AWS Summit 2013 | Singapore - Extending your Datacenter with Amazon VPC

  • 538 views
Uploaded on

As more organizations seek to leverage the power and benefits of the cloud, they also need to combine new systems with exiting on-premises systems. Services such as Virtual Private Cloud, VPN and …

As more organizations seek to leverage the power and benefits of the cloud, they also need to combine new systems with exiting on-premises systems. Services such as Virtual Private Cloud, VPN and DirectConnect enable AWS customers to combine on-premises and cloud-based resources easily and effectively. This session will walk customers through the 4 main patterns of connectivity and will include a ""real time"" demonstration of how easy it is to setup your own VPC and start working in your own private section of the AWS Cloud.

More in: Technology
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Be the first to comment
No Downloads

Views

Total Views
538
On Slideshare
0
From Embeds
0
Number of Embeds
0

Actions

Shares
Downloads
0
Comments
0
Likes
2

Embeds 0

No embeds

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
    No notes for slide

Transcript

  • 1. Mark Statham Solution Architect ASEAN, AWS July 18, 2013 @markstatham Extending your Data Centre with VPC
  • 2. Agenda • Why? • What? • How Much? • Customer Examples • “Goodies” in VPC
  • 3. WHY?
  • 4. Capacity Power Elasticity Agility
  • 5. WHAT?
  • 6. VPC Overview • Bring your own network Your network goes here
  • 7. VPC Overview • Bring your own network • Create your own subnets Subnet 1 Subnet 2 Subnet ‘n’ …
  • 8. VPC Overview • Control instance placement Availability Zone ‘A’ Availability Zone ‘B’
  • 9. VPC Overview • Control instance placement and traffic – Security Groups & NACLs Availability Zone ‘A’ Availability Zone ‘B’
  • 10. VPC Overview • Control instance placement and traffic – Security Groups & NACLs – Routing Rules Availability Zone ‘A’ Availability Zone ‘B’
  • 11. VPC Overview • VPC Gateways – Virtual Private Gateway – Internet Gateway Customer Network
  • 12. VPC Overview • Virtual Private Gateway – IPSEC VPN Customer Network
  • 13. VPC Overview • Virtual Private Gateway – Dynamic Routing (Route-based VPN) – Static Routing (Policy-based VPN) Customer Network
  • 14. VPC Overview • Virtual Private Gateway – IPSEC VPN – Direct Connect Customer NetworkDX Location Customer/Partner WAN
  • 15. VPC Overview • Virtual Private Gateway • Internet Gateway Customer Network
  • 16. VPC Overview • Connecting to Instances – Private IP – Elastic IP (publically routable) Customer Network
  • 17. VPC Overview • Connecting to Instances – Load Balancers Customer Network
  • 18. VPC Building Blocks Summary Virtual Private Cloud Subnets Route Tables, Security Groups, NACLs Elastic IPs and Load Balancers Virtual Private Gateway AWS Direct Connect Internet Gateway
  • 19. VPC Connectivity Options
  • 20. Connectivity Option #1 • Lollipop network (“DC-on-a-stick”) – Internet VPN Customer Network
  • 21. Connectivity Option #1 • Lollipop network (“DC-on-a-stick”) – Dual Redundancy Customer Location #2 Customer Location #1
  • 22. Connectivity Option #1 • Lollipop network (“DC-on-a-stick”) – AWS VPN CloudHub Customer Location #2 Customer Location #1
  • 23. Connectivity Option #1 • Lollipop network (“DC-on-a-stick”) – Direct Connect Customer NetworkDX Location Customer/Partner WAN
  • 24. Connectivity Option #2 • Hybrid Integration – Internal & Internet Access – Internet VPN Customer Network
  • 25. Connectivity Option #2 • Hybrid Integration – Internal & Internet Access – Internet VPN – DirectConnect Customer NetworkDX Location
  • 26. Connectivity Option #3 • Integration between VPCs – DirectConnect DX Location
  • 27. Connectivity Option #3 • Integration between VPCs – DirectConnect – Software VPN to Hardware (VGW)
  • 28. Connectivity Option #3 • Integration between VPCs – DirectConnect – Software VPN to Software VPN
  • 29. Connectivity Option #4 • Remote Access Solution – Microsoft RAS – Checkpoint – OpenVPN – Sophos – Vyatta Customer Network Remote Access Server
  • 30. Non-Standard VPN Requirements • Software VPN Appliance – Overlapping (unknown) customer network addresses – Customer MUST manage both sides of VPN Customer Network Remote Access Server
  • 31. Nonstandard VPN Requirements • ZenOSS SaaS example – Managed monitoring service – Extend AWS into ZenOSS Customer Networks Customer “1” Shared Mgmt Network Customer “2” Customer “n” …
  • 32. VPC Connectivity Options Summary Lollipop network or data-center-on-a-stick Hybrid integration – Internal & Internet Access Integration between Amazon VPCs Mobile/Remote access solution
  • 33. HOW MUCH?
  • 34. VPC $0 Hardware VPN $0.05/ Hour Inbound Data $0.00 Outbound Data (SIN) $0.19 per GB (first GB free) Direct connect 1 Gbps Port $0.30/ Hour 10 Gbps Port $2.25/ Hour Inbound Data $0.00 Outbound Data (SIN) $0.045 per GB (first GB free)
  • 35. VPC $0 Hardware VPN $438 Direct connect 1 Gbps Port $2,628 10 Gbps Port $19,710 *Plus Outgoing data & private connection costs For A Year
  • 36. CUSTOMER EXAMPLES
  • 37. Lionsgate uses AWS To host SharePoint & SAP Amazon VPC Avoided data center build out Saved $1M over 3 years 50% lower cost than hosting options
  • 38. Nasdaq used AWS to Build a New Line of Business
  • 39. PRE-BUILT ARCHITECTURES
  • 40. SharePoint - Intranet
  • 41. SharePoint - Internet
  • 42. “Goodies” in VPC
  • 43. Goodies • Control over Ingress & Egress of data – Security Groups • Dynamic allocation of Security Groups to Instances • Elastic Network Interfaces – up to 8 depending on instance • DNS Resolution – Default or use your own • ElastiCache in VPC (joining RDS, EMR, ElasticBeanstalk, Redshift, OpsWorks, etc) • RDS IP Addresses - option to have RDS publically accessible
  • 44. Flexible Agile Cost Effective Integrated
  • 45. ARCHITECTURE CENTER http://aws.amazon.com/architecture TECHNICAL ARTICLES http://aws.amazon.com/articles PODCAST http://aws.amazon.com/podcast BLOG http://aws.typepad.com
  • 46. Technical Track