This blog is based on the talk I gave at Cloud Foundry Summit Europe 2016 in Frankfurt. You can watch this back on YouTube where there's the Cloud Foundry Summit Official Version and the upload of our Ustream on the Cloudsoft channel.
Enterprises have a wealth of data in pre-existing databases, which are ripe for developers to create new and exciting applications. Currently developers have to contact the database admin and request a new user account and register it as a user-provided service. The Cloudsoft Service Broker Manager allows an administrator to add service definitions for creating users to its service broker quickly. This means that developers can securely access existing enterprise data as reliable Cloud Foundry managed services.
The Challenge enterprises face is to develop applications that use unique assets that provide a competitive edge while carefully controlling permissions. The hope is to increase developer productivity by integrating existing services into Cloud Foundry, but current mechanisms make it difficult to access these assets.
Adding User Provided Services is too manual since developers typically have to follow an approval process. Furthermore, this may lead to uncontrolled usage without a sufficient audit trail as developers share services. The alternative to User Provided Services is to build new Service Brokers, which is not much better: a laborious time-consuming process.
So consider Maureen, our fictitious Software Engineer persona; she wants to create great software using the Cloud Native idiom, and extend the power of those Cloud Native applications by accessing pre-existing databases containing years of unique data. She wants to do all of this self-service. While Rick, the operations manager, wants to build on trusted assets. He wants to enable developers, such as Maureen, to work with pre-existing data, but with compliant, consistent services that are secure, curated and controlled.
Cloud Native with Control
The Cloudsoft Service Broker is quicker and simpler than creating new service brokers and managing multiple brokers. It provides permission-based access to pre-existing databases as managed services, securely connecting trusted enterprise databases & software. This enables Rick to Control service provisioning & access in line with company best practices.
Adding new service definitions for pre-existing databases with the Cloudsoft Service Broker is easy. Rick simply has to fill out the form with the type of database and its credentials -- making sure that the database user provided has permissions to create other users. And he can control which Organizations can use this service through the same user interface.
So that Rick can be sure that the data is safe, each instance of this service definition instantiated by a developer will create a new read-only user on that database. More importantly, it is a new user for each service instance while Rick’s admin credentials are secure kept away from developers. And when the service is deleted, so is the read-only user.
As with service definitions for pre-existing databases, adding service definitions for Cloudsoft AMP to deploy into your infrastructure is just as easy. Rick can fill out a form for the new service, selecting from the list of AMP entities and modifying the blueprint, if required. Plan definitions differ as configuration of the base blueprint, e.g VM config such as resources or cluster size.
When the developer instantiates an instance of an AMP Service, Rick can look at the runtime information provided by AMP about that service. So he can monitor important metrics, such as the number of requests per second, giving him much more than the standard black box experience.