+AS2017-《支撑千万亿级交易额的银行云计算架构演进》 龙成

2020-03-01 346浏览

  • 1.支撑千万A级交易额的 银行云计算架构演进 龙成 听云系统架构师 - 金融行4
  • 2.
  • 3.
  • 4.龙成 听云系统架构师 • 技术背景.应用交付领域 • 当前技术中心.应用性能管理 • 3注金融、政府行4 • 完成全球第一D大型主机系统1核心银行应用交付 的双活架构设计2实施
  • 5.银行电子渠道(个人)的4务驱动 • ᐒտᨱձᒫӞ • 500+उ૱ጱ‫૲ړ‬๐‫ۓ‬ • ଫ੒԰ᰂ҅89/90‫ݸ‬
  • 6.• 银行数据中心大集中的W程 • 两地0中心,双活数据中心的架构 • 支撑千万A交易额的云计算架构运行维护
  • 7.大集中的意义 599 2006 2016 17095 17200 30% 92%
  • 8.可用性第一的设计原则 Client A Client B DNS F5 Link Controller_B SSL_B F5 Big IP 5000_B Switch_B Router ISP_B WEB server IP A1 APP server A WEB server IP A2 WEB server IP B1 Router ISP_A APP server B F5 Link Controller_A SSL_A F5 Big IP 5000_A Switch_A WEB server IP B2 Internet E3/ATM E3/ATM Optional Optional GigE<70km E3>70km IDS IDS GigE<70km E3>70km Cisco 6509's Cisco 6509's 3-DNS 3-DNS Shared Bus ines s Unit Pod Dedicated Bus ines s Unit Pod Shared Business Unit Pod VPN Network Mgmnt TACACS Logging Shared Bus ines s Unit Pod Shared Business Unit Pod VPN Network Mgmnt TACACS Logging Dedicated Business Unit Pod Ins ide Serv ers : Databases LDAP, etc InsideServers:Databases LDAP, etc Cisco 6509's Site A Corporate network Cisco 6509's Site B Corporate network
  • 9.中心到分支的4级网络设计 Si Block 1 Si Si Block 2 Si Block 3
  • 10.多中心架构设计
  • 11.• 银行数据中心大集中的W程 • 两地0中心,双活数据中心的架构 • 支撑千万A交易额的云计算架构运行维护
  • 12.混合云中的豪华DC
  • 13.双活的私有云架构 BIG-IQ DC Cookie DNS GTM GTM GTM Viprion/ASM/AAM Viprion/ASM/AAM GTM DNS GTM Viprion/RHI BIG-IQ RHI GTM Viprion/RHI FAN Script / Viprion/MBLB Viprion/MBLB RHI BIG-IP LTM/VE / BIG-IP LTM/VE DSC Viprion Viprion MBLB SASP PoS / ATM PoS ATM BIG-IQ
  • 14.动态和静态就近性算法 ldns { address 211.97.184.100 cur_target_state 3591 ttl 21595 probe_protocol dns_dot path { datacenter "DC_CHN_XA_2" cur_rtt 104725 cur_hops 0 cur_completion_rate 10000 cur_last_hops 0 } path { datacenter "DC_CHN_TJ_2" cur_rtt 19503 cur_hops 0 cur_completion_rate 10000 cur_last_hops 0 } path { datacenter "DC_CHN_SY_1" cur_rtt 32668 cur_hops 0 cur_completion_rate 10000 cur_last_hops 0 }
  • 15.DC ID 数据中心的持续性访问
  • 16.总行数据中心I网双中心运行 DC 1 DC 2 EIGRP EIGRP 10.0.0.1/32 Cost 100 OSPF RHI 10.0.0.1/32 Cost 200 RHI RHI OSPF RHI 10.0.0.1/32 Cost 300 OSPF RHI 10.0.0.1/32 Cost 400 RHI RHI OSPF RHI
  • 17.主机系统双活 App Active DB SASP Life Line SASP App Backup DB
  • 18.应用及数据库分钟级快速切换 Web App Active DB Web Web Web App Backup DB
  • 19.双数据中心配置一致性
  • 20.比对AWS公有云双活架构 Am azon Route 53 hosted Zone www.com pany.com Amaz on CloudFront Media.company.com (Static data) Admin A WS Management Console MFA token Inter net gateway us ers Dynamic data ELB for Web load balance with HTTP HC NAT Instance 1 Bastion host with EIP Public subnet Bastion/NAT security group EC2 Web Server IAM Auto Scaling gr oup Web Server Security group Amaz on CloudWatch Web Tier Private subnet Security group EBS Root Volume EBS Data Volume App Tier Private subnet In Memory cache Read AWS CloudTrail DB DB Tier Private subnet RDS MySQL Instance Active(Multi-AZ) Replication Auto Scaling EBS Root Volume S3 Static Web Object Bucket EBS Data Volume App Tier Private subnet Auto Scaling App Server In Memory cache Read Read Replication Mem cached Web Tier Private subnet EC2 App Server Write Write RDS DB instance r ead r eplica Security group EC2 App Server Security group EBS Data Volume Web Server Auto Scaling gr oup App Server Auto Scaling App Server Session state cache logging Am azon Dynam o DB Application Load Balancer with sticky EBS Root Volume EC2 Web Server Auto Scaling gr oup Web Server Auto Scaling EC2 App Server Auto Scaling gr oup App Server AWS CloudFormation EC2 Web Server EBS Data Volume Web Server EC2 App Server Security group EBS Root Volume EC2 Web Server NAT Instance 2 Public subnet Bastion/NAT security group A rchive inactive objects older than 6 months RDS DB instance r ead r eplica Mem cached RDS MySQL Instance Standby(Multi-AZ) Security group DB Av ailability Zone #1 DB Tier Private subnet Av ailability Zone #2 Replication for DR EBS Volume A WS CLI A rchive inactive objects older than 6 months S3 backup bucket Amaz on SQS/SNS Region A RDS MySQL Instance for DR Region B Am azon Glacier
  • 21.• 银行数据中心大集中的W程 • 两地0中心,双活数据中心的架构 • 支撑千万A交易额的云计算架构运行维护
  • 22.运行维护1 0 A O I G M B B N D
  • 23.运行维护2 0 9 % 7 2
  • 24.运行维护3 0 1 3 0 % *
  • 25.运行维护4 0
  • 26.未来发展展望 •用户行为-预期变化-消费中产,养老一组,城镇新兴 •渠道多元化,实C网店稳定,新增来自网络和移动 •银行产品是生活解决方案 •移动互联,云计算,大数据改变金融实现方式 •监管鼓S个人金融创新 •新对手,新竞争格局
  • 27.
  • 28.