{"id":538,"date":"2022-02-01T15:16:14","date_gmt":"2022-02-01T15:16:14","guid":{"rendered":"https:\/\/fde.cat\/index.php\/2022\/02\/01\/behind-the-scenes-of-hyperforce-salesforces-infrastructure-for-the-public-cloud\/"},"modified":"2022-02-01T15:16:14","modified_gmt":"2022-02-01T15:16:14","slug":"behind-the-scenes-of-hyperforce-salesforces-infrastructure-for-the-public-cloud","status":"publish","type":"post","link":"https:\/\/fde.cat\/index.php\/2022\/02\/01\/behind-the-scenes-of-hyperforce-salesforces-infrastructure-for-the-public-cloud\/","title":{"rendered":"Behind the Scenes of Hyperforce: Salesforce\u2019s Infrastructure for the Public Cloud"},"content":{"rendered":"

Salesforce has been running cloud infrastructure for over two decades, bringing companies and their customers together. When Salesforce first started out in 1999, the world was very different; back then, the only practical way to provide our brand of Software-As-A-Service was to run everything<\/em> yourself\u200a\u2014\u200anot just the software, but the servers, storage, networking devices, cooling,\u00a0etc.<\/p>\n

Of course, in the years since then, massive changes have swept the industry. In recent times, companies like Amazon, Microsoft and Google have begun offering infrastructure as a service (IaaS), providing all of the same infrastructure components (servers, storage, networking, etc.) in an abstracted, self-service way. These days, nearly everyone who runs web software at scale leverages IaaS in some way (including most of our customers, too!).<\/p>\n

So, in order to leverage the scale and agility of the world\u2019s leading public cloud platforms, our Technology and Products team has worked together over the past few years to build a new generation of infrastructure platform for Salesforce\u200a\u2014\u200aone that uses cloud-native tools, deployment patterns, security, and processes, and is available across all of our product lines. We call this architecture Hyperforce<\/a>.<\/p>\n

Hyperforce isn\u2019t just an incremental<\/em> evaluation of our infrastructure\u200a\u2014\u200ait\u2019s a complete step function change that will bring the most modern, scalable, and secure development practices to every engineering team at Salesforce. At its core, Hyperforce is based on five key architectural principles: Immutable Infrastructure<\/strong>, Multi-Availability-Zone Design<\/strong>, a Zero Trust<\/strong> approach to security, the idea of Infrastructure-As-Code<\/strong>, and the commitment to starting with a Clean Slate<\/strong>. To give you a sense of what Hyperforce really is, and why it\u2019s so transformative, let\u2019s take a closer look at each of these principles.<\/p>\n

Immutable Infrastructure<\/h3>\n

When we create infrastructure resources in Hyperforce (containers, services, networks, etc), those resources are immutable<\/strong>. This means that once the resource is in place, rather than making patches or changes to it directly in our production environment, we replace it wholesale<\/em> with an updated version. This approach maintains a predictable state by eliminating configuration drift. \u201cImmutable\u201d doesn\u2019t refer to the contents<\/em> of our services, of course\u200a\u2014\u200ayour Customer 360 data changes constantly with the flow of your business. But by making the underlying constructs of the software<\/em> we use to store and process that data immutable, we can better manage the flow of change to our own software systems in a predictable and stable\u00a0way.<\/p>\n

Multi-Availability-Zone Design<\/h3>\n

We take advantage of multiple availability zones (AZs) in the public cloud to guarantee high availability. Compute resources (like services or data storage technologies) are deployed across (at least) three availability zones within a given region, which are close enough in physical proximity to act as a single system, but cleanly separated so that they don\u2019t share any single points of failure, like power systems, air conditioning, network connections, etc. This pattern allows services to withstand the inevitable occasional fault (like a hardware failure, or power supply interruption) and continue to be available. We carefully monitor every service in Hyperforce to ensure high availability.<\/p>\n

Zero Trust<\/h3>\n

\u201cNever trust, always verify.\u201d With Hyperforce, we\u2019ve standardized all of our best security practices, ensuring they are automatically and consistently applied. Zero Trust architecture<\/strong> means that there is no implicit<\/em> access to resources in the system, even from other components that are ostensibly part of the same system; rather, all request paths are explicitly authenticated and authorized, and all data is encrypted, both at rest and over the wire. On top of that, we employ the principle of least privilege to ensure operators who need access to production get that access in an elastic, just-in-time (JIT) way, with the right level of privilege, and automated removal of that access after a period of\u00a0time.<\/p>\n

Infrastructure as\u00a0Code<\/h3>\n

In Hyperforce, rather than having operators directly edit configuration or run setup tasks, we manage infrastructure using explicit metadata artifacts that are kept under source control. This reduces the risk of introducing a vulnerability or bug through human error, and it guarantees that changes to our infrastructure follow the same lifecycle as any other part of our software system\u200a\u2014\u200avalidation, peer review, automated testing, staging, and gradual\u00a0rollout.<\/p>\n

Clean Slate<\/h3>\n

By default, many companies take a \u201clift and shift\u201d approach to running in public cloud; they make the minimum set of changes needed to their software so that it\u2019ll be possible to run it in public cloud infrastructure. From the beginning of the Hyperforce project, though, we took a different approach. Salesforce has been around for over two decades, and naturally during that time, we\u2019ve accumulated some infrastructure practices that we\u2019d be just as happy leaving behind. So Hyperforce was our chance to completely re-envision those practices in a cloud-native way, with uncompromising security and availability as the non-negotiable bedrock of our approach.<\/p>\n

Of course, these five principles work in tandem with the mature operational practices we already use<\/a> everywhere else\u200a\u2014\u200alike ubiquitous system monitoring, active detection and response to security threats, etc\u200a\u2014\u200ato bring Salesforce\u2019s infrastructure to entirely new\u00a0levels.<\/p>\n

What this means for our customers<\/h3>\n

Hyperforce enhances our ability to deliver performance at B2B and B2C scale, offer built-in trust, provide local data residency, and ensure backwards compatibility.<\/p>\n

Hyper-Scalable<\/h3>\n

On any given day, Salesforce customers deliver an average of 2.6 billion marketing messages, create 4 million leads, log 19.7 million customer service conversations, and generate more than 80 billion AI predictions. And on Black Friday 2020 alone, Commerce Cloud powered more than 10 million\u00a0orders.<\/p>\n

A shared set of foundational components and multi-tenant environments on the public cloud enable us to leverage economies of scale to drive down operational costs. Cloud elasticity means we\u2019re able to use customer demand, like the number of leads, opportunities, or accounts, to indicate when a capacity increase or decrease is\u00a0needed.<\/p>\n

Built-in Trust<\/h3>\n

Security was baked into the Hyperforce architecture from the start through its universal authentication architecture\u200a\u2014\u200aprinciples, pathways, and processes that create security by default. Every part of the Hyperforce architecture was built with security in mind, leveraging Salesforce\u2019s world-class security team to reduce the risk of malicious attacks, and detect anomalous activity immediately.<\/p>\n

Local Data Residency<\/h3>\n

Through Hyperforce, customers around the world can choose to store data in a particular physical region to support compliance with regulations specific to their company, industry, and local government. Building on the public cloud enables the business to be where the customer is by reducing the time to build in-region from months to weeks. And, we provide tools to allow customers to discover applicable data standards and set up and manage their Salesforce org with confidence that they are in compliance with data residency requirements. Our engineering teams prioritize a cloud-agnostic approach so that we don\u2019t preclude the ability to stand up infrastructure with different cloud providers, so that we can always extend our geographical reach.<\/p>\n

Future-proof<\/h3>\n

All the architectural decisions we\u2019ve made ensure that every Salesforce app, customization and integration will continue to run seamlessly on Hyperforce. For many of our customers, insulation from underlying technology changes is one of the key benefits of using a Software as a Service provider like Salesforce. The engineering rigor on our side makes changes completely seamless to our customers.<\/p>\n

What this means for our engineers<\/h3>\n

An exciting thing about this cloud native architecture is that most of the features and functionality that enable customer success with Hyperforce also boost developer agility<\/strong>. Our emphasis on building shared services means that engineering teams can focus on building the features their customers need and want rather than on maintaining infrastructure. Hyperforce unlocks innovation<\/strong> because it\u2019s easier than ever for an engineer to experiment with an idea. Our architectural evolution prepares us for continued growth<\/strong>, scale, and a changing global landscape\u200a\u2014\u200ait puts us in the best position to do what we do best: to bring companies and customers together.<\/p>\n

The rest of this blog series will share more of the behind-the-cloud details about this tremendous engineering effort.<\/p>\n

Behind the Scenes of Hyperforce: Salesforce\u2019s Infrastructure for the Public Cloud<\/a> was originally published in Salesforce Engineering<\/a> on Medium, where people are continuing the conversation by highlighting and responding to this story.<\/p>\n

Read More<\/a><\/p>","protected":false},"excerpt":{"rendered":"

Salesforce has been running cloud infrastructure for over two decades, bringing companies and their customers together. When Salesforce first started out in 1999, the world was very different; back then, the only practical way to provide our brand of Software-As-A-Service was to run everything yourself\u200a\u2014\u200anot just the software, but the servers, storage, networking devices, cooling,\u00a0etc.… Continue reading Behind the Scenes of Hyperforce: Salesforce\u2019s Infrastructure for the Public Cloud<\/span><\/a><\/p>\n","protected":false},"author":0,"featured_media":0,"comment_status":"","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"spay_email":"","footnotes":""},"categories":[7],"tags":[],"class_list":["post-538","post","type-post","status-publish","format-standard","hentry","category-technology","entry"],"jetpack_featured_media_url":"","jetpack-related-posts":[{"id":544,"url":"https:\/\/fde.cat\/index.php\/2022\/02\/22\/the-unified-infrastructure-platform-behind-salesforce-hyperforce\/","url_meta":{"origin":538,"position":0},"title":"The Unified Infrastructure Platform Behind Salesforce Hyperforce","date":"February 22, 2022","format":false,"excerpt":"If you\u2019re paying attention to Salesforce technology at all, you\u2019ve no doubt heard about Hyperforce, our new approach to deploying Salesforce on public cloud providers. As with any big announcement, it can be a little hard to cut through the hyperbolic language and understand what\u2019s going\u00a0on. In this blog series,\u2026","rel":"","context":"In "Technology"","img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":585,"url":"https:\/\/fde.cat\/index.php\/2022\/02\/22\/the-unified-infrastructure-platform-behind-salesforce-hyperforce-2\/","url_meta":{"origin":538,"position":1},"title":"The Unified Infrastructure Platform Behind Salesforce Hyperforce","date":"February 22, 2022","format":false,"excerpt":"If you\u2019re paying attention to Salesforce technology at all, you\u2019ve no doubt heard about\u00a0Hyperforce, our new approach to deploying Salesforce on public cloud providers. As with any big announcement, it can be a little hard to cut through the\u00a0hyperbolic language and understand what\u2019s going on. In this blog series, we\u2019ll\u2026","rel":"","context":"In "Technology"","img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":644,"url":"https:\/\/fde.cat\/index.php\/2022\/10\/24\/how-salesforce-built-a-cloud-native-task-execution-service\/","url_meta":{"origin":538,"position":2},"title":"How Salesforce Built a Cloud-Native Task Execution Service","date":"October 24, 2022","format":false,"excerpt":"If you\u2019re paying attention to Salesforce technology, you\u2019ve no doubt heard about\u00a0Hyperforce, our new approach to deploying Salesforce on public cloud providers. Start with\u00a0a look at Hyperforce\u2019s architecture. There are many compelling reasons to move to Hyperforce, both for us and our customers. We\u2019re excited to do it in the\u2026","rel":"","context":"In "Technology"","img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":662,"url":"https:\/\/fde.cat\/index.php\/2022\/12\/14\/how-salesforce-uses-immutable-infrastructure-in-hyperforce\/","url_meta":{"origin":538,"position":3},"title":"How Salesforce uses Immutable Infrastructure in Hyperforce","date":"December 14, 2022","format":false,"excerpt":"Credits go to: Armin Bahramshahry, Software Engineering Principal Architect @ Salesforce\u00a0&\u00a0Shan Appajodu, VP, Software Engineering for Developer Productivity Experiences @ Salesforce. To leverage the scale and agility of the world\u2019s leading public cloud platforms, our Technology and Products team at Salesforce has worked together over the past few years to\u2026","rel":"","context":"In "Technology"","img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":625,"url":"https:\/\/fde.cat\/index.php\/2022\/08\/30\/hyperpacks-using-buildpacks-to-build-hyperforce\/","url_meta":{"origin":538,"position":4},"title":"Hyperpacks: Using Buildpacks to Build Hyperforce","date":"August 30, 2022","format":false,"excerpt":"At Salesforce we regularly use our products and services to scale our own business. One example is Buildpacks, which we created nearly a decade ago and is now a part of Hyperforce. Hyperpacks are an innovative new way of using Cloud Native Buildpacks (CNB) to manage our public cloud infrastructure.\u00a0\u2026","rel":"","context":"In "Technology"","img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":619,"url":"https:\/\/fde.cat\/index.php\/2022\/08\/10\/architectural-principles-for-high-availability-on-hyperforce\/","url_meta":{"origin":538,"position":5},"title":"Architectural Principles for High Availability on Hyperforce","date":"August 10, 2022","format":false,"excerpt":"Infrastructure and software failures will happen. We idolize four 9s (99.99%) availability. We know we need to optimize and improve Recovery-Time-Objective (RTO, the time it takes to restore service after a service disruption) and Recovery-Point-Objective (RPO, the acceptable data loss measured in time). But how can we actually deliver high\u2026","rel":"","context":"In "Technology"","img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]}],"_links":{"self":[{"href":"https:\/\/fde.cat\/index.php\/wp-json\/wp\/v2\/posts\/538","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/fde.cat\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/fde.cat\/index.php\/wp-json\/wp\/v2\/types\/post"}],"replies":[{"embeddable":true,"href":"https:\/\/fde.cat\/index.php\/wp-json\/wp\/v2\/comments?post=538"}],"version-history":[{"count":0,"href":"https:\/\/fde.cat\/index.php\/wp-json\/wp\/v2\/posts\/538\/revisions"}],"wp:attachment":[{"href":"https:\/\/fde.cat\/index.php\/wp-json\/wp\/v2\/media?parent=538"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/fde.cat\/index.php\/wp-json\/wp\/v2\/categories?post=538"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/fde.cat\/index.php\/wp-json\/wp\/v2\/tags?post=538"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}