The document discusses hybrid cloud architectures as part of the AWS Certified Solutions Architect - Associate Guide, outlining various strategies for cloud migration such as rehosting, replatforming, refactoring, repurchasing, retiring, and retaining applications. It provides insights on effective migration processes, data center extension options, and VPN configurations, alongside AWS services like Database Migration Service and Storage Gateway. The content also includes references to resources for further reading and implementation details.

1. Study Group: AWS SAA Guide
Chapter 04 -
Hybrid Cloud Architectures
Aki Yu
2020.Apr

2. ● AWS Certified Solutions Architect - Associate Guide
https://www.amazon.com/AWS-Certified-Solutions-Architect-certification/dp/1789130662/
● Google Books 上可讀到前3章:
https://books.google.com.tw/books?id=P-l1DwAAQBAJ
● PacktPub 與 Oreilly 各有 10 Days Free Trial 可看書的完整內容:
https://www.packtpub.com/virtualization-and-cloud/aws-certified-solution-architect-associate-guide
https://www.oreilly.com/library/view/aws-certified-solutions/9781789130669/
● 本書 Github Source Code:
https://github.com/PacktPublishing/AWS-Certified-Solutions-Architect-Associate-Guide
https://github.com/gabanox/Certified-Solution-Architect-Associate-Guide
Book: AWS SAA Guide

3. Rehost
容易搬的先搬
This can be done with portable software stacks, like Java virtual machines, Docker containers or VMware,
Microsoft Hyper-V, and Citrix Xen virtualization technologies, that go back and forth to EC2, with the VM
Import/Export service.
Replatform
能切開來的第二搬
The amount of effort to configure and tune applications is higher than rehosting, but only takes a moment to
switch from highly coupled stacks to AWS managed services or platform as a service. An example of this is
switching from an Oracle WebLogic Java application to an Apache Tomcat standalone Spring Boot application
running in Elastic Beanstalk, or from a LAMP on- premise server to a three-layer web app running with ELB,
EC2, and RDS.
Refactor/Rearchitect利用aws
的功能來改善結構和效能
This strategy is aimed at improving the scale, business continuity, or performance of the current architecture;
design strategies and patterns, like multi-tier, serverless, or managed service, can apply. Stateless applications
with ancillary services, like RDS, S3, or DynamoDB, can improve the overall performance of your applications.
Repurchase
挑選便宜的solution
f your licensed software, or Software as a Service (SaaS), does not scale or fit to your business needs, you
need either need to customize or spend less on that specific IT function. You can use an open source software
or a new service provider, or you can build your own custom solution.
Retire
無法搬的、但可以做新的，考
慮淘汰
The application's retirement can be done when a new solution or product covers the previous functionality.
Hard dependencies and non-portable software can make it unlikely to migrate successfully (for example, a
mainframe application). Ending the life of these applications is the best strategy, focusing on new projects that
can align with contemporary business objectives.
Retain
無法搬的、但還無法做新的時
，考慮維持，並尋找機會淘汰
This keeps applications that represent critical business components, or the core of many systems. Working at
a large bank, I saw the problems that complex systems encounter upon migration; business cannot be paused
until the migration of millions of lines of code, written in COBOL, has finished. In parallel SOA, efforts were put
in place to provide a new service API and gradually swift to the newer implementations.
•Effective migration to the cloud

4. By migrating 100 VMware instances with 16 GB RAM to AWS:

5. 1. Migration preparation and business planning
2. Portfolio discovery and planning
3. Application design
4. Migration and validation
5. Operation
Migration Process

6. •Extending your data center
data center expansion
disaster recovery options.
All in the cloud
Hybrid
VPC
CIDR block
A route table
Subnets
A network gateway
Classless inter-domain
routing
192.168.0.15/24. This means that the first 24 bits of the IP
address given are considered significant for the network
routing.
Destination Target
172.31.0.0/16 Local
172.31.0.0/20 eni-id
Public traffic / Private traffic

7. Tenancy
VPC
Sizing

8. Create VPC

9. Create Subnet
Main Route
Table

10. Create Internet Gateway
Public traffic

11. Create Internet Gateway
所有的外部流量都指向內部gateway

12. Private traffic
private-route-table

13. NAT Gateway

14. Private Route
Table
Public Route
Table

15. Security groups

16. Chaining security groups
ssh -i path/to/private.pem -A ec2-user@bastion-host-dns

17. Hybrid deployment
Software VPNs - Point-to-Point Tunneling Protocol (PPTP)
Static hardware VPNs
Dynamic hardware VPNs
Direct Connect (DX)
- support Border Gateway Protocol (BGP)
- not support Border Gateway Protocol (BGP)
Partner 10
Gbps
Market 1 Gbps

18. Storage gateway use cases
Network filesystems with file gateways
Block storage iSCSI with volume gateway – stored
Block storage iSCSI with volume gateway – cached
Virtual tape library iSCSI with a tape gateway
SSL and AES 256.

19. The Database Migration Service - OLTP OLAP
Homogeneous migration - Oracle to Oracle
The AWS Schema Conversion Tool (SCT)
Heterogeneous migrations
S3
Aurora
DynamoDB
Redshift

20. 名詞說明

21. Virtual Private Cloud (VPC)
Return on Investment (ROI) https://awstcocalculator.com
Simple Monthly Calculator http://aws.amazon.com/calculator
Network Address Translation (NAT)
OLTP on-line transaction processing）
OLAP（On-Line Analytical Processing）