After posting about How Development works on Open PaaS and VMforce, I felt it was time to provide an equivalent view from an Administrator’s perspective. Before going deep, I thought I would provide a comparison of what things look like between the Developer’s view of things vs. the Administrator’s.
Please note that this is derived information and in some cases speculative (but I bet I’m close)
Starting at the top:
- The URL and Mapping matches a DNS entry with an External IP (Host), a Path, and a Port to Access the Application
- The Application contains an App Instance matching the Virtual Machine with a Workload (Potentially multiple Workloads)
- The Internal IP operates off of the assumption that the VM is either multi-homed or has a NAT based interface with an Inside and Outside Address
- The Service Instance matches a VM with a specific Running Service inside. This could be a shared Service instance or a Multi-User/Tenant Service Instance (There isn’t enough info. from what I have found to know which)
- The Service Catalog is the equivalent of a Template/Gold Image based VM (in the describe model)
There are several different ways VMware could choose to implement isolation and multi-tenancy.
The diagram below gives an Administrator’s view of Open PaaS and its implementation inside of VMforce. The current implemented resource model shows a quota system as the chosen way of limiting/controlling consumption of resources in the Open PaaS Cloud.
The Account is the line between where the Administrator turns over the resources to the Developer. This seems like it would create an environment like the wild west, but this is a deceptively simple view. The Architects and Administrators both have the ability to constrain the system before any code is pushed into it. This is achieved by decisions on what types of code can supported in the system, potentially constraining allowed frameworks, available services, the ability to create services, and allocated resources. Quota based allocated resources include number of CPU cores, Memory, and Disk space.
From what I have been able to find so far, there is a focus on isolation by Account using a quota system.
The strongest isolation model would be to assign each workload its own VM, this however would consume far more resources than isolation at a process level (a typical trade-off). Implementing isolation at a process level would work well but you wouldn’t want all Workloads (App Instances) for a single Application running in a single VM, because if the VM fails so does your Application. As more is revealed, I will provide more indepth information on how isolation and distribution is done.
There is also an unknown as to if and how a load-balancing mechanism is implemented. I haven’t come across how/if this is implemented, perhaps this is done in the Mapping (via. DNS/round robin?). This is purely speculative.