aws summit tel aviv - enterprise track - enterprise apps and hybrid

AWS Summit 2013 Tel Aviv Oct 16 – Tel Aviv, Israel

Enterprise Applications

and Hybrid Environments

on AWS

Jean-Pierre Le Goaller

Agenda

1. Datacenter Capacity Extension

2. Connection to AWS

3. Development & Test

4. Customer Testimonial: Gonen Wilf @ LivePerson

5. Enterprise Workloads

Oracle

SAP

Microsoft

6. Need help?

7. Conclusion

EXTENDING

THE ENTERPRISE

DATA CENTER ●○○○○○

Corporate

Data Center

Corporate

Data Center

Capacity increase request

Corporate

Data Center

Approvals

Vendor Selection

Negotiation

Procurement

Provisioning

Configuration

Request

Availability

Corporate

Data Center

A few months later…

Corporate

Data Center

Project X Potential impact: UNCERTAIN

Cost of infrastructure: HIGH

Infrastructure Request For New Project

Corporate

Data Center

In Corporate Data Center

Project X Potential impact: UNCERTAIN


Denied

Corporate

Data Center

Project X Approved for POC

Starts immediately

On AWS

Corporate

Data Center

Project X POC Completed

On AWS

Corporate

Data Center

Project Y Potential impact: HIGH



Corporate

Data Center

Project Y Potential impact: HIGH


Denied or

Delayed by 3 months


Corporate

Data Center

Project Y Approved

Starts immediately

On AWS

Corporate

Data Center

Project Z Potential impact: HIGH

Cost of infrastructure: LOW

Nature: Temporary


Corporate

Data Center

Project Z Potential impact: HIGH

Cost of infrastructure: LOW

Nature: Temporary

Approved

Delayed by 3 months


Corporate

Data Center

Project Z Approved

Starts immediately

On AWS

Corporate

Data Center

Project Z Completed

On AWS

Corporate

Data Center

Project Z Capacity Released

On AWS

ELASTIC

INFRASTRUCTURE FLEXIBLE, ON-DEMAND

Corporate

Data Center

Private Cloud -> Customer-owned IaaS

Corporate

Data Center

Private Cloud Capacity Management

Corporate Data

Center

GETTING

CONNECTED

TO AWS BUILDING A SECURE, RELIABLE LINK TO AWS

●●○○○○○

Amazon VPC VIRTUAL PRIVATE CLOUD

MANAGE YOUR OWN NETWORK IN THE CLOUD

Amazon VPC gives you the ability to…

• Define a virtual network where you launch your AWS resources

• Have complete control over:

• IP Address ranges, Subnets, Routes, Gateways and Security

settings

• Securely connect your Amazon VPC to your existing datacenters and offices

• Use AWS as an extension of your corporate data center

Availability Zone A Availability Zone B


Subnet 1 Subnet 2


10.0.0.5 10.0.0.6 10.0.1.8

10.0.1.9

Public

Subnet

Internet

Internet facing systems Assert control over networking layer

Private

Subnet

VPN

Internal facing systems Accessible only over VPN – access to

internet over corporate connection

Public

Subnet

Private

Subnet

VPN

Internet

Public

Subnet

Private

Subnet

VPN

Public

Subnet

Private

Subnet

Internet

AWS DATA CENTER

AWS DATA CENTER

Router Router

IPSec tunnel via

statically-routed

or dynamically-

routed (BGP)

VPN

AWS

Router

Failover to

Secondary

Connection to

different

physical router

DATA CENTER

Router

Router

Router

AWS DATA CENTER

AWS Direct

Connect

Location

London • Dublin • New York • Los

Angeles •

Washington DC •

San Jose •

Singapore • Tokyo •

Sao Paulo • Sydney

AWS DATA CENTER

Dedicated

connection

Ethernet

transport

1 Gbps/10Gbps

ports

AWS Direct

Connect

Location

AWS DATA CENTER

AWS Direct

Connect

Location

Amazon Partner

Network

suppliers hook

up the last leg

AWS Direct

Connect

Location

AWS

Router

Router

Router

Router

DATA CENTER

AWS DATA CENTER

Fault tolerant

primary Direct

Connect routes

ROUTERS ROUTERS

AWS Direct

Connect

Location

AWS DATA CENTER

Fault tolerant

primary Direct

Connect routes

Backup internet

carried VPN

tunnel

ROUTERS ROUTERS

AWS DATA CENTER

End-to-End

Highly Available

Low Latency

Dedicated

Connection

1 or 10 Gbps

AWS DATA CENTER

AWS

Direct Connect

Location

Co-locate your

own hardware

requiring

minimal latency

to AWS

DEVELOPMENT & TEST Leveraging the agility of the cloud

●●●○○○○○

Source control

Leverage EC2 to run

popular source control

systems

Issue Tracking

Add integrated project

management and issue

tracking

Development Servers

Allow developers to

deploy and test their

code

Build servers

Use EC2 horsepower to

drive build servers and

continuous integration

Development environments

Source control

Issue Tracking

Development Servers

Build servers

Development environment software on EC2

Amazon EC2

Amazon EC2 Plugin

• Scale your Jenkins fleet with the load

• Can use spot instances

• Support for Amazon VPC

• Support for AWS IAM

(Identity and Access Management)

Unit & Regression

Scale up and parallel run

unit and regression plans

in a fraction of the time

Load & Performance

Utilize spot market for

generating load and test

how applications perform

A/B

Run A/B scenario testing

with replica stacks

Security

Create sandboxes for

aggressive security

testing

Testing environments

LOAD TESTING

Shell uses AWS to Develop Software Faster and Cheaper

Remote Team

Core

Development

Team

Extra

Development

Resources

Contractor Team

CUSTOMER

TESTIMONIAL

●●●●○○○

LivePerson and AWS

Gonen Wilf, Head of Production

Agenda

1. About LivePerson

2. The Challenge

3. Solution

4. Components and tools

5. Results

6. Wins

7. Lessons and tips

8,500

customers

Creating Meaningful Customer Connections

LivePerson is…

SaaS pioneer since 1998

Mission

Customers

Technology

Optimize Customer Acquisition & Reduce Bounce Rate

Live engagement for

lingering customer Rich multimedia to

drive sales closure

JVM heavy - Java & Scala

Private cloud based on openstack

Linux on commodity servers

Application Stack

13 TB per month 20 M

Engagements per month 1.8 B Visits per month

VOLUME

Data

The Challenge

1. R&D expanded globally

2. Provide teams with shared components for development

3. Development environment must reflect LP production environment

4. Provide high SLA for the dev environment

5. Solution must be quick and cost effective

6. Be able to support the next steps in Continuous Deployment

Build a global shared environment and have developers work locally on

their respective components

Solution

Solution

Create a hybrid cloud using AWS and Vagrant

1. Put the shared core components on AWS

2. Developers use virtualized env stretched from laptop to AWS

3. All shared core production components on AWS

4. VPC (offices) and VPN (mobile users) to AWS

5. Use LP Production building blocks & tools

Virtual Private Cloud

Solution: LP Global Development Environment

WEB

MSG

LDAP

WEB

TomCat

Oracle

DB

Shared Components at the Dev

Kafka

MySQL

Hadoop

VPN or

Direct Connect

LP TLV LP SFO

WEB App

MSG

VPN or

Direct Connect

Key Components

• Oracle DB

• Apache

• Tomcat

• MySQL

• F5 Viprion

• HP Vertica

• Cassandra

• Hadoop

• Kafka

• Storm

Monitoring Tools Infra Tools

• Puppet

• MCollective

• Vagrant

• Yum

• Jenkins

• Zabbix

• Graphite

• Ganglia

Network

Challenge:

• AWS L3 and L2 Networks are not as in our DC

Solution:

• Build a parallel L3 network with different subnets on top

of AWS interfaces, with F5 as the default Gateway

• Use Puppet to configure the network on the servers and

push default GW keeping AWS network for emergency

console access

Network

Challenge:

• No broadcasts to fetch arp responses

Solution:

• Build the arp table using Puppet to update servers local

subnet MAC list and update the F5 MAC list

Security

AWS Security had to be manipulated a bit for this to work:

• "Source/Destination check" had to be disabled as AWS

doesn’t know about new subnets

• AWS security was used to block access to AWS networks as

much as possible and permit everything else, allowing F5 to

be the Router/FW

• VPN S2S and remote client access was done with F5 using

IPsec for S2S and F5 APM SSL VPN for remote user access

• External services like F5 Virtual Servers are done regularly

using an F5 interface on AWS network with elastic IPs

Project results

1. Developers work on components locally

2. Each team uses AWS LP shared components

3. Developers enjoy Production standards

4. Real world problems caught before hitting Production

5. Safely enable continuous deployment

6. “Production-like” environment accessible for all developers

Wins

1. POC was quick

2. Expandable environment – components and geo

3. Secure mobility for developers

4. Ties easily to Production tools

5. Monitored by NOC

Lessons and Tips

1. Experiment

2. Start small with proof of concept

3. Involve stakeholders from day one

4. Have production standards in mind

5. Re-use tools and building blocks

6. Use AWS out of the box

7. Think hybrid, AWS can interact with many private clouds

THANK YOU! Gonen Wilf

[email protected]

ENTERPRISE

WORKLOADS LOWER COSTS, INCREASE AGILITY

●●●●●○○

Oracle Database on AWS

• Oracle Database 9i, 10g and 11g are fully supported on EC2

• All Editions of Database are supported on EC2:

Express Edition

Up to 4 cores and

1GB of memory

Standard Edition One

Up to 8 cores

Standard Edition

Up to 16 cores

Enterprise Edition

Unlimited

Key components of Oracle Database on AWS

• Amazon Virtual Private Cloud (Amazon VPC)

• Elastic Block Store (EBS) provisioned IOPS volumes

– Up to 4,000 IOPS per volume

– Stripe across several volumes

• EBS-optimized instances

• Oracle Automatic Storage Management (ASM)

• Oracle Data Guard and Active Data Guard

• Oracle Secure Backup Cloud Module

• Oracle Transparent Data Encryption (TDE) with AWS CloudHSM

Key components of Oracle Database - simplified

• Amazon RDS for Oracle

• Provisioned IOPS storage for RDS – up to 30,000 IOPS/database

• Amazon Virtual Private Cloud (Amazon VPC)

Oracle Licensing on AWS

• Bring Your Own License (BYOL)

– Applies to most Oracle software on AWS

– All Oracle Software licenses are fully portable to Amazon EC2

– Oracle Cloud Licensing Policy:

http://www.oracle.com/us/corporate/pricing/cloud-licensing-070579.pdf

• License Included

– Pay by the hour

– Amazon Relational Database (RDS) for Oracle Standard Edition One

Primary Region

Primary Availability Zone

AMI

(Ready to launch)

Oracle DB

Server

Public Subnet

App

Servers

Private Subnet

Mirrored Redo

Log Volumes

Root

Volume

Backup

Volume

Data

Volume

RMAN EBS Snapshot

S3 Bucket

DR Region

EBS Snapshot Copy

PIOPS

Standard Oracle Database Architecture on Amazon EC2

Primary Region


CloudFormation

Template

(Ready to launch)

Oracle DB

Server

Public Subnet Private Subnet

Root Volume

Mirrored Redo

log Volumes

Root

Volume

DR Region

PIOPS

Secondary Availability Zone

Oracle DB

Server

Private Subnet

Root

Volume

ASM Striped

Data Volumes

PIOPS PIOPS

RMAN Backup in

S3 Bucket

AMI Used by

CFN Template

OSB + RMAN

OSB + RMAN

Public Subnet

Root

Volume

Enterprise Class Database Architecture on Amazon EC2

App

Web

Servers

App

Web

Servers

ASM Striped

Data Volumes

Oracle Data Guard

Primary Region


Oracle DB

Server

Public Subnet Private Subnet


Oracle DB

Server

Private Subnet

RDS Synchronous

Replication

Public Subnet

Simplify: Amazon RDS for Oracle

App

Web

Servers

App

Web

Servers

AWS


Oracle

DB

Private Subnet

Private Subnet


Oracle

DB

Private Subnet

Synchronous Replication

Private Subnet

Intranet Enterprise Class 3-tier Architecture

App

Servers App

Servers App

Servers

App

Servers App

Servers

App

Servers

Private Subnet Private Subnet

Web

Server

Corporate

Data Center

Corporate Network

Web

Server

Web

Server Web

Server Web

Server

Web

Server

Oracle Fusion Middleware on AWS Fully supported on EC2

Oracle SOA

Suite

Business Activity Monitoring (BAM)

WebCenter

Identity and Access

Management

WebLogic

Suite

Business Process Management

Suite

Master Data Management

Suite

Business Rules

OBIEE

Oracle Enterprise Applications on AWS Fully supported on EC2 on OVM

Oracle E-Business Suite JD Edwards EnterpriseOne

PeopleSoft Applications

JD Edwards World

Oracle Fusion

Applications

Siebel

InQuira Hyperion

Primavera

Agile PLM

ATG Web Commerce

AWS / SAP Alliance

SAP has been an AWS customer

since 2008

AWS has been a strategic SAP Global

Technology Partner since 2011

Most SAP products are now certified for production

deployment on AWS

SAP Solutions Certified for Production on AWS

SAP Business Suite

SAP Business All-in-One

SAP Business One

SAP Rapid Deployment Solutions (RDS)

SAP BusinessObjects BI Solutions

SAP Afaria

SAP HANA One / SAP HANA One Premium

Instance Type (VM) Cores Mem ECU SAPS

High Memory 2-XLarge 4 34.2 13 3,700

High Memory 4-XLarge 8 68.4 26 7,400

ECU = EC2 Compute Unit

SAP SD 2-Tier Benchmark

Performance: Amazon EC2 SAPS

Performance: Amazon EC2 SAPS

ECU = EC2 Compute Unit

Instance Type # Cores Mem ECU SAPS

Cluster Compute 8-XLarge 1 16 60 88 DB

Cluster Compute 8-XLarge 6 16 60 88 SCS+DI

90,330

SAP SD 3-Tier Benchmark

SAP Licensing on AWS

Primary model for most SAP applications

Use your existing SAP licenses on AWS

Bring-Your-Own-License (BYOL)

SAP Licensing on AWS

License Included

SAP HANA One - $0.99/hour

SAP HANA One Premium

SAP Business Objects BI 4.0

SAP Afaria Cloud Edition

How SAP Customers and Partners Use AWS

Extend Existing SAP Infrastructure to the AWS Cloud

Run SAP temporary environments on AWS:

Test

Training

Demo

POC

Sandbox systems


Extend Existing IT Infrastructure to the AWS Cloud

Run SAP temporary environments on AWS

Migrate SAP DEV and QA landscapes to AWS

Customer

Data Centers

VPN or

Direct Connect

Secure connectivity

between datacentre &

AWS


Hybrid SAP Deployment – Customer Data Centre & AWS

DEV QA

ECC

BW

SRM

ECC

BW

SRM

BW

ECC

SRM

PROD

SAP Production landscape runs in

customer’s own datacentre

SAP Development & Quality

Assurance landscape runs on AWS

Customer

Data Centers

VPN or

Direct Connect

Secure connectivity

between datacenter

& AWS


Hybrid SAP Deployment – Customer Data Centre & AWS

DEV QA

ECC

BW

SRM

ECC

BW

SRM

BW

ECC

SRM

STAGING

SAP Production landscape runs in

customer’s own datacentre

SAP Development & Quality

Assurance landscape runs on AWS

BW

ECC

SRM

PROD





Archive SAP Data to AWS Cloud Storage Store recent SAP Database backups in Amazon S3

Archive all SAP Database backups in Amazon Glacier





Archive SAP Data to AWS Cloud Storage

Temporary infrastructure for SAP upgrades and

OS/DB migrations

SAP on AWS Pricing Example

Component

AWS Resource

Quantity

Unit Cost

Monthly

Cost

Virtual Machine m1.xlarge - SLES 11 240 hours $0.58 p/hour $140

Primary Storage EBS volume 200 GB $0.10 p/GB p/month $20

Backup Storage S3 storage 300 GB $0.095 p/GB p/month $29

Network & IO Data Transfer & IO $9

1 EC2 instance (VM): 4 cores x 15 GB memory

Online M-F 8AM-8PM: 240 hours p/month

Persistent storage: 200 GB

Backup storage: 300 GB

$198 Total Monthly Cost * Pricing based on US-East region as of 2/13/2013






Temporary infrastructure for SAP upgrades and OS/DB migrations

DR site for on-premises SAP production

environments







DR site for on-premises SAP production environments

Evaluate HANA







DR site for on-premises SAP production environments

Evaluate HANA

Host individual SAP solutions like Afaria or

Business Objects on AWS


Host Complete SAP Environments on the AWS Cloud

Migration of SAP legacy systems to AWS


Host Complete SAP Environments on the AWS Cloud

Migration of SAP legacy systems to AWS

Rapid deployment of infrastructure to start a

new SAP implementation


Full SAP Deployment on AWS

DEV QA

ECC

BW

SRM

ECC

BW

SRM

Customer runs DEV, QAS & PRD on AWS

PRD

ECC

BW

SRM

VPN or

Direct Connect

Secure connectivity

between LAN & AWS

network

Customer

LAN

HIGH AVAILABILITY

AND

DISATER RECOVERY FOR SAP PRODUCTION APPLICATIONS

AWS Partner Network: SAP Partners

SAP Implementation AWS Onboarding SAP OS/DB Migrations

SAP POCs SAP Sizing Architecture Planning

SAP Evaluations Performance Tuning SAP High Availability

SAP Hosting Backup & Recovery Account Management

Disaster Recovery DB Administration SAP BASIS

24/7 Help Desk OS Admin & Patching SAP Upgrades

Consulting Services

Managed Services

http://aws.amazon.com/sap

Whitepapers SAP Notes Support Information AWS-SAP Partners

More SAP on AWS Information

Amazon EC2 Windows Guide

What’s New:

• Using Windows Powershell

with the AWS SDK for

.NET

• AWS Diagnostic tools for

Windows Server

• Install EC2 command line

tools on Windows

• Setting up a Windows HPC

Cluster

http://docs.amazonwebservices.com/AWSEC2/latest/WindowsGuide/Welcome.html

AWS SDK for .NET

• APIs for many AWS services

• Includes:

– AWS Toolkit for Microsoft Visual Studio

– Visual Studio templates

– AWS Tools for Windows PowerShell

– AWS CloudFormation Template Editor

– AWS .NET Library

– C# code samples

AWS Marketplace

• Microsoft Windows-based

Amazon Machine Images (AMIs)

• Windows and SQL Server

• > 20 AMIs

• Windows Server OS

– 2003

– 2008

– 2008 R2

– 2012

• SQL Server Express/Web/Standard

– RDS or EC2

Microsoft Software on AWS – License Included

• Microsoft License Mobility through Software Assurance

Microsoft Software on AWS – Bring Your Own License

• SQL Server Enterprise – EC2

– RDS

• IIS

• Active Directory

• Exchange

• SharePoint

• Lync

• System Center Operations Manager (SCOM)

• Dynamics CRM

Microsoft Software on AWS – Bring Your Own License

SharePoint Reference Implementation

Remote

Admin

AWS Region

Availability Zone 2

Private Subnet

Availability Zone 1

Public Subnet Private Subnet Private Subnet Private Subnet

Private Subnet Private Subnet Private Subnet Private Subnet Public Subnet

NAT

RDGW

RDGW

Primary DC/DNS

Active Directory

Active Directory Database Tier

Database Tier

Primary DB

SQL Server

Mirror DB

Witness

Application Tier Web Tier

Application Tier Web Tier

Central Admin &

SharePoint Services

Central Admin &

SharePoint Services IIS & SharePoint

Web Front End

ELB

NAT

Backup DC/DNS

Internet

Gateway

Users

IIS & SharePoint

Web Front End

• Article “Deploy a Microsoft SharePoint 2010 Server Farm in the AWS Cloud in 6 Simple Steps”: – Builds upon the SharePoint Reference Implementation White

Paper

– http://aws.amazon.com/articles/9982940049271604

• AWS CloudFormation Templates for each step: – Launch the network and Active Directory stack

– Launch the database stack

– Launch the app stack

– Launch the web stack

Deploy SharePoint Farm in 6 Steps

• SharePoint Reference Architecture on AWS whitepaper:

http://aws.amazon.com/windows/sharepoint/

• Microsoft Exchange Server 2010 in the AWS Cloud: Planning &

Implementation Guide

http://aws.amazon.com/windows/exchange/

• Implementing Microsoft Windows Server Failover Clustering

(WSFC) and SQL Server 2012 AlwaysOn Availability Groups in the

AWS Cloud

• … and more

http://aws.amazon.com/windows/

More Microsoft on AWS information

Amazon VPC

Avoided

data center

build out

Saved

$1M over

3 years

50% lower cost

than hosting

options

NEED HELP?

●●●●●●○

Customer Obsession

24*7 PREMIUM SUPPORT

BUSINESS AND ENTERPRISE TIERS

Enterprise Account Team

Enterprise Support

TAM

Support Team

Solutions Architect

Account Manager

Dedicated enterprise

engineer for technical

inquiries and escalations

Works with the customer and

TAM to provide architectural

help with projects and design

needs

Helps ensure customers

are receiving the best value

from AWS services

24x7x365 Support

Engineer Team

AWS Trusted Advisor

• Save Money • Improve Availability • Close Security Gaps • Increase Performance

TRAININGS

Consulting Partners

CONCLUSION

●●●●●●●

OUR ENTERPRISE CUSTOMERS RUN

DEV AND TEST ENVIRONMENTS ON AWS


ENTERPRISE

WORKLOADS ON AWS


WEB APPLICATIONS ON AWS


BIG DATA ON AWS

LEVERAGE

COST EFFECTIVE SOLUTIONS

FOR MORE AGILITY

• OPEN SOURCE SOFTWARE

• VIRTUAL APPLIANCES

• MANAGED AWS SERVICES

Collection

Storage

Archiving

Processing Analysis and Reporting

Glacier

INNOVATE DO THINGS DIFFERENTLY

THANK YOU! Jean-Pierre Le Goaller

[email protected]