© 2016, Amazon Web Services, Inc. or its Affiliates. All rights reserved.

James Saull, Principal Solutions Architect

April 28th, 2016

Microsoft Workloads on AWS

Agenda

Reasons customers are running Microsoft on AWS

What Microsoft workloads run on AWS

Developing .NET / PSH on AWS

Licensing

Publishing your Microsoft stacks in AWS Service Catalog

https://aws.amazon.com/windows/

Reasons for running Microsoft

on AWS

Why run Microsoft workloads on AWS

Building and managing cloud since 2006

12 regions, 33 availability zones, 54 edge locations

Thousands of partners; 2,500+ Marketplace products

Security & Reliability

Performance

Experience

Scale

Ecosystem

Extensive VM and network performance options

Security in layers approach and 99.95% application SLA

SecurityA few of our many certifications:

Secured premises

Secured access

Built-in firewalls

Unique users

Multi-factor authentication

Private subnets

Encrypted data storage

Dedicated connection

https://aws.amazon.com/compliance/https://aws.amazon.com/security/

Reliability

Easily build highly available applications

ELB distributes load (ideal for SharePoint)

Auto Scaling for availability and scalability

Use multiple Availability Zones (AZs)

High Performance

High performance instances (X1) and HPC solutions

https://aws.amazon.com/hpc/

Automated instance scaling (EC2 Auto Scaling)

Dedicated low-latency network (AWS Direct Connect)

Ensure storage performance (AWS EBS Provisioned IOPS)

What Microsoft workloads run

on AWS?

Every imaginable use case

Collaboration

Full/Partial Franchise Migration

Web / Mobile / Media

Mail

ERP

VDI

BI

https://aws.amazon.com/windows/case-studies/

Information Security

Corporate Applications End User ComputingBusiness Applications

Amazon EC2 Windows,

Amazon RDS,

AWS CloudFormation,

AWS CloudFront

Amazon EC2 Windows,

AWS Directory Service,

Amazon RDS,

AWS Marketplace

Amazon WorkSpaces,

Amazon AppStream, AWS

Marketplace,

AWS Mobile Services, SaaS

AWS Identity and Access Management

(IAM), AWS CloudHSM, AWS Key

Management Service, Security

Groups, AWS Marketplace

Amazon EC2, Amazon S3, Amazon RDS,

Amazon VPC, Amazon Direct Connect,

Directory Service, AWS IAM,

AWS Service Catalog

Infrastructure

AWS service offerings for Microsoft workloads

AWS Elastic Beanstalk,

AWS CodeDeploy,

AWS CloudFormationDevOps

Microsoft

Server Products

Corporate Apps in AWS

Deploy highly available applications

BYOL or pay per use

Security in layers approach helps with

compliance

Leverage multi-AZ architectures for

reliability & availability

Example Architecture: SharePoint on AWS

Availability Zone 1

private subnet

NAT

10.0.32.0/20 10.0.2.0/24

DB1SP1FE1Exch1

SQLServer

10.0.0.10010.0.0.101

10.0.0.102

SharePoint

Server

10.0.0.140

LyncServer

10.0.0.160

ExchangeServer

10.0.0.150

RDG

Availability Zone 2

private subnet

NAT

10.0.96.0/20

RDG

Remote

Users / Admins

10.0.0.0/19

On-premisesdatacenter

VPNDirectConnect

DC1

10.0.2.0/24

DB2SP2FE2Exch2

SQLServer

10.0.64.10010.0.64.101

10.0.64.102

SharePoint

Server

10.0.64.140

LyncServer

10.0.64.160

10.0.64.0/19

DC2

ActiveDirectory

10.0.0.10

ActiveDirectory

10.0.64.10

privatesubnet

privatesubnet

ExchangeServer

10.0.64.150

VPCCIDR10.0.0.0/16

All-in-one

https://aws.amazon.com/quickstart/

Going beyond infrastructure

SharePoint BLOB storage on S3

Export mails to Amazon S3

AWS Marketplace

• On-Demand, License Included or BYOL SharePoint

• http://tinyurl.com/AWS-SPS-MP

Quick Starts

• http://tinyurl.com/AWS-MS-QS

SQL Server

SQL Server High Availability

Availability Zone 1

Private Subnet

Primary

Replica

Availability Zone 2

Private Subnet

Secondary

Replica

Synchronous-commit Synchronous-commit

Automatic Failover

Primary: 10.0.2.100

WSFC: 10.0.2.101

AG Listener: 10.0.2.102

Primary: 10.0.3.100

WSFC: 10.0.3.101

AG Listener: 10.0.3.102

AG Listener:

ag.awslabs.net

https://aws.amazon.com/windows/resources/whitepapers/alwayson/

SQL Server Disaster Recovery & Backup

Availability Zone 1

Private Subnet

Primary

Replica

Availability Zone 2

Secondary

Replica 1

Private Subnet

AG Listener:

ag.awslabs.net

Corporate Network

VPN

Automatic Failover

Secondary

Replica 2

(Readable)

Reporting

Application

Backups

Manual Failover

■ AD Integrated

■ Automated failover

■ Automated patching

■ Automated backup

■ Point-in-time recovery

Amazon RDS for SQL Server

Amazon RDS

Simple Systems Manager

• Configuration is continuously applied

• No machine access

• Full traceability - calls audited in AWS CloudTrail

• Fine-grained control

• Run Command (pre-defined):• AWS-JoinDirectoryServiceDomain

• AWS-RunPowerShellScript

• AWS-UpdateEC2Config

• AWS-ConfigureWindowsUpdate

• AWS-InstallApplication

• AWS-InstallPowerShellModule

• AWS-ConfigureCloudWatch

• http://tinyurl.com/AWS-SSM-Home

Developers

AWS SDK and Tools for .NET ArchitectureE

XE

CU

TIO

N

PLA

TF

OR

M

AW

S S

DK

LO

W-

LE

VE

L

SE

RV

ICE

AP

IS

AW

S

TO

OLS

HIG

HE

R-

LE

VE

L

UT

ILIT

Y

AP

IS

.NET 3.5 .NET 4.5 PHONE STORE

SERVICE CLIENTS

AMAZON S3

TRANSFERUTILITY

AMAZON

DYNAMODB OBJECT

PERSISTANCE

VM IMPORT RESOURCE API

AWS TOOLS FOR

WINDOWS

POWERSHELL

AWS TOOLKIT FOR

VISUAL STUDIO

ASP.NET SESSION

PROVIDERTRACE LISTENER

…

AWS ENDPOINTS: REST API

https://aws.amazon.com/visualstudio/

AWS Toolkit for Visual Studio

Full Integration in Visual Studio

Blob Storage in Amazon S3

var bucketName = "<BucketName>";

var fileName = "<FileName>";

var s3Client = new Amazon.S3.AmazonS3Client();

// Write Data to Amazon S3

s3Client.PutObject(new Amazon.S3.Model.PutObjectRequest {

BucketName = bucketName,

Key = fileName,

InputStream = fileStream

});

// Read Data from Amazon S3

var s3Object = s3Client.GetObject(bucketName, fileName);

Amazon S3

Loose Coupling Sets You Free

var queueUrl = "https://sqs.<region>.amazonaws.com/<AcctNum>/<QueueName>";

var sqsClient = new Amazon.SQS.AmazonSQSClient();

// Send to Amazon SQS

sqsClient.SendMessage(queueUrl, "My Message Data");

// Process Amazon SQS

while(!exit) {

var messages = sqsClient.ReceiveMessage(queueUrl);

foreach(var message in messages.Messages) {

// Process message then delete

sqsClient.DeleteMessage(queueUrl, message.ReceiptHandle);

}

}

Amazon SQS

AWS Also Provides Extended Support

AWS Elastic Beanstalk• Deploy from within Visual Studio / Automatic Log Rotation to Amazon S3

AWS CodeCommit / CodePipeline / CodeDeploy• Manage a large (on-premises and cloud-based) fleet

.NET SDK and PowerShell CmdLets• Get-Command -Module AWSPowerShell | Measure-Object -Line

• 1821

AWS is the de-facto standard• Jenkins, Bamboo have native integration to AWS

• Other IDE Support AWS (Unity, Xamarin Studio, Eclipse…)

Licensing

http://aws.amazon.com/windows/faq/

Microsoft licensing options

Flexibility helps you optimize costs

Buy licenses from AWS

• AWS manages licensing

• Pay as you go pricing

• Multi-tenant or Dedicated

• No need for Software Assurance

• Unlimited CALs

Bring your own licenses (BYOL)

• Save money on software licensing

• You manage licensing costs and compliance with your ISV

• No need for Software Assurance

Leverage License Mobility

• AWS manages Windows Server licensing

• You manage licensing costs and compliance with your ISV

• Uses Software Assurance

BYOL using Dedicated HostsLicense compliance and portability

Host ID = h-123abc

Sockets = 2

Physical Cores = 20

• Maintain license compliance

• Granular resource and placement controls

• Visibility into physical resources

• Physical core and socket counts

• Capacity utilization

• Instance location

• Now supports reservations for discounted

pricing

https://aws.amazon.com/ec2/dedicated-hosts/

MSDN

https://aws.amazon.com/windows/resources/msdn/

Supportability on AWS

Microsoft workloads are supported on AWS. Amazon Web Services fully supports Microsoft Windows Server as both infrastructure and a platform. Our customers have successfully deployed in the AWS cloud virtually every Microsoft application available, including Microsoft Exchange, SharePoint, Lync, Dynamics, and Remote Desktop Services.

If you have support related issues you should contact AWS Support.

Autonomy

Self Service

Governance

Control

What is AWS Service Catalog?

AWS Service Catalog allows organizations to create and manage

catalogs of IT services. It enables users to quickly deploy the approved

IT services they need in a self-service manner.

Organizations Developers

Control

Standardization

Governance

AgilitySelf-service

Time to market

Why should I use AWS Service Catalog?

Self-service

• Increase agility with access to services

• Improve employee satisfaction

Promote standardization

• Share best practices

• Compliance with business goals and policies

Control provisioning of AWS resources

• Tag at provisioning

• Restrict user permissions

IT Product Lifecycle Management in AWS

CloudFormation

templateAdmin

Define

AWS Service Catalog

Publish

CloudFormation

stack

Users

Browse and Launch

AWS CloudTrail Amazon S3

Monitors

Logs all API calls

AWS CloudWatchalarm

Monitors

Initiates

Notifies

AWS Config

Track changesNotifies

Changes

Provisions

Procure

Package