AWS Summit 2014
Orchestration and Deployment
Options for Hybrid Enterprise
Environments
Guy Ernest
Solutions Architect
@gu...
What is Hybrid Cloud?
A composition of two or more distinct cloud
infrastructures that remain unique entities, but
are bou...
Requisite Gartner Quote
“Nearly half of large enterprises will
have hybrid cloud deployments by
the end of 2017.”
http://w...
Why Hybrid Cloud?
•  All the things the cloud provides
–  Agility
–  Economics
–  Scale
•  But something gets in the way
–...
What do Enterprises Want in Hybrid?
•  Ability to deploy identical stacks
•  Interoperability between clouds
•  Ability to...
Hybrid Considerations
•  Core Infrastructure
•  Security
–  Authentication and Entitlements
–  Identity Management
–  Data...
Hybrid Considerations
•  Cost Containment
•  Pace of Innovation
•  Cloud Orchestration
•  Application Deployment
•  Proces...
Today We’ll Focus On
•  Preparing Core Infrastructure
•  Orchestration Strategies
•  Application Deployment Strategies
Preparing Core Infrastructure
Active Directory
Network Configuration
Encryption
Back-up Appliances
Users & Access Rules
Yo...
Core Infrastructure Considerations
Driven by Business Requirements!
•  Performance & Latency
•  Business Continuity
•  Geo...
Some Relevant AWS Services
•  Amazon Virtual Private Cloud (VPC)
•  AWS Direct Connect
•  AWS Identity and Access Manageme...
Some Relevant AWS Services
•  AWS CloudFormation
•  VM Import / Export
•  AWS Management Pack for Microsoft System Center/...
Hybrid Orchestration Strategies
A Decision Framework
DIMENSION LOW MEDIUM HIGH
Organizational
Buy-In
None or
grassroots
Divisional Top Down (CIO/
CEO)
IT ...
Choices, Choices, Choices
Tool Capabilities Considerations
•  Multi Public Cloud Support
•  Monitoring and Alerting
•  Identity Federation
•  Servic...
Three Orchestration Strategies
•  Native Integration
•  Deploy New Orchestration Layer
•  Extend Existing Orchestration To...
Native Integration
Build a custom layer using API-level capabilities.
Best When:
•  Have in-house development skills
•  Ne...
Native Integration
DIMENSION LOW MEDIUM HIGH
Organizational
Buy-In
None or
grassroots
Divisional Top Down (CIO/
CEO)
IT Ca...
Native Integration - Pros
•  Incorporate all services or only what you need
•  Maximum flexibility
•  React quickly to new...
Native Integration - Cons
•  Need in-house development skills
•  Possible long development cycles
•  Private cloud must su...
New Orchestration Layer
Invest in new hybrid orchestration tools.
Best When:
•  Have moderate time constraints
•  Want the...
New Orchestration Layer
DIMENSION LOW MEDIUM HIGH
Organizational
Buy-In
None or
grassroots
Divisional Top Down (CIO/
CEO)
...
New Orchestration Layer - Pros
•  Get latest and greatest capabilities
•  Multi-cloud support
•  Faster than DIY
•  Vendor...
New Orchestration Layer - Cons
•  Licensing costs
•  Rip-and-replace legacy tools
•  Maintaining feature parity with AWS
•...
Extend Existing Tools
Leverage existing investments in tools
Best When:
•  Have aggressive time constraints
•  Don’t need ...
Extend Existing Tools
DIMENSION LOW MEDIUM HIGH
Organizational
Buy-In
None or
grassroots
Divisional Top Down (CIO/
CEO)
IT...
Extend Existing Tools - Pros
•  No rip-and-replace
•  Can be fastest path to hybrid
•  Familiarity with tools and vendors
...
Extend Existing Tools - Cons
•  Limited feature sets
•  Licensing costs
•  Maintaining feature parity with AWS
•  A “good ...
Application Deployment Strategies
...
Corporate
Data Centers
App 1
App 2
App N
...
App 1
App 2
App N
Horizontal
Run partial application layers on AWS
•  Storage
•  Disaster Recovery
•  Database
•  Extend / Burst into AWS
Horizontal - Pros
•  Can keep sensitive layers in-house
–  Data
–  IP / Trade Secrets
–  Regulatory Restricted
•  Relative...
Horizontal - Cons
•  More complex than vertical
•  Harder to undo if relationship with cloud
vendor sours
Vertical
Deploy full application stacks on AWS
•  Net-new Workloads
•  Development and QA
Vertical - Pros
•  Quick to Implement / Minimal Integration
•  Good Application Stack Isolation
•  Leverages Cloud Benefit...
Vertical - Cons
•  Doesn’t Really Leverage In-House IT
Resources
•  Must Have Well Established Governance
Policies for All...
© 2014 Amazon.com, Inc. and its affiliates. All rights reserved. May not be copied, modified, or distributed in whole or i...
Who is Eyefreight
Background
•  Initial Dutch Government investments into Innovation in Supply Chain Logistics
•  2009 Foc...
Eyefreight, in other words
•  Young company with well known customers
•  SAAS solution offering freight spend
management a...
Being an Innovative Company
•  Innovative companies are typically about doing
the right things
•  However, doing things ri...
A bit of background
Transportation
Planning
Execution
Monitoring
Cost
settlement
Transport
orders
Shipments Shipments
Orde...
Managing Mission Critical Loads
•  So how do we handle “mission critical”?
–  Load balancing and fail-over
–  Streaming re...
But how to use services to do that
•  Architect and design a solution that supports
cloud services from day one
–  Support...
And then go for scale
•  Automate
–  Configuration: Packer, Chef, Docker, OSGi
–  Deployment: CloudFormation, local regist...
Scaling up; when you need it
Why?
SLA / Life cycle specific
Customer specific
Environment specific
Load specific
Economy o...
Tips & Lessons learned
•  There are tools and API’s: Automate your build
process to produce AMI templates
•  If you need t...
Challenges (potentially new services)
•  Backup and recovery services are at the level of
a database (not schema). So not ...
Direct benefits, entrepreneurial
•  If you do not need to invest; then don’t
•  Instant maturity levels for OPS
•  Very fl...
© 2014 Amazon.com, Inc. and its affiliates. All rights reserved. May not be copied, modified, or distributed in whole or i...
That’s all great Guy, but how
do I actually get started?
Getting Started
•  Storage / Backups and Archive
•  Development and Test
•  Net New Workloads
•  Disaster Recovery
•  Clou...
Getting Started – Storage / Backup
Getting Started – Storage / Backup
Getting Started – Network Topology
Subnet 1
…
Subnet 2 Subnet N
Considerations
•  Overlapping networks
•  IP stinginess
• ...
Getting Started – Connectivity
Considerations
•  Public Internet vs. Direct Connect
•  Redundancy
Customer
Data Center
DX ...
Getting Started – IAM
Considerations
•  Identity Federation
•  AWS vs. App Stack Access
•  Build vs. Buy
What Next?
•  AWS Account Team
•  Trusted Partners
•  Resources
–  http://aws.amazon.com/architecture
–  http://aws.amazon...
Thank You!
AWS EXPERT?
GET CERTIFIED!
aws.amazon.com/certification
Guy Ernest
Solutions Architect
@guyernest
COFFEE
BREAK
AWS EXPERT?
GET CERTIFIED!
aws.amazon.com/certification
#awssummit
Upcoming SlideShare
Loading in...5
×

B2 - Integrating on-premises workloads with AWS

661

Published on

"Configure once, deploy anywhere" is one of the most sought-after enterprise operations requirements. Large-scale IT shops want to keep the flexibility of using on-premises and cloud environments simultaneously while maintaining the monolithic custom, complex deployment workflows and operations. This session brings together several hybrid enterprise requirements and compares orchestration and deployment models in depth without a vendor pitch or a bias. This session outlines several key factors to consider from the point of view of a large-scale real IT shop executive. Since each IT shop is unique, this session compares strengths, weaknesses, opportunities, and the risks of each model and then helps participants create new hybrid orchestration and deployment options for the hybrid enterprise environments.

Published in: Technology, Business
0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
661
On Slideshare
0
From Embeds
0
Number of Embeds
5
Actions
Shares
0
Downloads
56
Comments
0
Likes
1
Embeds 0
No embeds

No notes for slide

B2 - Integrating on-premises workloads with AWS

  1. 1. AWS Summit 2014 Orchestration and Deployment Options for Hybrid Enterprise Environments Guy Ernest Solutions Architect @guyernest
  2. 2. What is Hybrid Cloud? A composition of two or more distinct cloud infrastructures that remain unique entities, but are bound together by standardized or proprietary technology that enables data and application portability. “Special Publication 800-145 - The NIST Definition of Cloud Computing” – September, 2011
  3. 3. Requisite Gartner Quote “Nearly half of large enterprises will have hybrid cloud deployments by the end of 2017.” http://www.gartner.com/newsroom/id/2599315 - October 1, 2013
  4. 4. Why Hybrid Cloud? •  All the things the cloud provides –  Agility –  Economics –  Scale •  But something gets in the way –  Compliance –  Previous investment –  Legacy workloads –  Attitudes
  5. 5. What do Enterprises Want in Hybrid? •  Ability to deploy identical stacks •  Interoperability between clouds •  Ability to leverage one provisioning framework •  Ability to leverage one operational framework
  6. 6. Hybrid Considerations •  Core Infrastructure •  Security –  Authentication and Entitlements –  Identity Management –  Data Sovereignty •  Operations and Monitoring
  7. 7. Hybrid Considerations •  Cost Containment •  Pace of Innovation •  Cloud Orchestration •  Application Deployment •  Processes and Change Management
  8. 8. Today We’ll Focus On •  Preparing Core Infrastructure •  Orchestration Strategies •  Application Deployment Strategies
  9. 9. Preparing Core Infrastructure Active Directory Network Configuration Encryption Back-up Appliances Users & Access Rules Your Private Network HSM Appliance Cloud back-ups AWS Direct Connect Your Data Center Your Cloud
  10. 10. Core Infrastructure Considerations Driven by Business Requirements! •  Performance & Latency •  Business Continuity •  Geography •  Data Sovereignty •  Security •  And Many More…
  11. 11. Some Relevant AWS Services •  Amazon Virtual Private Cloud (VPC) •  AWS Direct Connect •  AWS Identity and Access Management (IAM)
  12. 12. Some Relevant AWS Services •  AWS CloudFormation •  VM Import / Export •  AWS Management Pack for Microsoft System Center/ VMWare vCenter •  AWS API, SDKs, and Tools
  13. 13. Hybrid Orchestration Strategies
  14. 14. A Decision Framework DIMENSION LOW MEDIUM HIGH Organizational Buy-In None or grassroots Divisional Top Down (CIO/ CEO) IT Capabilities In-house Limited Partner Limited In-house Limited Trusted Partner In-house Advanced Trusted Partner(s) IT Vision Operational Somewhat forward thinking Innovative and cutting edge AWS Experience None/Limited Some Extensive
  15. 15. Choices, Choices, Choices
  16. 16. Tool Capabilities Considerations •  Multi Public Cloud Support •  Monitoring and Alerting •  Identity Federation •  Service Catalog •  End-user Self Provisioning •  Cost Reporting and Chargeback •  Cloud-based Operation
  17. 17. Three Orchestration Strategies •  Native Integration •  Deploy New Orchestration Layer •  Extend Existing Orchestration Tools
  18. 18. Native Integration Build a custom layer using API-level capabilities. Best When: •  Have in-house development skills •  Need very fine-grained control •  Licensing costs are a big issue
  19. 19. Native Integration DIMENSION LOW MEDIUM HIGH Organizational Buy-In None or grassroots Divisional Top Down (CIO/ CEO) IT Capabilities In-house Limited Partner Limited In-house Limited Trusted Partner In-house Advanced Trusted Partner(s) IT Vision Operational Somewhat forward thinking Innovative and cutting edge AWS Experience None / Limited Some Extensive
  20. 20. Native Integration - Pros •  Incorporate all services or only what you need •  Maximum flexibility •  React quickly to new features and services •  Leverage existing open-source tools –  Open Nebula –  Eucalyptus –  Netflix Asgard –  CloudStack •  No licensing fees
  21. 21. Native Integration - Cons •  Need in-house development skills •  Possible long development cycles •  Private cloud must support API-level access •  Support must come from in-house
  22. 22. New Orchestration Layer Invest in new hybrid orchestration tools. Best When: •  Have moderate time constraints •  Want the latest and greatest •  Have trusted partners
  23. 23. New Orchestration Layer DIMENSION LOW MEDIUM HIGH Organizational Buy-In None or grassroots Divisional Top Down (CIO/ CEO) IT Capabilities In-house Limited Partner Limited In-house Limited Trusted Partner In-house Advanced Trusted Partner(s) IT Vision Operational Somewhat forward thinking Innovative and cutting edge AWS Experience None / Limited Some Extensive
  24. 24. New Orchestration Layer - Pros •  Get latest and greatest capabilities •  Multi-cloud support •  Faster than DIY •  Vendor-provided support
  25. 25. New Orchestration Layer - Cons •  Licensing costs •  Rip-and-replace legacy tools •  Maintaining feature parity with AWS •  Requires some specialized skills
  26. 26. Extend Existing Tools Leverage existing investments in tools Best When: •  Have aggressive time constraints •  Don’t need latest and greatest •  Have strong relationship with existing tools vendor
  27. 27. Extend Existing Tools DIMENSION LOW MEDIUM HIGH Organizational Buy-In None or grassroots Divisional Top Down (CIO/ CEO) IT Capabilities In-house Limited Partner Limited In-house Limited Trusted Partner In-house Advanced Trusted Partner(s) IT Vision Operational Somewhat forward thinking Innovative and cutting edge AWS Experience None / Limited Some Extensive
  28. 28. Extend Existing Tools - Pros •  No rip-and-replace •  Can be fastest path to hybrid •  Familiarity with tools and vendors •  Vendor-provided support •  Requires least amount of specialized skills
  29. 29. Extend Existing Tools - Cons •  Limited feature sets •  Licensing costs •  Maintaining feature parity with AWS •  A “good enough” approach
  30. 30. Application Deployment Strategies ... Corporate Data Centers App 1 App 2 App N ... App 1 App 2 App N
  31. 31. Horizontal Run partial application layers on AWS •  Storage •  Disaster Recovery •  Database •  Extend / Burst into AWS
  32. 32. Horizontal - Pros •  Can keep sensitive layers in-house –  Data –  IP / Trade Secrets –  Regulatory Restricted •  Relatively easier compliance
  33. 33. Horizontal - Cons •  More complex than vertical •  Harder to undo if relationship with cloud vendor sours
  34. 34. Vertical Deploy full application stacks on AWS •  Net-new Workloads •  Development and QA
  35. 35. Vertical - Pros •  Quick to Implement / Minimal Integration •  Good Application Stack Isolation •  Leverages Cloud Benefits at Each Layer •  Fairly Easy to Undo
  36. 36. Vertical - Cons •  Doesn’t Really Leverage In-House IT Resources •  Must Have Well Established Governance Policies for All Layers
  37. 37. © 2014 Amazon.com, Inc. and its affiliates. All rights reserved. May not be copied, modified, or distributed in whole or in part without the express consent of Amazon.com, Inc. Managing Mission Critical Loads Wido Riezebos, CTO Eyefreight
  38. 38. Who is Eyefreight Background •  Initial Dutch Government investments into Innovation in Supply Chain Logistics •  2009 Focus on Cost Management within Transportation •  2012 Funded by 2 Dutch Private Equity firms •  2013 Funding of US$ 14m •  2014 Geographical presence –  European headquarters in Utrecht, Netherlands –  US headquarters in Chicago, Illinois
  39. 39. Eyefreight, in other words •  Young company with well known customers •  SAAS solution offering freight spend management and visibility –  Tightly integrate with mission critical ERP systems –  Communicate with hundreds of different parties –  Running optimization algorithms on high volumes of data is core business
  40. 40. Being an Innovative Company •  Innovative companies are typically about doing the right things •  However, doing things right is like hygiene –  as in “if you don’t do it right you will get in stinking mess” •  So… get the right guys to ‘do things right’ for you. Think Services, not personnel. •  Only invest in your edge and competitiveness
  41. 41. A bit of background Transportation Planning Execution Monitoring Cost settlement Transport orders Shipments Shipments Order Allocation Stock orders Sales orders Transport orders Shipments Shipments Shipment assignment Status updates
  42. 42. Managing Mission Critical Loads •  So how do we handle “mission critical”? –  Load balancing and fail-over –  Streaming replication –  Backup and point in time recovery –  Configuration management in a massive cluster –  Security certification •  Yeah yeah yeah. (You’ve read the book) Per customer / day •  3000 orders •  200 shipments •  800 updates •  15.000 page hits Now think 500 customers, 62.000 users, 3 continents
  43. 43. But how to use services to do that •  Architect and design a solution that supports cloud services from day one –  Support multi tenancy from the load balancers through all components down to the database schema –  Many clusters with X nodes, using Y databases containing Z schemas –  Create appliances that self configure (dynamic cluster sizing made easy). Just add a node –  Isolate environments (customers, regions). Just add a cluster
  44. 44. And then go for scale •  Automate –  Configuration: Packer, Chef, Docker, OSGi –  Deployment: CloudFormation, local registry discovery, automatic schema upgrades, Apache ACE/OBR –  Scaling: APM trending / hotspot discovery, dynamic cluster sizing, aggregated logging –  Security: intrusion detection and global auditing •  Automation + capacity on demand = Flexibility
  45. 45. Scaling up; when you need it Why? SLA / Life cycle specific Customer specific Environment specific Load specific Economy of scale
  46. 46. Tips & Lessons learned •  There are tools and API’s: Automate your build process to produce AMI templates •  If you need to scale, do not forget the rule of the weakest link. In our case that is still RDS •  Balancing over HTTP is so much easier. REST!
  47. 47. Challenges (potentially new services) •  Backup and recovery services are at the level of a database (not schema). So not necessarily at the level of your customer •  Root cause analysis is a pain in a load balanced cluster. You need to aggregate and correlate your logs centrally •  APM style Metrics at the functional level
  48. 48. Direct benefits, entrepreneurial •  If you do not need to invest; then don’t •  Instant maturity levels for OPS •  Very flexible capacity; complete environments can be created and abandoned ad-hoc
  49. 49. © 2014 Amazon.com, Inc. and its affiliates. All rights reserved. May not be copied, modified, or distributed in whole or in part without the express consent of Amazon.com, Inc. Managing Mission Critical Loads Wido Riezebos, CTO Eyefreight Thanks!
  50. 50. That’s all great Guy, but how do I actually get started?
  51. 51. Getting Started •  Storage / Backups and Archive •  Development and Test •  Net New Workloads •  Disaster Recovery •  Cloud Bursting •  Migrate Legacy Workloads
  52. 52. Getting Started – Storage / Backup
  53. 53. Getting Started – Storage / Backup
  54. 54. Getting Started – Network Topology Subnet 1 … Subnet 2 Subnet N Considerations •  Overlapping networks •  IP stinginess •  VPC CIDR too small •  Subnets too small
  55. 55. Getting Started – Connectivity Considerations •  Public Internet vs. Direct Connect •  Redundancy Customer Data Center DX Location
  56. 56. Getting Started – IAM Considerations •  Identity Federation •  AWS vs. App Stack Access •  Build vs. Buy
  57. 57. What Next? •  AWS Account Team •  Trusted Partners •  Resources –  http://aws.amazon.com/architecture –  http://aws.amazon.com/enterprise
  58. 58. Thank You! AWS EXPERT? GET CERTIFIED! aws.amazon.com/certification Guy Ernest Solutions Architect @guyernest
  59. 59. COFFEE BREAK AWS EXPERT? GET CERTIFIED! aws.amazon.com/certification #awssummit
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×