Altisource PaaS for Verizon Terremark Cloud

Altisource SaaS applications

Microservices (Foundation)

Cloud IaaS Provider - Verizon, AWS

Document Management, Analytics, Marketplace...

Identity Management, Authorization, Rules Management, Search and Audit, Workflow

Compute, Storage, Public IPs, Perimeter and internal firewall...

We needed a PaaS because...

Every app or service needs at least the following

  • Security
  • Deployment Automation
  • HA across availability zones
  • Performance management and Scalability

Security

The number one reason why apps are choosing a private cloud is security. We are addressing this at various levels in the PaaS

Central privileged account management for ssh, vpn and database users

Data-at-rest encryption for all our data stores - MySQL, MongoDB, OpenDJ, Elasticsearch with central key management

Central log management for syslog, platform logs and application logs to provide complete auditability

Intrusion Prevention / Detection

IP White / Blacklisting

Deployment Automation

Applications and Microservices need the ability to deploy to the cloud seamlessly from developer desktop through QA and UAT environments to production

Developer

DevOps

Operations

Vagrant plugin for Verizon

Application Deployment Portal

App Blueprint specifying auto-scale groups and connectivity

Each auto-scale group defines the template VM or Docker container

  • Catalog
  • Environment and Network details
  • Storage requirements (LVM based)
  • Infinicenter Layout and Tag info
  • Hostname, Static IP, NTP, IPA - base config
  • Chef runlist

Artifact Repository

Docker repository

Chef Server

Terremark API

Deployment Validation Framework

Blueprint

HA across availability zones

All persistence platforms with geographically distributed clustering and Global Traffic Manager for failover and failback

Persistence data platforms - MySQL, MongoDB, Redis, OpenDJ, Elasticsearch

Geographically distributed clusters - multiple availability zones

Backup and Recovery of data in replicated NFS stores

Data and logs encrypted at rest

DB user credentials centrally managed

.

.

.

.

Per application deployment

.

.

.

.

.

.

.

.

.

.

.

.

DB as a service - multi-tenant and massively scaled

Two deployment options:

Performance Management and Scalability

...including things like monitoring, auto-scale, central log management, dashboards
  1. Monitoring platform has auto-scale conditions set on some predicate based on resource, platform or application metric
  2. Monitoring platform detects threshold and signals Application Deployment Platform to deploy additional capacity
  3. New VM / Container is provisioned using Terremark API and Chef
  4. New VM registers itself to Service Registry
  5. Load balancer is constantly watching Service registry for any changes. When it sees a new node, it reconfigures itself

Altisource Autoscalability Framework (Tanto)

Central Log Management

Syslog

Platform / Runtime Logs

Application logs encrypted by tenant

  • Alerts
  • Analytics
  • Audit
  • Trends

Firewall Logs

Log agents available for following runtimes:

- Apache                                              - MySQL

- Tomcat                                              - MongoDB

- Shibboleth                                        - Open DJ

- RabbitMQ                                         - Elasticsearch

Altisource PaaS for Verizon Terremark Cloud

By Kingshuk Dasgupta

Made with Slides.com

Altisource PaaS for Verizon Terremark Cloud

  • 888

More from Kingshuk Dasgupta