Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

PLNOG15: Lego Bricks - How to use Amazon Services to create a lovely product for your customers - Mirosław Burnejko

456 views

Published on

Lego Bricks - How to use Amazon Services to create a lovely product for your customers

Published in: Internet
  • Be the first to comment

  • Be the first to like this

PLNOG15: Lego Bricks - How to use Amazon Services to create a lovely product for your customers - Mirosław Burnejko

  1. 1. I : :f1 I 507a n ę„ .7 4 3 . r += I f', i Äsrna: 1 Budma/ ame gum. .., apükxnwnbüwœj 2 samum nshw baJuD/ ak mma a HutIavuniz-A a ! rudnnnum min 4 Pndmnvnwnx Amazon E02 LEGO MAN: Jak użyć Amazon Web Services do stworzenia cudownych usłu? " dla Twoich klientów? (Czy jest tu miejsce dla sieciowców i operatorów telekomunikacyjnych? )
  2. 2. I : :f1 I 507E n ę„ .7 4 3 . r += I f', l Äsrna: 1 Budma/ ame gum. .., apuknqlwnbawej 2 samum nshw baJuD/ ak mma a Budowlanka a Irjxdnnnum min 4 Pmlmnvnwnx Amazon E02 LEGO MAN: Jak użyć Amazon Web Services do stworzenia cudownych usłu? " dla Twoich klientów? (Czy jest tu miejsce dla sieciowców i operatorów telekomunikacyjnych? )
  3. 3. Amazon EC2
  4. 4. Amazon Web Services Compute EC2 . mirai senat in ! M Cbud EC2 Container Service Run ano Manage Docker Cbfmnevs Elastic Beanstalk Run und Mame Web : w: "D Lambda Run cuoe ri Response: : Erents 499- Storage 8. Content Delivery S3 Scnnhh Storage n ine Cloud à CIoudFront V Giabalcmtervi Deivery Nerwork . Ł Ć Elastic File System " run MIHBQEĘ rie system 'DY sc: [[I Glacier Anime Storage r tne Clum: [[l Storage Gateway imegrstes OIMPIHVĘĘ ii Elivlnltmenls mi Chix: Storage Database 7 RDS I l Misoi »worei omne ä DynarmDB Predtctabk ena Sc sianie nasm Data Store 1: EIastiCache v IIi-Memory c. : ne [II Redshift ! dv6980 Peuibyleścate Dula Nurefiouse Service <erven enc ÄVFJIĆX) autom Networking ih VPC T twisted Cloud Rełwrtes y Direct Connect ` ' Bodrum Network Corinemnri to #AS Route 53 scienie ons nno norm Name negetirion Developer Tools I Codecommrt Store Cade ri Piwnic Gl ReDosiioric-s _L5 codeDepioy Automat: Code Deobvmerits g CodePipeline v nee-se sennie usm: Contium: : siema-r Management Tools Cloudwatcn Monitor Ruminu and @Okutioris CbudFormatiori Create em Malmoe Resources ruin iempioies CbudTratI rmi User Amry auc APV Uxsqe Config Trxi Resource inventory nne (: rmie; - Opsworks Amount: operations ›Ulli cnei Service Catalog create am use smogu-ec Products ? ^IW“BF Sec urny ai Identity Identity Ei Access Management Mviaçe uranium Ino EricfYDhon xm Directory Service Hull . mi Manage Acme Dleátoi, Trusted Advisor omnie Parramon: : and Security Ariatytics EMR Mer-accu i-ieoooo Frumewon Data Pipeline oirmiirtion tor Dita Dmen Northon Kinesis Heating Piocessng : il samung a. ; osi. Mac hine Learning sim summonku-ons Ouitlly Ind eesii, (ił 'ir' d! 5T Mobile Services a Cognito user ioenm w: ;on Dita 51M mancation (i Device Farm V Test Andron Fre o5 mi os . inos on realoevtes ri the cim g. Motiiie Ariatyucs ` Cotlect Wew lid EXPO? ! AW Brahms „Ĺ SNS Watt Noire-tui seru r Applic ation Servin es API Gateway tamto Depby am Mariage APis AppStœam Lou LnIeMV Anaheim strun-ię CIoudSearc h Mnnlqed Searrh Serrice Elastic Transcoder Ensy~lo~ine Scalable Media Yinns: oai-g SES Emu semrig seme SOS - Message Queue Service m swr WOTIVIUH Serv( e jor Coacha"? *OŻQHOT QWHDOVINHS Entemrise Applications a Workspaces Destinee ri the cme WorkDoc s Secure Enterprise Storage enc Sharing seme WorkMai ' Sec ure Emu und cateooarviq Service
  5. 5. {“ETFĹfi
  6. 6. (l) NQVARTIS "Chcemy znaleźć leka na raka. .. szybciej" The project ran across 10,600 Spot Instances (approximately 87,000 compute cores) and allowed Novartis to conduct 39 years of Computational chemistry in 9 hours for a cost of $4,232. Out of the 10 million compounds screened, three were successfully identified.
  7. 7. 11mm Pols: : pom 9,@ PIOHOUE I IILETV v IIIVDAYIIE INFORMACJE v HOJA PODIOŻ v AIIIIOSLLOI' v › „. „.. „.. „.„ a ` - Taryfa First Minut Kupuj wcześniej - lataj taniej! Sprawdź na Iotcom nowa, niższa cenę swojego lotu SPRAWDZ ) à lwvunwo] 1111.201) . ' I Puno: SPRAWDZ > ZAREIEEWUJ Lov onwAwA suw; LOTU DODATKOVI( IEISV POLSKA ~ LONDYN DIEANLINEIEM NA ŚWIĘTA ! INA VI Oll! STRONY Oll CIG B0 VSA PLN CENA I Oll! STICKY 00 13M PUI ZOSTAŃ UNICA OKAIJII
  8. 8. ~= Mirosław Burnejko ~ Cloud Infrastructure Consultant ~ Twórca Chmurowisko. pl - Współgospodarz W Progress Bar ~ Współzałożyciel spotkania Cloud Beer ~ Współzałożyciel AWS User Group Poland - 7 lat Inżynier Sieciowy ~ 3 lata użytkownik AWS - Historia zaczęła się po kolejnej, nieudanej próbie opanowania świata. .. / .., 'ccm @miroburn
  9. 9. Agenda: _ 1. Budowanie globalnej aplikacji webowej L 2. Budowanie usługi backup/ archiwizacja i 3. Budowanie aplikacji do masowych maili J» 4. Podsumowanie
  10. 10. r rur vuu linni: : I IHL. .. IT IS-NIIT THE NETWIIBK. Gdzie tu miejsce dla sieciowców i operatorów telekomunikacyjnych?
  11. 11. - Każdy region ma 2-6 Stref Dostępności (AZ) - DWDM pomiędzy AZ - 82,864 włókien światłowodowych w regionie - Opóźnienia pomiędzy AZ < 1-2 ms - 25 Tb/ s w szczycie pomiędzy strefami Dane z sesji SPOT301 na konferencji rezlnvent 2014
  12. 12. f_________________________________________________` Strefa Dostępności Data Center Data Center Data Center Data Center - 1-6 Data Center w strefie dostępności - Opóźnienia mniejsze niż 1/ 4 ms Dane z sesji SPOT301 na konferencji re: Invent 2014
  13. 13. _______________________________ - Jedno DC to 50,000+ serwerów (często 80,000+) - 102 Tb/ s przepustowości na pojedyncze DC ~ Własne rozwiązania sieciowe - Własny stos sieciowy Dane z sesji SPOT301 na konferencji rezlnvent 2014
  14. 14. r s: L37 I W J -ln-f) . .wmn-n tli : I'll . i . Ląltcłra -Ł-iażn nuna-rn' 71:
  15. 15. { "Vpcs": [ i "VpcId": "vpc-b171cfd4", "InstanceTenancy": "default", "Tags": [ { "Value": "VPC-PROD", "Key": "Name" } l, "State": "available", "DhcpOptionsId": "dopt-8ó3a2ee4", "CidrBlock": "10.192.0.0/1ó", "IsDefault": false
  16. 16. "VpcId": "vpc-b171cfd4", IITagSII: I: { "Value": "Subnet Internet", "Kevll: "Namen } l, "CidrBlock": "10.192.200.0/ 24", "MapPublicIpOnLaunch": false, "DefaultForAz": false, "State": "available", "AvailabilityZone": "eu-west-1a", "Subnetld": "subnet-bb42fóe2", "AvailableIpAddressCount": 250
  17. 17. "Routes": [ { "Gatewayld": "local", "DestinationCidrBlock": "10.192.0.0/ 16", "State": "active", "Origin": "CreateRouteTable" l, { "Gatewayld": "igw-Oa8d50óf", "DestinationCidrBlock": "0.0.0.0/ 0", "State": "active", "Origin": "CreateRoute" } l },
  18. 18. GLOBALNA APLIKACJA WEBOWA
  19. 19. Amazon Web Services mi m manio» Ĺwxrri Lałiiuneis ł Elastic Bearistalk ›mi „ną Marinę: Wer mo; Lambda mii (Luc r Frat) Starano E Content Deiive S3 ukwiał: i'm w: : li` m ; ma L CIoudFronl o : mi tortem „umi, Lerman à Elastic File System "5- 5V* mii. Mirna: : nęsysiai Lii ze: Glacier . ii n. :- cmiagp Ii w i ›rim l Sioiage Gaieway ivitząir: : ci Firvlar: ir EIHILYWĘYIS mł cma ilma: : Database RDS unser : :stars Curl: ŚÄLStMH rc ; nem any. , l namn : „ inmi- m vanni'- -mui ima "Y5 Redshift immo. humbur-Am» t i371 WHSVVNhP w. ” Nttwciikin Q VPC C imm. : . ma HFVMFPS Direct Connect nm . mi ivE'l „i Corinndui' -: iz. : ›z aiau- ni. : FW: Liw-vw ›ime (Ńlšliáflfii i_ Route 53 Developer Tools CooeCommn : w: cim r mnie cn Hcaasnams . CooeDeploy Anansie : xx Dcixuirwvts CooePipeIme ? chust : amnie using : :w-mum Deluz-r. Claudii/ aten 'Janny Fesomes m; iwum; O CloudFoimalion : Jah's w; Manipur: Wasal/ il : :s . w 'ciwuiinlez cioudTrail -ia-i JSN-kmn. mm „ispgo Q Contig ç 'va i Wtswuciiwcivtuiy im : Vibiiącà ›kmtvmlt- 'miaam w rm . Opswofks Samce Caialog Ĺizait im J: : Itmijaiunmł : wana Identity 8. Ac c ess Management 'Animar _im Acres: und : n YUĹDI Krys g Directory Service mi «nc marius . kawe ! re-nnn Trusted Advisor 031ml: : nuisimum . m s: : „in, Analytics EMR Manage: ›imm : lamerow Ą Data Pipeline g Nin-svwnnhi t ai„iii. m Jimma Kmesis mi 'IFK nimam; o' SPL-INI@ a. ; [m: 3 Machine Learning w wn XVII' „im Diu. Ity {in} 1AM/ ! domie Selvi( es r_- Cognito J i. .. „m, „ç w; m g Devire Fann v i-: siànźim HIECŚ łtrdl Snilnsoriieñdevlœsrtñtübnd s Mobile Analytics : ma ›um zimno; Anałytrš 0 SNS ›mi moiom mnie Appliratiori Services AFI Gaia-way 3,: : : wm w Munn? ;a AppStream . w . Iv-nr, tor-imm STUHR/ ng CIoudSearc łi Mawwrj Senni Sri . LE Elastn( Transcodei ' sy m „są wim. : Mmm 'irnristmmj SES Ĺ"aIScviJri. Ż‹i‹(‹ SOS Massage ; om um» SWF Imrłfbw SeiI(: 'D‹ Cnidnatng, Äçvpixutnr : amwięiiu E nterpnse Appiicaiims e Workspar es Dcsłtuvs W a. : : m: Vlorküocs w HTF -rII-inrm: NVIVRQP mi: mamę vnre ii/ oikiiiaii = ==- iu Serum 5mm: :sbrcawrç : mu
  20. 20. Corporate Data Center w n o t s u C Availability Zone VPN Gatewayi Region Availability Zone
  21. 21. Corporate Data Center . JJ L VPN Gateway [[Tn Internet Gateway Availability Zone Availąbillty Zone (1 VPC Subnet r` ñ n Router I , .: .J w Route Table Route Table
  22. 22. r e t n e C a t a D e t m m O C Availability Zone instance instance Route Table VPN Gatewa Internet Gateway Availability Zone VPC Subnet instance instance Route Table
  23. 23. l I "ą Internet Gateway AV-šiiäbllifY Z0"? I "ł Availability Zone f1 VPC Subnet U4_ ` ELB E Router ElastiCachc DB Insulin- Dg Insmijtg Elasniaclwê z Memcached Master (Mfmcêthéd) Evvvwü Ĺvür: - u - v : i. . - „J i. . . .. g A š RW@ Table Route Table VPN Gateway; Customer Gateway Corporate Data Center
  24. 24. AWS Cloud 0 Route 53 CIoudFront , ------------------------------------------------------------------------------------------------------------------------ - -. :' l I `- Internet Gateway ^VailabililY ZD"? I. Availability Zone s ll ą s ` rj VPC Subnet | , E ` ELB E Amazon S3 Router DB lnsmncc DB IMUMK_ ElasnCMhe Corporate Data Center : Master (Memcached) : [v-"P. *l [TTV 'j : I. J Ly Ä [-4.4 Lagu. ] RWY@ Table Route Table VPN Gateway
  25. 25. , r 1"" 'Hańko/ ry f, / z : :rp o' x " (I: ' r; '- r
  26. 26. CZY JEST TU MIEJSCE DLA SIECIOWCA?
  27. 27. i l ii. . suminia vi sc- vi wc cim Ammam v Mdlńlllylnm nununu. ‹ vin-mtm. Pid- aunœu naimie m. (10.: 15.0120) i. . io. : 27.0124 250 minal-ib n» -' vivi. .. : zmazania P111 sunek miau. vpm (10.: 1$.0/20)l. .. 10. : 24.0124 244 »west-ib itb- BbIP. .. aciaüdebdi. .. Pn! - aimm widzie m_ (10.: 1S. O/20)l. .. i0. : 25.0124 24s elrwesl-ib n» g 2w1.. . acl‹bc3debd7|. .. Prd~ simm miau. vpc- (10.: 1$. OI20)| ... i0.: 30.0124 251 »west-ib nb- I mpi. .. acl-bœb75d8l. .. m alman mami. vpc- (10.I 1$. OI20)| ... io. I 29.0124 250 awast-ib m» ziei. .. : Hb22i490|Pi. .. Prd- sibmt- : vide vpc- (10. 160/20) I. .. 10. I 18.024 245 sintesi-la itb- 50IP. .. aLLiŹZGIDSSIPr. .. ” m amm. : nadanie vpc- (10. i6.0I20)| ... i0. __ 19.0124 249 Girwan-la 111» ąsoip. .. aciseuizauiv. .. m sium- : Valdis vpc- (10., 16.0I20)| ... io. . 21.0124 249 ewwest-ia n» snip. .. atiłhüiłœlPr. .. " m siuisu naami. vpc- (10.. i6.0ł20)| ... 10. a 25.0124 24s almost-ib ma 2ii= r.. . acH226t099iPr. .. Pid› sluw maianna m. (10. u i6.0I20)l. .. 10. n 20.0124 251 wiwat-ib r» ne mer. .. acl-182SB73IP. .. i Pid- ubm-O : vidia vpc- (10._16.0IZ)) l. .. 10JĘ16.0I24 2M oli-wubi: itb -7IIPL. ui-aœdnbclłl Pid› simm available m. (10.: 1s.012o)i„. io n 11.0124 24s almost-la n» 50w. .. acl-bc3debd7I. .. Prd- : mac14 : nimh vpc- (10.: 15.0120) i. . io. : 22.0124 250 „mna n» soie. .. aciuœbrsaei. .. Pld- smim miau. m_ (10.: 1s.0120)i. „ 10 : 20.0124 245 „wasi-ia m» 1501p. .. acl-iBŻSBHIP. ..
  28. 28. Public Private Public Services Zone A 1 O. 100. 0.0/24 Private Services Zone A 10. 100. 1 O. 0/24 Persistence Zone A 1 O. 100.20. 0/24 Zone B 10. 100. 1.0/24 Zone B 10.100.11.0/24 Zone B 10.100.21.0/24 Zone C 10. 100.2.0/24 Zone C 10. 100. 12. 0/24 Zone C 10. 100.22. 0/24 10.100.0.0/16
  29. 29. Desünation Target Status Propagated 10.192.0.0/16 local Ac1ive No 0.0.0.0/0 igw-0a8d506¶ Active No 10.0.0.0/8 vgw-50c6f724 Active No 172.16.0.0/12 vgw-50c6¶724 Ac1ive No 192.168.0.0/16 vgw-50c6f724 Active No Name A Route Table ID v Expliciüy Associalv Main v VPC Prd-I nt» 6b 1 Subnet No vpc- Prd-I nb- 2 6 Subnets No vpc- Prd-I nt» 7f 1 Subnet No vpc- Prd-I rtb- 33 0 Subnets Yes vpc« Prd-ł nb- 50 6 Subnels No vpc-
  30. 30. 1 0.0.1 .0/24 Private Subnet 10.0.2.0/24 Public Subnet 10.0.0.0/24 Public Subnet Route Table C Route Table A Route Table B Main Runes Routes 1°'°'°'°/ 15 "°°°' "mk 10.0.0.0/16 Local traffic Internet Gateway Cilon/ o NAT Instance in 10.0.0.0/24 0.0.0.0/0 10.0. 3.0/24 Private Subnet Route Table D Routes 10.0.0.0/16 Local traffic 0.0.0.0/O NAT instance in 10.0.2.0/24
  31. 31. Elastic IP - instance Private IP Address Scope Public DNS 54.154.132.29 i-fac22742 (instance Front001) 10.1922004 vpob171cfd4 ec2-54-154-132-29.eu-west-. .. 54.154.146.90 i-fbc22743 (instance Front002) 10.1922005 vpo-b1 710164 ec2-54-154-146-90.eu-wesi-. .. 54.154.182.210 vpc
  32. 32. Create VPN Connection Select the virtual private gateway and customer gateway that you would like to connect via a VPN connection. You must have entered the virtual private gateway and your customer gateway information already. Name tag VPN Connection Virtual Private Gateway vgw-50c6f724 l VPN 1D customerGateway ° Existing New cgw-7f9aab0b (4.2.2.2) | CIientSide á Specify the routing for the VPN Connection (Help me choose) Routing Options ° Dynamic (requires BGP) Static VPN connection charges apply once this step is complete. View Rates cancel 'na „ Vii-lai(-
  33. 33. Download Configuration x Please choose the configuration to download based on your type of customer gateway. Vendor Cisco Systems, Inc. 3 Platform ISR Series Routers 3 Software IOS 12.4+ 3 [inne G 31S k Fl IC OU 9S 30S
  34. 34. vpn-f6790edxxt . #4: Border Gateway Protocol (BGP) Configuration . BGP is used within the tunnel to exchange prefixes between the . Virtual Private Gateway and your Customer Gateway. The Virtual Private Gateway . will announce the prefix corresponding to your VPC. . Your Customer Gateway may announce a default route (0.0.6.0/0). , which can be done with the 'network' and 'default-originate' Statements. . The BGP timers are adjusted to provide more rapid detection of outages. . The local BGP Autonomous System Ncnber (ASN) (65111) is configured . as part of your Customer Gateway. If the ASN must be changed, the . Customer Gateway and VPN Connection will need to be recreated with AWS. router bgp 65111 neighbor 169.254.21.129 renote-as 9059 neighbor 169.254.21.129 activate neighbor 169.254.21.129 tiners 10 36 3@ address-family ipv4 unicast neighbor 169.254.21.129 remote-as 9059 neighbor 169.254.21.129 timers 10 30 30 neighbor 169.254.21.129 default-originate neighbor 169.254.21.129 activate neighbor 169.254.21.129 soft-reconfiguration inbound l To advertise additional prefixes to Anazon VPC, copy the 'network' statement ! and identify the prefix you wish to advertise. Make sure the prefix is present ! in the routing table of the device with a valid next-hop. network 0.0.0.0 exit exit
  35. 35. „w I A "- „_. _____. Li ' , a/ `az 10.0.0.0/24 I 10.0.2.0/24 Public Subnet 5 second - Public Subnet heart beat 3 . __, _. 1 0.0.1 .0/24 Private Subnet 10.0.3,0/24 Private Subnet Virtual Private Cloud
  36. 36. Virtual Private Cloud Your VPCs Subnets Route Tables lntemet Gateways DHCP Options Sets Elastic IPs Endpoints Peering Connections Security Network ACLs Security Groups VPN Connections Customer Gateways Wrtual Private Gateways VPN Connections
  37. 37. .iliiilii CISCO frez Trial Free Trial Cisco Cloud Services Router: CSR1000V - Security Technology Package i2) Version 03.14 01 si Sold by C seo Sysews Inc 50.90 to $1.87Ihrlo‹ serwie o Aws usapo tous The Security Technology Package (tormeriy Advanced Technology) pt Cisco Cloud Services Router (CSR100DV) sets the standard tor enterprise-class VPN in the AWS cloud, bringing . LlHJX/ UFiX. Other ClSCO ios x: i St-bitllmazor Machno Imago (AMI) Cisco Adaptive Security Virtual Appliance (ASAv) - Standard Package VDVSIOF 9 4 1 zoo i Sold by CISCO Sysmms lrc 50.69 to ! LCW/ hr tor schwała 4 AWS usage toes As you transtorm more wcrkloads and tunctions into vimialized assets, you need the same protections that are available tor your physical assets. Cisco has developed a Limyium Olber 9 4 - sabimmazai- Maama lrragc (AMI) IIIIIIIII CISCO cisco Adaptive Security Virtual Appliance (ASAv) - BYOL Vorsior s 4 t 200 i Sold by çgcLm-nrgg Bring Your Own License 0 AWS usage ieee As you transtorm mora workloads and functions into virtualized assets, you need the same prctections that are available tor your physical assets. Cisco nas developed a LxflulUUFil( Other 9 4 i 200 i e4 or. Amazon Mach re imago (Alin) IIIIIIIII CISCO F5 BIG-IP Virtual Edition 200Mbps Best iii Vomon 11 s o 4 o 420+ii=4 Sold by F5 bcm-ork; $2.50Ihr Ot$1I,7I7IyI'(37"/ n savings) im soüwerc - AWS usage leo: The BIG-IP Wrtuel Edition (VE) is the industry-leading application delivery services platform that ensures your business critical applications and network is test. available. LinuxiUrix CentOS 6 4 i s4 mi Amazon Mam rc image (AM; F5 BIG-IP Virtual Edition tor AWS (BYOL) i2) version 11„4 i-sei rs-nre i Solo by F5 Ncmarks Bring Your Own Llcanae ~ AWS usage tool The BIG-IP Wrtual Edition is an application delivery services plattorm tor the Services cloud, From load balancing and service ottlcading to acceleiation a Liruxiumi CentOS 5 E164 bii Amazon Mamro *mago (Awi: HTIHET Fortinet FortiGate-VM free Trial ~ (Zi Version v50 9 i Sold by Fonii r szanwg imm $0.3oIhr or trom $1.992łyr (up 24% savings) lcr samam › AWS usage toes Fortinet FcrtiGate-VM firewall technology delivers complete content and network protection by combining slatetul inspection with a comprehensive suite ol powerful security „ LIVlJXvUFll omm v5 0 9 i a4 ni: Amazon MDCNFO image (Arnii rc FortiGate-VM (BYOL) izi Version ys o Elsaid by : mi Bring Your Own License ~ AWS usage toot FortiGate virtual appliances allow you to mhigate blind spots and improve policy compliance by implementing critical security controls within your virtual infrastructure . . LmuydUrix omoi i5 o 5 i s4 bi-. Amazm Macnrc imago (Arnii
  38. 38. CZY JEST TU MIEJSCE DLA OPERATORA?
  39. 39. trochę.
  40. 40. USŁUGA BACKUP/ ARCHIWIZACJA
  41. 41. ŻMIJA Amazon Web Services r, amas» Dwslrxwr Toms ecz Codecnmm( vm. .s. ... ..m. .m. .„ s„ę: „.. ›.„‹e: nm„„ EC2 conwnev samce CoœDeObv ›m . m mm. Doan Ww. Wy. ma nrw/ mrm Elashc Beanslalk CodePIœhne Run . .z W. , . m ; W M. .. w. .. „m, "unllnmn nám Lzvlbda em: C łoudwalc h Mmmm Rumun: : vn! wum. . uwaman cw. ma' Mrrr Huana m. Yrrvüds Ł CluudFlonl CbudTVal v Giabucxvmluoltew ! www ma „ „mnw w Ulm nas: : Ple sysœm *u g conng r. .., „mw r; «mw ę. m n. .. Wranur: lrwrmnq „m mw. . Glinie( Opswuks Annus Słatiçanme : nm ! kummle Uneumn mtm . Slmaœ Gateway . SewnceCaaog ! ratamru orun-muu u Łmrunmum m uma : lavlov: trwam: : uu . umawiac Prumus uacabase n › u . .. RDS v IdeMIIY l: Access Manäänenl ›msu mmm : ma są w. ; mmam , wm Munn: m; ›cnn . m m„m m. . DynamoDB g Dweumy serwe ›mmz nad 'Ct-Nit NošCl Dn- sm „w „a Muru-ç nmc amm Elaslcathe rusled Advisor m „ma, :mę owm= „u„. m.ms‹„m RedsM( mmeee ›wv/ vz ; umc Umwlwhœlemvrzc Anavyncs EMR n - n. Ć M. n›v‹~c›‹nx›c hmmm VPC 0 Dana P penne wmhœacmanwvm 3 0mm- -mvm mu Omen ›mmm Dneclconvœcl Kmesls Dœznœcuavmo cmmmwws Rel-lwu: Prurnmvvśncwvli3vüaxa Rame 53 Inacrune Leammg scuna: Dns nmi nm. .. „w a„, ... .‹„ amu sm. .. Autumn mw . ..a sm, Mama Servres _ cognac m. mnmuwpa. .. „ Mvvvuuctlnw A DevnceFarm Ć 'aurvana ›nas Imvähwsanvrlonlurmnbœ Momennałyncs r. ±« . a „.4 Fxvurláoç : lukit: . SNS Pmnnnmkmm Sanu: : Apphr : mun smw M * API Gateway a. ..: wab; .. q www. ę Aovsneanu m. Lnu ma: n» summa CimoSeavch Mmnqrd Sund! Semir Elasa( Transcode( a. , m usescihneumhhmgcaœug SES Eru : :enana inen: : sos name mm amu SWF ! tomba Saun v: : : mamine »oœmcmwwn [nrerpnse Apphcanms WnrkSnat es mum. . . „ 'nę : m: wntkDoc s ; am : nauru , mmc ma wmv Len/ zt WWW' „s usw wm. rn. : . m Carom-v; 'eure
  42. 42. AWS Storage Traditional Gateway Service server ‹ÓÓÓCCCÓCCC› Storage Access Storage Transfer Enterprise Data Center
  43. 43. Corporate Data Center Storage Gateway AWS Direct Connect à VPN Gateway Commvautt Simparwa NetApp AItaVaLAIt Region r t Amazon S3 ç I Customer' Gateway ` Glacier
  44. 44. Copying 1 item from New Volume (D: ) to Desktop 62% complete Speed: 53.6 MB/ s Name myñleóG - Copy Time remaining: About 45 seconds Items remaining: 1 (2.24 G8) @ Fewer details 53,6 * 8 = 428,8 Mb/ s ?
  45. 45. Normalni ludzie: Troublemakers (sieciowcy) 20 GB przez 10 Mb/ s = 4,4h 20 GB przez 10 Mb/ s = 7,5h 20 GB przez 10 Mb/ s 20 000 MB 20 000 O00 000 B 160 O00 OOO 000 b 40% encoding overhead: 224 000 O00 OOO b 22 400 s 10% for latency: 24640 s 10% for encryption: 27104 s
  46. 46. 50 TB
  47. 47. 15 Mb/ s
  48. 48. FILE TRANSFER TIME CALCULATOR Goi sa Free calculator to estimate the time a file will to take to transfer. Results: Speed: 15 mbps sizezsoTB 7761Houn, 1slllnum andœseeonde Kilo : joy_ a Ovefhead: ggg E 7767 h = 323 dni!
  49. 49. CZY JEST TU MIEJSCE DLA SIECIOWCA?
  50. 50. trochę.
  51. 51. CZY JEST TU MIEJSCE DLA OPERATORA?
  52. 52. NOWA RURA! Pasmo Na Żądanie (15/ 100) Link For The First Move ll: i i ' Cloud Bridge „x „y „i Direct Connect Partner „Ĺjeü”
  53. 53. ` create a connection You are currently operating in EU West (Ireland), Use the region selector to change to another AWS region. To begin, name your new Connection, select tne AWS Direct Connect location in this region where you would like to connect, and the port speed you are requesting. ll these choices don't tit your use case, tor other options to connect you can contact one ol our partners, connection Name: PLNOG i Location: TeIecityGroup Docklands. London à i Port Speed: IGbps - 10Gbps i cancel F: : r Hitter: Q X Viewing 1 o¶1 Connections «~- Provided By Name Location Bandwidth › tt Vls state v Amazon Web Services PLNOG TeIecityGroup Docklands, London 10Gbps O raq . .›_`-„›tv; u connection Name: PLNOG Connection ID: dxcon-fgIa21we AWS Account: 467734625199 Location: TeIecityGroup Docklands, London Type: Regular Connection Port Speed: 10Gbps State: req ue Sted Virtual Interfaces: O Create Virtual Interface
  54. 54. 3, 'i”i3,Z_0 I'I` web services" Uh z? n I' ^ , :1 VI": ł x , Google r
  55. 55. 'wgvłnnur ` *Q w_ k: 'II a Liga! Ń ! #003 ” _JÄARoN - GARN : v @KIHIIBKE NEEL@ s * Gan i
  56. 56. APLIKACJA DO MASOWEGO WYSYŁANIA MAILI
  57. 57. A Amazon Web Services Cumpute EC2 : mum swm m me : :ma EC2 Comanner Service Run w Manage Docker con-mu Elasnc Beanslalk Run Ind »uu-ge Web Fw: Stahu: same m the Cbm V Gum comm Bemary Neum Elasnc Füe System °°E“E^ ü nw Mlrwgtd n: Srllcmłm : c: Glave: Archive 9mm n me ckm o Storage Gateway Waguła On Plama: : w Evwvuumems um : ma Storage Database RDS wsm Puslqres Ovxh sm Serva nndAmucm Auror: O DymmoDB ? Immune . m sealant ImSGL Du Slave ElasnCathe m, Memory Cn: ne Redshm Mlnnged Pelin-Ars( n: Du. uvmnoua: Sehr x a Nemorkmg g VPC Ó Hamed czmu Ńeluuršn Direcl Connect 0m ma Neama» Connection lo AWS Route 53 Suäk DNS Ind Duman Hin: Regnum! Developer Tonls CodeCommn Slave Code m Pmnle c: Repœnuœs CodeDepIoy halama? : C009 CHIU/ Men? ! CodePIpeIme Rete-se SOIN-re usnę con-znuw: omm rvlanagemen! Tools Cloudwalch Mumu( Rumuna; .m Agama ClouiFormaborI Crantz . na Manu): Rumun: «m Ymmm: : CloudTraIl Tink umumw ma w: mage Conñg nm Ramu: Invmlmv Ind cnmgu Opswovks woman Opevumm am cw Sem: e Catalog Cunt Ind Use ŚXIHGHUEQĆ Prom. : Il Sec UVI 8x Idenll Identity 8: Access Management M-n-wUsev ; InaEIirYVIImKEn Directory Service Hm! .na Manage Aun: Dummy Trusted Advnsor Omumze Pervutmnnce : na Semmy Anamcs EMR Managed Haooen Fvameum Data Pipeline Onbnunuu m: Dun-Dwu! Wamba: Kcnesns Neum» Pwc essng m suwu-KJ B9 Dun Machine Leammg Baia Svmntopkuxxu Gully Ind EISW Mobile Servlc ES F Cogmto J um mmv ma ›w Dun Syr-minumum Devnce Farm ç mymu: mos amüšaoœwveuoevteslnlœcbw e MobIleAnałyucs cam Ynrwnnd : nwnloowu uu . SNS Push nmam. savu Applnc anoa SENICES API Gateway * Bund Dechy . m1 Manage API: t AppSueam Lura meow Musc-non samung Cloudsearch Mirwgtd Seach Sem: : Elastic Transcode! Easyrvœue suw; wau Yunnan . SES Emu smuny seme O 50S »came Queue Sante C u O „mw Saw: : luv c„„„. „.. .., wm owum Enlevpvnse Apphcamns Wovkspaces Desnou n me cmo WorkDocs Senne Enmpvne smugę . na Snnlng sem: wotkManl “E «w Secure Ema! and Cllenaarlno Saw: :
  58. 58. HTTPS Serwer Email Klienta Korporacyjne Data Center Marketerzy . ... ... H+T. F;Ś. ... ... ... ... . . ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... HTTPS
  59. 59. aws ses send-email --from mirek@chmurowisko. pl --destination ñlez/ /destinationjson --message ñlez/ /messagejson from botosqsmessage import RawMessage { "Type" : "Notification", "Messageld" : "6315bcas»1add~557a-b9sófzdssfad4el4", "T0picArn" : "arnzaxivs: sns: cu‹wcstv1:4677346z5199:MAILTOPIC", "Message": "{VnotiñcationType": "Delivery". "m.1iI": {"tilnestamp": "zo1s-o9-z4To6:o7:43.38sZ", "source": "mirek@chmurowisk0.pl", "sourceArn": "arn: awszseseu- wYestv1:467734ó25l99:identity/ mirek@chmur0wisk0.pI", "sendingAccountld": "467734625199", "messageId": "ooooomffdféñ19-4457abc6-94F6-4cbc- a420-9aba12f42ao2-oooooo", "dcstinationVz["mbumejko@gmail. com"]}, "dclivcry":1"timcstamp": "2015-09-z4Toózo7z44.161Z", "proccssingTin1cMillis":776,"rccipicntsV: ["mburnejko@gmaiLcom"], Vsmtplšesponse": "25O 2.0.0 OK 1443074864 wc10si9ó4277wicJOZ - gsmtp", "reportingMTA": "ąó-z42.smtp-outeu-west-l. amazonses. com"l}", "Timestamp": "2015-09-2ĄToó: o7:44.zoóZ", "SignatureVersion" : "Signature" : "IEWtB7VDfyVb4ZPlFSngzPZlBkZzIdRHgp/ qUYHpIfKmRTuZ+Dl-TmUsoZemgBlILik6WX1aPVZuZt9/ BWzZBeYpFUOSmqmkIOFEFñADyfGDr1xY7i8]g259VydnnZoMrxiigsLKfa5QCOParVY9IMDdikQpAqlelszfUBxnzrBQzosLYcyagluiKol-łrNr +]zZE3nuTrS8CYe8zSnD1q7KzaVe2AjuHMOr8QpDvIbi93Gr3tnPaE7iX/6+6Hdszk01sfRV/37itvd8R7/ wIdUtxMlrEZivDdhL/3ijaaDSLmDSmYWyyfCEdWEASICCLjTJIR9BjhQPZahKplD/6CthA= =", "SigningCertURL" : "hnpslzsgs ęgywçgp} grugzguąwg çgluzgimp ęNggjfiçggjguSeg(çç-bhzsgddgzádgsçgggg}ggséuaggç: pem", "n-ngubscribcUkL"z" - - - ? ` = ' ` * *' ` z - '- - - ru: : . ~. ;e "J. 34 I. "'MAILIQEIQśQišaašQ-SĘhQ-ŁLĘQĘ-äšśb-édbśäłś99fšl"
  60. 60. AWS Account 3 ę Amazon $3 EXCCUIIOH ê AWS Lambda Role „A, -4` A 2 US6!" V / 2 4 5 Access r o Policy _ , l , „__„, `„___„ N 5 T 1 Lambda BĹŹĹĹŻ B3212. A c/ `-~ “ summon
  61. 61. Event Data vSTART Requestld: b52bd9fe-61db-11eS-89a2-7d712fScl99f v2e15-e9-Z3T16:13:18.569Z b52bd9fe-61db-11eS-89aZ-7d712f5c169f Reading options frow event: ( Records: [ { eventversion: 'L9', eventsource: 'aws: s3', awskegion: 'us~west›2', eventTime: '2e15-e9-2311e:13:16.9442', eventNare: 'objectcreatedzPut', userldentity: { principalld: 'AMIS: AIDAICJZHZHASNBGGZIYU ), requestParaneters: ( sourcelPAddress: '217.11S.65.21' ), responseElements: ( 'x-arrz-request-if: '99S83166ED8981C9', 'x-anz-id-ZH '86k/63jcHaq0j1i3q5uuv58dr~m7uYI646E3rf6oXwu8aXs18EV1SZJZNO/ rIOQyO' }, st ( sšscheraversion: '1.e', configurationldt '3672f6fd-6cdS-4325-86aS›b131a67926d6', bucket: l ` ( nane: 'plnog', owner-Identity: { principalld: 'A2308IBYrtKEC42' }, arn: 'arn: aws: s3:: :plnog' ), object; ( key: 'C1oud. jpg', I I size: 25765, y eTag: '259a3f9beb4d83a3a7a6b4a85b172Sd2', v sequencer: '0eS6027B3CE179B94F' } ) } ] ) _ - v2e1S-69-23T16:13:19.5862 bS2bd9fe-61db›11eS-89a2-7d712f5c109f Successf: med plnog/ Cloud. ; and uploaded to plnogresized/ resi-, oud. jpg D EHD Requestld: bS2bd9fe-61db41eS-89a2-7d712fSc169f Ł v ~ D REPORT RequestId: b52bd9fe-61db-11eS-89a2-7d712f5c169f Duration: 1615.51 ns Billed Duration: 1166 rrs Memory Size: S76 NB Max blemory Used: 44 NB
  62. 62. Requests You are charged for the total number of requests across all your functions. Lambda counts a request each time it starts executing in response to an event notification or invoke call, including test invokes from the console. - First 1 million requests per month are free - 50.20 per 1 million requests thereafter 60.0000002 per request)
  63. 63. CZY JEST TU MIEJSCE DLA SIECIOWCA?
  64. 64. DEATH OF Wüiéieiàiiie* ; I , . [X X0lllł MOIIVEN MAMI_ [[INEI PONXOR
  65. 65. CZY JEST TU MIEJSCE DLA OPERATORA?
  66. 66. trochę.
  67. 67. ż} _g SerWerEmaiI Klienta AWS g ` I SNS s3 ` ' SES A) SQS . ` _"'„ Korporacyhe Data Center Ma rketerzy
  68. 68. Corporate Data Center ` I AWS Direct Connect „ ç ' Customer' a VPN Gateway Gateway Commvaclt Simpana NetApp Altavault Amazon S3
  69. 69. AWS Cloud 0 Route 53 CloudFront , ------------------------------------------------------------------------------------------------------------------------ - -. :' ` I `- Internet Gateway Ai/ ailabilili' ZD"? I. Availability Zone s ll „ s ` rj VPC Subnet | , E ` ELB E Amazon S3 Router DB lnsmncc DB Imma_ ElasnCache Corporate Data Center : Master (Memcachedl : [v-"P. r] W 'j : I. J L` Ä [-4.4 Lagu. ] RWY@ Table Route Table VPN Gateway
  70. 70. Podsumowanie: - Świat chmur to ewolucja dla sieciowców - Migracja do chmury, to nie dzień i miesiąc, a lata (w korpo liczy się na 10-15 lat) - Świat chmur to nowe możliwości na hajs dla operatorów telekomunikacyjnych Zapisz si, na informacje o webinarium: AWS dla Inżynirów sieciowych chmurowisko. pl/ plnog
  71. 71. I : :f1 I 507E n fl .7 4 3 . r += I f', l Amia. l Budma/ ame gunami aplllnqiwehiawej 2 samum . .siup buziam/ ak mma : i ikrtlawanira i : minumum mili 4 Phlhnltinwll Amazon EC2 LEGO MAN: u Jak użyć Amazon Web Services do stworzenia cudownych usłu? " dla Twoich klientów? (Czy jest tu miejsce dla sieciowców i operatorów telekomunikacyjnych? )

×