Download - GOTO Amsterdam 2015: A Cloud Infrastructure for Scaling Innovation Across Autonomous Teams
A Cloud Infrastructurefor Scaling Innovation Across Autonomous [email protected] / @try_except_GOTO Amsterdam 2015
15 countries3 fulfillment centers15+ million active customers2.2+ billion € revenue 2014130+ million visits per month8.000+ employees
ONE OF EUROPE’S LARGEST ONLINE FASHION RETAILERS
Visit us: tech.zalando.com
~70% of all applications
WAR deployment
Single deployment tool
On-premise data center
MAIN PRODUCTION STACK SINCE 2010
AWS
STUPS
DOCKERDEPLOY
SSH ACCESS
AUDIT REPORTS
FULL AWS ACCESS
A PLATFORM ON TOP OF AMAZON WEB SERVICES
AUTONOMY AND COMPLIANCE
STUPS offers maximum freedom for developers while enabling near-real-time audit compliance for every single application.
One AWS account per Team
Deployment with Docker
Managed SSH Access
REST/OAuth 2.0 mandatory
Supports Traceability of Changes
STUPS IN A NUTSHELL
Public Internet
*.foo.example.org *.bar.example.org
Team “Foo” Team “Bar”ELB ELB
EC2Instance
EC2InstanceEC2
InstanceEC2Instance
EC2InstanceEC2
InstanceData Center LB
EC2InstanceEC2
InstanceLegacyInstances
ISOLATED AWS ACCOUNTS
ZMON APPLIANCE
*.foo.example.org *.bar.example.org
Team “Foo” Team “Bar”
EC2Instance
EC2InstanceEC2
InstanceEC2
Instance
ZMON Appliance
ZMON Appliance
KairosDB
EC2Instance
EC2Instance
ZMONController
ELB ELB
OAUTH: CREDENTIAL DISTRIBUTION VIA S3 BUCKETS
AWS
YOUR TURN
get access token
Taupage
Kio Mint
OAuthProvider
store passwords
get passwordS3
rotate passwords
STUPS Frontpagehttp://stups.ioSTUPS Documentationhttp://docs.stups.ioGitHub Repositorieshttps://github.com/zalando-stupsTrying out Senza and Taupagehttp://docs.stups.io/en/latest/user-guide/standalone-deployment.html
LINKS
● ELB forinbound traffic
● NAT instancesfor outbound
● HTTPS Only● Internal subnets
for app instances
DMZ DMZ DMZ
internalinternal
eu-west-1a eu-west-1b eu-west-1c
ELB
EC2
internal
EC2
NAT
STUPS: AWS ACCOUNT VPC SETUP
Pier One Docker Reg.
build
approve
EC2 Instances
Docker Container
Application “myapp”issue_management: Jira
Application Version “1.0”artifact: docker/myart:1.0
Taupage AMI
Ticket System
Kio Application RegistryTicket System
SCM
Image “docker/myart:1.0”commit: afb123Issue “ABC-123”
spec: [...]
Commit “afb123”msg: ABC-123..
✓ specs approved✓ artifact tested✓ artifact approved
STUPS: TRACEABILITY