This describes a story about a couple of teams that started their migration to the public cloud so the platform becomes available for ~300 teams. War stories, their journey, bloopers and their choices all shared.

1. WelcomeClick to edit Master subtitle style
Migrating a Java platform to the
cloud
With Java- SpringBoot and PCF

2. @rbraam6/20/2019
Roy Braam

3. Context
@Rabobank

5. On-prem environment
Linux box
Portal Framework
Shared libraries (API's)
AppApp
App
App App
App
AppPlugins App
IBM Websphere Application Server
/*

6. 2008 - 2019
2 mln
Logins / day
3000
Req. / second
150+
Teams
400+
Applications
Very stable and controlled environment.
Why do we need to move to a new one?

7. Move on
Ageing technology
Scalability limits
DevOps teams
Time to market

8. IBM Websphere Application Server
Linux box
Edge Service
AppApp
App
App App
App
App App
User
Profile
Page Render
User
Preference
State
Store
VCM
Gateway
/* Portal Framework
Plugins
Shared libraries (API's)

9. Edge Service
User
Profile
App
App
App
AppApp
Page Render
App
App
/*
User
Preference
State
Store
VCM
Gateway

10. Simplicity
MyApp
Azure public cloud
Pivotal Cloud Foundry
Container Container
MyAppMyApp
Routingcf push myApp
cf scale myApp -i 2

11. Provide migration paths
Reduce time to marketKeeping the shop open
Similar functionalities
'Secondary objectives'
DevOps in control

12. PCF
Pivotal Cloud Foundry

13. PCF & RaboBank
Public cloud
Preferred solution for application workloads
No containerization by teams
Promise simplicity
Teams build, platform runs it
Independent teams
Large scale (~300 teams)
Maintainable (3-6 operators)

14. CF Application Runtime
Cloud Foundry Application Runtime User Interfaces
Router
Cloud Controller
Diegocell Diegocell
Garden Garden
cf CLI
GUI Application Manager
cf push myApp
cf scale myApp -i 2
$
$

15. What can go wrong !?

16. Cultural change
and change is hard...

18. With freedom comes responsibility.
Freedom makes a huge requirement of every
human being.
For the person who is unwilling to grow up,
the person who does not want to carry his
own weight, this is a frightening prospect.
Eleanor Roosevelt

19. With freedom comes responsibility.
Freedom makes a huge requirement of every
DevOps team.
For the team who is unwilling to grow up, the
team who does not want to carry its own
weight, this is a frightening prospect.

21. Some of our favourite experiences/quotes

22. “We need certificates to connect to these on-
premises services, can you please send your
certificates to us?“

23. “In my (stateless) microservice I want to store
a file on the running instance, how can I
access it and serve it to a customer in the next
request?”

24. “So, every team can deploy their own service
to production. Why do we want that, it sounds
very insecure!
Why do we want this microservice /
independent team thing again?”

25. “I'm told that in a Microservice environment I
should spin up an instance per
thread/request. How can I configure the
autoscaler to do that”

26. Help
Cloud/PCF seminars
Microservice Guild
Weekly 'Walk-in cloud'
Enablement teams
Tooling for automation
Confluence Questions
Chat rooms for Q&A
Documentation (opinionated)

27. EdgeService strategy
Living on the Edge

28. Edge Service?
EdgeService
Domain X
Domain Y
Domain Z
Microservice-D
Microservice-E
Microservice-A
Microservice-C
Microservice-B
<headers>
<headers>
<headers>
<headers>
<headers>

29. domain : banking
context : /api/balance
userType : customer
authLevel: 2-factor
service : balance
Balance
service
User registry
Edge
service
URL
registry
banking.rabobank.com
/api/balance
authenticate
dispatch
balance.pcf-apps.rabobank.nl
/refresh
Edge Service

30. Edge Service
URL
registry
Config
Server
Edge
service
Edge
service
Edge
service
Team
URL
Design
Authority
Edge
service

31. User Authorization URL Governance Red Button Hiding endpoints
CSRF Protection Circuit Breaking Cache headers
Edge Service
A/B Routing

32. Single point of failure?

33. Actually, we don't...
Edge
ServiceEdge
ServiceEdge
ServiceEdge
Service
Edge
ServiceEdge
ServiceEdge
ServiceEdge
Service
API Service calls
Client Logging

34. Developers are human

35. Prevent URL

36. Protect from overload

37. Edge Service implementation

38. First implementation
2017 - 2018
Zuul 1
Spring Boot 1.5.x (MVC)
Spring Cloud Zuul
Hystrix
Config Server
Micrometer

39. Second implementation
2019 - now
Spring Boot 2.x (WebFlux)
Spring Cloud Gateway
Hystrix (and others)
Config Server
Micrometer

40. Why refactoring within a year
Scale in requests
Number of routes
Memory of hystrix circuits
Thread pools (thread per request)
Performance
Zuul 1 in maintenance mode

41. Why Spring Cloud Gateway
+ Zuul 2 not yet open sourced
+ Spring Core Team: SCG the next thing
+ Good integration with PCF
- Not (yet) proven technology

43. Own routing 'domain'
- id: "distribution-agreement"
type: "SERVICE"
routes:
- target-host: "distribution-agreement"
external-hosts:
- "bankieren"
- "api"
- target-host: "distribution-agreement-verificatie"
external-hosts:
- "bankieren-verificatie"
path-patterns:
- external: "/customer/distribution-agreement"
internal: "/"
allowed-methods:
- "GET"
allowed-users:
- type: "CUSTOMER"
level: 2

44. Lessons learned
Be patient with new solutions
Reactive is more resilient
Reactive is as easy as.... Reactive
Test, test and test
Monitor
Canary release
Share your story
Accept doing things twice

45. Automation
Infra as code

46. CF in Azure
On-premise
PCF-productionTeam
VM
Concourse
GIT
team-space
JIRA
Infrastructure as code
PR

47. CI/CD
Deliver! Deliver! Deliver!

48. Edge Service
User Profile
Customer name
ROCS pipeline library
Jenkins pipeline as code

49. ROCS pipeline library - Example

50. ROCS pipeline library - Example

51. https://martinfowler.com/bliki/BlueGreenDeployment.html - March 2010
Blue APP
Green APP
Blue APP
Green APP
CF prod in Azure
Blue green deployment - zero downtime

52. Automates
Build
Deployments of apps
Creation of services
SM9 (auditing)
Blue-Green
Smoke tests
Notifications to different channels
Four eyes principle

54. Testing strategies
How to test a microservice?

55. #0
#0
#1
master
develop
feature x #2 #3 #4
#6
#7
#5
PR
PR
Testing strategies - our git flow

56. feature x Config
Server
Redis Stub Service A Stub Service B
Edge
service
Testing strategies - feature branch

57. develop
Config
Server
Redis Stub Service A Stub Service B
Edge
service
Testing strategies - develop branch

58. master
Stub Service A Stub Service B
Edge
service
Testing strategies - master branch
Customer
name
Edge
service

59. CF in AzureCF in Azure
Active - Active
Extreme testing - Chaos Harry

60. Bloopers
Learning the hard way

61. 05-05-2017 10:09

62. Platform update - VM
Cloud Foundry Application Runtime
Router
Cloud Controller
Diegocell Diegocell
Garden Garden
Diegocell
Garden
Diegocell
Garden

63. Cloud Foundry Application Runtime
Platform update - Instance
Router
Cloud Controller
Diegocell
Garden
Diegocell
Garden
Diegocell
Garden

64. Edge Service Config
Cloud Foundry Application Runtime
Router
Cloud Controller
Diegocell Diegocell
Garden Garden
Cloud Foundry Services
On-premises
Config Server
GIT

66. Actions
Platform health check
Packaged fallback config
Always expect a restart
Be resillience
Also set low request thresholds

69. Lessons learned

70. Lessons learned
Microservice is hard, easy and fast
Independent
Own your service
Release early, deploy often
Automate everything
Learning on the job
Fun
Get help
Culture change
Be resilient

71. Next challenges
What is next

72. Next...
Page rendering
A/B Testing
Canary releases
Service-mesh with Istio