Slide 1

Slide 1 text

On-Prem Support That was so 1982 [email protected] @CharlieOzinga

Slide 2

Slide 2 text

On-Prem Support That was so ...

Slide 3

Slide 3 text

On-Prem Support That was so 1982

Slide 4

Slide 4 text

A long time ago... In an IT department far away, a company would own and maintain all of its own computer hardware, where it would install all the software it used. This was generally considered a terrible idea. Then came the Cloud, which promised to save time and effort just by adding “as a service” to everything...

Slide 5

Slide 5 text

Moving to the Cloud (Like, the Cloud is totally way cool, dude)

Slide 6

Slide 6 text

Everybody’s doing it ... ‘ The argument over whether to go cloud or not is over. Aside from a few businesses ... most companies now acknowledge that they will eventually be moving their applications to the cloud. ‘ ‘ If I could have simply deployed our software on the public cloud, ... I would have asked, “Where do I sign?” ‘ ‘ [moving to the cloud] is undoubtedly one of the biggest trends in the IT industry right now. ‘

Slide 7

Slide 7 text

… or are they? ‘ Compute- and I/O-intensive big data workloads won't stray to the cloud yet as security and existing infrastructure keep analytics in the data center. ‘ ‘ Moving to the cloud should always be well evaluated and only done if it brings value ... not everything needs to be moved from On-Premises to the cloud. ‘

Slide 8

Slide 8 text

Scorecard: Cloud ●  Outsource IT ●  Cost ●  Upgrades ●  Mobility ●  Access*

Slide 9

Slide 9 text

Scorecard: On-Prem ●  Security (transmit, storage) ●  Compliance (HIPAA, PCI, internal) ●  Integration (w/ other software or processes) ●  Inertia (tech debt, things that work) ●  Cost (to scale)

Slide 10

Slide 10 text

Conclusion: Cloud is still trending, but there will still be holdouts for the foreseeable future.

Slide 11

Slide 11 text

Connecting … (14.4k baud modem sound goes here)

Slide 12

Slide 12 text

Connecting: Cloud User connects directly to API via the magic of the Internet.

Slide 13

Slide 13 text

Connecting: On-Prem (0) Nothing to connect to / is not reachable ●  Intranet ●  Firewall ●  Desktop

Slide 14

Slide 14 text

Connecting: On-Prem (1) On-Prem installs Ground2Cloud Client, which creates a tunnel to our hosted Ground2Cloud Server.

Slide 15

Slide 15 text

Connecting: On-Prem (2) User connects to server, which is forwarded to API via tunnel.

Slide 16

Slide 16 text

Conclusion: It’s theoretically possible to connect to on-prem APIs in the same way you connect to Cloud APIs.

Slide 17

Slide 17 text

Challenges … (Like, what’s your damage?)

Slide 18

Slide 18 text

Usability ●  Multiple services on the same on- prem installation. ●  Automatable. ●  Easy to install and run. ●  Have to monitor and detail client connections. ●  Easy to upgrade.

Slide 19

Slide 19 text

Usability ●  Multiple services on the same on- prem installation. ●  Automatable. ●  Easy to install and run. ●  Have to monitor and detail client connections. ●  Easy to upgrade. ●  Multi-tenant client ●  Client API ○  Manage tenants ○  Stop / Start / Register ●  Multi-tenant (per Org) server ●  Server API ○  Total registered users ○  API success / error count

Slide 20

Slide 20 text

Client + Server API $ curl localhost:8101/counts/requests ← server API {"count":432} $ curl localhost:8100/tenants ← client API { "success": true, "tenants": [ { "registered": true, "registeredId": "4001", ... } ] }

Slide 21

Slide 21 text

No content

Slide 22

Slide 22 text

No content

Slide 23

Slide 23 text

Security ●  Data must be secure at all stages of transit. ●  Each user must be isolated. ●  Registration / handshake process must be resistant to attacks.

Slide 24

Slide 24 text

Security ●  Data must be secure at all stages of transit. ●  Each user must be isolated. ●  Registration / handshake process must be resistant to attacks. ●  Use SSH w/ TLS to establish communication and API connection. ●  Keys for identity and SSH are generated on the client, and only public part shared with server. ●  HTTP(S) proxy with its own cert, backend verifies service cert.

Slide 25

Slide 25 text

Scalability / Stability ●  ~10k of open sockets. ●  ~1k requests / sec ●  Listen ports not immediately being reaped. ●  Network instability ●  Silently dropped connections.

Slide 26

Slide 26 text

Scalability / Stability ●  ~10k of open sockets. ●  ~1k requests / sec ●  Listen ports not immediately being reaped. ●  Network instability ●  Silently dropped connections. ●  Automatic retries. ●  Self-healing connection and process restart. ●  Runs as a service. ●  Periodic heartbeat / loopback call. ●  Port number shifting. ●  HA / Distributed server stack.

Slide 27

Slide 27 text

Conclusion: With a little work, it’s feasible to treat on-prem services like cloud services.

Slide 28

Slide 28 text

Future work (When the Going Gets Tough, the Tough Get Going)

Slide 29

Slide 29 text

Down the Road ●  Events and notification ○  Service / tunnel up/down ○  Request failure notification ●  Queueing (some) requests in the server ●  Improved HA and scalability of server

Slide 30

Slide 30 text

Conclusion: This section was only a single slide, so it doesn’t really need its own conclusion.

Slide 31

Slide 31 text

Q + A [email protected] https://developers.cloud-elements.com/ -> “API Toolkit” -> “Ground2Cloud” http://cloud-elements.com

Slide 32

Slide 32 text

(no, seriously, we’re done here)