Your SlideShare is downloading. ×
AWS Summit Stockholm 2014 – B3 – Integrating on-premises workloads with AWS
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×

Introducing the official SlideShare app

Stunning, full-screen experience for iPhone and Android

Text the download link to your phone

Standard text messaging rates apply

AWS Summit Stockholm 2014 – B3 – Integrating on-premises workloads with AWS

380
views

Published on

"Configure once, deploy anywhere" is one of the most sought-after enterprise operations requirements. Large-scale IT shops want to keep the flexibility of using on-premises and cloud environments …

"Configure once, deploy anywhere" is one of the most sought-after enterprise operations requirements. Large-scale IT shops want to keep the flexibility of using on-premises and cloud environments simultaneously while maintaining the monolithic custom, complex deployment workflows and operations. This session brings together several hybrid enterprise requirements and compares orchestration and deployment models in depth without a vendor pitch or a bias. This session outlines several key factors to consider from the point of view of a large-scale real IT shop executive. Since each IT shop is unique, this session compares strengths, weaknesses, opportunities, and the risks of each model and then helps participants create new hybrid orchestration and deployment options for the hybrid enterprise environments.

Published in: Technology

0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
380
On Slideshare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
33
Comments
0
Likes
1
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide
  • Many enterprise are asking about the right way to build their Hybrid Cloud implementation. We are helping them do that around Europe.
    We will talk about the definition of an Hybrid Cloud, the considerations to move to an Hybrid Cloud environment, and a decision framework to decide how to do it in a specific org.
    It will help understand which of the orchestration and application deployment options are suitable to your enterprise.
  • I promise that I will only read to you the next 2 slides - hybrid cloud definition
    Note that it doesn’t talk about private cloud or public cloud.
    For today’s talk, we’ll assume 1 or more private clouds and 1 or more public clouds.


  • No Enterprise talk is complete without a quote from Gartner – so let’s get it out of the way.
    So, why are we all here today? Because in the next 3 years almost 50% or all large Enterprises will have Hybrid Cloud.
    It looks like a long time, but in the Enterprise world 3 years is not a lot of time, and there is a lot of work to be done.
    We are going to touch of some of the strategies that will help you move to that direction
  • All what you heard in the keynote..

    Why Hybrid then?
    You might have a regulator saying “Thou shall run that work load only within your 4 walls. Full stop”. That work load can not leave your DC.
    Maybe you bought servers, and disks and air conditioning that you don’t want to leave behind just yet
    Maybe you have a mainframe or AS-400 running in the corner and you can’t shut it off
    Maybe it is only a matter of attitude, some people like to walk into a server room and see the lights flashing.
    In AWS with like to call them with a smile “server huggers”, but over time all things do change.

  • Identical stack – it can be LAMP stack, or Windows stack. You want to have the same stacks available in the cloud.
    And you want to make sure that they will work in an interoperable way .
    Provisioning
    Self service
    Operation
    “Single Pane of Glass”
    Later in the talk we will talk about the definition of orchestration, operation and deployment in the hybrid cloud environemnt
  • What are the core infrastructure we need to have to allow running the business application
    Security is always number one consideration
    How do you extend the permissions and roles of your users to work across clouds
    Data sovereignty – when you are operating in a private data center, you know exactly where is your data. It can also achieved with AWS, but it is something to consider.
    When you are running in AWS, you have access to 10 regions, which are clusters of DC in a single geographic region. Data sovereignty is certainly solvable in AWS, but you need to understand how when you go to an hybrid model.
  • Cost containment – one of the beauty of the cloud is the utilities model. When you start up a server you start paying for it, and when you shut it down, you stop paying.
    Combine that with the ability to allocate thousands and thousands of servers and peta bytes and peta bytes of storage, it is a lot of power.
    But with great power, comes great responsibility. How do you control your costs? You probably heard the terms “VM Sprawl”. In AWS we have multiple tools to control it.
    One of the first questions I get is “Can I limit the cost of my operation?”, I then ask, “What would you like us to do? Shut down your servers automatically?”. Of course not.
    It is certainly something you need to consider when you are moving to a new model of hybrid cloud.
    Pace of innovation – you heard about the many new updates we had only this year. I bet that your DC will not be able to innovate in such a pace. How do you handle “feature parity” between AWS and the private DC?
  • Define Orchestration vs Application Deployment
    Orchestration is how do I control and provision my infrastructure. How do I allocate server, how I define my network and how to I monitor it. How do I allocate storage and different type of storage.
    While application deployment is more about how to I move my stack into the cloud. How do I do the OS patching, how do I do continuous integration in the cloud.
    We are going to talk about both.
  • You probably recognize this slide from previous talks, on how you pair your DC and the AWS cloud.
  • The exact setting, for example, do you need to have a direct connect connection to the cloud (the answer is probably yes) and other, is driven by the business requirements.
    Where are your users, where is your data, what type of application are you running, is 50ms latency is reasonable for a system, what is the RPO of your DR plan, etc.
  • VPC – overlay your network topology into the cloud, and define your private chunk of the cloud and allows it to look like an extension of your DC. When you are running a private 10. network, and your users are accessing a 10. private IP address, your users don’t know if the server is in the local DC or in the AWS cloud.
    Direct connect – a private dedicated connection into the AWS cloud. A lot of our customers are practically happy to access the AWS services over the public Internet, over a secure VPN IP-SEC connection, but some of them for compliance and security reason, or even for performance reasons, are setting up that dedicated private fiber to connect their hybrid cloud parts. It comes in different sizes, 10Gb, 1Gb and fractions of 1Gb. As much bandwidth you need, you can provision it through most of the ISP around Europe to AWS peering point in London or Dublin, or many other points around the globe.
  • CloudFormation is a way to script your stack in a JSON format, and then use it to spin up all these resources together. You heard the terms “Software or Script defined Data Centers”, cloud formation is a big step in that direction.
    VM import/Export allows you to take virtual machines from your DC and spin them up in AWS, and allowing you to move virtualized work load easily to the cloud. We also have a few partners like Ravello System that are also doing it for a complete system.
    If you are managing your DC with MS System Center, you can download this plugin (and we released v2 of this plug in last week) and manage your resource through this single pane of glass. This is one of the shortest way of Hybrid Cloud, download it, plug it in, 15 minutes, voila, you have an hybrid cloud
    All services are API – and most of things we are going to talk today are built on top of this API
  • This is the meat of the conversation today
  • Organizational capability steers hybrid strategy.


    The last is the least important, as there are many AWS people like me around you, there are many partners that are doing such hybrid cloud operation on a daily basis, and they can help you in this journey.
  • Maybe you want to go with the Enterprise tools like HP, MS, BNC, CA or VMWare.
    Or maybe you want to use the specilized tools like RightScale, enstradius or Kaavo
    Or you can go the open source way with tools from Netflix, or CloudStach, and Ecalyptus and Open Nebula
  • I will touch only a few of them, but you should consider all of them when deciding on the tools you want to use and the strategies you want to adopt.

    Service catalogue is something I hear a lot. Enterprise want to get rid of the heavy lifting and long waiting. A user need an oracle DB, click a button and 15 minutes later you have a fully configured Oracle server, or an Hadoop cluster.
    Chargeback is also different in the cloud, as you can have an exact cost for all the resources of the marketing department project, that you can charge them back. Instead of estimate of DC cost amortizations.
  • Today we’ll look at 3 orchestration strategies that we’ve seen clients use
  • AWS Cloud is mainly API
    Accenture Cloud Platform – they had the in-house skills and they even took it one step further and productize it for public consumption.
  • Organizational capability steers hybrid strategy.
  • We have many services and not all the vendors on the slide before support them all.
    For example we added the ability to encrypt your EBS volume automatically. It will some time for the product to add this check box to their product. But if you are on the source code of your system, you can add it immediately with the correct flag to the API call.
  • Organizational capability steers hybrid strategy.
  • The example of MS System Center
  • Organizational capability steers hybrid strategy.
  • If you want to test a system of a new vendor in a secure way
  • Let’s take a look at some specific use cases as well as go deeper on some key considerations: networking and security
    From easiest to most complex
  • This is a really easy way to start the journey
    You can point to tape backup of your system using VTL (tape library) to S3 through Storage gateway, and you can stop buying these tapes and get it from S3
    I like to call Storage Gateway as Hybrid Cloud in a box
  • We have partners that can backup the NAS that you want to share between Europe and Tokyo through S3. You are getting the designed for unlimited storage capacity of S3, as well as it design for 11 9s of durability. And you can point these GW to the regions you want your data to reside.
  • These are some mistakes we see
    Don’t use the same 10.0.1 addresses both on premises and in the cloud, and also when you are planning multiple regions.
  • Transcript

    • 1. © 2014 Amazon.com, Inc. and its affiliates. All rights reserved. May not be copied, modified, or distributed in whole or in part without the express consent of Amazon.com, Inc. Orchestration and Deployment Options for Hybrid Enterprise Environments Guy Ernest, Solutions Architect
    • 2. What is Hybrid Cloud? A composition of two or more distinct cloud infrastructures that remain unique entities, but are bound together by standardized or proprietary technology that enables data and application portability. “Special Publication 800-145 - The NIST Definition of Cloud Computing” – September, 2011
    • 3. Requisite Gartner Quote “Nearly half of large enterprises will have hybrid cloud deployments by the end of 2017.” http://www.gartner.com/newsroom/id/2599315 - October 1, 2013
    • 4. Why Hybrid Cloud? • All the things the cloud provides – Agility – Economics – Scale • But something gets in the way – Compliance – Previous investment – Legacy workloads – Attitudes
    • 5. What do Enterprises Want in Hybrid? • Ability to deploy identical stacks • Interoperability between clouds • Ability to leverage one provisioning framework • Ability to leverage one operational framework
    • 6. Hybrid Considerations • Core Infrastructure • Security – Authentication and Entitlements – Identity Management – Data Sovereignty • Operations and Monitoring
    • 7. Hybrid Considerations • Cost Containment • Pace of Innovation • Cloud Orchestration • Application Deployment • Processes and Change Management
    • 8. Today We’ll Focus On • Preparing Core Infrastructure • Orchestration Strategies • Application Deployment Strategies
    • 9. Preparing Core Infrastructure Active Directory Network Configuration Encryption Back-up Appliances Users & Access Rules Your Private Network HSM Appliance Cloud back-ups AWS Direct Connect Your Data Center Your Cloud
    • 10. Core Infrastructure Considerations Driven by Business Requirements! • Performance & Latency • Business Continuity • Geography • Data Sovereignty • Security • And Many More…
    • 11. Some Relevant AWS Services • Amazon Virtual Private Cloud (VPC) • AWS Direct Connect • AWS Identity and Access Management (IAM)
    • 12. Some Relevant AWS Services • AWS CloudFormation • VM Import / Export • AWS Management Pack for Microsoft System Center • AWS API, SDKs, and Tools
    • 13. Hybrid Orchestration Strategies
    • 14. A Decision Framework DIMENSION LOW MEDIUM HIGH Organizational Buy-In None or grassroots Divisional Top Down (CIO/CEO) IT Capabilities In-house Limited Partner Limited In-house Limited Trusted Partner In-house Advanced Trusted Partner(s) IT Vision Operational Somewhat forward thinking Innovative and cutting edge AWS Experience None/Limited Some Extensive
    • 15. Choices, Choices, Choices
    • 16. Tool Capabilities Considerations • Multi Public Cloud Support • Monitoring and Alerting • Identity Federation • Service Catalog • End-user Self Provisioning • Cost Reporting and Chargeback • Cloud-based Operation
    • 17. Three Orchestration Strategies • Native Integration • Deploy New Orchestration Layer • Extend Existing Orchestration Tools
    • 18. Native Integration Build a custom layer using API-level capabilities. Best When: • Have in-house development skills • Need very fine-grained control • Licensing costs are a big issue
    • 19. Native Integration DIMENSION LOW MEDIUM HIGH Organizational Buy-In None or grassroots Divisional Top Down (CIO/CEO) IT Capabilities In-house Limited Partner Limited In-house Limited Trusted Partner In-house Advanced Trusted Partner(s) IT Vision Operational Somewhat forward thinking Innovative and cutting edge AWS Experience None / Limited Some Extensive
    • 20. Native Integration - Pros • Incorporate all services or only what you need • Maximum flexibility • React quickly to new features and services • Leverage existing open-source tools – Open Nebula – Eucalyptus – Netflix Asgard – CloudStack • No licensing fees
    • 21. Native Integration - Cons • Need in-house development skills • Possible long development cycles • Private cloud must support API-level access • Support must come from in-house
    • 22. New Orchestration Layer Invest in new hybrid orchestration tools. Best When: • Have moderate time constraints • Want the latest and greatest • Have trusted partners
    • 23. New Orchestration Layer DIMENSION LOW MEDIUM HIGH Organizational Buy-In None or grassroots Divisional Top Down (CIO/CEO) IT Capabilities In-house Limited Partner Limited In-house Limited Trusted Partner In-house Advanced Trusted Partner(s) IT Vision Operational Somewhat forward thinking Innovative and cutting edge AWS Experience None / Limited Some Extensive
    • 24. New Orchestration Layer - Pros • Get latest and greatest capabilities • Multi-cloud support • Faster than DIY • Vendor-provided support
    • 25. New Orchestration Layer - Cons • Licensing costs • Rip-and-replace legacy tools • Maintaining feature parity with AWS • Requires some specialized skills
    • 26. Extend Existing Tools Leverage existing investments in tools Best When: • Have aggressive time constraints • Don’t need latest and greatest • Have strong relationship with existing tools vendor
    • 27. Extend Existing Tools DIMENSION LOW MEDIUM HIGH Organizational Buy-In None or grassroots Divisional Top Down (CIO/CEO) IT Capabilities In-house Limited Partner Limited In-house Limited Trusted Partner In-house Advanced Trusted Partner(s) IT Vision Operational Somewhat forward thinking Innovative and cutting edge AWS Experience None / Limited Some Extensive
    • 28. Extend Existing Tools - Pros • No rip-and-replace • Can be fastest path to hybrid • Familiarity with tools and vendors • Vendor-provided support • Requires least amount of specialized skills
    • 29. Extend Existing Tools - Cons • Limited feature sets • Licensing costs • Maintaining feature parity with AWS • A “good enough” approach
    • 30. Application Deployment Strategies ... Corporate Data Centers App 1 App 2 App N ... App 1 App 2 App N
    • 31. Horizontal Run partial application layers on AWS • Storage • Disaster Recovery • Database • Extend / Burst into AWS
    • 32. Horizontal - Pros • Can keep sensitive layers in-house – Data – IP / Trade Secrets – Regulatory Restricted • Relatively easier compliance
    • 33. Horizontal - Cons • More complex than vertical • Harder to undo if relationship with cloud vendor sours
    • 34. Vertical Deploy full application stacks on AWS • Net-new Workloads • Development and QA
    • 35. Vertical - Pros • Quick to Implement / Minimal Integration • Good Application Stack Isolation • Leverages Cloud Benefits at Each Layer • Fairly Easy to Undo
    • 36. Vertical - Cons • Doesn’t Really Leverage In-House IT Resources • Must Have Well Established Governance Policies for All Layers
    • 37. That’s all great Guy, but how do I actually get started?
    • 38. Getting Started • Storage / Backups and Archive • Development and Test • Net New Workloads • Disaster Recovery • Cloud Bursting • Migrate Legacy Workloads
    • 39. Getting Started – Storage / Backup
    • 40. Getting Started – Storage / Backup
    • 41. Getting Started – Network Topology Subnet 1 … Subnet 2 Subnet N Considerations • Overlapping networks • IP stinginess • VPC CIDR too small • Subnets too small
    • 42. Getting Started – Connectivity Considerations • Public Internet vs. Direct Connect • Redundancy Customer Data Center DX Location
    • 43. Getting Started – IAM Considerations • Identity Federation • AWS vs. App Stack Access • Build vs. Buy
    • 44. What Next? • AWS Account Team • Trusted Partners • Resources – http://aws.amazon.com/architecture – http://aws.amazon.com/enterprise
    • 45. © 2014 Amazon.com, Inc. and its affiliates. All rights reserved. May not be copied, modified, or distributed in whole or in part without the express consent of Amazon.com, Inc. Orchestration and Deployment Options for Hybrid Enterprise Environments Guy Ernest, Solutions Architect Thanks!