Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Build Cloud Apps
1. App Engine for Business
Patrick Chanezon
Developer Advocate
#devfestau Sydney
chanezon@google.com
http://twitter.com/chanezon June 29 2010
2
Wednesday, June 30, 2010
2. The benefits of Cloud Computing
Economics
Pay for only what you use
TCO
OPEX vs CAPEX
Operations
Day to day: no maintenance
Fighting fires: no Pagers
Elasticity
Focus on your Business
2
Wednesday, June 30, 2010
3. Build and Buy all your enterprise cloud apps...
Buy from others Buy from Google Build your own
Google Apps Google Apps Google App Engine
Marketplace for Business for Business
Google Apps Platform
Enterprise Firewall
3
Enterprise Data Authentication Enterprise Services User Management
Wednesday, June 30, 2010
4. Customers want more Apps
Business
in the cloud
Google
Apps
4
Wednesday, June 30, 2010
5. Leveraging Google's Leadership in
Cloud Computing
• Massive data center operations
• Purpose built hardware
• Multi tenant software platform at Internet scale
5
Wednesday, June 30, 2010
6. By the numbers
250,000+
Developers
100,000+ Apps
0.5B+ daily
Pageviews
6
Wednesday, June 30, 2010
9. Chillingo Crystal
9
Gaming meets Social
Zombie Dash Angry Birds LITE Underground Meltdown Cogs
Mission Deep Sea Speed Forge Guerilla Bob Ravensword: Angry Birds
Extreme The Fallen King
Wednesday, June 30, 2010
15. Build your Enterprise Apps on Google
• Easy to Build - Java standards
• Easy to Deploy - push-button deployment
• Easy to Scale - from small apps to millions of users
14
Wednesday, June 30, 2010
16. Google App Engine for Business
• Centralized administration - controls
• Reliability and support - SLA, Premium support
• Secure by default - only your users
• Pricing that makes sense - pay only for what you use
• Enterprise features - hosted SQL, SSL on your domain
15
Wednesday, June 30, 2010
17. Understanding the Cloud Computing
Landscape
SaaS
PaaS
IaaS
16
Source: Gartner AADI Summit Dec 2009
Wednesday, June 30, 2010
18. Google's Cloud Offerings
1. Our Apps
2. 3rd party Apps:
Google Apps Marketplace
SaaS 3. ________
PaaS Google App Engine
Google Storage for Devs
IaaS Machine Learning
BigQuery
17
Wednesday, June 30, 2010
19. Google's Cloud Offerings
Your Apps
1. Our Apps
2. 3rd party Apps:
Google Apps Marketplace
SaaS 3. ________
PaaS Google App Engine
Google Storage for Devs
IaaS Machine Learning
BigQuery
17
Wednesday, June 30, 2010
21. Domain Console
Like the regular admin console
Designed to manage enterprises with a portfolio of apps
• Keep track of all apps in a domain
• Access Control: view apps, deploy
• Global Settings: apply to all apps in the domain
• Billing rolling up to single account
• DNS configuration done only once: *.ext.example.com
• All apps by default for logged in users from domain
19
Wednesday, June 30, 2010
22. Google Apps Integration
• SSO/SSO delegation
• APIs for most Google Apps for integration
20
Wednesday, June 30, 2010
26. Using Secure Data Connector
Installation
- Determine access rules
- Configure and install SDC
23
Wednesday, June 30, 2010
27. Using Secure Data Connector
Installation
- Determine access rules
- Configure and install SDC
Getting ready to serve
- SDC opens SSL tunnel
23
Wednesday, June 30, 2010
28. Using Secure Data Connector
Installation
- Determine access rules
- Configure and install SDC
Getting ready to serve
- SDC opens SSL tunnel
Serving
- User request sent to App Engine
- User authenticated
- App makes request through tunnel
- SDC performs access checks
- Results returned
23
Wednesday, June 30, 2010
29. App Engine for Business Pricing
Intranet apps:
Each app costs $8 / active user / month
Capped at $1,000 / month (i.e. users above 125 are free)
Apps are auth-restricted to domain users
Development is free
Overage charges on Background Analysis/Storage
Non intranet apps (external/public/ISV apps):
Pricing TBD
Postpaid (i.e. billed at the end of month)
24
Wednesday, June 30, 2010
30. App Engine for Business Support and
SLA
Paid Support
Email based
1000$/month
1h response time on operational issues
8h on development issues
SLA
99.9% uptime
Service credits from 10% to 100% refund of monthly bill
25
Wednesday, June 30, 2010
31. Google Developer Qualification
Chrome Gadgets Search App Engine JS Maps API KML 3D
Extensions
26
Wednesday, June 30, 2010
32. Distributed Cloud Computing
Reliability and scalability memes
A “meme” is a term coined by Richard Dawkins,
referring to a unit of cultural information
transferable from one mind to another.
27
Wednesday, June 30, 2010
33. Know your Distributed Memes
Distribute it. Tolerate it. Tune it. Scale it!
28
Wednesday, June 30, 2010
34. Know your Distributed Memes
Distribute it. Tolerate it. Tune it. Scale it!
Distribute it
• Divide & conquer; parallelize work
• Sharding
• Amortize work / pre-compute values
28
Wednesday, June 30, 2010
35. Know your Distributed Memes
Distribute it. Tolerate it. Tune it. Scale it!
Distribute it
• Divide & conquer; parallelize work
• Sharding
• Amortize work / pre-compute values
Tolerate it
• Tolerate, expect and plan for small failures
• Idempotency, idempotency
28
Wednesday, June 30, 2010
36. Know your Distributed Memes
Distribute it. Tolerate it. Tune it. Scale it!
Distribute it
• Divide & conquer; parallelize work
• Sharding
• Amortize work / pre-compute values
Tolerate it
• Tolerate, expect and plan for small failures
• Idempotency, idempotency
Tune it
• Memcache
• Denormalization isn’t a bad word
28
Wednesday, June 30, 2010
37. Know your Distributed Memes
Distribute it. Tolerate it. Tune it. Scale it!
Distribute it
• Divide & conquer; parallelize work
• Sharding
• Amortize work / pre-compute values
Tolerate it
• Tolerate, expect and plan for small failures
• Idempotency, idempotency
Tune it
• Memcache
• Denormalization isn’t a bad word
Scale it
• Statelessness; retries
• Just scale it up
28
Wednesday, June 30, 2010
38. How not to succeed…
29
Wednesday, June 30, 2010
39. How not to succeed…
Begin
29
Wednesday, June 30, 2010
40. How not to succeed…
Begin Plan Party
29
Wednesday, June 30, 2010
41. How not to succeed…
Begin Send
Plan Party
Invitations
29
Wednesday, June 30, 2010
42. How not to succeed…
Begin Send
Plan Party
Invitations
Can
EVERYONE
Come?
29
Wednesday, June 30, 2010
43. How not to succeed…
Begin Send
Plan Party
Invitations
Can
True
EVERYONE Have party
Come?
End
29
Wednesday, June 30, 2010
44. How not to succeed…
Begin Send
Plan Party
Invitations
Can
True
Just one EVERYONE Have party
person says Come?
“No”
False End
29
Wednesday, June 30, 2010
45. How not to succeed…
Begin Send
Plan Party
Invitations
Can
True
Just one EVERYONE Have party
person says Come?
“No”
False End
Cancel party End
29
Wednesday, June 30, 2010
46. Rocket science
“Monolithic Computing” era
30
Wednesday, June 30, 2010
47. Rocket science
“Monolithic Computing” era
Hot spare
“Just in case”
30
Wednesday, June 30, 2010
48. Distributed Meme:
Tolerate, expect and design for failure
MTFB: O(Years)
31
Wednesday, June 30, 2010
49. Distributed Meme:
Tolerate, expect and design for failure
MTFB: O(Years)
31
Wednesday, June 30, 2010
50. Distributed Meme:
Tolerate, expect and design for failure
MTFB: O(Years)
MTFB: O(Months)
31
Wednesday, June 30, 2010
51. Distributed Meme:
Tolerate, expect and design for failure
MTFB: O(Years)
MTFB: O(Months)
31
Wednesday, June 30, 2010
52. Distributed Meme:
Tolerate, expect and design for failure
MTFB: O(Years)
MTFB: O(Months)
MTFB: O(Minutes/Seconds)
31
Wednesday, June 30, 2010
79. Distributed web hosting platform
Great for enterprise web apps
•Request based, data backed
Parallel processing
Scales automatically
Available globally
Configuration free
Built-in DoS protections
37
Wednesday, June 30, 2010
80. Distributed datastore
Arbitrary horizontal scaling
Parallel processing
Scales to 'Internet scale'
Predictable query performance
•Independent of number of entities
No deadlocks
No global schema
38
Wednesday, June 30, 2010
81. Distributed Meme: Divide & Conquer
Specialized services
Memcache Datastore URL Fetch
Mail XMPP Task Queue
Images Blobstore User Service
39
Wednesday, June 30, 2010
83. Two years in review
Apr 2008 Python launch
May 2008 Memcache, Images API
Jul 2008 Logs export
Aug 2008 Batch write/delete
Oct 2008 HTTPS support
Dec 2008 Status dashboard, quota details
Feb 2009 Billing, larger files
Apr 2009 Java launch, DB import, cron support, SDC
May 2009 Key-only queries
Jun 2009 Task queues
Aug 2009 Kindless queries
Sep 2009 XMPP
Oct 2009 Incoming email
Dec 2009 Blobstore
Feb 2010 Datastore cursors, Appstats
Mar 2010 Read policies, IPv6
May 2010 App Engine for Business
41
Wednesday, June 30, 2010
85. App Engine
Roadmap
Improved monitoring/alerting
Background servers
SSL for your domain
Control datastore availability vs. latency trade-offs
Datastore dump and restore facility
Mapping operations across datasets
Raise request/response size limits for some APIs
Reserved instances
Built-in support for OAuth & OpenID
Channel API 43
Wednesday, June 30, 2010
86. Acknowledgement
Thanks to many member of the App Engine team for
their slides, especially Fred Sauer and Chris Schalk
44
Wednesday, June 30, 2010
87. Thank you
Read more
http://code.google.com/appengine/
Contact info
Patrick Chanezon
Developer Advocate
chanezon@google.com
http://twitter.com/chanezon
Questions
?
45
Wednesday, June 30, 2010