More Related Content Similar to Simplificando Arquiteturas Microsoft com os Serviços da AWS - ARC204 - Sao Paulo Summit (20) More from Amazon Web Services (20) Simplificando Arquiteturas Microsoft com os Serviços da AWS - ARC204 - Sao Paulo Summit1. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Mv – Marcus Vinicius Ferreira
Sr. Solutions Architect, Public Sector, Amazon Web Services
ENT204
Simplificando Arquiteturas Microsoft
usando AWS
2. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Desafio
• Com AWS consigo simplificar a infrastrutura que eu já conheço bem ?
• Active Directory ?
• Aplicações Corporativas ?
• Office 365
• Exchange
• SharePoint
• Dynamics
• System Center
• SQL?
• Como faço o deploy de tudo isso?
• Alguma boa sugestão para simplificar meus workloads Microsoft ?
• Com AWS consigo simplificar meu legado .NET ?
• Preciso inovar !
• Preciso usar os conceitos e plataformas arquiteturais mais recentes !!
• Preciso de uma plataforma eficiente de CD/CI!
• Com AWS consigo gerenciar meu ambiente Windows de maneira mais simples ?
3. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Simplificando minha Infraestrutura
4. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Inovando com Windows em AWS
62
42
774
Tipos de instâncias, 14 famílias
AMIs de Windows
Produtos Windows no AWS marketplace
Windows Deep Learning AMI
Hyper-V support in SMS
Application-consistent Snapshots through VSS
WS 2008 & SQL Server 2008
Visual Studio Toolkit
Microsoft SCOM plug-in release
AWS Directory Service
EC2 Dedicated Hosts (BYOL)
Microsoft SharePoint 2016 (Marketplace)
Windows Server 2008 R2
SQL Server 2008 R2
Windows Server 2003
.NET SDK
Microsoft SCVMM Plug-in
Windows Server 2012
SQL Server 2012
AWS Tools for Windows PowerShell
Amazon RDS adds SQL Server
EC2 Run Command
EC2 Systems Manager
Windows Server & SQL Server 2016
EC2 Dedicated Instances (BYOL)
.NET on Lambda
NEW!
SAP instance on AWS 2012
Trusted Advisor
checks for Windows
SQL Server 2017
X-Ray .NET SDK
2008
Windows for Lightsail
Inovação
Hoje
SQL Server 2005
5. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
VPC Design: Single VPN — Multi-VPC
Shared Services VPC Transit VPC
6. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Private subnetPrivate subnet
Availability Zone 2
San Francisco
DC1
VPN / Direct
Connect
Availability Zone 1
DC3
• Active Directory domain: extend
• Active Directory sites: em cada AZ
• Domain Controllers: Servidores Amazon EC2 Windows
DC4
AD Domain: amazon.com
AD Replication
AD Site: AwsEastAZ1
AD Domain: amazon.com
AD Site: AwsEastAZ2
Cost 50
New York
AD Domain: amazon.com
AD Site: SanFran
DC2
AD Domain: amazon.com
AD Site: NewYork
AD Pattern: Domínio de Active Directory
Corporate Network
7. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Private subnetPrivate subnet
Availability Zone 2
San Francisco
DC1
VPN / Direct
Connect
Availability Zone 1
• Forest Trusts: AD sync para AWS AD
• Identities master: on-premises
AD Domain: Domain A
AD Authentication
AD Domain: Domain A
Cost 50
New York
AD Domain: Domain B
AD Site: SanFran
DC2
AD Domain: Domain B
AD Site: NewYork
AD Trust
DC1 ou DC2 ou
AD Pattern: Forest Trusts
Corporate Network
8. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Private subnetPrivate subnet
Availability Zone 2Availability Zone 1
Federated
Trust
San Francisco
DC1
Cost 50
New York
AD Domain: amazon.com
AD Site: SanFran
DC2
AD Domain: amazon.com
AD Site: NewYork
Internet
ADFS2
ADFS1
AD Domain: Domain A
• Confiança Federada: AD FS
• AD FS: on-premises AD / Amazon EC2 Windows
• Identities master: on-premises
DC1 ou
ADFS1
AD Domain: Domain A
DC2 ou
ADFS2
AD Pattern: Confiança Federada (Trust Federation)
Corporate Network
9. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Office 365: Credenciais a partir do AWS Microsoft AD
10. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Configuração
• AWS Windows Servers com AD FS
• Instalar: AD FS
• Integrar: AD FS com
Azure Active Directory
• Sync users: AWS AD com
Azure AD via Azure AD Connect
• Sign in to Office 365:
usando AWS AD
11. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Usando SQL Server em AWS
Amazon RDS
SQL Server
SQL Server Amazon EC2
Gerenciado UsuárioGerenciado AWS
Energia, HVAC, rede
Manutenção SO
Patching SO
Manutenção DBMS
Patching DBMS
Backups
Alta Disponibilidade
Escalabilidade
Energia, HVAC, rede
Manutenção SO
Patching SO
Manutenção DBMS
Patching DBMS
Backups
Alta Disponibilidade
Escalabilidade
• Controle do Usuário
• Manual: Backups
• Manual: Replicação
• Manual: Clusterização
• Automatizado
• Backups
• Replicação
• Clusterização
12. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Multi-AZ AlwaysOn Availability Group
13. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Multi-Region AlwaysOn Availability Group
14. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Failover Cluster: Instância
SIOS DataKeeper
Cluster Edition
Windows Server 2016
Storage Replica
16. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Simplificando o Deployment da minha
Infraestrutura
17. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Template AWS CloudFormation Stack
JSON/YAML
Parameters
Resources
Ações de Configuração
Recursos AWS
Customizável
Manifest
Criação Stack
Atualização Stack
Deteção de Erros / rollback
AWS CloudFormation — Componentes
18. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
AWS CloudFormation
Create/delete
AWS CloudFormation
Recursos AWS
Template Stack
- Lista de recursos
- JSON
- Recursos AWS
criados
19. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
AWS Cloudformation: AWS Quick Starts
20. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Simplificando a Migração
21. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Migração: Parceiros AWS
Transferência de Dados
AWS Storage and
File Gateway
Amazon S3
Transfer
Acceleration
AWS Direct
Connect
Amazon Kinesis
Data Firehose
AWS Snowball
and
AWS Snowmobile
AWS Database
Migration Service
Migração
Servidor / DBMS
AWS Server
Migration Service
Monitoração
Amazon
CloudWatch
AWS Config
Descoberta
AWS Application
Discovery Service
22. Conceito de uma Migração
• Contas AWS
• Rede/VPC
• Segurança
• Active Directory
Passo 1. Landing zone
On-Premises Data Center
Domain
Controller
Amazon
Route 53
Domain
Controller
SQL
Server
SQL
Server
App
Server
App
Server
Web
Server
Web
Server
VPN /
DirectConnect
Security Prod
Root
Dev
Private Subnet, 10.0.0.64/18
10.0.0.0/16
Public Subnet, 10.0.0.0/18
On-Premises Data Center
Domain
Controller
Amazon
Route 53
Domain
Controller
SQL
Server
SQL
Server
App
Server
App
Server
Web
Server
Web
Server
VPN /
DirectConnect
AWS Shield AWS WAF
CloudTrail
CloudWatch
VPC Flow Logs
Systems Mgr
Inspector
Config
Security Group
Security Group
Security Group
Security Prod
Root
Dev
10.0.0.0/16
Private Subnet, 10.0.0.64/18
Public Subnet, 10.0.0.0/18
On-Premises Data Center
Domain
Controller
Amazon
Route 53
Domain
Controller
SQL
Server
SQL
Server
App
Server
App
Server
Web
Server
Web
Server
or
Active Directory
on EC2
VPN /
DirectConnect
AWS Shield AWS WAF
AWS Managed
Active Directory
CloudTrail
CloudWatch
VPC Flow Logs
Systems Mgr
Inspector
Config
Security Prod
Root
Dev
23. Conceito de uma Migração
Passo 2. DBMS
On-Premises Data Center
Domain
Controller
Amazon
Route 53
Domain
Controller
SQL
Server
SQL
Server
App
Server
App
Server
Web
Server
Web
Server
or
Active Directory
on EC2
or
SQL Server
on EC2
SQL Server
on AWS RDS
VPN /
DirectConnect
Security Prod
Root
Dev
AWS Shield AWS WAF
AWS Managed
Active Directory
CloudTrail
CloudWatch
VPC Flow Logs
Systems Mgr
Inspector
Config
24. Conceito de uma Migração
Passo 3. Migração Servidor/app
On-Premises Data Center
Domain
Controller
Amazon
Route 53
Domain
Controller
SQL
Server
SQL
Server
App
Server
App
Server
Web
Server
Web
Server
or
Active Directory
on EC2
or
SQL Server
on EC2
SQL Server
on AWS RDS
VPN /
DirectConnect
App Server App Server
Web Server Web Server
Security Prod
Root
Dev
AWS Shield AWS WAF
AWS Managed
Active Directory
CloudTrail
CloudWatch
VPC Flow Logs
Systems Mgr
Inspector
Config
25. Conceito de uma Migração
Passo 4. Virada da Produção
On-Premises Data Center
Domain
Controller
Amazon
Route 53
Domain
Controller
SQL
Server
SQL
Server
App
Server
App
Server
Web
Server
Web
Server
or
Active Directory
on EC2
or
SQL Server
on EC2
SQL Server
on AWS RDS
VPN /
DirectConnect
App Server App Server
Web Server Web Server
Security Prod
Root
Dev
AWS Shield AWS WAF
AWS Managed
Active Directory
CloudTrail
CloudWatch
VPC Flow Logs
Systems Mgr
Inspector
Config
26. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
AWS Server Migration Service
• Migração de VMs
• Migração VMware
• Migração sem Agentes
• Mudança incremental
• Orquestração: múltiplas migrações
• AWS Management Console
• API/CLI
Origem: on-premises server AWS Server Migration Service Destino: Amazon Machine Image
27. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
AWS Migration Hub
Descoberta Migração Status
Descoberta Grupos / Apps StatusMigração
28. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
AWS Migration Hub: Status
29. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Simplificando o Desenvolvimento .NET
30. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
AWS Toolkit: Visual Studio
31. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
AWS Code Services
Fonte Compilação Teste Produção
Ferramentas de
Terceiros
Release de Software:
AWS CodeCommit AWS CodeBuild AWS CodeDeploy
AWS CodePipeline
32. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
CI/CD Pipeline
Integração Contínua / Entrega Contínua
33. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
AWS CodeStar
34. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
AWS VSTS
AWS Tools for Microsoft Visual Studio Team Services (VSTS)
Detalhes: https://aws.amazon.com/vsts
Open source: https://github.com/aws/aws-vsts-tools
35. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
VSTS tools: Integrações
Amazon ECR
Systems Manager
Parameter Store
• EC2 Container Registry
Imagens Docker
• Lambda: deployment
• Parameter Store: valores
• Run commands:
Amazon EC2 / servidores on-premises
AWS
Lambda
Deployment
Systems Manager
Run Command
36. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
AWS: Ferramentas .NET
• AWS SDK for .NET
• AWS Tools for Windows PowerShell
• AWS Tools for PowerShell Core
• AWS Toolkit for Visual Studio
• AWS Tools for Microsoft Visual Studio Team Services
• https://aws.amazon.com/net/
37. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
AWS Elastic Beanstalk: .NET Web Applications
• Visual Studio 2013, 2015, 2017
• Deploy: .NET Core 1.0, 1.1, 2.0 web apps
• Deploy: .NET Framework web apps
38. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Suporte Lambda: .NET Core 2.0
• Antes: .NET Core 1.0
• Agora: .NET Core 2.0
39. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Simplificando Arquiteturas .NET
40. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
ECS: .NET Core Apps em Containers
41. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Amazon ECS Cluster
• ECS cluster
• Instâncias EC2
• Container Registry (Amazon ECR)
• Definição da tarefa: (Task definition)
• Imagens Docker, RAM, CPU, etc.
• Tarefas em execução: (Running tasks)
• Transitório
• Services
• Permanente
• Load balancer
Cluster
Container registry
(Amazon ECR, Docker hub)
Task definition
T1
T2
T4
T3
Service
Task definition
Service definition
T1
T2
T3
T4
T5
Load balancer
Container instances
42. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Fargate Cluster
Cluster
Container registry
(Amazon ECR, Docker hub)
Task definition
T1
T2
T4
T3
Service
Task definition
Service definition
T1
T2
T3
T4
T5
Load balancer
Container instances
43. • Stateless
• Auto-resiliência: Self-healing
• Containers
• Microservices
• AWS serverless: plataforma
• AWS Lambda
• AWS Step Functions
• Amazon API Gateway
• Amazon DynamoDB
• Amazon SNS
• Amazon SQS
• Amazon Route 53 DNS
Serverless
44. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Source
Source
CodeCommit
MyApplication
Exemplo: Pipeline
Build
test-build-source
CodeBuild
Deploy Testing
create-changeset
AWS
CloudFormation
execute-changeset
AWS
CloudFormation
Run-stubs
AWS Lambda
Deploy Staging
create-changeset
AWS
CloudFormation
execute-changeset
AWS
CloudFormation
Run-API-test
Runscope
QA-Sign-off
Manual Approval
Review
Deploy Prod
create-changeset
AWS
CloudFormation
execute-changeset
AWS
CloudFormation
Post-Deploy-Slack
AWS Lambda
Pipeline:
• CI/CD
• Deploy
• Múltiplos ambientes
• Usando AWS CloudFormation
45. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
SAM: AWS Serverless Application Model
• AWS CloudFormation: serverless
• Novos Resource Types: functions, APIs, tables
• Open specification (Apache 2.0)
https://github.com/awslabs/serverless-application-model
46. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Simplificando o Gerenciamento
47. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Systems Manager: Recursos e Capacidades
Run Command
Maintenance
Window
Inventory
State Manager Parameter Store
Patch Manager
Automation
Administração AtualizaçõesOrganização
48. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Systems Manager
Capacidades
Run
Command
State
Manager
Inventory Maintenance
Window
Patch
Manager
Automation Parameter
Store
Documents
AWS cloud
corporate data
center
Administradores, Engenheiros DevOps
Controle de acesso: Role-based
Servidores Windows / Linux
On-premises / AWS VPC
Auditoria
49. Monitorar: métricas EC2
(CPU, disco)
Monitorar: Recursos AWS
(EBS volumes, ELB)a
Monitorar logs
Configurar alertas
Armazenar logs
Availability Zone
S SharePoint
Front-end
SQL Server Domain
Controller
CloudWatch /
CloudWatch Logs
Amazon Kinesis
Amazon
S3
Amazon
Redshift
AWS
Lambda
Availability Zone
S SharePoint
Front-end
SQL Server Domain
Controller
CloudWatch /
CloudWatch Logs
Email
Amazon
SMS
Workflow
CloudWatch
Alarms
Amazon CloudWatch / CloudWatch Logs
50. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Monitoração
Amazon
CloudWatch
AWS
CloudTrail
AWS
Config
AWS Trusted
Advisor
Flow logsAmazon
VPC
AWS
Lambda
Amazon ES
Amazon
QuickSight
EC2
Amazon
Kinesis
52. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Obrigado!