《2017年支撑千万亿级交易额的银行云计算架构演进.pdf》由会员分享,可在线阅读,更多相关《2017年支撑千万亿级交易额的银行云计算架构演进.pdf(25页珍藏版)》请在三个皮匠报告上搜索。
1、支撑千万A级交易额的银行云计算架构演进龙成听云系统架构师技术背景.应用交付领域 当前技术中心.应用性能管理 3注金融、政府行4 完成全球第一D大型主机系统1核心银行应用交付的双活架构设计2实施银行电子渠道(个人)的4务驱动?500+?89/90?银行数据中心大集中的W程两地0中心,双活数据中心的架构支撑千万A交易额的云计算架构运行维护大集中的意义20062016?1709517200?30%92%599?可用性第一的设计原则Router ISP_ARouter ISP_BF5 Link Controller_AF5 Link Controller_BWEB server IP A1WEB se
2、rver IP A2WEB server IP B1WEB server IP B2APP server AAPP server BF5 Big IP 5000_AF5 Big IP 5000_BSSL_ASSL_BSwitch_BSwitch_ADNSClient A Client BGigE70kmGigE70kmCisco6509sCisco6509sSharedBusinessUnit PodSharedBusinessUnit PodDedicatedBusinessUnit PodSharedBusinessUnit PodDedicatedBusinessUnit PodE3/A
3、TME3/ATMNetworkMgmntTACACSLoggingNetworkMgmntTACACSLoggingVPNOptionalOptionalIDSIDSSite ACorporate networkInsideServers:DatabasesLDAP,etc3-DNS3-DNSVPNSharedBusinessUnit PodCisco6509sCisco6509sInternetInsideServers:DatabasesLDAP,etcSite BCorporate network?中心到分支的4级网络设计!#$%&(!#$%&(!#$%&(!#$%&(SiSiSiSiS
4、iSiSiSiBlock 1Block 2Block 3多中心架构设计银行数据中心大集中的W程两地0中心,双活数据中心的架构支撑千万A交易额的云计算架构运行维护混合云中的豪华DC双活的私有云架构?GTM?GTMViprion/ASM/AAMViprion/RHIViprion/MBLBViprion?/?GTM?PoSATMBIG-IP LTM/VE?/?GTM?GTMViprion/RHIViprionViprion/MBLB?GTM?PoSATMBIG-IP LTM/VE?DSC?BIG-IQBIG-IQ?BIG-IQ?DNS?RHI?/?RHI?FANScript?MBLBSASP?DC
5、 Cookie?DNS?Viprion/ASM/AAM动态和静态就近性算法ldns address 211.97.184.100 cur_target_state 3591 ttl 21595 probe_protocol dns_dot path datacenter DC_CHN_XA_2 cur_rtt 104725 cur_hops 0 cur_completion_rate 10000 cur_last_hops 0 path datacenter DC_CHN_TJ_2 cur_rtt 19503 cur_hops 0 cur_completion_rate 10000 cur_l
6、ast_hops 0 path datacenter DC_CHN_SY_1 cur_rtt 32668 cur_hops 0 cur_completion_rate 10000 cur_last_hops 0 DC ID 数据中心的持续性访问总行数据中心I网双中心运行?RHIRHIRHIRHI?RHIRHIRHIRHIEIGRPEIGRPOSPFOSPFOSPFOSPFDC 1DC 210.0.0.1/32Cost10010.0.0.1/32Cost20010.0.0.1/32Cost30010.0.0.1/32Cost400主机系统双活?App?ActiveDB?App?Backup DB
7、Life LineSASPSASP?应用及数据库分钟级快速切换?App?ActiveDB?App?Backup DBWeb?WebWeb?Web双数据中心配置一致性比对AWS公有云双活架构Region BAvailability Zone#1Availability Zone#2ELB for Web load balance with HTTP HCApplication Load Balancer with stickySecurity group?DBPublic subnet?Bastion/NAT security groupNAT Instance 1Bastion host wi
8、th EIPAuto Scaling group?WebServerSecurity group?Web ServerEC2Web ServerAuto ScalingEC2Web ServerEBS Root VolumeEBS Data VolumeWeb Tier Private subnetAuto Scaling group?AppServerSecurity group?AppServerEC2App ServerAuto ScalingEC2App ServerEBS Root VolumeEBS Data VolumeApp Tier Private subnetDB Tier
9、 Private subnetRDS MySQL Instance Active(Multi-AZ)MemcachedRegion ARDS DB instance read replicaAmazon DynamoDBSecurity group?DBPublic subnet?Bastion/NAT security groupNAT Instance 2Auto Scaling group?WebServerSecurity group?Web ServerEC2Web ServerAuto ScalingEC2Web ServerEBS Root VolumeEBS Data Volu
10、meWeb Tier Private subnetAuto Scaling group?AppServerSecurity group?AppServerEC2App ServerAuto ScalingEC2App ServerEBS Root VolumeEBS Data VolumeApp Tier Private subnetDB Tier Private subnetRDS MySQL Instance Standby(Multi-AZ)MemcachedRDS DB instance read replicaAmazon CloudFrontAmazonRoute 53 hoste
11、d ZusersS3 Static Web Object BucketAmazon GlacierS3 backup bucketEBS VolumeRDS MySQL Instance for DRIn Memory cacheIn Memory cacheSession state cache loggingReadWriteReadWriteReplicationRead ReplicationAWS CLIArchive inactive objects olderthan 6 monthsArchive inactive objects olderthan 6 monthsAdmin
12、MFA tokenAWS Management ConsoleIAMAmazon CloudWatchAWSCloudFormationAWSCloudTrailInternetgatewayDynamic dataM(Static data)Replication for DRAmazonSQS/SNS银行数据中心大集中的W程两地0中心,双活数据中心的架构支撑千万A交易额的云计算架构运行维护运行维护1 0?A?O?I?G?M?B?B?D?N?运行维护2 0?9?%?7?2?运行维护3 0?1?3?0?%?*?运行维护4 0?未来发展展望用户行为-预期变化-消费中产,养老一组,城镇新兴 渠道多元化,实C网店稳定,新增来自网络和移动 银行产品是生活解决方案 移动互联,云计算,大数据改变金融实现方式 监管鼓S个人金融创新 新对手,新竞争格局