IT Extreme Makeover with Hybrid Scenarios

© 2014 Amazon.com, Inc. and its affiliates. All rights reserved. May not be copied, modified, or distributed in whole or in part without the express consent of Amazon.com, Inc.

IT Extreme Makeover with Hybrid

ScenariosExtending the Enterprise Data Center

Yinal Ozkan

Principal Solutions Architect,

Amazon Web Services

TodayObservations:

• We start with customers and work backwards.

• Our customers leverage increased agility, elasticity, focus on core business, optimized costs, and better security

• Enterprises with complex applications, integrated operations, and sophisticated teams, this integration and transition require deeper thought and planning.

Action Items:

• Start a typical enterprise customer and work backwards step by step

• Discuss path for kicking off cloud initiative within your own organization.

• Discuss how an extreme IT makeover is possible with reusable examples

• Validate that application do not need to be rewritten

• Extending existing good practices into AWS

You Have a Great Data Center

But some off-premise options may be

better

here there

???

Image Copyright: Alan Stark https://www.flickr.com/photos/squeaks2569/3538446880

Hybrid Deployments Made Easy

Capabilities

• Integrated Networking– Amazon Virtual Private Cloud (Amazon VPC)

– Amazon Direct Connect

• Integrated Cloud Storage– AWS Storage Gateway

– Amazon Glacier

– Amazon Simple Storage Service (Amazon S3)

• Integrated Access Control

• Integrated Resource Management and Workload Migration

http://aws.amazon.com/enterprise/hybrid/

You have a lot to think about

Compute NetworkingStorage &

CDNDatabase App Services Management

Amazon EC2

Amazon EMR

Amazon ELB

Amazon Route 53

Amazon VPC

AWS Direct Connect

Amazon S3

Amazon Glacier

Amazon EBS

AWS Import/Exp

Amazon CloudFront

Amazon RDS

Amazon DynamoDB

Amazon Elasticache

Amazon RedShift

Amazon CloudSearch

Amazon SWF

Amazon SQS

Amazon SNS

Amazon SES

Amazon Elastic Transcoder

Mobile Push

Amazon WorkSpaces

Amazon Kinesis

Amazon AppStream

AWS IAM

Amazon CloudWatch

AWS Elastic Beanstalk

AWS Cloudformation

AWS Data Pipeline

AWS OpsWorks

AWS CloudHSM

AWS Trusted Advisor

AWS Marketplace

AWS CloudTrail

AWS Premium

Support

AWS Professional

Services

AWS

Training

Corporate

Data

Center

Private

Network

in AWS

Image Copyright: Alan Stark https://www.flickr.com/photos/squeaks2569/3538446880

Corporate Data

Center

Extend the Corporate DC

Availability Zone Availability Zone

VPC Customer

10.0.0.5 10.0.0.6

10.0.1.8

10.0.1.9

Virtual Private Cloud (VPC)

Private

Subnet

VPN

Internal facing systemsAccessible only over VPN – access to

internet over corporate connection

Public

Subnet

www

Internet facing systemsAssert control over networking layer

Public

Subnet

www

Private

Subnet NAT

VPN

Getting connected

Cloud Datacenter

Image Copyright: Alan Stark https://www.flickr.com/photos/squeaks2569/3700355684/

Over Internet

Data center AWS Cloud

VPN

Data center AWS Cloud

routerrouter

Direct Connect

AWS CloudData center

AWS Direct

Connect

Location

Maximizing reliability

Data center AWS Cloud

router router

Now you’re connected…

Integrating AWS with Your Existing On-Premises

Infrastructure

Active Directory

Network Configuration

Encryption

Back-up Appliances

Users & Access Rules

Your Private Network

Built-in Encryption

Cloud back-ups

AWS Direct Connect

Your On-Premise

Apps

Your Cloud AppsCorporate Data

Centers

Painting the picture of

a customer in transition

First cloud use cases

Collapse | Copy Codepublic int CurrentPage{

get{

// Look for current page in ViewStateobject o = ViewState["CurrentPage"];if (o == null) return 1; // default page

index of 1return (int) o;

}set { ViewState["CurrentPage"] = value; }

Development & Test

Development &Test

Developers

&

OperationsInternal

GitCI Server

Pre-commit

Hook

Testing Environment Subnet

CI Workers

Dev Environment VPC Subnet

DEV

WEB

ELBDev Stack

Tier 1

Dev Stack

Tier 2

Dev

MySQL

DB

Instance

DEV

APP ELB

VPN

TUNNEL

VPN facing VPC Subnet

Virtual

Private

Gateway

Monitorin

g

Dev Admin

Instance

NAT

Instance

Amazon

DynamoDB

Amazon SQS

Amazon S3

Backup

Image Copyright: Pargon https://www.flickr.com/photos/pargon/2444128581/

Corporate Data

Center

Elastic Data

Center

AWS Storage

Gateway

Backup - Storage Gateway

AWS Storage Gateway

http://aws.amazon.com/storagegateway

Disaster Recovery

Image Copyright: Loco Steve https://www.flickr.com/photos/locosteve/4349003896/

Corporate Data

Center

Elastic Data

Center

Synchronization of

key datasets

Disaster Recovery

Corporate Data

Center

Elastic Data

Center

Disaster Recovery

Corporate Data

Center

Elastic Data

Center

Promotion of

stopped instances

to live

Disaster Recovery

Big Data & Analytics

Corporate Data

Center

Elastic Data

Center

Analytics

Corporate Data

Center

Elastic Data

Center

Application data

and logs for

analysis pushed

to S3

Analytics

Corporate Data

Center

Elastic Data

Center

Amazon Elastic

Map Reduce

name node to

control analysis

N

Analytics

Corporate Data

Center

Elastic Data

Center

Hadoop cluster

started by Elastic

Map Reduce

N

Analytics

Corporate Data

Center

Elastic Data

Center

N

Adding many

hundreds or

thousands of

nodes

Analytics

Corporate Data

Center

Elastic Data

Center

N

Disposed of when

job completes

Analytics

Architecture of a financial services grid computing

Business Apps

Customer

Data Centers

VPN or

Direct Connect

Secure

connectivity

between

datacentre & AWS

Virtual Private Cloud

Hybrid HANA Deployment – Customer Data Centre & AWS

DEV QAS

ECC

BW

ECC

BWBW

ECC

SRM

PRD

SAP production landscape runs in

customer’s own datacentreSAP development & quality

assurance landscape runs on AWS

SAP HANA

Appliance(s)

HANA

DB

HANA

DB

AWS

region

Active Directory + DNS in the VPC

Public Facing

Web App

Internal

Corporate

App

VPN

Connection

Corporate Data center

corp.example.com

AD Controller

Domain

Controller

+ DNS

example.com

DNS

AD

Replication

Domain Join +

DNS Queries

DNS

Forward

Requests

New Instance:

friendly-vpc-123.corp.example.com

SharePoint Reference Implementation

Remote

Admin

AWS Region

Availability Zone 2

Private Subnet

Availability Zone 1

Public Subnet Private Subnet Private Subnet Private Subnet

Private Subnet Private Subnet Private Subnet Private Subnet

Public Subnet

NAT

RDGW

RDGW

Primary DC/DNS

Active Directory

Active DirectoryDatabase Tier

Database Tier

Primary DB

SQL Server

Mirror DB

Witness

Application TierWeb Tier

Application TierWeb Tier

Central Admin &

SharePoint Services

Central Admin &

SharePoint Services

IIS & SharePoint

Web Front End

ELB

NAT

Backup DC/DNS

Internet

Gateway

Users

IIS & SharePoint

Web Front End

AWS Marketplace & Partners Can Help

• Customer can find, research,

buy software

• Simple pricing, aligns with

EC2 usage model

• Launch in minutes

• Marketplace billing integrated

into your AWS account

• 1300+ products across 20+

categories

Learn more at: aws.amazon.com/marketplace

Test Drive Major Workloads at No Cost

Ready to use preconfigured test workloads for fast PoC:

SAP Microsoft Oracle Red Hat Many

others

Thank you

yinal@amazon.com

Find out more

• aws.amazon.com/vpc

• aws.amazon.com/directconnet

• aws.amazon.com/storagegateway

• aws.amazon.com/whitepapers– Development and Test

– VPC networking

– Backup & archive

• Contact me: yinal@amazon.com @source_nat