DevOps for Business Transformation at Ellucian

  • View
    320

  • Download
    2

Embed Size (px)

Text of DevOps for Business Transformation at Ellucian

  • REN Cloud:

    Disaster Recovery Using DevOps on AWS

    REANCloud.com

    Location: US (Herndon, Philadelphia, Los Angeles), India (Udaipur, Hyderabad), Israel (Tel

    Aviv)

  • 2

    REN Organization Profile

    Established: 2013

    Presence: USA, Israel and India

    Number of Employees: 150+

    AWS Certifications: 80+ (including 8 Professional Certifications)

    Management team consisting of executives formerly from Fortune 500 Enterprises - AWS, Amdocs, Booz Allen Hamilton, Capgemini, PWC and Merck with deep AWS cloud computing experience

    AWS Competencies IncludeMigration Competency

    Life Sciences

    DevOps

    Managed Services

    24x7 follow the sun model with offices around the world with continuous operations in multiple time zones - EST, PST, and IST

  • REAN AWS Certifications

  • 4

    REN Capabilities

    REAN Capabilities

    Consulting Services

    AWS Managed

    Cloud Solutions

    AWS Managed

    Cloud Services

    AWS Test Drive

  • 5

    REN Enterprise Service OfferingREAN ENTERPRISE CLOUD MANGEMENT (ECM) PORTFOLIO

    RE

    AN

    SE

    RV

    ICE

    S

    MIGRATION

    NATIVE AWS

    APPLICATION

    DEVELOPMENT

    BILLING AS

    a SERVICE

    BU

    SIN

    ES

    S

    CO

    NS

    UL

    TIN

    G

    CLOUD OPERATIONS STRATEGY

    CLOUD ARCHITECTURE DEVOPS STRATEGY

    ROI & BUSINESS CASE JUSTIFICATION SECURITY & RISK ASSESSMENTCLOUD

    ADOPTION

    STRATEGY

    GOVERNANCE & COMPLIANCEACCOUNT MANAGEMENT

    DR & BUSINESS

    CONTINUITY

    PLANNING (BCP)

    SECURE

    INFRASTRUCTU

    RE SETUP

    INF

    RA

    SE

    RV

    ICE

    S

    AWS INFRASTRUCTURE HYBRID ON-PREM INFRASTRUCTURE

    MANAGED

    CLOUD

    SERVICES

    DEVOPS (CD

    |CI)

    IMPLEMENTATI

    ON

  • 6

    Application Deployment

    Automation on AWS

    Account

    Dev Environment

    Test Environment

    Staging Environment

    Production Environment

    Identity/Access

    Server Admin

    Storage Admin

    Network Admin

    Machine (API)

    CloudTrail (Audit)

    Network

    Subnets

    Route Tables

    DNS

    Access Control List

    Gateways

    Application

    Load Balancer

    Web Server

    Application Server

    Database Server

  • 7

    Scope of Offering

    DEVSECOPS CICD AUTOMATION

    ComplianceHIPAA, PCI, FedRAMP

    Assessment Remediation

    Operations Monitoring Patching Backup Logging

    Application Setup Configuration DB Migration

    Automated Infrastructure

    Build/ValidationIAM VPC

    EnvironmentsDev, Test,

    Prod

    SE

    CU

    RIT

    Y

    IDS

    , IP

    S, W

    AF

    , A

    D,

    EN

    CR

    YP

    TIO

    N

  • Disaster Recovery

  • 10

    Proposed Scope of Work High Availability and Disaster Recovery on AWS

    Lift & Shift using Cloud Endure

    Runbook/DevOps based Deployment

  • 11

    Elastic Load

    Balancer

    CloudWatchAuto Scaling

    Server icons courtesy of http://creativecommons.org/licenses/by-nd/3.0/.

    Latency

    Utilization

    Metrics

    Architecture Scale Up and Down On-

    Demand

  • 12

    Auto Scale

    Amazon S3

    US WEST

    Amazon S3

    Network IO EBS

    Snapshot

    EBS

    Snapshot

    EC2

    Network IO

    EBS

    Snapshot

    EC2

    Ephemeral

    US EAST

    Availability Zone - A Availability Zone - BLoad Balancer

    Source: Amazon Web Services

    Architecture - High Reliability

  • 13

    Migration Lift & Shift (CloudEndure)

  • 14

    Migration Runbook/Devops2

    DNS Changes

  • 15

    Cross Account Deployment

  • REN Security Differentiator

  • 17

    Responsibility & Compliance Model

  • 18 Source: Amazon Web Services VPC Architecture

    Datacenter

    Amazon Web ServicesSecure VPN Connection over the Internet

    Subnets

    AWS resources

    Router

    VPN Gateway

    NAT

    VPC

    Internet

    REN Virtual Private Cloud (VPC) Architecture

  • 19

    Controls Necessary to Meet Compliance

    | REAN Secure VPC Solution

  • 20 | REAN Secure VPC Solution

    Security Framework Controls

  • 21

    REAN OS/Application Controls + AWS IaaS GSS Controls

    + Customer Operations and Management = Compliance

    | REAN Custom Application

    Security and Compliance Benefits

  • AWS Account & Users

  • 23

    End User 4

    End User 3

    Consolid

    ate

    d B

    illin

    gId

    entity

    & A

    ccess M

    anag

    em

    ent

    End User 1

    End User 2

    End User 5

    Linked Account

    Department 1

    End User 3

    End User 1

    End User 2

    End User 3

    End User 2

    End User 1

    End User 4

    End User 3

    End User 1

    End User 2

    End User 4

    Linked Account

    Department 4

    Linked Account

    Department 2

    Linked Account

    Department 3

    University Paying Account

    End User Group

    Use IAM for Access Control

  • 24

    Users and Groups within Accounts

    Unique security credentials

    Access keys

    Login/Password

    MFA device

    Policies control access to AWS APIs

    Deep integration into S3

    policies on objects and buckets

    AWS Management Console now

    supports User log on

    Not for Operating Systems or

    Applications

    use LDAP, Active Directory, ADFS,

    etc...

    AWS IAM Fine Grained Identity Controls

  • 25

    User Management

  • REN Billing Services

  • 27

    REN Enterprise Billing Capabilities

    Billing as a Service RI Recommendation Engine

    Customer/Account Provisioning and

    ManagementAPI Integration

    Enterprise Billing Solution

  • 28

    Multilayer flow through Provisioning

    Accounts

    Product | Service Groups

    Divisions | Regions

    Enterprise University

    School #1

    Dept #1

    Account#1 Account#2

    Dept #2

    School#2

    Dept #3

    Account#3.1 Account#3.2

  • 29

    REN Enterprise Billing Solution (EBS) Key Features

    Simplify Billing and Chargebacks

    Track actual usage charges across every AWS product

    Generate bills and invoices in AWS format

    Package your own subscription-based services

    Define how usage and charges are billed through the use of SKUs and bundle in third-party services

    Track Individual and Aggregate Usage

    Intuitive dashboards

    Customizable reports

    Multi-tier visibility of usage and accurate cost

    View aggregated usage across all resellers, customers, and accounts

    Organize and track costs and profitability

    Access granular usage details

    Customer Provisioning

    Optimize the process of creating new AWS accounts

    Streamline process of provisioning new cloud accounts

    Integrate new accounts with consolidated bill

    Reduce costs of operations related to cloud

    Allow reseller or customer to grow on-demand

    Simplifies billing as resellers/customers onboard or grow

  • 30

    Billing Analytics vs Transactions

    Billing Analytics

    Trend reporting

    Spend by project or server

    Recommendations for

    opportunities to save money (e.g.

    Reserved Instance

    recommendations)

    Analysis of utilization vs. expense

    Billing Transactions

    A verifiable transaction log of all

    charges;

    100% accuracy and audit-ability;

    The ability to lock/compare

    historical billing against changes;

    Ensuring all charges are accurate

    for each individual customer at

    their agreed upon rates and level

    of services;

    Seamless handling of additional

    charges including support;

    True visibility to where charges

    belong for all organizations and

    customersAWS Detailed Consolidated Bill

    ReconciledInvoiced to

    Customer

    3rd Party

    Analytics/Dashb

    oard

    Dashboards

  • Thank You