Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

AWS re:Invent 2016: How to Launch a 100K-User Corporate Back Office with Microsoft Servers and AWS (WIN303)

614 views

Published on

Learn how to build a scalable, compliance-ready, and automated deployment of the Microsoft “backoffice” servers for 100K users running on AWS. In this session, we show a reference architecture deployment of Exchange, SharePoint, Skype for Business, SQL Server and Active Directory in a single VPC. We discuss the following: (1) how the solution is automated for 100K users, (2) how the solution is enabled for compliance (e.g., FedRAMP, HIPAA, PCI), and (3) how the solution is built from modular 10K user blocks. Attendees should have knowledge of AWS CloudFormation, PowerShell, instance bootstrapping, VPCs, and Amazon Route 53, as well as the relevant Microsoft technologies.

Published in: Technology
  • Be the first to comment

  • Be the first to like this

AWS re:Invent 2016: How to Launch a 100K-User Corporate Back Office with Microsoft Servers and AWS (WIN303)

  1. 1. © 2016, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Bill Jacobi, Senior Solutions Architect November 30, 2016 Running Your First 100K Microsoft Users on AWS WIN303
  2. 2. What to Expect from the Session Learn how AWS has built a push-button, automated solution that runs the Microsoft Servers that have been scaled to 100K users. This session will discuss how to build, load-test, and display metrics of a complex Windows stack. Attendees should have familiarity with Microsoft server architectures and AWS. This session will cover Windows technologies mapped to AWS including EC2 Windows, Bootstrapping, Load Balancing, CloudFormation, Elastic Beanstalk, Elasticsearch, CodeCommit, and Direct Connect to facilitate running a multi-tier Microsoft server stack at scale.
  3. 3. Why Run Microsoft Servers on AWS? Amazon’s Migration to AWS Microsoft Servers Quick Start Demo of 100K Users Load Testing with Locust and ELK stack - SA Contributor: Len Henry How the Solution was Built Agenda
  4. 4. Why Run Microsoft Servers on AWS? ISV Application and Add- On Compatibility ISV applications and add-ons are supported by the AWS Infrastructure-as-a-Service platform DevOps enabled AWS CloudFormation builds infrastructure while Microsoft PowerShell builds applications, in a CI/CD lifecycle Optimization AWS enables you to monitor, aggregate, report on, and act on application and infrastructure metrics Depth/breadth of services Build solutions around the Microsoft stack that combine the Windows and Open Source ecosystems, and AWS services Auditability enabled Every API call, network packet in/out, and infrastructure change is audited and logged, supported by a rich policy model License management AWS Config can monitor license compliance of server-bound licenses on Amazon Dedicated Hosts and Dedicated Instances. Enabled for compliance Applications can run under NIST, PCI, or HIPAA Accelerators to provide baseline regulatory controls
  5. 5. In 2013, Amazon IT decided to migrate the Microsoft stack to AWS Over 200K Amazon users access Exchange, SharePoint, and Lync through the corporate image Exchange data points: • There are 26 Exchange servers (4 per AZ) • 7,600 users per server • DAG Architecture for HA • Supports users in Americas, EMEA, and Asia Amazon’s Migration to AWS
  6. 6. Quick Start CloudFormation template Deployment Guide (PDF)
  7. 7. • Exchange DAG architecture • Lync Paired Pool architecture • SQL Server Always On architecture for SharePoint • Brick architecture represents a 10K modular pod: Scale horizontally • Use the Microsoft capacity calculators to validate logical architecture • Use load-testing to validate physical architecture Microsoft Topologies 10.0.0.10
  8. 8. Amazon Infrastructure • Single VPC for integrated cross-server experience • Multiple AZs for high availability across all servers • DMZ subnet for management • Private subnet for all application servers • Security groups for server roles and NACLs for subnets • 2 AD sites mapped to the 2 AZs for high availability • Amazon Workspaces clients or on-premises clients • Connect to on-premises through VPN or AWS Direct Connect
  9. 9. Microsoft Servers Quick Start
  10. 10. Client Demo – Microsoft Servers
  11. 11. Server Demo – Microsoft Servers
  12. 12. Load Testing 100K Users with Locust Locust master Locust worker Locust worker Locust worker Locust worker Locust worker Locust worker Locust worker Locust worker Locust worker SharePoint WFE/App1 SharePoint WFE/App2 SharePoint WFE/App3 SharePoint WFE/App4 SharePoint WFE/App5 SharePoint WFE/App6 SharePoint WFE/App7 SharePoint WFE/App8 SharePoint WFE/App9 SharePoint WFE/App10
  13. 13. Log Aggregation of IIS web requests with an ELK (ElasticSearch, LogStash, Kibana) Stack Amazon Elasticsearch https://www.elastic.co/products/logstash
  14. 14. Log Display with a Kibana Dashboard
  15. 15. How the Solution was Built • CloudFormation Stacks, PowerShell, Parameters • AWS CodeCommit • SharePoint Logical and Physical Architecture • Performance and Latency • Auditability
  16. 16.  CloudFormation is service for automating deployment of resources: EC2, VPC, NAT, and others  CloudFormation template − JSON-formatted document which describes a configuration to be deployed in an AWS account − When deployed, refers to a “stack” of resources − Stacks can and should be nested for modularity − Starting point is a usually a baseline OS or pre- configured AMI  PowerShell is inserted into instance start up in CloudFormation  CloudFormation controls configuration across reboots AWS CloudFormation DevOps – CloudFormation
  17. 17. DevOps – AWS Cloud Formation Master Stack orchestration ADStack SQLStack ExchangeStack SharePointStack LyncStack 1 2 3 4 5 6 AZs, VPC, subnets, R53 DC, Global Catalog, DNS, Repl AZs, LB, VPC, R53 MBOX, Edge, DAG, RDG, AD AZs, LB, VPC, R53 FrontEnd, Edge, SQL, RDG, AD AZs, VPC, EIPs, storage WSFC, AlwaysOn, Quorum, Witness, RDG, Full Backup AZs, LB, VPC, R53 WFE, AppSrv, SQL, RDG, AD Layer 1 Layer 2 Layer 3 MSServers Solution - 6 CloudFormation Stacks
  18. 18. DevOps – Nested Stacks • Master stack calls AD; Depends on SQL and • Stacks create modularity, reuse, and resource ordering • See blog post for more details "Resources": { "ADStack": …AWS::CloudFormation::Stack… "SQLStack": { "Type": "AWS::CloudFormation::Stack", "DependsOn": "ADStack", "Properties": … }
  19. 19. CloudFormation Parameters = Full Control
  20. 20. Create Lync FrontEnd1 Instance Embed PowerShell Sample of Lync Front End CFN Template
  21. 21. AWS CodeCommit provides version control with Git
  22. 22. SharePoint Logical Architecture
  23. 23. Performance and Latency: Wash DC–Portland, OR 88 ms round trip via Internet 59 ms round trip via Direct Connect
  24. 24. Auditability  Infrastructure − AWS CloudTrail − AWS Config (see whitepaper for license auditing) − Amazon Inspector  Network − VPC flow logs − Elastic Load Balancing access logs  Application − Amazon CloudWatch Logs can integrate • IIS logs • Event logs • Event Tracing for Windows (ETW) logs • Any performance counter data • Exchange, Lync, SharePoint logs • Any text-based log files  Dedicated Hosts Visibility of sockets, cores, host ID
  25. 25. Related Sessions
  26. 26. Thank you! WIN303 – Running your first 100K Microsoft users on AWS Please fill out your evaluation form

×