Upload
vothuan
View
227
Download
0
Embed Size (px)
Citation preview
Expand Your Infrastructure with the Elastic
Cloud
Mark Ryland
Chief Solutions Architect
Jenn Steele
Product Marketing Manager
Background: How Came Amazon to Pioneer the Cloud?
• More than 10 years ago began an internal transition to a rich
services architecture
• Enabled engineering staff to focus on creating differentiated
value rather than re-creating undifferentiated “stuff”
• Recognized enormous value to all organizations
• Amazon Web Services launched in 2006
Perspective on Scaling
Each day Amazon Web Services adds enough new
capacity to support all of Amazon.com’s global
infrastructure through the company’s first 5 years, when
it was a $2.76B annual revenue enterprise
S3 Scales…
Total Number of Objects Stored in Amazon S3
2.9 Billion 14 Billion 40 Billion
102 Billion
262 Billion
762 Billion
Peak Requests:
750,000+
per second
1 Trillion
Q4 2006 Q4 2007 Q4 2008 Q4 2009 Q4 2010 Q4 2011 June 2012
Global Infrastructure US West x 2 (N. California and
Oregon)
US East (Northern
Virginia)
Europe
West (Dublin)
Asia Pacific
Region (Singapore)
Asia Pacific
Region (Tokyo)
8 AWS Regions and growing
30+ AWS Edge Locations for CloudFront (CDN) & Route 53 (DNS)
US GovCloud (US ITAR Region
-- Oregon)
LATAM (Sao Paola)
See http://aws.amazon.com/about-aws/globalinfrastructure/
Amazon EBS
Amazon EC2 Virtual Servers in the Cloud
Your Choice of Linux and Windows
Easy to Scale Up and Down
Amazon S3 High-Volume Storage in the Cloud
Designed for Durability and Scalability
Number of Objects You can Store is Unlimited
Hard Drive for Virtual Servers on EC2
Designed for High-Performance
You can Mount a Drive or Boot from EBS
Core Compute & Storage Services
An attorney walks into your office and says,
“I have 2 TB of documents and datasets coming over for
a high-profile case; we need to host them here. And we
need to do search and various kinds of analytics.”
Cloud Solutions
S3 object storage to ingest huge datasets
Pay-as-you-go basis
Upload via Internet or send hard disks to
Import/Expert Service
Copy to Elastic Block Storage if you need
“virtual disk drive” access from EC2
Lots of on-premise gateway solutions to make
it automatic
Cloud Solutions…
EC2 and Elastic Map Reduce for compute
and analytics workloads
Build and run Apache Lucene search clusters
CloudSearch for interactive sites
EMR: hosted Hadoop offerings (Apache and
MapR)
Hive, Hbase, Pig–the Hadoop family of
products
You need to implement a case management system on a
very tight timeline, but the hardware won’t be available for 8
weeks. How can you test it ASAP so that it’s not a disaster
when you roll it out?
Development & Test Environments
Easy to spin up compute, storage, and
database services
Developer workstations, too
Use CloudFormation to orchestrate
creation/evolution/deletion of entire
“stacks” of virtual capabilities
Classic elastic workload
No idle gear on Sunday afternoon
14
Your predecessor operated
IT under the “Big Bang
Theory,” where every 4
years they spend millions of
dollars on capex. It’s been 4
years since the last big
bang, and your
infrastructure is shaky at
best.
However, your management
says that they will NOT be
shelling out for a
replacement this year.
What can you do?
Building Your Firm’s Infrastructure
Create Virtual Private Cloud
Private IP address space with complete control over
subnets and routes
VPN to private on-premises network
Deploy compute, storage, database nodes
Deploy packaged product workloads
(SharePoint, Exchange, SAP/Oracle, etc.)
Integrate communication, web, and mobile apps
Send email with Amazon Simple Email Service
Zero capex – pay for what you use 16
Your disaster recovery plan was last updated during the
processor wars, and you’re pretty sure that the half rack of
1 GHz blades won’t cut it for your firm if a disaster strikes.
Your budget is limited, and your staffing is worse.
Do you have any options other than to hope that disaster
doesn’t strike?
Disaster Recovery / Continuous Operations
DR/COOP: another classic cloud workload
Build systems, then quiesce and pay only
storage costs
“Pilot light” systems (such as replicated
database) allow for faster cutover
AWS Storage Gateway creates EBS
snapshots from on-prem LUNs
18
Security & Compliance Resources
• Security & Compliance Center:
http://aws.amazon.com/security
• Security Overview & Best Practices
• AWS Risk & Compliance Whitepaper
• Creating HIPAA Compliant Applications
Hardware, Software & Network
• Systematic change management
• Phased updates deployment
• Safe storage decommission
• Continuous monitoring and self-audit
• Advanced network protection systems
Certifications and Accreditations
• FISMA Moderate Controls and GSA ATO
• DIACAP MAC III / Sensitive ATO
• SSAE 16 / ISAE 3402 / SOC1 (formerly
U.S. standard SAS-70 Type II); ISO 27001
• Payment Card Industry (PCI) DSS Level 1
• HIPAA applications certified on AWS
• ITAR region -- GovCloud
Physical
• Datacenters in nondescript facilities
• Physical access strictly controlled
• Must pass two-factor authentication at
least twice for floor access
• Physical access logged and audited
• Logical access logged and audited
Built to Enterprise & Gov’t Security Requirements
AWS Security: Isolation Models
AWS Direct
Connect
Amazon Virtual
Private Cloud (VPC)
Dedicated
Instances
Single Tenant
Physical Nodes
Dedicated, private, fast
Layer 2 connectivity
between your
datacenter and the AWS
cloud; no traffic on the
Internet (available in
some regions)
Create logically isolated
AWS subnets in the
AWS cloud and connect
them with your corporate
datacenter via a secure
VPN connection
Run your virtualized
operating systems and
apps in a “single tenant
per physical node”
model within the AWS
infrastructure
Internet
Network
Security Groups
Flexible, named network
access policy objects
attached to VMs,
dynamically updateable,
enforced by the
hypervisor
Internet
Pay Only for What You Use In
frastr
uctu
re C
ost
Time
Periodic Large
Capital Expenditures
Opportunity
Cost
Predicted
Demand
Traditional
datacenter
model
Actual
Demand
Cloud
Computing
Shortage:
Unable to serve
customers
Low Cost
“A shift to cloud computing creates an opportunity for many organizations
to realize efficiencies not possible with their existing IT infrastructure.”
Invest in Capital
Invest in Technology
Improve Efficiency
Reduce Prices
Attract More Customers
Scale & Innovation … … Drive Costs Down
Feb 07, 2012: S3 price drops in all regions and at all lower tiers
March 07, 2012: EC2 and RDS price drops in all regions
Self-Service Infrastructure
On-Premise
Build new environments can
be complex and slow
Cloud Computing
New infrastructure is always a
few clicks away
New Development Environment
New Test Environment
New Environment in Japan
Add 1,000 Servers
Remove 1,000 Servers
Needs Survey Assess
Plan Design Engineer
Procure Construct Commission
Deploy
Source: PTS Data Center Solutions