9. 01.
OPERATING SYSTEMS
02.
DATABASES, MESSAGE BROKERS, etc…
03.
PROGRAMMING LANGUAGES
04.
DEVELOPMENT FRAMEWORKS
05.
THE PLATFORM ITSELF
Vulnerabilities & Resolutions
Coordinated Releases
Average of 2X a Month
Today we are going to talk about Cloud Foundry, but in particular about the intersection of maturity and innovation.
This is a story of an open source ecosystem with a singular focus on building a complete platform, while constantly innovating and collaborating with other ecosystems as they innovate.
Cloud Foundry, at it’s heart, is all about helping you get things done faster and easier
The command establishes a promise
That promise is always best summed up in our Haiku…
What does it mean to be “enterprise ready”?
For users, it can be easy to think about securing communication to and from the platform as the key to securing the system. While this is critical for users, the internals of the system are just as important.
What matters more is what’s happening inside.
The platform itself.
But also the user’s apps. How do they communicate with each other? How can we make it easier?
90% of the way there
4 pillars
Controlled by policy
Accessed by ops, infra and apps
Imagine you are building your own system from parts… think about all the potential components and sources of vulnerabilities.
The value of Cloud Foundry is that it’s a complete platform,
That completeness has an important security implication.
Feb 2017 cloud.gov has received a FedRAMP authorization
comprehensive security and compliance assessment performed by a board of the CIOs and their teams from the General Services Administration, the Department of Defense, and the Department of Homeland Security.
cloud.gov is the first completely open source service to receive FedRAMP authorization.
Just to zoom in to one component of the platform
In just one example release, back in Feb
3X throughput at 5ms latency: 1K req/s to +3K req/s
Every release automatically tests and reports to the world
This is a fun picture for me… but more so for the community that worked so hard to ensure that we had a smooth transition. They had this fun countdown timer, just waiting to pull the lever.
To explain: the ecosystem has completed a massive transition of the underlying architecture of CF
Our older DEA architecture officially in the attic now
That the transition was effective, and that an open source community offered over 12 months of transition time, is a true indication of the maturity of this community.
In 2015, we had the goal of making applications and skills portable across distributions.
We started with getting consistence for the downstream distros
2017 platform cert now: Diego only and release is 6 months
OSBAPI – service portability
--- OSBAPI release
Dev Cert – skill portability
Platform certification let’s us build a common multi-vendor training experience
Summit training partners
Stark and Wayne
EngineerBetter and Resilient Scale
Item Writers, Biarca, SwissCom, and LF
Hardened at the core… stable platform that evolves rationally and carefully
Lots of extension points for experimentation
Interaction with other open source communities
Commercial software integrations
Over the last few years, we have had plenty of news around Cloud Foundry’s runtime layer working with Dot Net.
This year, the runtime officially added dot net core as a linux-based buildpack to the upstream core buildpacks.
{CLICK} But also this year, managing Windows hosts with the power of BOSH became a reality.
Let’s go back…
There’s a gap… the local feedback loop
Share cflocal
Stephen Levine – Buildpacks PM
Uses Docker locally
Allows you to stage and run locally, service bindings
Push and pull from full CF
Also supporting the experimentations in completely different deployment models, unikernels.
Project Unik, created at Dell EMC, has been proposed to enter the CFF.
Bosh is 5 years old
Long journey, lots of changes. Esp the features colloquially known as “BOSH 2.0”
Today, BOSH is doing so much more than just deploying the runtime
You heard abby talk about Kubo
BOSH is the most important embodiment of the CF multi-cloud story
We have continued to add new Cloud Provider Interfaces
Most importantly, they are being created and maintained by the providers themselves
More than just CPIs
Identity Providers
OSBAPI