Cloud computing, are you right?

Netease cloud chief solution architect Liu Chao was invited to the March 17 organized by the Internet operation and development of the actual strength of the summit delivered a speech to share the people understand and use the cloud computing errors, as well as the cloud of the original application design the right way. Many people think that even if the virtual cloud platform, the application moved to the virtual machine and the cloud host and even the container even if the completion of the cloud. But from the application level, all affect the flexibility and flexibility of the design will hinder the potential of cloud computing.

Spring Cloud, Eureka, Ribbon, Feign, Hystrix, Zuul, Spring Cloud Config, Spring Cloud Sleuth, and so on. The training includes: DevOps, micro service, Spring Cloud, Eureka, Ribbon, Feign, Hystrix, Zuul, Spring Cloud Config and Spring Cloud Sleuth.

Cloud Computing Ponzi scheme?

Liu Chao first to the development and operation and maintenance of the staff raised the following questions:

2.jpg

Since the birth of cloud computing, we have experienced physical machines, virtual machines, OpenStack and Docker and other technologies:

3.jpg

  • Physical machine stability, good performance, only the knowledge of Linux can be operation and maintenance. But the isolation is not good enough, resource utilization is not high enough;
  • So, the traditional application of virtualization, but the cost of traditional virtualization is relatively high, not only the license is expensive, the relevant technical staff recruitment is also difficult;
  • Most manufacturers obviously do not want to be this traditional virtualization long-term binding, so the birth of the open source implementation technology OpenStack. OpenStack open source without binding, strong compatibility. But the open source software is not stable, to achieve commercialization is bound to be customized, but from a binding switch to another binding. And most companies using OpenStack technology, will eventually find the operation and maintenance team did not reduce the need for recruitment of technical staff will have a higher demand;
  • The next Docker turned out to give cloud computing a new dawn, Docker lightweight, easy to migrate, to achieve DevOps and continuous integration / continuous delivery. Docker looks very simple, but in fact is the complexity of the transfer to the platform layer. Application to run up, need to install and configure the same can not save. To implement Docker's application at the production level, the underlying infrastructure is as complex as OpenStack.

The use of cloud computing errors

The reason why there will be these problems, Liu Chao that most people, or in the use of traditional ideas using cloud computing, application has not yet cloud. Liu Chao summed up the use of cloud computing eight errors:

1. The traditional single application without modification, on the virtual machine or container deployment. This is the problem of packaging too many things, the application configuration is very complex, can not achieve horizontal expansion, and even worse, a physical machine only run a container, did not enjoy the benefits of the container.

4.png

2. do not want to modify the application, and expect the virtualization layer of technical improvements, to "both want to run the horse and do not eat grass" effect. Such as the hope that the virtual machine or container to achieve the performance of the physical machine, although Intel and other manufacturers at the hardware level for virtualization to do a lot of improvements, but will greatly reduce the application of mobility and flexibility. So the cloud computing users first to realize that virtualization is bound to cause performance loss, should be applied to the transformation, to use the cloud computing horizontal scalability, thus offsetting the performance loss.

  1. It is expected to fine-tune the virtual machine, perceive the physical machine and the rack. Traditional operations usually ask why cloud computing can not provide the function of migration, the application from one machine to another machine, or the application is distributed in different physical machines or even racks. In fact, or cloud computing as a traditional physical machine to use. As shown in the figure below, the left is the architecture of Nova, the middle is Kubernetes architecture, they at the beginning of the design to provide a schedule mechanism, if the user has to perceive the underlying hardware, in fact, repeated the wheels.

5.jpg

  1. The whole company shares an account, which is controlled by the operation and maintenance, and all operations are approved by him. In fact, every cloud computing platform is a management system with account and sub-account, cloud computing flexibility is to achieve self-operation and maintenance, rather than the need for layers of approval of the traditional way.
  2. Do not plan and use VPC for isolation, isolation has a big problem.

6.jpg

  1. All the machines are with the public network IP address, and use the user name password login, these practices will bring security risks for the system.
  2. It is expected that the application layer will be highly efficient by the infrastructure layer. Such as memory data or hard disk cache, which is important which is not important, which data can not be determined, these are your application to know, cloud platform and can not distinguish.

7.jpg

  1. Build their own database, large data platform and other public infrastructure. This will greatly increase the company's operation and maintenance costs, and in fact every public cloud platform provides a corresponding PaaS platform to provide these services.

8.jpg

To sum up is that the infrastructure layer, platform layer, application layer, each layer should perform their duties, do not put pressure on another layer. In particular, the application layer design, to take into account the future of the application is running on the cloud, to provide flexibility to achieve expansion and disaster recovery backup mechanism, the general mechanism known as the cloud native (Cloud Native).

Design Essentials of Native Design

From the infrastructure layer, Netease cloud from the virtual machine to the container, OpenStack and Docker do a good fusion, such as the container running on the virtual machine, the use of IaaS layer of the ability to solve the network and storage problems, to avoid the Container-generated network and storage performance loss. Liu Chao from the security isolation, high performance, container cluster and log monitoring and other aspects of a detailed description:

9.jpg

10.jpg

11.jpg

12.jpg

So the application architecture layer, the user should be how to design the cloud to achieve the original application? Liu Chao summed up the eight design points:

1. Load Balanced API Gateway. In the area of ​​online operation and maintenance, the part of the public network connected to the public, preferably through the cloud platform to provide load balancing, because most of the cloud service provider load balancing function, are attached to the DDoS defense and WAF function;

13.jpg

2. Service split and service discovery.

3. Use PaaS service to reduce design difficulty. The following figure is Netease koala used in the Netease cloud platform PaaS service.

15.jpg

4. The transformation of stateless services. The main is to save the data in memory to the cache, the user data saved to the database, the file saved to the distributed storage, so that the application contains only business logic, no matter how the expansion is only business logic expansion, the following storage Also have their own cluster, do not need to do too much consideration to the application layer.

16.jpg

5. Container as a tool for continuous integration / continuous delivery. Some people will use the container as a virtual machine, but the advantages of the container more reflected in its standardization and accurate version control, thus forming a very smooth DevOps process.

17.jpg

6. Based on the code warehouse continuous delivery process, all the manual operation of the code, each running environment should correspond to a branch of the code, all changes are based on these branches, the mirror to modify, to trigger continuous integration Process.

18.jpg

  1. Centralized configuration management. The configuration should also be saved in the code and dispatched.

19.jpg

  1. Log analysis based on stream and search engine.

20.jpg

To sum up, the infrastructure layer should be flexible enough, and a certain degree of tuning, but do not do too much impact on the extension of the tuning; application layer should be developed to the cloud, to achieve better flexibility and sustainability Integrated / continuous delivery process, so that the two together, in order to effectively reduce the operation and maintenance costs. 14.jpg

    Heads up! This alert needs your attention, but it's not super important.