Hybrid-Cloud App Consuming External Services
Sketches of Hybrid Cloud Apps using On-Premise Services…
User Story Sketch
• Cloud CRM application users are employees of a company whose employee records are maintained in a SOR identity provider service and whose security policy is for this IdP DB to be on premise.
• Connectivity requirement for the App tier is modelled by a specialization of TOSCA’s normative connects-to base relationshiptype.
• Requirements and capabilities on source & target nodes:TBD.• External “tier” has no installation operation, nor layered
model. Cloud app tier may have an installation script covering the details of a tunnel to the IdP service.
SugarCrmApp
[SugarCRMApplication]
SugarCrmDb
[SugarCRMDatabase]
ApacheWebServer
[ApacheWebServer]
MySql
[MySQL]Externally connects to
hosted on
hosted on hosted on
hosted on
depends on
VmApache
[Server]
VmMySql
[Server]
hosted on hosted on
OsApache
[OperatingSystem]
OsMySql
[OperatingSystem]
hosted on hosted on
WebTier
[Tier]
DbTier
[Tier]
PhpModule
[ApachePHPModule]
IdProviderTier
[Tier]
connects to
Model with WebServer doing IdP check.
SugarCrmApp
[SugarCRMApplication]
SugarCrmDb
[SugarCRMDatabase]
ApacheWebServer
[ApacheWebServer]
MySql
[MySQL]
hosted on
hosted on hosted on
hosted on
depends on
VmApache
[Server]
VmMySql
[Server]
hosted on hosted on
OsApache
[OperatingSystem]
OsMySql
[OperatingSystem]
hosted on hosted on
WebTier
[Tier]
DbTier
[Tier]
PhpModule
[ApachePHPModule]
IdProviderTier
[Tier]
Externally connects to
connects to
Variant with App doing IdP check.
Externally connects to
• A subtype of base normative relationship type “connects to”• Implicit that target node is already “always on” if reachable
as required for security (TLS or other VPN style).• Defined without installation operation on target node.
Configure script & env variables for configure operation on source node-- sufficient?
• When lower level os/vm constraints exist on networking patterns, are these to be modeled as requirements on RelationshipType? E.g: useNat, useVPNoverPublicIP, etc. Directives for network configuration managers, controllers. QOS hints for SDN impl?
Questions & Discussion
• Virtual subnets creation and configuration are “scriptable” What are reasonable placements for these scripts? There is platform variability in underlying calls using virsh, brctl, tunctl, and many low level VM/OS management tools.
•
