B2 - Integrating on-premises workloads with AWS
-
Upload
amazon-web-services -
Category
Technology
-
view
617 -
download
4
description
Transcript of B2 - Integrating on-premises workloads with AWS
![Page 1: B2 - Integrating on-premises workloads with AWS](https://reader033.fdocuments.us/reader033/viewer/2022060110/5561acfad8b42afd708b5391/html5/thumbnails/1.jpg)
AWS Summit 2014
Orchestration and Deployment Options for Hybrid Enterprise Environments Guy Ernest Solutions Architect @guyernest
![Page 2: B2 - Integrating on-premises workloads with AWS](https://reader033.fdocuments.us/reader033/viewer/2022060110/5561acfad8b42afd708b5391/html5/thumbnails/2.jpg)
What is Hybrid Cloud? A composition of two or more distinct cloud
infrastructures that remain unique entities, but are bound together by standardized or
proprietary technology that enables data and application portability.
“Special Publication 800-145 - The NIST Definition of Cloud Computing” – September, 2011
![Page 3: B2 - Integrating on-premises workloads with AWS](https://reader033.fdocuments.us/reader033/viewer/2022060110/5561acfad8b42afd708b5391/html5/thumbnails/3.jpg)
Requisite Gartner Quote
“Nearly half of large enterprises will have hybrid cloud deployments by
the end of 2017.”
http://www.gartner.com/newsroom/id/2599315 - October 1, 2013
![Page 4: B2 - Integrating on-premises workloads with AWS](https://reader033.fdocuments.us/reader033/viewer/2022060110/5561acfad8b42afd708b5391/html5/thumbnails/4.jpg)
Why Hybrid Cloud? • All the things the cloud provides
– Agility – Economics – Scale
• But something gets in the way – Compliance – Previous investment – Legacy workloads – Attitudes
![Page 5: B2 - Integrating on-premises workloads with AWS](https://reader033.fdocuments.us/reader033/viewer/2022060110/5561acfad8b42afd708b5391/html5/thumbnails/5.jpg)
What do Enterprises Want in Hybrid?
• Ability to deploy identical stacks
• Interoperability between clouds
• Ability to leverage one provisioning framework
• Ability to leverage one operational framework
![Page 6: B2 - Integrating on-premises workloads with AWS](https://reader033.fdocuments.us/reader033/viewer/2022060110/5561acfad8b42afd708b5391/html5/thumbnails/6.jpg)
Hybrid Considerations
• Core Infrastructure
• Security – Authentication and Entitlements
– Identity Management
– Data Sovereignty
• Operations and Monitoring
• Infrastructure Deployment and Orchestration
![Page 7: B2 - Integrating on-premises workloads with AWS](https://reader033.fdocuments.us/reader033/viewer/2022060110/5561acfad8b42afd708b5391/html5/thumbnails/7.jpg)
Hybrid Considerations
• Cost Containment
• Pace of Innovation
• Cloud Orchestration
• Application Deployment
• Processes and Change Management
![Page 8: B2 - Integrating on-premises workloads with AWS](https://reader033.fdocuments.us/reader033/viewer/2022060110/5561acfad8b42afd708b5391/html5/thumbnails/8.jpg)
Today We’ll Focus On
• Preparing Core Infrastructure
• Orchestration Strategies
• Application Deployment Strategies
![Page 9: B2 - Integrating on-premises workloads with AWS](https://reader033.fdocuments.us/reader033/viewer/2022060110/5561acfad8b42afd708b5391/html5/thumbnails/9.jpg)
Preparing Core Infrastructure
Active Directory
Network Configuration
Encryption
Back-up Appliances
Users & Access Rules
Your Private Network
HSM Appliance
Cloud back-ups
AWS Direct Connect
Your Data Center Your Cloud
![Page 10: B2 - Integrating on-premises workloads with AWS](https://reader033.fdocuments.us/reader033/viewer/2022060110/5561acfad8b42afd708b5391/html5/thumbnails/10.jpg)
Core Infrastructure Considerations Driven by Business Requirements!
• Performance & Latency • Business Continuity • Geography • Data Sovereignty • Security • And Many More…
![Page 11: B2 - Integrating on-premises workloads with AWS](https://reader033.fdocuments.us/reader033/viewer/2022060110/5561acfad8b42afd708b5391/html5/thumbnails/11.jpg)
Some Relevant AWS Services • Amazon Virtual Private Cloud (VPC)
• AWS Direct Connect
• AWS Identity and Access Management (IAM)
![Page 12: B2 - Integrating on-premises workloads with AWS](https://reader033.fdocuments.us/reader033/viewer/2022060110/5561acfad8b42afd708b5391/html5/thumbnails/12.jpg)
Some Relevant AWS Services • AWS CloudFormation
• VM Import / Export
• AWS Management Pack for Microsoft System Center/
VMWare vCenter
• AWS API, SDKs, and Tools
![Page 13: B2 - Integrating on-premises workloads with AWS](https://reader033.fdocuments.us/reader033/viewer/2022060110/5561acfad8b42afd708b5391/html5/thumbnails/13.jpg)
Hybrid Orchestration Strategies
![Page 14: B2 - Integrating on-premises workloads with AWS](https://reader033.fdocuments.us/reader033/viewer/2022060110/5561acfad8b42afd708b5391/html5/thumbnails/14.jpg)
A Decision Framework DIMENSION LOW MEDIUM HIGH
Organizational Buy-In
None or grassroots
Divisional Top Down (CIO/CEO)
IT Capabilities In-house Limited Partner Limited
In-house Limited Trusted Partner
In-house Advanced Trusted Partner(s)
IT Vision
Operational Somewhat forward thinking
Innovative and cutting edge
AWS Experience
None/Limited Some Extensive
![Page 15: B2 - Integrating on-premises workloads with AWS](https://reader033.fdocuments.us/reader033/viewer/2022060110/5561acfad8b42afd708b5391/html5/thumbnails/15.jpg)
Choices, Choices, Choices
![Page 16: B2 - Integrating on-premises workloads with AWS](https://reader033.fdocuments.us/reader033/viewer/2022060110/5561acfad8b42afd708b5391/html5/thumbnails/16.jpg)
Tool Capabilities Considerations • Multi Public Cloud Support • Monitoring and Alerting • Identity Federation • Service Catalog • End-user Self Provisioning • Cost Reporting and Chargeback • Cloud-based Operation
![Page 17: B2 - Integrating on-premises workloads with AWS](https://reader033.fdocuments.us/reader033/viewer/2022060110/5561acfad8b42afd708b5391/html5/thumbnails/17.jpg)
Three Orchestration Strategies
• Native Integration
• Deploy New Orchestration Layer
• Extend Existing Orchestration Tools
![Page 18: B2 - Integrating on-premises workloads with AWS](https://reader033.fdocuments.us/reader033/viewer/2022060110/5561acfad8b42afd708b5391/html5/thumbnails/18.jpg)
Native Integration Build a custom layer using API-level capabilities. Best When: • Have in-house development skills • Need very fine-grained control • Licensing costs are a big issue
![Page 19: B2 - Integrating on-premises workloads with AWS](https://reader033.fdocuments.us/reader033/viewer/2022060110/5561acfad8b42afd708b5391/html5/thumbnails/19.jpg)
Native Integration DIMENSION LOW MEDIUM HIGH
Organizational Buy-In
None or grassroots
Divisional Top Down (CIO/CEO)
IT Capabilities In-house Limited Partner Limited
In-house Limited Trusted Partner
In-house Advanced Trusted Partner(s)
IT Vision
Operational Somewhat forward thinking
Innovative and cutting edge
AWS Experience
None / Limited Some Extensive
![Page 20: B2 - Integrating on-premises workloads with AWS](https://reader033.fdocuments.us/reader033/viewer/2022060110/5561acfad8b42afd708b5391/html5/thumbnails/20.jpg)
Native Integration - Pros • Incorporate all services or only what you need • Maximum flexibility • React quickly to new features and services • Leverage existing open-source tools
– Open Nebula – Eucalyptus – Netflix Asgard – CloudStack
• No licensing fees
![Page 21: B2 - Integrating on-premises workloads with AWS](https://reader033.fdocuments.us/reader033/viewer/2022060110/5561acfad8b42afd708b5391/html5/thumbnails/21.jpg)
Native Integration - Cons • Need in-house development skills • Possible long development cycles • Private cloud must support API-level access • Support must come from in-house
![Page 22: B2 - Integrating on-premises workloads with AWS](https://reader033.fdocuments.us/reader033/viewer/2022060110/5561acfad8b42afd708b5391/html5/thumbnails/22.jpg)
New Orchestration Layer Invest in new hybrid orchestration tools. Best When: • Have moderate time constraints • Want the latest and greatest • Have trusted partners
![Page 23: B2 - Integrating on-premises workloads with AWS](https://reader033.fdocuments.us/reader033/viewer/2022060110/5561acfad8b42afd708b5391/html5/thumbnails/23.jpg)
New Orchestration Layer DIMENSION LOW MEDIUM HIGH
Organizational Buy-In
None or grassroots
Divisional Top Down (CIO/CEO)
IT Capabilities In-house Limited Partner Limited
In-house Limited Trusted Partner
In-house Advanced Trusted Partner(s)
IT Vision
Operational Somewhat forward thinking
Innovative and cutting edge
AWS Experience
None / Limited Some Extensive
![Page 24: B2 - Integrating on-premises workloads with AWS](https://reader033.fdocuments.us/reader033/viewer/2022060110/5561acfad8b42afd708b5391/html5/thumbnails/24.jpg)
New Orchestration Layer - Pros • Get latest and greatest capabilities • Multi-cloud support • Faster than DIY • Vendor-provided support
![Page 25: B2 - Integrating on-premises workloads with AWS](https://reader033.fdocuments.us/reader033/viewer/2022060110/5561acfad8b42afd708b5391/html5/thumbnails/25.jpg)
New Orchestration Layer - Cons • Licensing costs • Rip-and-replace legacy tools • Maintaining feature parity with AWS • Requires some specialized skills
![Page 26: B2 - Integrating on-premises workloads with AWS](https://reader033.fdocuments.us/reader033/viewer/2022060110/5561acfad8b42afd708b5391/html5/thumbnails/26.jpg)
Extend Existing Tools Leverage existing investments in tools Best When: • Have aggressive time constraints • Don’t need latest and greatest • Have strong relationship with
existing tools vendor
![Page 27: B2 - Integrating on-premises workloads with AWS](https://reader033.fdocuments.us/reader033/viewer/2022060110/5561acfad8b42afd708b5391/html5/thumbnails/27.jpg)
Extend Existing Tools DIMENSION LOW MEDIUM HIGH
Organizational Buy-In
None or grassroots
Divisional Top Down (CIO/CEO)
IT Capabilities In-house Limited Partner Limited
In-house Limited Trusted Partner
In-house Advanced Trusted Partner(s)
IT Vision
Operational Somewhat forward thinking
Innovative and cutting edge
AWS Experience
None / Limited Some Extensive
![Page 28: B2 - Integrating on-premises workloads with AWS](https://reader033.fdocuments.us/reader033/viewer/2022060110/5561acfad8b42afd708b5391/html5/thumbnails/28.jpg)
Extend Existing Tools - Pros • No rip-and-replace • Can be fastest path to hybrid • Familiarity with tools and vendors • Vendor-provided support • Requires least amount of specialized skills
![Page 29: B2 - Integrating on-premises workloads with AWS](https://reader033.fdocuments.us/reader033/viewer/2022060110/5561acfad8b42afd708b5391/html5/thumbnails/29.jpg)
Extend Existing Tools - Cons • Limited feature sets • Licensing costs • Maintaining feature parity with AWS • A “good enough” approach
![Page 30: B2 - Integrating on-premises workloads with AWS](https://reader033.fdocuments.us/reader033/viewer/2022060110/5561acfad8b42afd708b5391/html5/thumbnails/30.jpg)
Application Deployment Strategies
...
Corporate Data Centers
App 1
App 2
App N
... App 1
App 2
App N
![Page 31: B2 - Integrating on-premises workloads with AWS](https://reader033.fdocuments.us/reader033/viewer/2022060110/5561acfad8b42afd708b5391/html5/thumbnails/31.jpg)
Horizontal Run partial application layers on AWS
• Storage • Disaster Recovery • Database • Extend / Burst into AWS
![Page 32: B2 - Integrating on-premises workloads with AWS](https://reader033.fdocuments.us/reader033/viewer/2022060110/5561acfad8b42afd708b5391/html5/thumbnails/32.jpg)
Horizontal - Pros • Can keep sensitive layers in-house
– Data – IP / Trade Secrets – Regulatory Restricted
• Relatively easier compliance
![Page 33: B2 - Integrating on-premises workloads with AWS](https://reader033.fdocuments.us/reader033/viewer/2022060110/5561acfad8b42afd708b5391/html5/thumbnails/33.jpg)
Horizontal - Cons • More complex than vertical • Harder to undo if relationship with cloud
vendor sours
![Page 34: B2 - Integrating on-premises workloads with AWS](https://reader033.fdocuments.us/reader033/viewer/2022060110/5561acfad8b42afd708b5391/html5/thumbnails/34.jpg)
Vertical Deploy full application stacks on AWS • Net-new Workloads • Development and QA
![Page 35: B2 - Integrating on-premises workloads with AWS](https://reader033.fdocuments.us/reader033/viewer/2022060110/5561acfad8b42afd708b5391/html5/thumbnails/35.jpg)
Vertical - Pros • Quick to Implement / Minimal Integration • Good Application Stack Isolation • Leverages Cloud Benefits at Each Layer • Fairly Easy to Undo
![Page 36: B2 - Integrating on-premises workloads with AWS](https://reader033.fdocuments.us/reader033/viewer/2022060110/5561acfad8b42afd708b5391/html5/thumbnails/36.jpg)
Vertical - Cons • Doesn’t Really Leverage In-House IT
Resources • Must Have Well Established Governance
Policies for All Layers
![Page 37: B2 - Integrating on-premises workloads with AWS](https://reader033.fdocuments.us/reader033/viewer/2022060110/5561acfad8b42afd708b5391/html5/thumbnails/37.jpg)
© 2014 Amazon.com, Inc. and its affiliates. All rights reserved. May not be copied, modified, or distributed in whole or in part without the express consent of Amazon.com, Inc.
Managing Mission Critical Loads Wido Riezebos, CTO Eyefreight
![Page 38: B2 - Integrating on-premises workloads with AWS](https://reader033.fdocuments.us/reader033/viewer/2022060110/5561acfad8b42afd708b5391/html5/thumbnails/38.jpg)
Who is Eyefreight Background • Initial Dutch Government investments into Innovation in Supply Chain Logistics • 2009 Focus on Cost Management within Transportation • 2012 Funded by 2 Dutch Private Equity firms • 2013 Funding of US$ 14m • 2014 Geographical presence
– European headquarters in Utrecht, Netherlands
– US headquarters in Chicago, Illinois
![Page 39: B2 - Integrating on-premises workloads with AWS](https://reader033.fdocuments.us/reader033/viewer/2022060110/5561acfad8b42afd708b5391/html5/thumbnails/39.jpg)
Eyefreight, in other words • Young company with well known customers
• SAAS solution offering freight spend management and visibility – Tightly integrate with mission critical ERP systems – Communicate with hundreds of different parties – Running optimization algorithms on high volumes of data is core
business
![Page 40: B2 - Integrating on-premises workloads with AWS](https://reader033.fdocuments.us/reader033/viewer/2022060110/5561acfad8b42afd708b5391/html5/thumbnails/40.jpg)
Being an Innovative Company • Innovative companies are typically about doing
the right things • However, doing things right is like hygiene
– as in “if you don’t do it right you will get in stinking mess”
• So… get the right guys to ‘do things right’ for you. Think Services, not personnel.
• Only invest in your edge and competitiveness
![Page 41: B2 - Integrating on-premises workloads with AWS](https://reader033.fdocuments.us/reader033/viewer/2022060110/5561acfad8b42afd708b5391/html5/thumbnails/41.jpg)
A bit of background
Transportation Planning
Execution Monitoring
Cost settlement
Transport orders
Shipments Shipments
Order Allocation
Stock orders Sales orders
Transport orders Shipments Shipments
Shipment assignment
Status updates
![Page 42: B2 - Integrating on-premises workloads with AWS](https://reader033.fdocuments.us/reader033/viewer/2022060110/5561acfad8b42afd708b5391/html5/thumbnails/42.jpg)
Managing Mission Critical Loads • So how do we handle “mission critical”?
– Load balancing and fail-over – Streaming replication – Backup and point in time recovery – Configuration management in a massive cluster – Security certification
• Yeah yeah yeah. (You’ve read the book)
Per customer / day • 3000 orders • 200 shipments • 800 updates • 15.000 page hits
Now think 500 customers, 62.000 users, 3 continents
![Page 43: B2 - Integrating on-premises workloads with AWS](https://reader033.fdocuments.us/reader033/viewer/2022060110/5561acfad8b42afd708b5391/html5/thumbnails/43.jpg)
But how to use services to do that • Architect and design a solution that supports
cloud services from day one – Support multi tenancy from the load balancers through all
components down to the database schema – Many clusters with X nodes, using Y databases containing Z
schemas – Create appliances that self configure (dynamic cluster sizing
made easy). Just add a node – Isolate environments (customers, regions). Just add a cluster
![Page 44: B2 - Integrating on-premises workloads with AWS](https://reader033.fdocuments.us/reader033/viewer/2022060110/5561acfad8b42afd708b5391/html5/thumbnails/44.jpg)
And then go for scale • Automate
– Configuration: Packer, Chef, Docker, OSGi – Deployment: CloudFormation, local registry discovery, automatic
schema upgrades, Apache ACE/OBR – Scaling: APM trending / hotspot discovery, dynamic cluster
sizing, aggregated logging – Security: intrusion detection and global auditing
• Automation + capacity on demand = Flexibility
![Page 45: B2 - Integrating on-premises workloads with AWS](https://reader033.fdocuments.us/reader033/viewer/2022060110/5561acfad8b42afd708b5391/html5/thumbnails/45.jpg)
Scaling up; when you need it Why? SLA / Life cycle specific Customer specific Environment specific Load specific Economy of scale
![Page 46: B2 - Integrating on-premises workloads with AWS](https://reader033.fdocuments.us/reader033/viewer/2022060110/5561acfad8b42afd708b5391/html5/thumbnails/46.jpg)
Tips & Lessons learned • There are tools and API’s: Automate your build
process to produce AMI templates • If you need to scale, do not forget the rule of the
weakest link. In our case that is still RDS • Balancing over HTTP is so much easier. REST!
![Page 47: B2 - Integrating on-premises workloads with AWS](https://reader033.fdocuments.us/reader033/viewer/2022060110/5561acfad8b42afd708b5391/html5/thumbnails/47.jpg)
Challenges (potentially new services) • Backup and recovery services are at the level of
a database (not schema). So not necessarily at the level of your customer
• Root cause analysis is a pain in a load balanced cluster. You need to aggregate and correlate your logs centrally
• APM style Metrics at the functional level
![Page 48: B2 - Integrating on-premises workloads with AWS](https://reader033.fdocuments.us/reader033/viewer/2022060110/5561acfad8b42afd708b5391/html5/thumbnails/48.jpg)
Direct benefits, entrepreneurial • If you do not need to invest; then don’t • Instant maturity levels for OPS • Very flexible capacity; complete environments
can be created and abandoned ad-hoc
![Page 49: B2 - Integrating on-premises workloads with AWS](https://reader033.fdocuments.us/reader033/viewer/2022060110/5561acfad8b42afd708b5391/html5/thumbnails/49.jpg)
© 2014 Amazon.com, Inc. and its affiliates. All rights reserved. May not be copied, modified, or distributed in whole or in part without the express consent of Amazon.com, Inc.
Managing Mission Critical Loads Wido Riezebos, CTO Eyefreight
Thanks!
![Page 50: B2 - Integrating on-premises workloads with AWS](https://reader033.fdocuments.us/reader033/viewer/2022060110/5561acfad8b42afd708b5391/html5/thumbnails/50.jpg)
That’s all great Guy, but how do I actually get started?
![Page 51: B2 - Integrating on-premises workloads with AWS](https://reader033.fdocuments.us/reader033/viewer/2022060110/5561acfad8b42afd708b5391/html5/thumbnails/51.jpg)
Getting Started • Storage / Backups and Archive
• Development and Test
• Net New Workloads
• Disaster Recovery
• Cloud Bursting
• Migrate Legacy Workloads
![Page 52: B2 - Integrating on-premises workloads with AWS](https://reader033.fdocuments.us/reader033/viewer/2022060110/5561acfad8b42afd708b5391/html5/thumbnails/52.jpg)
Getting Started – Storage / Backup
![Page 53: B2 - Integrating on-premises workloads with AWS](https://reader033.fdocuments.us/reader033/viewer/2022060110/5561acfad8b42afd708b5391/html5/thumbnails/53.jpg)
Getting Started – Storage / Backup
![Page 54: B2 - Integrating on-premises workloads with AWS](https://reader033.fdocuments.us/reader033/viewer/2022060110/5561acfad8b42afd708b5391/html5/thumbnails/54.jpg)
Getting Started – Network Topology
Subnet 1
… Subnet 2 Subnet N
Considerations • Overlapping networks • IP stinginess
• VPC CIDR too small • Subnets too small
![Page 55: B2 - Integrating on-premises workloads with AWS](https://reader033.fdocuments.us/reader033/viewer/2022060110/5561acfad8b42afd708b5391/html5/thumbnails/55.jpg)
Getting Started – Connectivity
Considerations • Public Internet vs. Direct Connect • Redundancy
Customer Data Center
DX Location
![Page 56: B2 - Integrating on-premises workloads with AWS](https://reader033.fdocuments.us/reader033/viewer/2022060110/5561acfad8b42afd708b5391/html5/thumbnails/56.jpg)
Getting Started – IAM
Considerations • Identity Federation • AWS vs. App Stack Access • Build vs. Buy
![Page 57: B2 - Integrating on-premises workloads with AWS](https://reader033.fdocuments.us/reader033/viewer/2022060110/5561acfad8b42afd708b5391/html5/thumbnails/57.jpg)
What Next? • AWS Account Team • Trusted Partners • Resources
– http://aws.amazon.com/architecture – http://aws.amazon.com/enterprise
![Page 58: B2 - Integrating on-premises workloads with AWS](https://reader033.fdocuments.us/reader033/viewer/2022060110/5561acfad8b42afd708b5391/html5/thumbnails/58.jpg)
Thank You!
AWS EXPERT? GET CERTIFIED! aws.amazon.com/certification Guy Ernest
Solutions Architect @guyernest
![Page 59: B2 - Integrating on-premises workloads with AWS](https://reader033.fdocuments.us/reader033/viewer/2022060110/5561acfad8b42afd708b5391/html5/thumbnails/59.jpg)
COFFEE BREAK
AWS EXPERT? GET CERTIFIED! aws.amazon.com/certification
#awssummit