Cloud is a new common for the Hybrid IT strategies. In this session, we will explain what’s different between cloud and your datacenter as well as how to make your Hybrid Cloud strategies
9. Perspective on Scale
Every day, AWS adds enough new server
capacity to support all of Amazon’s global
infrastructure when it was a $7B annual
revenue enterprise
11. What do we expect from modern applications?
• What do we expect from modern applications?
• High Availability
• Scalability
• Fault Tolerance
• Cost-Effectiveness
• Security
• How can we achieve this?
• Multiple Global Datacenters
• Scalable Server Infrastructure
• Scalable Databases
• Operational Controls
12. Current Trends and Challenges in IT
• New applications and innovations
often driven by business and not IT
• Infrastructure planning and
budgeting often not aligned with
business-led activities
• Effectively creating Shadow IT
• Reason: Agility and Ease of Use
13. SGX Deploys a Scalable Mobile Application by Using AWS
Singapore Exchange (SGX) is the Asian Gateway,
connecting investors in search of Asian growth to corporate
issuers in search of global capital.
Using AWS enabled us to manage
demand and bursts in data traffic
with its auto-scaling features.
Ng Kin Yee
SVP, Technology Planning, SGX
”
“ • SGX needed a highly scalable,
quick-to-deploy solution for a
mobile application that offered
available market data to mobile
user.
• SGX built and quickly deployed its
mobile application on AWS using
Amazon Elastic Beanstalk.
14. Web Services
Core
Services Compute Storage Database Networking
Infrastructure RegionsAvailability
Zones Edge
Locations
Platform
Services
Analytics App Deployment Mobile
Virtual
Desktops
Collaboration
&
Sharing
App
Delivery E-‐Mail
Access
Control
Auditing Monitoring EncryptionSecurity
Applications
A
P
I
&
S
D
K
s
16. Why is Scalability so important?
• Primary driver is often to
accommodate growth
however…
• Scalability also allows waste
reduction and in effect cost savings
Servers
Demand
Excess Capacity
Wasted $$
Unmet Demand
Capacity
Demand
17.
18. 500,000 writes / second to their managed
AWS database
200 additional servers during Superbowl
0 additional servers right after
19. Auto-Scalable Infrastructure
• Cloud allows Auto-Scaling
• Virtual Servers dynamically
provisioned based on demand
Load
Capacity
Allows growth and reduces
excess capacity, however
only to the granularity of an
individual virtual server
21. AWS Managed Services
• Managed Services of AWS are designed to be highly-
available, resilient, elastic and cost-effective
• Maintenance becomes AWS responsibility
• But more importantly: Charged per consumption!
Amazon
Route 53
Amazon
S3
Amazon
DynamoDB
Amazon
Cognito
Amazon Mobile
Analytics
Amazon SNS Amazon
Lambda
Amazon
CloudFront
DNS Storage CDN Database Auth Analytics Notifications Compute
22. Build Cost-Aware Architectures
• Decouple Compute and Storage and grow them
independently
Storage
• Build workflows that are aligned with your business
model by creating cost-aware architectures that only
scale to serve your customer to the accepted SLA
Compute
23.
24. Amazon S3
Raw Video
Amazon S3
Transcoded
Video
Amazon SQS
(Free)
Amazon SQS
(Premium)
Free User
Premium
User EC2
instance
EC2
instance
EC2
instance
EC2
instance
Auto Scaling group
Users
26. Many Worry There are Only Two Choices
Build a
“Private”
Cloud
Rip everything out
and move to
AWS
#1 #2
27. The Good News is it isn’t an ‘All or Nothing’ Choice
Corporate
Data Centers
On-Premises
Resources
Cloud
Resources
Integration
28. Integrated
networking
Integrated
access control
Integrated
storage and
backups
Single pane
of glass
# 10.0.100.0
# 10.0.200.0
Microsoft Active
Directory
Custom
LDAP
App 1
AWS Storage
Gateway
Integrating AWS with existing On-Prem Infrastructure
31. Trend: Virtual Private Cloud
Your Data Center
Project A
Deployed
Virtual Private
Cloud (VPC)
Direct Connect
32. Extending Your DC to your Cloud Provider
Your Data Center
Your LAN
Segments
AWS VPC
33. Tools to Support Hybrid IT Architectures
VM Import/Export
VPC Network
IAM Policies
Virtual Images
On-Premise Apps
Private Network
Your Data Centers
VPC
Corporate Directory
Your Cloud Apps
Your Data Our Storage
34. Integration into existing Tools
Management
Portal for vCenter
Management Pack
for SCOM
Systems Manager
for SCVMM
36. Application
Server
Virtual
Server
File
Server
Database
Server
Backup
System
Backup to Cloud Storage
• Eliminate tape, hardware, off-site storage
• Reduce capital expense for backup
infrastructure
• Never worry about backup durability
• Never run out of backup capacity
• Data stored off-site, with high durability, in
multiple locations
Backup and Archive
Amazon S3
39. NextMedia needs Infrastructure and Ecosystem flexibility
Singapore Exchange (SGX) is the Asian Gateway,
connecting investors in search of Asian growth to corporate
issuers in search of global capital.
AWS provides increased
infrastructure flexibility [..] and it’s
partner ecosystem allows to evaluate
a range of complementary products when
looking for more functionality.
Mai Wah Cheung
Group CIO, Next Media
”
“
• NextMedia needed a highly
available, secure and scalable
platform for it’s websites that would
sustain attempted disruptions by
malicious groups.
40. Application
Server
Virtual
Server
File
Server
Database
Server
Backup
Server
Cloud on standby DR setup
• Eliminate need for DR data center
• Reduce capital expense for duplicate
infrastructure
• Pay for only what you use when you use it
• Real-time, secure, database replication from
on-premise to down-sized database servers
• Application backups and virtual server images
stored on cloud storage
Amazon S3
Database
Server
Disaster Recovery
41. Corporate Network
App A
App B App C
Container
DevOps
TemplateVDI
Innovation & Agility
Automated builds and deployment of
code
Idempotence
Numerous disposable environments that
can be (re)built within a click allowing
regression tests in identical setups
Cost Effective
Environments can be disposed or
stopped when unused
Scalability
Perform performance and stress tests
with potentially thousands ofsimulation
nodes
Development and Test
42. Turn it off when unused!
• Treat your infrastructure like a lightbulb,
switch it off when you leave the office
and stop paying for it’s consumption
Example:
• Development and Test environments
don’t need to run 24/7
• Automatically turn them off when
employees badge out of the building
44. Gain access to a world-class security team
Where would some of the world’s top
security people like to work? At scale on
huge challenges with huge rewards
So AWS has world-class security and
compliance teams watching your back!
Every customer benefits from the tough
scrutiny of other AWS customers
45. Build on a constantly improving security baseline
AWS
Foundation
Services
Compute Storage Database Networking
AWS
Global
Infrastructure Regions
Availability
Zones
Edge
Locations
46. AWS
Foundation
Services
Compute Storage Database Networking
AWS
Global
Infrastructure Regions
Availability
Zones
Edge
Locations
Client-‐side
Data
Encryption
Server-‐side
Data
Encryption
Network
Traffic
Protection
Platform,
Applications,
Identity
&
Access
Management
Operating
System,
Network
&
Firewall
Configuration
Customer
content
Customers
Let your cloud provider do the heavy lifting for you
Customers are
responsible for
their security and
compliance IN
the Cloud
AWS is
responsible for
the security OF
the Cloud
47. AWS
Foundation
Services
Compute Storage Database Networking
AWS
Global
Infrastructure Regions
Availability
Zones
Edge
Locations
Your
own
accreditation
Meet your own security objectives
Your
own
certifications
Your
own
external
audits
Customer scope
and effort is
reduced
Better results
through focused
efforts
Built on AWS
consistent
baseline controls
Customers
49. You can choose to keep all your content in the AWS
region of YOUR choice
• AWS makes no secondary use of customer content
• Managing your privacy objectives any way that you want
• Keep data in your chosen format and move it, or delete it, at any
time you choose
• No automatic replication of data outside of your chosen AWS
Region
• Customers can encrypt their content any way they choose
You always have full ownership and control
50. How often do you map your network?
What’s in your environment
right now?
51.
52. Security becomes Visible
Who is accessing the resources?
Who took what action?
• When?
• From where?
• What did they do?
• Logs Logs Logs
AWS
CloudTrail
AWS
Config
Amazon
CloudWatch