next build 2015 architecting for the cloud
TRANSCRIPT
Architecting for the Cloud
Shared Responsibility
You are the architect!
Cloud is one big, great toolbox but…
You keep on having FULL responsibility for architecting the system
Design for Failure
Region Region
Global Services(such as admin console/API, Route 53, Cloudfront)
Availability Zone Availability Zone
Regional Services (such as ELB, S3, SNS, SQS etc.)
Cross-Region utilities(such as RDS Read-Replicas, AMI copy, Route53 LBR)
Leverage Topologies
Focus on Resilience
Availability of resources is difficult to guarantee, accept it, leverage it.
Design for resilience and low MTTR instead
Cloud requires a mind shift
When changing anything, launch a new stack.Don’t waste time fixing dying servers (unless of course)
Treat servers as disposable units
Router
Blue Stack Green Stack
Design for PaaS
Using high level services seems open door…
But in reality IaaS is still king
Design for PaaS (even if it doesn’t fit right from the start)
Pragmatic portability
Avoid vendor lock-in, but not at all costs
Stick to standards, understand alternatives but happily leverage unique features
SECURITY AND DATA PRIVACY
Is your cloud secure enough?
Still concern #1
Make sure you have your policy in place (and act upon it).
Apply Defence-in-depth
Secure each layerUse automation for repeatable tasks
Leverage the available servicesOrganise your security operations
Design security from the very start.
Questions?
[email protected] +Gerco Grandia @gercograndiahttps://nl.linkedin.com/in/gercograndia
BonusSERVICE INSTEAD OF APPLICATION
Think services
User Experience > ApplicationEnsure holistic view
Fail fast, act fast
Apply devops both in culture and design
Service reference architecture
Application Design PrinciplesSelf-service capabilities
Catalogue (SLA)
Licensing
Billing
Subscription Management
ID Management
Usage Analytics
Validation
Deployment
Provisioning
Monitoring & Root Cause Analysis
Platform and Infra services
DevOpsBack Office
End Users
App Developers
ServiceOperators