Upload
wooda
View
2.231
Download
1
Embed Size (px)
DESCRIPTION
This technical presentation will cover many aspects of what one might encounter when a plone site is to be deployed in a highly demanding environment. And for what it's worth, these are not only theoretical examples, but they have also been proven to work in real life. The following items will be presented: * High Availability architecture * Clustering with ZEO * Synchronizing Data.fs * Load Balancing * Sticky Sessions * Caching * Single Sign-On
Citation preview
Enterprise Plone:(Rather) Complex Infrastructures
October 11, 2007, Plone Conference, Napoli
Duco Dokter
1
Contents
• Existential affairs;
• High Availability;
• More existentialism;
• Single Sign-On;
• Load-balancing;
• Caching... GOTO [other talks].
Duco Dokter, Goldmund, Wyldebeast & Wunderliebe, 11 october 2007 2
A not so complex setup
Duco Dokter, Goldmund, Wyldebeast & Wunderliebe, 11 october 2007 3
You wanted it more fancy?
Duco Dokter, Goldmund, Wyldebeast & Wunderliebe, 11 october 2007 4
The enterprise market
• Usually highly demanding in terms of availability;
• not necessarily because they actually need it though...;
• mission critical applications;
• complex existing infrastructure;
• lots of (web)services, legacy.
Duco Dokter, Goldmund, Wyldebeast & Wunderliebe, 11 october 2007 5
What is High Availability?
The myth of the (five) nine’s (99.999)
Your system is delivering its service to the user 99.999% of the time it isneeded. (Myth: so the downtime of your actual ‘service’ is negligable...)
Does anyone know how much time that leaves for breakdowns?
Duco Dokter, Goldmund, Wyldebeast & Wunderliebe, 11 october 2007 6
About this much
uptime downtime/yr downtime/mnth downtime/wk99.99% 52.6 min 4.32 min 1.01 min99.999% 5.26 min 25.9 sec 6.05 sec
So one broken disk in your data center:
• that takes 5 minutes to replace: 1 year used;
• sadly the data center is ten minutes away by bike: three years worth;
• and you have no spare disk and need to go to the shop first: 12 years gone;
• ... but the shop needs to order that at Fujitsu...
Duco Dokter, Goldmund, Wyldebeast & Wunderliebe, 11 october 2007 7
How?
• assert risk for components, both hardware and software;
• remove ’single-point-of-failure’ spots, id;
• calculate possibility of system failure;
• avoid complexity!
Duco Dokter, Goldmund, Wyldebeast & Wunderliebe, 11 october 2007 8
HA Cluster setup
• throw in more machines;
• throw in more Zope instances (servers);
• use heartbeat;
floating IP, and other services can be transported across nodes connect overtwo interfaces: i.e. serial and ethernet
Syncing: drbd, syncpozo, zeoraid, fs solutions
Duco Dokter, Goldmund, Wyldebeast & Wunderliebe, 11 october 2007 9
New setup, as HA cluster
Do we still have a problem? Yep: no global redundancy
Duco Dokter, Goldmund, Wyldebeast & Wunderliebe, 11 october 2007 10
Why leave your slave whithering away? Adding LB andZEO.
Duco Dokter, Goldmund, Wyldebeast & Wunderliebe, 11 october 2007 11
And what about caching?
Are we happy yet?
Duco Dokter, Goldmund, Wyldebeast & Wunderliebe, 11 october 2007 12
Single Sign-On
Single Sign-On is:
• authentication process where a user presents credentials once and getsauthenticated for more than one application;
• a ‘meta’ session is created.
Web SSO: the same story, but only for web applications
Duco Dokter, Goldmund, Wyldebeast & Wunderliebe, 11 october 2007 13
Why Single Sign-On?
• user experience;
• less user separate user accounts;
• focal point in security administration.
Duco Dokter, Goldmund, Wyldebeast & Wunderliebe, 11 october 2007 14
How?
• One trusted source;
• a trust relationship between the source and ‘clients’;
• a trusted & clear protocol for authentication.
Duco Dokter, Goldmund, Wyldebeast & Wunderliebe, 11 october 2007 15
Plone SSO
• More plone sites within same user session;
• Plone as front-end for other apps;
• other (non-Plone) web apps in same session;
• non-web apps in same session;
• Plone login based on machine login (not in scope, but think NTLM).
Duco Dokter, Goldmund, Wyldebeast & Wunderliebe, 11 october 2007 16
CAS
• SSO server built at Yale university;
• Java Servlet/JSP technology;
• (reasonably) well documented;
• source code available;
• free licence;
• open and clear protocol.
Duco Dokter, Goldmund, Wyldebeast & Wunderliebe, 11 october 2007 17
Plone & CAS
Prerequisites:
• CAS4PAS;
• PlonePAS.
Optional: PloneCASLogin
Duco Dokter, Goldmund, Wyldebeast & Wunderliebe, 11 october 2007 18
Steps: Session 1
1. http request to Plone site A;
2. inlog link kiezen naar CAS server of authenticatie redirect (CAS4PAS) over HTTPS;
3. login on CAS server;
4. CAS sets cookie;
5. redirect back to callback service with ticket;
6. validation ticket to CAS server;
7. CAS server removes ticket and gives ’ok’ + netID;
8. response (with Plone cookie).
Duco Dokter, Goldmund, Wyldebeast & Wunderliebe, 11 october 2007 19
Why the validate step?
Because of redirect to service: might not be secured.
So: a token is given, and Plone uses this to actually validate. CAS generatesthis token, and receives it to give back the user id.
Duco Dokter, Goldmund, Wyldebeast & Wunderliebe, 11 october 2007 20
Steps: Session 2
1. http request to Plone site B;
2. click on login link to CAS server or receive authenticatie redirect (CAS4PAS);
3. CAS service recognizes existing session (based on cookie);
4. redirect back to service with new ticket;
5. validation with ticket;
6. CAS removes ticket, and says ’ok’ + Net ID;
7. response.
Duco Dokter, Goldmund, Wyldebeast & Wunderliebe, 11 october 2007 21
Architectuur
Duco Dokter, Goldmund, Wyldebeast & Wunderliebe, 11 october 2007 22
Back end
• LDAP
• SQL
... but fully pluggable.
Duco Dokter, Goldmund, Wyldebeast & Wunderliebe, 11 october 2007 23
So...
• more Plone sites, 1 account;
• Plone site as front end for other sites;
• Mix of Plone and other web systems;
• Mix of Plone and non web systems.
Duco Dokter, Goldmund, Wyldebeast & Wunderliebe, 11 october 2007 24
The final result
What was that again on complexity?
Duco Dokter, Goldmund, Wyldebeast & Wunderliebe, 11 october 2007 25
Issues
• Loosing sessions: sticky sessions?
• We haven’t really finished: monitoring.
Duco Dokter, Goldmund, Wyldebeast & Wunderliebe, 11 october 2007 26
Ceterum censeo MicroSoftem esse delendam
Duco Dokter, Goldmund, Wyldebeast & Wunderliebe, 11 october 2007 27