Upload
amazon-web-services
View
369
Download
1
Embed Size (px)
Citation preview
© 2016, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Establishing a Scalable, Resilient Web Architecture
Todd M. Gagorik, Senior Manager, Solutions Architecture, AWS Web Services - WWPS
June 20, 2016
Let’s Start with a Demo....
AWS MissionEnable businesses and developers to use web
services* to build scalable, sophisticated applications.
*What people now call “the cloud”
Gartner Magic Quadrant for Cloud Infrastructure as a Service, Worldwide
Gartner “Magic Quadrant for Cloud Infrastructure as a Service, Worldwide,” Lydia Leong, Douglas Toombs, Bob Gill, May 18, 2015. This Magic Quadrant graphic was published by Gartner, Inc. as part of a larger research note and should be evaluated in the context of the entire report. The Gartner report is available at http://aws.amazon.com/resources/analyst-reports/. Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner's research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.
ON DEMAND}UNIFORMPAY AS YOU GO
AVAILABLE
ON DEMAND}UNIFORMPAY AS YOU GO
AVAILABLE
Compute
Storage
SecurityScaling
Database
NetworkingMonitoring
Messaging
Workflow
DNSLoad Balancing
BackupCDN}ON DEMANDUNIFORM
PAY AS YOU GOAVAILABLE
WEB SERVICE API
Physical SpaceCabling
PowerCooling
NetworkingRacks
ServersStorage
CertificationLabor
On-Premises
$0to Get Started
no long-term contracts
Cloud Computing
vs.
Services Overview
But first…
Architected for Government Security RequirementsCertifications and accreditations for workloads that matter
AWS CloudTrail and AWS Config Call logging and configuration management for governance & compliance
• Log, review, alarm on all user actions
• Browse and query database of current and previous state of cloud resources
Security Is a Shared ResponsibilityCustomers Refocus on Systems and Apps.Security experts are a scarce resource!Refocus your security professional on a subset of the problem.
Facilities
Physical security
Compute infrastructure
Storage infrastructure
Network infrastructure
Virtualization layer (Amazon EC2)
Hardened service endpoints
Rich AWS Identity and Access Management (IAM ) capabilities
+ =Network configuration
Security groups
OS firewalls
Operating systems
Application security
Proper service configuration
AuthN & account management
Authorization policies
Customers
More secure and compliant systems than any single entity could achieve on its own
Economies of Scale Apply to Security and Compliance
The customer community benefits from tough scrutiny, the world-class AWS security team, market-leading capabilities, and constant improvements.
Everyone’s Systems and Applications
Security Infrastructure
Security Infrastructure
Requirements Requirements Requirements
Nothing better for the entire community than a tough set of customers…
AWS Global Infrastructure
11 AWS Regions50+ AWS Edge Locations
AWS Global Infrastructure
Availability Zone A
Availability Zone B
Availability Zone C
EU (Ireland)
Availability Zone A
Availability Zone B
South America (Sao Paulo)
Availability Zone A
Availability Zone B
Asia Pacific (Sydney)
Availability Zone A
Availability Zone B
GovCloud (OR)
Availability Zone A
Availability Zone B
Availability Zone C
Availability Zone D
US East (VA)
Availability Zone A
Availability Zone B
US West (CA)
Availability Zone A
Availability Zone B
Asia Pacific (Singapore)
Availability Zone A
Availability Zone B
Availability Zone C
Asia Pacific (Tokyo)
Availability Zone A
Availability Zone B
Availability Zone C
US West (OR)
Customer Decides Where Applications and Data Reside
US REGIONS GLOBAL REGIONS
Note: Conceptual drawing only. The number of Availability Zones may vary.
Availability Zone A
Availability Zone B
EU (Frankfurt)
AWS Global Infrastructure
Application Services
Networking
Deployment & Administration
DatabaseStorageCompute
AWS S3
AWS SQS
AWS EC2
AWS Simple DB
AWS EBS
AWS CloudFront
Elastic Load
Balancing
Auto Scaling
AWS VPC
AWS RDS
AWS SNS
AWS IAM
AWS Route 53
AWS SES
AWS Elastic Beanstalk
AWS CloudFormation
AWS Elasticache
AWS Direct Connect
AWS GovCloud
AWS Storage Gateway
AWS DynamoDB
AWS CloudSearch
AWS SWF
AWS Glacier
AWS Redshift
AWS Data Pipeline
AWS Elastic Transcoder
AWS OpsWorks
AWS CloudHSM
AWS AppStream
AWS CloudTrail
AWS WorkSpaces
AWS Kinesis
AWS ECS
AWS Lambda
AWS Config
AWS CodeDeploy
AWS RDS for Aurora
AWS KMS
AWS Cognito
AWS WorkDocs
AWS Directory Service
AWS Mobile Analytics
2006 2007 2008 2009 2010 2011 2012 2013 2014 2015
AWS WorkMail
AWS’ History of InnovationAWS has been continually expanding its services to support virtually any cloud workload, and it now has more than 40 services.
April 9, 2015
AWS EFS
AWS Machine Learning
Architect for High Availability
1. Use multiple Availability Zones.
2. Use Amazon RDS with replicas and standby.
3. Use Auto Scaling groups.
4. Use Elastic Load Balancing.
5. Use Amazon Route 53 to host DNS zones.
Three Services: Better Together
Utilization
Latency
Metrics
Amazon CloudWatch
Elastic Load Balancing
Auto Scaling
Use at regional levelCombined with Auto Scaling, ELB
will balance requests and resource capacity across
Availability Zones
Within Amazon VPCUse to load balance between
application tiers within an Availability Zone
Instance migrationsEasily move instances from dev
environments to test environments by moving between
elastic load balancers
Leverage SLAImprove application reliability with
Route 53’s SLA on requests served
Weighted routingPerform A/B analysis and staged application rollouts by moving a
portion of traffic to new infrastructure
Control TTLs and updatesTake absolute control of DNS
updates for more decisive system updates
Scale databases without admin overhead
Choose instance size for databases and scale up over time
Add high availability from management console
Create Multi-AZ deployments and Read Replicas. AWS takes care of the failover and recreation of a new standby in event of master
DB loss
Elastic Load Balancing Route 53 RDS
Dynamically scale resources & control costs
Provision only the resources that are required with scale up and cool down policies that match
demand
Auto Scaling
Architect to Use Cloud Strengths
So, How Did It Go?
AWS CloudFormation?
Simplified provisioning for the full breadth of AWS services.Create templates of the infrastructure and applications you want to run on AWS.CloudFormation automatically provisions the required AWS resources and their relationships from the templates.Easily version control, replicate, or update the infrastructure and applications.CloudFormation integrates with other development, CI/CD, and management tools.
Questions?