book

Architecting Modern Data Platforms

by Jan Kunigk, Ian Buss, Paul Wilkinson, Lars George

December 2018

Beginner to intermediate

636 pages

18h 15m

English

O'Reilly Media, Inc.

Read now

Unlock full access

Foreword
Preface
Some MisconceptionsSome General TrendsHorizontal ScalingAdoption of Open SourceEmbracing Cloud ComputeDecoupled Compute and StorageWhat Is This Book About?Who Should Read This Book?The Road AheadConventions Used in This BookO’Reilly SafariHow to Contact UsAcknowledgments
1. Big Data Technology Primer
A Tour of the LandscapeCore ComponentsComputational FrameworksAnalytical SQL EnginesStorage EnginesIngestionOrchestrationSummary
I. Infrastructure
2. Clusters
Reasons for Multiple ClustersMultiple Clusters for ResiliencyMultiple Clusters for Software DevelopmentMultiple Clusters for Workload IsolationMultiple Clusters for Legal SeparationMultiple Clusters and Independent Storage and ComputeMultitenancyRequirements for MultitenancySizing ClustersSizing by StorageSizing by Ingest RateSizing by WorkloadCluster GrowthThe Drivers of Cluster GrowthImplementing Cluster GrowthData ReplicationReplication for Software DevelopmentReplication and Workload IsolationSummary
3. Compute and Storage
Computer Architecture for HadoopCommodity ServersServer CPUs and RAMNonuniform Memory AccessCPU SpecificationsRAMCommoditized Storage Meets the EnterpriseModularity of Compute and StorageEverything Is JavaReplication or Erasure Coding?AlternativesHadoop and the Linux Storage StackUser SpaceImportant System CallsThe Linux Page CacheShort-Circuit and Zero-Copy ReadsFilesystemsErasure Coding Versus ReplicationDiscussionGuidanceLow-Level StorageStorage ControllersDisk LayerServer Form FactorsForm Factor ComparisonGuidanceWorkload ProfilesCluster Configurations and Node TypesMaster NodesWorker NodesUtility NodesEdge NodesSmall Cluster ConfigurationsMedium Cluster ConfigurationsLarge Cluster ConfigurationsSummary
4. Networking
How Services Use a NetworkRemote Procedure Calls (RPCs)Data TransfersMonitoringBackupConsensusNetwork ArchitecturesSmall Cluster ArchitecturesMedium Cluster ArchitecturesLarge Cluster ArchitecturesNetwork IntegrationReusing an Existing NetworkCreating an Additional NetworkNetwork Design ConsiderationsLayer 1 RecommendationsLayer 2 RecommendationsLayer 3 RecommendationsSummary
5. Organizational Challenges
Who Runs It?Is It Infrastructure, Middleware, or an Application?Case Study: A Typical Business Intelligence ProjectThe Traditional ApproachTypical Team SetupCompartmentalization of ITRevised Team Setup for Hadoop in the EnterpriseSolution Overview with HadoopNew Team SetupSplit ResponsibilitiesDo I Need DevOps?Do I Need a Center of Excellence/Competence?Summary
6. Datacenter Considerations
Why Does It Matter ?Basic Datacenter ConceptsCoolingPowerNetworkRack Awareness and Rack FailuresFailure Domain AlignmentSpace and Racking ConstraintsIngest and Intercluster ConnectivitySoftwareHardwareReplacements and RepairOperational ProceduresTypical PitfallsNetworkingCluster SpanningSummary
II. Platform

7. Provisioning Clusters
Operating SystemsOS ChoicesOS Configuration for HadoopAutomated Configuration ExampleService DatabasesRequired DatabasesDatabase Integration OptionsDatabase ConsiderationsHadoop DeploymentHadoop DistributionsInstallation ChoicesDistribution ArchitectureInstallation ProcessSummary
8. Platform Validation
Testing MethodologyUseful ToolsHardware ValidationCPUDisksNetworkHadoop ValidationHDFS ValidationGeneral ValidationValidating Other ComponentsOperations ValidationSummary
9. Security
In-Flight EncryptionTLS EncryptionSASL Quality of ProtectionEnabling in-Flight EncryptionAuthenticationKerberosLDAP AuthenticationDelegation TokensImpersonationAuthorizationGroup ResolutionSuperusers and SupergroupsHadoop Service Level AuthorizationCentralized Security ManagementHDFSYARNZooKeeperHiveImpalaHBaseSolrKuduOozieHueKafkaSentryAt-Rest EncryptionVolume Encryption with Cloudera Navigator Encrypt and Key Trustee ServerHDFS Transparent Data EncryptionEncrypting Temporary FilesSummary
10. Integration with Identity Management Providers
Integration AreasIntegration ScenariosScenario 1: Writing a File to HDFSScenario 2: Submitting a Hive QueryScenario 3: Running a Spark JobIntegration ProvidersLDAP IntegrationBackgroundLDAP SecurityLoad BalancingApplication IntegrationLinux IntegrationKerberos IntegrationKerberos ClientsKDC IntegrationCertificate ManagementSigning CertificatesConverting CertificatesWildcard CertificatesAutomationSummary
11. Accessing and Interacting with Clusters
Access MechanismsProgrammatic AccessCommand-Line AccessWeb UIsAccess TopologiesInteraction PatternsProxy AccessLoad BalancingEdge Node InteractionsAccess SecurityAdministration GatewaysWorkbenchesHueNotebooksLanding ZonesSummary
12. High Availability
High Availability DefinedLateral/Service HAVertical/Systemic HAMeasuring AvailabilityPercentagesPercentilesOperating for HAMonitoringPlaybooks and PostmortemsHA Building BlocksQuorumsLoad BalancingDatabase HAAncillary ServicesGeneral ConsiderationsSeparation of Master and Worker ProcessesSeparation of Identical Service RolesMaster Servers in Separate Failure DomainsBalanced Master ConfigurationsOptimized Server ConfigurationsHigh Availability of Cluster ServicesZooKeeperHDFSYARNHBaseKMSHiveImpalaSolrKafkaOozieHueOther ServicesAutoconfigurationSummary
13. Backup and Disaster Recovery
ContextMany Distributed SystemsPolicies and ObjectivesFailure ScenariosSuitable Data SourcesStrategiesData TypesConsistencyValidationSummaryData ReplicationHBaseCluster Management ToolsKafkaSummaryHadoop Cluster BackupsSubsystemsCase Study: Automating Backups with OozieRestoreSummary
III. Taking Hadoop to the Cloud
14. Basics of Virtualization for Hadoop
Compute VirtualizationVirtual Machine DistributionAnti-Affinity GroupsStorage VirtualizationVirtualizing Local StorageSANsObject Storage and Network-Attached StorageNetwork VirtualizationCluster Life Cycle ModelsSummary
15. Solutions for Private Clouds
OpenStackAutomation and IntegrationLife Cycle and StorageIsolationSummaryOpenShiftAutomationLife Cycle and StorageIsolationSummaryVMware and Pivotal Cloud FoundryDo It Yourself?AutomationIsolationLife Cycle ModelSummaryObject Storage for Private CloudsEMC IsilonCephSummary
16. Solutions in the Public Cloud
Key Things to KnowCloud ProvidersAWSMicrosoft AzureGoogle Cloud PlatformImplementing ClustersInstancesStorage and Life Cycle ModelsNetwork ArchitectureHigh AvailabilitySummary
17. Automated Provisioning
Long-Lived ClustersConfiguration and TemplatingDeployment PhasesVendor SolutionsOne-Click DeploymentsHomegrown AutomationHooking Into a Provisioning Life CycleScaling Up and DownDeploying with SecurityTransient ClustersSharing Metadata ServicesSummary
18. Security in the Cloud
Assessing the RiskRisk ModelEnvironmental RisksDeployment RisksIdentity Provider Options for HadoopOption A: Cloud-Only Self-Contained ID ServicesOption B: Cloud-Only Shared ID ServicesOption C: On-Premises ID ServicesObject Storage Security and HadoopIdentity and Access ManagementAmazon Simple Storage ServiceGCP Cloud StorageMicrosoft AzureAuditingEncryption for Data at RestRequirements for Key MaterialOptions for Encryption in the CloudOn-Premises Key PersistenceEncryption via the Cloud ProviderEncryption Feature and Interoperability SummaryRecommendations and Summary for Cloud EncryptionEncrypting Data in Flight in the CloudPerimeter Controls and FirewallingGCPAWSAzureSummary
A. Backup Onboarding Checklist
Backup Onboarding ChecklistBackupServicesCloudera ManagerHDFSHBaseHive/ImpalaSqoopOozieHueSentry
Index

Content preview from Architecting Modern Data Platforms

Chapter 4. Networking

This chapter looks at how cluster services such as Spark and Hadoop use the network and how that usage affects network architecture and integration. We also cover implementation details relevant to network architects and cluster builders.

Services such as Hadoop are distributed, which means that networking is a fundamental, critical part of their overall system architecture. Rather than just affecting how a cluster is accessed externally, networking directly affects the performance, scalability, security, and availability of a cluster and the services it provides.

How Services Use a Network

A modern data platform comprises of a range of networked services that are selectively combined to solve business problems. Each service provides a unique capability, but fundamentally, they are each built using a common set of network use cases.

Remote Procedure Calls (RPCs)

One of the most common network use cases is when clients request that a remote service perform an action. Known as remote procedure calls (RPCs), these mechanisms are a fundamental unit of work on a network, enabling many higher-level use cases such as monitoring, consensus, and data transfers.

All platform services are distributed, so by definition, they all provide RPC capabilities in some form or other. As would be expected, the variety of available remote calls reflects the variety of the services themselves—RPCs to some services last only milliseconds and affect only a single record, but calls ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.

Read now

Unlock full access

More than 5,000 organizations count on O’Reilly

O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.

Julian F.

Head of Cybersecurity

I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.

Addison B.

Field Engineer

I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.

Amir M.

Data Platform Tech Lead

I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.

Mark W.

Embedded Software Engineer

Publisher Resources

ISBN: 9781491969267Errata Page

Cloud Computing

Data Engineering

Data Science

AI & ML

Programming Languages

Software Architecture

IT/Ops

Security

Design