This document summarizes an e-commerce and cloud computing presentation. It discusses how cloud platforms provide flexibility, cost savings, speed, and scalability for online retailers. Specific AWS services that are useful for e-commerce like Route53, CloudFront, ELB, RDS, and OpsWorks are also covered. The presentation concludes with estimated costs and performance metrics for hosting a Magento-based online store on AWS.

1. +
E-commerce: Architetture resilienti
con il Cloud Computing per le
vendite online
Fabio Cecaro - VMEngine s.r.l.
SMAU Napoli 2017 - 15 dicembre - ore 12.00

2. Why eCommerce & Cloud Computing
■
Trust (AWS,Windows Azure,Google App Engine,Salesforce)
■
Cloud-based Platforms Give Retailers Global Flexibility:
Global Expansion
■
Cost Savings: Cloud Computing Helps Cut Costs, Boost Profits,
Pay-as-you-go model, Customer Focus
■
Speed: Proof of Concept
■
Scalability: From 1 to N and N to 1 servers in a matter of minutes
■
Security and reliability: firewalling, encryption, certifications,
compliance, backup, disaster recovery
■
Mobility: Native Cloud Services for Mobile Apps

3. VMEngine
■
VMEngine works with Cloud Computing from the fundation in
2008; was founded with the mission to work with the
Infrastructures of Cloud Computing.
■
VMEngine become consulting partner AWS in 2011 and reseller
in 2016

4. Our References

5. more

6. The technologies that we use

7. Amazon Web Services
AWS provides a highly reliable, scalable, low-cost infrastructure
platform in the cloud that powers hundreds of thousands of
businesses in 190 countries around the world.
Benefits:
■
Low Cost
■
Elasticity & Agility
■
Open & Flexible
■
Secure
■
Global Reach

8. What distinguishes AWS
?■
Building and managing cloud since 2006
■
110+ services to support any cloud workload
■
History of rapid, customer-driven releases
■
16 regions, 44 availability zones, 101 edge locations
■
62 proactive price reductions to date
■
Thousands of consulting/system integrator & technology partners
■
Service SLAs between 99.9% and 100% availability. Amazon S3
is designed for 99.999999999% durability.
■
Availability Zones exist on isolated fault lines and electrical grids
to substantially reduce the chance of simultaneous failure.
■
The AWS Service Health Dashboard provides 24/7 visibility in the
real-time operational status of all services around the globe.

9. AWS Global Infrastructure - Region & AZ
Regione e numero delle
zone di disponibilità
Nuova regione
(disponibile a breve)
Stati Uniti orientali
Virginia settentrionale (6), Ohio (3)
Stati Uniti occidentali
California settentrionale (3), Oregon (3)
Asia Pacifico
Mumbai (2), Seul (2), Singapore (2), Sydney (3), Tokyo (3)
Canada
Centrale (2)
Cina
Pechino (2)
Europa
Francoforte (3), Irlanda (3), Londra (2)
Sud America
San Paolo (3)
AWS GovCloud (US-West) (2)
Bahrein
Cina
Francia
Hong Kong
Svezia
AWS GovCloud (US-East)

10. AWS Global Infrastructure - Edge

11. AWS Security e Compliance
Infrastructure Security:
WAF, VPC, Network ACLs, Security Groups
DDoS Mitigation:
Shield, Route53, CloudFront, AutoScale
Data Encryption:
Inventory and Configuration:
Inspector, Config, Cloudformation
Monitoring and Logging:
CloudTrail, CloudWatch
Identity and Access Control:
IAM, Multi-Factor Authentication, Directory Service
Penetration Testing:

12. AWS Accreditations & Certifications

13. AWS Shared Responsability Model

14. AWS Encryption
Protecting data in-transit and at-rest
Encryption In-Transit Encryption At-Rest

15. PCI-DSS requirements for Magento
■
Build and Maintain a Secure Network
REQUIREMENT 1: Install and maintain a firewall configuration to protect cardholder data
REQUIREMENT 2: Do not use vendor-supplied defaults for system passwords and other
security parameters
■
Protect Cardholder Data
REQUIREMENT 3: Protect stored cardholder data
REQUIREMENT 4: Encrypt transmission of cardholder data across open, public networks
■
Maintain a Vulnerability Management Program
REQUIREMENT 5: Use and regularly update anti-virus software
REQUIREMENT 6: Develop and maintain secure systems and applications
■
Implement Strong Access Control Measures
REQUIREMENT 7: Restrict access to cardholder data by business need-to-know
REQUIREMENT 8: Assign a unique ID to each person with computer access
REQUIREMENT 9: Restrict physical access to cardholder data
■
Regularly Monitor and Test Networks
REQUIREMENT 10: Track and monitor all access to network resources and cardholder data
REQUIREMENT 11: Regularly test security systems and processes
■
Maintain an Information Security Policy
REQUIREMENT 12: Maintain a policy that addresses information security

16. AWS Standardized Architecture for PCI
DSS

17. AWS Services for the eCommerce
Route53 - Health Checks, Weighted Round Robin, Least Latency,
Failover Routing
CloudFront - Edge Location, WAF, Query String Parameters,
Configurable Expiration Protocol
ELB - Balancing layer 4-7, H.A., TLS Termination
EC2
RDS - Failover, Restore Point in Time Recovery (5 min), Retention
Period max 8 days, Read Replicas Cross Regions
ElastiCache - Memcached, Redis, Clustering
ElasticFileSystem
AutoScale
CodeDeploy
OpsWorks

18. AWS Route53
Health Check and Failover Latency Based Routing

19. AWS CloudFront
Service Components
■
Distributions
■
Origins
■
Behaviors
■
Restrictions, Error Pages, Tags
■
AWS WAF Web ACLs
■
Edge Locations
■
Price Classes

20. AWS ELB
High Availability Health Checks
TLS Termination
Security Features
Layer 4 or Layer 7 Load Balancing Operational Monitoring

21. AWS RDS
AWS Managed Service
■
MySQL
■
MariaDB
■
PostgreSQL
■
Oracle
■
SQLServer
■
Amazon Aurora
Simply
Administration
Rapidly
High Scalability Availability &
Durability
Secure
Costs

22. AWS OpsWorks
AWS OpsWorks is a configuration management service that helps you
build and operate highly dynamic applications, and propagate changes
instantly.
With AWS OpsWorks you can create your PaaS DevOps Solutions.
■
OpsWorks Stack (Chef 11 & Chef 12)
■
Chef Automate
■
Puppet Enterprise

23. AWS CodeDeploy
Core Service of AWS Developer Tools:
■
CodeCommit
■
CodeBuild
■
CodeDeploy
■
CodePipeline
■
CodeStar
■
X-Ray

24. Architectural Patterns for the eCommerce

25. Our architectures for Magento
Our CookBook:
17019 Rows of
Chef Ruby code

26. Our Numbers, SLA e Results
■
A total of around 70 millions € of sales volumes per year,
managed by our AWS infrastructures.
■
In a single eCommerce we have 18 millions of sales, with
an expense in AWS of 1200€/month.
■
4260 requests per minute on our Balancers for the
eCommerce platforms.
■
An expense in AWS for all our eCommerce, of around
200k€ per year
■
Availability SLA per year Max:99.98% - Min: 98.82%
■
Response Time Max:2,6s Min:0,09s

27. Magento Cost estimations
Depend on many factors, for example Store and Catalogue, Traffic and Bandwidth.
About Concurrency:
1. A standard Magento demo store is capable of delivering roughly 230 uniques per GHz, per hour.
2. A typical web store, with admin user activity, development activity, product addition/deletion can see
this degrade by around 100%, to 115 uniques per GHz, per hour.
3. A store with a poorly built/heavy template can further reduce the figure by another 100-200%, to 50
uniques per GHz, per hour.
For example, if we want to manage, using 2 and 3 scenario:
We need to spend around $1200/month on AWS infrastructure

28. Comparison Offers
AWS Price: $ 873.28

29. WE LIKE TO WORK WITH CLOUDS
MAY THE CLOUDS BE WITH YOU