ARCHITECTING FOR THE CLOUD Demo
and Best Practices Simone Brunozzi AWS Technology Evangelist, APAC Friday, July 15, 2011

Twitter : #awstour @simon Agenda
Friday, July 15, 2011

Twitter : #awstour @simon Introduction
Intro Friday, July 15, 2011

Twitter : #awstour @simon Introduction
Seven Principles } Intro Friday, July 15, 2011 1 2 3 4 5 6 7

Twitter : #awstour @simon Introduction
Seven Principles Conclusions Intro 1 2 3 4 5 6 7 End Friday, July 15, 2011

Introduction Intro 1 2 3
4 5 6 7 End Friday, July 15, 2011

Architecting for the Cloud Friday,
July 15, 2011

The Cloud Architect Physical vs.
Cloud Scalability Interface Costs Friday, July 15, 2011

Storage in the Physical world
DAS (Direct-Attached Storage) SAN (Storage Area Network) NAS (Network-Attached Storage) Friday, July 15, 2011

Storage in the Cloud EC2
(Local Instance Store) EBS (Elastic Block Store) S3 (Simple Storage Service) SimpleDB, SQS, etc. Friday, July 15, 2011

Understanding Durability Designed for a
Durability of: 99.999999999 % S3 (Simple Storage Service) Friday, July 15, 2011

Scalability Large Medium Small Friday,
July 15, 2011

A Truly Scalable System Maintains
performance Operationally efficient Resilient Cost-effective Friday, July 15, 2011

Scale Up / Scale Out
Scale Out (horizontally) Friday, July 15, 2011

Scale Up / Scale Out
Scale Up (vertically) Friday, July 15, 2011

First example: Scaling up EC2
Friday, July 15, 2011

This is a video Friday,
July 15, 2011

Web Management Https (encrypted) Console
Multi-Factor Auth (MFA) Amazon Web Services API Friday, July 15, 2011

Web Software Management Libraries Console
and SDK Java, PHP, Ruby, Python, .NET Eclipse Toolkit Mobile: Android, iOS Amazon Web Services API Friday, July 15, 2011

Web Software Command Management Libraries
Line Console and SDK Interface Amazon Web Services API Friday, July 15, 2011

Web Software Command Resource Management
Libraries Line Management Console and SDK Interface Tools Puppet Chef PyChef Fabric Cuisine Etc. Amazon Web Services API Friday, July 15, 2011

Web Software Command Resource Management
Libraries Line Management Console and SDK Interface Tools Amazon Web Services API Friday, July 15, 2011

Cost is affected by Architecture
EC2 instances (Generic, High-CPU, High-Mem) Data compression Backup strategy, example: Amazon S3: High Durability / Reduced Durability 99.99999999999% 99.99% 0.140 0.093 US$ / GB / month US$ / GB / month Friday, July 15, 2011

EC2 instances: Small vs Medium
1 ECU = 1.2 GHz Xeon Small Medium Elastic Compute Unit 1 5X 5 RAM 1.7 GB 1.7 GB Storage 160 GB 2.2X 350 GB Hourly cost (US$) 0.085 2X 0.170 Friday, July 15, 2011

This is a video Friday,
July 15, 2011

The Cloud Architect Physical vs.
Cloud Scalability Interface Costs Friday, July 15, 2011

When you use AWS, you
can... Launch EC2 with EBS behind ELB with your domain on Route 53 and your videos on Cloudfront, backup to S3 and your DB on RDS with Multi-AZ. (so, sorry for the many acronyms) Friday, July 15, 2011

Design for Failure and nothing
will fail Intro 1 2 3 4 5 6 7 End Friday, July 15, 2011

Design for Failure and nothing
will fail Friday, July 15, 2011

Design for Failure and nothing
will fail Backup/Restore strategy Become impervious to reboot/relaunch Move in-memory sessions to data store Use Availability Zones (AZ), distribute EC2 Use Elastic Load Balancer Use Relational Database Service + Multi-AZ Use Elastic IP Friday, July 15, 2011

The AWS global infrastructure Friday,
July 15, 2011

Regions Region: set of multiple
Data Centers US West US East AP Japan EU West AP Singapore Friday, July 15, 2011

Availability Zones (AZ) Distinct locations,
insulated from failures Low latency connectivity within same region US West US East A B AP Japan A B A B C A B C C D EU West A B AP Singapore Friday, July 15, 2011

In addition to this... Friday,
July 15, 2011

Amazon Cloudfront + Route 53
Content Delivery Network (CDN) + DNS Seattle Amsterdam New York London Newark Stockholm Palo Alto Dublin Tokyo Frankfurt Paris Los Angeles Ashburn Jacksonville Hong Kong Dallas St.Louis Miami Singapore Friday, July 15, 2011

Multi-AZ US West US East
A B AP Japan A B A B C A B C C D EU West A B AP Singapore Friday, July 15, 2011

Multi-AZ ap-southeast-1a ap-southeast-1b EC2 EC2
EC2 EC2 AP Singapore Friday, July 15, 2011

Multi-AZ with RDS ap-southeast-1a ap-southeast-1b
Master DB RDS RDS Standby Replica Auto Sync AP Singapore Friday, July 15, 2011

This is a video Friday,
July 15, 2011

Decouple Intro 1 2 3
4 5 6 7 End Friday, July 15, 2011

Simple Queue Service Reliable, highly
scalable Queue Unlimited Queues / Messages Lock / Unlock Messages Also available externally Friday, July 15, 2011

Example: video encoding Sequential A
B C D Input Store Encode Publish Friday, July 15, 2011

Example: video encoding Asynchronous A
B C D Input Store Encode Publish M M M M M M M M MMM SQS Queue SQS Queue SQS Queue Friday, July 15, 2011

Example: video encoding Easier to
scale! C C B B CC C A B C D Input Store Encode Publish M M M M M M M M MMM SQS Queue SQS Queue SQS Queue Friday, July 15, 2011

Elasticity Intro 1 2 3
4 5 6 7 End Friday, July 15, 2011

“Elastic” Honey Bees Friday, July
15, 2011

“Elastic” Honey Bees Waggle dance
Bee hive Food Water Housing Friday, July 15, 2011

Elasticity with Amazon EC2 Cloudwatch
EC2 EC2 EC2 EC2 EC2 EC2 EC2 EC2 EC2 EC2 Amazon Web EC2 EC2 Services Your Application(s) Friday, July 15, 2011

Elasticity with Amazon EC2 Cloudwatch
EC2 EC2 EC2 EC2 EC2 EC2 EC2 EC2 EC2 EC2 Amazon Web EC2 EC2 Services Your Application(s) Friday, July 15, 2011

Elasticity with Amazon EC2 Cloudwatch
EC2 EC2 EC2 EC2 EC2 EC2 EC2 EC2 Amazon Web EC2 EC2 Services Your Application(s) Friday, July 15, 2011

Elasticity with Amazon EC2 Cloudwatch
EC2 EC2 EC2 EC2 EC2 EC2 EC2 EC2 Amazon Web EC2 EC2 Services EC2 Your Application(s) EC2 Friday, July 15, 2011

Elasticity with Amazon EC2 Cloudwatch
EC2 EC2 EC2 EC2 EC2 EC2 EC2 EC2 EC2 EC2 Amazon Web EC2 EC2 Services Your Application(s) Friday, July 15, 2011

Elasticity Scaling: Cyclic / Event-based
/ AutoScaling CloudWatch metrics Scale everything (servers, storage, etc) Use Management Tools whenever possible Bootstrap your instances Friday, July 15, 2011

Elasticity Scaling: Cyclic / Event-based
/ AutoScaling CloudWatch metrics Scale everything (servers, storage, etc) Use Management Tools whenever possible Bootstrap your instances Scaling out Scaling up EC2 EBS (from 1 to 5 servers) (from 20 GB to 100 GB) Friday, July 15, 2011

This is a video Friday,
July 15, 2011

Dynamic and Static Intro 1
2 3 4 5 6 7 End Friday, July 15, 2011

Dynamic and Static Keep dynamic
data closer to EC2. E.g.: use same AZ for data-intensive applications Keep static data closer to end-user E.g.: use Cloudfront to distribute content Tools: Custom AMI (Amazon Machine Image), Elastic IP Friday, July 15, 2011

This is a video Friday,
July 15, 2011

Remapping an Elastic IP ec2-50-16-126-161.compute-1.amazonaws.com
web 1 107.20.243.251 web 2 Friday, July 15, 2011

Think Parallel Intro 1 2
3 4 5 6 7 End Friday, July 15, 2011

High speed train: Shinkansen One
engine per car! Friday, July 15, 2011

Think Parallel Elastic Map Reduce
(EMR) Multi-part upload for Amazon S3 Elastic Load Balancing Friday, July 15, 2011

This is a video Friday,
July 15, 2011

Don’t fear constraints Intro 1
2 3 4 5 6 7 End Friday, July 15, 2011

1502: Leonardo Da Vinci’s bridge
id II: B ay ez S u l t an ib le !" po ss " Im Friday, July 15, 2011

After 499 years, in 2001
Friday, July 15, 2011

Bridge Cloud Friday, July 15,
2011

Don’t fear constraints Need Better
Database performance? Sharding / Multiple Read-Only / Clustering Need More RAM? Shared Distributed cache (Memcached) Need Faster disks? Multiple EBS in Raid configuration Friday, July 15, 2011

Multi-AZ for RDS ap-southeast-1a ap-southeast-1b
Master DB RDS RDS Standby Replica (as shown earlier) Friday, July 15, 2011

RDS Read Replica ap-southeast-1a ap-southeast-1b
RDS RDS Master Standby Read RDS Queries Replica RDS 1 Replica 2 Friday, July 15, 2011

Security Intro 1 2 3
4 5 6 7 End Friday, July 15, 2011

Security
Friday, July 15, 2011

Security Certifications: ISO 27001, PCI-DSS
level 1, etc. Physical / Network Security Encryption: SSL Endpoints, Encrypted FS EC2: Instance Isolation Security Groups IAM: Identity Access Management VPC: Virtual Private Cloud Friday, July 15, 2011

Security groups my Computer (107.3.8.123)
RDS-servers RDS RDS internet RDS 80 22 1521 web-servers app-servers DB-servers EC2 EC2 EC2 any EC2 22 EC2 EC2 EC2 EC2 EC2 1521 Friday, July 15, 2011

This is a video Friday,
July 15, 2011

IAM: Identity Access Management Manage
Users / Groups Manage security credentials Control access to API Control access to specific resources Control access based on environment variables Cost: zero. Friday, July 15, 2011

VPC: Virtual Private Cloud Your
AWS Cloud Company Public EC2 EC2 locallocal Internet EC2 EC2 EC2 EC2 local local EC2 local 3 2 NAT EC2 EC2 Direct Virtual Private Cloud EC2 Private EC2 EC2 VPN EC2 EC2 EC2 1 Friday, July 15, 2011

Conclusions Intro 1 2 3
4 5 6 7 End Friday, July 15, 2011

De Architectura, 1st century C.E.
Friday, July 15, 2011

De Architectura, 1st century C.E.
Firmitas Durability (Redundancy, Replication) Utilitas Utility (efficient use of resources) Venustas Beauty (Pleasure, Meaning, Satisfaction) Automation It works Focus Friday, July 15, 2011

The “beauty” of Cloud Computing
Automation It works Focus Friday, July 15, 2011

The “beauty” of Cloud Computing
CloudFormation Provision AWS resources in an orderly fashion Elastic Beanstalk Deploy applications in the Cloud Simple Email Service (SES) Highly scalable, cost-effective email-sending service Friday, July 15, 2011

Seven principles: recap 1. Design
for failure and nothing will fail 2. Decouple 3. Elasticity 4. Dynamic and Static 5. Think Parallel 6. Don’t fear constraints 7. Security Friday, July 15, 2011

ARCHITECTING FOR THE CLOUD Friday,
July 15, 2011

Simone Brunozzi AWS Technology Evangelist,
APAC Cardcloud.com/simone Twitter: @simon #awstour Friday, July 15, 2011