Redefining Perspectives A thought leadership forum for technologists interested in defining a new future

Session 2

Lessons from Real Life Cloud Computing

Implementations

Vibhor Mathur Senior Specialist – Technology

Sapient Global Markets (India)

Vibhor has more than 14 years of experience in designing

and developing complex business critical applications

primarily using C++ / VC++ technologies

He has a strong hold on the Trading and Risk Management

domain, specifically in the areas of trade life cycle

management and handling of OTC (Over the Counter)

trades

Shivam Kumar Specialist – Technology

Sapient Global Markets (India)

Shivam has over 9 years of experience in software design

and development. He specializes in performance and

scalability of applications

He has developed various systems using platform and

technologies like compute grids, Hadoop and Cloud

Computing to achieve scalability. He has co-authored in-

house compute grids and elastic servers

CLOUD COMPUTING:

LESSONS FROM REAL LIFE IMPLEMENTATIONS Vibhor Mathur and Shivam Kumar

May 2014

What We’ll Cover

Share a perspective on the challenges faced and lessons learnt from real life experiences of

working on cloud based implementations

Porting a complex app from on-premise to cloud

1

Integrating a cloud application with on-premise infrastructure

2

© COPYRIGHT 2014 SAPIENT CORPORATION

Porting a Complex Application from

On-premise to Cloud

We’ll Focus on…

• Solution Layout

• Security

• Performance

• Platform Availability

• Operations

CMRS | Application Context

9

TRADING FIRM

TRADING

SYSTEM 1

TRADING

SYSTEM 2

TRADING

SYSTEM 3

TRADING

REPOSITORY (e.g. DTCC)

CMRS (Sapient)

© COPYRIGHT 2014 SAPIENT CORPORATION

CMRS | Deployment on Cloud

© COPYRIGHT 2014 SAPIENT CORPORATION

• Hardware Based

Limitations – e.g.

use of MQ

Porting from On-premise to Cloud (1/2)

MQ SERVER 1

MQ SERVER 2

MQ RECEIVER

CMRS ON PREMISE TRADING REPOSITORY

DEDICATED NETWORK

Interfacing with external entities needs to be thought through across the following dimensions:

© COPYRIGHT 2014 SAPIENT CORPORATION

TRADING REPOSITORY

Porting from On-premise to Cloud (1/2)

SFTP SERVER 1

SFTP SERVER 2

SFTP RECEIVER

CMRS ON CLOUD

Cloud Service

Interfacing with external entities needs to be thought through across the following dimensions:

© COPYRIGHT 2014 SAPIENT CORPORATION

• Hardware Based

Limitations – e.g.

use of MQ

INTERNET

TRADING REPOSITORY

Porting from On-premise to Cloud (1/2)

SFTP SERVER 1

SFTP SERVER 2

SFTP RECEIVER

CMRS ON CLOUD

Cloud Service

Interfacing with external entities needs to be thought through across the following dimensions:

© COPYRIGHT 2014 SAPIENT CORPORATION

INTERNET

• Hardware Based

Limitations – e.g.

use of MQ

• Static IP Address

Limitation

PU

BLI

C

PR

IVA

TE

Porting from On-premise to Cloud (2/2)

Partner with the cloud platform vendor to establish the architecture

• Deployment Design – e.g. use of availability sets

• Security – e.g. use of access control lists

• Software license usage – e.g. optimizing the use of BizTalk

licenses

© COPYRIGHT 2014 SAPIENT CORPORATION

Security in Cloud

15

Data in Transit

• Transmission over sFTP

Data at Rest

• Data Encryption

• Disable Copy over RDP

Environment

• Access Control Lists (ACLs)

• Site to Site VPN Tunnel

• Penetration Testing

• Intrusion Detection

Governance

• Processes

• Audits

© COPYRIGHT 2014 SAPIENT CORPORATION

Plan for Performance Related Changes

0

5

10

15

20

25

30

35

40

45

1 2 3 4 5 6 7 8 9 10

Thro

ugh

pu

t (m

sgs/

sec)

Iterations

On Cloud On Premise

• Performance of the application cannot be assumed to be same as on premise

• Key physical characteristics of the cloud platform

• IOPS of the system drive – e.g. system

drives are read optimized by default

• Potential deployment re-engineering

• Distribution of key database files

across disks

© COPYRIGHT 2014 SAPIENT CORPORATION

Platform (Un)Availability – Assume Things will go Wrong

Event Possible Mitigation

Scheduled Outages

Processes / Standard Operating Procedures

Unscheduled Outages

Processes + Deployment Design

Human Error Processes + Governance

© COPYRIGHT 2014 SAPIENT CORPORATION

• Infrastructure Management

• Patching, anti-virus updates

• Monitoring

• Service Level Agreements

• Understanding the SLAs of all the players including the cloud platform provider

• SLAs we offer has a significant impact on the cost e.g – 24x7 vs 16x5 support model

• Costs

• Infrastructure cost – architecture choices has a major impact

• Supporting the platform – people cost could be substantially higher

Operating a Cloud Based SaaS Platform

© COPYRIGHT 2014 SAPIENT CORPORATION

Integrating a Cloud App with On-premise

Infrastructure

We’ll Focus on…

• Introduction to Risk Calculator

• Motivators for Moving to Cloud

• Application Topology

• Demo – Key Features

• Auto Scaling

• Integration with Enterprises Services

We’ll focus on…

© COPYRIGHT 2014 SAPIENT CORPORATION

• Risk Calculator finds out risk scores of

Mortgage Backed Securities (MBS)

• Large number of MBS securities.

• Characteristics

• Highly CPU intensive process

• Irregular usage pattern

Introduction to Risk Calculator

Portfolio Manager

Risk Calculator Client

Logging

Service

Application Monitor

Application Support Team Server

Server Server

Server

© COPYRIGHT 2014 SAPIENT CORPORATION

Why move Risk Calculator to Cloud

• Scale-on-Demand: Cloud allows risk calculator to add computing power when

needed

• No Initial Investment: on procuring infrastructure that is not fully utilized

• Reduced Maintenance Overheads: maintenance for components unsupported by

the enterprise can be outsourced to the cloud

© COPYRIGHT 2014 SAPIENT CORPORATION

Application Topology on Cloud

EC2

Server Server

Server Server

Risk Calculator

Client

Request Queue (SQS)

Response Queue (SQS)

ENTERPRISE

Elastic Cache

Simple Storage Service (S3)

© COPYRIGHT 2014 SAPIENT CORPORATION

ENTERPRISE

EC2

Server Server

Server Server

Risk Calculator Client

Request Queue (SQS)

Response Queue (SQS)

Elastic Cache

Simple Storage Service (S3)

Auto Scaler

Server Server

Auto Scaling

© COPYRIGHT 2014 SAPIENT CORPORATION

Enterprise Integration

EC2

Server Server

Server Server

Risk Calculator Client

Request Queue (SQS)

Response Queue (SQS)

ENTERPRISE

Elastic Cache

Simple Storage Service (S3)

Auto Scaler

Server Server

Logging Service

Application Monitor

Reverse Tunnel Apache HTTPD Reverse Proxy

© COPYRIGHT 2014 SAPIENT CORPORATION

ENTERPRISE

Credentials Management

Credentials Store

Credential Service

Risk Calculator Auto Scaler

Enterprise Authentication Server

Identity and Access Management (IAM)

© COPYRIGHT 2014 SAPIENT CORPORATION

Lessons Learnt

27

Lessons Learnt

1. Porting an On-premise Application to Cloud

• Design the solution considering cloud constraints e.g. dependency on hardware

• Running a SaaS platform is a different ball game e.g. Cost Management, SLA

Management

• Cost is not a differentiator - go with a vendor who is willing to partner

© COPYRIGHT 2014 SAPIENT CORPORATION

Lessons Learnt

2. Integrating an Application on Cloud with On-premise Infrastructure

• Use hybrid cloud model where the need for compute power is extremely variable

• Integrating with enterprise services will be needed – design for it upfront

• Integrating from cloud into the enterprise is not trivial e.g. security perception

© COPYRIGHT 2014 SAPIENT CORPORATION

Thank You