Brian ZhengDirector, Cloud Product Management Pegasystems
DevOps Bootcamp
2
Pega Cloud - Best Practices
DevOps
Pega Cloud – Best Practices
YOU WILL LEARN
1. Cloud computing (Mark’s perspective)2. How to manage and run your Pega application in a Cloud deployment 3. Pega Development Best Practices for a Cloud deployment
3
CLOUD?
4
Why is it called Cloud Computing?
5
Why is it called Cloud Computing?
6
Cloud computing metaphor: For a user, the network elements representing the provider-rendered services are invisible, as if obscured by a cloud.
Source: Wikipedia
A look at computing patterns
7
A look at computing patternsTraditional • Unique
• Highly skilled workforce• Requires fabrication• Not repeatable• May be fragile• Very difficult to scale• Very High cost per unit
8
A look at computing patternsHosted • Customized
• Segmented workforce• May require fabrication• Some aspects are
repeatable• May be fragile• Difficult to scale • High cost per unit
9
A look at computing patterns• Cloud • Consistent
• Automated or self service• Uses only premade parts• Repeatable• Less fragile• Scalable• Low cost per unit
10
“You can choose any color you want as long as it’s black”
Henry Ford 1909
Cloud and Pega 7 application design• Everything is disposable
– Everything must be on the clipboard
– File system is transient– No agent/listener node affinity– Replace not restart
• Assume things will fail– Rely on the Pega 7 platform
• Provisioned on-demand– Auto-scaled and elastic
11
But we do it this way in our shop
12
LIVING IN THE CLOUD
13
Responsibility
14
Application
Pega 7 Platform
Compute Storage
Security
Database
App Dev/Partner
App Dev/Partner & Pega Cloud
Pega CloudPega 7 Strategic Application
Network
Design Guardrails
15
Runtime Guardrails
16
Responsibility
17
Application
Pega 7 Platform
Compute Storage
Security
Database
App Dev/Partner
App Dev/Partner & Pega Cloud
Pega CloudPega 7 Strategic Application
Network
High value targets
18
Highlights bugs
19
Predictive Diagnostic Cloud (PDC)
Assesses the overall performance of your system automatically and quantifies the improvement opportunities
Highlights the 10 most significant opportunities for improvement
Real-time, actionable, notifications delivered via the channel of choice (email & portal)
Prescriptive guidance for resolution
Secure SaaS offering – deploy, maintain, upgrade with minimal effort
INCREASE ROI OF YOUR APPLICATIONAddress issues before they impact your business
IMPROVE RESOURCE ALLOCATIONFocus on issues that make the most business impact
IMPROVE RIGHT FIRST TIME FIX RATEEasy to understand, intuitive, actionable insight
Proactively improve health of your Pega Application
STRENGTHS
BENEFITS
Responsibility
21
Application
Pega 7 Platform
Compute Storage
Security
Database
App Dev/Partner
App Dev/Partner & Pega Cloud
Pega CloudPega 7 Strategic Application
Network
YOU WILL LEARN
1. Integration Challenges2. Pega Cloud Connectivity and Best Practices3. Security Controls and Best Practices
22
INTEGRATION CHALLENGES
23
The Handshake Problem
24
[n(n-1)]/2
Who wants to talk about plumbing?
25
26
Your aspiration …
15 requirement changes later …
27
And then came integration …
28
To make it worse…
29
CLOUD CONNECTIVITY AND BEST PRACTICES
30
Computing patterns
• Cloud– Repeatable
• Hosted– Customized
• Traditional– Unique
31
Option 1: Internet-Only access
• Most flexibile
• Put it to REST
• Green field applications
InternetOption 2: Private-Only access
• Legacy Hybrid Cloud
• Shut the Front Door
Option 3: Public user access, Private integration
• Use secure internet as much as possible
• Transitional model
• Optional private connection
Consider your options before build• Decoupled Architecture
• Connectivity– Reserve private IP ranges Upfront
– Get Network and Security team involved
early
– Minimize infrastructure changes after
creating apps
• Know your Integration points
• Minimize application chattiness
35
Can everything be REST?
Does everything need to be Private?
Option 2
Option 3
Happy Developers Option 1
Private Gateway Options
Pega Cloud Customer Data CenterVPN
Direct Connect
Customer VPC
VPC Peering
SECURITY CONTROLS AND BEST PRACTICES
37
Responsibility
38
Application
Pega 7 Platform
Compute Storage
Security
Database
App Dev/Partner
App Dev/Partner & Pega Cloud
Pega CloudPega 7 Strategic Application
Network
Cloud Provider Responsibilities• Physical Control and Monitoring• Network and Access Control• Data Protection• Risk Management
39
Customer Responsibilities & Best Practices
40
• Start with a Security Management Program– Data classification and life cycle– User lifecycle Management– Continuous Security Awareness Training– Vulnerability remediation process
The Single Most Important Thing
Customer Responsibilities & Best Practices
42
• Build great and secure applications• K.I.S.S. • Keeping track of all connectors and end points• Encrypt your traffic in transit• You are the owner of your content and data
