Cloud Spotting 2017: An overview of cloud computing

Certified AWS
Solution Architect
Associate
Certified
Architura Cloud Architect
Certified
TOGAF Enterprise Architect

Digital Transformation
Enterprise Architect
at a
Private Bank

In 2012 Citrix surveyed 1,000 people
about cloud computing and found that
51% think bad weather affects cloud computing
51% think bad weather affects cloud computing
Another
95% don’t think they ever use cloud computing
even though they're actually doing a lot in the cloud.

What makes the cloud “the
cloud”?

A proven solution to a common problem
individually documented in a consistent
format and usually as part of a larger
collection
a pattern

Automated
Administration
Bare-Metal
Provisioning
Broad Access
Centralized Remote
Administration
Dynamic Scalability Elastic environment
Multi-path Resource
Access
Multi-tenant
Environment
Non-Distruptive
Service Relocation
Pay-as-You-Go Platform Provisioning Rapid Provisioning
Realtime Resource
Availability
Resilient
Environmnent
Resource
Management
Resource Pooling
Resource
Reservation
Self-Provisioning
Service State
Management
Shared Resources
Usage Monitoring Workload Distribution
What patterns make “the cloud”?

IaaS PaaS
SaaS
Infrastructure
as a
Service
Platform
as a
Service
Software
as a
Service

http://www.hostingadvice.com/how-to/iaas-vs-paas-vs-saas/
On-Premises
Infrastructure
(as a Service)
Networking
Storage
Servers
Virtualization
Networking
Storage
Servers
Virtualization
Networking
Storage
Servers
Virtualization
Networking
Storage
Servers
Virtualization
OS OS OS OS
Middleware Middleware Middleware Middleware
Runtime Runtime Runtime Runtime
Data Data Data Data
Applications Applications Applications Applications
Platform
(as a Service)
Software
(as a Service)

Hype as a Service
• XaaS: anything as a Service
• iPaaS: integration PaaS
• eiPaaS: Enterprise Integration Platform as a Service
• hpaPaaS: high-productivity application PaaS
• MaaS: Marketing as a Service
• KaaS: ech’ lekker

Public Cloud Private Cloud Hybrid Cloud

Public Cloud Private Cloud Hybrid Cloud
Publicly
Accessible
Multiple
Customers
(tenants)
Lots and
latest
services
Privately
Accessible
Dedicated
Customers
(tenants)
Fewer and
older
services

What’s the ?
• You outsource the low-level acquisition and management
of your infrastructure.
• It’s like leasing cars, few companies will still manage their
own car fleet.
• You get instant access to a global, fully automate-able
infrastructure for a fair price*
* some people will disagree, but let them ;)

What are the benefits
— Capacity Planning ++ On-Demand usage
++ Operational Agility ++ Measured Usage
— Cost ++ Elasticity
— Operational Overhead ++ Reliability

The Bezos Mandate
Stevey's Google Platforms Rant
His Big Mandate went something along these lines:
1. All teams will henceforth expose their data and functionality through service
interfaces.
2. Teams must communicate with each other through these interfaces.
3. There will be no other form of interprocess communication allowed: no direct linking,
no direct reads of another team's data store, no shared-memory model, no back-doors
whatsoever. The only communication allowed is via service interface calls over the
network.
4. It doesn't matter what technology they use. HTTP, Corba, Pubsub, custom protocols --
doesn't matter. Bezos doesn't care.
5. All service interfaces, without exception, must be designed from the ground up to
be externalizable. That is to say, the team must plan and design to be able to expose the
interface to developers in the outside world. No exceptions.
6. Anyone who doesn't do this will be fired.

Who’s using it?
• Lot’s (if not most) start-ups
• Scale-ups to (at least) deploy test environments
• Bigger companies (but not for everything and not a
majority yet)

Blackboard
We want to focus on
delivering excellent
educational applications
to our customers, not
maintaining data centers
Opening up new data
centers in some of the
global markets where
we’re looking to expand
would typically cost
roughly $1 million for
each data center.Leveraging AWS
Availability Zones, we
can deliver a high level of
reliability and
redundancy as we enter
each new market.

SunCorp
Australian financial
services company
complex and expensive
IT environment to
support 14 brands and 4
lines of business in 5
countries.
adopted a culture of
innovation to re-imagine
the IT landscape
Plans to move 2000
applications to the cloud
https://www.youtube.com/watch?v=z1b-E1LIfeM

Capital One
#9 bank of USoA
755 branches, 2000
ATMs, three countries
(USA, UK, Canada)
2014 8 datacenters, 2016
5, 2018 3
Velocity, Elasticity,
Availability, Breadth &
depth of the platform,
talent attraction,
security(!)
https://www.youtube.com/watch?v=0E90-ExySb8

Ticket Master
26 million unique visitors
every month
credits the AWS Cloud's
ease of use
on-demand pricing,
MarketShare also
estimates that it reduces
costs by over 80%
annually, compared to
fixed service costs
saving time, money and
providing a superior
solution that is flexible,
secure and scalable.

UbiSoft
millions of global gamers
deploys updates in
minutes
automatically scale to
support large traffic
spikes
Increases
competitiveness through
speed and agility

The AWS Cloud operates 44 Availability Zones within 16
geographic Regions around the world, with announced plans
for 17 more Availability Zones and six more Regions in
Bahrain, China, France, Hong Kong, Sweden, and a second
AWS GovCloud Region in the US.

The AWS Cloud operates 44 Availability Zones within 16
geographic Regions around the world, with announced plans
for 17 more Availability Zones and six more Regions in
Bahrain, China, France, Hong Kong, Sweden, and a second
AWS GovCloud Region in the US.
a separate
geographic area.
Examples:
EU West
US East
Canada
Region
Available Services vary per
region
Each region has
multiple, isolated
locations known as
Availability Zones.
Examples:
us-east-1a
eu-west-2b
Availability Zone
1. At least 2 AZs per
region
2. Multiple DCs per AZ
3. 50000 to 80000
physical servers
4. AZs in same region
connected by multiple
wires (in different
ditches!)
5. NY-LA roundtrip =
74ms
Where end users
access services
located at AWS
Edge Location
1. in most of the major
cities around the world
2. CloudFront CDN

James Hamilton 2014 AWS re:invent

Some Cool Stuff
that you won’t be really needing soon

Snowball
e week to upload your data to AWS using the spare capacity of your existing Internet connectio

Some Cool Stuff
that you will end up using a lot

EC2 - Virtual Servers in the Cloud
- unlimited compute power (after lifting soft limit of 20 instances)
- Linux, Windows whatever fits your needs
Elastic Beanstalk - Application Container
- Platform to deploy web applications (Java, NodeJS…)
- Scaling is super automatic
Lambda
- Serverless unlimited compute power
- Extremely easy to deploy
EC2 Container Registry & Service
- Store, retrieve, run and manage docker stuff

S3 - Scalable Storage in the Cloud
- virtually unlimited cloud storage
- Linux, Windows whatever fits your needs
Glacier - Low-Cost Archive Storage in the Cloud
- low-cost storage service
- provides secure and durable storage for data archiving and backup.
- Network connected drives available to EC2 instances
Amazon Elastic Block Store (EBS) - EC2 Block Storage Volumes
All are elastic and pay-as-you-go

Elasticache - deploy, operate, and scale an in-memory data store or cache
- Redis, MemCached
- Serverless
- up in minutes and easy to use and manage
DynamoDB - NoSQL database service
RDS - Relational Database Service
- Up in minutes, easy to manage and backup/restore
- Resizeable on demand
- Postgresql, MySQL, MS SQLServer, Oracle
- Clustering and encryption are a matter of checking boxes

VPC - Virtual Private Cloud
- Create -virtual- network segments
- Secure network segments
- Protect resources
- Manage Availability zones
- Serverless
- up in minutes and easy to use and manage
CloudFront
Route53
- DNS
Elastic Load Balancing

Game Development
- GameLift: managed service for deploying, operating, and scaling
dedicated game servers for session-based multiplayer games.
- Lumberyard: game engine deeply integrated with AWS and Twitch
Analytics
- Elasticsearch, hadoop, Kinesis (streaming data)……..
- Redshift: affordable peta byte scale DWH
Artificial Intelligence
- LEX: automatic speech recognition (ASR) and natural language
understanding (NLU)
- Poly: turns text into lifelike speech.
- Recognition: makes it easy to add image analysis to your
applications.
- Machine learning, deep learning, tensor flow…
- Shield (DDoS protection), WAF, CloudHSM……………
- Amazon inspector: automated security assessment service
Security, Identity & Compliance

AWS Cognito
Add user sign-up, sign-in, and data synchronization to your apps

Poly
So, who’s the dude with the beard?

A typical
High Availability
set-up for Wordpress
@ AWS

Region 2
e.g. US-EAST-1
Region 1
e.g. EU-
CENTRAL-1

Region
VPC
Availability Zone a Availability Zone b
Public Subnet Public Subnet
Private SubnetPrivate Subnet

Availability Zone
Private Subnet
Autoscaling
Group
Public Subnet
ELB
EC2 EC2 EC2 EC2 EC2
Multi AZ RDS

re.net/AmazonWebServices/high-availability-application-architectures-in-amazon-vpc-arc2

Literally 10 minutes later…
Load balanced Word Press environment

Update environment?
1. Update CloudFormation template
2. apply it
3. AWS CloudFormation will determine changes and
apply them

Deletes EC2 instances
Deletes DB instances
Deletes all it created
Deletes NAT instances

AWS cmd line & admin APIs
“The mandate” also drove AWS to offer the administration
tasks of all the services they offer through APIs from the
ground up. Which allows you and me to easily interact with
any of their services
CloudFormation and the other tools are a good start but all very low-level

Best Practices
AWS Well-Architected Framework
General Best Practices
• Stop guessing your capacity needs
• Test systems at production scale
• Automate to make architectural
experimentation easier
• Allow for evolutionary architectures
• Data-Driven architectures
• Improve through game days

Best Practices
AWS Well-Architected Framework
Security Reliability
Performance
Efficiency
Cost
Optimization
Operational
Excellence
• Apply security at
all layers
• Enable
traceability
• Implement a
principle of least
privilege
• Focus on
securing your
system
• Automate
security best
practices
• Test recovery
procedures
• Automatically
recover from
failure
• Scale
horizontally to
increase
aggregate
system
availability
• Stop guessing
capacity
• Manage change
in automation
• Democratize
advanced
technologies
• Go global in
minutes
• Use serverless
architectures
• Experiment
more often
• Mechanical
sympathy
• Adopt a
consumption
model
• Benefit from
economies of
scale
• Stop spending
money on data
center
operations
• Analyze and
attribute
expenditure
• Use managed
services to
reduce cost of
ownership
• Perform
operations with
code
• Align operations
processes to
business
objectives
• Make regular,
small, incremental
changes
• Test for responses
to unexpected
events
• Learn from
operational events
and failures
• Keep operations
procedures
current
http://d0.awsstatic.com/whitepapers/architecture/AWS_Well-Architected_Framework.pdf

Impediments for cloud adoption?
Legacy
Governance
Security & Regulations

Security & Regulations
It’s not the cloud that is inherently insecure, it’s people who are often
too lazy to secure or are even unconscious of the risks.
https://www.upguard.com/breaches/cloud-leak-accenture

Clouds can be secured
Clouds can be heavily secured & changes can be monitored
automatically by -for instance- AWS Config

Security is cheap in the cloud
(1/2)
Using cloud formation it takes minutes to set this up…

Security is cheap in the cloud
(2/2)
• Encrypting disks, databases, connections is almost as
easy as checking a box
• Requiring Multi-Factor Authentication is also a breeze.
—> Security is no longer (if it ever was) an excuse…

The belgian bank regulator
• Since 2012 the Belgian bank regulator allows banks to go
to the cloud. It is considered the same as any other form
of out-sourcing
• AWS is complying with many regulations and standards,
more so than many companies with their own IT staff.

Governance
• Many companies are not ready to go to the cloud
• They don’t understand the benefits of the cloud
• Processes are designed based on the assumption that
everything is managed in-house, because that is “easier”
(it’s not)
—> Processes must be adapted, people need to be trained

Legacy
• Millions of lines of code run on old technology that is all
but cloud ready (let alone cloud right)
• Migrating legaly is indeed a 🤕

Is this the end of IT
departments?
At one time, large organizations needed another type of CEO
- the Chief Electricity Officer. Before there was an accessible
and reliable grid to plug into, organizations that needed
electricity employed a CEO. They became extinct over 100
years ago…
(But now that electricity is becoming more expensive again,
they might make a come back and the Chief Renewable
Energy Officers)

it comes to managing the
infrastructure, but you still need
your own team in place to handle
it. The velocity with which new
services and functionalities keep
tumbling out of the cloud service
providers’ cupboards is so high
due to the constant evolving
nature of the underlying
technologies, that the learning
curve is quite steep.
For example, Amazon Web
Services added
https://1reddrop.com/2017/03/08/gartner-publishes-magic-quadrant-managed-cloud-service-providers/

Something worth getting, if only for your personal development!
Prepare yourself
Get and AWS Certificate

And then just enjoy the view 😉

Links
• Patterns:
http://www.cloudpatterns.org/
• AWS:
http://aws.amazon.com
• AWS Architecture
https://aws.amazon.com/architecture/well-architected/
• AWS Reinvent Live Streams
https://aws.amazon.com/blogs/security/register-for-aws-reinvent-2017-live-streams/
• AWS Videos (many of the Reinvent videos!)
https://www.youtube.com/user/AmazonWebServices
• AWS on Slideshare
https://www.slideshare.net/AmazonWebServices

Cloud Spotting 2017: An overview of cloud computing

More Related Content

What's hot

Similar to Cloud Spotting 2017: An overview of cloud computing

More from Patrice Kerremans

Recently uploaded

Cloud Spotting 2017: An overview of cloud computing