cloud conference 2013 - Infrastructure as a Service in Amazon Web Services


Published on

Presentazione alla Cloud Conference 2013 del 25 novembre
Infrastructure as a Service in Amazon Web Services

Published in: Technology
  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

cloud conference 2013 - Infrastructure as a Service in Amazon Web Services

  1. 1. 25 novembre 2013 Milano
  2. 2. INFRASTRUCTURE AS A SERVICE IN AMAZON WEB SERVICE Fabio Cecaro AWS301 VMengine CEO, EuroCloud IT Chairman @fabioCe
  3. 3. Agenda • Panoramica • Security • Management tools • Servizi IaaS • Reference Architecture
  4. 4. PANORAMICA Una breve visione di AWS e di tutti i suoi servizi
  5. 5. Dati di AWS • 7 anni di vita, nata il 14 marzo 2006 • 42 servizi, ad oggi • 9 regions, 25 availability zones, 46 edge locations • 37 price reduction dal 2006 • 159 new features in 2012, circa 158 2013 ad oggi • Centinaia di migliaia di clienti
  6. 6. Servizi di AWS - categorie • Compute & Networking • Storage & CDN • Database • Analytics • Deployment & Management • Application Services • Marketplace, Support & Workforce • WebTraffic, Payment & Billing
  7. 7. COMPUTE & NETWORKING • Amazon Elastic Compute Cloud (EC2) • Auto Scaling (AS) • Elastic Load Balancing (ELB) • Amazon WorkSpaces • Amazon Route 53 • Amazon Virtual Private Cloud (VPC) • AWS Direct Connect STORAGE & CDN • Amazon Simple Storage Service (S3) • Amazon Glacier • Amazon Elastic Block Store (EBS) • AWS Import/Export • AWS Storage Gateway • Amazon CloudFront (CF)
  8. 8. DATABASE • Amazon Relational Database Service (RDS) • Amazon DynamoDB • Amazon Redshift • Amazon ElastiCache • Amazon SimpleDB ANALYTICS • Amazon Elastic MapReduce • Amazon Kinesis • AWS Data Pipeline
  9. 9. DEPLOYMENT & MANAGEMENT • AWS Identity and Access Management (IAM) • AWS CloudTrail • Amazon CloudWatch • AWS Elastic Beanstalk • AWS CloudFormation • AWS CloudHSM • AWS OpsWorks APPLICATION SERVICES • Amazon CloudSearch • Amazon AppStream • Amazon Simple Workflow Service (SWF) • Amazon Simple Queue Service (SQS) • Amazon Simple Notification Service (SNS) • Amazon Simple Email Service (SES) • Amazon Elastic Transcoder
  10. 10. MARKETPLACE, SUPPORT & WORKFORCE • AWS Marketplace • AWS Support • Amazon Mechanical Turk WEBTRAFFIC, PAYMENT & BILLING • Alexa Web Information Service • Alexa Top Sites • Amazon Flexible Payments Service (FPS) • Amazon DevPay
  11. 11. Free Programs • AWS Free Usage Tier • AWS Activate Packages • Self-Starter Package • Portfolio Package • 600 hours free – INTEL/AWS – BigData Supercomputing time
  12. 12. Datacenters
  13. 13. Service Health Dashboard
  14. 14. Trusted Advisor • $22M customers annualized saving
  15. 15. SECURITY I livelli di sicurezza e certificazioni di AWS
  16. 16. AWS Compliance • HIPAA • SOC 1/SSAE 16/ISAE 3402 (formerly SAS70) • SOC 2 • SOC 3 • PCI DSS Level 1 • ISO 27001 • FedRAMPSM • DIACAP and FISMA • ITAR • FIPS 140-2 • CSA • MPAA
  17. 17. AWS Security Built-in Features • Secure access. • Built-in firewalls. • Unique users. • Multi-factor authentication (MFA). • Private subnets. • Encrypted data storage. (AES.256) • Dedicated connection option. • Isolated GovCloud. • Dedicated, hardware-based crypto key storage option. (CloudHSM)
  18. 18. AWS Identity and Access Management (IAM) Functionality • Manage IAM users and their access • Manage IAM roles and their permissions • Cloud security management for federated users and their permissions • IAM enables the following use cases: • Fine-grained access control to your AWS resources • Identity federation between your enterprise and AWS services • Mobile and browser-based applications Features • Manage IAM users: • Create IAM user identities • Organize IAM users in groups • Manage IAM roles: • Create IAM roles • Define who can assume IAM roles • Manage permissions: • Centralize control of user access • Conditional user access • Manage credentials: • Create and assign security credentials • Create temporary security credentials
  19. 19. AWS Security Token Service (AWS STS) • Creating Temporary Security Credentials for Mobile Apps Using Identity Providers • Creating Temporary Security Credentials for SAML 2.0 (Security Assertion Markup Language 2.0) Federation • Identity federation sample application for an Active Directory use case • Creating Temporary Security Credentials to Enable Access for Federated Users • Creating Temporary Security Credentials for Delegating API Access
  20. 20. MANAGEMENT TOOLS Metodi e strumenti ufficiali per gestire efficacemente AWS
  21. 21. AWS Management Console
  22. 22. AWS SDK Java Python PHP .NET Ruby nodeJSiOS Android
  23. 23. AWS Command Line Interface (CLI) • Windows - Download and run the 64-bit or 32- bit Windows installer. • Mac and Linux - Requires Python 2.6 or higher. Install using pip. “pip install awscli” • AWS CLI User Guide
  24. 24. AWS Tools x Windows PowerShell PS C:> Start-EC2Instances -InstanceId i-10a64379 foreach ($i in Get-ChildItem C:Logs) { if ($i.CreationTime -lt ($(Get-Date).AddDays(-7))) { if ($i.Length -gt 0) { Write-S3Object -BucketName mylogbucket -Key Logs/$i -File $i.FullName } Remove-Item $i.FullName } } •
  25. 25. AWS Toolkits : Visual Studio, Eclipse
  26. 26. SERVIZI IAAS L’argomento cuore di questa session ed anche il cuore di AWS
  27. 27. EC2 – Elastic Compute Cloud Amazon Elastic Compute Cloud (Amazon EC2) is a web service that provides resizable compute capacity in the cloud
  28. 28. EC2 Functionality • Select a pre-configured, templated Amazon Machine Image (AMI) or create you an AMI with your applications, libraries, data, and settings, or select from Marketplace. • Choose which instance type(s) you want. • Elastic Web-Scale – from micro to cluster compute capacity • Completely Controlled – root or Administrator • Flexible Cloud Hosting Services – Windows, numerous Linux distribuition • Reliable – The Amazon EC2 Service Level Agreement (SLA) commitment is 99.95% availability for each Amazon EC2 Region. • Secure - Configure security and network access on your Amazon EC2 instance. • Inexpensive - On-Demand Instances, Reserved Instances, Spot Instances
  29. 29. EC2 Features • Amazon Elastic Block Store. • EBS-Optimized Instances. • Multiple Locations • Elastic IP Addresses • Amazon Virtual Private Cloud • Amazon CloudWatch • Auto Scaling • Elastic Load Balancing • High Performance Computing (HPC) Clusters • GPU Instances • High I/O Instances • High Storage Instances • VM Import/Export • AWS Marketplace • Enhanced Networking
  31. 31. Type onDemand EU m3.xlarge: 15 GB RAM, 13 ECU (4 virtual cores with 3.25 ECU each), EBS storage only, 64-bit platform $0.495 per Hour m3.2xlarge: 30 GB RAM, 26 ECU (8 virtual cores with 3.25 ECU each), EBS storage only, 64-bit platform $0.990 per Hour m1.small: 1.7 GB RAM, 1 ECU (1 virtual core with 1 ECU), 160 GB of local instance storage, 32-bit or 64-bit platform $0.065 per Hour m1.medium: 3.75 GB RAM, 2 ECU (1 virtual core with 2 ECU each), 410 GB of local instance storage, 32-bit or 64-bit platform $0.130 per Hour m1.large: 7.5 GB RAM, 4 ECU (2 virtual cores with 2 ECU each), 850 GB of local instance storage, 64-bit platform $0.260 per Hour m1.xlarge: 15 GB RAM, 8 ECU (4 virtual cores with 2 ECU each), 1690 GB of local instance storage, 64-bit platform $0.520 per Hour General Purpose Instances
  32. 32. Type onDemand EU c3.large: 3.75 GB RAM, 2 vCPUs, 7 ECU, 32 GB of SSD-based local instance storage, 64-bit platform $0.171 / Hour c3.xlarge: 7 GB RAM, 4 vCPUs, 14 ECU, 80 GB of SSD-based local instance storage, 64-bit platform $0.342 / Hour c3.2xlarge: 15 GB RAM, 8 vCPUs, 28 ECU, 160 GB of SSD-based local instance storage, 64-bit platform $0.683 / Hour c3.4xlarge: 30 GB RAM, 16 vCPUs, 55 ECU, 320 GB of SSD-based local instance storage, 64-bit platform $1.366 / Hour c3.8xlarge: 60 GB RAM, 32 vCPUs, 108 ECU, 640 GB of SSD-based local instance storage, 64-bit platform $2.732 / Hour c1.medium: 1.7 GB of memory, 5 ECU (2 virtual cores with 2.5 ECU each), 350 GB of local instance storage, 32-bit or 64-bit platform $0.165 / Hour c1.xlarge: 7 GB RAM, 20 ECU (8 virtual cores with 2.5 ECU each), 1690 GB of local instance storage, 64-bit platform $0.660 / Hour cc2.8xlarge: 60.5 GB RAM, 88 ECU, 3370 GB of local instance storage, 64-bit platform, 10 Gigabit Ethernet $2.700 / Hour Compute Optimized Instances
  33. 33. Type onDemand EU g2.2xlarge: 15 GB RAM, 26 ECU, 1 x NVIDIA GRID GPU (Kepler GK104), 60 GB of local instance storage, 64-bit platform $0.702 per Hour cg1.4xlarge: 22 GB RAM, 33.5 ECU, 2 x NVIDIA Tesla “Fermi” M2050 GPUs, 1690 GB of local instance storage, 64-bit platform, 10 Gigabit Ethernet $2.36 per Hour m2.xlarge: 17.1 GB RAM, 6.5 ECU (2 virtual cores with 3.25 ECU each), 420 GB of local instance storage, 64-bit platform $0.460 per Hour m2.2xlarge: 34.2 GB RAM, 13 ECU (4 virtual cores with 3.25 ECU each), 850 GB of local instance storage, 64-bit platform $0.920 per Hour m2.4xlarge: 68.4 GB RAM, 26 ECU (8 virtual cores with 3.25 ECU each), 1690 GB of local instance storage, 64-bit platform $1.840 per Hour cr1.8xlarge: 244 GB RAM, 88 ECU, 240 GB of local instance storage, 64-bit platform, 10 Gigabit Ethernet $3.750 per Hour GPU & Memory Optimized Instances
  34. 34. Type onDemand EU hs1.8xlarge: 117 GB RAM, 35 ECU, 24 * 2 TB of hard disk drive local instance storage, 64-bit platform, 10 Gigabit Ethernet $3.410 per Hour hi1.4xlarge: 60.5 GB RAM, 35 ECU, 2 * 1024 GB of SSD-based local instance storage, 64-bit platform, 10 Gigabit Ethernet $4.900 per Hour t1.micro: (Default) 613 MB RAM, up to 2 ECUs (for short periodic bursts), EBS storage only, 32-bit or 64-bit platform $0.020 per Hour Storage Optimized & Micro Instances Type example onDemand Reserved high 3y Reserved medium 3y Reserved light 3y spot m1.medium $0.130 $0.035 + $514 upfront $0.043 + $430 upfront $0.067 + $192 upfront min $0.032
  35. 35. Launch EC2 instance – AWS CLI example • Create a key pair aws ec2 create-key-pair --key-name MyKeyPair • Create a security group aws ec2 create-security-group --group-name MySecurityGroup --description "Mysecurity group" • Add a rule to your security group aws ec2 authorize-security-group-ingress --group-name MySecurityGroup -- protocol tcp --port 80 --cidr • Launch an instance aws ec2 run-instances --image-id ami-xxxxxxxx --count 1 --instance-type t1.micro --key-name MyKeyPair --security-groups MySecurityGroup • Connect to your instance
  36. 36. EC2Config,Cloud-Init,User Data,Metadata • "--user-data" 16KB Base64-encoded string • AWS Windows AMI - EC2Config service runs Sysprep <powershell>Read-S3Object -BucketName myS3Bucket -Key myFolder/ -File</powershell> • AWS Linux AMI, Ubuntu AMI – Cloud Init package #!/bin/bash apt-get update && apt-get upgrade –y • •
  37. 37. SU QUESTO ARGOMENTO SEGUI ANCHE: EBS – Elastic Block Store Amazon Elastic Block Store (EBS) provides block level storage volumes for use with Amazon EC2 instances. Amazon EBS volumes are network-attached, and persist independently from the life of an instance. Amazon EBS provides highly available, highly reliable, predictable storage volumes that can be attached to a running Amazon EC2 instance and exposed as a device within the instance. Amazon EBS is particularly suited for applications that require a database, file system, or access to raw block level storage. STORAGE SOLUTIONS ON AMAZON WEB SERVICES AWS302 13:30-14:30 Sala B Simone Merlini
  38. 38. EBS Functionality • EBS allows you to create storage volumes from 1 GB to 1 TB that can be mounted as devices by Amazon EC2 instances. Multiple volumes can be mounted to the same instance. • EBS volumes are placed in a specific Availability Zone, and can then be attached to instances also in that same Availability Zone. • Standard volumes deliver approximately 100 IOPS on average with a best effort ability to burst to hundreds of IOPS. • With Provisioned IOPS, you specify an IOPS rate when creating a volume, and then Amazon EBS provisions that rate for the lifetime of the volume. Amazon EBS currently supports up to 4000 IOPS. • Storage volumes behave like raw, unformatted block devices. You can create a file system on top of Amazon EBS volumes, or use them in any other way you would use a block device (like a hard drive). • Each storage volume is automatically replicated within the same Availability Zone. This prevents data loss due to failure of any single hardware component. • Because EBS servers are replicated within a single Availability Zone, mirroring data across multiple EBS volumes in the same Availability Zone will not improve volume durability. • EBS volumes can also be used as boot partitions for Amazon EC2 instances, preserve your boot partition data beyond the life of your instance, and bundle your AMI in one-click. You can also stop and restart instances that boot from Amazon EBS volumes while preserving state, with very fast start-up times.
  39. 39. EBS Features • EBS also provides the ability to create point-in-time snapshots of volumes, which are persisted to Amazon S3. These snapshots can be copied across AWS regions, making it easier to leverage multiple AWS regions for geographical expansion, data center migration and disaster recovery. • EBS snapshots are incremental backups, meaning that only the blocks on the device that have changed since your last snapshot will be saved. Even though the snapshots are saved incrementally, when you delete a snapshot, only the data not needed for any other snapshot is removed. • EBS shared snapshots allows you to share these snapshots, making it easy for you to share this data with your co-workers or others in the AWS community. If you choose, you can also make your data available publicly to all AWS users. AWS also enables you to create new volumes from AWS hosted public data sets. • Amazon CloudWatch exposes performance metrics for EBS volumes, giving you insight into bandwidth, throughput, latency, and queue depth. EBS Standard volumes $0.11 per GB/month $0.11 per 1 mil I/O requests EBS Provis. IOPS volumes $0.138 per GB/month $0.11 per provis. IOPS/month EBS Snapshots to Amazon S3 $0.095 per GB/month of data
  40. 40. ELB – Elastic Load Balancing Elastic Load Balancing automatically distributes incoming application traffic across multiple Amazon EC2 instances. Elastic Load Balancing detects unhealthy instances within a pool and automatically reroutes traffic to healthy instances until the unhealthy instances have been restored. Customers can enable Elastic Load Balancing within a single Availability Zone or across multiple zones for even more consistent application performance. Elastic Load Balancing can also be used in an Amazon Virtual Private Cloud (“VPC”) to distribute traffic between application tiers.
  41. 41. ELB Functionality • Create Load Balancer • Create a unique name for the Load Balancer. • Select the protocol(s) to manage via the Load Balancer (HTTP, HTTPS, TCP, SSL, or Custom) • Configure health checks for the Load Balancer. • Select the instances that you wish to place behind the Load Balancer. • Traffic to the DNS name provided by the Elastic Load Balancer is automatically distributed across your load balanced, healthy Amazon EC2 instances.
  42. 42. ELB Features • ELB distribute incoming traffic across your EC2 instances in a single Availability Zone or multiple Availability Zones. ELB automatically scales its request handling capacity in response to incoming application traffic. • In a VPC, you can create a load balancer without public IP addresses to serve as an internal (non-internet-facing) load balancer. • ELB can detect the health of EC2 instances. When it detects unhealthy load-balanced EC2 instances, it distribuite the traffic across the healthy EC2 instances. • ELB supports the ability to stick user sessions to specific EC2 instances. • ELB supports use of both the Internet Protocol version 4 and 6 (IPv4 and IPv6). • You can configure Route 53 to perform DNS failover for your load balancer endpoints. If the load balancer or the application instances registered with the load balancer become unavailable, Route 53 will direct traffic to another load balancer or destination. • ELB supports SSL termination at the Load Balancer, including offloading SSL decryption from application instances, centralized management of SSL certificates. • ELB metrics such as request count and request latency are reported by CloudWatch. 1 ELB EU $0,028/h 100GB / m $0,008 * GB Tot x month $20,96/m
  43. 43. AS – AutoScaling Auto Scaling allows you to scale your Amazon EC2 capacity up or down automatically according to conditions you define. With Auto Scaling, you can ensure that the number of Amazon EC2 instances you’re using increases seamlessly during demand spikes to maintain performance, and decreases automatically during demand lulls to minimize costs. Auto Scaling is enabled by Amazon CloudWatch.
  44. 44. AS Features • Scale out EC2 instances seamlessly and automatically when demand increases. • Scale down unneeded EC2 instances automatically and save money when demand subsides. • Scale dynamically based on your Amazon CloudWatch metrics, or predictably according to a schedule that you define. • Replace unhealthy or unreachable instances to maintain higher availability of your applications. • Receive notifications via Amazon Simple Notification Service (SNS) to be alerted when you use Amazon CloudWatch alarms to initiate Auto Scaling actions, or when Auto Scaling completes an action. • Run On-Demand or Spot instances, including those inside your Virtual Private Cloud (VPC) or High Performance Computing (HPC) Clusters. • Auto Scaling is enabled by Amazon CloudWatch and carries no additional fees.
  45. 45. AS CLI example • aws autoscaling create-launch-configuration. A Launch Configuration captures the parameters necessary to launch new Amazon EC2 instances. • aws autoscaling create-auto-scaling-group. An Auto Scaling Group is a collection of EC2 instances to which you want to apply certain scaling conditions. • aws autoscaling put-scaling-policy. This command describe each scaling action you want to take. For example, you can create one Policy that adds EC2 instances, and another that removes them. • aws cloudwatch put-metric-alarm. Amazon CloudWatch command to create an alarm for each condition under which you want to add or remove EC2 instances, and specify the Auto Scaling Policy that you want the alarm to execute when that condition is met. Examples of metrics on which you can set conditions include average CPU utilization, network activity or disk utilization. • Auto Scaling tracks when your conditions have been met and automatically takes the corresponding scaling action on your behalf.
  46. 46. CW – CloudWatch Amazon CloudWatch provides monitoring for AWS cloud resources and the applications customers run on AWS. Developers and system administrators can use it to collect and track metrics, gain insight, and react immediately to keep their applications and businesses running smoothly. Amazon CloudWatch can also monitor custom metrics generated by a customer’s applications and services. Amazon CloudWatch provides a reliable, scalable, and flexible monitoring solution that you can start using within minutes. You no longer need to set up, manage, or scale your own monitoring systems and infrastructure.
  47. 47. CW Features • Monitor AWS resources automatically, without installing additional software: • Basic o Detailed Monitoring for EC2 instances, EBS volumes, ELB, RDS DB instances, SQS queues, SNS topics, ElastiCache nodes, DynamoDB tables, Storage Gateways, Elastic MapReduce job flows, Auto Scaling groups • Estimated charges on your AWS bill: you can also choose to enable metrics to monitor your AWS charges. • The number of metrics depends on the AWS products and services that you use, and all Basic Monitoring metrics are free of charge. • Detailed Monitoring: $3.50 per instance per month • Custom Metrics: $0.50 per metric per month • Submit Custom Metrics generated by your own applications (or by AWS resources not mentioned above) and have them monitored by Amazon CloudWatch. • Set alarms on any of your metrics to receive notifications or take other automated actions when your metric crosses your specified threshold. • View graphs and statistics for any of your metrics, and get a quick overview of all your alarms and monitored AWS resources in one location on the Amazon CloudWatch dashboard. • Use Auto Scaling to add or remove Amazon EC2 instances dynamically based on your Amazon CloudWatch metrics. • Alarms: $0.10 per alarm per month
  48. 48. CW Example
  49. 49. VPC – Virtual Private Cloud Amazon Virtual Private Cloud (Amazon VPC) lets you provision a logically isolated section of the Amazon Web Services (AWS) Cloud where you can launch AWS resources in a virtual network that you define. You have complete control over your virtual networking environment, including selection of your own IP address range, creation of subnets, and configuration of route tables and network gateways.
  50. 50. VPC Functionality • Create an Amazon Virtual Private Cloud on AWS's scalable infrastructure, and specify its private IP address range from any range you choose. • Divide your VPC’s private IP address range into one or more public or private subnets to facilitate running applications and services in your VPC. • Control inbound and outbound access to and from individual subnets using network access control lists. • Store data in Amazon S3 and set permissions such that the data can only be accessed from within your Amazon VPC. • Assign multiple IP addresses and attach multiple elastic network interfaces to instances in your VPC. • Bridge your VPC and your onsite IT infrastructure with an encrypted VPN connection, extending your existing security and management policies to your VPC instances as if they were running within your infrastructure.
  51. 51. VPC Features • Multiple Connectivity Options • Connect directly to the Internet (public subnets). • Connect to the Internet using Network Address Translation (private subnets) • Connect securely to your corporate datacenter • Combine connectivity methods to match the needs of your application • Secure – Amazon VPC provides advanced security features such as security groups and network access control lists to enable inbound and outbound filtering at the instance level and subnet level. You can also choose to launch Dedicated Instances which run on hardware dedicated to a single customer for additional isolation. • Simple – You can create a VPC quickly and easily using the AWS Management Console. "Start VPC Wizard." Subnets, IP ranges, route tables, and security groups are automatically created for you, so you can concentrate on creating the applications to run in your VPC. • Elastic Network Interface (ENI) • Max 8 ENI per instance (high EC2 types) • Max 30 IPAddresses per ENI (high EC2 types) • All the Scalability and Reliability of AWS • $0.05 per VPN Connection-hour
  52. 52. VPC Wizard Scenarios
  53. 53. VPC Case Study
  54. 54. SU QUESTO ARGOMENTO SEGUI ANCHE: RDS – Relational Database Service Amazon Relational Database Service (Amazon RDS) is a web service that makes it easy to set up, operate, and scale a relational database in the cloud. It provides cost-efficient and resizable capacity while managing time-consuming database administration tasks, freeing you up to focus on your applications and business. STORAGE SOLUTIONS ON AMAZON WEB SERVICES AWS302 13:30-14:30 Sala B Simone Merlini
  55. 55. SU QUESTO ARGOMENTO SEGUI ANCHE: AWS ElastiCache ElastiCache is a web service that makes it easy to deploy, operate, and scale an in-memory cache in the cloud. The service improves the performance of web applications by allowing you to retrieve information from fast, managed, in- memory caches, instead of relying entirely on slower disk-based databases. STORAGE SOLUTIONS ON AMAZON WEB SERVICES AWS302 13:30-14:30 Sala B Simone Merlini
  56. 56. AWS Route53 Amazon Route 53 is a highly available and scalable Domain Name System (DNS) web service. It is designed to give developers and businesses an extremely reliable and cost effective way to route end users to Internet applications.
  57. 57. AWS Route53 Features • Highly Available and Reliable • Scalable • DNS Failover Health Checks • Zone File Import • Flexible - Route 53 offers Weighted Round-Robin (WRR), also known as DNS load balancing. • Fast - Queries for your domain are automatically routed to the nearest DNS server. • Easy to use • Cost-effective: $0.50 per hosted zone/m $0.500 per million queries • Secure with IAM integration
  59. 59. AWS Direct Connect AWS Direct Connect makes it easy to establish a dedicated network connection from your premises to AWS. Using AWS Direct Connect, you can establish private connectivity between AWS and your datacenter, office, or colocation environment, which in many cases can reduce your network costs, increase bandwidth throughput, and provide a more consistent network experience than Internet-based connections.
  60. 60. AWS Direct Connect Features • Use an industry standard 802.1q VLANs • Can be partitioned into multiple virtual interfaces • Private Connectivity • Elastic – see port speed • Simple by AWS Console Network Partner in EU • Eircom, Clonshaugh $0.020 per GB Traffic OUT • TelecityGroup, London Docklands $0.030 per GB Traffic OUT Port Speed • 50M $0.03/hour • 100M $0.06/hour • 200M $0.12/hour • 300M $0.18/hour • 400M $0.24/hour • 500M $0.30/hour • 1G $0.30/hour • 10G $2.25/hour
  61. 61. SU QUESTO ARGOMENTO SEGUI ANCHE: AWS Storage Gateway The AWS Storage Gateway is a service connecting an on-premises software appliance with cloud-based storage to provide seamless and secure integration between an organization’s on-premises IT environment and AWS’s storage infrastructure. The service allows you to securely store data in the AWS cloud for scalable and cost-effective storage. STORAGE SOLUTIONS ON AMAZON WEB SERVICES AWS302 13:30–14:30 Sala B Simone Merlini
  62. 62. AWS Storage Gateway Functionality • Gateway-Cached Volumes: Gateway-Cached volumes provide cost savings on primary storage. • Gateway-Stored Volumes: Asynchronously back up point-in-time snapshots of your data to Amazon S3. It provide inexpensive off-site backups that you can recover locally or from Amazon EC2 in case of disaster recovery. • Gateway-Virtual Tape Library (Gateway-VTL): With Gateway-VTL you can have a infinite collection of virtual tapes. Each virtual tape can be stored in S3 or in a Virtual Tape Shelf in Amazon Glacier. • Download the AWS Storage Gateway virtual machine (VM). • Install the virtual machine in VMware ESXi or Microsoft Hyper-V. • Select from the three gateway configurations: Gateway-Cached Volumes, Gateway-Stored Volumes, or Gateway-VTL. • Allocate local storage to your installed on- premises gateway from Direct Attached Storage (DAS), Network Attached Storage (NAS), or Storage Area Network (SAN) storage. • Activate your on-premise gateway to associate your gateway’s IP Address with your AWS Account and select an AWS Region to store uploaded data.
  63. 63. AWS Storage Gateway Features • Secure – The AWS Storage Gateway securely transfers your data to AWS over SSL and stores data encrypted at rest in Amazon S3 and Amazon Glacier using Advanced Encryption Standard (AES) 256. • Compatible –Gateway-Cached volumes and Gateway-Stored volumes expose a standard iSCSI block disk device interface and Gateway-VTL presents a standard iSCSI virtual tape library interface. • Cost-Effective – By making it easy for your on-premises applications to store data on Amazon S3 or Amazon Glacier, AWS Storage Gateway reduces the cost, maintenance. • Optimized for Network Efficiency – The AWS Storage Gateway only uploads data that has changed. You can also use AWS Direct Connect to further increase throughput and reduce your network costs by establishing a dedicated network connection between your on- premises gateway and AWS.
  64. 64. REFERENCE ARCHITECTURE Diagrammi e consigli d’uso ufficiali di AWS e casi di studio famosi
  65. 65. Web Application Hosting
  66. 66. Disaster Recovery for Local Applications
  67. 67. Obama for America 2012 •
  69. 69. Grazie.Non dimenticare di riempire il modulo di feedback AWS301
  71. 71. © EventHandler S.r.l. All rights reserved. Microsoft, Windows and all other trademarks and copyrights are the property of their respective owners. EventHandler cannot guarantee the accuracy of any information provided after the date of this presentation. EVENTHANDLER MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.