All slides from the May 2014 Meetup. Talks included:
• "Mining crypto currency on AWS spot instance" - Scott VanDenPlas, Engineer at el el see @scottvdp
• "HA for healthcare" - Ryan Koop, Director of Products & Marketing, Cohesive @ryankoop
• "Using AWS for HA at BrightTag" - Matt Kemp, Engineer of Things™ at BrightTag @mattkemp
• So nice, he's talking twice. - Scott VanDenPlas, Engineer at el el see @scottvdp
Join us again June 24 at Mediafly and in July back at Cohesive!
4. 6:00 pm Introductions
6:10 pm Lightning Talks
"Mining crypto currency on AWS spot instance" - Scott
VanDenPlas, Engineer at el el see @scottvdp
"HA for healthcare" - Ryan Koop, Director of Products &
Marketing, CohesiveFT @ryankoop
"Using AWS for HA at BrightTag" - Matt Kemp, Engineer of
Things™ at BrightTag @mattkemp
So nice, he's talking twice. - ScottVanDenPlas, Engineer at el el
see @scottvdp
6:30 pm Q & A
7:00 pm Networking, drinks and pizza
Agenda Sponsored by
Hosted by
#AWSChicago
5. “Mining crypto currency on AWS
spot instance”
!
ScottVanDenPlas, Engineer at el el see
!
Tweet: @scottvdp
#AWSChicago
!
Sponsored by
Hosted by
#AWSChicago
28. @ryankoop
Oh, hello
2
During Business Hours++
Ryan Koop
Director of Products & Marketing, Co-founder
@ryankoop
www.linkedin.com/in/rkoop/
After Hours
NAME Ryan Koop
CLUB Royal Fox CC - Men
LOCAL# 2024 Assoc# 20005661
EFFECTIVE DATE 10/15/2013
SCORES POSTED 12 USGA HDC INDEX
18.9
SCORE HISTORY - MOST RECENT FIRST
1 96*I 98 I 95*I 89*AI 96*AI
6 95*AI 99 H 99 I 99 AI 94*I
11 97 H 96*I 106 A 97 H 95 H
16 97 I 94*H 91*H 96 I 94*H
Chicago District Golf Association - www.cdga.org
Ryan Koop
2013 GOLD MEMBER
29. @ryankoop
5/26/14 US-West-1 Single Availability Zone looses power
5/17/14 US-West-2 Increased Launch Error Rates
4/30/14 US-West-2 Connectivity Issues for Single Availability Zone
4/22/14 EU-West-1 Connectivity Issues for Single Availability Zone
4/16/14 EU-West-1 Increases API Error Rates
4/1/14 US-West-1 Connectivity Issues for Single Availability Zone
3/21/14 US-East-1 Increased API Error Rates
3/20/14 US-East-1 Increased API Error Rates
3/20/14 US-West-2 Increased API Error Rates
3/9/14 US-East-1 Connectivity Issues for Single Availability Zone
3
Cloud ≠ Reliability
Source:AWS Appstream RSS
30. @ryankoop
AWS SLA - Five 9s?
4
99.95% = ~22min/month Downtime
“Region Unavailable” | Burden of Proof | “Demarcation Point”
Yo Dawg, we heard you like SLAs
So we gave your SLA an SLA!
31. @ryankoop 5
AWS Data Center | Source: AWS James Hamilton
Amazon Perdix | Source: AWS James HamiltonSource:Your Nightmares
Source: Your Nightmares
You vsThem
34. @ryankoop 8
The H in HA Stands for Hybrid
Public A
Public B
Public
Private
Public
Data Center
Source: Chris Swan, CTO CohesiveFT
35. @ryankoop
Hybrid Strategies
9
VPC 2VPC 1
peer
PeeredVPCs
Common Software Stack
public privatepublic private
Single Pane of Glass
public
public
Common APIs
private
Source: Chris Swan, CTO CohesiveFT
36. @ryankoop
Slide Sponsored by: cccccccccccc
10
US Central 1a
Customer Data CenterCustomer Remote Office
VNS3 1
VNS3 2
VNS3 3
VNS3 Overlay Network
Server 1 Server 2 DB 1 DB 2 Server 3 DB 3
Active IPsecTunnel
Failover IPsecTunnel
Firewall / IPsec
Cisco 5505
Firewall / IPsec
Cisco 5585
Data Center ServerData Center ServerUser WorkstationUser Workstation
Peered Peered
US East 1a US West 2b
37. @ryankoop
The future (or now) is loosely coupled
11
Load Balancers
Web Servers
Load Balancers
App Servers
Database Cluster
38. @ryankoop
AWS and HIPAA
!
• Health InformationTechnology for Economic and Clinical Health
(HITECH) Act in 2009 and the 2010 Omnibus rule
• Business Associate Agreement - June 18, 2013
• EBS Encryption - May 21, 2014
12
1996 - Privacy, Security, and Breach Notification rules for the
storage & transmission of EHI
39. @ryankoop
Shared Responsibility
13
Layer 3
!
Layer 2
!
Layer 1
!
Layer 0
Layer 7
Layer 6
Layer 5
Layer 4
Layer 3
Application
Layer
Virtual
Layer
Limit of user access, control and visibility
ApplicationOwner
CloudOwner
Hardware
Layer
Your HIPAA
Compliant App
AWS Xen Hypervisor
It’s Intel-based
but Secret
40. @ryankoop
HIPAATopology
14
IPsec
Firewall / IPsec
us-east-1c us-east-1d
Multi-tenant Overlay Primary
Peered
VNS3
Manager
us-west-2a
Multi-tenant Overlay Backup
User Workstation
NewYork, NY
Data Center Server
Healthcare
Provider 2
Healthcare
Provider 1
San Francisco, CASeattle,WA Denver, CO
Data Center Server
Boston, MA
HIPAA App Provier Data
Center
Data Center Server Data Center Server
Healthcare
Provider 3
Healthcare
Provider N
DR Tablet
41. @ryankoop
Zone Failure
15
IPsec
us-east-1c us-east-1d
Multi-tenant Overlay Primary
Peered
VNS3
Manager
us-west-2a
Multi-tenant Overlay Backup
X
User Workstation
NewYork, NY
Data Center Server
Healthcare
Provider 2
Healthcare
Provider 1
San Francisco, CASeattle,WA Denver, CO
Data Center Server
Boston, MA
HIPAA App Provier Data
Center
Data Center Server Data Center Server
Healthcare
Provider 3
Healthcare
Provider N
DR Tablet
Firewall / IPsec
42. @ryankoop
Regional Failure
IPsec
us-east-1c us-east-1d
Multi-tenant Overlay Primary
Peered
VNS3
Manager
us-west-2a
Multi-tenant Overlay Backup
X X
User Workstation
NewYork, NY
Data Center Server
Healthcare
Provider 2
Healthcare
Provider 1
San Francisco, CASeattle,WA Denver, CO
Data Center Server
Boston, MA
HIPAA App Provier Data
Center
Data Center Server Data Center Server
Healthcare
Provider 3
Healthcare
Provider N
DR Tablet
Firewall / IPsec
43. @ryankoop
Global Failure
17
IPsec
US Central
Multi-tenant Overlay Cold
User Workstation
NewYork, NY
Data Center Server
Healthcare
Provider 2
Healthcare
Provider 1
San Francisco, CASeattle,WA Denver, CO
Data Center Server
Boston, MA
HIPAA App Provier Data
Center
Data Center Server Data Center Server
Healthcare
Provider 3
Healthcare
Provider N
DR Tablet
Firewall / IPsec
44. @ryankoop
ThreeThings for HA
1. Rigorous automation of virtual servers
2. Rigorous automation of boot time context
3. Overlay network that quickly, simply
differentiates network location from identity
18
58. “I’ve got 99 problems and capacity
is all of them”
!
ScottVanDenPlas, Engineer at el el see
!
Tweet: @scottvdp
#AWSChicago
!
Sponsored by
Hosted by
#AWSChicago