Redefining Perspectives A thought leadership forum for technologists interested in defining a new future

Size: px

Start display at page:

Download "Redefining Perspectives A thought leadership forum for technologists interested in defining a new future"

Everett Green
5 years ago
Views:

1 Redefining Perspectives A thought leadership forum for technologists interested in defining a new future

2 Session 2 Lessons from Real Life Cloud Computing Implementations

Vibhor Mathur Senior Specialist Technology Sapient Global Markets (India) Vibhor has more than 14 years of experience in designing and developing complex business critical applications primarily

3 Vibhor Mathur Senior Specialist Technology Sapient Global Markets (India) Vibhor has more than 14 years of experience in designing and developing complex business critical applications primarily using C++ / VC++ technologies He has a strong hold on the Trading and Risk Management domain, specifically in the areas of trade life cycle management and handling of OTC (Over the Counter) trades

4 Shivam Kumar Specialist Technology Sapient Global Markets (India) Shivam has over 9 years of experience in software design and development. He specializes in performance and scalability of applications He has developed various systems using platform and technologies like compute grids, Hadoop and Cloud Computing to achieve scalability. He has co-authored inhouse compute grids and elastic servers

5 CLOUD COMPUTING: LESSONS FROM REAL LIFE IMPLEMENTATIONS Vibhor Mathur and Shivam Kumar May 2014

based implementations 1 2 Porting a complex app from on-premise

6 What We ll Cover Share a perspective on the challenges faced and lessons learnt from real life experiences of working on cloud based implementations 1 2 Porting a complex app from on-premise to cloud Integrating a cloud application with onpremise infrastructure

7 Porting a Complex Application from On-premise to Cloud

8 We ll Focus on Solution Layout Security Performance Platform Availability Operations

9 CMRS Application Context TRADING FIRM TRADING SYSTEM 1 TRADING SYSTEM 2 TRADING SYSTEM 3 CMRS (Sapient) TRADING REPOSITORY (e.g. DTCC) 9

10 CMRS Deployment on Cloud

11 Porting from On-premise to Cloud (1/2) Interfacing with external entities needs to be thought through across the following dimensions: Hardware Based Limitations e.g. use of MQ CMRS ON PREMISE MQ SERVER 1 TRADING REPOSITORY MQ RECEIVER MQ SERVER 2 DEDICATED NETWORK

12 Porting from On-premise to Cloud (1/2) Interfacing with external entities needs to be thought through across the following dimensions: Hardware Based Limitations e.g. use of MQ CMRS ON CLOUD TRADING REPOSITORY SFTP SERVER 1 SFTP SERVER 2 Cloud Service INTERNET SFTP RECEIVER

PRIVATE PUBLIC Porting from On-premise to Cloud (1/2) Interfacing with external entities needs to be thought through across the following dimensions: Hardware

13 PRIVATE PUBLIC Porting from On-premise to Cloud (1/2) Interfacing with external entities needs to be thought through across the following dimensions: Hardware Based Limitations e.g. use of MQ CMRS ON CLOUD TRADING REPOSITORY Static IP Address Limitation SFTP SERVER 1 Cloud Service INTERNET SFTP RECEIVER SFTP SERVER 2

Porting from On-premise to Cloud (2/2) Partner with the cloud platform vendor to establish the architecture Deployment Design e.g. use of availability sets Security e.

14 Porting from On-premise to Cloud (2/2) Partner with the cloud platform vendor to establish the architecture Deployment Design e.g. use of availability sets Security e.g. use of access control lists Software license usage e.g. optimizing the use of BizTalk licenses

15 Security in Cloud Data in Transit Data at Rest Environment Governance Transmission over sftp Data Encryption Disable Copy over RDP Access Control Lists (ACLs) Site to Site VPN Tunnel Penetration Testing Intrusion Detection Processes Audits 15

16 Throughput (msgs/sec) Plan for Performance Related Changes Iterations On Cloud On Premise Performance of the application cannot be assumed to be same as on premise Key physical characteristics of the cloud platform IOPS of the system drive e.g. system drives are read optimized by default Potential deployment re-engineering Distribution of key database files across disks

17 Platform (Un)Availability Assume Things will go Wrong Event Scheduled Outages Unscheduled Outages Human Error Possible Mitigation Processes / Standard Operating Procedures Processes + Deployment Design Processes + Governance

18 Operating a Cloud Based SaaS Platform Infrastructure Management Patching, anti-virus updates Monitoring Service Level Agreements Understanding the SLAs of all the players including the cloud platform provider SLAs we offer has a significant impact on the cost e.g 24x7 vs 16x5 support model Costs Infrastructure cost architecture choices has a major impact Supporting the platform people cost could be substantially higher

19 Integrating a Cloud App with On-premise Infrastructure

20 We ll Focus on Introduction to Risk Calculator Motivators for Moving to Cloud Application Topology Demo Key Features We ll focus on Auto Scaling Integration with Enterprises Services

Characteristics Highly CPU intensive process Irregular usage pattern

21 Introduction to Risk Calculator Risk Calculator finds out risk scores of Mortgage Backed Securities (MBS) Large number of MBS securities. Characteristics Highly CPU intensive process Irregular usage pattern Application Monitor Portfolio Manager Risk Calculator Client Application Support Team Logging Service

22 Why move Risk Calculator to Cloud Scale-on-Demand: Cloud allows risk calculator to add computing power when needed No Initial Investment: on procuring infrastructure that is not fully utilized Reduced Maintenance Overheads: maintenance for components unsupported by the enterprise can be outsourced to the cloud

23 Application Topology on Cloud Risk Calculator Client ENTERPRISE Request Queue (SQS) Response Queue (SQS) Elastic Cache EC2 Simple Storage Service (S3)

24 Auto Scaling Risk Calculator Client ENTERPRISE Request Queue (SQS) Response Queue (SQS) Auto Scaler Elastic Cache EC2 Simple Storage Service (S3)

25 Enterprise Integration Risk Calculator Client ENTERPRISE Request Queue (SQS) Response Queue (SQS) Logging Service Auto Scaler Application Monitor Apache HTTPD Reverse Proxy Elastic Cache Reverse Tunnel EC2 Simple Storage Service (S3)

26 Credentials Management ENTERPRISE Risk Calculator Auto Scaler Identity and Access Management (IAM) Credential Service Enterprise Authentication Credentials Store

27 Lessons Learnt 27

28 Lessons Learnt 1. Porting an On-premise Application to Cloud Design the solution considering cloud constraints e.g. dependency on hardware Running a SaaS platform is a different ball game e.g. Cost Management, SLA Management Cost is not a differentiator - go with a vendor who is willing to partner

29 Lessons Learnt 2. Integrating an Application on Cloud with On-premise Infrastructure Use hybrid cloud model where the need for compute power is extremely variable Integrating with enterprise services will be needed design for it upfront Integrating from cloud into the enterprise is not trivial e.g. security perception

30 Thank You