This whitepaper will introduce you Solution Design Replatform to Alibaba Cloud, the cloud computing division of Alibaba Group.

Cloud Solution Design - Alibaba Cloud

DISCOVERY 

Why you are moving to the cloud 

- Financial Reasons 

o Reduce expenses 

o Increase operations 

o Enhance outcomes 

- Improve overall ROI

- Meet competitive challenges  

PRESENTING A SOLUTION

Current Architecture 

2-tier solution:

- Web

- Database 

Access 

- Web tier: customers on web ports 

- Database tier: web tier on database ports 

Nightly database backups to tape 

Proposed Solutions 

Alibaba Cloud - moving applications to the cloud without major changes, but taking advantage of benefits of the cloud environment on below services 

To Be Cloud Architect 

- Virtual Private Cloud (VPC) - Helps you construct a logically isolated networking environment where you can customize your own IP address range, subnets, route tables, and network gateways.

- Web tier (Web Proxy) - Web (web traffic) Internet 

- App tier (App Server) - App (app traffic) Web 

- DB tier (ApsaraDB for RDS) - Databases (db traffic) App

- Load balancing - Server Load Balancer (SLB)

- Auto Scaling Group – Auto Scale 

- Database migration - Data Transmission Service (DTS)

- Alibaba Cloud Security - Bastion hosts (management traffic) – Small instance type 

- Resource Access Management (RAM) – least privilege  

- Security 

o Only the web hosts in public subnet 

o Security groups 

 Web - only allow internet traffic on 80/443

 App hosts - only allow web proxy on app port 

 ApsaraDB Relational Database Service (ApsaraDB for RDS) - only allow app host on 3306

 The management of Bastion Host with Alibaba Cloud - Elastic Compute Service

(ECS) Systems

o Alibaba Cloud Security Groups - NACL (Network Access Control Lists) - as an additional layer 

o Object Storage Service (OSS) Storage spaces have security features enabled 

o Resource Access Management (RAM) policies configured along the principles of least privilege 

o Monitoring and logging 

DELIVERING A PROOF OF CONCEPT (POC)

Evaluating the solution in the Alibaba Cloud’s environment 

Let’s start Alibaba Cloud A Free Trial - https://www.alibabacloud.com/campaign/free-trial?spm=a3c0i.7911826.2886971040.1.244714b3hLUrv9 

IMPLEMENTING SOLUTION

Production Solution Implementation post POC everything is OK

KEY TAKEAWAYS

• Moving applications to the cloud as-is

- App/DB Servers -> Elastic Compute Service (ECS) 

- Storage  Object Storage Service (OSS)

Tools: Alibaba Cloud VM Import/Export 

• Moving applications to the Alibaba Cloud without major changes, but taking advantage of benefits of the Alibaba Cloud environment

- Migrating databases to ApsaraDB for RDS

- Migrating applications to Alibaba Cloud Web Hosting

• Improving the Design of Existing Code 

- Using cloud native features (Cloud-Native Applications Management https://www.alibabacloud.com/solutions/container)

Alibaba Cloud Architecture Best Practices  

- Design for failure and nothing fails

o Avoid single points of failure 

o Multiple instances 

o Multiple Zones 

o Separate single server into multiple tired application 

o For ApsaraDB for RDS, use Multi Zone feature  

- Build security in every layer

o Encrypt Data at rest and in transit 

o Enforce principle of least privilege in Resource Access Management

o Implement both Security Groups and Network Access Control Lists (NACL) (Alibaba Cloud Security Groups) 

o Consider advanced security features and services 

- Leverage different storage options

o Move static web assets to Object Storage Service (OSS) 

o Use Alibaba Cloud CDN to serve globally 

o Store session state in Table Store

o Use ApsaraDB for Redis between hosts and databases  

- Implement elasticity

o Implement Auto Scaling policies 

o Architect resiliency to reboot and relaunch 

o Leverage managed services like Object Storage Service (OSS) and Alibaba Cloud Table Store

- Think parallel

o Scale horizontally, not vertically 

o Decouple compute from session/state 

o Use Server Load Balancer (SLB)

o Right-size your infrastructure  

- Loose coupling sets you free

o Instead of a single, ordered workflow, use multiple queues 

o Use 

Alibaba Cloud Message Queue (MQ) 

and 

Alibaba Cloud - Message Service 

o Leverage existing services 

- Don’t fear constraints

o Better Input/output operations per second (IOPS) for databases

Download

Solution Design Replatform to Alibaba cloud

Source: Alibaba Cloud