ABRAHAM MARTIN @ABRAHAM MARTINC ARCHITECTURE OF A CLOUD SERVICE USING PYTHON TECHNOLOGIES · 2015....
Transcript of ABRAHAM MARTIN @ABRAHAM MARTINC ARCHITECTURE OF A CLOUD SERVICE USING PYTHON TECHNOLOGIES · 2015....
![Page 1: ABRAHAM MARTIN @ABRAHAM MARTINC ARCHITECTURE OF A CLOUD SERVICE USING PYTHON TECHNOLOGIES · 2015. 12. 23. · PYTHON TECHNOLOGIES ABRAHAM MARTIN @ABRAHAM_MARTINC. MANAGED WEB SERVICE](https://reader034.fdocuments.net/reader034/viewer/2022051408/5ff667330627ec14822e1e37/html5/thumbnails/1.jpg)
A R C H I T E C T U R E O F A C L O U D S E R V I C E U S I N G P Y T H O N T E C H N O L O G I E S
A B R A H A M M A RT I N @ A B R A H A M _ M A RT I N C
![Page 2: ABRAHAM MARTIN @ABRAHAM MARTINC ARCHITECTURE OF A CLOUD SERVICE USING PYTHON TECHNOLOGIES · 2015. 12. 23. · PYTHON TECHNOLOGIES ABRAHAM MARTIN @ABRAHAM_MARTINC. MANAGED WEB SERVICE](https://reader034.fdocuments.net/reader034/viewer/2022051408/5ff667330627ec14822e1e37/html5/thumbnails/2.jpg)
M A N A G E D W E B S E R V I C E
• Born to solve a problem around university
• Servers under desks
• Security problems
![Page 3: ABRAHAM MARTIN @ABRAHAM MARTINC ARCHITECTURE OF A CLOUD SERVICE USING PYTHON TECHNOLOGIES · 2015. 12. 23. · PYTHON TECHNOLOGIES ABRAHAM MARTIN @ABRAHAM_MARTINC. MANAGED WEB SERVICE](https://reader034.fdocuments.net/reader034/viewer/2022051408/5ff667330627ec14822e1e37/html5/thumbnails/3.jpg)
M A N A G E D W E B S E R V I C E
• Managed:
• Software/OS maintained by us
• Web hosting capabilities (PHP, CGIs, MySQL…)
• No backups worries
• Dedicated resources (v2)
![Page 4: ABRAHAM MARTIN @ABRAHAM MARTINC ARCHITECTURE OF A CLOUD SERVICE USING PYTHON TECHNOLOGIES · 2015. 12. 23. · PYTHON TECHNOLOGIES ABRAHAM MARTIN @ABRAHAM_MARTINC. MANAGED WEB SERVICE](https://reader034.fdocuments.net/reader034/viewer/2022051408/5ff667330627ec14822e1e37/html5/thumbnails/4.jpg)
M A N A G E D W E B S E R V I C E
• v1
• Solaris 7, Apache 1.3, PHP 4.3, MySQL 4.1…
• home-grown system involving chroot and loop back mounts
• v2
• Updated Software (Solaris 10, Apache 2, PHP5, MySQL, perl…)
• Solaris Zones
![Page 5: ABRAHAM MARTIN @ABRAHAM MARTINC ARCHITECTURE OF A CLOUD SERVICE USING PYTHON TECHNOLOGIES · 2015. 12. 23. · PYTHON TECHNOLOGIES ABRAHAM MARTIN @ABRAHAM_MARTINC. MANAGED WEB SERVICE](https://reader034.fdocuments.net/reader034/viewer/2022051408/5ff667330627ec14822e1e37/html5/thumbnails/5.jpg)
M A N A G E D W E B S E R V I C E
• v2
• Database driven (scripts launched)
• NIS and NFS server
• Replicated but manual failover
• ZFS
• vhosts, aliases…
• Manual process (or executing scripts) but not available for end users
![Page 6: ABRAHAM MARTIN @ABRAHAM MARTINC ARCHITECTURE OF A CLOUD SERVICE USING PYTHON TECHNOLOGIES · 2015. 12. 23. · PYTHON TECHNOLOGIES ABRAHAM MARTIN @ABRAHAM_MARTINC. MANAGED WEB SERVICE](https://reader034.fdocuments.net/reader034/viewer/2022051408/5ff667330627ec14822e1e37/html5/thumbnails/6.jpg)
M A N A G E D W E B S E R V I C E
• v2
• > 200 users
• > 400 websites
![Page 7: ABRAHAM MARTIN @ABRAHAM MARTINC ARCHITECTURE OF A CLOUD SERVICE USING PYTHON TECHNOLOGIES · 2015. 12. 23. · PYTHON TECHNOLOGIES ABRAHAM MARTIN @ABRAHAM_MARTINC. MANAGED WEB SERVICE](https://reader034.fdocuments.net/reader034/viewer/2022051408/5ff667330627ec14822e1e37/html5/thumbnails/7.jpg)
M A N A G E D W E B S E R V I C E
• Falcon
• Plone based
• >200 sites
![Page 8: ABRAHAM MARTIN @ABRAHAM MARTINC ARCHITECTURE OF A CLOUD SERVICE USING PYTHON TECHNOLOGIES · 2015. 12. 23. · PYTHON TECHNOLOGIES ABRAHAM MARTIN @ABRAHAM_MARTINC. MANAGED WEB SERVICE](https://reader034.fdocuments.net/reader034/viewer/2022051408/5ff667330627ec14822e1e37/html5/thumbnails/8.jpg)
M A N A G E D W E B S E R V I C E
• v3
• Restart
• Complete Isolation, dedicated VMs
• No root access
• Managed and maintained by “us” but still offering same (and more) options
• Web panel to delegate users some power
![Page 9: ABRAHAM MARTIN @ABRAHAM MARTINC ARCHITECTURE OF A CLOUD SERVICE USING PYTHON TECHNOLOGIES · 2015. 12. 23. · PYTHON TECHNOLOGIES ABRAHAM MARTIN @ABRAHAM_MARTINC. MANAGED WEB SERVICE](https://reader034.fdocuments.net/reader034/viewer/2022051408/5ff667330627ec14822e1e37/html5/thumbnails/9.jpg)
M A N A G E D W E B S E R V I C E
• v3
• Debian 8 (AMP by default)
• Other apache mods available (e.g. mod_wsgi)
• List of system packages available to install
• Authorisation, vhost, dns, tls, backups, password reset, and power management given to the user
• Fully automated processes based on a web panel.
![Page 10: ABRAHAM MARTIN @ABRAHAM MARTINC ARCHITECTURE OF A CLOUD SERVICE USING PYTHON TECHNOLOGIES · 2015. 12. 23. · PYTHON TECHNOLOGIES ABRAHAM MARTIN @ABRAHAM_MARTINC. MANAGED WEB SERVICE](https://reader034.fdocuments.net/reader034/viewer/2022051408/5ff667330627ec14822e1e37/html5/thumbnails/10.jpg)
![Page 11: ABRAHAM MARTIN @ABRAHAM MARTINC ARCHITECTURE OF A CLOUD SERVICE USING PYTHON TECHNOLOGIES · 2015. 12. 23. · PYTHON TECHNOLOGIES ABRAHAM MARTIN @ABRAHAM_MARTINC. MANAGED WEB SERVICE](https://reader034.fdocuments.net/reader034/viewer/2022051408/5ff667330627ec14822e1e37/html5/thumbnails/11.jpg)
![Page 12: ABRAHAM MARTIN @ABRAHAM MARTINC ARCHITECTURE OF A CLOUD SERVICE USING PYTHON TECHNOLOGIES · 2015. 12. 23. · PYTHON TECHNOLOGIES ABRAHAM MARTIN @ABRAHAM_MARTINC. MANAGED WEB SERVICE](https://reader034.fdocuments.net/reader034/viewer/2022051408/5ff667330627ec14822e1e37/html5/thumbnails/12.jpg)
M A N A G E D W E B S E R V I C E
• v3
• Test server (for testing upgrades, changes, etc)
• Clone options
![Page 13: ABRAHAM MARTIN @ABRAHAM MARTINC ARCHITECTURE OF A CLOUD SERVICE USING PYTHON TECHNOLOGIES · 2015. 12. 23. · PYTHON TECHNOLOGIES ABRAHAM MARTIN @ABRAHAM_MARTINC. MANAGED WEB SERVICE](https://reader034.fdocuments.net/reader034/viewer/2022051408/5ff667330627ec14822e1e37/html5/thumbnails/13.jpg)
A R C H I T E C T U R E
![Page 14: ABRAHAM MARTIN @ABRAHAM MARTINC ARCHITECTURE OF A CLOUD SERVICE USING PYTHON TECHNOLOGIES · 2015. 12. 23. · PYTHON TECHNOLOGIES ABRAHAM MARTIN @ABRAHAM_MARTINC. MANAGED WEB SERVICE](https://reader034.fdocuments.net/reader034/viewer/2022051408/5ff667330627ec14822e1e37/html5/thumbnails/14.jpg)
V M A R C H I T E C T U R E
• Dedicated Managed VMs
• VMWare solution
• vSphere control panel + APIs
• ESXi servers
• External backup server
• No replicated
![Page 15: ABRAHAM MARTIN @ABRAHAM MARTINC ARCHITECTURE OF A CLOUD SERVICE USING PYTHON TECHNOLOGIES · 2015. 12. 23. · PYTHON TECHNOLOGIES ABRAHAM MARTIN @ABRAHAM_MARTINC. MANAGED WEB SERVICE](https://reader034.fdocuments.net/reader034/viewer/2022051408/5ff667330627ec14822e1e37/html5/thumbnails/15.jpg)
V M A R C H I T E C T U R E
• Flow
• Django web panel receives request from authenticated user
• A hostname and IPs (4&6) are allocated
• VM API to create a new VM
• VM API to install OS (Callback when VM ready)
• Ansible is executed
![Page 16: ABRAHAM MARTIN @ABRAHAM MARTINC ARCHITECTURE OF A CLOUD SERVICE USING PYTHON TECHNOLOGIES · 2015. 12. 23. · PYTHON TECHNOLOGIES ABRAHAM MARTIN @ABRAHAM_MARTINC. MANAGED WEB SERVICE](https://reader034.fdocuments.net/reader034/viewer/2022051408/5ff667330627ec14822e1e37/html5/thumbnails/16.jpg)
A N S I B L E
• Application Deployment + Configuration Management + Continuous Delivery
• Inventory of targets (dynamic or static)
• Roles (DB server, Web server, etc)
• A target can have more than one role
• Playbook: Targets and roles
![Page 17: ABRAHAM MARTIN @ABRAHAM MARTINC ARCHITECTURE OF A CLOUD SERVICE USING PYTHON TECHNOLOGIES · 2015. 12. 23. · PYTHON TECHNOLOGIES ABRAHAM MARTIN @ABRAHAM_MARTINC. MANAGED WEB SERVICE](https://reader034.fdocuments.net/reader034/viewer/2022051408/5ff667330627ec14822e1e37/html5/thumbnails/17.jpg)
A N S I B L E P L AY B O O K
---#mwsclients.yml; playbook for MWS client machines- hosts: mwsclients gather_facts: no roles: - common - mwscommon - metrics_service - mwsclient
• For each role:
• tasks (yaml), templates (jinja2), scripts, handlers, vars
![Page 18: ABRAHAM MARTIN @ABRAHAM MARTINC ARCHITECTURE OF A CLOUD SERVICE USING PYTHON TECHNOLOGIES · 2015. 12. 23. · PYTHON TECHNOLOGIES ABRAHAM MARTIN @ABRAHAM_MARTINC. MANAGED WEB SERVICE](https://reader034.fdocuments.net/reader034/viewer/2022051408/5ff667330627ec14822e1e37/html5/thumbnails/18.jpg)
A N S I B L E R O L E---#mwsclient/tasks/main.yml - tasks file for the mwsclient role
- name: update software apt: upgrade=dist update_cache=yes tags: upgrades
- name: install base software apt: state=present name={{item}} with_items: # Base MWS software - openssh-server - apache2 - libapache2-mod-ucam-webauth - libapache2-mod-php5 - mysql-server - php5 - php5-gd - php5-mysql - php5-mcrypt - git # Software for interactive users - screen - emacs - vim-gtk tags: base_software
- name: static network configuration template: dest=/etc/network/interfaces src=interfaces.j2 notify: reboot
![Page 19: ABRAHAM MARTIN @ABRAHAM MARTINC ARCHITECTURE OF A CLOUD SERVICE USING PYTHON TECHNOLOGIES · 2015. 12. 23. · PYTHON TECHNOLOGIES ABRAHAM MARTIN @ABRAHAM_MARTINC. MANAGED WEB SERVICE](https://reader034.fdocuments.net/reader034/viewer/2022051408/5ff667330627ec14822e1e37/html5/thumbnails/19.jpg)
A N S I B L E H A N D L E R
---#mwsclient/handlers/main.yml - handlers file for the mwsclient role
- name: reload Apache service: name=apache2 state=reloaded
- name: restart autofs service: name=autofs state=restarted
- name: reboot command: shutdown -r -t 1
![Page 20: ABRAHAM MARTIN @ABRAHAM MARTINC ARCHITECTURE OF A CLOUD SERVICE USING PYTHON TECHNOLOGIES · 2015. 12. 23. · PYTHON TECHNOLOGIES ABRAHAM MARTIN @ABRAHAM_MARTINC. MANAGED WEB SERVICE](https://reader034.fdocuments.net/reader034/viewer/2022051408/5ff667330627ec14822e1e37/html5/thumbnails/20.jpg)
A R C H I T E C T U R E
![Page 21: ABRAHAM MARTIN @ABRAHAM MARTINC ARCHITECTURE OF A CLOUD SERVICE USING PYTHON TECHNOLOGIES · 2015. 12. 23. · PYTHON TECHNOLOGIES ABRAHAM MARTIN @ABRAHAM_MARTINC. MANAGED WEB SERVICE](https://reader034.fdocuments.net/reader034/viewer/2022051408/5ff667330627ec14822e1e37/html5/thumbnails/21.jpg)
M A N A G E D W E B S E R V I C E
• Authentication
• Raven (potentially Shibboleth/SAML2)
• Custom auth backend
• Webauth
![Page 22: ABRAHAM MARTIN @ABRAHAM MARTINC ARCHITECTURE OF A CLOUD SERVICE USING PYTHON TECHNOLOGIES · 2015. 12. 23. · PYTHON TECHNOLOGIES ABRAHAM MARTIN @ABRAHAM_MARTINC. MANAGED WEB SERVICE](https://reader034.fdocuments.net/reader034/viewer/2022051408/5ff667330627ec14822e1e37/html5/thumbnails/22.jpg)
A R C H I T E C T U R E
![Page 23: ABRAHAM MARTIN @ABRAHAM MARTINC ARCHITECTURE OF A CLOUD SERVICE USING PYTHON TECHNOLOGIES · 2015. 12. 23. · PYTHON TECHNOLOGIES ABRAHAM MARTIN @ABRAHAM_MARTINC. MANAGED WEB SERVICE](https://reader034.fdocuments.net/reader034/viewer/2022051408/5ff667330627ec14822e1e37/html5/thumbnails/23.jpg)
A U T H O R I S AT I O N ( L D A P I S H B A S E D )
![Page 24: ABRAHAM MARTIN @ABRAHAM MARTINC ARCHITECTURE OF A CLOUD SERVICE USING PYTHON TECHNOLOGIES · 2015. 12. 23. · PYTHON TECHNOLOGIES ABRAHAM MARTIN @ABRAHAM_MARTINC. MANAGED WEB SERVICE](https://reader034.fdocuments.net/reader034/viewer/2022051408/5ff667330627ec14822e1e37/html5/thumbnails/24.jpg)
A R C H I T E C T U R E
![Page 25: ABRAHAM MARTIN @ABRAHAM MARTINC ARCHITECTURE OF A CLOUD SERVICE USING PYTHON TECHNOLOGIES · 2015. 12. 23. · PYTHON TECHNOLOGIES ABRAHAM MARTIN @ABRAHAM_MARTINC. MANAGED WEB SERVICE](https://reader034.fdocuments.net/reader034/viewer/2022051408/5ff667330627ec14822e1e37/html5/thumbnails/25.jpg)
A U T H O R I S AT I O N ( L D A P I S H B A S E D )
• *nix users:
• User is installed in the VM (Using Ansible)
• UID (important for shared file storage) taken from Jackdaw (User central database)
• Periodic task to refresh installed users (in VMs) authorised via LDAP groups
• SSH public key uploaded to the web panel
![Page 26: ABRAHAM MARTIN @ABRAHAM MARTINC ARCHITECTURE OF A CLOUD SERVICE USING PYTHON TECHNOLOGIES · 2015. 12. 23. · PYTHON TECHNOLOGIES ABRAHAM MARTIN @ABRAHAM_MARTINC. MANAGED WEB SERVICE](https://reader034.fdocuments.net/reader034/viewer/2022051408/5ff667330627ec14822e1e37/html5/thumbnails/26.jpg)
A R C H I T E C T U R E
![Page 27: ABRAHAM MARTIN @ABRAHAM MARTINC ARCHITECTURE OF A CLOUD SERVICE USING PYTHON TECHNOLOGIES · 2015. 12. 23. · PYTHON TECHNOLOGIES ABRAHAM MARTIN @ABRAHAM_MARTINC. MANAGED WEB SERVICE](https://reader034.fdocuments.net/reader034/viewer/2022051408/5ff667330627ec14822e1e37/html5/thumbnails/27.jpg)
I P R E G I S T E R A P I
• Preallocated IP addresses
• cam.ac.uk domains aliases available for users (API)
• Service/Host addresses
• SSHFP records and DNSSEC
![Page 28: ABRAHAM MARTIN @ABRAHAM MARTINC ARCHITECTURE OF A CLOUD SERVICE USING PYTHON TECHNOLOGIES · 2015. 12. 23. · PYTHON TECHNOLOGIES ABRAHAM MARTIN @ABRAHAM_MARTINC. MANAGED WEB SERVICE](https://reader034.fdocuments.net/reader034/viewer/2022051408/5ff667330627ec14822e1e37/html5/thumbnails/28.jpg)
The authenticity of host 'test.dev.mws3.csx.cam.ac.uk (131.111.8.73)' can't be established. RSA key fingerprint is 22:e8:32:e4:bb:07:9c:7d:24:7e:96:c2:11:88:51:2d. Are you sure you want to continue connecting (yes/no)?
![Page 29: ABRAHAM MARTIN @ABRAHAM MARTINC ARCHITECTURE OF A CLOUD SERVICE USING PYTHON TECHNOLOGIES · 2015. 12. 23. · PYTHON TECHNOLOGIES ABRAHAM MARTIN @ABRAHAM_MARTINC. MANAGED WEB SERVICE](https://reader034.fdocuments.net/reader034/viewer/2022051408/5ff667330627ec14822e1e37/html5/thumbnails/29.jpg)
A R C H I T E C T U R E
![Page 30: ABRAHAM MARTIN @ABRAHAM MARTINC ARCHITECTURE OF A CLOUD SERVICE USING PYTHON TECHNOLOGIES · 2015. 12. 23. · PYTHON TECHNOLOGIES ABRAHAM MARTIN @ABRAHAM_MARTINC. MANAGED WEB SERVICE](https://reader034.fdocuments.net/reader034/viewer/2022051408/5ff667330627ec14822e1e37/html5/thumbnails/30.jpg)
C E N T R A L I N V E N T O R Y
• Bes++ (django)
• JSON file with information about all hosts:
• Location, IP, hostname, VM properties
• Pull consumed
![Page 31: ABRAHAM MARTIN @ABRAHAM MARTINC ARCHITECTURE OF A CLOUD SERVICE USING PYTHON TECHNOLOGIES · 2015. 12. 23. · PYTHON TECHNOLOGIES ABRAHAM MARTIN @ABRAHAM_MARTINC. MANAGED WEB SERVICE](https://reader034.fdocuments.net/reader034/viewer/2022051408/5ff667330627ec14822e1e37/html5/thumbnails/31.jpg)
A P I C O M M U N I C AT I O N T Y P E S
• REST / non REST HTTPS APIs
• SSH APIs
• JSON / non JSON
• Callbacks
![Page 32: ABRAHAM MARTIN @ABRAHAM MARTINC ARCHITECTURE OF A CLOUD SERVICE USING PYTHON TECHNOLOGIES · 2015. 12. 23. · PYTHON TECHNOLOGIES ABRAHAM MARTIN @ABRAHAM_MARTINC. MANAGED WEB SERVICE](https://reader034.fdocuments.net/reader034/viewer/2022051408/5ff667330627ec14822e1e37/html5/thumbnails/32.jpg)
A S Y N C TA S K S
• Some API calls
• Background processes
• Cron jobs
• Celery
• Redis
![Page 33: ABRAHAM MARTIN @ABRAHAM MARTINC ARCHITECTURE OF A CLOUD SERVICE USING PYTHON TECHNOLOGIES · 2015. 12. 23. · PYTHON TECHNOLOGIES ABRAHAM MARTIN @ABRAHAM_MARTINC. MANAGED WEB SERVICE](https://reader034.fdocuments.net/reader034/viewer/2022051408/5ff667330627ec14822e1e37/html5/thumbnails/33.jpg)
@shared_task(base=TaskWithFailure, default_retry_delay=5*60, max_retries=288) # Retry each 5 minutes for 24 hoursdef foo(param):var
![Page 34: ABRAHAM MARTIN @ABRAHAM MARTINC ARCHITECTURE OF A CLOUD SERVICE USING PYTHON TECHNOLOGIES · 2015. 12. 23. · PYTHON TECHNOLOGIES ABRAHAM MARTIN @ABRAHAM_MARTINC. MANAGED WEB SERVICE](https://reader034.fdocuments.net/reader034/viewer/2022051408/5ff667330627ec14822e1e37/html5/thumbnails/34.jpg)
class TaskWithFailure(Task):abstract = True
def on_failure(self, exc, task_id, args, kwargs, einfo):
LOGGER.error("An error happened")
![Page 35: ABRAHAM MARTIN @ABRAHAM MARTINC ARCHITECTURE OF A CLOUD SERVICE USING PYTHON TECHNOLOGIES · 2015. 12. 23. · PYTHON TECHNOLOGIES ABRAHAM MARTIN @ABRAHAM_MARTINC. MANAGED WEB SERVICE](https://reader034.fdocuments.net/reader034/viewer/2022051408/5ff667330627ec14822e1e37/html5/thumbnails/35.jpg)
CELERYBEAT_SCHEDULE = { 'cronjob1': { 'task': 'apimws.task1', 'schedule': timedelta(hours=1, minutes=30), 'args': () },}
![Page 36: ABRAHAM MARTIN @ABRAHAM MARTINC ARCHITECTURE OF A CLOUD SERVICE USING PYTHON TECHNOLOGIES · 2015. 12. 23. · PYTHON TECHNOLOGIES ABRAHAM MARTIN @ABRAHAM_MARTINC. MANAGED WEB SERVICE](https://reader034.fdocuments.net/reader034/viewer/2022051408/5ff667330627ec14822e1e37/html5/thumbnails/36.jpg)
M A N A G E D W E B S E R V I C E
• More features (all Ansible driven)
• Change DB root passwd
• Create vhosts
• Aliases
• TLS Certs
• Install some system packages
• Backups (Snapshots)
![Page 37: ABRAHAM MARTIN @ABRAHAM MARTINC ARCHITECTURE OF A CLOUD SERVICE USING PYTHON TECHNOLOGIES · 2015. 12. 23. · PYTHON TECHNOLOGIES ABRAHAM MARTIN @ABRAHAM_MARTINC. MANAGED WEB SERVICE](https://reader034.fdocuments.net/reader034/viewer/2022051408/5ff667330627ec14822e1e37/html5/thumbnails/37.jpg)
H I G H AVA I L A B I L I T Y
![Page 38: ABRAHAM MARTIN @ABRAHAM MARTINC ARCHITECTURE OF A CLOUD SERVICE USING PYTHON TECHNOLOGIES · 2015. 12. 23. · PYTHON TECHNOLOGIES ABRAHAM MARTIN @ABRAHAM_MARTINC. MANAGED WEB SERVICE](https://reader034.fdocuments.net/reader034/viewer/2022051408/5ff667330627ec14822e1e37/html5/thumbnails/38.jpg)
V M A R C H I T E C T U R E ( 1 )
![Page 39: ABRAHAM MARTIN @ABRAHAM MARTINC ARCHITECTURE OF A CLOUD SERVICE USING PYTHON TECHNOLOGIES · 2015. 12. 23. · PYTHON TECHNOLOGIES ABRAHAM MARTIN @ABRAHAM_MARTINC. MANAGED WEB SERVICE](https://reader034.fdocuments.net/reader034/viewer/2022051408/5ff667330627ec14822e1e37/html5/thumbnails/39.jpg)
V M A R C H I T E C T U R E ( 2 )
![Page 40: ABRAHAM MARTIN @ABRAHAM MARTINC ARCHITECTURE OF A CLOUD SERVICE USING PYTHON TECHNOLOGIES · 2015. 12. 23. · PYTHON TECHNOLOGIES ABRAHAM MARTIN @ABRAHAM_MARTINC. MANAGED WEB SERVICE](https://reader034.fdocuments.net/reader034/viewer/2022051408/5ff667330627ec14822e1e37/html5/thumbnails/40.jpg)
V M A R C H I T E C T U R E ( 3 )
![Page 41: ABRAHAM MARTIN @ABRAHAM MARTINC ARCHITECTURE OF A CLOUD SERVICE USING PYTHON TECHNOLOGIES · 2015. 12. 23. · PYTHON TECHNOLOGIES ABRAHAM MARTIN @ABRAHAM_MARTINC. MANAGED WEB SERVICE](https://reader034.fdocuments.net/reader034/viewer/2022051408/5ff667330627ec14822e1e37/html5/thumbnails/41.jpg)
V M A R C H I T E C T U R E ( 3 )
![Page 42: ABRAHAM MARTIN @ABRAHAM MARTINC ARCHITECTURE OF A CLOUD SERVICE USING PYTHON TECHNOLOGIES · 2015. 12. 23. · PYTHON TECHNOLOGIES ABRAHAM MARTIN @ABRAHAM_MARTINC. MANAGED WEB SERVICE](https://reader034.fdocuments.net/reader034/viewer/2022051408/5ff667330627ec14822e1e37/html5/thumbnails/42.jpg)
A R C H I T E C T U R E
![Page 43: ABRAHAM MARTIN @ABRAHAM MARTINC ARCHITECTURE OF A CLOUD SERVICE USING PYTHON TECHNOLOGIES · 2015. 12. 23. · PYTHON TECHNOLOGIES ABRAHAM MARTIN @ABRAHAM_MARTINC. MANAGED WEB SERVICE](https://reader034.fdocuments.net/reader034/viewer/2022051408/5ff667330627ec14822e1e37/html5/thumbnails/43.jpg)
M A N A G E D W E B S E R V I C E
• Deployment of Xen servers
• Three-node cluster
• Nodes on different location
• Live migration
• Deployed using Ansible
• Different service (API)
![Page 44: ABRAHAM MARTIN @ABRAHAM MARTINC ARCHITECTURE OF A CLOUD SERVICE USING PYTHON TECHNOLOGIES · 2015. 12. 23. · PYTHON TECHNOLOGIES ABRAHAM MARTIN @ABRAHAM_MARTINC. MANAGED WEB SERVICE](https://reader034.fdocuments.net/reader034/viewer/2022051408/5ff667330627ec14822e1e37/html5/thumbnails/44.jpg)
- name: django collect static files sudo: yes sudo_user: www-data django_manage: command=collectstatic app_path={{install_web_dir}}/ settings={{django_name}}.production_settings
- name: disable apache default site command: a2dissite default removes=/etc/apache2/sites-enabled/000-default.conf
- name: enable django site command: a2ensite {{django_name}} creates=/etc/apache2/sites-enabled/{{django_name}}
- name: install celeryd config file template: src=celeryd.j2 dest=/etc/default/celeryd notify: restart celery
![Page 45: ABRAHAM MARTIN @ABRAHAM MARTINC ARCHITECTURE OF A CLOUD SERVICE USING PYTHON TECHNOLOGIES · 2015. 12. 23. · PYTHON TECHNOLOGIES ABRAHAM MARTIN @ABRAHAM_MARTINC. MANAGED WEB SERVICE](https://reader034.fdocuments.net/reader034/viewer/2022051408/5ff667330627ec14822e1e37/html5/thumbnails/45.jpg)
---#mwsserver/handlers/main.yml - handlers for the mws server
- name: restart apache service: name=apache2 state=restarted
- name: restart celery service: name={{item}} state=restarted with_items: - celeryd - celerybeat
![Page 46: ABRAHAM MARTIN @ABRAHAM MARTINC ARCHITECTURE OF A CLOUD SERVICE USING PYTHON TECHNOLOGIES · 2015. 12. 23. · PYTHON TECHNOLOGIES ABRAHAM MARTIN @ABRAHAM_MARTINC. MANAGED WEB SERVICE](https://reader034.fdocuments.net/reader034/viewer/2022051408/5ff667330627ec14822e1e37/html5/thumbnails/46.jpg)
S E C U R I T Y
• No root passwords, only keys
• Separation of privileges (different users)
• pre-generation of host keys
• userv services
• TLS certs
![Page 47: ABRAHAM MARTIN @ABRAHAM MARTINC ARCHITECTURE OF A CLOUD SERVICE USING PYTHON TECHNOLOGIES · 2015. 12. 23. · PYTHON TECHNOLOGIES ABRAHAM MARTIN @ABRAHAM_MARTINC. MANAGED WEB SERVICE](https://reader034.fdocuments.net/reader034/viewer/2022051408/5ff667330627ec14822e1e37/html5/thumbnails/47.jpg)
![Page 48: ABRAHAM MARTIN @ABRAHAM MARTINC ARCHITECTURE OF A CLOUD SERVICE USING PYTHON TECHNOLOGIES · 2015. 12. 23. · PYTHON TECHNOLOGIES ABRAHAM MARTIN @ABRAHAM_MARTINC. MANAGED WEB SERVICE](https://reader034.fdocuments.net/reader034/viewer/2022051408/5ff667330627ec14822e1e37/html5/thumbnails/48.jpg)
– M A R K N O T T I N G H A M C H A I R O F T H E I E T F H T T P W O R K I N G G R O U P
“The HTTP/2 specification itself won’t require the use of TLS, even though many (or possibly all)
browsers will do so for the new protocol.”
![Page 49: ABRAHAM MARTIN @ABRAHAM MARTINC ARCHITECTURE OF A CLOUD SERVICE USING PYTHON TECHNOLOGIES · 2015. 12. 23. · PYTHON TECHNOLOGIES ABRAHAM MARTIN @ABRAHAM_MARTINC. MANAGED WEB SERVICE](https://reader034.fdocuments.net/reader034/viewer/2022051408/5ff667330627ec14822e1e37/html5/thumbnails/49.jpg)
![Page 50: ABRAHAM MARTIN @ABRAHAM MARTINC ARCHITECTURE OF A CLOUD SERVICE USING PYTHON TECHNOLOGIES · 2015. 12. 23. · PYTHON TECHNOLOGIES ABRAHAM MARTIN @ABRAHAM_MARTINC. MANAGED WEB SERVICE](https://reader034.fdocuments.net/reader034/viewer/2022051408/5ff667330627ec14822e1e37/html5/thumbnails/50.jpg)
M E T R I C S A N D L O G G I N G
• statsd & collectd
• cluster AMQP message brokers
• cluster carbon/graphite (storage)
![Page 51: ABRAHAM MARTIN @ABRAHAM MARTINC ARCHITECTURE OF A CLOUD SERVICE USING PYTHON TECHNOLOGIES · 2015. 12. 23. · PYTHON TECHNOLOGIES ABRAHAM MARTIN @ABRAHAM_MARTINC. MANAGED WEB SERVICE](https://reader034.fdocuments.net/reader034/viewer/2022051408/5ff667330627ec14822e1e37/html5/thumbnails/51.jpg)
![Page 52: ABRAHAM MARTIN @ABRAHAM MARTINC ARCHITECTURE OF A CLOUD SERVICE USING PYTHON TECHNOLOGIES · 2015. 12. 23. · PYTHON TECHNOLOGIES ABRAHAM MARTIN @ABRAHAM_MARTINC. MANAGED WEB SERVICE](https://reader034.fdocuments.net/reader034/viewer/2022051408/5ff667330627ec14822e1e37/html5/thumbnails/52.jpg)
M E T R I C S A N D L O G G I N G
![Page 53: ABRAHAM MARTIN @ABRAHAM MARTINC ARCHITECTURE OF A CLOUD SERVICE USING PYTHON TECHNOLOGIES · 2015. 12. 23. · PYTHON TECHNOLOGIES ABRAHAM MARTIN @ABRAHAM_MARTINC. MANAGED WEB SERVICE](https://reader034.fdocuments.net/reader034/viewer/2022051408/5ff667330627ec14822e1e37/html5/thumbnails/53.jpg)