Cloud: Session 4: Sugar on Amazon Web Services

602 views

Published on

One of Sugar's strongest advantages is the flexiblity and choice customers have when evaluating where to host their instances. Learn in this session the true differences between the alternatives, when they make sense - and when they don't. Explore real-world examples of how companies have extended beyond self-hosting and Sugar On-Demand alternatives into a fully flexible and powerful Amazon Web Services infrastructure.

Published in: Technology, Business
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
602
On SlideShare
0
From Embeds
0
Number of Embeds
4
Actions
Shares
0
Downloads
11
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide
  • we ’ re not sugar nor amazon
  • Not all Cloud-based solutions address these issues
  • Examining AWS, you ’ ll see that the same security isolations are employed as would be found in a traditional datacenter. These include physical datacentre security, separation of the network, isolation of the server hardware, and isolation of storage. AWS customers have control over their data: they own the data, not us; they can encrypt their data at rest and in motion, just as they would in their own datacenter.   Amazon Web Services provides the same, familiar approaches to security that companies have been using for decades. Importantly, it does this while also allowing the flexibility and low cost of cloud computing. There is nothing inherently at odds about providing on-demand infrastructure while also providing the security isolation companies have become accustomed to in their existing, privately-owned environments. AWS is a secure, durable technology platform with industry-recognized certifications and audits: PCI DSS Level 1, ISO 27001, FISMA Moderate, HIPAA, SAS 70 Type II. Our services and data centers have multiple layers of operational and physical security designed to protect the integrity and safety of your data. Visit our Security Center to learn more http://aws.amazon.com/security/ . Certifications and Accreditations: AWS has successfully completed a SAS70 Type II Audit, and will continue to obtain the appropriate security certifications and accreditations to demonstrate the security of our infrastructure and services. PCI DSS: We finalized our 2011 PCI compliance audit, publishing our extensive Report on Controls (ROC) with an expanded scope. Our new November 30, 2011 PCI Attestation of Compliance, a document from our auditor stating we are compliant with all 12 PCI security standard domains, is available now for customers considering or working on moving PCI systems to AWS. The new Attestation of Compliance document includes some key changes this year: This year we ’ ve added RDS, ELB, and IAM as in-scope services. The addition of these services is fantastic news for PCI customers since they can now leverage RDS to store cardholder and transaction data, use ELB to manage card transaction traffic, and rely on IAM features as validated control mechanisms that satisfy PCI security standard requirements. Consistent with last year, EC2, S3, EBS, and VPC continue to be in scope.   Physical Security: Amazon has many years of experience in designing, constructing, and operating large scale data centers. AWS infrastructure is housed in Amazon-controlled data centers throughout the world. Only those within Amazon who have a legitimate business need to have such information know the actual location of these data centers, and the data centers themselves are secured with a variety of physical barriers to prevent unauthorized access. Secure Services: Each of the services within the AWS cloud is architected to be secure and contains a number of capabilities that restrict unauthorized access or usage without sacrificing the flexibility that customers demand. Data Privacy: AWS enables users to encrypt their personal or business data within the AWS cloud and publishes backup and redundancy procedures for services so that customers can gain greater understanding of how their data flows throughout AWS. “ In essence, the security system of AWS ’ s platform has been added to our existing security systems. We now have a security posture consistent with that of a multi-billion dollar company. ”  - Jim Warren, CIO, Recovery Accountability and Transparency Board (RATB)
  • leverage that in zero time
  • On demand, on-off services
  • Instances: Standard vs Spot vs Reserved
  • instance types other factors (IOs, included storage) clusters offer added growth paths
  • Only paying for running instances Real-time Monitoring combine them in VPCs: connected via an internal network
  • immediate deploying, backup-ing, restoring. priceless for partners
  • Real-time Monitoring
  • Alarms
  • immediate resizing
  • immediate resizing don ’t ask me how to do it in the realworld. Feels like cheating.
  • leverage geographies
  • Cloud: Session 4: Sugar on Amazon Web Services

    1. 1. C lo u dSugar on Amazon Web Services
    2. 2. JOSE MALDONADO EXECUTIVE MANAGERPALMTREE CONSULTING 04/18/12 ©2012 SugarCRM Inc. All rights reserved. 2
    3. 3. AGENDA P l t e o sl g a r C n u in me t A ao a dA S m zn n W T e‘Co d h l ’u S g rR u aC M S g r e l m n O t n - W y o e eo dS D u a D po e t pio s h M v B y n O y Co dC ae g s lu h ln e l H w W w rs o A S okTweet: #SCON12 04/18/12 ©2012 SugarCRM Inc. All rights reserved. 3
    4. 4. PALMTREE CONSULTING I ‘P r r a c M n g m n’ s c 2 0 n ef m n e a a e e t in e 0 4 o C n u in a dT c n l y B/A C M B C o s l g n e h o g in I , R , S , t o B PoitPa n g If srcue E rf, l in , nr t tr, A n a u S g r R G l P r e, P Bm m e u aC M o at r A e b r d n IMPe ie P r e B rm r at r n A ao A SS l io Po id r m z n W o t n rv e u O h r ( ico otS id rE C H , L n v , ... ) tesM rs f p e, M , P e o o ,Tweet: #SCON12 04/18/12 ©2012 SugarCRM Inc. All rights reserved. 4
    5. 5. AMAZON  R til tr B s es ea/ oe u in s S  Pafr fr e d r l om o vn os t  Amazon Web Services: IaaSGartner “Magic Quadrant for Public Cloud Infrastructure a Service,” Lydia Leong, Ted Chamberlin, December 8, 2011. This Magic Quadrant graphic was published by Gartner, Inc. as part of a largerresearch note and should be evaluated in the context of the entire report.. The Gartner report is available upon request from Steven Armstrong (asteven@amazon.com). Gartner does not endorse anyvendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings. Gartner research publications consist of theopinions of Gartners research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including anywarranties of merchantability or fitness for a particular purpose. Tweet: #SCON12 04/18/12 ©2012 SugarCRM Inc. All rights reserved. 5
    6. 6. THE CLOUD SaaS, IaaS, PaaS N uf nC px o pr t a e o P y o w a y uu e a- o -g ) a fr h t o s ( sy u o S lS ric e - ev e f S a u a dd w cl p n o n e I po e A il (im -t-m re, m rvd git t e o ak t y rs o s) ep n e Tweet: #SCON12 04/18/12 ©2012 SugarCRM Inc. All rights reserved. 6
    7. 7. SUGARCRM Most Cloud-Friendly CRM KEY COMPETITIVE ADVANTAGE: Multiple deployment options Simultaneous Environments Tweet: #SCON12 04/18/12 ©2012 SugarCRM Inc. All rights reserved. 7
    8. 8. SUGARCRM Sugar On External Cloud On Premise Demand (AWS) Full Control of ✔ ✘ ✔ Environment Code level ✔ ✘ ✔ Customizations DB Access ✔ ✘ ✔ On Demand ✘ ✔ ✔ Scalability Admin. Automation (backups, ✘ ✔ ✔ maintenance..) Flattened, ✘ ✔ ✔ Predictable Costs Self-Service Portal ✔ ? ✔Tweet: #SCON12 04/18/12 ©2012 SugarCRM Inc. All rights reserved. 8
    9. 9. When to Move Beyond Sugar On Premise S Dm k s L To sn e (n l e $ ) O a e A O f e s. Ic d d $ u T YI O T R T U! F re S h d lgC o J b (o c m a n ) og t c e u / rn o sfr a p ig s in A o /iso t u inrs u tr c ss v idD c nin e f t cue o t ar G inCo dB n fs a l u e eit  N uf nC px o pr t a e o  P yo wa yu s ( syug ) a f h to uea- o - o r  S l ev e e- r fS ic Sugar On External S a u a dd w cl p n o n e On Premise  Demand Cloud (AWS) I poe A il m rvd git y Full Control of  Environment ✔ ✘ ✔ Code level ✔ ✘ ✔ Customizations DB Access ✔ ✘ ✔ On Demand ✘ ✔ ✔ Scalability Admin. Automation ✘ ✔ ✔Tweet: #SCON12 (backups, maintenance..) Flattened, 04/18/12 ©2012 SugarCRM Inc. All rights reserved. 9
    10. 10. When to Move Beyond Sugar On Demand S Dm k s L To sn e (n l e $ ) O a e A O f e s. Ic d d $ u N e m r c nrl e d oe o t without l in Co dB n fs o o g l s u e eit C s m aio R q irm ns u t izt n e u e e t o S AR q irm ns L e ue et C m ln eR q irm ns o pia c e u e e t Sugar On External On Premise Demand Cloud (AWS) Full Control of ✔ ✘ ✔ Environment Code level ✔ ✘ ✔ Customizations DB Access ✔ ✘ ✔ On Demand ✘ ✔ ✔ Scalability Admin. Automation ✘ ✔ ✔Tweet: #SCON12 (backups, maintenance..) Flattened, 04/18/12 ©2012 SugarCRM Inc. All rights reserved. 10
    11. 11. Perceived Challenges in Cloud I om t nS c ry n r aio e uit f I e rt n n gaio t “J bS c ry o e uit” N t L Co db sds l io s r sc r o A L l - ae o t n ae e ue u u N t L Co db sds l io s tgae o A L l - ae o t n ine rt u u N t L Co db sds l io s e y uk e y u o A L l - ae o t n h l o e p o r u u p j obTweet: #SCON12 04/18/12 ©2012 SugarCRM Inc. All rights reserved. 11
    12. 12. Information Security - AWSTweet: #SCON12 04/18/12 ©2012 SugarCRM Inc. All rights reserved. 12
    13. 13. AWSTweet: #SCON12 04/18/12 ©2012 SugarCRM Inc. All rights reserved. 13
    14. 14. AWS - Multifactor Authentication Virtual Key (Smartphone app, iPhone /Android / Blackberry / Windows) Physical token Tweet: #SCON12 04/18/12 ©2012 SugarCRM Inc. All rights reserved. 14
    15. 15. Real World Example - GM K y l e inA t in u t W r w e e Pa r uo d s y ol id y r d Sa d rizd u if dI p ly tn ad e , n ie T o ic L c l o m ia R g n( rz) Go a( h n h i) o a( l b ) e io Bail l l a g a C o , , b S A tm tdts : M Ae S C R uo ae et c fe E U E s M n ats : S h d l M n aP n t t nT ss a u l t c e u d a u l e er io et es e aTweet: #SCON12 04/18/12 ©2012 SugarCRM Inc. All rights reserved. 15
    16. 16. Real World Example - GM S g r nD m n u a O e ad uc a nl r e in irc yt e fl d ete h l u p I po es fom lin n rc s o fr a g iz A S W B t r tr gp in et s t e a in o t A te v l m n - S ae rs o s il civ in o e e t h rd ep n ibit v y B l ea in A S tec m l e f r p e r ye rg g W , h o p t of a p as v e e E trr e e d nepis-R a yTweet: #SCON12 04/18/12 ©2012 SugarCRM Inc. All rights reserved. 16
    17. 17. Integration S g r nD m n u a O e ad F til l fs a e W bS ric s ae c n e tr e ev e -b sd o n cos A S W F til l fs a e W bS ric s ae c n e tr e ev e -b sd o n cos Database -based connectors (Most ETLs) Code -based connectors (Custom)Tweet: #SCON12 04/18/12 ©2012 SugarCRM Inc. All rights reserved. 17
    18. 18. Real World Example - GM AWS allowed us to create custom ETL tool (based on OS Kettle). (cheating). Migrating towards IBM ETL tech Take advantage of multiple environments: Data crunching on site, then push to Cloud Try IBM’s Cast Iron!Tweet: #SCON12 04/18/12 ©2012 SugarCRM Inc. All rights reserved. 18
    19. 19. Job Security?  AWS: How it works  Web Interface  Third-Party Services (BitNami)  API tools  Don’t fix, replaceTweet: #SCON12 04/18/12 ©2012 SugarCRM Inc. All rights reserved. 19
    20. 20. AWSTweet: #SCON12 04/18/12 ©2012 SugarCRM Inc. All rights reserved. 20
    21. 21. AWSTweet: #SCON12 04/18/12 ©2012 SugarCRM Inc. All rights reserved. 21
    22. 22. AWSTweet: #SCON12 04/18/12 ©2012 SugarCRM Inc. All rights reserved. 22
    23. 23. AWSTweet: #SCON12 04/18/12 ©2012 SugarCRM Inc. All rights reserved. 23
    24. 24. AWS EC2 Instance types HM High Memory QXLarge HM 68Gb 2XLarge 26 ECU HM 32Gb XLarge 13 ECU 17Gb 6.5 ECU XLarge 15GbMemory Clusters Large 8 ECU 7.5Gb HC XL Medium 4 ECU 7Gb Small 3.7Gb HC Med 20 ECU 1.7Gb 2 ECU 1.7Gb 1 ECU 5 ECU Micro 633Mb High CPU 2 ECU Tweet: #SCON12 CPU (1 ECU ≈ 1.2 - 1.7 Ghz Xeon 2007) 04/18/12 ©2012 SugarCRM Inc. All rights reserved. 24
    25. 25. AWSTweet: #SCON12 04/18/12 ©2012 SugarCRM Inc. All rights reserved. 25
    26. 26. AWSTweet: #SCON12 04/18/12 ©2012 SugarCRM Inc. All rights reserved. 26
    27. 27. AWSTweet: #SCON12 04/18/12 ©2012 SugarCRM Inc. All rights reserved. 27
    28. 28. AWSTweet: #SCON12 04/18/12 ©2012 SugarCRM Inc. All rights reserved. 28
    29. 29. AWSTweet: #SCON12 04/18/12 ©2012 SugarCRM Inc. All rights reserved. 29
    30. 30. AWSTweet: #SCON12 04/18/12 ©2012 SugarCRM Inc. All rights reserved. 30
    31. 31. AWSTweet: #SCON12 04/18/12 ©2012 SugarCRM Inc. All rights reserved. 31
    32. 32. AWSTweet: #SCON12 04/18/12 ©2012 SugarCRM Inc. All rights reserved. 32
    33. 33. AWSTweet: #SCON12 04/18/12 ©2012 SugarCRM Inc. All rights reserved. 33
    34. 34. AWSTweet: #SCON12 04/18/12 ©2012 SugarCRM Inc. All rights reserved. 34
    35. 35. AWSTweet: #SCON12 04/18/12 ©2012 SugarCRM Inc. All rights reserved. 35
    36. 36. Real World Example - GM  Multiple environments based on task  Dynamic resizing based on cycle stage  Paying only for large infrastructure when Instance scales for needed massive CPU tasks (behavior) data sentEvery month data consolidated at onsite to AWS100+ dealers send info development/test instance Back to normal for standard consumption Tweet: #SCON12 04/18/12 ©2012 SugarCRM Inc. All rights reserved. 36
    37. 37. Job Security? Uptime in no time Streamline licensing costs (OS, DB) Hassle free backup, restore, replicate Covered on Security and Integration (Cloud issues) Real-time monitoring and resizing Scale with high-end features (Load Balancing, VPC, etc) Leverage Sugar’s deployment options Be a hero with your Sugar deployment!Tweet: #SCON12 04/18/12 ©2012 SugarCRM Inc. All rights reserved. 37
    38. 38. Submit Session Feedback S e le c t th e S u garC o n M o b ile Ap p : T po tis es n a n h ssio T po s re a n uvy S b it o re d a k u m y u fe b c*Pizso a e d e wosb it es n ed ak s gte o ilA p re f t n es h u m ssio f b c uin h M be p rt e 04/18/12 ©2012 SugarCRM Inc. All rights reserved. 38
    39. 39. #S C O N 1 2 04/18/12 ©2012 SugarCRM Inc. All rights reserved. 39

    ×