2018_ifkakao_cloud_andrew_final - PDF 무료 다운로드

() 공용준 9. )( ( )

) K P I ADII EI A FIN 7 B C F ) CLIK IK I K G M KI ) DN M 5KI )DIN C 1IK, M L )A ) MC A 5KI LLIK IK CA G KI MCI F 0 IKG MCI )A CA M ) 1 E I IK FIN 5 KM 2 7 FEL 6 F F 2I F K PCMB IK B LMK MIK G K FIN L ( I LM E L EIK.NFF KINM L MPIKE PCMB FC N M 6, PCMBINM 6, I LM E IN K Supervise d, Korean edition Korean Edition. LM )A M CLIK ( M 7IE I IGGCMM EIK

- - - -

( ) ) ( Programmable Resource Management 2016 What is Resource? Programmable Resource Life Cycle Management 2017 What is Life Cycle? Programmable Service Management 2018 What is Service?

CMMI Model Capability Maturity Model Integration developed by CMU ITIL Service Delivery Strategy Service Support Strategy Service Security Strategy

) ) ( ( Maturity Targets Cross functional Cells & Teams Orchestrated Deployment Fully automatic acceptance tests Trend Reports kakao cloud

if (kakao): IaaS What is the purpose of doing IaaS? CMM0 CMM1 legacy output: ITF self service Dev resource output: krane (openstack cloud)

) ) ))( ) Inhouse Auth. keystone Authentication KRANE Service Topology IMS DNS AEZORO BareMetal TBD VM LB DB

if (kakao): KRANE(The Tech.) Data Center Level Scalable Network Neutron Floating IP 192.1.1.202 Compute node1 neutron-l3-agent Switch Namespace linux bridge IP:10.10.100.2/32 IPTable DNAT connected Veth pair empty empty Gateway 10.10.100.1 Host dest 10.10.100.2/32 to 10.10.100.1 Route dest 192.168.100.2 to 10.10.100.1 eth1 192.1.1.201 Compute Node Router Routing Table Default GW 192.168.1.1 eth1 Host Route dest 10.10.100.2/32 to 10.10.100.1 dest 192.168.100.2 to 10.10.100.1 connected eth0 eth1 10.10.100.2 deactivate VIP192.168.100.2 global name space LB vm neutron-dhcp-agent neutronlinuxbridge-agent dhclient vm agent LB vm

Cloud CMMI2-MaaS What is the sole purpose of doing MaaS? CMM0 CMM1 CMM2 legacy output: cloudtf self service Dev resource output: krane (openstack cloud) limited Prod resources output: kemi (MaaS)

) () ) IMS 서비스정보 KEMI Stats 메트릭데이터 ETL* 시계열 DB 전사 HBASE 메트릭정보수집 KRANE 일반시스템 KEMI Alert 로깅정보수집 임계치기반알림 키워드빈도기반알림 전사 Elastic Search 서비스 KEMI Log 로그데이터 ETL* 실시간 DB 장기 DB 전사하둡 Secure DB ETL: Extract Transform Loading

.(.( )

.(.( ) Lambda Architecture RealTime KEMI Log Tailer (CLI) App Log KEMI Log Aggregator KEMI DIKE Container Log every 5m every 5~15m Batch

if (kakao): MaaS (The Key.) Monitoring Abstraction curl -XPOST https://sauron/api/v2/query -d '{ "start": 1515917973043, "end": 1615917973043, "queries": [{ "metric": "-", "aggregator": "max", "downsample": "15m-max", "filters": [{ "filter": "data.load.avg_5m", "groupby": true, "tagk": "metric", "type": "literal_or" }, { "filter": "dkos-marathon", "groupby": true, "tagk": "host", "type": "literal_or" }] }]' Connection with IMS(CMDB) by Events SAURON API Retrieval Standardization RBAC API limiting

What is the sole purpose of doing CaaS(Container As A Service)? CMM0 CMM1 CMM2 CMM3 legacy self service Dev resource limited Prod resources Automated CloudUsage output: cloudtf output: krane (openstack cloud) output: kemi (MaaS) output: DKOS (CaaS)

) () ) 사내 LDAP keystone 사용자정보 KRANE 서비스정보 dns 정보 IMS 메트릭정보수집 설정정보 KEMI Stats 설정정보 메트릭데이터 ETL* 시계열DB 전사 HBASE AEZORO KEMI Alert 임계치기반알림 키워드빈도기반알림 물리머신 가상머신 데이터베이스 컨테이너 로드밸런서 public cloud 일반서비스 로깅정보수집 KEMI Log 로그데이터 ETL* 실시간 DB 장기 DB Secure DB 전사 Elastic Search 전사하둡 인증, 컴퓨팅 API 메트릭로깅 API Container Orchestration Container Scheduling Component Platform 메타케이지 DKOS D2Hub 사내 Github

.(.( ) Network Service Architecture: LB(L4)-LB(L7)-Container DKOS Worker DKOS LoadBalancer DKOS Worker 물리장비 LoadBalancer DKOS Worker DKOS LoadBalancer SSL Offloading L3DSR(Direct Server Return)

.(.( ) Autoscale KEMI Alert Setup DKOS Autoscale Group Setup

.(.( ) Autoscale Result

if (kakao): DKOS(The key.) DKOS is connected to everything 사내 LDAP keystone 사용자정보 KRANE 서비스정보 dns 정보 IMS 메트릭정보수집 설정정보 KEMI Stats 설정정보 메트릭데이터 ETL* 시계열 DB 전사 HBASE AEZORO KEMI Alert 임계치기반알림키워드빈도기반알림 물리머신 가상머신 컨테이너 인증, 컴퓨팅 API 데이터베이스 로드밸런서 컨테이너메트릭 컨테이너로깅 public cloud 일반서비스 로깅정보수집 KEMI Log 로그데이터 ETL* 실시간 DB 장기 DB Secure DB 전사 Elastic Search 전사하둡 컨테이너오케스트레이션 컨테이너스케줄링 DKOS 머신러닝플랫폼 알람, 오토스케일조건설정 D2Hub 메타케이지 사내 Github

if(kakao) Product & Service in Kakao Cloud Category Target Product Description Connected internal service Authentication Compute Project&Role based Authentication KEYSTONE 프로젝트 / 롤기반사용자인증및권한관리내부 LDAP 와연동 Virtual machine KRANE 가상머신제공가상볼륨, 가상머신기반 DB/LB 제공 Autoscale 기능준비중 Container DKOS 컨테이너 orchestrator(marathon) 제공. 컨테이너용 Loadbalancer 제공컨테이너기반 Machine learning framework 제공 (Spark, GPU) IMS, *AEZORO, *Meta-kage 연동 *Tenth 연동 KRANE, KEMI, AEZORO 와연동 Management Monitoring KEMI Stats 전사메트릭데이터 (cpu, memory, disk) & custom (application, component) 데이터수집및분석 Logging KEMI Log 전사로그데이터 (syslog, app, container) 로그수집 / 저장 / 분석 Alert KEMI Alert KEMI 데이터기반알람 ( 톡및 url 전송 ) *IMS 와연동 sauron 연계 IMS 와연동공용하둡, Hbase 연동 Developer tools Package Repository Container Registry / Builder repo.kakao.com OS 패키지, Python/Ruby 패키지제공 D2Hub 컨테이너용이미지제작및등록 Keystone 연동 DNS as a service AEZORO 가상머신 / 컨테이너기반 DNS 자동등록 / 삭제내부 DNS 연동 *AEZORO( 사내 DNS as a Service API) *IMS(Infra Management System) *Meta-kage(swift[ 오픈스택스토리지 API] 용 kage) *Ceph-Tenth: Ceph API 호환 Tenth

) ( ( IT Services Service Repo. Service topology Notification setup Declarative Scheduling Analytics Initial Setup Event / Alert Change Data Cloud API Platform Centralized Measuring API Abstract Resource API Automated Deploying API Automated Orchestration API DataCenter Contol/Data plane

What is cloud native? (by CNCF) Containerized Micro-service oriented Dynamically orchestrated

Little bit more specific Cloud Native Applications Characteristics Micro-services Health Reporting Telemetry Data Resiliency Declarative https://pivotal.io/cloud-native) First Ask Why we need all these? Dynamically Orchestrated Platform

if (kakao): Characteristics to Requirement C. N. Applications Characteristics Microservices Health Reporting Telemetry Data Resiliency Declarative Platform Requirement Isolation Resource Allocation /Scheduling Service Discovery Monitoring/Logging Metric Aggregation Debugging and Tracing

- - - What is the sole purpose of doing Cloud Native Platform? CMM0 CMM1 CMM2 CMM3 CMM4 legacy self service Dev resource limited Prod resources Automated CloudUsage Integrated Service Platform output: cloudtf output: krane (openstack cloud) output: kemi (MaaS) output: DKOS (CaaS) output: 9rum (C.N.P)

) (

(. ) ) Cloud Native Applications Characteristics Platform Requirement Isolation Microservices Health Reporting Telemetry Data Resiliency Resource Allocation and Scheduling Service Discovery Monitoring/Logging Metric Aggregation Declarative Debugging and Tracing

if (kakao): 9rum (The key) Integrated SSO. KRANE DKOS KEMI SSO IMS (CMDB) ERP Authorization QUOTA RBAC Keystone DB Project authentication Inhouse auth (Hello-MIS)

if ( kakao ) : some numbers 35 60 50 Virtual to Physical ratio (%) Container slave ratio over Cloud (%) Indexing Data (TB/Day) 80 0 Expense $MM/Yr (compared to public cloud, excluding traffic/storage) License Expense

. / / 2 (. ( / / /. ). ( / / )