AWS Summit Tel Aviv - Enterprise Track - Enterprise Apps & Hybrid

AWS Summit 2013 Tel Aviv Oct 16 – Tel Aviv, Israel

Enterprise Applications

and Hybrid Environments

on AWS

Jean-Pierre Le Goaller

Agenda

1. Datacenter Capacity Extension

2. Connection to AWS

3. Development & Test

4. Customer Testimonial: Gonen Wilf @ LivePerson

5. Enterprise Workloads

Oracle

Microsoft

6. Need help?

7. Conclusion

EXTENDING

THE ENTERPRISE

DATA CENTER ●○○○○○

Corporate

Data Center

Corporate

Data Center

Capacity increase request

Corporate

Data Center

Approvals

Vendor Selection

Negotiation

Procurement

Provisioning

Configuration

Request

Availability

Corporate

Data Center

A few months later…

Corporate

Data Center

Project X Potential impact: UNCERTAIN

Cost of infrastructure: HIGH

Infrastructure Request For New Project

Corporate

Data Center

In Corporate Data Center

Project X Potential impact: UNCERTAIN

Denied

Corporate

Data Center

Project X Approved for POC

Starts immediately

On AWS

Corporate

Data Center

Project X POC Completed

On AWS

Corporate

Data Center

Project Y Potential impact: HIGH

Corporate

Data Center

Project Y Potential impact: HIGH

Denied or

Delayed by 3 months

Corporate

Data Center

Project Y Approved

Starts immediately

On AWS

Corporate

Data Center

Project Z Potential impact: HIGH

Cost of infrastructure: LOW

Nature: Temporary

Corporate

Data Center

Project Z Potential impact: HIGH

Cost of infrastructure: LOW

Nature: Temporary

Approved

Delayed by 3 months

Corporate

Data Center

Project Z Approved

Starts immediately

On AWS

Corporate

Data Center

Project Z Completed

On AWS

Corporate

Data Center

Project Z Capacity Released

On AWS

ELASTIC

INFRASTRUCTURE FLEXIBLE, ON-DEMAND

Corporate

Data Center

Private Cloud -> Customer-owned IaaS

Corporate

Data Center

Private Cloud Capacity Management

Corporate Data

Center

GETTING

CONNECTED

TO AWS BUILDING A SECURE, RELIABLE LINK TO AWS

●●○○○○○

Amazon VPC VIRTUAL PRIVATE CLOUD

MANAGE YOUR OWN NETWORK IN THE CLOUD

Amazon VPC gives you the ability to…

• Define a virtual network where you launch your AWS resources

• Have complete control over:

• IP Address ranges, Subnets, Routes, Gateways and Security

settings

• Securely connect your Amazon VPC to your existing datacenters and offices

• Use AWS as an extension of your corporate data center

Availability Zone A Availability Zone B

Subnet 1 Subnet 2

Availability Zone A Availability Zone B

10.0.0.5 10.0.0.6 10.0.1.8

10.0.1.9

Public

Subnet

Internet

Internet facing systems Assert control over networking layer

Private

Subnet

Internal facing systems Accessible only over VPN – access to

internet over corporate connection

Public

Subnet

Private

Subnet

Internet

Public

Subnet

Private

Subnet

Public

Subnet

Private

Subnet

Internet

AWS DATA CENTER

Router Router

IPSec tunnel via

statically-routed

or dynamically-

routed (BGP)

Router

Failover to

Secondary

Connection to

different

physical router

DATA CENTER

Router

AWS DATA CENTER

AWS Direct

Connect

Location

London • Dublin • New York • Los

Angeles •

Washington DC •

San Jose •

Singapore • Tokyo •

Sao Paulo • Sydney

AWS DATA CENTER

Dedicated

connection

Ethernet

transport

1 Gbps/10Gbps

AWS Direct

Connect

Location

AWS DATA CENTER

AWS Direct

Connect

Location

Amazon Partner

Network

suppliers hook

up the last leg

AWS Direct

Connect

Location

Router

DATA CENTER

AWS DATA CENTER

Fault tolerant

primary Direct

Connect routes

ROUTERS ROUTERS

AWS Direct

Connect

Location

AWS DATA CENTER

Fault tolerant

primary Direct

Connect routes

Backup internet

carried VPN

tunnel

ROUTERS ROUTERS

AWS DATA CENTER

End-to-End

Highly Available

Low Latency

Dedicated

Connection

1 or 10 Gbps

AWS DATA CENTER

Direct Connect

Location

Co-locate your

own hardware

requiring

minimal latency

to AWS

DEVELOPMENT & TEST Leveraging the agility of the cloud

●●●○○○○○

Source control

Leverage EC2 to run

popular source control

systems

Issue Tracking

Add integrated project

management and issue

tracking

Development Servers

Allow developers to

deploy and test their

Build servers

Use EC2 horsepower to

drive build servers and

continuous integration

Development environments

Source control

Issue Tracking

Development Servers

Build servers

Development environment software on EC2

Amazon EC2

Amazon EC2 Plugin

• Scale your Jenkins fleet with the load

• Can use spot instances

• Support for Amazon VPC

• Support for AWS IAM

(Identity and Access Management)

Unit & Regression

Scale up and parallel run

unit and regression plans

in a fraction of the time

Load & Performance

Utilize spot market for

generating load and test

how applications perform

Run A/B scenario testing

with replica stacks

Security

Create sandboxes for

aggressive security

testing

Testing environments

LOAD TESTING

Shell uses AWS to Develop Software Faster and Cheaper

Remote Team

Development

Resources

Contractor Team

CUSTOMER

TESTIMONIAL

●●●●○○○

LivePerson and AWS

Gonen Wilf, Head of Production

Agenda

1. About LivePerson

2. The Challenge

3. Solution

4. Components and tools

5. Results

6. Wins

7. Lessons and tips

customers

Creating Meaningful Customer Connections

LivePerson is…

SaaS pioneer since 1998

Mission

Customers

Technology

Optimize Customer Acquisition & Reduce Bounce Rate

Live engagement for

lingering customer Rich multimedia to

drive sales closure

JVM heavy - Java & Scala

Private cloud based on openstack

Linux on commodity servers

Application Stack

13 TB per month 20 M

Engagements per month 1.8 B Visits per month

VOLUME

The Challenge

1. R&D expanded globally

2. Provide teams with shared components for development

3. Development environment must reflect LP production environment

4. Provide high SLA for the dev environment

5. Solution must be quick and cost effective

6. Be able to support the next steps in Continuous Deployment

Build a global shared environment and have developers work locally on

their respective components

Solution

Create a hybrid cloud using AWS and Vagrant

1. Put the shared core components on AWS

2. Developers use virtualized env stretched from laptop to AWS

3. All shared core production components on AWS

4. VPC (offices) and VPN (mobile users) to AWS

5. Use LP Production building blocks & tools

Virtual Private Cloud

Solution: LP Global Development Environment

TomCat

Oracle

Shared Components at the Dev

Hadoop

VPN or

Direct Connect

LP TLV LP SFO

WEB App

VPN or

Direct Connect

Key Components

• Oracle DB

• Apache

• Tomcat

• MySQL

• F5 Viprion

• HP Vertica

• Cassandra

• Hadoop

• Kafka

• Storm

Monitoring Tools Infra Tools

• Puppet

• MCollective

• Vagrant

• Yum

• Jenkins

• Zabbix

• Graphite

• Ganglia

Network

Challenge:

• AWS L3 and L2 Networks are not as in our DC

Solution:

• Build a parallel L3 network with different subnets on top

of AWS interfaces, with F5 as the default Gateway

• Use Puppet to configure the network on the servers and

push default GW keeping AWS network for emergency

console access

Network

Challenge:

• No broadcasts to fetch arp responses

Solution:

• Build the arp table using Puppet to update servers local

subnet MAC list and update the F5 MAC list

Security

AWS Security had to be manipulated a bit for this to work:

• "Source/Destination check" had to be disabled as AWS

doesn’t know about new subnets

• AWS security was used to block access to AWS networks as

much as possible and permit everything else, allowing F5 to

be the Router/FW

• VPN S2S and remote client access was done with F5 using

IPsec for S2S and F5 APM SSL VPN for remote user access

• External services like F5 Virtual Servers are done regularly

using an F5 interface on AWS network with elastic IPs

Project results

1. Developers work on components locally

2. Each team uses AWS LP shared components

3. Developers enjoy Production standards

4. Real world problems caught before hitting Production

5. Safely enable continuous deployment

6. “Production-like” environment accessible for all developers

1. POC was quick

2. Expandable environment – components and geo

3. Secure mobility for developers

4. Ties easily to Production tools

5. Monitored by NOC

Lessons and Tips

1. Experiment

2. Start small with proof of concept

3. Involve stakeholders from day one

4. Have production standards in mind

5. Re-use tools and building blocks

6. Use AWS out of the box

7. Think hybrid, AWS can interact with many private clouds

THANK YOU! Gonen Wilf

gonenw@liveperson.com

ENTERPRISE

WORKLOADS LOWER COSTS, INCREASE AGILITY

●●●●●○○

Oracle Database on AWS

• Oracle Database 9i, 10g and 11g are fully supported on EC2

• All Editions of Database are supported on EC2:

Express Edition

Up to 4 cores and

1GB of memory

Standard Edition One

Up to 8 cores

Standard Edition

Up to 16 cores

Enterprise Edition

Unlimited

Key components of Oracle Database on AWS

• Amazon Virtual Private Cloud (Amazon VPC)

• Elastic Block Store (EBS) provisioned IOPS volumes

– Up to 4,000 IOPS per volume

– Stripe across several volumes

• EBS-optimized instances

• Oracle Automatic Storage Management (ASM)

• Oracle Data Guard and Active Data Guard

• Oracle Secure Backup Cloud Module

• Oracle Transparent Data Encryption (TDE) with AWS CloudHSM

Key components of Oracle Database - simplified

• Amazon RDS for Oracle

• Provisioned IOPS storage for RDS – up to 30,000 IOPS/database

• Amazon Virtual Private Cloud (Amazon VPC)

Oracle Licensing on AWS

• Bring Your Own License (BYOL)

– Applies to most Oracle software on AWS

– All Oracle Software licenses are fully portable to Amazon EC2

– Oracle Cloud Licensing Policy:

http://www.oracle.com/us/corporate/pricing/cloud-licensing-070579.pdf

• License Included

– Pay by the hour

– Amazon Relational Database (RDS) for Oracle Standard Edition One

Primary Region

Primary Availability Zone

(Ready to launch)

Oracle DB

Server

Public Subnet

Servers

Private Subnet

Mirrored Redo

Log Volumes

Volume

Backup

Volume

RMAN EBS Snapshot

S3 Bucket

DR Region

EBS Snapshot Copy

Standard Oracle Database Architecture on Amazon EC2

Primary Region

CloudFormation

Template

(Ready to launch)

Oracle DB

Server

Public Subnet Private Subnet

Root Volume

Mirrored Redo

log Volumes

Volume

DR Region

Secondary Availability Zone

Oracle DB

Server

Private Subnet

Volume

ASM Striped

Data Volumes

PIOPS PIOPS

RMAN Backup in

S3 Bucket

AMI Used by

CFN Template

OSB + RMAN

Public Subnet

Volume

Enterprise Class Database Architecture on Amazon EC2

Servers

ASM Striped

Data Volumes

Oracle Data Guard

Primary Region

Oracle DB

Server

Public Subnet Private Subnet

Oracle DB

Server

Private Subnet

RDS Synchronous

Replication

Public Subnet

Simplify: Amazon RDS for Oracle

Servers

Oracle

Private Subnet

Oracle

Private Subnet

Synchronous Replication

Private Subnet

Intranet Enterprise Class 3-tier Architecture

Servers App

Servers

Servers App

Servers

Private Subnet Private Subnet

Server

Corporate

Data Center

Corporate Network

Server

Server Web

Server

Oracle Fusion Middleware on AWS Fully supported on EC2

Oracle SOA

Business Activity Monitoring (BAM)

WebCenter

Identity and Access

Management

WebLogic

Business Process Management

Master Data Management

Business Rules

Oracle Enterprise Applications on AWS Fully supported on EC2 on OVM

Oracle E-Business Suite JD Edwards EnterpriseOne

PeopleSoft Applications

JD Edwards World

Oracle Fusion

Applications

Siebel

InQuira Hyperion

Primavera

Agile PLM

ATG Web Commerce

AWS / SAP Alliance

SAP has been an AWS customer

since 2008

AWS has been a strategic SAP Global

Technology Partner since 2011

Most SAP products are now certified for production

deployment on AWS

SAP Solutions Certified for Production on AWS

SAP Business Suite

SAP Business All-in-One

SAP Business One

SAP Rapid Deployment Solutions (RDS)

SAP BusinessObjects BI Solutions

SAP Afaria

SAP HANA One / SAP HANA One Premium

Instance Type (VM) Cores Mem ECU SAPS

High Memory 2-XLarge 4 34.2 13 3,700

High Memory 4-XLarge 8 68.4 26 7,400

ECU = EC2 Compute Unit

SAP SD 2-Tier Benchmark

Performance: Amazon EC2 SAPS

ECU = EC2 Compute Unit

Instance Type # Cores Mem ECU SAPS

Cluster Compute 8-XLarge 1 16 60 88 DB

Cluster Compute 8-XLarge 6 16 60 88 SCS+DI

90,330

SAP SD 3-Tier Benchmark

SAP Licensing on AWS

Primary model for most SAP applications

Use your existing SAP licenses on AWS

Bring-Your-Own-License (BYOL)

SAP Licensing on AWS

License Included

SAP HANA One - $0.99/hour

SAP HANA One Premium

SAP Business Objects BI 4.0

SAP Afaria Cloud Edition

How SAP Customers and Partners Use AWS

Extend Existing SAP Infrastructure to the AWS Cloud

Run SAP temporary environments on AWS:

Training

Sandbox systems

Extend Existing IT Infrastructure to the AWS Cloud

Run SAP temporary environments on AWS

Migrate SAP DEV and QA landscapes to AWS

Customer

Data Centers

VPN or

Direct Connect

Secure connectivity

between datacentre &

Hybrid SAP Deployment – Customer Data Centre & AWS

DEV QA

SAP Production landscape runs in

customer’s own datacentre

SAP Development & Quality

Assurance landscape runs on AWS

Customer

Data Centers

VPN or

Direct Connect

Secure connectivity

between datacenter

Hybrid SAP Deployment – Customer Data Centre & AWS

DEV QA

STAGING

SAP Production landscape runs in

customer’s own datacentre

SAP Development & Quality

Assurance landscape runs on AWS

Archive SAP Data to AWS Cloud Storage Store recent SAP Database backups in Amazon S3

Archive all SAP Database backups in Amazon Glacier

Archive SAP Data to AWS Cloud Storage

Temporary infrastructure for SAP upgrades and

OS/DB migrations

SAP on AWS Pricing Example

Component

AWS Resource

Quantity

Unit Cost

Monthly

Virtual Machine m1.xlarge - SLES 11 240 hours $0.58 p/hour $140

Primary Storage EBS volume 200 GB $0.10 p/GB p/month $20

Backup Storage S3 storage 300 GB $0.095 p/GB p/month $29

Network & IO Data Transfer & IO $9

1 EC2 instance (VM): 4 cores x 15 GB memory

Online M-F 8AM-8PM: 240 hours p/month

Persistent storage: 200 GB

Backup storage: 300 GB

$198 Total Monthly Cost * Pricing based on US-East region as of 2/13/2013

Temporary infrastructure for SAP upgrades and OS/DB migrations

DR site for on-premises SAP production

environments

DR site for on-premises SAP production environments

Evaluate HANA

DR site for on-premises SAP production environments

Evaluate HANA

Host individual SAP solutions like Afaria or

Business Objects on AWS

Host Complete SAP Environments on the AWS Cloud

Migration of SAP legacy systems to AWS

Host Complete SAP Environments on the AWS Cloud

Migration of SAP legacy systems to AWS

Rapid deployment of infrastructure to start a

new SAP implementation

Full SAP Deployment on AWS

DEV QA

Customer runs DEV, QAS & PRD on AWS

VPN or

Direct Connect

Secure connectivity

between LAN & AWS

network

Customer

HIGH AVAILABILITY

DISATER RECOVERY FOR SAP PRODUCTION APPLICATIONS

AWS Partner Network: SAP Partners

SAP Implementation AWS Onboarding SAP OS/DB Migrations

SAP POCs SAP Sizing Architecture Planning

SAP Evaluations Performance Tuning SAP High Availability

SAP Hosting Backup & Recovery Account Management

Disaster Recovery DB Administration SAP BASIS

24/7 Help Desk OS Admin & Patching SAP Upgrades

Consulting Services

Managed Services

http://aws.amazon.com/sap

Whitepapers SAP Notes Support Information AWS-SAP Partners

More SAP on AWS Information

Amazon EC2 Windows Guide

What’s New:

• Using Windows Powershell

with the AWS SDK for

• AWS Diagnostic tools for

Windows Server

• Install EC2 command line

tools on Windows

• Setting up a Windows HPC

Cluster

http://docs.amazonwebservices.com/AWSEC2/latest/WindowsGuide/Welcome.html

AWS SDK for .NET

• APIs for many AWS services

• Includes:

– AWS Toolkit for Microsoft Visual Studio

– Visual Studio templates

– AWS Tools for Windows PowerShell

– AWS CloudFormation Template Editor

– AWS .NET Library

– C# code samples

AWS Marketplace

• Microsoft Windows-based

Amazon Machine Images (AMIs)

• Windows and SQL Server

• > 20 AMIs

• Windows Server OS

– 2003

– 2008

– 2008 R2

– 2012

• SQL Server Express/Web/Standard

– RDS or EC2

Microsoft Software on AWS – License Included

• Microsoft License Mobility through Software Assurance

Microsoft Software on AWS – Bring Your Own License

• SQL Server Enterprise – EC2

– RDS

• IIS

• Active Directory

• Exchange

• SharePoint

• Lync

• System Center Operations Manager (SCOM)

• Dynamics CRM

Microsoft Software on AWS – Bring Your Own License

SharePoint Reference Implementation

Remote

AWS Region

Availability Zone 2

Private Subnet

Availability Zone 1

Public Subnet Private Subnet Private Subnet Private Subnet

Private Subnet Private Subnet Private Subnet Private Subnet Public Subnet

Primary DC/DNS

Active Directory

Active Directory Database Tier

Database Tier

Primary DB

SQL Server

Mirror DB

Witness

Application Tier Web Tier

Central Admin &

SharePoint Services

Central Admin &

SharePoint Services IIS & SharePoint

Web Front End

Backup DC/DNS

Internet

Gateway

IIS & SharePoint

Web Front End

• Article “Deploy a Microsoft SharePoint 2010 Server Farm in the AWS Cloud in 6 Simple Steps”: – Builds upon the SharePoint Reference Implementation White

– http://aws.amazon.com/articles/9982940049271604

• AWS CloudFormation Templates for each step: – Launch the network and Active Directory stack

– Launch the database stack

– Launch the app stack

– Launch the web stack

Deploy SharePoint Farm in 6 Steps

• SharePoint Reference Architecture on AWS whitepaper:

http://aws.amazon.com/windows/sharepoint/

• Microsoft Exchange Server 2010 in the AWS Cloud: Planning &

Implementation Guide

http://aws.amazon.com/windows/exchange/

• Implementing Microsoft Windows Server Failover Clustering

(WSFC) and SQL Server 2012 AlwaysOn Availability Groups in the

AWS Cloud

• … and more

http://aws.amazon.com/windows/

More Microsoft on AWS information

Amazon VPC

Avoided

data center

build out

$1M over

3 years

50% lower cost

than hosting

options

NEED HELP?

●●●●●●○

Customer Obsession

24*7 PREMIUM SUPPORT

BUSINESS AND ENTERPRISE TIERS

Enterprise Account Team

Enterprise Support

Support Team

Solutions Architect

Account Manager

Dedicated enterprise

engineer for technical

inquiries and escalations

Works with the customer and

TAM to provide architectural

help with projects and design

Helps ensure customers

are receiving the best value

from AWS services

24x7x365 Support

Engineer Team

AWS Trusted Advisor

• Save Money • Improve Availability • Close Security Gaps • Increase Performance

TRAININGS

Consulting Partners

CONCLUSION

●●●●●●●

OUR ENTERPRISE CUSTOMERS RUN

DEV AND TEST ENVIRONMENTS ON AWS

ENTERPRISE

WORKLOADS ON AWS

WEB APPLICATIONS ON AWS

BIG DATA ON AWS

LEVERAGE

COST EFFECTIVE SOLUTIONS

FOR MORE AGILITY

• OPEN SOURCE SOFTWARE

• VIRTUAL APPLIANCES

• MANAGED AWS SERVICES

Collection

Storage

Archiving

Processing Analysis and Reporting

Glacier

INNOVATE DO THINGS DIFFERENTLY

THANK YOU! Jean-Pierre Le Goaller

jplg@amazon.lu

AWS Summit Tel Aviv - Enterprise Track - Enterprise Apps & Hybrid

Technology

AWS Enterprise Summit London 2013 - Stephen Schmidt - AWS

TEL AVIV AVIV ©2015, Amazon Web Services, Inc. or its...

AWS Summit Tel Aviv - Opening Keynote

AWS Summit Tel Aviv - Enterprise Track - Data Warehouse

NoSQL on AWS - Pop-up Loft Tel Aviv

Alfresco Enterprise on AWS: Implementation Guide · PDF...

AWS Summit Tel Aviv - Startup Track - Architecting for High....

AWS Keynote 1 - AWS Enterprise Summit - Hong Kong

AWS Enterprise Summit London 2013 - Yuri Misnik - AWS

AWS Summit Tel Aviv - Security Keynote

The 2014 AWS Enterprise Summit - Understanding AWS Security

Real Time Bidding on AWS - Pop-up Loft Tel Aviv

Serverless Architectures on AWS - Pop-up Loft Tel Aviv

AWS Summit Tel Aviv - Enterprise Track - Backup and Disaster...

AWS Direct Connect with Tamares - Pop-up Loft Tel Aviv

AWS Summit Tel Aviv - Startup Track - Data Analytics & Big.....