Using IaaS-clouds for a loaded web project: the Hotels.ru experience
Today we will talk about how the Hotels.ru hotel reservation service used the IaaS infrastructure of IT-GRAD several years ago.
The popularity of the service is what the entire project team is working for. The desire to help the maximum number of people leads to the need to solve problems of processing large amounts of data from various sources. This requires serious computing power that requires capital investment and the cost of ongoing maintenance.
')
An average business can not always allocate a lump sum to significantly increase or update its own IT infrastructure. In this case, you should pay attention to the opportunities offered by IaaS-providers .
The growth of the Hotels.ru database is about 50%, so the ability to scale the infrastructure and its performance were key factors when working with IaaS.
The target audience of Hotels.ru is Russian users, so the service had to ensure maximum opening speed and smooth operation, primarily for this segment. The project consists of a web application and a database that is implemented on Linux and PHP with MySQL.
The load generated by hundreds of simultaneous connections from different parts of the country is balanced by vSphere. In addition, a damage assessment was conducted in case of emergency:
As part of this case, the transfer to the backup data center was considered. In this case, network integrity is ensured with the help of BGP, and “learning” transfers took about 16 hours. As a result, for five years of operation of Hotels.ru, there were no accidents in the IaaS-cloud.
Long-term cooperation with the team of our IaaS-provider allows the project to talk openly about the advantages of working with a virtual infrastructure.
At the initial stage, representatives of Hotels.ru doubted the transfer of particularly sensitive systems related to the processing of customer data. Our analysis of the situation showed the need to use encryption - such a move reduced anxiety and objectively affect the data security.
Virtual infrastructure allows you to change not only the degree of availability of the service, but also greatly affect the development process. Painless experiments to improve the front of the project and optimize internal systems are possible through the allocation of individual resources.
It is worth noting the opportunities for providing information security, which provides IaaS. Project Hotels.ru had to experience the impact of attackers who organized a fairly serious DDoS attack.
They took advantage of the temporary vulnerability of the service and sent a stream of requests for price comparisons in various hotels. The attack was made from sources located in 4 countries.
Today, the project team allocates key resources exclusively for business development and improving the user experience of service customers. In the future, we consider the possibility of passing the PCI DSS certification , which will allow processing and storing information on bank cards in user profiles.
What helps IaaS-infrastructure
The popularity of the service is what the entire project team is working for. The desire to help the maximum number of people leads to the need to solve problems of processing large amounts of data from various sources. This requires serious computing power that requires capital investment and the cost of ongoing maintenance.
')
An average business can not always allocate a lump sum to significantly increase or update its own IT infrastructure. In this case, you should pay attention to the opportunities offered by IaaS-providers .
The growth of the Hotels.ru database is about 50%, so the ability to scale the infrastructure and its performance were key factors when working with IaaS.
Field tests have shown that to achieve a user-friendly sample rate and recalculation of options, 1.5k IOPS is required per disk system. In addition, the indicator must be guaranteed to ensure a stable response of the site.
At this stage, almost half of the offers were eliminated, as providers tried to avoid specific guarantees for I / O operations.
In terms of reliability, calculations of possible losses showed that the optimal SLA for our service would be 99.5% and higher.
- Team Hotels.ru
Project infrastructure
The target audience of Hotels.ru is Russian users, so the service had to ensure maximum opening speed and smooth operation, primarily for this segment. The project consists of a web application and a database that is implemented on Linux and PHP with MySQL.
The load generated by hundreds of simultaneous connections from different parts of the country is balanced by vSphere. In addition, a damage assessment was conducted in case of emergency:
After calculating the amount of losses in a hypothetical catastrophe, we came to the conclusion that for a company losses become noticeable after a day of inaccessibility.
And with an RTO in the amount of days there is no need for replication systems or something like that, so we limited ourselves to backup and backup space.
- Team Hotels.ru
As part of this case, the transfer to the backup data center was considered. In this case, network integrity is ensured with the help of BGP, and “learning” transfers took about 16 hours. As a result, for five years of operation of Hotels.ru, there were no accidents in the IaaS-cloud.
IaaS benefits
Long-term cooperation with the team of our IaaS-provider allows the project to talk openly about the advantages of working with a virtual infrastructure.
At the initial stage, representatives of Hotels.ru doubted the transfer of particularly sensitive systems related to the processing of customer data. Our analysis of the situation showed the need to use encryption - such a move reduced anxiety and objectively affect the data security.
The whole beauty of the cloud is realized when the traffic on the site increases tenfold before the holidays and the power needs to be urgently raised. At the dawn of the service, this caused a natural panic and an emergency, and now the issue is solved by adding virtual processors and IOPS to the disk system.
As soon as the peak was asleep and, according to predictions, repetitions are not foreseen, we disconnect the temporarily allocated capacities in order not to pay extra.
- Team Hotels.ru
Virtual infrastructure allows you to change not only the degree of availability of the service, but also greatly affect the development process. Painless experiments to improve the front of the project and optimize internal systems are possible through the allocation of individual resources.
Prototypes of future versions and running-in of new functions often require separate stands of similar performance, and we recall with a shudder the self-assembly “servers” and the nightly work on their engraftment.
Progress here of course relaxes - clicked the mouse and got the whole farm under test. At the same time, it is not necessary to go to the management for a budget for test iron, and later to think about where to attach obsolete decommissioned equipment. Beauty.
- Team Hotels.ru
It is worth noting the opportunities for providing information security, which provides IaaS. Project Hotels.ru had to experience the impact of attackers who organized a fairly serious DDoS attack.
They took advantage of the temporary vulnerability of the service and sent a stream of requests for price comparisons in various hotels. The attack was made from sources located in 4 countries.
Rescued monitoring of the cloud, notifying of problems in the first 10 minutes of the attack. Our servers are under the supervision of the provider ZABBIX, which at the same time looks out for the network. So timely detection of problems saved both loss of reputation and more extensive consequences.
We had to respond quickly to the threat, and it was decided to temporarily block incoming traffic from the attacking countries, since there were no large blessings among them. In parallel, they increased the number of connections and sighed calmly.
- Team Hotels.ru
What's next
Today, the project team allocates key resources exclusively for business development and improving the user experience of service customers. In the future, we consider the possibility of passing the PCI DSS certification , which will allow processing and storing information on bank cards in user profiles.
Today in Russia, IaaS operators with a PCI DSS certificate, which covers administration by area, and not just equipment placement, can be counted on the fingers of one hand. In our opinion, the business will sooner or later add this item to the extensive list of cloud requirements.
- Team Hotels.ru
Source: https://habr.com/ru/post/258389/
All Articles