Cloud Spotting
Certified AWS
Solution Architect
Associate
Certified
Architura Cloud Architect
Certified
TOGAF Enterprise Architect
Digital Transformation
Enterprise Architect
at a
Private Bank
In 2012 Citrix surveyed 1,000 people
about cloud computing and found that
In 2012 Citrix surveyed 1,000 people
about cloud computing and found that
51% think bad weather affects cloud computing
In 2012 Citrix surveyed 1,000 people
about cloud computing and found that
51% think bad weather affects cloud computing
Another
95% don’t think they ever use cloud computing
even though they're actually doing a lot in the cloud.
What makes the cloud “the
cloud”?
A proven solution to a common problem
individually documented in a consistent
format and usually as part of a larger
collection
a pattern
Automated
Administration
Bare-Metal
Provisioning
Broad Access
Centralized Remote
Administration
Dynamic Scalability Elastic environment
Multi-path Resource
Access
Multi-tenant
Environment
Non-Distruptive
Service Relocation
Pay-as-You-Go Platform Provisioning Rapid Provisioning
Realtime Resource
Availability
Resilient
Environmnent
Resource
Management
Resource Pooling
Resource
Reservation
Self-Provisioning
Service State
Management
Shared Resources
Usage Monitoring Workload Distribution
What patterns make “the cloud”?
Automated
Administration
Bare-Metal
Provisioning
Broad Access
Centralized Remote
Administration
Dynamic Scalability Elastic environment
Multi-path Resource
Access
Multi-tenant
Environment
Non-Distruptive
Service Relocation
Pay-as-You-Go Platform Provisioning Rapid Provisioning
Realtime Resource
Availability
Resilient
Environmnent
Resource
Management
Resource Pooling
Resource
Reservation
Self-Provisioning
Service State
Management
Shared Resources
Usage Monitoring Workload Distribution
What patterns make “the cloud”?
IaaS PaaS
SaaS
Infrastructure
as a
Service
Platform
as a
Service
Software
as a
Service
IaaS PaaS
SaaS
Infrastructure
as a
Service
Platform
as a
Service
Software
as a
Service
http://www.hostingadvice.com/how-to/iaas-vs-paas-vs-saas/
On-Premises
Infrastructure
(as a Service)
Networking
Storage
Servers
Virtualization
Networking
Storage
Servers
Virtualization
Networking
Storage
Servers
Virtualization
Networking
Storage
Servers
Virtualization
OS OS OS OS
Middleware Middleware Middleware Middleware
Runtime Runtime Runtime Runtime
Data Data Data Data
Applications Applications Applications Applications
Platform
(as a Service)
Software
(as a Service)
IaaS PaaS
SaaS
Hype as a Service
• XaaS: anything as a Service
• iPaaS: integration PaaS
• eiPaaS: Enterprise Integration Platform as a Service
• hpaPaaS: high-productivity application PaaS
• MaaS: Marketing as a Service
• KaaS: ech’ lekker
Public Cloud Private Cloud Hybrid Cloud
Public Cloud Private Cloud Hybrid Cloud
Publicly
Accessible
Multiple
Customers
(tenants)
Lots and
latest
services
Privately
Accessible
Dedicated
Customers
(tenants)
Fewer and
older
services
What’s the ?
• You outsource the low-level acquisition and management
of your infrastructure.
• It’s like leasing cars, few companies will still manage their
own car fleet.
• You get instant access to a global, fully automate-able
infrastructure for a fair price*
* some people will disagree, but let them ;)
What are the benefits
— Capacity Planning ++ On-Demand usage
++ Operational Agility ++ Measured Usage
— Cost ++ Elasticity
— Operational Overhead ++ Reliability
Amazon Web Services
Amazon Web Services
The Bezos Mandate
Stevey's Google Platforms Rant
His Big Mandate went something along these lines:
1. All teams will henceforth expose their data and functionality through service
interfaces.
2. Teams must communicate with each other through these interfaces.
3. There will be no other form of interprocess communication allowed: no direct linking,
no direct reads of another team's data store, no shared-memory model, no back-doors
whatsoever. The only communication allowed is via service interface calls over the
network.
4. It doesn't matter what technology they use. HTTP, Corba, Pubsub, custom protocols --
doesn't matter. Bezos doesn't care.
5. All service interfaces, without exception, must be designed from the ground up to
be externalizable. That is to say, the team must plan and design to be able to expose the
interface to developers in the outside world. No exceptions.
6. Anyone who doesn't do this will be fired.
Who’s using it?
• Lot’s (if not most) start-ups
• Scale-ups to (at least) deploy test environments
• Bigger companies (but not for everything and not a
majority yet)
Blackboard
We want to focus on
delivering excellent
educational applications
to our customers, not
maintaining data centers
Opening up new data
centers in some of the
global markets where
we’re looking to expand
would typically cost
roughly $1 million for
each data center.Leveraging AWS
Availability Zones, we
can deliver a high level of
reliability and
redundancy as we enter
each new market.
SunCorp
Australian financial
services company
complex and expensive
IT environment to
support 14 brands and 4
lines of business in 5
countries.
adopted a culture of
innovation to re-imagine
the IT landscape
Plans to move 2000
applications to the cloud
https://www.youtube.com/watch?v=z1b-E1LIfeM
Capital One
#9 bank of USoA
755 branches, 2000
ATMs, three countries
(USA, UK, Canada)
2014 8 datacenters, 2016
5, 2018 3
Velocity, Elasticity,
Availability, Breadth &
depth of the platform,
talent attraction,
security(!)
https://www.youtube.com/watch?v=0E90-ExySb8
Ticket Master
26 million unique visitors
every month
credits the AWS Cloud's
ease of use
on-demand pricing,
MarketShare also
estimates that it reduces
costs by over 80%
annually, compared to
fixed service costs
saving time, money and
providing a superior
solution that is flexible,
secure and scalable.
UbiSoft
millions of global gamers
deploys updates in
minutes
automatically scale to
support large traffic
spikes
Increases
competitiveness through
speed and agility
AWS’ Anatomy
The AWS Cloud operates 44 Availability Zones within 16
geographic Regions around the world, with announced plans
for 17 more Availability Zones and six more Regions in
Bahrain, China, France, Hong Kong, Sweden, and a second
AWS GovCloud Region in the US.
The AWS Cloud operates 44 Availability Zones within 16
geographic Regions around the world, with announced plans
for 17 more Availability Zones and six more Regions in
Bahrain, China, France, Hong Kong, Sweden, and a second
AWS GovCloud Region in the US.
a separate
geographic area.
Examples:
EU West
US East
Canada
Region
Available Services vary per
region
Each region has
multiple, isolated
locations known as
Availability Zones.
Examples:
us-east-1a
eu-west-2b
Availability Zone
1. At least 2 AZs per
region
2. Multiple DCs per AZ
3. 50000 to 80000
physical servers
4. AZs in same region
connected by multiple
wires (in different
ditches!)
5. NY-LA roundtrip =
74ms
Where end users
access services
located at AWS
Edge Location
1. in most of the major
cities around the world
2. CloudFront CDN
James Hamilton 2014 AWS re:invent
James Hamilton 2014 AWS re:invent
James Hamilton 2014 AWS re:invent
James Hamilton 2014 AWS re:invent
James Hamilton 2014 AWS re:invent
What can you do on AWS?
Some Cool Stuff
that you won’t be really needing soon
Snowball
e week to upload your data to AWS using the spare capacity of your existing Internet connectio
Snowmobile
Some Cool Stuff
that you will end up using a lot
EC2 - Virtual Servers in the Cloud
- unlimited compute power (after lifting soft limit of 20 instances)
- Linux, Windows whatever fits your needs
Elastic Beanstalk - Application Container
- Platform to deploy web applications (Java, NodeJS…)
- Scaling is super automatic
Lambda
- Serverless unlimited compute power
- Extremely easy to deploy
EC2 Container Registry & Service
- Store, retrieve, run and manage docker stuff
S3 - Scalable Storage in the Cloud
- virtually unlimited cloud storage
- Linux, Windows whatever fits your needs
Glacier - Low-Cost Archive Storage in the Cloud
- low-cost storage service
- provides secure and durable storage for data archiving and backup.
- Network connected drives available to EC2 instances
Amazon Elastic Block Store (EBS) - EC2 Block Storage Volumes
All are elastic and pay-as-you-go
Elasticache - deploy, operate, and scale an in-memory data store or cache
- Redis, MemCached
- Serverless
- up in minutes and easy to use and manage
DynamoDB - NoSQL database service
RDS - Relational Database Service
- Up in minutes, easy to manage and backup/restore
- Resizeable on demand
- Postgresql, MySQL, MS SQLServer, Oracle
- Clustering and encryption are a matter of checking boxes
VPC - Virtual Private Cloud
- Create -virtual- network segments
- Secure network segments
- Protect resources
- Manage Availability zones
- Serverless
- up in minutes and easy to use and manage
CloudFront
Route53
- DNS
Elastic Load Balancing
Game Development
- GameLift: managed service for deploying, operating, and scaling
dedicated game servers for session-based multiplayer games.
- Lumberyard: game engine deeply integrated with AWS and Twitch
Analytics
- Elasticsearch, hadoop, Kinesis (streaming data)……..
- Redshift: affordable peta byte scale DWH
Artificial Intelligence
- LEX: automatic speech recognition (ASR) and natural language
understanding (NLU)
- Poly: turns text into lifelike speech.
- Recognition: makes it easy to add image analysis to your
applications.
- Machine learning, deep learning, tensor flow…
- Shield (DDoS protection), WAF, CloudHSM……………
- Amazon inspector: automated security assessment service
Security, Identity & Compliance
AWS Cognito
Add user sign-up, sign-in, and data synchronization to your apps
Two “AI” Examples
Recognition
Recognition 2
Poly
So, who’s the dude with the beard?
A typical
High Availability
set-up for Wordpress
@ AWS
Region 2
e.g. US-EAST-1
Region 1
e.g. EU-
CENTRAL-1
Region
VPC
Availability Zone a Availability Zone b
Public Subnet Public Subnet
Private SubnetPrivate Subnet
Availability Zone
Private Subnet
Autoscaling
Group
Public Subnet
ELB
EC2 EC2 EC2 EC2 EC2
Multi AZ RDS
re.net/AmazonWebServices/high-availability-application-architectures-in-amazon-vpc-arc2
A lot of work, right?
Cloud Formation
Cloud Formation
Literally 10 minutes later…
Load balanced Word Press environment
Create Resources
Update environment?
1. Update CloudFormation template
2. apply it
3. AWS CloudFormation will determine changes and
apply them
Deleting the environment
Deletes security groups
Deletes EC2 instances
Deletes DB instances
Deletes all it created
Deletes NAT instances
Other Diagram tools
Other “Formation” Tools
AWS cmd line & admin APIs
“The mandate” also drove AWS to offer the administration
tasks of all the services they offer through APIs from the
ground up. Which allows you and me to easily interact with
any of their services
CloudFormation and the other tools are a good start but all very low-level
Best Practices
AWS Well-Architected Framework
General Best Practices
• Stop guessing your capacity needs
• Test systems at production scale
• Automate to make architectural
experimentation easier
• Allow for evolutionary architectures
• Data-Driven architectures
• Improve through game days
Best Practices
AWS Well-Architected Framework
Security Reliability
Performance
Efficiency
Cost
Optimization
Operational
Excellence
• Apply security at
all layers
• Enable
traceability
• Implement a
principle of least
privilege
• Focus on
securing your
system
• Automate
security best
practices
• Test recovery
procedures
• Automatically
recover from
failure
• Scale
horizontally to
increase
aggregate
system
availability
• Stop guessing
capacity
• Manage change
in automation
• Democratize
advanced
technologies
• Go global in
minutes
• Use serverless
architectures
• Experiment
more often
• Mechanical
sympathy
• Adopt a
consumption
model
• Benefit from
economies of
scale
• Stop spending
money on data
center
operations
• Analyze and
attribute
expenditure
• Use managed
services to
reduce cost of
ownership
• Perform
operations with
code
• Align operations
processes to
business
objectives
• Make regular,
small, incremental
changes
• Test for responses
to unexpected
events
• Learn from
operational events
and failures
• Keep operations
procedures
current
http://d0.awsstatic.com/whitepapers/architecture/AWS_Well-Architected_Framework.pdf
Impediments for cloud adoption?
Legacy
Governance
Security & Regulations
Security & Regulations
It’s not the cloud that is inherently insecure, it’s people who are often
too lazy to secure or are even unconscious of the risks.
https://www.upguard.com/breaches/cloud-leak-accenture
Clouds can be secured
Clouds can be heavily secured & changes can be monitored
automatically by -for instance- AWS Config
Security is cheap in the cloud
(1/2)
Using cloud formation it takes minutes to set this up…
Security is cheap in the cloud
(2/2)
• Encrypting disks, databases, connections is almost as
easy as checking a box
• Requiring Multi-Factor Authentication is also a breeze.
—> Security is no longer (if it ever was) an excuse…
The belgian bank regulator
• Since 2012 the Belgian bank regulator allows banks to go
to the cloud. It is considered the same as any other form
of out-sourcing
• AWS is complying with many regulations and standards,
more so than many companies with their own IT staff.
Governance
• Many companies are not ready to go to the cloud
• They don’t understand the benefits of the cloud
• Processes are designed based on the assumption that
everything is managed in-house, because that is “easier”
(it’s not)
—> Processes must be adapted, people need to be trained
Legacy
• Millions of lines of code run on old technology that is all
but cloud ready (let alone cloud right)
• Migrating legaly is indeed a 🤕
Is this the end of IT
departments?
At one time, large organizations needed another type of CEO
- the Chief Electricity Officer. Before there was an accessible
and reliable grid to plug into, organizations that needed
electricity employed a CEO. They became extinct over 100
years ago…
(But now that electricity is becoming more expensive again,
they might make a come back and the Chief Renewable
Energy Officers)
it comes to managing the
infrastructure, but you still need
your own team in place to handle
it. The velocity with which new
services and functionalities keep
tumbling out of the cloud service
providers’ cupboards is so high
due to the constant evolving
nature of the underlying
technologies, that the learning
curve is quite steep.
For example, Amazon Web
Services added
https://1reddrop.com/2017/03/08/gartner-publishes-magic-quadrant-managed-cloud-service-providers/
Something worth getting, if only for your personal development!
Prepare yourself
Get and AWS Certificate
And then just enjoy the view 😉
Links
• Patterns:
http://www.cloudpatterns.org/
• AWS:
http://aws.amazon.com
• AWS Architecture
https://aws.amazon.com/architecture/well-architected/
• AWS Reinvent Live Streams
https://aws.amazon.com/blogs/security/register-for-aws-reinvent-2017-live-streams/
• AWS Videos (many of the Reinvent videos!)
https://www.youtube.com/user/AmazonWebServices
• AWS on Slideshare
https://www.slideshare.net/AmazonWebServices

Cloud Spotting 2017: An overview of cloud computing

  • 1.
  • 3.
    Certified AWS Solution Architect Associate Certified ArchituraCloud Architect Certified TOGAF Enterprise Architect
  • 4.
  • 6.
    In 2012 Citrixsurveyed 1,000 people about cloud computing and found that In 2012 Citrix surveyed 1,000 people about cloud computing and found that 51% think bad weather affects cloud computing In 2012 Citrix surveyed 1,000 people about cloud computing and found that 51% think bad weather affects cloud computing Another 95% don’t think they ever use cloud computing even though they're actually doing a lot in the cloud.
  • 7.
    What makes thecloud “the cloud”?
  • 8.
    A proven solutionto a common problem individually documented in a consistent format and usually as part of a larger collection a pattern
  • 10.
    Automated Administration Bare-Metal Provisioning Broad Access Centralized Remote Administration DynamicScalability Elastic environment Multi-path Resource Access Multi-tenant Environment Non-Distruptive Service Relocation Pay-as-You-Go Platform Provisioning Rapid Provisioning Realtime Resource Availability Resilient Environmnent Resource Management Resource Pooling Resource Reservation Self-Provisioning Service State Management Shared Resources Usage Monitoring Workload Distribution What patterns make “the cloud”?
  • 11.
    Automated Administration Bare-Metal Provisioning Broad Access Centralized Remote Administration DynamicScalability Elastic environment Multi-path Resource Access Multi-tenant Environment Non-Distruptive Service Relocation Pay-as-You-Go Platform Provisioning Rapid Provisioning Realtime Resource Availability Resilient Environmnent Resource Management Resource Pooling Resource Reservation Self-Provisioning Service State Management Shared Resources Usage Monitoring Workload Distribution What patterns make “the cloud”?
  • 12.
  • 13.
  • 14.
    http://www.hostingadvice.com/how-to/iaas-vs-paas-vs-saas/ On-Premises Infrastructure (as a Service) Networking Storage Servers Virtualization Networking Storage Servers Virtualization Networking Storage Servers Virtualization Networking Storage Servers Virtualization OSOS OS OS Middleware Middleware Middleware Middleware Runtime Runtime Runtime Runtime Data Data Data Data Applications Applications Applications Applications Platform (as a Service) Software (as a Service)
  • 15.
  • 16.
    Hype as aService • XaaS: anything as a Service • iPaaS: integration PaaS • eiPaaS: Enterprise Integration Platform as a Service • hpaPaaS: high-productivity application PaaS • MaaS: Marketing as a Service • KaaS: ech’ lekker
  • 17.
    Public Cloud PrivateCloud Hybrid Cloud
  • 18.
    Public Cloud PrivateCloud Hybrid Cloud Publicly Accessible Multiple Customers (tenants) Lots and latest services Privately Accessible Dedicated Customers (tenants) Fewer and older services
  • 19.
    What’s the ? •You outsource the low-level acquisition and management of your infrastructure. • It’s like leasing cars, few companies will still manage their own car fleet. • You get instant access to a global, fully automate-able infrastructure for a fair price* * some people will disagree, but let them ;)
  • 20.
    What are thebenefits — Capacity Planning ++ On-Demand usage ++ Operational Agility ++ Measured Usage — Cost ++ Elasticity — Operational Overhead ++ Reliability
  • 21.
  • 22.
  • 23.
    The Bezos Mandate Stevey'sGoogle Platforms Rant His Big Mandate went something along these lines: 1. All teams will henceforth expose their data and functionality through service interfaces. 2. Teams must communicate with each other through these interfaces. 3. There will be no other form of interprocess communication allowed: no direct linking, no direct reads of another team's data store, no shared-memory model, no back-doors whatsoever. The only communication allowed is via service interface calls over the network. 4. It doesn't matter what technology they use. HTTP, Corba, Pubsub, custom protocols -- doesn't matter. Bezos doesn't care. 5. All service interfaces, without exception, must be designed from the ground up to be externalizable. That is to say, the team must plan and design to be able to expose the interface to developers in the outside world. No exceptions. 6. Anyone who doesn't do this will be fired.
  • 24.
    Who’s using it? •Lot’s (if not most) start-ups • Scale-ups to (at least) deploy test environments • Bigger companies (but not for everything and not a majority yet)
  • 25.
    Blackboard We want tofocus on delivering excellent educational applications to our customers, not maintaining data centers Opening up new data centers in some of the global markets where we’re looking to expand would typically cost roughly $1 million for each data center.Leveraging AWS Availability Zones, we can deliver a high level of reliability and redundancy as we enter each new market.
  • 26.
    SunCorp Australian financial services company complexand expensive IT environment to support 14 brands and 4 lines of business in 5 countries. adopted a culture of innovation to re-imagine the IT landscape Plans to move 2000 applications to the cloud https://www.youtube.com/watch?v=z1b-E1LIfeM
  • 27.
    Capital One #9 bankof USoA 755 branches, 2000 ATMs, three countries (USA, UK, Canada) 2014 8 datacenters, 2016 5, 2018 3 Velocity, Elasticity, Availability, Breadth & depth of the platform, talent attraction, security(!) https://www.youtube.com/watch?v=0E90-ExySb8
  • 28.
    Ticket Master 26 millionunique visitors every month credits the AWS Cloud's ease of use on-demand pricing, MarketShare also estimates that it reduces costs by over 80% annually, compared to fixed service costs saving time, money and providing a superior solution that is flexible, secure and scalable.
  • 29.
    UbiSoft millions of globalgamers deploys updates in minutes automatically scale to support large traffic spikes Increases competitiveness through speed and agility
  • 30.
  • 31.
    The AWS Cloudoperates 44 Availability Zones within 16 geographic Regions around the world, with announced plans for 17 more Availability Zones and six more Regions in Bahrain, China, France, Hong Kong, Sweden, and a second AWS GovCloud Region in the US.
  • 32.
    The AWS Cloudoperates 44 Availability Zones within 16 geographic Regions around the world, with announced plans for 17 more Availability Zones and six more Regions in Bahrain, China, France, Hong Kong, Sweden, and a second AWS GovCloud Region in the US. a separate geographic area. Examples: EU West US East Canada Region Available Services vary per region Each region has multiple, isolated locations known as Availability Zones. Examples: us-east-1a eu-west-2b Availability Zone 1. At least 2 AZs per region 2. Multiple DCs per AZ 3. 50000 to 80000 physical servers 4. AZs in same region connected by multiple wires (in different ditches!) 5. NY-LA roundtrip = 74ms Where end users access services located at AWS Edge Location 1. in most of the major cities around the world 2. CloudFront CDN
  • 33.
    James Hamilton 2014AWS re:invent
  • 34.
    James Hamilton 2014AWS re:invent
  • 35.
    James Hamilton 2014AWS re:invent
  • 36.
    James Hamilton 2014AWS re:invent
  • 37.
    James Hamilton 2014AWS re:invent
  • 38.
    What can youdo on AWS?
  • 39.
    Some Cool Stuff thatyou won’t be really needing soon
  • 40.
    Snowball e week toupload your data to AWS using the spare capacity of your existing Internet connectio
  • 41.
  • 42.
    Some Cool Stuff thatyou will end up using a lot
  • 43.
    EC2 - VirtualServers in the Cloud - unlimited compute power (after lifting soft limit of 20 instances) - Linux, Windows whatever fits your needs Elastic Beanstalk - Application Container - Platform to deploy web applications (Java, NodeJS…) - Scaling is super automatic Lambda - Serverless unlimited compute power - Extremely easy to deploy EC2 Container Registry & Service - Store, retrieve, run and manage docker stuff
  • 44.
    S3 - ScalableStorage in the Cloud - virtually unlimited cloud storage - Linux, Windows whatever fits your needs Glacier - Low-Cost Archive Storage in the Cloud - low-cost storage service - provides secure and durable storage for data archiving and backup. - Network connected drives available to EC2 instances Amazon Elastic Block Store (EBS) - EC2 Block Storage Volumes All are elastic and pay-as-you-go
  • 45.
    Elasticache - deploy,operate, and scale an in-memory data store or cache - Redis, MemCached - Serverless - up in minutes and easy to use and manage DynamoDB - NoSQL database service RDS - Relational Database Service - Up in minutes, easy to manage and backup/restore - Resizeable on demand - Postgresql, MySQL, MS SQLServer, Oracle - Clustering and encryption are a matter of checking boxes
  • 46.
    VPC - VirtualPrivate Cloud - Create -virtual- network segments - Secure network segments - Protect resources - Manage Availability zones - Serverless - up in minutes and easy to use and manage CloudFront Route53 - DNS Elastic Load Balancing
  • 47.
    Game Development - GameLift:managed service for deploying, operating, and scaling dedicated game servers for session-based multiplayer games. - Lumberyard: game engine deeply integrated with AWS and Twitch Analytics - Elasticsearch, hadoop, Kinesis (streaming data)…….. - Redshift: affordable peta byte scale DWH Artificial Intelligence - LEX: automatic speech recognition (ASR) and natural language understanding (NLU) - Poly: turns text into lifelike speech. - Recognition: makes it easy to add image analysis to your applications. - Machine learning, deep learning, tensor flow… - Shield (DDoS protection), WAF, CloudHSM…………… - Amazon inspector: automated security assessment service Security, Identity & Compliance
  • 48.
    AWS Cognito Add usersign-up, sign-in, and data synchronization to your apps
  • 49.
  • 50.
  • 51.
  • 52.
    Poly So, who’s thedude with the beard?
  • 53.
  • 54.
    Region 2 e.g. US-EAST-1 Region1 e.g. EU- CENTRAL-1
  • 55.
    Region VPC Availability Zone aAvailability Zone b Public Subnet Public Subnet Private SubnetPrivate Subnet
  • 56.
    Availability Zone Private Subnet Autoscaling Group PublicSubnet ELB EC2 EC2 EC2 EC2 EC2 Multi AZ RDS
  • 57.
  • 58.
    A lot ofwork, right?
  • 59.
  • 62.
  • 65.
    Literally 10 minuteslater… Load balanced Word Press environment
  • 67.
  • 68.
    Update environment? 1. UpdateCloudFormation template 2. apply it 3. AWS CloudFormation will determine changes and apply them
  • 69.
  • 70.
  • 71.
    Deletes EC2 instances DeletesDB instances Deletes all it created Deletes NAT instances
  • 72.
  • 73.
  • 74.
    AWS cmd line& admin APIs “The mandate” also drove AWS to offer the administration tasks of all the services they offer through APIs from the ground up. Which allows you and me to easily interact with any of their services CloudFormation and the other tools are a good start but all very low-level
  • 75.
    Best Practices AWS Well-ArchitectedFramework General Best Practices • Stop guessing your capacity needs • Test systems at production scale • Automate to make architectural experimentation easier • Allow for evolutionary architectures • Data-Driven architectures • Improve through game days
  • 76.
    Best Practices AWS Well-ArchitectedFramework Security Reliability Performance Efficiency Cost Optimization Operational Excellence • Apply security at all layers • Enable traceability • Implement a principle of least privilege • Focus on securing your system • Automate security best practices • Test recovery procedures • Automatically recover from failure • Scale horizontally to increase aggregate system availability • Stop guessing capacity • Manage change in automation • Democratize advanced technologies • Go global in minutes • Use serverless architectures • Experiment more often • Mechanical sympathy • Adopt a consumption model • Benefit from economies of scale • Stop spending money on data center operations • Analyze and attribute expenditure • Use managed services to reduce cost of ownership • Perform operations with code • Align operations processes to business objectives • Make regular, small, incremental changes • Test for responses to unexpected events • Learn from operational events and failures • Keep operations procedures current http://d0.awsstatic.com/whitepapers/architecture/AWS_Well-Architected_Framework.pdf
  • 77.
    Impediments for cloudadoption? Legacy Governance Security & Regulations
  • 78.
    Security & Regulations It’snot the cloud that is inherently insecure, it’s people who are often too lazy to secure or are even unconscious of the risks. https://www.upguard.com/breaches/cloud-leak-accenture
  • 79.
    Clouds can besecured Clouds can be heavily secured & changes can be monitored automatically by -for instance- AWS Config
  • 80.
    Security is cheapin the cloud (1/2) Using cloud formation it takes minutes to set this up…
  • 81.
    Security is cheapin the cloud (2/2) • Encrypting disks, databases, connections is almost as easy as checking a box • Requiring Multi-Factor Authentication is also a breeze. —> Security is no longer (if it ever was) an excuse…
  • 82.
    The belgian bankregulator • Since 2012 the Belgian bank regulator allows banks to go to the cloud. It is considered the same as any other form of out-sourcing • AWS is complying with many regulations and standards, more so than many companies with their own IT staff.
  • 83.
    Governance • Many companiesare not ready to go to the cloud • They don’t understand the benefits of the cloud • Processes are designed based on the assumption that everything is managed in-house, because that is “easier” (it’s not) —> Processes must be adapted, people need to be trained
  • 84.
    Legacy • Millions oflines of code run on old technology that is all but cloud ready (let alone cloud right) • Migrating legaly is indeed a 🤕
  • 85.
    Is this theend of IT departments? At one time, large organizations needed another type of CEO - the Chief Electricity Officer. Before there was an accessible and reliable grid to plug into, organizations that needed electricity employed a CEO. They became extinct over 100 years ago… (But now that electricity is becoming more expensive again, they might make a come back and the Chief Renewable Energy Officers)
  • 86.
    it comes tomanaging the infrastructure, but you still need your own team in place to handle it. The velocity with which new services and functionalities keep tumbling out of the cloud service providers’ cupboards is so high due to the constant evolving nature of the underlying technologies, that the learning curve is quite steep. For example, Amazon Web Services added https://1reddrop.com/2017/03/08/gartner-publishes-magic-quadrant-managed-cloud-service-providers/
  • 87.
    Something worth getting,if only for your personal development! Prepare yourself Get and AWS Certificate
  • 88.
    And then justenjoy the view 😉
  • 89.
    Links • Patterns: http://www.cloudpatterns.org/ • AWS: http://aws.amazon.com •AWS Architecture https://aws.amazon.com/architecture/well-architected/ • AWS Reinvent Live Streams https://aws.amazon.com/blogs/security/register-for-aws-reinvent-2017-live-streams/ • AWS Videos (many of the Reinvent videos!) https://www.youtube.com/user/AmazonWebServices • AWS on Slideshare https://www.slideshare.net/AmazonWebServices