Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Best Practices: Operational Checklists for the AWS Cloud - AWS NYC Summit 2012

Basic and Enterprise Checklists for deploying web applications in the AWS Cloud

  • Login to see the comments

Best Practices: Operational Checklists for the AWS Cloud - AWS NYC Summit 2012

  1. 1. Best Practices:Operational Checklists for the AWS CloudSteve Morad – Enterprise Solutions Architect
  2. 2. Operational ChecklistsCustomers Appreciate Our FlexibilityCustomers Asked For Operational Best Practices
  3. 3. Basic Operations ChecklistPurpose Prior to initial deployment Assess an application’s use of specific services Avoid common first-time implementation mistakes
  4. 4. Enterprise Operations ChecklistPurpose Identify Key Concepts Develop a holistic cloud strategy Sophisticated cloud migrations or deployments
  5. 5. Agenda Basic Operations Checklist Enterprise Operations Checklist Customer Example: Monetate
  6. 6. Basic Operations Checklist Basic Security Questions Nested IAM Users Instance Security Security Groups Sharing AMIs Operational use of Amazon EC2 Dynamic EBS-backed Instance Separate Addressing Instance Store-backed OS & Data Volumes
  7. 7. Basic Operations Checklist (cont…) HA, Backup and Recovery EC2 EC2 Instance Snapshots Mapping Custom Names to AWS Route 53
  8. 8. Basic Operations Checklist Application Deployment and Testing Opportunities
  9. 9. Enterprise Operations ChecklistBasic Operations ChecklistEnterprise Operations Checklist
  10. 10. Enterprise Operations ChecklistBilling & Account ManagementSecurity & Access ManagementAsset ManagementApplication HA/ResilienceApplication DR/BackupMonitoring & Incident ManagementConfiguration & Change ManagementRelease & Deployment Management
  11. 11. Customer ExampleTom Janofsky• VP Engineering at MonetateMonetate• SAAS provider of marketing agility tools - testing, targeting and merchandising• 20% of comScore BlackFriday transactions passed through Monetate’s platform• Deployed on AWS for 4 years
  12. 12. Billing & Account Mgmt @ MonetateSimple Setup• 1 AWS account for dev, test, accept, 1 account for productionBilling/Charge Back• Spent much time modeling AWS costs and built a model driven by a single factor (API calls) that is simple to explain and an accurate proxy for actual AWS costs• No direct billing for AWS usageCost Optimization• Reserved instances for constant load• Blend of on-demand and spot Instances with EMR to reduce costs for intensive data processing
  13. 13. Security & Access Mgmt @ MonetateAccess Control • Console access via IAM credentials • AWS REST API via secret keys • Network access via ssh public key authentication • Application access over HTTPS, role based access control • Automated tools for granting and revoking privileges and rolling keys • No PCI or PII data
  14. 14. Application HA/Resilience @ MonetateDeployed in 4 availability zones across 2 regions (east and west)Routing and failover with DNS based global traffic managementEach zone has a consistent configurationCustom load balancing with HAProxyEIP for public facing proxies - automated takeover for failed proxiesAll DBs on EBS volumes, snapshotted
  15. 15. Monitoring & Incident Mgmt @ Monetate24x7 Internal and external based monitoringCloudWatch metricsApplication and OS level monitoring and alerting3rd party notification and escalation tool
  16. 16. Config/Deployment Mgmt @ MonetateConfiguration Management• Consistent AMI across deployment• Automated configuration• Automated patch managementDeployment Management• Updates applied only to new instances, added to cluster, rollback is to existing instances• No downtime for deploymentTesting• 5x like-like production testing
  17. 17. Operational Checklists for AWS Basic Operations Checklist Enterprise Operations Checklist Thank You!