Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Running Microsoft Enterprise Workloads on Amazon Web Services


Published on

The cloud is the new norm for organisations of all sizes. In this session you will learn how to create an entire Microsoft Enterprise environment in AWS that includes AWS Active Directory Service, Simple System Management (SSM) service, MS Exchange and SharePoint.

James Saull, Principal Solutions Architect, Amazon Web Services, EMEA

Published in: Technology
  • Be the first to comment

Running Microsoft Enterprise Workloads on Amazon Web Services

  1. 1. © 2016, Amazon Web Services, Inc. or its Affiliates. All rights reserved. James Saull, Principal Solutions Architect April 28th, 2016 Microsoft Workloads on AWS
  2. 2. Agenda Reasons customers are running Microsoft on AWS What Microsoft workloads run on AWS Developing .NET / PSH on AWS Licensing Publishing your Microsoft stacks in AWS Service Catalog
  3. 3. Reasons for running Microsoft on AWS
  4. 4. Why run Microsoft workloads on AWS Building and managing cloud since 2006 12 regions, 33 availability zones, 54 edge locations Thousands of partners; 2,500+ Marketplace products Security & Reliability Performance Experience Scale Ecosystem Extensive VM and network performance options Security in layers approach and 99.95% application SLA
  5. 5. Security A few of our many certifications: Secured premises Secured access Built-in firewalls Unique users Multi-factor authentication Private subnets Encrypted data storage Dedicated connection
  6. 6. Reliability Easily build highly available applications ELB distributes load (ideal for SharePoint) Auto Scaling for availability and scalability Use multiple Availability Zones (AZs)
  7. 7. High Performance High performance instances (X1) and HPC solutions Automated instance scaling (EC2 Auto Scaling) Dedicated low-latency network (AWS Direct Connect) Ensure storage performance (AWS EBS Provisioned IOPS)
  8. 8. What Microsoft workloads run on AWS?
  9. 9. Every imaginable use case Collaboration Full/Partial Franchise Migration Web / Mobile / Media Mail ERP VDI BI
  10. 10. Information Security Corporate Applications End User ComputingBusiness Applications Amazon EC2 Windows, Amazon RDS, AWS CloudFormation, AWS CloudFront Amazon EC2 Windows, AWS Directory Service, Amazon RDS, AWS Marketplace Amazon WorkSpaces, Amazon AppStream, AWS Marketplace, AWS Mobile Services, SaaS AWS Identity and Access Management (IAM), AWS CloudHSM, AWS Key Management Service, Security Groups, AWS Marketplace Amazon EC2, Amazon S3, Amazon RDS, Amazon VPC, Amazon Direct Connect, Directory Service, AWS IAM, AWS Service Catalog Infrastructure AWS service offerings for Microsoft workloads AWS Elastic Beanstalk, AWS CodeDeploy, AWS CloudFormation DevOps
  11. 11. Microsoft Server Products
  12. 12. Corporate Apps in AWS Deploy highly available applications BYOL or pay per use Security in layers approach helps with compliance Leverage multi-AZ architectures for reliability & availability
  13. 13. Example Architecture: SharePoint on AWS
  14. 14. Availability Zone 1 private subnet NAT DB1SP1FE1Exch1 SQL Server SharePoint Server Lync Server Exchange Server RDG Availability Zone 2 private subnet NAT RDG Remote Users / Admins On-premises datacenter VPN Direct Connect DC1 DB2SP2FE2Exch2 SQL Server SharePoint Server Lync Server DC2 Active Directory Active Directory private subnet private subnet Exchange Server VPC CIDR All-in-one
  15. 15. Going beyond infrastructure SharePoint BLOB storage on S3 Export mails to Amazon S3 AWS Marketplace • On-Demand, License Included or BYOL SharePoint • Quick Starts •
  16. 16. SQL Server
  17. 17. SQL Server High Availability Availability Zone 1 Private Subnet Primary Replica Availability Zone 2 Private Subnet Secondary Replica Synchronous-commit Synchronous-commit Automatic Failover Primary: WSFC: AG Listener: Primary: WSFC: AG Listener: AG Listener:
  18. 18. SQL Server Disaster Recovery & Backup Availability Zone 1 Private Subnet Primary Replica Availability Zone 2 Secondary Replica 1 Private Subnet AG Listener: Corporate Network VPN Automatic Failover Secondary Replica 2 (Readable) Reporting Application Backups Manual Failover
  19. 19. ■ AD Integrated ■ Automated failover ■ Automated patching ■ Automated backup ■ Point-in-time recovery Amazon RDS for SQL Server Amazon RDS
  20. 20. Simple Systems Manager • Configuration is continuously applied • No machine access • Full traceability - calls audited in AWS CloudTrail • Fine-grained control • Run Command (pre-defined): • AWS-JoinDirectoryServiceDomain • AWS-RunPowerShellScript • AWS-UpdateEC2Config • AWS-ConfigureWindowsUpdate • AWS-InstallApplication • AWS-InstallPowerShellModule • AWS-ConfigureCloudWatch •
  21. 21. Developers
  23. 23. AWS Toolkit for Visual Studio Full Integration in Visual Studio
  24. 24. Blob Storage in Amazon S3 var bucketName = "<BucketName>"; var fileName = "<FileName>"; var s3Client = new Amazon.S3.AmazonS3Client(); // Write Data to Amazon S3 s3Client.PutObject(new Amazon.S3.Model.PutObjectRequest { BucketName = bucketName, Key = fileName, InputStream = fileStream }); // Read Data from Amazon S3 var s3Object = s3Client.GetObject(bucketName, fileName); Amazon S3
  25. 25. Loose Coupling Sets You Free var queueUrl = "https://sqs.<region><AcctNum>/<QueueName>"; var sqsClient = new Amazon.SQS.AmazonSQSClient(); // Send to Amazon SQS sqsClient.SendMessage(queueUrl, "My Message Data"); // Process Amazon SQS while(!exit) { var messages = sqsClient.ReceiveMessage(queueUrl); foreach(var message in messages.Messages) { // Process message then delete sqsClient.DeleteMessage(queueUrl, message.ReceiptHandle); } } Amazon SQS
  26. 26. AWS Also Provides Extended Support AWS Elastic Beanstalk • Deploy from within Visual Studio / Automatic Log Rotation to Amazon S3 AWS CodeCommit / CodePipeline / CodeDeploy • Manage a large (on-premises and cloud-based) fleet .NET SDK and PowerShell CmdLets • Get-Command -Module AWSPowerShell | Measure-Object -Line • 1821 AWS is the de-facto standard • Jenkins, Bamboo have native integration to AWS • Other IDE Support AWS (Unity, Xamarin Studio, Eclipse…)
  27. 27. Licensing
  28. 28. Microsoft licensing options Flexibility helps you optimize costs Buy licenses from AWS • AWS manages licensing • Pay as you go pricing • Multi-tenant or Dedicated • No need for Software Assurance • Unlimited CALs Bring your own licenses (BYOL) • Save money on software licensing • You manage licensing costs and compliance with your ISV • No need for Software Assurance Leverage License Mobility • AWS manages Windows Server licensing • You manage licensing costs and compliance with your ISV • Uses Software Assurance
  29. 29. BYOL using Dedicated Hosts License compliance and portability Host ID = h-123abc Sockets = 2 Physical Cores = 20 • Maintain license compliance • Granular resource and placement controls • Visibility into physical resources • Physical core and socket counts • Capacity utilization • Instance location • Now supports reservations for discounted pricing
  30. 30. MSDN
  31. 31. Supportability on AWS Microsoft workloads are supported on AWS. Amazon Web Services fully supports Microsoft Windows Server as both infrastructure and a platform. Our customers have successfully deployed in the AWS cloud virtually every Microsoft application available, including Microsoft Exchange, SharePoint, Lync, Dynamics, and Remote Desktop Services. If you have support related issues you should contact AWS Support.
  32. 32. Autonomy Self Service Governance Control
  33. 33. What is AWS Service Catalog? AWS Service Catalog allows organizations to create and manage catalogs of IT services. It enables users to quickly deploy the approved IT services they need in a self-service manner. Organizations Developers Control Standardization Governance Agility Self-service Time to market
  34. 34. Why should I use AWS Service Catalog? Self-service • Increase agility with access to services • Improve employee satisfaction Promote standardization • Share best practices • Compliance with business goals and policies Control provisioning of AWS resources • Tag at provisioning • Restrict user permissions
  35. 35. IT Product Lifecycle Management in AWS CloudFormation template Admin Define AWS Service Catalog Publish CloudFormation stack Users Browse and Launch AWS CloudTrail Amazon S3 Monitors Logs all API calls AWS CloudWatchalarm Monitors Initiates Notifies AWS Config Track changesNotifies Changes Provisions Procure Package