Page 1
© 2014 Amazon.com, Inc. and its affiliates. All rights reserved. May not be copied, modified, or distributed in whole or in part without the express consent of Amazon.com, Inc.
IT Extreme Makeover with Hybrid
ScenariosExtending the Enterprise Data Center
Yinal Ozkan
Principal Solutions Architect,
Amazon Web Services
Page 2
TodayObservations:
• We start with customers and work backwards.
• Our customers leverage increased agility, elasticity, focus on core business, optimized costs, and better security
• Enterprises with complex applications, integrated operations, and sophisticated teams, this integration and transition require deeper thought and planning.
Action Items:
• Start a typical enterprise customer and work backwards step by step
• Discuss path for kicking off cloud initiative within your own organization.
• Discuss how an extreme IT makeover is possible with reusable examples
• Validate that application do not need to be rewritten
• Extending existing good practices into AWS
Page 3
You Have a Great Data Center
Page 4
But some off-premise options may be
better
Page 5
here there
???
Image Copyright: Alan Stark https://www.flickr.com/photos/squeaks2569/3538446880
Page 6
Hybrid Deployments Made Easy
Capabilities
• Integrated Networking– Amazon Virtual Private Cloud (Amazon VPC)
– Amazon Direct Connect
• Integrated Cloud Storage– AWS Storage Gateway
– Amazon Glacier
– Amazon Simple Storage Service (Amazon S3)
• Integrated Access Control
• Integrated Resource Management and Workload Migration
http://aws.amazon.com/enterprise/hybrid/
Page 7
You have a lot to think about
Compute NetworkingStorage &
CDNDatabase App Services Management
Amazon EC2
Amazon EMR
Amazon ELB
Amazon Route 53
Amazon VPC
AWS Direct Connect
Amazon S3
Amazon Glacier
Amazon EBS
AWS Import/Exp
Amazon CloudFront
Amazon RDS
Amazon DynamoDB
Amazon Elasticache
Amazon RedShift
Amazon CloudSearch
Amazon SWF
Amazon SQS
Amazon SNS
Amazon SES
Amazon Elastic Transcoder
Mobile Push
Amazon WorkSpaces
Amazon Kinesis
Amazon AppStream
AWS IAM
Amazon CloudWatch
AWS Elastic Beanstalk
AWS Cloudformation
AWS Data Pipeline
AWS OpsWorks
AWS CloudHSM
AWS Trusted Advisor
AWS Marketplace
AWS CloudTrail
AWS Premium
Support
AWS Professional
Services
AWS
Training
Page 8
Corporate
Data
Center
Private
Network
in AWS
Image Copyright: Alan Stark https://www.flickr.com/photos/squeaks2569/3538446880
Page 9
Corporate Data
Center
Extend the Corporate DC
Page 10
Availability Zone Availability Zone
VPC Customer
10.0.0.5 10.0.0.6
10.0.1.8
10.0.1.9
Virtual Private Cloud (VPC)
Page 11
Private
Subnet
VPN
Internal facing systemsAccessible only over VPN – access to
internet over corporate connection
Public
Subnet
www
Internet facing systemsAssert control over networking layer
Page 12
Public
Subnet
www
Private
Subnet NAT
VPN
Page 13
Getting connected
Cloud Datacenter
Image Copyright: Alan Stark https://www.flickr.com/photos/squeaks2569/3700355684/
Page 14
Over Internet
Data center AWS Cloud
Page 15
VPN
Data center AWS Cloud
routerrouter
Page 16
Direct Connect
AWS CloudData center
AWS Direct
Connect
Location
Page 17
Maximizing reliability
Data center AWS Cloud
router router
Page 18
Now you’re connected…
Page 19
Integrating AWS with Your Existing On-Premises
Infrastructure
Active Directory
Network Configuration
Encryption
Back-up Appliances
Users & Access Rules
Your Private Network
Built-in Encryption
Cloud back-ups
AWS Direct Connect
Your On-Premise
Apps
Your Cloud AppsCorporate Data
Centers
Page 20
Painting the picture of
a customer in transition
Page 21
First cloud use cases
Page 22
Collapse | Copy Codepublic int CurrentPage{
get{
// Look for current page in ViewStateobject o = ViewState["CurrentPage"];if (o == null) return 1; // default page
index of 1return (int) o;
}set { ViewState["CurrentPage"] = value; }
Development & Test
Page 23
Development &Test
Developers
&
OperationsInternal
GitCI Server
Pre-commit
Hook
Testing Environment Subnet
CI Workers
Dev Environment VPC Subnet
DEV
WEB
ELBDev Stack
Tier 1
Dev Stack
Tier 2
Dev
MySQL
DB
Instance
DEV
APP ELB
VPN
TUNNEL
VPN facing VPC Subnet
Virtual
Private
Gateway
Monitorin
g
Dev Admin
Instance
NAT
Instance
Amazon
DynamoDB
Amazon SQS
Amazon S3
Page 24
Backup
Image Copyright: Pargon https://www.flickr.com/photos/pargon/2444128581/
Page 25
Corporate Data
Center
Elastic Data
Center
AWS Storage
Gateway
Backup - Storage Gateway
Page 26
AWS Storage Gateway
http://aws.amazon.com/storagegateway
Page 27
Disaster Recovery
Image Copyright: Loco Steve https://www.flickr.com/photos/locosteve/4349003896/
Page 28
Corporate Data
Center
Elastic Data
Center
Synchronization of
key datasets
Disaster Recovery
Page 29
Corporate Data
Center
Elastic Data
Center
Disaster Recovery
Page 30
Corporate Data
Center
Elastic Data
Center
Promotion of
stopped instances
to live
Disaster Recovery
Page 31
Big Data & Analytics
Page 32
Corporate Data
Center
Elastic Data
Center
Analytics
Page 33
Corporate Data
Center
Elastic Data
Center
Application data
and logs for
analysis pushed
to S3
Analytics
Page 34
Corporate Data
Center
Elastic Data
Center
Amazon Elastic
Map Reduce
name node to
control analysis
N
Analytics
Page 35
Corporate Data
Center
Elastic Data
Center
Hadoop cluster
started by Elastic
Map Reduce
N
Analytics
Page 36
Corporate Data
Center
Elastic Data
Center
N
Adding many
hundreds or
thousands of
nodes
Analytics
Page 37
Corporate Data
Center
Elastic Data
Center
N
Disposed of when
job completes
Analytics
Page 38
Architecture of a financial services grid computing
Page 40
Customer
Data Centers
VPN or
Direct Connect
Secure
connectivity
between
datacentre & AWS
Virtual Private Cloud
Hybrid HANA Deployment – Customer Data Centre & AWS
DEV QAS
ECC
BW
ECC
BWBW
ECC
SRM
PRD
SAP production landscape runs in
customer’s own datacentreSAP development & quality
assurance landscape runs on AWS
SAP HANA
Appliance(s)
HANA
DB
HANA
DB
Page 41
AWS
region
Active Directory + DNS in the VPC
Public Facing
Web App
Internal
Corporate
App
VPN
Connection
Corporate Data center
corp.example.com
AD Controller
Domain
Controller
+ DNS
example.com
DNS
AD
Replication
Domain Join +
DNS Queries
DNS
Forward
Requests
New Instance:
friendly-vpc-123.corp.example.com
Page 42
SharePoint Reference Implementation
Remote
Admin
AWS Region
Availability Zone 2
Private Subnet
Availability Zone 1
Public Subnet Private Subnet Private Subnet Private Subnet
Private Subnet Private Subnet Private Subnet Private Subnet
Public Subnet
NAT
RDGW
RDGW
Primary DC/DNS
Active Directory
Active DirectoryDatabase Tier
Database Tier
Primary DB
SQL Server
Mirror DB
Witness
Application TierWeb Tier
Application TierWeb Tier
Central Admin &
SharePoint Services
Central Admin &
SharePoint Services
IIS & SharePoint
Web Front End
ELB
NAT
Backup DC/DNS
Internet
Gateway
Users
IIS & SharePoint
Web Front End
Page 43
AWS Marketplace & Partners Can Help
• Customer can find, research,
buy software
• Simple pricing, aligns with
EC2 usage model
• Launch in minutes
• Marketplace billing integrated
into your AWS account
• 1300+ products across 20+
categories
Learn more at: aws.amazon.com/marketplace
Page 44
Test Drive Major Workloads at No Cost
Ready to use preconfigured test workloads for fast PoC:
SAP Microsoft Oracle Red Hat Many
others
Page 45
Thank you
[email protected]
Page 46
Find out more
• aws.amazon.com/vpc
• aws.amazon.com/directconnet
• aws.amazon.com/storagegateway
• aws.amazon.com/whitepapers– Development and Test
– VPC networking
– Backup & archive
• Contact me: [email protected] @source_nat