Cloud Architectures with AWS Direct Connect (ARC304) | AWS re:Invent 2013

14,911 views

Published on

Modern IT is embracing hybrid cloud as part of their overall IT strategy. AWS Direct Connect provides a critical tool for ingesting web scale data or leveraging custom appliances and legacy applications. This talk discusses the unique benefits of using Direct Connect to reduce cost, increase bandwidth, and provide a more consistent network experience between on-premises resources and the cloud. It details the components, requirements, and configuration options.

Published in: Technology, Business
1 Comment
17 Likes
Statistics
Notes
  • Wrote Cloud Design Fundamentals book with alot of Amazon AWS coverage, http://www.amazon.com/Cloud-Design-Fundamentals-Multilayered-Engineers/dp/1508470979/ref=sr_1_1/179-9314079-3914054?s=books&ie=UTF8&qid=1430589752&sr=1-1
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here
No Downloads
Views
Total views
14,911
On SlideShare
0
From Embeds
0
Number of Embeds
61
Actions
Shares
0
Downloads
699
Comments
1
Likes
17
Embeds 0
No embeds

No notes for slide

Cloud Architectures with AWS Direct Connect (ARC304) | AWS re:Invent 2013

  1. 1. Cloud Architecture with AWS Direct Connect Steve Carter, Solutions Architect, AWS Roger Greene, Sr. Director of Cloud Connect Solutions, Level 3 November 15, 2013 © 2013 Amazon.com, Inc. and its affiliates. All rights reserved. May not be copied, modified, or distributed in whole or in part without the express consent of Amazon.com, Inc.
  2. 2. Agenda • • • • • • Introduction Technical overview Global telecommunications Architecting AWS Direct Connect Customer use cases Questions
  3. 3. Introduction
  4. 4. What is AWS Direct Connect? Amazon SES HDFS Amazon Redshift Amazon Glacier Direct Connect EC2 Virtual Private Cloud AWS Cloud Elastic Beanstalk Corporate Data Center SQS 1 Gbps 10 Gbps
  5. 5. Why use AWS Direct Connect? Reduces your bandwidth costs • • Consistent cost at $0.02 / GB for data leaving USEast-1. Costs vary between regions $0.150 $0.100 $0.050 $0.000 First 10TB Direct Connect Internet Next 40TB Next 100TB Next 350TB
  6. 6. Why use AWS Direct Connect? • Consistent network performance – With AWS Direct Connect, you choose the data that utilizes the dedicated connection and how that data is routed. Doing so can provide a more consistent network experience over Internet-based connections.
  7. 7. Why use AWS Direct Connect? • Elastic – AWS Direct Connect makes it easy to meet your needs. AWS Direct Connect provides private lines, and you can easily provision multiple connections if you need more capacity.
  8. 8. Archival and Backup Amazon S3 Amazon EMR Amazon EC2 DX Facility Amazon Redshift Amazon Glacier Premises Virtual Private Cloud EU-West-1
  9. 9. Big Data Amazon S3 Amazon EMR Amazon EC2 DX Facility Amazon Redshift Amazon Glacier Premises Virtual Private Cloud EU-West-1
  10. 10. Custom Appliances Amazon S3 Amazon EMR Amazon EC2 DX Facility Amazon Redshift Amazon Glacier Premises Virtual Private Cloud EU-West-1
  11. 11. Video and Voice Amazon S3 Amazon EMR Amazon EC2 DX Facility Amazon Redshift Amazon Glacier Premises Virtual Private Cloud EU-West-1
  12. 12. What do I do next?
  13. 13. Technical Overview
  14. 14. AWS Direct Connect Facilities AWS Direct Connect Location AWS Region CoreSite 32 Avenue of the Americas, NY US East (Virginia) CoreSite One Wilshire & 900 North Alameda, LA US West (Northern California) Equinix DC1 - DC6 & DC10 - DC11 US East (Virginia) Equinix SV1 & SV5 US West (Northern California) Equinix SE2 & SE3 US West (Oregon) Equinix SG2 Asia Pacific (Singapore) Equinix SY3 Asia Pacific (Sydney) Equinix TY2 Asia Pacific (Tokyo) Eircom, Clonshaugh EU West (Ireland) TelecityGroup, London Docklands’ EU West (Ireland) Terremark NAP do Brasil South America (Sao Paulo)
  15. 15. AWS Direct Connect Partners • • • You are not required to use an AWS Direct Connect partner. Any network provider that can reach the AWS Direct Connect facility can provide service, so long as the handoff to AWS is Ethernet and meets the technical requirements. For a complete list, go to http://aws.amazon.com/directconnect/partners
  16. 16. Roger Greene Sr. Director, Cloud Connect Solutions
  17. 17. So What’s the Network Got to Do with It?
  18. 18. Application Sensitivity to Network Performance Required BW Elasticity Sensitivity to Errors Latency Sensitivity Email Voice (TDM) Voice (IP) Web Browsing (non-critical) Web Browsing (SaaS) Video Conferencing Telepresence Remote Workers Streaming Media Storage Area Networks Server Virtualization (WAN) Unified Communications Very Low Very High Jitter Sensitivity
  19. 19. Network Needs of Virtualization Activities Quality of Service Sensitivity Data Storage Migration Virtual Machine Migration Data Storage Update Distributed v-App Inter VM-traffic = Bandwidth per Flow Flow Duration
  20. 20. Latency Impact on Throughput TCP Throughput (Mbps) 1,800 1,600 1,400 RTT = 5ms RTT = 10ms RTT = 20ms RTT = 30ms 1,200 1,000 800 600 Typical Gold SLA for IP/MPLS-VPN 400 200 0 Source: Ciena Packet Delivery Ratio % Target minimum flow rate
  21. 21. Latency Effect on VMM Completion Time • VM size: 2 GB • Memory churn: 10 MBps Pause Time (secs) RTT latency (msec) Bandwidth Effect on VMM Pause Time Client-Server Business App Development Workload Retail Web Server w/ 600 Users 100 Source: Ciena Completion Time (secs) Completion Time (secs) Network Performance Impact on VMM Completion Loss Effect on VMM Completion Time • 10 msec RTT latency • 20 msec RTT latency • VM size: 2 GB • Memory churn: 100 MBps Loss % 32 % increase 24 % increase
  22. 22. Not All Networks Are Created Equal Public Internet Private Network High-Performance Private Network
  23. 23. Things to Think about When Designing Your Network
  24. 24. Who Is Level 3 NEARLY $6.4 BILLION REVENUE 10,000+ EMPLOYEES APPROXIMATELY 180,000 ROUTE MILES OF FIBER NETWORK CONNECTING 55+ COUNTRIES ON 5 CONTINENTS APPROXIMATELY 350 MULTITENANT DATA CENTERS 26.8 TB+ GLOBAL IP AND CDN CAPACITY MORE THAN 13 B MINUTES PER MONTH IN VoIP TRAFFIC © 2012 Level 3 Communications, LLC. All Rights Reserved. Proprietary and Confidential.
  25. 25. Level 3 Helps Enable the Cloud Build Clouds Connect to Clouds Building blocks on which many of the world’s most ubiquitous cloud services and private networks run Local-to-global connectivity and portfolio of network, security and optimization services to help enterprises connect private, public and hybrid clouds Virtual Private Networks Dedicated Private Networks Security Solutions Application Performance Solutions Internet Services Colocation & Data Center Professional Services Deliver over the Cloud Communication and media delivery services built into our network to help enterprises collaborate, move, store and protect critical information Contact Center Services Carrier Cloud Voice Voice Complete Video Cloud Cloud Content Exchange CDN, Storage Dynamic Enterprise Compute
  26. 26. Level 3 Cloud Connect Solutions A private network ecosystem for enterprises and government to connect with leading cloud and data center providers around the world Improved Performance Deliver cloud-based mission critical applications more quickly and without interruption with Level 3’s highly redundant fiber network, low latency offers, and class of service guarantees. Greater Security Entrust your business’s proprietary information to the cloud with Level 3’s private network and comprehensive portfolio of security services. Ultimate Flexibility Choose the cloud services that meet your business needs (without forcing you into an outmoded technology or restrictive service bundle). Tap into bandwidth dynamically, pay only for what you consume. Global Connectivity Connect offices around the world to the local cloud and data center resources needed to run mission critical applications. Reduced Costs Turn up new connections and scale bandwidth quickly and efficiently. Minimize upfront capital expenditures and lower your cost per unit by utilizing shared infrastructure.
  27. 27. AWS Direct Connect Partner
  28. 28. Technical Overview Continued
  29. 29. Submit the Request
  30. 30. Complete the Cross Connect AWS will send you an email within 72 hours with a letter of authorization and connecting facility assignment (LOA-CFA).
  31. 31. Amazon Virtual Private Cloud You need the following information: • A new, unused VLAN tag that you select • A public or private BGP ASN. If you are using a public ASN you must own it. If you are using a private ASN, it must be in the 65000 range. • The VPC Virtual Private Gateway (VGW) ID. • ID Number of your Virtual Local Area Network.
  32. 32. AWS Public Services You need the following information: • • A new, unused VLAN tag that you select. A public or private BGP ASN. If you are using a public ASN you must own it. If you are using a private ASN, it must be in the 65000 range.
  33. 33. Sharing Is Caring
  34. 34. Configure Your Router
  35. 35. Architecting AWS Direct Connect
  36. 36. Design for Failure Everything fails, all the time. – Dr. Werner Vogels, CTO
  37. 37. Design for Failure • Active-Active (BGP multipath). Network traffic is load balanced across both connections. If one connection becomes unavailable, all traffic is routed through the other. This is the default configuration. AWS DynamoDB AWS Cloud • Active-Passive (failover). One connection is handling traffic, and the other is on standby. If the active connection becomes unavailable, all traffic is routed through the passive connection.
  38. 38. Design for Failure router bgp 65001 neighbor 10.1.0.2 remote-as 65200 neighbor 10.1.0.2 description Backup neighbor 10.1.0.2 route-map prepend out Active-Passive route-map prepend permit 10 set as-path prepend 65001 65001 65001 Active-Active router bgp 1 maximum-paths 4
  39. 39. Design for Failure Utilization <= 50%
  40. 40. Design for Security Amazon SQS Users Amazon RDS DB Instance Availability Zone Private Connection Direct to Amazon VPC Amazon Elastic Transcoder Amazon RDS DB Standby (Multi-AZ) Availability Zone AWS Virtual Private Cloud Corporate Data Center Region
  41. 41. Design for Security VPN (IPSEC) Amazon SQS VPN Gateway Amazon RDS DB Instance Availability Zone Users Additional Security via IPSEC VPN Amazon Elastic Transcoder Amazon RDS DB Standby (Multi-AZ) Availability Zone AWS Virtual Private Cloud Corporate Data Center Region
  42. 42. Design for Security VPN (IPSEC) Amazon SQS Users VPN Gateway Amazon RDS DB Instance Availability Zone Monitor your network traffic in and out Amazon Elastic Transcoder Amazon RDS DB Standby (Multi-AZ) Availability Zone AWS Virtual Private Cloud IDS Corporate Data Center Region
  43. 43. Customer Use Case
  44. 44. Zadara Storage
  45. 45. Zadara via AWS Direct Connect Availability Zone X Availability Zone Y Availability Zone X AWS Region A AWS Region N AWS Direct Connect AWS Direct Connect San Jose & N. Va. Availability Zone Y Tokyo Secure remote replication Dublin Zadara Cloud A L.A.* *coming soon Zadara Cloud N
  46. 46. Zadara/AWS Direct Connect Factoids • 100Gb of combined dedicated bandwidth – 4x10Gb lanes in East – 2x10Gb at other locations (US West 1, EU West 1 and AP Northeast 1) – Each region is Active/Active for high availability • • • • • Total separation among customers, via VLANs Maintained zero downtime in 2 years Moved ~225TB in October Exceeding 50 VIFs per lane Thanks to VIF API, onboarding new users in 5 minutes
  47. 47. Representative Traffic in US East
  48. 48. Find Out More STG401 – NFS and CIFS Options for AWS 10:15am – 11:15am in Venetian B
  49. 49. Questions?
  50. 50. Come Talk to Us! Level 3 booth in AWS Partner Central AWS in Developer Lounge
  51. 51. Please give us your feedback on this presentation ARC304 As a thank you, we will select prize winners daily for completed surveys!

×