Confidential ©Nimbo Technologies Inc.

Datacenter Migration to the Cloud Customer Case Study: Hess Corporation

Taylor Bird Cloud Solutions Principal Nimbo

CASE STUDY – HESS CORPORATION

Leading global independent energy company engaged in the exploration and production of

crude oil and natural gas.

http://aws.amazon.com/solutions/case-studies/hess-corporation

BUSINESS CHALLENGE: • In 2013, Hess focused on becoming a pure Oil/NG Exploration &

Production company.

• Divest, Sell, or Spin-Off their downstream business divisions, including their Terminals, Retail, and Energy Marketing units.

• Nimbo worked with the Energy Marketing business unit to solve the challenge of migrating the entire enterprise IT suite to the cloud

• Hess wanted to avoid re-engineering and changes at all costs. Pure “Lift & shift”

• Utilize infrastructure mobility to add value to the sales prop

CASE STUDY - HESS DIVESTITURE

HESS DIVESTITURE: ENVIRONMENT

• Operating Environment: • 250+ Servers

• 400+ Users, various locations

• Software Landscape • Mix of Windows 2000-2008R2

• SQL Server 2005-2014

• Oracle 10 and 11g

• Software Stacks • .NET Custom & Vendor Applications • Citrix for application distribution • F5 for App Security • BizTalk • Visual Studio/TFS

• Infrastructure and Services • AD • Exchange • SharePoint

WHY CLOUD & (WHICH CLOUD?)

• Speed of Uptake and Deployment • Aggressive timeline

• Portability • Needed to “extract” from Hess corp.

• Flexibility & Commonality • Buyer was unknown

• Environment needed to support sale

• Buyer’s requirements were unknown

• Legal Complications • Ownership moves multiple times during divest. • Security implications as employees transition

• Performance Requirements • Control over IOPS, Hardware configuration

• Software Requirements • Older Windows versions

• Oracle DBMS

• NetScaler & F5 hardware challenges

• Overall ability to mimic on-prem setup

APPROACH

• Use networking to merge cloud and on-premise environments

• “Just another subnet”

• Use Cloud to extend resources, or sandbox projects or teams

• Great for

• Development/Test/UAT

• Projects

• Pilots, POCs

Rebuild

• Cloud is isolated and constructed from scratch

• All engineering, design, etc. considerations are made from a pure-cloud perspective

• Great for

• Greenfield applications

• New Sites/Business

• New DR sites

Lift & Shift Extend

• Migrate existing workloads/infrastructure

• Re-configuration is limited

• Map existing infrastructure as much as possible

• Great for

• DC deprecation

• DC Consolidation

• Divestiture/M&A

• DR/HA site relocation

CLOUD ARCHITECTURE • Using Amazon’s Virtual Private Cloud (VPC), we were able to re-create on-premises design

• Public/Private Subnets

• NAT for internet access

• Control over traffic outbound over VPN–vs- internet

GETTING CONNECTED

• Started with VPN to VPC • IPSec / Tunnel • IKE PSK, AES w/ SHA-1 • AWS Gateway provides redundant tunnels • Able to establish multiple connections for

greater HA

• Later, established DirectConnect • Direct network connection to AWS resources,

offered via APN carrier partners (Level3, TW Telecom, etc)

• Provides a low-latency, consistent bandwidth directly from customers site into AWS hand-off points

SERVER MIGRATION

Migrate VM images directly from existing infrastructure w/o need to rebuild complicated server builds

• VM Import/Export • Export – Upload – Import - Launch • Supports VMWare (VMDK), Xen (VHD), and

Hyper-V (VHD)

• vCenter Direct Import/Export • VM Import Connector • Supports directly migrating images from

VMWare vSphere systems directly from GUI console

• HotLink © offers a 3rd party tool that extends Hyper-V in the same way

Rebuild servers from scratch in EC2. Gives opportunity to start with a “clean slate”. Best for systems where deployments are already packaged or automated.

• Select your instance size & starting image

• Selection of Base Images for common OSes

• Selection of community provided images with pre-installed software

• AWS Marketplace for vendor-supplied images for turnkey solutions

CLONE / EXPORT REBUILD

A NOTE ON LICENSING

• EC2 instances are always billed in a “OS license included” model. • Current Oses available • Open Source Linux (Ubuntu, Debian, CentOS, etc.) • RHEL • SLES • Windows • ** Oracle Linux is also avail under Open Source pricing model **

• Vendor software (above OS) is licensed in three models • BYOL/Existing

• Large vendors are supporting migration of licenses to AWS under various agreements • IBM (“IBM BYOSL”), Oracle, Microsoft (“License Mobility”)

• On-Demand • Many AMIs from vendors come pre-configured with the software and are billed directly through the AWS marketplace on a per

hour basis.

• BYOL/New-AdHoc • Some vendors do not have a formal cloud license policy and require cloud resources to be licensed as if they were new hardware

ADDITIONAL VM CONSIDERATIONS

• VM Sizing • AWS offered a variety of options to meet specific server profiles

• You can resize EC2 instances with nothing more than a reboot

• Variety of Hardware configurations

• Modifications can be made quickly w/ reconstruction

• Storage • EC2 instances are backed by EBS volumes

• Software RAID to overcome limits or optimized performance (no SAN)

• Instance Storage

VM PERFORMANCE

• IOPS become critical

• 3 options

• EBS Magnetic (20-400 variable max)

• EBS SSD (3 IOPS/GB, 3000 burstable max)

• EBS Provisioned IOPS SSD (30 IOPS/GB, 4000 max sustained)

• ** this option is new for 2014 as is now the only option for PIOPS **

VM Optimizations

• Dedicated Instances • Single-tenant hardware

• Placement Groups • Groups instances on a single low-latency

10 gbps network

• Useful for apps that require controlled low latency or high bandwidth inter-instance connection

• EBS Optimized • Custom configuration to support higher

IO to EBS volumes

• Cluster Networking • Best choice for high-performance

clustering requirements

• Used typically for science and mathematical clusters using MPI or other parallel libraries

• Enhanced Networking • Advanced networking stack providing

higher PPS

• Reduced latency and jitter

IOPS Networking

VM PURCHASING OPTIONS

• Hourly rate

• Pay only for what you use

• No Commitment

Reserved Instances

• Upfront fee w/ commitment (1 or 3 year)

• Reduced monthly rate

• Offering in usage tiers • Light (periodic workloads)

• Medium (static workloads with sporadic periods of non-use)

• Heavy (steady-state workloads)

• Bid on unused EC2 resources

• Name a max price

• When max price > current spot price, your instances are running

• Great for analytic or test workloads where interruptions in service are manageable

• Also for workloads that benefit from increased capacity but don’t require

On-Demand Spot Instances

SUPPORT & INFRASTRUCTURE DEVICES

• Load balancing & App Delivery

• Citrix Netscaler

• Full support through marketplace AMI virtual appliance (Netscaler VPX)

• VPC and DMZ layout support multiple app delivery options

• ASM / WAF

• F5 ASM & Local Traffic Manager

• Full support and BigIP feature set through marketplace AMI virtual appliance (Big-IP VE)

• VPC & Advanced networking support numerous LTM/routing scenarios

• Client VPN

• Sophos & Microsoft RRA

• Full support through marketplace AMI virtual appliance (Sophos UTM-9) (Windows Server w/ RAA)

• Active Directory

• Full support through Windows stack

• Ability to extend on-prem AD or create new federated or trusted domain in cloud

• Monitoring Systems

• Failover Clustering, AlwaysOn

HIGH AVAILABILITY & DR

• Cloud makes it easier and also more important to design for HA. AWS Infrastructure is divided b/t Regions and Availability Zones

• Regions are distinct geographical clusters that are separated by hundreds/thousands of miles.

• Limited platform cross-regional support (you must build failover yourself)

• Great for true DR scenarios

• Availability Zones are geographically distinct datacenters in a single region

• AZs can communicate against a high-speed backplane and interact as if in the same DC

• Great option for HA

• Span all resources where possible across multiple AZs to guarantee availability in case of a datacenter failure

• All VMs were snapshotted nightly (automated feature) and exported into AWS S3 for durable storage

• All DBs were backed up with various RPOs as short as 15 min. These backups also stored in S3 for retrieval period and then archived to Glacier in place of tape

AUTOMATION & EXPANSION

• Scriptable infrastructure

• Hess required a “copy of prod” for both UAT and DEV

• This was accomplished automatically through API scripting and heavy usage of the CloudFormation feature

• CloudFormation allows you to create application stacks that can represent anything from a single app’s infrastructure to an entire enterprise’s IT environment. These stacks can be rapidly and automatically deployed

• All aspects of AWS are scriptable through various toolsets

• Server Builds

• Networking changes

• “opps” moments

• “BIG OPPS” moments

• Hess required a full IP Change twice after purchase. We were able to re-ip the entire system w/ less than 10 min downtime per server in under 8 hours.

HESS DIVESTITURE - RESULTS

• Hess completed the 1.2bn sale of the EM division in Nov 2013

• Hess export of infrastructure was completed in 6 months

• Best case options using physical datacenters was 13 months

• Hess needed to seamlessly transition this environment w/o lengthy support agreements.

• Environment was transitioned in under 60 days • Costs and contracts would have been a burden

• Hess was able to hand over access to the buyer in a “30 min meeting”

• Environment control was setup using AWS IAM and Multi-factor authentication

• During transition, credentials were handed over after which the buyer took possession of the MFA device

• New Buyer originally planned to pull down all of the infrastructure which was in “Cloud Escrow”

• They are now working with Nimbo to continue leveraging AWS as they integrate the business, recognizing the key benefits the cloud solution is providing them

• Hess has been working with Nimbo to leverage cloud for several other large initiatives

NEXT STEPS

• Go Sign up ! • http://aws.amazon.com

• Free to get started • Free Tier offers 12-months of limited use of most AWS services

• http://aws.amazon.com/free

• Connect with a Partner • Amazon Partner Network

• http://aws.amazon.com/partners

HESS DIVESTITURE – Q&A

Q&A

THANK YOU

AWS http://aws.amazon.com

NIMBO http://www.nimbo.com

info@nimbo.com

http://aws.amazon.com/solutions/case-studies/hess-corporation