AWS Sydney Summit 2013 - Extending Your Data Centre with VPC

769 views
524 views

Published on

Session 1, Presentation 2 from the AWS Sydney Summit

Published in: Technology
0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
769
On SlideShare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
0
Comments
0
Likes
1
Embeds 0
No embeds

No notes for slide
  • Amazon Virtual Private Cloud (Amazon VPC) lets you provision a logically isolated section of the Amazon Web Services (AWS) Cloud where you can launch AWS resources in a virtual network that you define.
  • AWS Direct Connect makes it easy to establish a dedicated network connection from your premise to AWS. Using AWS Direct Connect, you can establish private connectivity between AWS and your datacenter, office, or colocation environment, which in many cases can reduce your network costs, increase bandwidth throughput, and provide a more consistent network experience than Internet-based connections.
  • AWS Sydney Summit 2013 - Extending Your Data Centre with VPC

    1. 1. Simon ElishaExtending you Data Centre with VPCPrincipal Solution Architect
    2. 2. Agenda Why? What? How Much? Customer Examples “Goodies” in VPC Let’s build one!
    3. 3. WHY?
    4. 4. CapacityPowerElasticityAgility
    5. 5. WHAT?
    6. 6. VPC Overview• Bring your own networkYour network goes here
    7. 7. VPC Overview• Bring your own network• Create your own subnetsSubnet 1 Subnet 2 Subnet „n‟…
    8. 8. VPC Overview• Control instance placementAvailability Zone „A‟ Availability Zone „B‟
    9. 9. VPC Overview• Control instance placement and traffic– Security Groups & NACLsAvailability Zone „A‟ Availability Zone „B‟
    10. 10. VPC Overview• Control instance placement and traffic– Security Groups & NACLs– Routing RulesAvailability Zone „A‟ Availability Zone „B‟
    11. 11. VPC Overview• VPC Gateways– Virtual Private Gateway– Internet GatewayCustomer Network
    12. 12. VPC Overview• Virtual Private Gateway– IPSEC VPNCustomer Network
    13. 13. VPC Overview• Virtual Private Gateway– Dynamic Routing (Route-based VPN)– Static Routing (Policy-based VPN)Customer Network
    14. 14. VPC Overview• Virtual Private Gateway– IPSEC VPN– Direct ConnectCustomer NetworkDX LocationCustomer/PartnerWAN
    15. 15. VPC Overview• Virtual Private Gateway• Internet GatewayCustomer Network
    16. 16. VPC Overview• Connecting to Instances– Private IP– Elastic IP (publically routable)Customer Network
    17. 17. VPC Overview• Connecting to Instances– Load BalancersCustomer Network
    18. 18. VPC Building Blocks SummaryVirtual Private CloudSubnetsRoute Tables, Security Groups, NACLsVirtual Private GatewayAWS Direct ConnectInternet GatewayElastic IPs and Load Balancers
    19. 19. VPC Connectivity Options
    20. 20. Connectivity Option #1• Lollipop network (“DC-on-a-stick”)– Internet VPNCustomer Network
    21. 21. Connectivity Option #1• Lollipop network (“DC-on-a-stick”)– Dual RedundancyCustomer Location #2Customer Location #1
    22. 22. Connectivity Option #1• Lollipop network (“DC-on-a-stick”)– AWS VPN CloudHubCustomer Location #2Customer Location #1
    23. 23. Connectivity Option #1• Lollipop network (“DC-on-a-stick”)– Direct ConnectCustomer NetworkDX LocationCustomer/PartnerWAN
    24. 24. Connectivity Option #2• Hybrid Integration – Internal & Internet Access– Internet VPNCustomer Network
    25. 25. Connectivity Option #2• Hybrid Integration – Internal & Internet Access– Internet VPN– DirectConnectCustomer NetworkDX Location
    26. 26. Connectivity Option #3• Integration between VPCs– DirectConnectDX Location
    27. 27. Connectivity Option #3• Integration between VPCs– DirectConnect– Software VPN to Hardware (VGW)
    28. 28. Connectivity Option #3• Integration between VPCs– DirectConnect– Software VPN to Software VPN
    29. 29. Connectivity Option #4• Remote Access Solution– Microsoft RAS– Checkpoint– OpenVPN– Sophos– VyattaCustomer NetworkRemote AccessServer
    30. 30. Non-Standard VPN Requirements• Software VPN Appliance– Overlapping (unknown) customer network addresses– Customer MUST manage both sides of VPN
    31. 31. Nonstandard VPN Requirements• ZenOSS SaaS example– Managed monitoring service– Extend AWS into ZenOSS Customer NetworksCustomer “1”Shared MgmtNetworkCustomer “2”Customer “n”…
    32. 32. Lollipop network or data-center-on-a-stickHybrid integration – Internal & Internet AccessIntegration between Amazon VPCsMobile/Remote access solutionVPC Connectivity Options Summary
    33. 33. HOW MUCH?
    34. 34. VPC $0Hardware VPN $0.05/ HourDirect Connect1 Gbps Port $0.30/ Hour10 Gbps Port $2.25/ HourInbound Data $0.00Outbound Data (SYD) $0.045 per GBInbound Data $0.00Outbound Data (SYD) $0.19 per GB (first GB free)
    35. 35. VPC $0Hardware VPN $438Direct Connect1 Gbps Port $2,62810 Gbps Port $19,710*Plus Outgoing data & private connection costsFor a Year…
    36. 36. CUSTOMEREXAMPLES
    37. 37. Lionsgate uses AWS To host SharePoint & SAPAmazon VPCAvoided datacenter build outSaved $1Mover 3 years50% lower costthan hosting options
    38. 38. Nasdaq used AWS to Build a New Line of Business
    39. 39. PRE-BUILTARCHITECTURES
    40. 40. SharePoint - Intranet
    41. 41. SharePoint - Internet
    42. 42. “Goodies” inVPC
    43. 43. Goodies• Control over Ingress & Egress of data – Security Groups• Dynamic allocation of Security Groups to Instances• Elastic Network Interfaces – up to 8 depending on instance• DNS Resolution – Default or use your own• ElastiCache in VPC (joining RDS, EMR, ElasticBeanstalk,Redshift, OpsWorks, etc)• RDS IP Addresses - option to have RDS publicallyaccessible
    44. 44. LET‟S BUILDONE!
    45. 45. FlexibleAgileCost EffectiveIntegrated
    46. 46. ARCHITECTURE CENTERhttp://aws.amazon.com/architectureTECHNICAL ARTICLEShttp://aws.amazon.com/articlesPODCASThttp://aws.amazon.com/podcastBLOGhttp://aws.typepad.com

    ×