windows on aws - london-summit-slides …london-summit-slides-2017.s3.amazonaws.com/how aws can help...
TRANSCRIPT
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Ariane Gadd, Senior DevOps Engineer, KPMGJulien Lépine, Principal Solutions Architect, AWS
Windows on AWSHow AWS can help you optimize your Microsoft workloads
Cloud is an ongoing optimization model
On-Premises
Lift & Shift Instance Right-Sizing
Improved Elasticity
Measure, Monitor, Improve
Optimized EC2 Storage Optimization
Serverless Architecture
Managed Services
True AWS Optimized
Traditional TCO Comparisons
Platform identity
corporate data center
ADDC
ADFS
AWS IAM
AmazonS3
AWSCloudTrail
AWSConfig
Logging and monitoring platform
Core network infrastructure
Availability Zone
Availability Zone
Internet gateway
NATgateway
NATgateway
VPN connection
corporate data center
AmazonS3
Logging and monitoring platform
Public subnet
Public subnet Private Subnet
Private Subnet
flow logs
Amazon CloudWatch Logs
Availability Zone
Windows identity
Availability Zone
Availability Zone
Internet gateway
NATgateway
Active Directory Tier
AWS Directory Service
NATgateway
VPN connection
corporate data center
AWS IAM
ADFS
ADDC
Migrating data to and from AWS
AWS Database Migration ServiceMinimize downtime during migrations, migrate between different DB platforms, Schema Conversion Tool
Amazon RDS Native Backup / RestoreStore your existing SQL Server backups ‘.bak’ files in Amazon S3 and restore them on Amazon RDS
Microsoft SQL Server Database Publishing WizardExport to T-SQL files, load using sqlcmd
1
2
3
AWS MarketplaceThird-party data import and export tools and solutions
4
Creating repeatable architectures
BOOTSTRAPPING CONTAINERS AUTOMATEDDEPLOYMENTS
AWSCloudFormation
Amazon ECSPowerShellAmazon EC2
Systems ManagerState Manager
Amazon RDS features
Your familiar Microsoft SQL Server platformChoose from SQL Server 2008 R2 / 2012 / 2014 / 2016, in Express, Standard, Web or Enterprise Edition
All major processes automatedCreation via one API call, automated failover, patching, backup, point in time recovery, easy scalability, AD integration
You retain a high level of controlUse your existing licenses, the settings of the database engine, programmability
1
2
3
So you focus on your businessFocus on the data schema, query planning and workload optimization based on your business
4
Scaling Web Application
Availability Zone
Availability Zone
Internet gateway
NATgateway
NATgateway
VPN connection
corporate data center
ADDC
ADFS
AWS IAM
users
Active Directory Tier
Database Tier
Web Tier
ELB
IIS Server
AmazonRDS
AWS Directory Service
IIS Server
Administration at scale
REMOTE DESKTOPACCESS
REMOTE SCRIPTING
RDGW Amazon WorkSpaces
CLOUD CONTROLCENTER
PowerShell
AWS Tools for Windows
PowerShell
Amazon EC2 Systems Manager
Keeping the platform up to date
IMAGE HYGIENE
AMI
PowerShellDSC
MONITORINGINVENTORYAUDITING
CONFIGURATIONMANAGEMENT
Amazon CloudWatch
Amazon EC2 Systems Manager
PATCHING
AWSConfig
Licensing Continuum
License Included
• Amazon manages the licenses
• Pay-as-you-go pricing
• Multi-tenant or dedicated
• No license management overhead
• AWS provides images
Hybrid
• Baseline in BYOL
• Leverage scalability and pay-as-you-go where applicable
• Limit management overhead
• Import and use some of your OS or software
BYOL
• Import and use your own OS/software
• Reduce your spend if you already pay an ISV for licensing
• You manage licensing costs and compliance with your ISV
• Committed contracts with your ISVs
Delaware North Moves Data Center to AWS to Save $3.5M Over Five Years
• Construction of new headquarters building led company to reevaluate its IT platform
• Evaluated several cloud vendors and chose AWS
• Reducing its data center server footprint by 91%
• Anticipates saving at least $3.5 million over five years with leaner IT
• Improving security compliance, disaster recovery, and delivery of new services and solutions
From a CIO’s perspective, I looked very closely at the reputation and value proposition that each cloud
vendor brought to the table. AWS had a clear lead over the competition.
Kevin Quinlivan, Chief Information Officer
”
“
Delaware North is $3 billion leader in the food service and hospitality industry. It is based in Buffalo, New York.
ENTERPRISE APPS
DEVELOPMENT & OPERATIONSMOBILE SERVICESAPP SERVICESANALYTICS
DataWarehousing
Hadoop/Spark
Streaming Data Collection
Machine Learning
Elastic Search
Virtual Desktops
Sharing & Collaboration
Corporate Email
Backup
Queuing & Notifications
Workflow
Search
Transcoding
One-click App Deployment
Identity
Sync
Single Integrated Console
PushNotifications
DevOps Resource Management
Application Lifecycle Management
Containers
Triggers
Resource Templates
TECHNICAL & BUSINESS SUPPORT
Account Management
Support
Professional Services
Training & Certification
Security & Pricing Reports
Partner Ecosystem
Solutions Architects
MARKETPLACE
Business Apps
Business Intelligence DatabasesDevOps
Tools NetworkingSecurity Storage
Regions Availability Zones
Points of Presence
INFRASTRUCTURE
CORE SERVICES
ComputeVMs, Auto-scaling, & Load Balancing
StorageObject, Blocks, Archival, Import/Export
DatabasesRelational, NoSQL, Caching, Migration
NetworkingVPC, DX, DNSCDN
Access Control
Identity Management
Key Management & Storage
Monitoring & Logs
Assessment and reporting
Resource & Usage Auditing
SECURITY & COMPLIANCE
Configuration Compliance
Web application firewall
HYBRIDARCHITECTURE
Data Backups
Integrated App Deployments
DirectConnect
IdentityFederation
IntegratedResource Management
Integrated Networking
API Gateway
IoT
Rules Engine
Device Shadows
Device SDKs
Registry
Device Gateway
Streaming Data Analysis
Business Intelligence
MobileAnalytics
Hosting your .NET applications
AMAZON EC2 AWS LAMBDAANY PLATFORM
AWSOpsWorks
AWS Elastic Beanstalk
Amazon ECS
Amazon API Gateway
AWS also provides extended support
AWS CodeCommit/CodePipeline/CodeDeploy• Manage a large fleet (on-premises and cloud-based)
.NET SDK and PowerShell cmdlets• Integration in custom build pipelines in TFS or other
AWS native integrations• Jenkins, Bamboo have native integration to AWS• Other IDE support AWS (Unity, Xamarin Studio, Eclipse…)
26© 2017 KPMG LLP, a UK limited liability partnership and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. All rights reserved.
Introduction to KPMG
250+ Productionworkloads
3 years
25 Engineers
150+ Projects90% in AWS
Cloud OpsTechSolutions
27© 2017 KPMG LLP, a UK limited liability partnership and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. All rights reserved.
Introduction to KPMG
RetailMulti-national FMCG
retailer
BankingGlobal investment
banking client
Tax and AuditKPMG Tax
Public SectorGovernment Civil
Service
All sectors
28© 2017 KPMG LLP, a UK limited liability partnership and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. All rights reserved.
Case Study: EMX Hub
A flexible Employee Benefits Scheme web application offered to multiple clients across all sectors.
• Originally hosted on-premises• Development out-sourced
The Challenge:
Expensive
Unreliable
Un-profitable
Hard to iterate
29© 2017 KPMG LLP, a UK limited liability partnership and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. All rights reserved.
CloudOps Solution
Migrate everything to AWS
Bring development in house
30© 2017 KPMG LLP, a UK limited liability partnership and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. All rights reserved.
CloudOps Solution
The result
• Infrastructure costs dropped 80%
• Development costs dropped 40%
• Support costs dropped from £8k to £2.5k
• Profitable within 3 months
• Increased agility
EMX Hub2.5 years
Zerodown-time
No majorincidents
200,000+ Registered
users
Doubled in size
31© 2017 KPMG LLP, a UK limited liability partnership and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. All rights reserved.
How we use AWS
The infrastructure stack:
• Windows EC2 • Elastic load balancing• Auto-scaling• SQL Server RDS• Route 53• CloudWatch• S3• CloudFormation
• configuration management and deployment
• Octopus Deploy• TeamCity
32© 2017 KPMG LLP, a UK limited liability partnership and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. All rights reserved.
How we use AWS cont.
Windows architecture• Use a hardened AMI
• Patched regularly
Cattle vs Pets
Our Windows servers are cattle
This architecture is a standard pattern
• Proven resilience• Quick time to market• Pre-approved security and risk management
33© 2017 KPMG LLP, a UK limited liability partnership and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. All rights reserved.
Main Benefits of AWS
Cost reduction
Speed of delivery
Collaboration and DevOps
34© 2017 KPMG LLP, a UK limited liability partnership and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. All rights reserved.
KPMG & AWS – Future relationship
100+ projects already in AWS
250+ Production workloads in AWS
Enterprise relationship with on-premises TAM support
Continually growing
Hosting highly confidential data
How to get started
Create an AWS Account and leverage the free tier• 1 year Amazon EC2 instance• 1 year Amazon RDS Instance• 1 month AWS Directory Service for Microsoft Active Directory• Much more
Contact us and come meet usAWS and partners offer training and certification
Amazon EC2
AWS Directory Service
AmazonRDS