in this REX of micro-

services solution used in the Airbus flight tests

department to rebuild a large and complex systems. This

medium size on-going project took some technical

decisions and finally managed to bring the Micro-

Services philosophy in a huge legacy IT system.

PRISM Micro-services REX

The “Airbus PRISM framework” is a REX of a real world agile framework built on

top of SOA and µService technologies to master redesign of complex systems

Summary

PRISM (Project to Redesign Instrumentation Solutions Management) is an Airbus project to overhaul a substantial

proportion of the flight test management system.

PRISM objectives target to use modern and innovative architecture principles like API management, DevOps, micro-

services, … to build a solid framework enabling high quality for developments, easy operation, high efficiency and an

incomparable agility to be adapted to present and future business requirements.

Copyright © 2016 Capgemini and Sogeti. All rights reserved. 3

Main drivers, why the MicroServices?

Existing Functional PRISM domain is supported by 1 main BIG and

centralized application (in an obsolete technology and design) plus

multiple satellites (in various technologies)

Catia V5

SABRE

CRIEV

CASTOR

PRISM = Tout ce qui est

FTI dans le périmètre EVI

SAP PGI CIRCE-C Technical SheetELMT

OPERA

FTA-NG

SHERPA-NG

Adage-XL (ou pas XL?)

MEDIA

SNOW

MIAM

eTLB

OASIS-FTIL'avancement de la

définition des chaines de

mesure

Certaines activités

viennent de TLB.

A mettre dans PRISM ?

Base Des Essais (BDE)

CANIF

IDA KALLISTE

YODA

PPSIS

LGIS

? (Multiple apps)

CUB_LOM per specialist

Switch configuration files

EVICA, EVIDS, EVIDA, EVIAC

SABRE scans /bdexport/data/SABRE/INBOX to

detect new files, the user creating the

programming select the files he accepts.

ALEST

PLUME

???

Airplus ?

Albatros / Airplus ?

OASIS

SAP FAL !?

FTI DEFINITION

PROGRAMMATIONREPORTING

FURTHER

FTI Eqt Catalog

DESI

Bridge FT

WS Secured

PRISM ALL-IN-ONE

(tout mélangé)

OSCAR-PC

get ETL File

Consult fiches techniques

get Mnemonics (available in ICDs)

Get data esport

Get measurement chain to

compute mesure precision

Use (to get which

equipment S/N is on

which aircraft)

Use (to get additional activities to do)

get NCD file

Use (get ETL fi le for MR generation +

other informations for MR generation)

Use (to get FTI Programming)

Use

Use (to get ZMOD advancement)

get parameter l ist from id

Use (to store which FTI

Programmation has be used

for a fl ight)

Update parameter status

Get MEMS definition

get avancement status

Get program files for CUB

Information sur les essais (dates, ...)

GMAO envoi des données

Use (to get ZMOD id/definition)

get measure list and

summary of mesure

chain

Used to know parameters

Use (manual l ink to get ICDs)

Use

CUB log delivery

notification

update FTI definition

Get MEMS module

Get parameters

Use (for getting equipment

information)

Use (faire une réservation

magazin et la sortie)

Get ICD files for A320

Use (to get objects to export

to SHERPA-NG for FTI

programming) for CUB

Update parameter status +

get measurement chain

Get PMZ for approbation

Use (get equipment IP adresses)

Copyright © 2016 Capgemini and Sogeti. All rights reserved. 4

POC context & objectives

PRISM Framework provides

common middleware and/or infrastructure for all PRISM applications

and the associated architecture rules and design guidelines.

Copyright © 2016 Capgemini and Sogeti. All rights reserved. 5

Context : the PRISM framework enabling PRISM implementation

Project to

Redesign

Instrumentatio

n Solutions

ManagementFTI

PROGRAMMING

VERIFICATION&

MAINTENANCE

FTI DEFINITIONLOGISTICS

DATA

TRACEABILITY

REPORTING

BUS

MANAGEMENTAFDX

MANAGEMENT

PRISM Project

PRISM FrameworkReporting

Bus Management AFDX

Management

FTI Programming

Verification and

Maintainance

FTI DefinitionLogistics

Data Traceability

POCPOC must provide and

demonstrate basis for the

PRISM framework:

• Security

• HA & scalability

• COTS used and their possible

evolution

• Supervision and administration

• Packaging and deployment

Which technology

to last 15 years?

Copyright © 2016 Capgemini and Sogeti. All rights reserved. 6

Definitions – PRISM Framework POC scope

Business API

AF

DX

Managem

ent

FT

I P

rog

ram

min

g

FT

I D

efinitio

n

Verification &

Main

tain

ance

Logis

tic

Data

Tra

ceab

ility

Report

ing

Bus M

anag

em

ent

Transversal Workflow

Authentication &

Authorization

Portal

Reporting

Technical API

Middleware

Infrastructure

Provided by

PRISM

applications

Red boxes are

functional areas

partially

prototyped

during the POC

Copyright © 2016 Capgemini and Sogeti. All rights reserved. 7

Why did not you buy directly a set of COTS ?

There are plenty of COTS managing Micro-Services and DevOPS

platforms:

API Gateway COTS:

Mule AnyPoint has been evaluated during the PRISM POC phase

DevOPS tools

Not yet fully standardized in Airbus

MicroService stack

Many initiatives on market, but no leading solutions : very long term support (15 years

at least) cannot be built with solutions not secured for the future. The “tool of the year”

is not an argument here.

Waiting for Enterprise tooling.

All is prepared to jump easily in incoming Airbus supported solutions for Containers,

DevOPS tools, Application performance management… It involves to limit some

ambitions and to compensate with custom developments while taking care on cost and

deadlines

Copyright © 2016 Capgemini and Sogeti. All rights reserved. 8

Internet

SOA

IIOP

Controversy – Does PRISM is really related to micro-service ?

Architecture concept

Solution class

Design style and standard

Time line

EDI

Level of In

tero

pera

bili

ty

B2B

B2C /

WWW

Distributed

organizations

Enterprise

Information System

Distributed

application

Application

Service

Micro service

Solution class

D-OSGi

Gateway

SCA

EAI

SOAP

WS-*

ESB

REST SwaggerRAML

API Gateway

HATEOAS

Managed Component

Swagger

PRISM

Copyright © 2016 Capgemini and Sogeti. All rights reserved. 9

PRISM secured « bubble »

Admin Web

browser

PRISM framework services – UI restricted to administrators

AirbusApplicationsRP

SiteMinder

AFDXmanagement

BUSmanagement

REPORTINGDATAtraceability

FTIdefinition

LOGISTICSVERIF &maintenance

FTIprogramming

SECU PROCESS ELK

PRISM

Public API

External

APIs

Registry(CONSUL)

NGINX internal « API Gateway » Load balancing

Deployment

manager

HTTP with the SM “REMOTE_UI” cookie & the JWT

cookie

HTTPS / intranet

HTTP-REST with

JWT

Admin agent / Tomcat

filter

URL mapping

Dynamic configuration

JWT injection

User Web

browser

Admin and

user end

points are

separated

(different web

site URL)

Log collection

PORTAL

UI

a way to deploy MicroService security in an existing security landscape

REST only

Case by case

REST only with JWT

Copyright © 2016 Capgemini and Sogeti. All rights reserved. 11

PRISM integration with legacy resources

Each resource is adapted by a connector

At the beginning of the project, connectors will be developed in Java and hosted in a

Tomcat instance dedicated to build this gateway (to be refined during ARD definition)

PRISM secured zone

REST only External resource APIs

REST / HTTP /

JWT

SABREDB

Filer A

Filer B

Filer C

SMTP

App E

App F

REST

API

REST

API

REST

API

REST

API

App F

adapterApp E

adapter

Filer adapter

DB adapterCase by case protocol

SMTPSMTP

adapter

Copyright © 2016 Capgemini and Sogeti. All rights reserved. 12

PRISM Framework technology stack

RHEL Linux

Docker like solution

JVM

Operating system

Containerization

Runtime

Middleware

Service execution container

Tomcat

Native

NginxCON

SUL

PRISM Framework(Java for now) ELK

(tech,

transac,

func)

Monitoring

& Audit

Airbus

Ops

tooling

Security

JWT

Airbus

SSO (Siteminder)

Airbus

Network /

Hardening

VMWare Hypervisor

Application (µ)Services

Copyright © 2016 Capgemini and Sogeti. All rights reserved. 13

PRISM Bubble Framework POC Services implementing the RESTful

NGINX : Acts as the KEY proxy / a “low level” API gateway for web services deployed

inside the bubble.

CONSUL and CONSUL Template : this is the service registry managing for each

service its version and its state (alive, broken, stopped, …). CONSUL stores bubble

shared parameters, services tags and inter-service version constraints.

ELK and Beats are used to collect in a single place (Elasticsearch) logs and traces in

a asynchronous near real time way. LogStach is used to grab data from logs

SECU bespoke service provides REST API to generate or renew a JWT token. It

manage a persistent store (Open LDAP is pre-empted) for fine grained authorisations.

OpenLDAP as a domain security repository where you can manage PRISM

authorisations.

Activiti to support business workflows of bespoke development and orchestrated

services (sync/async, scheduled)

Nexus to store all artefacts (i.e. the binaries and other resources) that are deployed in

a PRISM environment and Subversion to store environment parameters. This way

you can redeploy any versioned service at any time

Copyright © 2016 Capgemini and Sogeti. All rights reserved. 14

Typical figures. A few MacroServices or plenty of µServices ?

At beginning of projects we planned to have 20 (macro) services

…but now we reach 40 “µ” services because of code-reorganization

and maybe 60 µServices at the end of project.

the main objective is to gain flexibility in “deploy-to-production” process.

1 external call, a click in Web client or a call from external application to

public PRISM API, usually drives 5 internal services calls.

Half of services have a database persistency.

All services use transverse framework services like the configuration

manager or the logger.

Copyright © 2016 Capgemini and Sogeti. All rights reserved. 15

An example of Micro-Service philosophy influence on design

Before starting development : 1 application delivers in 1 WAR

1 monolithic console application that fully manage deployment process

Currently (mid of dev) : 2 applications delivered in 2 WARs

1 Framework manager (Deployment management)

1 Console GUI

At the end of 2017

3 specialized Framework managers:

• Deployment management

• Monitoring

• start/stop of components

Several transverse services

• BPM/Workflows manager

• Artefact repository (Nexus)

1 Console GUI aggregating information from framework managers.

Copyright © 2016 Capgemini and Sogeti. All rights reserved. 16

What’s about performances?

Considering

a service call from any Nginx client has a ping latency average of maximum 8 ms.

You have a maximum of 5 cascading calls

Any call is externally cacheable at runtime

Service infrastructure has no scalability limit and scalable at runtime,

You have a versatile performance monitoring, so you can find the bottleneck when you have

performance issue (or even automate alerts).

Then you have all levers obtain good performances in PRISM project context.

In case of transversal data request need just think about “big data” solution.

One of the service could a search engine working as PRISM framework service.

In case of huge real-time event flow need, you can complete the architecture

with a queuing system that would have the role as Nginx for asynchronous

calls.

Copyright © 2016 Capgemini and Sogeti. All rights reserved. 17

REX at mid-projectIN

TE

RN

AL A

NA

LY

SIS

• Cost to install products due to incomplete DevOps tooling (no automation for infrastructure deployment)

• It works• Not so expensive to develop framework

components• Lightweight software layer• Framework allow any Java implementation

(Spring, JEE…) and is opened to any technology (like dotNet, NodeJS)

• Tomcats architecture not proven (number, size per execution node, topology)

• Lack of Public API policy

• Service granularity is designed at code time.• Many Framework components are managed

like business components (re-use of deployment process).

• New external REST service on legacy system are managed as internal services.

• Docker (container virtualization) introduced for automated integration tests.

• The Framework is fully re-usable by another Airbus project

EX

TE

RN

AL A

NA

LY

SIS

STRENGTHS

WEAKNESSES

OPPORTUNITIES

SWOT

S O

W T

THREATS

Copyright © 2016 Capgemini and Sogeti. All rights reserved. 18

Contact information

Sébastien

MARSOLLEManaging Enterprise Architect

sebastien.marsolle@capgemini.com

Frédéric

CASSINManaging Enterprise Architect

frederic.cassin@capgemini.com

www.capgemini.com

The information contained in this presentation is proprietary.

Copyright © 2016 Capgemini and Sogeti. All rights reserved.

Rightshore® is a trademark belonging to Capgemini.

www.sogeti.com

About Capgemini and Sogeti

With more than 180,000 people in over 40 countries, Capgemini is a

global leader in consulting, technology and outsourcing services. The

Group reported 2015 global revenues of EUR 11.9 billion. Together

with its clients, Capgemini creates and delivers business, technology

and digital solutions that fit their needs, enabling them to achieve

innovation and competitiveness. A deeply multicultural organization,

Capgemini has developed its own way of working, the Collaborative

Business Experience™, and draws on Rightshore®, its worldwide

delivery model.

Sogeti is a leading provider of technology and software testing,

specializing in Application, Infrastructure and Engineering

Services. Sogeti offers cutting-edge solutions around Testing,

Business Intelligence & Analytics, Mobile, Cloud and Cyber

Security. Sogeti brings together more than 23,000 professionals in

15 countries and has a strong local presence in over 100 locations

in Europe, USA and India. Sogeti is a wholly-owned subsidiary of

Cap Gemini S.A., listed on the Paris Stock Exchange.