Running Business-Critical Applications on the AWS Cloud Shailesh Albuquerque Solutions Architect

v  

Firstly, let’s do some Introductions

•  Me •  Shailesh Albuquerque

•  Solutions Architect based in Bangalore , India

•  You •  Are looking to deploy your business applications on the cloud or migrate from on-

premises to the cloud

•  Are wanting to better understand the migration approach

•  Are wanting to understand architectural patterns for enterprise applications and tools for migration.

v  

Today’s Agenda

• Why AWS for Business Critical Applications. • Licensing and Support for Common Enterprise Applications. • Enterprise Migration Path • Architecture Patterns. • Migration Best practices and Tools.

Why AWS for Business Critical Applications.

v  

AWS Global Infrastructure

11 Regions 28 Availability Zones 52 Edge Locations

v  

Improved Fault Tolerance & Disaster Recovery

Region Availability

Zone A

Availability Zone B

Availability Zone C

§  Distinct locations engineered to be insulated from failures in other Availability Zones

§  Connected via an inexpensive, low latency network

§  An independent collection of AWS services in a defined geographical location

§  Foundation for meeting location dependent privacy and compliance requirements

§  Contains two or more Availability Zones

Region

Availability Zones

v  

Broad Set of Compute and Storage Technology

C4 instances , based on Intel Xeon E5-2666 v3 (Haswell). , designed specifically for EC2, runs at a base speed of 2.9 GHz, and can achieve clock speeds as high as 3.5 GHz with Turbo boost

§ General Purpose [ T2, M3] § Compute Optimized [ C3, C4 ] § Memory Optimized [ R3] §  IO, Storage Optimized [ I2, HS]

Compute Instance Types § EBS Magnetic § General Purpose SSD § Provisioned IOPS

Storage Options

Connected by a World Class Network

High packets-per-second performance

Low jitter EBS-optimized instances

Virtual network interfaces

Physical placement optimization

Slow Fast

High throughput, low latency

Architected for Enterprise Security Certifications and accreditations

for workloads that matter AWS Key Management Service

Encryption features for S3, EBS, RDS ..

AWS CloudTrail for Auditing

Integrate with your existing Data Center

Corporate Data Centers

On-Premises Resources

Cloud Resources Integration

Integrate with your existing Data Center

On-­‐premise  resources

 Data  center  

Cloud  services

Cloud  infrastructure  

Workload    Migra8on  

and  integra8on  

Enterprise  

management  tools  

Access/authen8ca8on  

control  integra8on  

Connec8vity

Services for Enterprise Collaboration and Sharing

Amazon WorkDocs

Fully managed, secure document storage and sharing service for

Enterprise

Amazon Workspaces

Managed hosted desktops in the cloud

v  

AWS Marketplace

The AWS Marketplace has 1,900 listings and

customers run more than 70 million hours of

software per month.

Licensing and Support

v  

Supported SAP solutions § SAP Business Suite

§ SAP HANA § SAP Business Warehouse § SAP Business One § SAP Business Objects § SAP Rapid Deployment Solutions

§ SAP Afaria

v  

SAP Supported Databases and OS

Databases

§ SAP HANA §  IBM DB2 Version 9.7 or higher § SAP MaxDB Version 7.x or higher § Microsoft SQL Server 2008 R2 or

higher § Sybase ASE 15.7.0.013 or higher

Operating  Systems  

§ SUSE Linux Enterprise Server (SLES) 11 SP1 or higher

§ Red Hat Enterprise Linux (RHEL) 5.5 and 6 or higher

§ Microsoft Windows Server 2008 R2 or higher

*Note – Oracle DB can be used for non-production systems (Test/Demo/POC/Training/etc.)

v  

SAP Software and Licensing on AWS Bring your Own Licenses

§ Primary model for most SAP applications on AWS

§ Existing SAP licenses can be used on AWS § SAP Business Suite, SAP Business All-in-

One, SAP BusinessObjects, etc.

§ AWS Marketplace § SAP Trial Images & Developer

Editions § AWS / SAP Test Drive Program

Software and License Included

v  

Microsoft Products on AWS

v  

Microsoft Development on AWS

AWS SDK for .NET

AWS Toolkit for Visual Studio

AWS Tools for Windows PowerShell

Deploy .NET to ElasticBeanStalk

v  

Microsoft Licensing

License Mobility through Software Assurance

§ Windows 2003, 2008, 2012 § Windows + SQL Server Web Edition. § Windows + SQL server Standard Edition § RDS for SQL Server Standard Edition

§ Microsoft SharePoint § Microsoft Exchange § Other Microsoft products

Software and License Included

v  

Oracle in the AWS Cloud § Oracle Databases are fully supported on AWS

•  Oracle Database EE, Oracle Database SE, NoSQL, Coherence •  Active Data Guard, Oracle Golden Gate etc. •  RDS service supports Oracle DB.

§ Oracle Fusion Middleware is fully supported on AWS •  Weblogic suite, SOA Suite. •  Identity & Access Management etc.

§ Oracle Applications supported on EC2* •  Oracle E-Business Suite, JD Enterprise •  Siebel, PeopleSoft Application,Hyperion etc [* Applications supported on OVM]

v  

Oracle License Portability on AWS

Oracle Licenses are fully portable to Amazon EC2

Oracle Cloud support policy

http://www.oracle.com/us/corporate/pricing/cloud-licensing-070579.pdf

Oracle in the AWS cloud FAQ

http://www.oracle.com/technetwork/topics/cloud/faq-098970.html

Enterprise Migration Path

Enterprise Migration Path

$$$  $   $$  Value to Business

High  

Low  

Med

ium  

Tim

e to

Exe

cute

$$$$  

Phase  1   Phase  2  

Architecture Patterns for Enterprise Applications.

VPC subnet

Availability Zone

Security group

VPC subnet

Availability Zone

Security group

Virtual Gateway

AWS Virtual Private Cloud

§  Launch AWS resources in a virtual network that you define.

§  Complete control over your virtual networking environment, including selection of your own IP address range, creation of subnets, and configuration of route tables and network gateways.

§  Control over Networking features such as DNS , Security and VPN connectivity.

Corporate data center

Users

Data center router

Servers

Internet

IPSec VPN

AWS Direct Connect

§  AWS Direct Connect lets you establish a dedicated network connection between your network and one of the AWS Direct Connect locations

§  Industry standard 802.1q VLANs

§  Routing uses BGP

Corporate data center

Users

VPC subnet

Availability Zone

Security group

VPC subnet

Availability Zone

Security group

Data center router

Customer router

Servers

AWS Direct Connect location

AWS Direct Connect routers

Virtual Gateway

AWS Directory Service

§  Deploys in two modes Connect your AWS resources with an existing on-premises Microsoft Active set up a new, stand-alone directory in the AWS Cloud.

§  Simplify Deployment of Windows Workloads on AWS

Users, group memberships, domain-joining Windows computers, Kerberos single sign-on (SSO) and Group Policies. AWS Directory Service

Connect

Corporate data center

Users

AD.Domain

Servers

Domain controller

VPC subnet

Availability Zone

Security group

Virtual Gateway

VPC subnet

Availability Zone

Security group

Active Directory and LDAP

§  Reduced back-reach Traffic

§  Reduced Latency for Authentication

§  Additional Resiliency

§  Enablement of both:

Multi-Master Read/Write Domain Controllers Read-only Domain Controllers (RODCs) Active Directory

Replication

Corporate data center

Users

AD.Domain

Servers

Domain controller

Domain controller

VPC subnet

Availability Zone

Security group

Virtual Gateway

Domain controller

VPC subnet

Availability Zone

Security group

Replication

2 VPC

Database Backup to AWS

Disaster Recovery Site on AWS

Enterprise  Applica8on  Basic  Architecture

Enterprise  Applica8on  HA  Architecture

SharePoint Reference Implementation

Remote  Admin  

AWS  Region  

Availability  Zone  2  

Private Subnet

Availability  Zone  1  

Public Subnet Private Subnet Private Subnet Private Subnet

Private Subnet Private Subnet Private Subnet Private Subnet Public Subnet

NAT  

RDGW  

RDGW  

Primary  DC/DNS  

AcAve  Directory  

AcAve  Directory  Database  Tier  

Database  Tier  

Primary  DB  SQL  Server  

Mirror  DB  

Witness  

ApplicaAon  Tier  Web  Tier  

ApplicaAon  Tier  Web  Tier  

Central  Admin  &  SharePoint  Services  

Central  Admin  &  SharePoint  Services  

IIS  &  SharePoint  Web  Front  End  

ELB

NAT  

Backup  DC/DNS  

Internet Gateway

Users  

IIS  &  SharePoint  Web  Front  End  

v  

§ Reference Architecture - “Deploy a Microsoft SharePoint 2010 Server Farm in the AWS Cloud in 6 Simple Steps”:

•  Builds upon the SharePoint Reference  Implementa@on  White  Paper    •  hAp://aws.amazon.com/ar@cles/9982940049271604  

§ AWS CloudFormation Templates for each step: •  Launch  the  network  and  Ac@ve  Directory  stack  •  Launch  the  database  stack    •  Launch  the  app  stack  •  Launch  the  web  stack  

Deploy SharePoint Farm in 6 Steps

v  § SharePoint Reference Architecture on AWS whitepaper

http://aws.amazon.com/windows/sharepoint/

§ Microsoft Exchange Server 2010 in the AWS Cloud: Planning & Implementation Guide http://aws.amazon.com/windows/exchange/

§  Implementing Microsoft Windows Server Failover Clustering (WSFC) and SQL Server 2012 AlwaysOn Availability Groups in the AWS Cloud

§ SAP whitepapers http://aws.amazon.com/sap/resources/

§ AWS Quick Starts http://aws.amazon.com/quickstarts

Whitepapers & Quick Starts

Migration Approach and Best Practices

Calculating TCO

v  

In Your TCO Analysis

3- or 5-year amortization Use 3-year RI models ( Full upfront, partial upfront) Mention tiered pricing (Less expensive at every tier : network I/O, storage)

Cost benefits of automation (Auto Scaling, APIs, AWS CloudFormation, AWS OpsWorks, Trusted Advisor, optimization)

DOs

DON’Ts

BONUS

v  

In Your TCO Analysis

Forget power/cooling (compute, storage, shared network) Forget administration costs (procurement, design, build, operations, network, security personnel)

Forget rent/real estate (building deprecation, taxes, shared services staff)

Forget VMware licensing and maintenance costs Forget to mention cost of “redundancy”, multi-AZ facility

DOs

BONUS

DON’Ts

v  

In Your TCO Analysis

Time from ordering to procurement (Releasing early = increased revenue)

Cost of “capacity on shelf” Incremental cost of adding an on-premises server when physical space is maxed out Real cost of resource shortfalls Cost of disappointed or lost customers when unable to scale fast enough

DOs  

DON’Ts  

BONUS  

v  § AWS economics center - http://aws.amazon.com/economics/

§ AWS Simple Monthly Calculator http://calculator.s3.amazonaws.com/index.html

§ AWS TCO Calculator - http://aws.amazon.com/tco-calculator/

TCO tools

Identifying Applications to Move

Standalone applications are easy to move

Application with loosely coupled SOA -based integrations are good candidates

Tightly integrated application needs more planning

v  

Invest in Proof of Concept Early

Proof of concept will answer tons of questions quickly Will help identify gaps and touch points

Give you a good estimation of the task ahead

v  § File transfer to Amazon S3 or EC2 using S/FTP, SCP, UDP, Aspera, Attunity

§ Configure on-premises backup application (like NetBackup, CA, CommVault, Riverbed) to use Amazon S3

§ AWS Storage Gateway for asynchronous backup to Amazon S3

§ AWS Import/Export service: Ship your disk to AWS

§ Database backup tools like Oracle Secure Backup

§ Database replication tools like GoldenGate, DbVisit

§ AWS VM Import/Export, Management Portal for vCenter.

Migrating Data into AWS Cloud

v  

The Migration Continuum

ForkliO   Embrace  AWS   OpAmize  for  AWS  

•  May  be  only  op@on  for  some  apps    

•  Run  AWS  like  a  virtual  co-­‐lo  (low  effort)  

•  Does  not  op@mize  for  on-­‐demand  (overprovisioned)  

•  Minor  modifica@ons  to  improve  cloud  usage  

•  Automa@ng  servers  can  lower  opera@onal  burden  

•  Leveraging  more  scalable  storage  

•  Redesign  with  AWS  in  mind  (high  effort)  

•  Embrace  scalable  services  (reduce  admin)  

•  Closer  to  fully  u@lized  resources  at  all  @mes  

Forkli_   Embrace   Op@mize  Effort   Scalability   Opera@onal  Burden  

Management and

Monitoring

BMC CLM, Boundary, HP OpenView, CA Spectrum Automation Manager, MS System Center Plug-in,

Oracle EM Plug-in, RightScale,

AWS CloudWatch

Auditing and Logging

Alert Logic Log Manager CA Audit,

Trend Micro, Xceedium Xsuite

Ylastic

AWS CloudWatch Alert

Cost Management

Cloudability Cloudyn

AWS Trusted Advisor

Data Migration

Data Expedition Aspera

Attunity CloudBeam Riverbed Whitewater

Tsunami

AWS Storage Gateway

Backup and Recovery

CA Arcserve, Commvault,

Netapp Oracle OSB

Riverbed Whitewater Symantec,

Zadara

Amazon EBS Snapshot

Migration Tools

Customer Examples

v  

Next steps … • Sign up for an AWS account at

aws.amazon.com • Take advantage of the Free Tier • Try a AWS Test Drive at

aws.amazon.com/testdrive AWS

Online  Labs  |  Training  

Gain  confidence  and  hands-­‐on  experience  with  AWS.  Watch  free  

Instruc@onal  Videos  and  explore  Self-­‐Paced  Labs  

Instructor  Led  Classes    

Learn  how  to  design,  deploy  and  operate  highly  available,  cost-­‐effec@ve  and  

secure  applica@ons  on  AWS  in  courses  led  by  qualified  AWS  instructors  

Validate  your  technical  exper@se  with  AWS  and  use  prac@ce  exams  

to  help  you  prepare  for  AWS  Cer@fica@on  

AWS  CerAficaAon    

hTp://aws.amazon.com/training    

Thank you

Shailesh Albuquerque Solutions Architect