AWS Summit 2013 | Auckland - Extending your Datacentre with Amazon VPC

834 views

Published on

As more organisations seek to leverage the power and benefits of the cloud, they also need to combine new systems with existing on-premise systems. Services such as Amazon Virtual Private Cloud (VPC) and AWS Direct Connect enable AWS customers to combine on-premise and cloud-based resources easily and effectively. This session will walk customers through the 4 main patterns of connectivity and will include a "real time" demonstration of how easy it is to setup your own VPC and start working in your own private section of the AWS Cloud.

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
834
On SlideShare
0
From Embeds
0
Number of Embeds
3
Actions
Shares
0
Downloads
0
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

AWS Summit 2013 | Auckland - Extending your Datacentre with Amazon VPC

  1. 1. Simon ElishaExtending your Data Centre with VPCPrincipal Solution Architect
  2. 2. Agenda Why? What? How Much? Customer Examples “Goodies” in VPC Let’s build one!
  3. 3. WHY?
  4. 4. CapacityPowerElasticityAgility
  5. 5. WHAT?
  6. 6. VPC Overview• Bring your own networkYour network goes here
  7. 7. VPC Overview• Bring your own network• Create your own subnetsSubnet 1 Subnet 2 Subnet ‘n’…
  8. 8. VPC Overview• Control instance placementAvailability Zone ‘A’ Availability Zone ‘B’
  9. 9. VPC Overview• Control instance placement and traffic– Security Groups & NACLsAvailability Zone ‘A’ Availability Zone ‘B’
  10. 10. VPC Overview• Control instance placement and traffic– Security Groups & NACLs– Routing RulesAvailability Zone ‘A’ Availability Zone ‘B’
  11. 11. VPC Overview• VPC Gateways– Virtual Private Gateway– Internet GatewayCustomer Network
  12. 12. VPC Overview• Virtual Private Gateway– IPSEC VPNCustomer Network
  13. 13. VPC Overview• Virtual Private Gateway– Dynamic Routing (Route-based VPN)– Static Routing (Policy-based VPN)Customer Network
  14. 14. VPC Overview• Virtual Private Gateway– IPSEC VPN– Direct ConnectCustomer NetworkDX LocationCustomer/PartnerWAN
  15. 15. VPC Overview• Virtual Private Gateway• Internet GatewayCustomer Network
  16. 16. VPC Overview• Connecting to Instances– Private IP– Elastic IP (publically routable)Customer Network
  17. 17. VPC Overview• Connecting to Instances– Load BalancersCustomer Network
  18. 18. VPC Building Blocks SummaryVirtual Private CloudSubnetsRoute Tables, Security Groups, NACLsVirtual Private GatewayAWS Direct ConnectInternet GatewayElastic IPs and Load Balancers
  19. 19. VPC Connectivity Options
  20. 20. Connectivity Option #1• Lollipop network (“DC-on-a-stick”)– Internet VPNCustomer Network
  21. 21. Connectivity Option #1• Lollipop network (“DC-on-a-stick”)– Dual RedundancyCustomer Location #2Customer Location #1
  22. 22. Connectivity Option #1• Lollipop network (“DC-on-a-stick”)– AWS VPN CloudHubCustomer Location #2Customer Location #1
  23. 23. Connectivity Option #1• Lollipop network (“DC-on-a-stick”)– Direct ConnectCustomer NetworkDX LocationCustomer/PartnerWAN
  24. 24. Connectivity Option #2• Hybrid Integration – Internal & Internet Access– Internet VPNCustomer Network
  25. 25. Connectivity Option #2• Hybrid Integration – Internal & Internet Access– Internet VPN– DirectConnectCustomer NetworkDX Location
  26. 26. Connectivity Option #3• Integration between VPCs– DirectConnectDX Location
  27. 27. Connectivity Option #3• Integration between VPCs– DirectConnect– Software VPN to Hardware (VGW)
  28. 28. Connectivity Option #3• Integration between VPCs– DirectConnect– Software VPN to Software VPN
  29. 29. Connectivity Option #4• Remote Access Solution– Microsoft RAS– Checkpoint– OpenVPN– Sophos– VyattaCustomer NetworkRemote AccessServer
  30. 30. Non-Standard VPN Requirements• Software VPN Appliance– Overlapping (unknown) customer network addresses– Customer MUST manage both sides of VPN
  31. 31. Nonstandard VPN Requirements• ZenOSS SaaS example– Managed monitoring service– Extend AWS into ZenOSS Customer NetworksCustomer “1”Shared MgmtNetworkCustomer “2”Customer “n”…
  32. 32. Lollipop network or data-center-on-a-stickHybrid integration – Internal & Internet AccessIntegration between Amazon VPCsMobile/Remote access solutionVPC Connectivity Options Summary
  33. 33. HOW MUCH?
  34. 34. VPC $0Hardware VPN $0.05/ HourDirect Connect1 Gbps Port $0.30/ Hour10 Gbps Port $2.25/ HourInbound Data $0.00Outbound Data (SYD) $0.045 per GBInbound Data $0.00Outbound Data (SYD) $0.19 per GB (first GB free)
  35. 35. VPC $0Hardware VPN $438Direct Connect1 Gbps Port $2,62810 Gbps Port $19,710*Plus Outgoing data & private connection costsFor a Year…
  36. 36. CUSTOMEREXAMPLES
  37. 37. Lionsgate uses AWS To host SharePoint & SAPAmazon VPCAvoided datacenter build outSaved $1Mover 3 years50% lower costthan hosting options
  38. 38. Nasdaq used AWS to Build a New Line of Business
  39. 39. PRE-BUILTARCHITECTURES
  40. 40. SharePoint - Intranet
  41. 41. SharePoint - Internet
  42. 42. “Goodies” inVPC
  43. 43. Goodies• Control over Ingress & Egress of data – Security Groups• Dynamic allocation of Security Groups to Instances• Elastic Network Interfaces – up to 8 depending on instance• DNS Resolution – Default or use your own• ElastiCache in VPC (joining RDS, EMR, ElasticBeanstalk,Redshift, OpsWorks, etc)• RDS IP Addresses - option to have RDS publicallyaccessible
  44. 44. LET’S BUILDONE!
  45. 45. FlexibleAgileCost EffectiveIntegrated
  46. 46. ARCHITECTURE CENTERhttp://aws.amazon.com/architectureTECHNICAL ARTICLEShttp://aws.amazon.com/articlesPODCASThttp://aws.amazon.com/podcastBLOGhttp://aws.typepad.com

×