Amazon EC2 to Amazon VPC: A case study (CPN301) | AWS re:Invent 2013

3,189 views

Published on

In this session, you learn about Amazon Virtual Private Cloud and why you should consider using it for your applications. You also hear from the makers of Lucidchart, an online diagramming tool, which was originally launched in 2008 on the Amazon EC2 Classic platform. As the user base grew, so did their need for a more robust, secure infrastructure. After much debate about other vendors and colocation, Lucidchart chose Amazon VPC. To find out why, check out this session for a comparison of Amazon EC2 Classic against Amazon VPC. Matthew Barlocker, Chief Architect at Lucidchart, discusses their migration plan, pain points, and unexpected issues.

Published in: Technology, Business
0 Comments
7 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
3,189
On SlideShare
0
From Embeds
0
Number of Embeds
2
Actions
Shares
0
Downloads
64
Comments
0
Likes
7
Embeds 0
No embeds

No notes for slide

Amazon EC2 to Amazon VPC: A case study (CPN301) | AWS re:Invent 2013

  1. 1. Amazon EC2 to Amazon VPC: A case study Eric Schultze, AWS Matthew Barlocker, Lucid Software Inc November 14, 2013 © 2013 Amazon.com, Inc. and its affiliates. All rights reserved. May not be copied, modified, or distributed in whole or in part without the express consent of Amazon.com, Inc.
  2. 2. Where we’ve been • 2009 – AWS introduces Amazon VPC • 2010 – AWS Management Console, second region • 2011 – Internet connectivity, global expansion • 2012 – Additional Amazon services in VPC, multiple IPs • 2013 – EC2-VPC becomes the default network platform
  3. 3. Where we’ve been 2011 2009 • Amazon VPC is announced 2010 • • • • • • AWS Management Console Support for Auto Scaling User specified IPs per instance EU-West-1 region Amazon EBS backed instances CC instances in VPC • • • • • • • • • • • • • • • • 2012 Internet Gateway • t1.micro Security groups • Multiple IPs per interface Network ACLs • AWS CloudFormation for VPC Route tables • AWS Elastic Beanstalk in VPC AWS Management Console • Amazon RDS in VPC Instance metadata • Amazon ElastiCache in VPC Elastic IPs Dedicated instances 2013 Spot Instances in VPC • VPC becomes the default platform Elastic Load Balancing in VPC for all new AWS accounts Amazon Elastic MapReduce in VPC • DNS Hostnames in VPC Expansion to all regions • AWS OpsWorks for VPC Multiple Availability Zones • Amazon Redshift in VPC Multiple VPCs per account • Ephemeral Public IPs Multiple VPN connections per VPC Elastic network interfaces
  4. 4. 2014 • VPC Migration
  5. 5. About Me • • • Chief Architect at Lucid Software Inc Bachelors degree from BYU in Computer Science I love to • • • • • play board games go 4-wheeling wrestle my sons fly airplanes Follow me on nineofclouds.blogspot.com
  6. 6. Lucid Software • • • • • • • Online Diagram Software Online Print & Digital Publishing Large Documents Real-time Collaboration All Changes Tracked Vector Graphics High Quality Images
  7. 7. Tech at Lucid • • • • • • Google Closure Javascript PHP Sharded MongoDB Sharded MySQL NodeJS • • • • • • SOA Scala Play! Chef Zabbix, Graphite AWS
  8. 8. Lucid on AWS • Amazon Elastic Compute Cloud • Amazon Virtual Private Cloud • Amazon Elastic Block Store • Auto Scaling • Elastic Load Balancing • Simple Storage Service • Amazon CloudFront • AWS Import/Export • Amazon Relational Database Service • Amazon Route 53 • Amazon Simple Notification Service • Amazon Simple Email Service • Availability Zones • Regions
  9. 9. Why Lucid Chose Amazon VPC • • • • Pricing Interoperability Enhanced features Security
  10. 10. Other Benefits • • • • • Elastic Load Balancing security groups Network ACLs Elastic IP associations VPN support Reserved Instance transfers
  11. 11. Drawbacks • • • • • NAT cost and maintenance Setup time New terminology Private subnet accessibility Internal DNS names defaults
  12. 12. Things You Should Know • EIPs or Public IPs in public subnets • NAT • Not special • Public subnet • Subnets • Route tables • Network ACLs • DHCP
  13. 13. Migration Plan
  14. 14. Migration Constraints • Amazon EC2 & Amazon VPC communication • NAT traffic • Not Shared: – – – – – Security groups Load balancers Auto Scaling groups Elastic IPs EIP limits • Shared: – – – – – – Instance limit Amazon EBS volumes Snapshots Instance sizes Availability Zones Regions
  15. 15. Migration Plan • • • • Move top layer first Move one layer at a time Meticulously manage security groups Move monitoring/utility servers last • http://nineofclouds.blogspot.com/search/label/VPC
  16. 16. Starting layout
  17. 17. Move webservers first
  18. 18. Move services next
  19. 19. Move databases last
  20. 20. Top 5 Pain Points
  21. 21. 5. Setup & Terminology • • • • • • Subnets DHCP Network ACLs Routes Internet Gateway Unavoidable
  22. 22. 4. Security Groups • Groups not shared • Amazon EC2 open to NAT • Use scripts • Avoidable using public subnets
  23. 23. 3. Access Private Subnets • • • • OpenVPN High Availability SSH tunnels Unavoidable
  24. 24. 2. MongoDB Migration • Election algorithm • Intermediate move to public subnet • 15 min downtime
  25. 25. 1. NAT Bandwidth • NAT was t1.micro • Databases in Amazon EC2 • Applications in Amazon VPC • Not enough bandwidth through NAT • Avoidable
  26. 26. Please give us your feedback on this presentation CPN301 As a thank you, we will select prize winners daily for completed surveys!
  27. 27. Join the Team! • • • • • • Building the next generation of collaborative web applications VC funded High growth rate Profitable Graduates from Harvard, MIT, Stanford Former Google, Amazon, Microsoft employees https://www.lucidchart.com/jobs

×