Web application deployment

A Lecture for OpenAlt 2017

byIng. Tomáš VondraCloud Architect at

Motivation

• A web developer should also think about where his application will run

• There are more ways to deploy a server• It's imperative to choose the best one

– With regards to performance and cost– Make room for growth, ensure scalability– Availability of Service– Vendor lock-in?

Contents

• Own solution (aka. Server-under_the-table)• Datacenters

• Server in colocation hosting• Virtualization• IaaS

• Private, public, hybrid cloud

• Webhosting• Free, shared, managed server

• PaaS

Own server(s)

• Cost composition– Hardware– Energy– Cooling– Connectivity– Administration– Software

Own server(s)• Hardware

– You first need to buy the servers – upfront investment– Use commodity hardware or real servers?

• Stand-alone / tower design• Racks

– Junk (0 CZK – there is always some, please no laptops)– Gaming machine (10-60 kCZK)

• Best power for the money• More prone to failure – cheap parts, no redundancy

– Second-hand server (8-25 kCZK) CzSSecond-hand server (8-25 kCZK) CzS, LS• Well tested, but may be worn out, low efficiency

– New server (20-120 kCZK) CZCNew server (20-120 kCZK) CZC, Alza• More – you need to ask big brands for quotes• But you may get your own setup

Reliability - bathtub curve

Own server(s)

• What you need to supply• Power

– Low end servers (8 core 16GB) consume about 80W.• 2 socket x 2 core Pentium 4 had 300W• Haven't measured better ones yet.• DVFS (frequency scaling) saves 1/3, rest fixed

– 1 kWh costs about 4.70 CZK at retail prices• 80 * 24 b* 30 ~ 60 kWh ~ 300 CZK• Less in higher volumes - as low as 1.5

– Quality of electrical supply – UPS• These don't have 1,0 efficiency

TDP to GHz history

• Why invest in new servers?• To get more computing power per watt of

consumed energy.

Low power server

• For reference to last slide Wiki:Xeon• Intel Atom (Coedname Avoton) Wiki:Atom

– or ARM 64-bit servers• not many available yet – found only HP Moonshot

• They use 4x less power• Have the same computing power per MHz

– If you don’t need FPU, big caches, good instruction reordering, branch prediction, high frequency…

• More cores in the same space• Parameters• Benchmarks

Own server(s)

• Network connectivity– Depends on location

• Sometimes location prevents us to deploy public servers

• Local ISPs cheaper than country-wide• Price from 500 CZK/month + IP address

– Important for successful server operation• Good enough bandwidth• Response times influence user experience• Availability

– You may need more lines

Own server(s)

• What if you have more servers?– Server rooms

• Built when you know up-front you'll need a high computing capacity

• full of racks, spare space, good location• physical security systems• some companies deliver including the building blueprints

– Central UPS system, good connectivity– High concentrations of computers need cooling

Own server(s)

• Datacenter efficiency– Measured as PUE (Power Usage Effectiveness)– Ratio of total power use to power used by servers

• The rest is UPS overhead, cooling, lighting..

– Anything better than 2 is good– Best datacenters have 1,2-1,5

• Doesn't tell whether the computers are actually doing something useful

Own server(s)

• Software licenses• Operating systems

– Cost in 10,000s of CZK for server versions– Windows – several editions

• Difficult to even get a price quote for some– Linux – not all distros are free

• Enterprise versions – RedHat– Similar politics to Microsoft– pay per processor, virtual machine, extended support (per

year!)• Oracle, Ubuntu

– Only support is charged

Own server(s)

• Software licenses• Server software

– Windows already has most services built in• IIS, MS SQL, extra payment may be required

– Most Linux servers are open-source– You may want something better

• Better database engines (IBM, Oracle)• Easier administration (eg. Linux mail server)

Own server(s)

• Administration– All hardware and software is your

responsibility, as well as security– Work takes time depending on the complexity

of the network• Measured in FTE (Full Time Equivalent)

– Eg. „In our company, 1 FTE admin can take care of 10 000 servers.“» That's for a highly automated environment – cloud

providers– Heterogenous environments – as low as 20

Own server(s)

• What if you need High Availability?– Classical approach – second datacenter

• Two times the cost• Plus a dedicated data line between the two for

replication– You need to control routing

• To get traffic to the right internet line• In small scales – a load balancer in a datacenter• Large scale – a BGB AS number

Colocation housing

• Cost composition– Hardware– Energy– Cooling– Connectivity– Administration– Software

Payment to provider

Colocation housing

• Advantages– Rentable room for rack or tower servers– Good and relatively cheap connectivity– Power and cooling provided– Physical security– If anything is lacking, you have an SLA– You may also rent the hardware

Colocation housing

• Disadvantages– Distance– Software administration can be done remotely– To alter hardware, you need to travel

• May increase downtime• Assistance in the server rooms is minimal• ..connects KVM over IP and inserts CD

Colocation housing

• Prices– As low as 1000 CZK per server

• Has limitations in bandwidth and power– Real is about 2000 CZK per month– Different providers have different tariffs

• Billed for data, space and power• Cheapest ones out of Prague

– High Distance

– Experts recommend Germany, Netherlands, UK or USA• 4x price, but better connectivity and services• Note-to-self: hostingy.xls

Virtualization

• First used in 1969 by IBM• On PC platform since 1999 (Vmware)– Useful to run an OS on another

• Server virtualization since 2001– Aims to increase utilization in datacenters

• 4 types of virtualization

Virtualization

• Emulation– Simulates the run of a program on a computer

by noting the effect of every instruction– Pros: can run anything on anything– Cons: low efficiency – 10-30%

• That's no good for servers– QEMU, Bochs, DosBox, GnuBoy

Virtualization• Emulation (instruction-selective)

– If we need to run a PC on PC, why not directly on the CPU?• Instruction permissions - an OS kernel needs Ring 0• We can't let the guest overwrite host memory, so we can't give it

Ring 0• The CPU will catch illegal instructions and throw an interrupt

– Which will be serviced by the Virtualization software– We can run userspace directly and emulate kernel mode– Used early virtualizers, or current on old hardware

– KQEMU (obsolete), MS Virtual PC 2k7 (obsolete) VirtualBox or VMware Player

Virtualization

• Hardware virtualization– Pros: still can run anything on anything, with minimal

overhead– Cons: Needs support in the CPU– Introduced in 2005/Intel, 2006/AMD– New instructions add a layer of permission checking,

only moves the problem• OS on OS – OK, HV on HV – no go :-)

– No need to emulate all kernel mode• Still needs to emulate peripheral hardware

– KVM, Xen in HVM mode, <see previous slide>

Hardware Virtualization

Virtualization

• Paravirtualization– Pros: nothing needs to be emulated, minimal

overhead, possible on any CPU– Cons: can only run modified OSs

• Thus limited to open-source platforms

– Access to hardware is replaced by calls to hypervisor API

– PV was here before HVM – Xen/2003– Xen, all previously mentioned have PV drivers for

hardware – disks, network, VGA, …

Paravirtualization

Virtualization

• OS level virtualization aka Containers– Pros: no overhead at all, high memory efficiency

• Shared libraries and caches

– Cons: all guests share one kernel• Still possible to have different distributions

– Uses kernel facilities for high separation of containers• namespaces for user IDs, processes, network sockets,

filesystems• control groups for resource quotas

– Parallels (commercial), OpenVZ (being phased out), LXC, Docker (very new), runC, Rocket, nSpawn

Containers

Virtualization

• Advantages of server virtualization– Increased utilization– Power savings– Separation of applications– Higher flexibility– Fast server deployment– Load balancing– Error resilience

Virtualization

• Separation of applications– Used for reasons of stability

• No other services will influence ours– Security

• A security breach in one application won't compromise all others

– Power• Peak usage saturates the server

– If done by multiplication of physical servers, leads to low utilization

Virtualization

• Utilization– Consolidating multiple applications to the

same hardware saves on costs– With virtualization, separation is retained– VMs can be stacked as long as there is

enough computing power– If applications for a physical server are well

chosen, usage peaks may interleave

Two highly seasonal applications

Combination of workloads

Virtualization

• Flexibility– Modern hypervisors allow on-line transfers of

VMs• For load balancing (mostly manual)

– With a central storage, a VM may be launched anywhere• If a node crashes, just use another

– Virtual machine templates– Less administration work needed

• With higher qualification?

Server virtualization examples

• Open-source– Citrix XenServer (+commercial support)– Ganeti, Proxmox, Cantivo, Convirt, oVirt or

other KVM frontends• Commercial– VMware ESXi (free) + vCenter (clustering)– Microsoft HyperV (free) + Active Directory Ctr.

Infrastructure as a Service

• An upgrade to virtualization• First layer of Cloud Computing

– > general cloud properties– Automation– Elasticity– Self-service and web services– Pay per use

• Private, public and hybrid

Infrastructure as a Service

• What's a service? Computing power.– Rationed in units of VM Instances

• An instance has fixed CPU and RAM• There may be pre-defined types or user-configurable• Can't modify when running -> horizontal scaling

• Storage– File storage– Volumes / Virtual disks (on central storage)

• Network connectivity (In/Out, between VMs)• Usage of some APIs (autoscaling, monitoring)

Horizontally scalable web server

Infrastructure as a Service• Private cloud

– Separates hardware and application administration (Computing power - Service between departments)

– Users may deploy their own applications• Without waiting for new hardware or admin work• Without knowing where exactly they run

– Metering – it's known, who uses how much– Possibility of automatic scaling

• Re-use of resources for different tasks at different times of day (or month, year)– e.g.. Web servers at day, automatic builds at night

• Moves the utilization combination effect from single servers to whole datacenters

Scaling process in private IaaS

Infrastructure as a Service

• Public cloud• Cost composition

– Hardware– Energy– Cooling– Connectivity– Administration– Software (some licenses included)

Payment to provider

Infrastructure as a Service

• Public cloud– Motivation – economy of scale

• Provider increases datacenter utilization• Still can sell to the consumer cheap

– Extreme elasticity – illusion of infinite supply• Users may use 100s of computers• Without capital expenses

– May be expensive for long term extensive use

Infrastructure as a Service

• Public cloud– Licensing

• Providers have contracts with some software vendors -> Licenses per hour

– Billing• Instances usually per hour• Traffic for gigabyte, degressive tariffs• Storage per GB and time

– Number of I/O operations

• API calls

Infrastructure as a Service

• Public cloud– High availability

• Scaling is a necessity – else costs are high• If one instance dies, the autoscaler launches another

– Geographical distribution• Providers have multiple datacenters

– Which would be expensive to build by ourselves• Good data lines between them for replication• Autoscalers should be at Points of Presence• Therefore if a datacenter fails, traffic is redirected

Infrastructure as a Service

• Public cloud– Security

• Physical security is good– Providers have certifications for government data

• Security of the VMs is as good as you make it• But you need to trust the provider

– Not to misuse the data, leak the VM images– If you don't trust the provider, there is no way of running a

secure VM there» Paranoics, please debate after the lecture

– You can however use cloud storage for backups

Infrastructure as a Service

• Hybrid cloud– Combines a private and public cloud– For constantly high loads, own datacenter

should be cheaper– You may further save by planning not for

peak, but only normal load• Excesses will be run in a public cloud

– Needs data replication between you and cloud– And custom monitoring and scaling scripts

Infrastructure as a Service

• Hybrid cloud– May also be used for high availability– If there is always at least one instance running

in the public cloud– Or because of company policy– Some data must stay inside the building– Not always applicable– Some data is too big or too frequently updated

to replicate efficiently

Infrastructure as a Service

• Virtual private cloud may mean:– Reserved capacity paid upfront– A firewalled subnet, possibly with VPN conn.

Where to get “cloud”?

• Private– Open-source

• OpenStack (dynamic), Eucalyptus (enterprise), OpenNebula or Nimbus (scientific), CloudStack (easy)

– Commercial• VMware vCloud Director

– Still mostly server virtualization• IBM, HP

– Mostly virtualization + business process management– Both moving towards OpenStack core

Where to get “cloud”?

• Public– Amazon Web Services (1 year discount)– Microsoft Azure (see current marketing move)– Google Compute Engine

• Compare here– OpenStack based

• Homeatcloud (Czech)• UnitedStack, Vexxhost, Dreamhost, Rackspace

– Small providers (beware of cloudwashed VM hosting)• DigitalOcean, Linode, 4Smart (CZ), …• Compare: CloudoradoCompare: Cloudorado, scalyr

Where to get “cloud”?● Home at Cloud OpenStack demo

Webhosting

• Cost composition– Hardware– Energy– Cooling– Connectivity– Administration– Software (just your application)

Payment to provider

Webhosting

• Provider does all hardware and software administration

• Service usually includes domain registration and e-mail

• Limits usable programming languages– Most have PHP and ASP/.NET, some Perl

and Python, very few Java and Ruby• Changes to the environment only through

the provider's service personnel

Webhosting

• Three types– Free – mostly without scripting or with ads– Shared – good for low traffic sites– No information about how many sites on one server

• Hostings are compared only by latency– Multitenancy security measures mostly minimal– Managed– eq. Server rental with administration

• Terms can be arranged quite individually• More than one server may be costly

Platform as a Service

• Similar to webhosting in concept• Second layer of Cloud Computing

– > general cloud properties• Automation• Elasticity• Self-service and web services• Pay per use

Platform as a Service

• Similarities to webhosting– Takes care of software platform administration– Limits available programming languages

• Selection is different, with regard to scalability• mostly Ruby, Java, then Python, some PHP• Often includes a NoSQL database

– see previous lecture

Platform as a Service

• Differences– Usually no domains and e-mail– Self-service – no contact with provider's

service personnel– Elasticity and autoscaling

• Easier than in IaaS– Scripting for supported stacks already done

– Pay per use• Webhosting has flat fees• At small scales, free plans available

Platform as a Service

• Two types of PaaS– on IaaS

• Uses a layered approach– Depends on IaaS for multitenancy

» And for the servers themselves

• Adds application deployment and scaling– Direct

• Platform built from scratch, own hardware• May or may not contain virtualization

– Must secure multitenancy somehow else

Platform as a Service

• Added value– Development tools

• From a command-line tool to deploy apps• To a web dashboard with monitoring• Or even a click-up-your-own-app web IDE

– Special services and APIs• To use platform features, databases, ..

– Using platform specifics induces risk of vendor-lock in• No standard for PaaS platform yet

Where to get PaaS

• Public– Google App Engine, Microsoft Azure, Amazon

Elastic Beanstalk, SalesForce Heroku, AppFog, RedHat OpenShift, ActiveState Stackato, CloudBees, IBM BlueMix, Pivotal

• Private (few mature projects)– Pivotal Cloud Foundry, RedHat OpenShift,

Tsuru– Wouldn’t waste time with the rest (Cloudify

didn’t work)

Software as a Service

• That's what most of you want to make• Cost composition

– Hardware– Energy– Cooling– Connectivity– Administration– Software

Payment to provider

(that would be you)

Between IaaS and PaaS

• IaaS gives you (virtual) bare metal– You can choose an OS image with software

• Providers (e.g. Amazon, Microsoft) have their “Marketplaces”

• You can search for OpenStack images of anything• Public providers: TurnKey Linux, Bitnami

– Manual management of automatically scaled servers impossible• Simplest – custom OS images with configuration• To integrate them together, you need automation

DevOps

• Also known as Infrastructure as Code– Server configuration is scripted

• Fills the gap between developers and system administrators

• Repeatable processes that let you scale out quickly– Even if you start small, you write the scaling

• Examples (by age): CFEngine, Puppet, Chef, Ansible, SaltStack– Commercial: RightScale, Amazon OpsWorks

Cloud Architectures

• Mostly consist of scalable stateless layers separated by load balancers

• Backed by redundant database storage• Communicating through message queues• Multiple geographical zones for

redundancy, DBs replicated

Docker

goto lecture by Lukáš Hrubýmore examples here

Cloud Foundry

● Container technology not related to Docker○ also uses cgroups and namespaces

● No layers and central repository● Application is a first-class concept

○ the container is an implementation detail○ built by language-specific buildpack at staging time

● No volumes (will come soon)● Provides ready-made Services

○ MySQL, Postgres, Redis, RiakCS, RabbitMQ● Load balancing and scaling built in● Can run Docker containers as well

Thank you for your attention.

Questions?