• Share
  • Email
  • Embed
  • Like
  • Private Content
CIW Lab with CoheisveFT: Get started in public cloud - Part 2 Hands On
 

CIW Lab with CoheisveFT: Get started in public cloud - Part 2 Hands On

on

  • 1,214 views

CohesiveFT: Get started with public cloud ...

CohesiveFT: Get started with public cloud

It's time to explore the public cloud. Get familiar with Amazon's AWS EC2 compute and S3 storage. Demo and guides will prep you to do big things with hosting for your websites and apps!

Part 2 Hands On: After covering the basics of cloud and virtualization, we'll dive into AWS terminology and getting set up, then we'll all find an image and launch our own AWS instance. Additional information includes VPC vs. VNS3 features, real cloud use cases, and further reading.

Hosted by: Ryan Koop, Director of Product Marketing

Statistics

Views

Total Views
1,214
Views on SlideShare
893
Embed Views
321

Actions

Likes
0
Downloads
2
Comments
0

9 Embeds 321

http://blog.cohesiveft.com 273
http://feeds.feedburner.com 35
http://xianguo.com 3
http://cloud.feedly.com 3
http://3216052632588610042_c6e9bfc7a7cc65b9e42dd99d71f9f3e11784d86b.blogspot.com 2
http://www.newsblur.com 2
https://twitter.com 1
http://digg.com 1
http://webcache.googleusercontent.com 1
More...

Accessibility

Categories

Upload Details

Uploaded via as Adobe PDF

Usage Rights

CC Attribution-NonCommercial-NoDerivs LicenseCC Attribution-NonCommercial-NoDerivs LicenseCC Attribution-NonCommercial-NoDerivs License

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

    CIW Lab with CoheisveFT: Get started in public cloud - Part 2 Hands On CIW Lab with CoheisveFT: Get started in public cloud - Part 2 Hands On Presentation Transcript

    • Getting Started with Public Cloud and AWS CohesiveFT | Chicago Ideas Week Lab copyright 2013 Thursday, October 17, 13 1
    • Agenda Level Set: Cloud, Virtualization & Networking Basics • Working together: AWS and CohesiveFT • AWS Core: Starting in EC2 and S3 • Hands on: Setting up your own AWS • Life in the Cloud: What others are doing in public cloud • copyright 2013 Thursday, October 17, 13 2
    • Welcome back Your Presenter Ryan Koop Director of Marketing, Co-founder Ryan is responsible for product development and manages teams for public relations, international events, and content marketing. His role spans the technical product development, customer support, business development and thought leadership needs of a growing company. Before CohesiveFT, Ryan worked at a trading platform software company in the US Derivative Markets. Coming Up Patrick Kerpan CEO, Co-founder @cohesiveft #CIW copyright 2013 Thursday, October 17, 13 3
    • Jump into AWS: Amazon POV Layer 7 Layer 6 SaaS Layer 5 Layer 4 Layer 3 PaaS Layer 2 IaaS Layer 1 Layer 0 Graphic from http://docs.amazonwebservices.com/gettingstarted/latest/awsgsg-intro/intro.html copyright 2013 Thursday, October 17, 13 4
    • Jump into AWS: Amazon POV Layer 7 Layer 6 SaaS Layer 5 Layer 4 Layer 3 PaaS Layer 2 IaaS Layer 1 Layer 0 Graphic from http://docs.amazonwebservices.com/gettingstarted/latest/awsgsg-intro/intro.html copyright 2013 Thursday, October 17, 13 4
    • Jump into AWS: Amazon POV Layer 7 Layer 6 SaaS Layer 5 Layer 4 Layer 3 PaaS Layer 2 IaaS Layer 1 Layer 0 Graphic from http://docs.amazonwebservices.com/gettingstarted/latest/awsgsg-intro/intro.html copyright 2013 Thursday, October 17, 13 4
    • Jump into AWS: My POV copyright 2013 Thursday, October 17, 13 5
    • AWS Regions = Availability Zones Choose specific regions to: • Optimize latency • Address regulatory requirements • Create a point-of-presence (POP) Servers Internet Servers Availability Zone Availability Zone Region: US East copyright 2013 Thursday, October 17, 13 6
    • AWS & Cloud Provides Global Reach copyright 2013 Thursday, October 17, 13 7
    • AWS Terminology: Image & Instance Image - template to launch an Amazon EC2 instance with your software Instance - the AWS name for a server / virtual machine. In AWS, you can launch an instance from community or marketplace AMIs Image Instance Detailed information can be found at: http://docs.amazonwebservices.com/AWSEC2/latest/UserGuide/instance-types.html copyright 2013 Thursday, October 17, 13 8
    • Amazon Web Services Offerings (Console) More information at aws.amazon.com/console copyright 2013 Thursday, October 17, 13 9
    • Set up your AWS account • Go to www.aws.amazon.com • Follow the steps to set up and verify • Recommended: Sign up for Free, No support options copyright 2013 Thursday, October 17, 13 10
    • Amazon Simple Storage Service (Amazon S3) copyright 2013 Thursday, October 17, 13 11
    • Amazon Web Services Offerings (Console) More information at aws.amazon.com/console copyright 2013 Thursday, October 17, 13 12
    • Amazon S3 • Backup and Storage – Provide data backup and storage services for others. • Application Hosting – Provide services that deploy, install, and manage web applications. • Media Hosting – Build a redundant, scalable, and highly available infrastructure that hosts video, photo, or music uploads and downloads. • Software Delivery – Host your software applications that customers can download. More on using S3 here: http://aws.amazon.com/s3/#resources copyright 2013 Thursday, October 17, 13 13
    • Create a Bucket in S3 copyright 2013 Thursday, October 17, 13 14
    • Upload files to your bucket • In the Upload - Select Files wizard - to upload an entire folder, click Enable Enhanced Uploader • Click Add Files. • Select the file > click Open • Click Start Upload. To hide the Transfer dialog box, click the Close button at top right in the Transfers panel. To open it again, click Transfers. copyright 2013 Thursday, October 17, 13 15
    • Move Objects • In the Amazon S3 console, right-click the object that you want to move, and then click Cut. • Navigate to the bucket or folder you want to move the object. Right-click the folder or bucket and then click Paste Into. copyright 2013 Thursday, October 17, 13 16
    • Amazon S3 Highlights • Unlimited object storage •Upload files (from 1 byte to 5 terabytes each) from your computer •Browse the contents of your buckets with either HTTP or SOAP interface • Can create an authenticated URL to give time limited 3rd party access to a bucket More on using S3 here: http://aws.amazon.com/s3/#resources copyright 2013 Thursday, October 17, 13 17
    • Life in the cloud: using S3 at CohesiveFT Analysts Investors Customers Images: Wikipedia copyright 2013 Thursday, October 17, 13 18
    • Life in the cloud: using S3 at CohesiveFT Analysts Investors Customers Images: Wikipedia copyright 2013 Thursday, October 17, 13 18
    • Life in the cloud: using S3 at CohesiveFT Analysts Investors Customers Images: Wikipedia copyright 2013 Thursday, October 17, 13 18
    • Life in the cloud: using S3 at CohesiveFT Analysts Investors Customers Images: Wikipedia copyright 2013 Thursday, October 17, 13 18
    • Life in the cloud: using S3 at CohesiveFT Analysts Investors Customers Images: Wikipedia copyright 2013 Thursday, October 17, 13 18
    • Life in the cloud: using S3 at CohesiveFT Analysts Investors Customers Images: Wikipedia copyright 2013 Thursday, October 17, 13 18
    • Amazon Elastic Compute Cloud (Amazon EC2) copyright 2013 Thursday, October 17, 13 19
    • Amazon Web Services Offerings (Console) More information at aws.amazon.com/console copyright 2013 Thursday, October 17, 13 20
    • AWS Terminology: EC2 • Security Group: a set of rules you create to act as a firewall to control traffic for one or more instances • Spot Instance: instance you allow to run on any unused Amazon EC2 compute capacity - prices fluctuate periodically depending on the supply, demand and capacity • Reserved Instance: pricing model that enables you to reserve capacity for EC2 instances, lowers average cost copyright 2013 Thursday, October 17, 13 21
    • Amazon Web Services - EC2 • Launch virtual servers in the cloud •Find, manage and create Amazon Machine Images (AMIs) • Create and manage Security Groups • Launch and manage Instances copyright 2013 Thursday, October 17, 13 22
    • Two Kinds of AWS Images Instance Store-backed EBS-backed •Boot in <5mins •Boot in <1min •Limited to 10GB* •Limited to 1TB •Data on instance only persists during •Data persists after instance the life of the instance termination •Instance attributes are fixed for the •Stop function allows you to change life of the instance the instance settings (grow or shrink) •Cheaper only charged runtime •Charged for runtime and and storage •All AWS Marketplace AMIs are EBSbacked copyright 2013 Thursday, October 17, 13 23
    • Amazon Web Services - Select AMI • Choose from Quick Start popular AMIs Marketplace, or Community AMIs • Search “wordpress” • Select WordPress BitNami (free tier) OR • (optional) VNS3 Free Edition copyright 2013 Thursday, October 17, 13 24
    • Amazon Web Services - Select AMI • Choose from Quick Start popular AMIs Marketplace, or Community AMIs • Search “wordpress” • Select WordPress BitNami (free tier) OR • (optional) VNS3 Free Edition copyright 2013 Thursday, October 17, 13 24
    • Amazon Web Services - Select AMI • Choose from Quick Start popular AMIs Marketplace, or Community AMIs • Search “wordpress” • Select WordPress BitNami (free tier) OR • (optional) VNS3 Free Edition copyright 2013 Thursday, October 17, 13 24
    • Amazon Web Services - Select AMI • Choose from Quick Start popular AMIs Marketplace, or Community AMIs • Search “wordpress” • Select WordPress BitNami (free tier) OR • (optional) VNS3 Free Edition copyright 2013 Thursday, October 17, 13 24
    • Amazon Web Services - Select AMI • Choose from Quick Start popular AMIs Marketplace, or Community AMIs • Search “wordpress” • Select WordPress BitNami (free tier) OR • (optional) VNS3 Free Edition copyright 2013 Thursday, October 17, 13 24
    • AWS Terminology: Security Groups Security Groups • Acts as a firewall that controls the traffic allowed into a group of instances • Add rules that govern inbound traffic; can add or modify rules at any time • Cannot map security groups across regions Rules • Specify a certain protocol (TCP, UDP or ICMP) • Specify destination port or ports (if the protocol is TCP or UDP) • Specify source (IP address or addresses using CIDR notation*) *combination of IP addresses represented by xxx.xxx.xxx.xxx/n where n is the number of 1 bits in the mask. Example 192.168.12.0/23 represents address range 192.168.12.0- 192.168.13.255 copyright 2013 Thursday, October 17, 13 25
    • Amazon Web Services - Launching EC2 Instances • Select Region • Continue • Choose instance type (t.micro recommended) • Accept T&C copyright 2013 Thursday, October 17, 13 26
    • Amazon Web Services - Launching with EC2 Console • Select Region • Accept Terms • Select a Version • Launch with EC2 in your region (US West) copyright 2013 Thursday, October 17, 13 27
    • Amazon Web Services - Launching EC2 Instances • Choose Instance Type • Next • Configure Instance Details • Network - public and private IP • Additional Storage • Tagging • Security Group • Access - SSH Key copyright 2013 Thursday, October 17, 13 28
    • Connecting & Securing EC2 Instances copyright 2013 Thursday, October 17, 13 29
    • AWS Basic Terminology: Elastic IP Addresses Elastic IP Address (Static IP address): • Associated with account, rather than a particular instance • If your instance fails, can map its replacement to the same IP address • Each account is limited to 5 elastic IP addresses • You are charged $.01/hr when these IP addresses are not mapped to an instance Amazon randomly assigns public IP addresses Assign instances with your Elastic IP Address 204.236.202.134 63.250.226.146 204.236.202.134 204.236.202.134 Amazon Instance Amazon Instance Amazon Instance Amazon Instance copyright 2013 Thursday, October 17, 13 30
    • Public and Private IP Addresses Home Computer Private IP Address: 192.168.02 Public IP Address: 69.241.45.4 Internet Service Provider (Comcast) LAN WAN Router Modem Private IP Address: 192.168.0.1 Public IP Address: 124.150.112.92 Web Server (Amazon) www.cohesiveft.com Public IP Address: 72.21.194.1 copyright 2013 Thursday, October 17, 13 31
    • Connections Between Regions • Connectivity between availability zones is a LAN connection • Connectivity between regions is a WAN connection WA N Availability Zone Availability Zone Availability Zone Region: US West Region: US East copyright 2013 Thursday, October 17, 13 Servers N Availability Zone Servers LA LA Servers N Servers 32
    • Amazon VPC Security Groups VPC Security Groups • The Security Groups you created for EC2 cannot be used in VPC • Can control both inbound and outbound traffic • At the instance level - instances in the same subnet can be in different security groups Rules • Specify protocol • Specify port or port range • For inbound traffic: source IP address or CIDR range • For outbound traffic: destination IP address or CIDR range copyright 2013 Thursday, October 17, 13 33
    • Amazon Web Services - Security Groups Security Groups • Acts as a firewall that controls the traffic allowed into a group of instances • Add rules that govern inbound traffic; can add or modify rules at any time • Can create up to 500 EC2 security groups with up to 100 rules each Rules • Specify a certain protocol (TCP, UDP or ICMP) • Specify destination port or ports (if the protocol is TCP or UDP) • Specify source (IP address or addresses using CIDR notation) copyright 2013 Thursday, October 17, 13 34
    • Lab: Let’s launch something copyright 2013 Thursday, October 17, 13 35
    • Wifi SSID: 20NorthConference PW: 3126295000 copyright 2013 Thursday, October 17, 13 36
    • Signing Up, Launching and Configuring a Wordpress Server 1. Sign up for Free Tier AWS Account 2. Enable EC2 3. Create a Test Security Group 4. Browse the Marketplace 5. Launch a Bitnami Wordpress Server 6. Configure the Wordpress Server .... 10. Profits copyright 2013 Thursday, October 17, 13 37
    • Bitnami Wordpress Server Information •https://aws.amazon.com/marketplace/pp/ B007IP8BKQ/ref=sp_mpg_product_title? ie=UTF8&sr=0-2 - username: user - password: bitnami copyright 2013 Thursday, October 17, 13 38
    • Appendix: What else is there? copyright 2013 Thursday, October 17, 13 39
    • Gartner’s POV copyright 2013 Thursday, October 17, 13 40
    • Market Landscape http://prezi.com/-kbf6rxf6pmd/the-cloud-market-landscape-fromcohesiveft/ copyright 2013 Thursday, October 17, 13 41
    • Appendix: AWS and CohesiveFT copyright 2013 Thursday, October 17, 13 42
    • AWS VPC vs. CohesiveFT VNS3 { VNS3 VNS3 Enhances Extends Feature Features available in all zones of EC2 USA today ✓ ✓✓ Features available in all zones of EC2 EU today ✓ ✓✓ Features integrated to EC2 existing security lattice (EC2 Security groups) ✓ ✓✓ Can use EC2 Elastic IP Addresses ✓ ✓✓ Ability to use Amazon load balancing service today ✓ ✓✓ Access to Amazon S3 ✓ ✓✓ Support all EC2 Instance Types in All Regions and Zones AWS Interoperability AWS ✓ ✓✓ Ability to use Elastic Load Balncers across VPCs within a region ✓✓✓ Ability to use Elastic Load Balncers across VPCs across regions for failover ✓✓✓ Ability to use Elastic Load Balncers across VPCs within a region ✓✓✓ Ability to use Elastic Load Balncers across VPCs across regions for failover copyright 2013 Thursday, October 17, 13 ✓✓✓ 43
    • AWS VPC vs. CohesiveFT VNS3 AWS Availability { Feature AWS VNS3 VNS3 Enhances Extends Multiple VPCs per AWS Account ✷ ✓✓ Multiple VPN Gateways per AWS Account ✷ ✓✓ Multiple Customer Gateways per AWS Account ✷ ✓✓ Multiple VPN Connections per VPN Gateway { ✓✓ Can ASSIGN SPECIFIC addresses to specific servers in my "VPC" Address Control ✓ ✓✓ Create a Virtual Private Cloud on AWS’s scalable infrastructure, and specify its private IP address range from any block you choose. ✓ ✓✓ Divide your VPC’s private IP address range into one or more subnets in a manner convenient for managing applications and services you run in your VPC. ✓ ✓✓ Private IP Address Range Shared across Mutiple Clouds and/or Virtual Infrastructures copyright 2013 Thursday, October 17, 13 ✓✓✓ 44
    • AWS VPC vs. CohesiveFT VNS3 Protocol Control Topology Control { Feature Allow customers to use BGP Can use UDP multicast in my EC2 subnets Can use UDP multicast between EC2 regions SSL VPN Support Multicast between data center and EC2 Support GRE Termination Custom Layer 3 protocol modules (services based) Traffic can be routed directly to the Internet and NOT back across the internet, into my datacenter and back out again Securely route traffic to EC2 EU from EC2 US without having to route through the datacenter Custom topologies & design services (declarative topology description) Provides outbound NATing from Private VPC subnets End user VPN Clients can connect to VPC using SSL Client End user VPN Clients can connect to VPC using IPsec Client { AWS ✓ VNS3 VNS3 Enhances Extends ✓✓ ✓✓✓ ✓✓✓ ✓✓✓ ✓✓✓ ✓✓✓ ✓✓✓ ✓ ✓✓ ✓ ✓✓ ✓ ✓✓ ✓ ✓✓ ✓✓✓ ✓✓✓ Dynamic route updates available to SSL and IPsec Clients ✓✓✓ Ability to move IP addresses between virtual infrastructures or clouds ✓✓✓ copyright 2013 Thursday, October 17, 13 45
    • AWS VPC vs. CohesiveFT VNS3 Feature Topology Control (cont’d) { ✓✓✓ Provides outbound NATing from Public VPC subnets ✓✓✓ Allows port forwarding from Internet to select inside VPC servers ✓✓✓ Route traffic between your VPC and the Internet over the VPN connection so that it can be examined by your existing security and networking assets before heading to the public Internet. Control inbound and outbound access to and from individual subnets using network access control lists. Bridge together your VPC and your IT infrastructure via an encrypted IPSEC connection. Network firewall controlling the VLAN Intrusion/Extrusion detection in the cloud - monitoring x-cloud subnets Access controlled on the host level by a unique cryptographic credential per virtual network address. Cryptographic identity linking (and segregating) multiple gateway routers Remote Support controlled by multi-organziation (customer and vendor) 2-factor authentication copyright 2013 Thursday, October 17, 13 VNS3 VNS3 Enhances Extends Ability to create Cloud-based WANs that integrate corporate sites, cloud infras, partner sites, and colo or MSP infra. { Security Control AWS ✓ ✓✓ ✓ ✓✓ ✓ ✓✓ ✓ ✓✓ ✓✓✓ ✓✓✓ ✓✓✓ ✓✓✓ 46
    • AWS VPC vs. CohesiveFT VNS3 { Feature Windows and Linux device support Market Interoperability Supports industry standard security appliances NAT'ed behind customer edge (Cisco ASA for example) Eucalyptus to EC2 support AWS VNS3 VNS3 Enhances Extends ✓ ✓✓ ✓ ✓✓ ✓✓✓ vCloud to EC2 support ✓✓✓ GoGrid/Rackspace/ElasticHosts/CloudSigma/Flexiant/etc - to EC2 ✓✓✓ OpenStack to EC2 ✓✓✓ IBM Smart Cloud and Smart Cloud Plus to EC2 ✓✓✓ Easily integrate mobile phones and tables to VPC infrastructure ✓✓✓ Citrix Virtual Infra to EC2 ✓✓✓ Parallels Virtual Infra to EC2 ✓✓✓ KVM Virtual Infra to EC2 ✓✓✓ VMware Virtual Infra to EC2 ✓✓✓ Let other AWS accounts (Partners, ISVs) launch instances to talk to VPC owner's instances directly ✓✓✓ copyright 2013 Thursday, October 17, 13 47
    • AWS VPC vs. CohesiveFT VNS3 { Feature AWS VNS3 VNS3 Enhances Extends 2-way failover in VPC ✓✓ Instance can be both be part of a VPC and accessible to the general Internet Enterprise View ✓ ✓ ✓✓ ✓ ✓✓ ✓ ✓✓ Ability to create N-number of IDENTICAL defined subnets without routable connectivity allows significant gains in dev/test/staging. Web-based management interface Support for customer's IPsec endpoints behind NAT ? ✓✓✓ N-way failover in VPC ✓✓✓ Support for 3DES and AES 256 encrption ✓✓✓ Common abstraction model/interface across all clouds and virtual infrastructures Geographic or datacenter redundancy from customer side to VPC Emergency access possible if IPsec connection is down. Ability to connect a single VPC to multiple datacenters directly, as opposed to daisy-chaining datacenters via customer WAN. Ability to directly "dump" the interfaces to see traffic traversal and connection attempts. SNMP support for popular Enterprise monitoring systems. copyright 2013 Thursday, October 17, 13 ✓✓✓ ✓✓✓ ✓✓✓ ✓✓✓ ✓✓✓ ✓✓✓ 48
    • VNS3 Demo copyright 2013 Thursday, October 17, 13 49
    • Demo of the VNS3 Application SDN solution: Look for this functionality VNS3 Product Family • Ability to span data centers and vendors Application SDN • Heterogeneous control; cloud vendor runs his network, customer runs their own network • VNS3 Manager (virtual appliance) • VNS3 Routing Agent (runs on cloud hosts) • VNS3 Command and Control (Mgmt tool under development) • Overlay devices peer via cryptographic identity and checksums • Ability to separate network location from identity • Application (and its owners) are in control of addressing, protocol, topology and security copyright 2013 Thursday, October 17, 13 50
    • Demo Topology #1 copyright 2013 Thursday, October 17, 13 51
    • Demo Topology #2 copyright 2013 Thursday, October 17, 13 52
    • The first “process” customizable cloud transport network device VNS3 3.5 allows customers to embed features and functions provided by other vendors - or developed in house, safely and securely into their Cloud Network. • Not just a scripting interpreter that allows control over known, existing features • Completely new functions, processes, computation delivered to the core of the customer cloud network (patent pending) VNS3 Router Switch Firewall IPsec/SSL VPN Concentrator Proxy Reverse Proxy Content Caching Load Balancing Protocol Redistributor Dynamic & Scriptable SDN Intrusion Detection More.... copyright 2013 Thursday, October 17, 13 Customer controlled, and co-created, for the best hybrid cloud experience Q4 2013 53
    • Questions? CohesiveFT Stay in touch! Chicago, IL USA www.CohesiveFT.com ContactMe@cohesiveft.com +1 888.444.3962 @cohesiveFT CohesiveFT.com/blog Slideshare: www.slideshare.net/CohesiveFT CloudCamp.org/Chicago copyright 2013 Thursday, October 17, 13 54