"software defined cdn: arquitetura, componentes e desafios" - marcus grando (azion...
TRANSCRIPT
![Page 1: "Software Defined CDN: Arquitetura, componentes e desafios" - Marcus Grando (Azion Technologies), WeOp - The Operations Summit 2014](https://reader034.vdocuments.pub/reader034/viewer/2022050802/55c2df82bb61eb224a8b4799/html5/thumbnails/1.jpg)
Software Defined CDNArquitetura, Componentes e Desafios
Marcus Grando, CTO
Software Defined CDNArquitetura, Componentes e Desafios
Marcus Grando, CTO
![Page 2: "Software Defined CDN: Arquitetura, componentes e desafios" - Marcus Grando (Azion Technologies), WeOp - The Operations Summit 2014](https://reader034.vdocuments.pub/reader034/viewer/2022050802/55c2df82bb61eb224a8b4799/html5/thumbnails/2.jpg)
• Fundada em 2011 (Porto Alegre e Miami)
• Software Defined CDN (Intelligent Edge, Media Delivery, Live Streaming)
• Foco na experiência do usuário (Missão Crítica)
• Atuação Global (Brasil, EUA, Europa e Asia)
Azion TechnologiesOverview
![Page 3: "Software Defined CDN: Arquitetura, componentes e desafios" - Marcus Grando (Azion Technologies), WeOp - The Operations Summit 2014](https://reader034.vdocuments.pub/reader034/viewer/2022050802/55c2df82bb61eb224a8b4799/html5/thumbnails/3.jpg)
Azion TechnologiesOverview
![Page 4: "Software Defined CDN: Arquitetura, componentes e desafios" - Marcus Grando (Azion Technologies), WeOp - The Operations Summit 2014](https://reader034.vdocuments.pub/reader034/viewer/2022050802/55c2df82bb61eb224a8b4799/html5/thumbnails/4.jpg)
• Arquitetura
• Componentes
• Desafios
• Perguntas?
AgendaComo melhorar a experiência do usuário?
![Page 5: "Software Defined CDN: Arquitetura, componentes e desafios" - Marcus Grando (Azion Technologies), WeOp - The Operations Summit 2014](https://reader034.vdocuments.pub/reader034/viewer/2022050802/55c2df82bb61eb224a8b4799/html5/thumbnails/5.jpg)
• Mais de 50% do trafego é feito em CDN's (comercial e privada)
• Gen-1: Altamente distribuída, somente cache
• Gen-2: Menos distribuída, somente cache
• Gen-3: Super POP, inteligência na origem
ArquiteturaO que é uma CDN?
![Page 6: "Software Defined CDN: Arquitetura, componentes e desafios" - Marcus Grando (Azion Technologies), WeOp - The Operations Summit 2014](https://reader034.vdocuments.pub/reader034/viewer/2022050802/55c2df82bb61eb224a8b4799/html5/thumbnails/6.jpg)
Arquitetura
• Gen-4: CDN com Inteligência nos EDGEs (Azion: Altamente Distribuída)
• Aproxima a inteligência da aplicação ao usuário
• Coisas incríveis!
O que é uma SD-CDN?
![Page 7: "Software Defined CDN: Arquitetura, componentes e desafios" - Marcus Grando (Azion Technologies), WeOp - The Operations Summit 2014](https://reader034.vdocuments.pub/reader034/viewer/2022050802/55c2df82bb61eb224a8b4799/html5/thumbnails/7.jpg)
Arquitetura
• Melhorar a performance do usuário Mobile, Wi-Fi e outros dispositivos tradicionais (Latência em last mile)
• Performance? Adapte a aplicação ao usuário(Rede, SO, Browser, Tecnologia)
Desafios de uma SD-CDN
![Page 8: "Software Defined CDN: Arquitetura, componentes e desafios" - Marcus Grando (Azion Technologies), WeOp - The Operations Summit 2014](https://reader034.vdocuments.pub/reader034/viewer/2022050802/55c2df82bb61eb224a8b4799/html5/thumbnails/8.jpg)
Arquitetura
http://www.cisco.com/c/en/us/solutions/collateral/service-provider/visual-networking-index-vni/white_paper_c11-520862.html
Crescimento Mobile
![Page 9: "Software Defined CDN: Arquitetura, componentes e desafios" - Marcus Grando (Azion Technologies), WeOp - The Operations Summit 2014](https://reader034.vdocuments.pub/reader034/viewer/2022050802/55c2df82bb61eb224a8b4799/html5/thumbnails/9.jpg)
Arquitetura
• Otimização de imagem por dispositivo e tela(Webp - Chrome/Opera, PNG/JPEG - FF/IE)
• Otimização de rede (Window Scaling, Network Path Optimization)
• Conexão com a origem (Melhores protocolos, Multi-Origem)
• Prefetch do conteúdo
• Performance na entrega de JS, CSS, HTML, JSON, ICO, Fonts
Edge Intelligence: Application Acceleration
![Page 10: "Software Defined CDN: Arquitetura, componentes e desafios" - Marcus Grando (Azion Technologies), WeOp - The Operations Summit 2014](https://reader034.vdocuments.pub/reader034/viewer/2022050802/55c2df82bb61eb224a8b4799/html5/thumbnails/10.jpg)
Arquitetura
• Otimização para browsers (dns-prefetch, prefetch, prerender)
• API Acceleration
• Push Notification (Websockets)
• Otimização e Terminação TLS (Session cache/Tickets, OCSP stapling, Forward Secrecy e TLS False Start)
https://wiki.mozilla.org/Security/Server_Side_TLS
Edge Intelligence: Application Acceleration
![Page 11: "Software Defined CDN: Arquitetura, componentes e desafios" - Marcus Grando (Azion Technologies), WeOp - The Operations Summit 2014](https://reader034.vdocuments.pub/reader034/viewer/2022050802/55c2df82bb61eb224a8b4799/html5/thumbnails/11.jpg)
ArquiteturaOtimização e Terminação TLS: Session Cache/Session Ticket
$ openssl s_client -‐connect www.azion.com:443 -‐tls1 -‐tlsextdebug -‐status ... SSL-‐Session: Protocol : TLSv1 Cipher : ECDHE-‐RSA-‐AES128-‐SHA Session-‐ID: DA43DEAA0F9ACFE2D6888045FC5557BE23C9E3EF2CF2A48B99376546A9160DC7 Session-‐ID-‐ctx: Master-‐Key: B78A510239E2BB590E3E50AF8E0416DE1F014446F37C853CABED63A862D2599E7A93AEB1DFD6B26D011C729BC5D09A37 Key-‐Arg : None PSK identity: None PSK identity hint: None SRP username: None TLS session ticket lifetime hint: 600 (seconds) TLS session ticket: 0000 -‐ f2 ff eb ba 69 41 bb 52-‐48 23 70 02 7b 1c 73 bf ....iA.RH#p.{.s. 0010 -‐ e8 4a 40 cb fd a8 5f 85-‐14 81 71 fa 13 0c 6d e2 .J@..._...q...m. 0020 -‐ 9c b0 e4 46 99 b2 9a b7-‐8c eb e9 74 9e ea 53 88 ...F.......t..S. ...
![Page 12: "Software Defined CDN: Arquitetura, componentes e desafios" - Marcus Grando (Azion Technologies), WeOp - The Operations Summit 2014](https://reader034.vdocuments.pub/reader034/viewer/2022050802/55c2df82bb61eb224a8b4799/html5/thumbnails/12.jpg)
ArquiteturaOtimização e Terminação TLS: OCSP Stapling
$ openssl s_client -‐connect www.azion.com:443 -‐tls1 -‐tlsextdebug -‐status ... OCSP response: ====================================== OCSP Response Data: OCSP Response Status: successful (0x0) Response Type: Basic OCSP Response Version: 1 (0x0) Responder Id: 12A6D068879BA23554F7250E31E7488B1D6903FB Produced At: Nov 11 14:57:02 2014 GMT Responses: Certificate ID: Hash Algorithm: sha1 Issuer Name Hash: 0C9E4D9C3DEDEF84D891E972C7CF8406BC197B07 Issuer Key Hash: 96DE61F1BD1C1629531CC0CC7D3B830040E61A7C Serial Number: 1121B93115E4174B789AD972243139085B48 Cert Status: good This Update: Nov 11 14:57:02 2014 GMT Next Update: Nov 12 14:57:02 2014 GMT ...
![Page 13: "Software Defined CDN: Arquitetura, componentes e desafios" - Marcus Grando (Azion Technologies), WeOp - The Operations Summit 2014](https://reader034.vdocuments.pub/reader034/viewer/2022050802/55c2df82bb61eb224a8b4799/html5/thumbnails/13.jpg)
Arquitetura
• Segurança (WAF, Packet Inspection, DDoS, Edge Firewall)
• Availability (User Queue, Load Balancing)
• Edge Hosting?
Edge Intelligence: Outros
![Page 14: "Software Defined CDN: Arquitetura, componentes e desafios" - Marcus Grando (Azion Technologies), WeOp - The Operations Summit 2014](https://reader034.vdocuments.pub/reader034/viewer/2022050802/55c2df82bb61eb224a8b4799/html5/thumbnails/14.jpg)
Componentes
• Servidores e Rede
• BGP e Anycast
• DNS e Global Load Balancer
• Kernel, Libs e Linguagens
• HTTP Server e Streaming Server
Componentes de uma SD-CDN
![Page 15: "Software Defined CDN: Arquitetura, componentes e desafios" - Marcus Grando (Azion Technologies), WeOp - The Operations Summit 2014](https://reader034.vdocuments.pub/reader034/viewer/2022050802/55c2df82bb61eb224a8b4799/html5/thumbnails/15.jpg)
Componentes
• Alta capacidade de rede por servidor/rack (40Gbps por server)
• Alta capacidade de processamento por servidor/rack
• Alta densidade de memória por servidor/rack (1TB por server)
• Níveis de cache SSD/RAM
Servidores e Rede
![Page 16: "Software Defined CDN: Arquitetura, componentes e desafios" - Marcus Grando (Azion Technologies), WeOp - The Operations Summit 2014](https://reader034.vdocuments.pub/reader034/viewer/2022050802/55c2df82bb61eb224a8b4799/html5/thumbnails/16.jpg)
Componentes
• Responsável pelo recebimento das rotas (Milhões)
• Tratamento de AS_PATH, Priority, MED, Community
• Hint das operadoras para a CDN
• Software Defined (Exabgp, Bird e Quagga)
BGP
![Page 17: "Software Defined CDN: Arquitetura, componentes e desafios" - Marcus Grando (Azion Technologies), WeOp - The Operations Summit 2014](https://reader034.vdocuments.pub/reader034/viewer/2022050802/55c2df82bb61eb224a8b4799/html5/thumbnails/17.jpg)
Componentes
• Anúncio de um mesmo bloco em locais diferentes do mundo
• Usado para reduzir a latência de acesso (DNS e POP’s fallback)
• Software Defined (Exabgp, Bird e Quagga)
Anycast
![Page 18: "Software Defined CDN: Arquitetura, componentes e desafios" - Marcus Grando (Azion Technologies), WeOp - The Operations Summit 2014](https://reader034.vdocuments.pub/reader034/viewer/2022050802/55c2df82bb61eb224a8b4799/html5/thumbnails/18.jpg)
Componentes
• Software responsável pelo primeiro direcionamento do usuário
• Faz o controle da proximidade do usuário e a gestão da qualidade da entrega (BGP, Rotas manuais ou Geolocalização)
DNS e Global Load Balancer
$ dig www.azion.com ... ;; ANSWER SECTION: www.azion.com. 1963 IN CNAME 20001a.ph.azioncdn.net. 20001a.ph.azioncdn.net. 120 IN A 200.175.203.51 20001a.ph.azioncdn.net. 120 IN A 200.175.203.35 20001a.ph.azioncdn.net. 120 IN A 200.175.203.43
![Page 19: "Software Defined CDN: Arquitetura, componentes e desafios" - Marcus Grando (Azion Technologies), WeOp - The Operations Summit 2014](https://reader034.vdocuments.pub/reader034/viewer/2022050802/55c2df82bb61eb224a8b4799/html5/thumbnails/19.jpg)
Componentes
• Respostas precisam ser menores que 1ms (Database e Regras de negócio)
• Software Defined (Bind, Powerdns, Golang DEV)
• Suporte a EDNS Client Subnet
DNS e Global Load Balancer
+0 (MSB) +1 (LSB) +-‐-‐-‐+-‐-‐-‐+-‐-‐-‐+-‐-‐-‐+-‐-‐-‐+-‐-‐-‐+-‐-‐-‐+-‐-‐-‐+-‐-‐-‐+-‐-‐-‐+-‐-‐-‐+-‐-‐-‐+-‐-‐-‐+-‐-‐-‐+-‐-‐-‐+-‐-‐-‐+ 0: | OPTION-‐CODE = 8 (IANA) | +-‐-‐-‐+-‐-‐-‐+-‐-‐-‐+-‐-‐-‐+-‐-‐-‐+-‐-‐-‐+-‐-‐-‐+-‐-‐-‐+-‐-‐-‐+-‐-‐-‐+-‐-‐-‐+-‐-‐-‐+-‐-‐-‐+-‐-‐-‐+-‐-‐-‐+-‐-‐-‐+ 2: | OPTION-‐LENGTH (Bytes) | +-‐-‐-‐+-‐-‐-‐+-‐-‐-‐+-‐-‐-‐+-‐-‐-‐+-‐-‐-‐+-‐-‐-‐+-‐-‐-‐+-‐-‐-‐+-‐-‐-‐+-‐-‐-‐+-‐-‐-‐+-‐-‐-‐+-‐-‐-‐+-‐-‐-‐+-‐-‐-‐+ 4: | FAMILY = IPv4(1), IPv6(2) | +-‐-‐-‐+-‐-‐-‐+-‐-‐-‐+-‐-‐-‐+-‐-‐-‐+-‐-‐-‐+-‐-‐-‐+-‐-‐-‐+-‐-‐-‐+-‐-‐-‐+-‐-‐-‐+-‐-‐-‐+-‐-‐-‐+-‐-‐-‐+-‐-‐-‐+-‐-‐-‐+ 6: | SOURCE NETMASK (Usually 24) | SCOPE NETMASK | * 0 on request, >0 on response +-‐-‐-‐+-‐-‐-‐+-‐-‐-‐+-‐-‐-‐+-‐-‐-‐+-‐-‐-‐+-‐-‐-‐+-‐-‐-‐+-‐-‐-‐+-‐-‐-‐+-‐-‐-‐+-‐-‐-‐+-‐-‐-‐+-‐-‐-‐+-‐-‐-‐+-‐-‐-‐+ 7: | ADDRESS... / * needs match netmask +-‐-‐-‐+-‐-‐-‐+-‐-‐-‐+-‐-‐-‐+-‐-‐-‐+-‐-‐-‐+-‐-‐-‐+-‐-‐-‐+-‐-‐-‐+-‐-‐-‐+-‐-‐-‐+-‐-‐-‐+-‐-‐-‐+-‐-‐-‐+-‐-‐-‐+-‐-‐-‐+
http://tools.ietf.org/html/draft-vandergaast-dnsop-edns-client-subnet-00
![Page 20: "Software Defined CDN: Arquitetura, componentes e desafios" - Marcus Grando (Azion Technologies), WeOp - The Operations Summit 2014](https://reader034.vdocuments.pub/reader034/viewer/2022050802/55c2df82bb61eb224a8b4799/html5/thumbnails/20.jpg)
Componentes
• Atualmente 18% (já foi 12%) das consultas DNS vem do Google DNS ou OpenDNS no Brasil
• Google Public DNS agora detecta automaticamenteo suporte a ECS
DNS e Global Load Balancer
http://www.cdnplanet.com/blog/google-dns-opendns-and-cdn-performance/#mshttps://groups.google.com/forum/#!topic/public-dns-announce/67oxFjSLeUM
![Page 21: "Software Defined CDN: Arquitetura, componentes e desafios" - Marcus Grando (Azion Technologies), WeOp - The Operations Summit 2014](https://reader034.vdocuments.pub/reader034/viewer/2022050802/55c2df82bb61eb224a8b4799/html5/thumbnails/21.jpg)
Componentes
• Kernel > 3.7 (IW10, TCP Fast Open, Proportional Rate Reduction)
• OpenSSL (heartbleed, poodle), CK (http://concurrencykit.org/), ZeroRPC, Gevent
• Python, C/C++ e Golang
Kernel, Libs e Linguagens
![Page 22: "Software Defined CDN: Arquitetura, componentes e desafios" - Marcus Grando (Azion Technologies), WeOp - The Operations Summit 2014](https://reader034.vdocuments.pub/reader034/viewer/2022050802/55c2df82bb61eb224a8b4799/html5/thumbnails/22.jpg)
Componentes
• HTTP/HTTPS 1.0/1.1 (ATS, Nginx, Varnish)
• Cache (RAM, SSD)
• Plugins e regras de negócio (Real Time, Edge Intelligence)
• Novos protocolos: QUIQ (UDP), SPDY/HTTP 2.0 e Websockets
HTTP Server
http://trafficserver.apache.org/
![Page 23: "Software Defined CDN: Arquitetura, componentes e desafios" - Marcus Grando (Azion Technologies), WeOp - The Operations Summit 2014](https://reader034.vdocuments.pub/reader034/viewer/2022050802/55c2df82bb61eb224a8b4799/html5/thumbnails/23.jpg)
Componentes
• RTMP, HLS, MPEG-DASH
• Regras de negócio (Real Time)
• Segurança (Token, DRM) e Filtros (IP, Rede, Geoblock)
• Latência (Configurável)
Streaming Server
![Page 24: "Software Defined CDN: Arquitetura, componentes e desafios" - Marcus Grando (Azion Technologies), WeOp - The Operations Summit 2014](https://reader034.vdocuments.pub/reader034/viewer/2022050802/55c2df82bb61eb224a8b4799/html5/thumbnails/24.jpg)
Desafios
• Software Open Source, melhorias, correções de bugs, segurança e RFCs (ATS, Bind, Linux Kernel, Cassandra)
• Conhecimento em C/C++
• Programação por eventos, lock-free e troubleshoot
• Protótipos e testes de conceito de novas tecnologias
Desenvolvimento
![Page 25: "Software Defined CDN: Arquitetura, componentes e desafios" - Marcus Grando (Azion Technologies), WeOp - The Operations Summit 2014](https://reader034.vdocuments.pub/reader034/viewer/2022050802/55c2df82bb61eb224a8b4799/html5/thumbnails/25.jpg)
Desafios
• Escrever testes automáticos, garantindo uma boa cobertura
• Testes de regressão
• Dificuldades de simular um ambiente real
• Técnica de replay de conexões (dnsperf, tcpreplay, GOR, web-page-replay, Jmeter)
Testes
![Page 26: "Software Defined CDN: Arquitetura, componentes e desafios" - Marcus Grando (Azion Technologies), WeOp - The Operations Summit 2014](https://reader034.vdocuments.pub/reader034/viewer/2022050802/55c2df82bb61eb224a8b4799/html5/thumbnails/26.jpg)
Desafios
• Monitoração (Complex Event Processing, Alarmes Warning e Critical)
• Automatização de alarmes
• Agentes para configuração e interações Real Time (Monkeys, Alfreds)
• Painel de configuração e orquestração Real Time (Azion Manager)
Operação e Orquestração
![Page 27: "Software Defined CDN: Arquitetura, componentes e desafios" - Marcus Grando (Azion Technologies), WeOp - The Operations Summit 2014](https://reader034.vdocuments.pub/reader034/viewer/2022050802/55c2df82bb61eb224a8b4799/html5/thumbnails/27.jpg)
Desafios
• Grande quantidade de logs (Servidores, Clientes e Rede)
• Análise em tempo real
• Agentes de coleta e processadores multi-datacenter(RTT, Rede, ASN, HTTP, TLS, etc)
• Cassandra + PrestoDB (Grafana), InfluxDB
Big Data (Azion Analytics)
![Page 28: "Software Defined CDN: Arquitetura, componentes e desafios" - Marcus Grando (Azion Technologies), WeOp - The Operations Summit 2014](https://reader034.vdocuments.pub/reader034/viewer/2022050802/55c2df82bb61eb224a8b4799/html5/thumbnails/28.jpg)
DesafiosBig Data (Azion Analytics)
![Page 29: "Software Defined CDN: Arquitetura, componentes e desafios" - Marcus Grando (Azion Technologies), WeOp - The Operations Summit 2014](https://reader034.vdocuments.pub/reader034/viewer/2022050802/55c2df82bb61eb224a8b4799/html5/thumbnails/29.jpg)
DesafiosBig Data (Azion Analytics)
![Page 30: "Software Defined CDN: Arquitetura, componentes e desafios" - Marcus Grando (Azion Technologies), WeOp - The Operations Summit 2014](https://reader034.vdocuments.pub/reader034/viewer/2022050802/55c2df82bb61eb224a8b4799/html5/thumbnails/30.jpg)
Desafios
• Equipes de DevOps, maturidade das equipes e garantias extras
• Documentação e busca por erros automáticos
• Análise de RTT e dados RUM (Real User Monitoring)
Deploy continuo e Automatizações
![Page 31: "Software Defined CDN: Arquitetura, componentes e desafios" - Marcus Grando (Azion Technologies), WeOp - The Operations Summit 2014](https://reader034.vdocuments.pub/reader034/viewer/2022050802/55c2df82bb61eb224a8b4799/html5/thumbnails/31.jpg)
![Page 32: "Software Defined CDN: Arquitetura, componentes e desafios" - Marcus Grando (Azion Technologies), WeOp - The Operations Summit 2014](https://reader034.vdocuments.pub/reader034/viewer/2022050802/55c2df82bb61eb224a8b4799/html5/thumbnails/32.jpg)
Software Defined CDNArquitetura, Componentes e Desafios
Marcus Grando, CTO
http://www.azion.com.br/empresa/carreiras/