PAS Overview
Page last updated:
This topic describes Pivotal Application Service (PAS) and how it works with Ops Manager.
Overview
Cloud platforms let anyone deploy network apps or services and make them available to the world in a few minutes. When an app becomes popular, the cloud scales it to handle more traffic, replacing build-out and migration efforts that once took months with a few keystrokes. Cloud platforms enable you to focus exclusively on your apps and data without worrying about underlying infrastructure.
The following diagram shows the layers of a typical technology stack, and compares the traditional IT model to the cloud platform model:
View a larger version of this diagram.
See the following sections in this topic:
About PAS
This section describes why PAS is an industry-standard cloud platform.
Not all cloud platforms are created equal. Some have limited language and framework support, lack key app services, or restrict deployment to a single cloud.
As an industry-standard cloud platform, PAS offers the following:
Open source code: The platform’s openness and extensibility prevent its users from being locked into a single framework, set of app services, or cloud. For more information, see the Cloud Foundry project on GitHub.
Deployment automation: Developers can deploy their apps to PAS using their existing tools and with zero modification to their code.
Flexible infrastructure: You can deploy PAS to run your apps on your own computing infrastructure, or deploy on an IaaS like vSphere, AWS, Azure, GCP, or OpenStack.
Commercial options: You can also use a PaaS deployed by a commercial PAS cloud provider. For more information, see Cloud Foundry Certified Platforms.
Community support: A broad community contributes to and supports PAS. See Welcome to the Cloud Foundry Community.
PAS is ideal for anyone interested in removing the cost and complexity of configuring infrastructure for their apps.
How PAS Works
To flexibly serve and scale apps online, PAS has subsystems that perform specialized functions. The sections below describe how some of these main subsystems work.
Load Balancing
This section describes how PAS handles load balancing.
Clouds balance their processing loads over multiple machines, optimizing for efficiency and resilience against point failure. A PAS installation accomplishes this using the following components:
BOSH creates and deploys VMs on top of a physical computing infrastructure, and deploys and runs PAS on top of this cloud. To configure the deployment, BOSH follows a manifest document. For more information, see the BOSH documentation.
Cloud Controller: runs the apps and other processes on the cloud’s VMs, balancing demand and managing app lifecycles. For more information, see Cloud Controller.
The Gorouter routes incoming traffic from the world to the VMs that are running the apps that the traffic demands, usually working with a customer-provided load balancer. For more information, see PAS Routing Architecture.
Running Apps
This section describes the VMs that run your apps in PAS and how the platform packages your apps to run on these VMs.
VMs in PAS
PAS designates the following types of VMs:
- Component VMs: make up the platform’s infrastructure.
- Host VMs: host your apps for the outside world.
Within PAS, the Diego system distributes the hosted app load over all of the host VMs, and keeps it running and balanced through demand surges, outages, or other changes. Diego accomplishes this through an auction algorithm.
For more information, see Diego Components and Architecture.
Distributing Apps
To meet demand, multiple host VMs run duplicate instances of the same app. This means that apps must be portable. PAS distributes app source code to VMs with everything the VMs need to compile and run the apps locally.
PAS includes the following with your app’s source code:
- Stack: the operating system the app runs on.
- Buildpack: contains all languages, libraries, and services that the app uses.
Before sending an app to a VM, the Cloud Controller stages it for delivery by combining the stack, buildpack, and source code into a droplet that the VM can unpack, compile, and run. For simple, standalone apps with no dynamic pointers, the droplet can contain a pre-compiled executable instead of source code, language, and libraries.
For more information, see:
Organizing Users and Workspaces
This section describes how PAS organizes users and workspaces.
PAS manages user accounts through two User Account and Authentication (UAA) servers, which support access control as OAuth2 services and can store user information internally, or connect to external user stores through LDAP or SAML.
For more information, see User Account and Authentication (UAA) Server.
The following table describes what the two UAA servers do:
Server | Purpose |
---|---|
First UAA server |
|
Second UAA server |
|
For more information, see Orgs, Spaces, Roles, and Permissions.
Storing Resources
The following table describes where PAS stores resources:
Resource | Storage Location |
---|---|
|
GitHub |
|
Internal or external blobstore |
|
MySQL |
Component Communication
This section describes how PAS components communicate with one another.
PAS components communicate in the following ways:
- By sending messages internally using HTTP and HTTPS protocols
- By sending NATS messages to each other directly
BOSH Director co-locates a BOSH DNS server on every deployed VM. All VMs keep up-to-date DNS records for all the other VMs in the same foundation. This enables service discovery between VMs.
BOSH DNS allows deployments to continue communicating with VMs even when the VMs’ IP addresses change. It also provides client-side load balancing by randomly selecting a healthy VM when multiple VMs are available.
For more information about BOSH DNS, see Native DNS Support in the BOSH documentation.
Monitoring and Analyzing
This section describes logging in PAS.
PAS generates system logs from PAS components and app logs from hosted apps. As PAS runs, its component and host VMs generate logs and metrics. PAS apps also typically generate logs.
The following table describes where PAS sends logs:
Log Type | Destination |
---|---|
PAS component logs | Rsyslog agents |
PAS component metrics | Loggregator |
App logs | Loggregator |
Component logs stream from rsyslog agents, and the cloud operator can configure them to stream out to a syslog drain.
The Loggregator system aggregates the component metrics and app logs into a structured, usable form, the Firehose. You can use all of the output of the Firehose, or direct the output to specific uses, such as monitoring system internals, triggering alerts, or analyzing user behavior, by applying nozzles.
For more information, see Loggregator Architecture.
Using Services
This section describes how you can use services with your apps on PAS.
Typical apps depend on free or metered services such as databases or third-party APIs. To incorporate these into an app:
Write a Service Broker: This component manages the life cycle of the service. The Service Broker uses the Service Broker API to advertise a catalog of service offerings to PAS apps.
Provision the Service Instance: Create an instance of the service offering by sending a provision request to the Service Broker API.
Enable apps to access the Service Instance: Configure the PAS app to make calls to the Service Instance using the Service Broker API.
For more information, see Services.
How PAS Differs from Open Source Cloud Foundry
Open-source software provides the basis for Pivotal Platform. PAS is the Pivotal distribution of Cloud Foundry Application Runtime software for hosting apps. Pivotal offers additional commercial features, enterprise services, support, documentation, certificates, and other value-adds.
The following diagram shows open source Cloud Foundry components in gray and commercial features available with PAS in teal:
View a larger version of this diagram.