Date post: | 27-Nov-2014 |
Category: |
Technology |
Upload: | cornelia-davis |
View: | 218 times |
Download: | 1 times |
1© Copyright 2013 Pivotal. All rights reserved. 1© Copyright 2013 Pivotal. All rights reserved.
Running Your Spring Apps in the CloudAt JavaOne
Cornelia DavisDirector, Platform Engineering, Cloud Foundry, [email protected] | @cdavisafc | October 2014
2© Copyright 2013 Pivotal. All rights reserved.
Let’s push an app
3© Copyright 2013 Pivotal. All rights reserved.
Overview: Deploying App to Cloud Foundry Runtime
① Upload app bits and metadata
p u s h a p p
push app
Rout
er② Create and bind services
③ Stage application
④ Deploy application
⑤ Manage application health…which is a whole ‘nother topic
Cloud FoundryRuntime (PaaS)
Blobstore DB
Cloud Controller
Service Broker Node(s)
DEADEA
DEADEA
+ app M D
+ app MD
+ =
Servicecredentials
4© Copyright 2013 Pivotal. All rights reserved.
Software
5© Copyright 2013 Pivotal. All rights reserved.
Software is Changing Industries
$3.5B valuation –Financial Services
$3.5B valuation– Travel & Hospitality
$17B valuation – Transportation
$1.1B acquisition by Monsanto – Agriculture
$19B valuation – Entertainment
$3.2B acquisition by Google– Digital Home
6© Copyright 2013 Pivotal. All rights reserved.
Reference Application from VMWare to demonstrate the vFabric Suite
Spring Trader
https://github.com/cf-platform-eng/springtrader-cf
7© Copyright 2013 Pivotal. All rights reserved.
From here …
8© Copyright 2013 Pivotal. All rights reserved.
Agenda (1/2)
Cross-site scripting JNDI Service Catalog Spring Cloud Connector
Apps and Manifests
Services plans
Auto reconfiguration
9© Copyright 2013 Pivotal. All rights reserved.
Agenda (2/2)
Define Service Type
XSS
Apps as Services
10© Copyright 2013 Pivotal. All rights reserved.
Cross-site Scripting
http://springtrader.com/services
http://springtrader.com/webhttp://traderweb.cfapps.io
http://traderservices.cfapps.io
11© Copyright 2013 Pivotal. All rights reserved.
Cross-site Scripting
http://traderfront.cfapps.ioOne war file
This is a hack!!
12© Copyright 2013 Pivotal. All rights reserved.
JNDI Service Instances
<jee:jndi-lookup id="dataSource" jndi-name="jdbc/nanodb" />Old:
13© Copyright 2013 Pivotal. All rights reserved.
Spring Cloud
VCAP_SERVICES locally
cf bind-service traderfront tradersql
<cloud:data-source id="dataSource" service-name="tradersql"> <cloud:connection properties="sessionVariables=sql_mode='ANSI'; characterEncoding=UTF-8;defaultTransactionIsolation=2”/> <cloud:pool pool-size="2" max-wait-time="200" /></cloud:data-source>
VCAP_SERVICES={"cleardb-n/a":[{"name":"tradersql","label":"cleardb-n/a","tags":["mysql","relational"],"plan":"spark","credentials":{"jdbcUrl":"jdbc:mysql://baf8a1e6a292a2:[email protected]:3306/ad_595d583f143adee","uri":"mysql://baf8a1e6a292a2:[email protected]:3306/ad_595d583f143adee?reconnect=true","name":"ad_595d583f143adee","hostname":"us-cdbr-east-05.cleardb.net","port":"3306","username":"baf8a1e6a292a2","password":"79581497"}}],"cloudamqp-n/a":[{"name":"tradermessaging","label":"cloudamqp-n/a","tags":["amqp","rabbitmq"],"plan":"lemur","credentials":{"uri":"amqp://klrdpgoo:[email protected]/klrdpgoo"}}]}
New:
OR
<cloud:data-source id="dataSource"> ...
14© Copyright 2013 Pivotal. All rights reserved.
(Big-A) Applications and Manifests
http://traderfront.cfapps.ioOne war file
Another war file
15© Copyright 2013 Pivotal. All rights reserved.
(Big-A) Applications and Manifests---timeout: 180memory: 1Gdomain: cfapps.ioinstances: 1services:- tradersql- tradermessagingapplications:- name: traderback path: dist/spring-nanotrader-asynch-services-1.0.1.BUILD-SNAPSHOT.war host: traderback- name: traderfront path: dist/spring-nanotrader-services-1.0.1.BUILD-SNAPSHOT.war host: traderfront
Global properties apply to all applications
16© Copyright 2013 Pivotal. All rights reserved.
Services Marketplace and Plans
<cloud:data-source id="dataSource"> <cloud:connection properties="sessionVariables=sql_mode='ANSI'; characterEncoding=UTF-8;defaultTransactionIsolation=2”/> <cloud:pool pool-size="2" max-wait-time="200" /></cloud:data-source>
17© Copyright 2013 Pivotal. All rights reserved.
Auto-reconfiguration
<rabbit:connection-factory id="connectionFactory" host="${NANO_RABBIT_HOST:localhost}" port="${NANO_RABBIT_PORT:5672}"/>
Old:
New:<cloud:rabbit-connection-factory id="connectionFactory"/>
USE AUTORECONFIGURATION WITH CARE!! (esp. in production)
18© Copyright 2013 Pivotal. All rights reserved.
Deal with Cross-site Scripting
<script> … accessing doc.something</script>…doc = XMLHTTPRequest http://example.com/foo…
GET http://example
.com/index.html
When one domain is responsible for both the HTML (with embedded scripts) and the content of the XMLHTTPRequest, all is fine.
19© Copyright 2013 Pivotal. All rights reserved.
Deal with Cross-site Scripting
<script> … accessing doc.something</script>…doc = XMLHTTPRequest http://example.com/foo…
GET http://evilsit
e.com/index.html
EVIL
When different domains:• Request will be sent• Browser will not make
response available
To accommodate:• Service lists domains
from which requests will be allowed
CORS Filter
20© Copyright 2013 Pivotal. All rights reserved.
Spring Cloud Connector Extension: HTTP Web Service
public class BasicHttpWebServiceInfo extends UriBasedServiceInfo {
public BasicHttpWebServiceInfo(String id, String host, int port, String username,
String password, String virtualHost) { super(id, "http", host, port, username, password, virtualHost); }
public BasicHttpWebServiceInfo(String id, String uri) throws CloudException { super(id, uri); }
…}
SpringCloud built in:• Amqp• Mongo• Monitoring• Mysql• Oracle• Postgresql• Redis• Smtp
21© Copyright 2013 Pivotal. All rights reserved.
Spring Cloud Connector Extension: HTTP Web Service
Here’s the tricky part:Put a file called org.springframework.cloud.cloudfoundry.CloudFoundryServiceInfoCreator on your classpath containing com.gopivotal.cloudfoundry.example.springcloud.BasicHttpWebServiceInfoCreator
https://github.com/spring-cloud/spring-cloud-connectors/tree/master/spring-cloud-core
public class BasicHttpWebServiceInfoCreator extends CloudFoundryServiceInfoCreator<BasicHttpWebServiceInfo>{
public BasicHttpWebServiceInfoCreator() {super(new Tags(), "http");
}public BasicHttpWebServiceInfo createServiceInfo(Map<String,Object> serviceData) {
@SuppressWarnings("unchecked")Map<String,Object> credentials = (Map<String, Object>) serviceData.get("credentials");
String id = (String) serviceData.get("name");
String uri = getStringFromCredentials(credentials, "uri", "url");
return new BasicHttpWebServiceInfo(id, uri);}
}
22© Copyright 2013 Pivotal. All rights reserved.
Cross-site Scripting
23© Copyright 2013 Pivotal. All rights reserved.
Apps as Services
Data Tier
Message Broker
cf create-service … tradersqlcf create-service … tradermessaging
24© Copyright 2013 Pivotal. All rights reserved.
Apps as Services
Data Tier
Message Broker Trader Back
cf push traderbackcf bind-service traderback stsqlcf bind-service traderback stmessaging
25© Copyright 2013 Pivotal. All rights reserved.
Apps as Services
Data Tier
Message BrokerTrader Front Trader Back
cf push traderfrontcf bind-service traderfront stsqlcf bind-service traderfront stmessaging
26© Copyright 2013 Pivotal. All rights reserved.
Trader Front
Apps as Services
Data Tier
Message BrokerTrader Front Trader Back
cf cups traderfront -p '{"uri": "http://traderfront.cfapps.io/api/"}'
app is a service
27© Copyright 2013 Pivotal. All rights reserved.
Apps as Services
Data Tier
Message BrokerTrader Front Trader Back
Trader Webcf push traderwebcf bind-service traderweb traderfront
app is a service
28© Copyright 2013 Pivotal. All rights reserved.
And that is the current state of the repo
29© Copyright 2013 Pivotal. All rights reserved.
Login Session Replication
Originally designed to use Gemfire peer to peer
Trader Front
Trader Front
Trader Front
30© Copyright 2013 Pivotal. All rights reserved.
DEA
Login Session Replication
Firewalled application containers restrict this!
Trader Front
Trader Front
Trader Front
31© Copyright 2013 Pivotal. All rights reserved.
Login Session ReplicationRedis for session state caching – Java buildpack v2.1
Pull Requests Welcome!!
Trader Front
Trader Front
Trader Front
https://github.com/cloudfoundry/java-buildpack/blob/master/docs/container-tomcat.md#session-replication
BUT, we aren’t using HTTP sessions for
auth tokens!(but the idea is right)
32© Copyright 2013 Pivotal. All rights reserved.
… to here
33© Copyright 2013 Pivotal. All rights reserved.
Thank you!
A NEW PLATFORM FOR A NEW ERA