AWS re:Invent 2016: Hybrid Architectures: Bridging the Gap to the Cloud( ARC208 )

592 views

Published on

AWS provides many services to assist customers with their journey to the cloud. Hybrid solutions offer customers a way to continue leveraging existing investments on-premises, while expanding their footprint into the public cloud. This session covers the different technologies available to support hybrid architectures on AWS. We discuss common patterns and anti-patterns for solving enterprise workloads across a hybrid environment.

Published in: Technology
0 Comments
2 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
592
On SlideShare
0
From Embeds
0
Number of Embeds
19
Actions
Shares
0
Downloads
70
Comments
0
Likes
2
Embeds 0
No embeds

No notes for slide

AWS re:Invent 2016: Hybrid Architectures: Bridging the Gap to the Cloud( ARC208 )

  1. 1. © 2016, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Jamie Butler Manager, Solutions Architecture 11/29/2016 ARC208: Hybrid Architectures, Bridging the Gap to the Cloud
  2. 2. Introductions
  3. 3. What to Expect from the Session • What is a 200 level talk • Prerequisites • Basic understanding of Cloud Computing • Familiarity of AWS Regions/AZs • Overview of the AWS services used for hybrid cloud • Customer use-cases for hybrid cloud • How to build a hybrid environment from scratch
  4. 4. Not an all or nothing decision “Many of you may think what we’re promoting here is that cloud is an all or nothing decision. You either go into the cloud or stay home. That is not the case. What we’ve built is a whole set of services that allow you to run both on- premise and in the cloud seamlessly together.” – Werner Vogels
  5. 5. Customer’s Journey to the Cloud
  6. 6. Customer Environment corporate data center File Server Active Directory Domain Controller Desktop
  7. 7. Let’s first talk about Identity
  8. 8. Identity Management - IAM • Fine grained access control for AWS resources • Multi-factor authentication for highly privileged users • Can integrate with corporate directory Identity and Access Management
  9. 9. IAM- Federation • Grant external identities access to AWS resources • External providers such as Microsoft AD, Amazon, Facebook, Google, or any OpenID provider AWS Security Token Service
  10. 10. Identity Management - Directory Service • 3 versions; Microsoft AD, Simple AD, AD Connector • Managed Service • Join instances to an AD Domain • Single Sign-On to AWS Console and Applications AWS Directory Service
  11. 11. SSO in Action Demo of Directory Services Console Login…
  12. 12. Let’s Move Some Data to AWS
  13. 13. Storage S3 Standard S3 Standard - IA Amazon Glacier Designed for Durability 99.999999999% 99.999999999% 99.999999999% Designed for Availability 99.99% 99.9% N/A Availability SLA 99.9% 99% N/A Minimum Object Size N/A 128KB* N/A Minimum Storage Duration N/A 30 days 90 days Retrieval Fee N/A per GB retrieved per GB retrieved** First Byte Latency milliseconds milliseconds 4 hours Storage Class object level object level object level Lifecycle Transitions yes yes yes
  14. 14. AWS Snowball • Fast Data Transfer • 256-bit Encryption • Rugged and Portable • End-to-End Tracking • Secure Erasure AWS Snowball
  15. 15. Start with backups AWScorporate data center File Server Active Directory Domain Controller Desktop Amazon S3 Backup Data over the Internet Glacier Archive Lifecycle Policy
  16. 16. Storage Gateway • 3 Modes – Stored, Cached, VTL • Securely transfers and stores data • Durably backed by S3 and Glacier • Uses industry standard iSCSI interface AWS Storage Gateway
  17. 17. Running out of SAN Space, No Problem AWScorporate data center File Server Active Directory Domain Controller Desktop Amazon S3 Storage Gateway Cached Volume
  18. 18. Let’s talk about connectivity…
  19. 19. Virtual Private Cloud (VPC) • Logical isolation of the AWS Cloud • Complete control of your virtual networking environment • Set your own IP address ranges • Create subnets • Configure routing tables and networking gateways • Extend your corporate network and launch AWS resources in a virtual network that you define
  20. 20. Virtual Private Cloud (VPC) Three ways to connect to your VPC • Over the Internet • Hardware Virtual Private Network (VPN) using IPSec • Configured in minutes • AWS Direct Connect • Service provided by Amazon Partner Network (APN) Partners
  21. 21. AWS Direct Connect • Dedicated network connection to AWS • Consistent network performance • Speeds of 50-500Mbps, 1Gbps, and 10Gbps • Most hardware VPN solutions top at 4Gbps • Supports Active/Active and Active/Passive Border Gateway Protocol (BGP) Multipath
  22. 22. Connectivity to AWS virtual private cloudcorporate data center File Server Active Directory Domain Controller Desktop VPN or Direct Connect
  23. 23. Compute • Elastic Web-Scale Computing • You’re in Control • Flexible • Reliable • Secure
  24. 24. Let’s Move File Server to the Cloud virtual private cloudcorporate data center File Server Active Directory Domain Controller Desktop
  25. 25. Let’s Move File Server to the Cloud virtual private cloudcorporate data center File Server Active Directory Domain Controller Desktop
  26. 26. Let’s Move File Server to the Cloud virtual private cloudcorporate data center File Server Active Directory Domain Controller Desktop
  27. 27. Building Servers in the Cloud virtual private cloudcorporate data center File Server Active Directory Domain Controller Active Directory Domain Controller Desktop
  28. 28. Configure Directory Service virtual private cloudcorporate data center File Server Active Directory Domain Controller Active Directory Domain Controller AWS Directory Service Desktop AD Replication
  29. 29. Add EC2 File Server virtual private cloudcorporate data center File Server Active Directory Domain Controller File Server Active Directory Domain Controller AWS Directory Service Desktop AD Replication
  30. 30. Configure Replication virtual private cloudcorporate data center File Server Active Directory Domain Controller File Server Active Directory Domain Controller AWS Directory Service Desktop DFS Replication AD Replication
  31. 31. EC2 Instances in Action Demo video of building EC2 ADDC and File Server
  32. 32. Demo Environment virtual private cloudcorporate data center File Server DFSR-Fileserver Active Directory Domain Controller DFSR-DC File Server DFSR-FS-VPC Active Directory Domain Controller DFSR-DC1-VPC AWS Directory Service Desktop DFS Replication AD Replication VegasCorp.com CL4-VPC
  33. 33. What If We Added Storage Gateway? virtual private cloudcorporate data center File Server Active Directory Domain Controller File Server Active Directory Domain Controller AWS Directory Service Desktop DFS Replication AD Replication Storage Gateway Amazon S3 Backups / Snapshots
  34. 34. Storage Gateway Cost Comparison Service Cost Compute $359.42 EBS Storage $2,003.00 Total $2,362.42 Service Cost Compute $534.37 EBS Storage $43.00 Storage GW $125.00 S3 604.68 Total $1,307.05 *Estimated pricing per month on demand • Windows File Server on EC2 • 20TB EBS Storage • Windows File Server on EC2 • Storage Gateway on EC2 • 20TB S3 Storage
  35. 35. Workspaces • Windows 7/10 Desktop • Easy Provisioning • Secure and Encrypted • Desktop and Mobile Clients Amazon WorkSpaces
  36. 36. Microsoft DFS-R Hybrid Deployment virtual private cloudcorporate data center File Server Active Directory Domain Controller File Server Active Directory Domain Controller AWS Directory Service Amazon WorkSpaces Desktop DFS Replication AD Replication Storage Gateway Amazon S3 Backups / Snapshots
  37. 37. Modifying Files On-premises or in AWS Demo modifying data and showing sync….
  38. 38. Microsoft DFS-R Hybrid Deployment virtual private cloudcorporate data center File Server Active Directory Domain Controller File Server Active Directory Domain Controller AWS Directory Service Amazon WorkSpaces Desktop DFS Replication AD Replication Storage Gateway Amazon S3 Backups / Snapshots
  39. 39. What does this cost? Service Cost EC2 Compute $714.45 EBS Storage $46.00 Storage Gateway $125.00 S3 for SGW $604.68 S3-IA for backups $256.00 WorkSpaces (100 users) $3,500 Directory Service $0.00 Direct Connect $219.60 Business Support $546.50 Total $6,011.55 *Estimated pricing per month on demand ** Data egress fees apply
  40. 40. Moving All In w/ HA virtual private cloud File Server Active Directory Domain Controller AWS Directory Service Storage Gateway Amazon S3 Backups / Snapshots Availability Zone C File Server Active Directory Domain Controller AWS Directory Service Amazon WorkSpaces Storage Gateway Availability Zone B DFS Replication AD Replication
  41. 41. Take a Look at these Other Services Amazon EMR Amazon Kinesis Elastic Transcoder AWS OpsWorks Amazon WorkDocs new! Amazon Redshift AWS Database Migration Service Amazon CloudFront AWS CodeCommit AWS CodeDeploy AWS CodePipeline AWS CloudHSM
  42. 42. Thank you!
  43. 43. Remember to complete your evaluations!
  44. 44. Related Sessions ARC316 - Hybrid IT: A Stepping Stone to All-In

×