Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Migrating Business Critical Applications to AWS

180 views

Published on

Migrating Business Critical Applications to AWS

  • Be the first to comment

  • Be the first to like this

Migrating Business Critical Applications to AWS

  1. 1. S U M M I T Ams t e rd a m
  2. 2. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T Migrating Business Critical Applications to AWS Diaa Radwan EMEA Specialist Solutions Architect – Migration, AWS radwandr@amazon.com | @DiaaRadwan Michel Habets Lead Architect (Cloud) Platforms and Services, Enexis B.V. M M M 0 0 2
  3. 3. S U M M I T © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Common Migration Drivers Data Center Consolidation Cost Reduction Acquisitions or Divestitures Large scale compute intensive workloads Facility or Real-estate decisions Colocation or outsourcing contract changes Agility/Dev Productivity Digital Transformation
  4. 4. S U M M I T © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Common questions How do I create/consider a business case? I am not really sure what’s in my environment, how can I create a plan? Who can help me?What tools can I/should I use? When do I refactor for cloud-native vs. lift-and-shift? What’s the impact to my people? How long should it take? How do I measure success? What happens to my operating model?
  5. 5. S U M M I T © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Foundational Capabilities Cloud Center of Excellence Technical Training Hiring People & Partners Communication Plan Landing Zone Security Foundation Operations Tools Operations Model Provisioning Billing Optimization Security Operations PEOPLE PROCESS TECH Direct Connect Accounts Central Services Security Network Identity & Access Domains Start Build & Iterate Design Ops Apps Infra AWS Managed Services LeadershipInfrastructure Security Operations Applications Foundational Capability
  6. 6. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T ASSESSMENT READINESS & PLANNING APPLICATION MIGRATIONS MigrationMigration Readiness and Planning (MRP) Discover Design Build Integrate Cutover Validate Security & Compliance Landing Zone Skills/CoE Operating Model Discovery & Planning Migration Expertise Migration Business Case Migration Plan Operating Model Directional Business Case Rapid Discovery Migration Readiness Assessment (MRA) The Migration Journey
  7. 7. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T Tools and services to accelerate migration AWS MIGRATION SERVICES AWS Server Migration Service AWS Database Migration Service VMware Cloud on AWS AWS Schema Conversion Tool AWS Application Discovery Service S3 Transfer Acceleration AWS Storage & File Gateway AWS Direct Connect AWS Snowball & Snowmobile Amazon Kinesis Firehose AWS DATA TRANSFER Inventory Business case App dependency mapping Validation Workload and data migration Deep discovery and planning AWS MIGRATION HUB A single location to track the progress of application migrations across AWS and partner solutions Deloitte Deloitte Deloitte Deloitte AWS DataSync
  8. 8. S U M M I T © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Re-architect (Re-writing/Decoupling applications) Redesign Application/ Infrastructure Architecture App Code Development Full ALM / SDLC Integration Re-purchase (Replace - Drop & Shop) Purchase COTS/ SaaS & licensing Manual Install & Setup Re-platform (Lift & Reshape) Modify underlying Infrastructure Determine new platform Retain / Revisit Manual Manual Config Manual Deploy Manual Install Retire / Decommission Re-host (Lift and Shift) Discover/Assess/Prioritize Applications Determine Migration Path Use Migration Tools Transition ProductionValidation Automate Application Migration Patterns
  9. 9. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T Architecture layers for the new normal System of differentiation & Innovation| DIFFERENTIATOR FOR BUSINESS Amazon EMR Amazon API Gateway Amazon Redshift Amazon Kinesis AWS IoT Core Innovative Services Amazon SageMaker System of record | CHANGEABLE LAYER Application ERP Database Foundation | FOUNDATIONAL LAYER Compute, Storage Network Amazon EC2 Amazon VPC Amazon Elastic Block Store Amazon S3 Amazon Elastic File System Amazon FSx for Windows File Server
  10. 10. S U M M I T © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
  11. 11. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T Portfolio breadth and depth Amazon EFS AWS Storage Gateway Family Amazon S3 Amazon EBS Amazon EC2
  12. 12. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T AWS Storage portfolio Object storage S3 Standard S3 Glacier Deep Archive S3 Glacier S3 Intelligent-Tiering S3 One Zone-IA S3 Standard-IA Block storage Provisioned IOPS SSD Cold HDD Throughput-Optimized HDD NEW! COMING SOON! File storage EFS Standard EFS Infrequent Access COMING SOON! Elastic Amazon EFS AWS Storage Gateway Family Amazon S3 NEW! Amazon FSx for Lustre Amazon FSx for Windows File Server NEW! Amazon EBS Amazon EC2
  13. 13. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T Migrating data: Five key questions 1) What kind of data is it, and where is it going? 4) How much data and time do you have? 2) One time or continuous movement? 3) One way or bi-directional? 5) WAN links & bandwidth constraints? Amazon S3 Amazon EC2 Amazon EFS Amazon EBS Amazon Aurora Amazon EMR Amazon Glacier Amazon RDS AWS IoT Amazon Redshift Files Block volumes Databases IoT Streams Amazon FSx Amazon DynamoDB AWS Machine Learning
  14. 14. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T AWS data transfer & hybrid storage Online managed data transfer Hybrid storage Offline data transfer Private network connections to AWS Load streaming data into Amazon S3 Ship static data into and out of Amazon S3 Access AWS storage from on-premises Edge locations for Amazon S3 enabled applications Online transfer of active data AWS DataSync AWS Transfer for SFTP SFTP transfers into Amazon S3 NEW NEW Storage and compute in disconnected environments Network-based services
  15. 15. S U M M I T © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
  16. 16. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T Enterprise DC Branch Cloud networking use cases Securely extend the private networks to the cloud from the Branch and DC Extend and facilitate routing across multi-VPC environments Maintain application experience VPC VPC VPC VPC VPC Simplify orchestration challenges
  17. 17. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T Amazon Virtual Private Cloud (Amazon VPC) AWS Direct Connect Amazon Elastic Load Balancing Amazon Route 53 Core networking offerings AWS offers a wide variety of networking services, with four at the center: 53
  18. 18. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T Networking Solutions in AWS Marketplace Key Use Cases VIRTUAL ROUTING SOLUTIONS VIRTUAL PRIVATE CLOUDS (VPCs) AND TRANSIT VPCs SOFTWARE DEFINED WAN (SD-WAN) APPLICATION DELIVERY CONTROLLERS Provide Network Capabilities Leveraging Software Running in a Virtual Machine, Rather than as a Hardware Appliance Provide Network Connectivity to Amazon Virtual Private Clouds (VPCs) and Transit VPCs Provide High Performance Connectivity Between Corporate Network and Branch Offices, Over the Internet Optimize Network Functions such as Load Balancing, Firewall, and WAN Optimization to Ensure Application Security and Availability
  19. 19. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T Transit VPC capabilities on AWS § Leverage Virtual Gateway capabilities to maintain network connections to the transit VPC network appliances § Connect remote networks to the transit Virtual Private Network (VPN) appliances using dynamically routed VPN connections § Implement more complex routing rules based on the transit VPC design § Support any IP-based connectivity requirements with minimal on-premises network changes required § Configure NAT in Transit VPC to overcome Overlapping IP challenge
  20. 20. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T Extend SD-WAN fabric to AWS cloud: Multi-pathing Segmentation QoS Security Hybrid WAN transport Automated Provisioning Transit router redundancy for HA Cisco SD-WAN + AWS Branch Connectivity to AWS Key Customer Benefits
  21. 21. S U M M I T © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
  22. 22. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T High I/O Amazon EC2 instances Amazon EC2
  23. 23. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T Amazon EC2 instances for SAP HANA18 24 .244 .488 1 2 4 6 9 12 R4 R4 X1 X1 X1e TB Available Now 2019 EC2 High Memory Instances
  24. 24. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T SCP on AWS: full extensibility AWS SAP Cloud Platform Amazon API Gateway 0 10 20 30 Analytics Blockchain DataM anagem ent DataPrivacyand Security DevOps Integration InternetofThings M achineLearning M obile Ratesand M easures UserExperience
  25. 25. S U M M I T © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
  26. 26. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T Customers succeeding with Oracle on AWS
  27. 27. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T Amazon Relational Database Service (Amazon RDS) for Oracle Enterprise Solutions • No infrastructure management • Instant provisioning • Scale up/down • BYOL/licensed included PeopleSoft Siebel JD Edwards Oracle Application Express Oracle Commerce Fusion Middleware RCU – (SOA, WebLogic)
  28. 28. S U M M I T © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
  29. 29. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T According to IDC, almost 2/3 of Windows instances running on public cloud run on AWS © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. IDC, Windows Server Operating Environment Market Update, Doc # US44217118, Aug 2018 30.9% 11.4% Worldwide Windows Public Cloud IaaS Instances by Cloud Provider, 2017 Azure https://d1.awsstatic.com/analyst-reports/IDC_Slide_WindowsonAWS_JM181015.pdf
  30. 30. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T Flexible Why Are Customers Migrating Windows Applications to AWS? Secure Reliable High-Performance Familiar Cost-Effective Extensive Optimization for Windows-based workloads Wide range of scalable services Alignment with business needs
  31. 31. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T Amazon FSx for Windows File Server Lift and shift your Windows file storage with fully managed Windows file servers Handles patching and other maintenance Fast and flexible performance Native Windows compatibility back to Windows 7 Connect to Amazon EC2, WorkSpaces, Appstream 2.0 & VMware Cloud on AWS Ready for Enterprise Apps like ERP & CRM
  32. 32. S U M M I T © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Enexis Migration Journey
  33. 33. 2017 2016 High voltage Medium voltage Low voltage EXCELLENT DISTRIBUTION SYSTEM MANAGEMENT IN FIGURES SERVICING AREA 1-1-2018 Electricity Electricity and Gas NUMBER OF CUSTOMERS 2,3 million gas 2,8 million electricity § 139.100 km § 2.786.000 connections § 34.592 GWh Electricity grid Gas grid § 46.400 km § 2.315.000 connections § 6.241 Mm3 INVESTMENTS IN THE GRIDS In millions of euros 423 2016: 384 until 2017 2017 2016 2015 2014 2013 Smart meters Electricity meters 1.414.309 387.146 366.010 233.247 174.165 128.795 Gas meters 1.136.403 325.299 308.516 149.204 149.494 96.291 Total 2.550.712 712.445 674.526 382.451 323.659 225.086 OUTAGE TIME Gas outage time in seconds 20162017 Electricity outage time in minutes 20162017 45 50 13,8 15,2
  34. 34. AMBITIOUS GOALS MISSION We are achieving sustainable energy supply through state-of-the-art services and networks and by being in the driving seat of innovative solutions STRATEGIC GOALS § Our grids and services are ready in time for the changes in the energy world. § Our energy supply is reliable. § Our services are excellent, resulting in high levels of customer satisfaction and a reduction in costs. § Together with local partners, we are attaining the Dutch targets regarding sustainable generation and energy saving. § We are delivering innovative and scalable solutions that accelerate the transition to a sustainable energy supply. ACCELERATING ENERGY TRANSITION EXCELLENT DISTRIBUTION SYSTEM MANAGEMENT
  35. 35. The origins – Enexis ICT • In 2009, Enexis was split from Essent. • Outsourced IT • Limited technical skills and knowledge • Optimized on processes
  36. 36. The original process From “A” to “B” takes 6+ weeks and requires 14+ handovers Recognized Tech. Demand Write Functional Design Request non- std. Change Triage Approved request Write HLDApprove HLDWrite TD Change TasksTech. Test Write Tech. Detail Doc. Accept TDD Write Change Approval doc. Accept doc. Supply Tech. Functional Demand Functionality?
  37. 37. The challenge ahead • Outsourcing contract ended è appr. 150 “on-premise” applications • The Energy Transition è an unknown future • Ability to deliver functionality within 3 months • Drive down costs • And now also: HSE è extending into IT We defined our goals but needed help
  38. 38. Our recipe “a.k.a.: automate the hell out of it, while providing protection against disastrous mistakes”
  39. 39. The Cloud Native Architecture Platform (=CNAP) Infrastructuur Platform DSFW Security DevOps Tooling Containerization MonitoringServices Integratie
  40. 40. AWS Cloud Kubernetes OKTA Azure Cloud Active Directory GitLab repo’s Ansible DataDog Splunk GitLab CI Hashicorp Vault ParkMyCloud Artifactory DMS (CommVault) AWS Cloud Kubernetes OKTA Azure Cloud Active Directory GitLab repo’s Ansible DataDog Splunk GitLab CI Hashicorp Vault ParkMyClo ud Artifactory DMS (CommVaul t) Application Stack #204 Application Stack #203 CNAP A slice of cake for every team
  41. 41. The “bumpers” – desired state • Infrastructure as Code è NOBODY gets access to the AWS console … • Code validation o Lint/Test/Build o CI/CD Pipelining o Version Control (i.e. Tag) • Every VM is baselined: o RBAC o Tooling/agents o CIS Benchmarks • “Four eyes” principle o Firewall rules
  42. 42. Educate • Onboarding of all (DevOps) teams • Courses available for everyone (ebooks, elearning, classroom, on- the-job) • Documentation about the CNAP in a Wiki SharePoint site • Documentation in the provided templates • Monthly Release Notes on all CNAP changes • Goto-Guy/Girl availability
  43. 43. Automation
  44. 44. Open Sourced libraries • https://github.com/schubergphilis/towerlib.git • https://github.com/schubergphilis/hashivaultlib.git • https://github.com/schubergphilis/terraformtestinglib.git • https://github.com/schubergphilis/oktalib.git • https://github.com/schubergphilis/winrmmanager.git • https://github.com/schubergphilis/terraformlintingcli.git
  45. 45. The proof of the pudding is in the eating
  46. 46. Timeline • Start building CNAP 01-aug-2017 • Ready for 1st movers 01-nov-2017 • CNAP “open for business” 01-feb-2018 • Transformation phase 1 will be ready 1-feb-2019 è AWS IaaS services actually work ; this enabled a quick transformation • After that we will start phase 2 è move away from IaaS to Paas/SaaS
  47. 47. Facts and Figures • To date, we have Transformed appr. 90 business applications to the cloud è that’s 2 applications per week; every week since March • We consolidated or retired 25+ applications • NO roll-backs ever necessary. Analytic tools in place, up- /downscaling in place, etc. • NO freeze during the project, shop was always open è we facilitated 16 new projects/initiatives
  48. 48. Our new proces Notice the differences: • Teams can work DevOps and deliver actual functionality • From “A” to “C” can be done in 1 day IT Demand Merge (Request) Testing Done Script / Code / Config DSFW Automated Deployment GOTO START IF NOK Functional Demand Functional Supply
  49. 49. More figures Avg. 20 per day Avg. 50 MR’s/day 2600 unique tasks
  50. 50. While keeping in control • Realtime monitoring and alerting for teams • Security dashboards
  51. 51. Short animation ; E-grid analysis How does this benefit Enexis
  52. 52. Cloud Native design We could never “do this at home” (= on premise) ….
  53. 53. Lessons Learned • Since we opened for business too soon, we have technical debt that will be hard to fix • Management was not educated enough, resulting in lack of ownership on the receiving side • Implement a tagging and cost-management strategy very early; we prioritized it insufficiently • Cloud resources are not for free. After a migration, celebrate, but start rightsizing immediately.
  54. 54. Next year’s talk … Enexis datalake
  55. 55. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T Thank you! S U M M I T © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Diaa Radwan @DiaaRadwan
  56. 56. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I TS U M M I T © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
  57. 57. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T

×