Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Systems Operations for Windows Workloads

232 views

Published on

Systems Operations for Windows Workloads

  • I think you need a perfect and 100% unique academic essays papers have a look once this site i hope you will get valuable papers, ⇒ www.HelpWriting.net ⇐
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here
  • Be the first to like this

Systems Operations for Windows Workloads

  1. 1. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Presenter(s) George Churchill Date 12th April 2018 Windows Operations on AWS Amazon Web Services for Microsoft Windows Server
  2. 2. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Agenda 1 2 3 The benefits of hosting Windows based applications in the AWS cloud Migrating Windows workloads to the Cloud Operating Windows in the Cloud - AKA Governance
  3. 3. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Why Amazon Web Services for Windows?
  4. 4. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Windows on AWS Experience & Innovation 10Years running windows workloads Service offerings 100 Over Availability & Performance 54Availability zones spanning 18 geographic regions With consistency 48,000 Capable of delivering Security, Compliance & Customer Obsession IOPS/ instance FISMA, ITAR, EU Model Clauses 52Compliance Certifications SOC-1,2,3 FIPS, ISO 65price reductions since 2006
  5. 5. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Windows Momentum on AWS 400% Growth AWS enterprise customers using Amazon EC2 for Microsoft Windows Server 20172014
  6. 6. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Migrating Windows Workloads to the Cloud
  7. 7. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Pilot App Portfolio Analysis Security Strategy & Playbook/ Runbook Establish CCoE Skills Assess& Training Plan Migration Planning Migration Acceleration Design CCoE Cloud Strategy POC Platform Jumpstart Draft Business Case Pilot Mode 1 & 2 Apps Health Checks / Quality Assurance Operating Model Maturity Foundation Platform Landing Zone Design Discovery Workshops Project One or more PoCs Foundation 2 – 5 Production workloads in AWS Migration All workloads in AWS Optimization Value to Customer Business Value MVP Hybrid Operating Model Journey to the Cloud
  8. 8. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. CCOE Security Development Architecture Operations Leadership Finance Foundation: Cloud Center of Excellence
  9. 9. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. A Landing Zone is a baseline AWS environment that includes the following components: Multiple accounts Identity and access management Network design Data security Centralized logging Governance H Foundation: Landing Zone
  10. 10. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Billing Security and Audit Shared Services Dev & Test Mobile IoT Production Generic Production Critical Central Accounts Application Accounts Dev & Test Analytics DigitalBusiness Applications Foundation: Landing Zone: Multi-Accounts
  11. 11. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Shared Services • Domain Controllers • Monitoring • Logging • Remote administration • Scanning Foundation: Landing Zone: Multi-Accounts
  12. 12. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Security in your VPC • Security Groups • Network Access Control Lists • Active Directory Instance Security Group Subnet Routing Network ACLs VPC IAM Security of your VPC • IAM • Federation Foundation: Identity and Access Management
  13. 13. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Direct FederationCross Account Switch Role dev@example.com IAM User Jeff Acc ID: 123456789012 Prod@example.com Acc ID: 111122223333 DBA-Role Amazon RDS Authenticate Jeff with access keys Get temp security credentials for DBA-Role Foundation: Landing Zone Identity and Access Management
  14. 14. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Direct Federation Demo
  15. 15. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. AD On-premises Windows Server DC AD You Manage 1 VPC EC2 for Windows Server DC AD You Manage 2 VPC Endpoint AWS Microsoft AD AWS Manages 3 AWS Directory Service for Microsoft Active Directory a.k.a. MAD Foundation: Active Directory
  16. 16. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Application Availability Zone Private Subnet 10.0.2.0/24 SQL Server App Server IIS Server Availability Zone Private Subnet 10.0.3.0/24 SQL Server App Server IIS Server Remote Users/Admins Domain Controllers Corporate data center DBAPPWEB DBAPPWEB Auth/ LDAP Auth/ LDAP VPN Direct Connect Example: On-premises AD AD
  17. 17. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Availability Zone Private Subnet 10.0.2.0/24 DBAPPWEB SQL Server App Server IIS Server Availability Zone Private Subnet 10.0.3.0/24 DBAPPWEB SQL Server App Server IIS Server Remote Users/Admins Domain Controllers Corporate data center Example: AD on EC2 with replication or AD trust Domain Controller Domain Controller Trust or Replication Auth/ LDAP Auth/ LDAP Application Auth/ LDAP VPN Direct Connect AD EC2 AD EC2 AD
  18. 18. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Auth/ LDAP Auth/ LDAP DB RDS for SQL Server Availability Zone Private Subnet 10.0.2.0/24 APPWEB App Server IIS Server Availability Zone Private Subnet 10.0.3.0/24 APPWEB App Server IIS Server Remote Users/Admins Domain Controllers Corporate data center Example: AWS Microsoft AD trust to on-premises DB RDS SQL Server AWS Managed Services AWS Managed Services AWS Managed Microsoft AD DC AWS Managed Microsoft AD Trust Application Auth/ LDAP VPN Direct Connect AD DC DC
  19. 19. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Foundation: Active Directory
  20. 20. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Migration
  21. 21. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Discover/Assess/Prioritize Applications Use Migration Tools Transition Production Retain / Not Moving Redesign Application/ Infrastructure Architecture App Code Development Purchase COTS/ SaaS & licensing Validation Modify underlying Infrastructure Full ALM / SDLC Manual Config Manual Deploy Manual Install Retire / Decommissi on Determine Migration Path Automate Manual Install & Setup Integration Determine new platform 3. Migration: Application Paths
  22. 22. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. AWS Server Migration Service AWS Database Migration Service AWS Migration Hub 3. Migration: AWS Migration HUB
  23. 23. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Operations on AWS
  24. 24. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Windows Operations on AWS Change Management Configuration Management Governance & Compliance Operations Management
  25. 25. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Change Management  Silo’ed Teams  Deep Technical Expertise  Manual Processes  Infrastructure Centric  CMDB inaccuracies  Dev-Ops  Broad Technical Expertise  Infrastructure as code  Application Centric  CMDB 100% accuracy Cloud Native Traditional
  26. 26. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Configuration Management: Deployment • Infrastructure as Code • Terraform • Cloud Formation • … • Deployment platforms • Ops Works • Elastic Beanstalk • ECS / EKS • Fargate • Publish • Visual Studio
  27. 27. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Configuration Management Systems Manager Run Command State Manager Inventory Maintenance Window Patch Manager Automation Parameter Store
  28. 28. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Operations Management: Backups Compliance S3 Glacier and the Vault Lock feature Active Archive S3 and the S-IA tier Glacier (with Bulk and Expedited retrieval tiers) Backup and Restore S3 & Glacier Storage Gateway Snow family EFS • File Level Backups • Volume Level Backups • Database Backups • AD Backups • Hybrid Backups
  29. 29. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.aws.amazon.com/backup-recovery/partner-solutions/ Note: Represents a sample of storage partners Backup and RecoveryPrimary Storage Archive BCDR Solutions that leverage file, block, object, and streamed data formats as an extension to on-premises storage Solutions that leverage Amazon S3 for durable data backup Solutions that leverage Amazon Glacier for durable and cost-effective long-term data backup Solutions that utilize AWS to enable recovery strategies focused on RTO and RPO requirements Operations Management: Storage
  30. 30. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Governance and Compliance AWS Organizations AWS Service Catalog & CloudFormation AWS Config & Config Rules Policy-based management for multiple AWS accounts AWS tools to manage approved services AWS resource inventory, configuration history, and configuration change notifications & preventive rules.
  31. 31. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Summary
  32. 32. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Dev/Test on AWS © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Thank you!

×