More Related Content Similar to Cwin16 tls-a micro-service deployment - v1.0 (20) Cwin16 tls-a micro-service deployment - v1.01. REX on a Micro-Service deployment
Toulouse, September 27th, 2016,
S. MARSOLLE & F. CASSIN
That’s one small step for IT, one giant
leap for business agility
Give to your business the moon as in this REX of micro-
services solution used in the Airbus flight tests
department to rebuild a large and complex systems. This
medium size on-going project took some technical
decisions and finally managed to bring the Micro-
Services philosophy in a huge legacy IT system.
2. PRISM Micro-services REX
The “Airbus PRISM framework” is a REX of a real world agile framework built on
top of SOA and µService technologies to master redesign of complex systems
Summary
PRISM (Project to Redesign Instrumentation Solutions Management) is an Airbus project to overhaul a substantial
proportion of the flight test management system.
PRISM objectives target to use modern and innovative architecture principles like API management, DevOps, micro-
services, … to build a solid framework enabling high quality for developments, easy operation, high efficiency and an
incomparable agility to be adapted to present and future business requirements.
3. Copyright © 2016 Capgemini and Sogeti. All rights reserved. 3
Main drivers, why the MicroServices?
Existing Functional PRISM domain is supported by 1 main BIG and
centralized application (in an obsolete technology and design) plus
multiple satellites (in various technologies)
Catia V5
SABRE
CRIEV
CASTOR
PRISM = Tout ce qui est
FTI dans le périmètre EVI
SAP PGI CIRCE-C Technical SheetELMT
OPERA
FTA-NG
SHERPA-NG
Adage-XL (ou pas XL?)
MEDIA
SNOW
MIAM
eTLB
OASIS-FTI
L'avancement de la
définition des chaines de
mesure
Certaines activités
viennent de TLB.
A mettre dans PRISM ?
Base Des Essais (BDE)
CANIF
IDA KALLISTE
YODA
PPSIS
LGIS
? (Multiple apps)
CUB_LOM per specialist
Switch configuration files
EVICA, EVIDS, EVIDA, EVIAC
SABRE scans /bdexport/data/SABRE/INBOX to
detect new files, the user creating the
programming select the files he accepts.
ALEST
PLUME
???
Airplus ?
Albatros / Airplus ?
OASIS
SAP FAL !?
FTI DEFINITION
PROGRAMMATIONREPORTING
FURTHER
FTI Eqt Catalog
DESI
Bridge FT
WS Secured
PRISM ALL-IN-ONE
(tout mélangé)
OSCAR-PC
get ETL File
Consult fiches techniques
get Mnemonics (available in ICDs)
Get data esport
Get measurement chain to
compute mesure precision
Use (to get which
equipment S/N is on
which aircraft)
Use (to get additional activities to do)
get NCD file
Use (get ETL file for MR generation +
other informations for MR generation)
Use (to get FTI Programming)
Use
Use (to get ZMOD advancement)
get parameter list from id
Use (to store which FTI
Programmation has be used
for a flight)
Update parameter status
Get MEMS definition
get avancement status
Get program files for CUB
Information sur les essais (dates, ...)
GMAO envoi des données
Use (to get ZMOD id/definition)
get measure list and
summary of mesure
chain
Used to know parameters
Use (manual link to get ICDs)
Use
CUB log delivery
notification
update FTI definition
Get MEMS module
Get parameters
Use (for getting equipment
information)
Use (faire une réservation
magazin et la sortie)
Get ICD files for A320
Use (to get objects to export
to SHERPA-NG for FTI
programming) for CUB
Update parameter status +
get measurement chain
Get PMZ for approbation
Use (get equipment IP adresses)
4. Copyright © 2016 Capgemini and Sogeti. All rights reserved. 4
POC context & objectives
PRISM Framework provides
common middleware and/or infrastructure for all PRISM applications
and the associated architecture rules and design guidelines.
5. Copyright © 2016 Capgemini and Sogeti. All rights reserved. 5
Context : the PRISM framework enabling PRISM implementation
Project to
Redesign
Instrumentatio
n Solutions
Management
FTI
PROGRAMMING
VERIFICATION&
MAINTENANCE
FTI DEFINITION
LOGISTICS
DATA
TRACEABILITY
REPORTING
BUS
MANAGEMENT
AFDX
MANAGEMENT
PRISM Project
PRISM Framework
Reporting
Bus Management AFDX
Management
FTI Programming
Verification and
Maintainance
FTI DefinitionLogistics
Data Traceability
POC
POC must provide and
demonstrate basis for the
PRISM framework:
• Security
• HA & scalability
• COTS used and their possible
evolution
• Supervision and administration
• Packaging and deployment
Which technology
to last 15 years?
6. Copyright © 2016 Capgemini and Sogeti. All rights reserved. 6
Definitions – PRISM Framework POC scope
Business API
AFDXManagement
FTIProgramming
FTIDefinition
Verification&Maintainance
Logistic
DataTraceability
Reporting
BusManagement
Transversal
Workflow
Authentication
&
Authorization
Portal
Reporting
Technical API
Middleware
Infrastructure
Provided by
PRISM
applications
Red boxes are
functional areas
partially
prototyped
during the POC
7. Copyright © 2016 Capgemini and Sogeti. All rights reserved. 7
Why did not you buy directly a set of COTS ?
There are plenty of COTS managing Micro-Services and DevOPS
platforms:
API Gateway COTS:
Mule AnyPoint has been evaluated during the PRISM POC phase
DevOPS tools
Not yet fully standardized in Airbus
MicroService stack
Many initiatives on market, but no leading solutions : very long term support (15 years
at least) cannot be built with solutions not secured for the future. The “tool of the year”
is not an argument here.
Waiting for Enterprise tooling.
All is prepared to jump easily in incoming Airbus supported solutions for Containers,
DevOPS tools, Application performance management… It involves to limit some
ambitions and to compensate with custom developments while taking care on cost and
deadlines
8. Copyright © 2016 Capgemini and Sogeti. All rights reserved. 8
Internet
SOA
IIOP
Controversy – Does PRISM is really related to micro-service ?
Architecture
concept
Solution class
Design style
and standard
Time line
EDI
LevelofInteroperability
B2B
B2C /
WWW
Distributed
organizations
Enterprise
Information System
Distributed
application
Application
Service
Micro service
Solution class
D-OSGi
Gateway
SCA
EAI
SOAP
WS-*
ESB
REST Swagger
RAML
API
Gateway
HATEOA
S
Managed Component
Swagger
PRISM
9. Copyright © 2016 Capgemini and Sogeti. All rights reserved. 9
PRISM secured « bubble »
Admin Web
browser
PRISM framework services – UI restricted to administrators
Airbus
ApplicationsRP
SiteMinder
AFDX
management
BUS
management
REPORTINGDATA
traceability
FTI
definition
LOGISTICSVERIF &
maintenance
FTI
programming
SECU PROCESS ELK
PRISM
Public API
External
APIs
Registry
(CONSUL)
NGINX internal « API Gateway »
Load balancing
Deployment
manager
HTTP with the SM “REMOTE_UI” cookie & the JWT
cookie
HTTPS / intranet
HTTP-REST with
JWT
Admin agent / Tomcat
filter
URL mapping
Dynamic configuration
JWT injection
User Web
browser
Admin and
user end
points are
separated
(different web
site URL)
Log collection
PORTAL
UI
a way to deploy MicroService security in an existing security landscape
REST only
Case by case
REST only with JWT
10. Copyright © 2016 Capgemini and Sogeti. All rights reserved. 11
PRISM integration with legacy resources
Each resource is adapted by a connector
At the beginning of the project, connectors will be developed in Java and hosted in a
Tomcat instance dedicated to build this gateway (to be refined during ARD definition)
PRISM secured
zone
REST only External resource APIs
REST / HTTP /
JWT
SABRE
DB
Filer A
Filer B
Filer C
SMTP
App E
App F
REST
API
REST
API
REST
API
REST
API
App F
adapter
App E
adapter
Filer adapter
DB adapter
Case by case protocol
SMTP
SMTP
adapter
11. Copyright © 2016 Capgemini and Sogeti. All rights reserved. 12
PRISM Framework technology stack
RHEL Linux
Docker like solution
JVM
Operating system
Containerization
Runtime
Middleware
Service execution container
Tomcat
Native
Nginx
CON
SUL
PRISM Framework
(Java for now) ELK
(tech,
transac,
func)
Monitoring
& Audit
Airbus
Ops
tooling
Security
JWT
Airbus
SSO
(Siteminder)
Airbus
Network /
Hardening
VMWare Hypervisor
Application (µ)Services
12. Copyright © 2016 Capgemini and Sogeti. All rights reserved. 13
PRISM Bubble Framework POC Services implementing the RESTful
NGINX : Acts as the KEY proxy / a “low level” API gateway for web services deployed
inside the bubble.
CONSUL and CONSUL Template : this is the service registry managing for each
service its version and its state (alive, broken, stopped, …). CONSUL stores bubble
shared parameters, services tags and inter-service version constraints.
ELK and Beats are used to collect in a single place (Elasticsearch) logs and traces in
a asynchronous near real time way. LogStach is used to grab data from logs
SECU bespoke service provides REST API to generate or renew a JWT token. It
manage a persistent store (Open LDAP is pre-empted) for fine grained authorisations.
OpenLDAP as a domain security repository where you can manage PRISM
authorisations.
Activiti to support business workflows of bespoke development and orchestrated
services (sync/async, scheduled)
Nexus to store all artefacts (i.e. the binaries and other resources) that are deployed in
a PRISM environment and Subversion to store environment parameters. This way
you can redeploy any versioned service at any time
13. Copyright © 2016 Capgemini and Sogeti. All rights reserved. 14
Typical figures. A few MacroServices or plenty of µServices ?
At beginning of projects we planned to have 20 (macro) services
…but now we reach 40 “µ” services because of code-reorganization
and maybe 60 µServices at the end of project.
the main objective is to gain flexibility in “deploy-to-production” process.
1 external call, a click in Web client or a call from external application to
public PRISM API, usually drives 5 internal services calls.
Half of services have a database persistency.
All services use transverse framework services like the configuration
manager or the logger.
14. Copyright © 2016 Capgemini and Sogeti. All rights reserved. 15
An example of Micro-Service philosophy influence on design
Before starting development : 1 application delivers in 1 WAR
1 monolithic console application that fully manage deployment process
Currently (mid of dev) : 2 applications delivered in 2 WARs
1 Framework manager (Deployment management)
1 Console GUI
At the end of 2017
3 specialized Framework managers:
• Deployment management
• Monitoring
• start/stop of components
Several transverse services
• BPM/Workflows manager
• Artefact repository (Nexus)
1 Console GUI aggregating information from framework managers.
15. Copyright © 2016 Capgemini and Sogeti. All rights reserved. 16
What’s about performances?
Considering
a service call from any Nginx client has a ping latency average of maximum 8 ms.
You have a maximum of 5 cascading calls
Any call is externally cacheable at runtime
Service infrastructure has no scalability limit and scalable at runtime,
You have a versatile performance monitoring, so you can find the bottleneck when you have
performance issue (or even automate alerts).
Then you have all levers obtain good performances in PRISM project context.
In case of transversal data request need just think about “big data” solution.
One of the service could a search engine working as PRISM framework service.
In case of huge real-time event flow need, you can complete the architecture
with a queuing system that would have the role as Nginx for asynchronous
calls.
16. Copyright © 2016 Capgemini and Sogeti. All rights reserved. 17
REX at mid-project
INTERNALANALYSIS
• Cost to install products due to
incomplete DevOps tooling (no
automation for infrastructure
deployment)
• It works
• Not so expensive to develop framework
components
• Lightweight software layer
• Framework allow any Java implementation
(Spring, JEE…) and is opened to any
technology (like dotNet, NodeJS)
• Tomcats architecture not proven (number,
size per execution node, topology)
• Lack of Public API policy
• Service granularity is designed at code time.
• Many Framework components are managed
like business components (re-use of
deployment process).
• New external REST service on legacy system
are managed as internal services.
• Docker (container virtualization) introduced
for automated integration tests.
• The Framework is fully re-usable by another
Airbus project
EXTERNALANALYSIS
STRENGTHS
WEAKNESSES
OPPORTUNITIES
SWOT
S O
W T
THREATS
17. Copyright © 2016 Capgemini and Sogeti. All rights reserved. 18
Contact information
Sébastien
MARSOLLE
Managing Enterprise Architect
sebastien.marsolle@capgemini.com
Frédéric
CASSIN
Managing Enterprise Architect
frederic.cassin@capgemini.com
18. www.capgemini.com
The information contained in this presentation is proprietary.
Copyright © 2016 Capgemini and Sogeti. All rights reserved.
Rightshore® is a trademark belonging to Capgemini.
www.sogeti.com
About Capgemini and Sogeti
With more than 180,000 people in over 40 countries, Capgemini is a
global leader in consulting, technology and outsourcing services. The
Group reported 2015 global revenues of EUR 11.9 billion. Together
with its clients, Capgemini creates and delivers business, technology
and digital solutions that fit their needs, enabling them to achieve
innovation and competitiveness. A deeply multicultural organization,
Capgemini has developed its own way of working, the Collaborative
Business Experience™, and draws on Rightshore®, its worldwide
delivery model.
Sogeti is a leading provider of technology and software testing,
specializing in Application, Infrastructure and Engineering
Services. Sogeti offers cutting-edge solutions around Testing,
Business Intelligence & Analytics, Mobile, Cloud and Cyber
Security. Sogeti brings together more than 23,000 professionals in
15 countries and has a strong local presence in over 100 locations
in Europe, USA and India. Sogeti is a wholly-owned subsidiary of
Cap Gemini S.A., listed on the Paris Stock Exchange.