Expanding your Data Center with Hybrid Cloud Infrastructure

© 2015, Amazon Web Services, Inc. or its Affiliates. All rights reserved.

John ChangSolution Architect, AWS

Expanding Your Data Center with Hybrid Cloud Infrastructure

June 2016

Will the Cloud eliminate Data Centers?

NO! They complement each other!

AWS Global Infrastructure

Example AWS Region

AZ

AZ

AZ AZ AZ

Transit

Transit

Example AWS Availability Zone

AZ

AZ

AZ AZ AZ

Transit

Transit

Example AWS Data Center

Perspective on Scale

Every day, AWS adds enough new server capacity to support all of Amazon’s global infrastructure when it was a $7B annual

revenue enterprise

Why is this demand and growth so high?

What do we expect from modern applications?

• What do we expect from modern applications?• High Availability• Scalability• Fault Tolerance• Cost-Effectiveness• Security

• How can we achieve this?• Multiple Global Datacenters• Scalable Server Infrastructure• Scalable Databases• Operational Controls

Current Trends and Challenges in IT

• New applications and innovations often driven by business and not IT

• Infrastructure planning and budgeting often not aligned with business-led activities

• Effectively creating Shadow IT

• Reason: Agility and Ease of Use

SGX Deploys a Scalable Mobile Application by Using AWS

Singapore Exchange (SGX) is the Asian Gateway, connecting investors in search of Asian growth to corporate

issuers in search of global capital.

Using AWS enabled us to manage demand and bursts in data traffic with its auto-scaling features.

Ng Kin YeeSVP, Technology Planning, SGX

”

“ • SGX needed a highly scalable, quick-to-deploy solution for a mobile application that offered available market data to mobile user.

• SGX built and quickly deployed its mobile application on AWS using Amazon Elastic Beanstalk.

Web Services

Core Services Compute Storage Database Networking

Infrastructure RegionsAvailability Zones Edge Locations

Platform Services

Analytics App Deployment Mobile

Virtual Desktops

Collaboration & Sharing App Delivery E-‐Mail

Access Control Auditing Monitoring EncryptionSecurity

ApplicationsAPI

&

SDKs

But why is Scalability so important?

Why is Scalability so important?

• Primary driver is often to accommodate growth

however…

• Scalability also allows waste reduction and in effect cost savings

Servers

Demand

Excess Capacity Wasted $$

Unmet Demand

Capacity

Demand

500,000 writes / second to their managed AWS database

200 additional servers during Superbowl0 additional servers right after

Auto-Scalable Infrastructure

• Cloud allows Auto-Scaling

• Virtual Servers dynamically provisioned based on demand

Load

Capacity

Allows growth and reduces excess capacity, howeveronly to the granularity of an individual virtual server

Let’s move up the stack!

AWS Managed Services

• Managed Services of AWS are designed to be highly-available, resilient, elastic and cost-effective

• Maintenance becomes AWS responsibility• But more importantly: Charged per consumption!

Amazon Route 53

Amazon S3

AmazonDynamoDB

Amazon Cognito

Amazon MobileAnalytics

Amazon SNS Amazon LambdaAmazon

CloudFront

DNS Storage CDN Database Auth Analytics Notifications Compute

Build Cost-Aware Architectures

• Decouple Compute and Storage and grow them independently

Storage

• Build workflows that are aligned with your business model by creating cost-aware architectures that only scale to serve your customer to the accepted SLA

Compute

Amazon S3Raw Video

Amazon S3Transcoded

Video

Amazon SQS(Free)

Amazon SQS(Premium)

Free User

Premium User EC2

instanceEC2

instance

EC2instance

EC2instance

Auto Scaling group

Users

OK, but you said Hybrid Infrastructure?!

Many Worry There are Only Two Choices

Build a “Private” Cloud

Rip everything out and move to

AWS

#1 #2

The Good News is it isn’t an ‘All or Nothing’ Choice

Corporate Data Centers

On-Premises Resources

Cloud ResourcesIntegration

Integrated networking

Integrated access control

Integrated storage and backups

Single pane of glass

# 10.0.100.0

# 10.0.200.0

Microsoft Active Directory

Custom LDAP

App 1AWS Storage Gateway

Integrating AWS with existing On-Prem Infrastructure

Private Connectivity, Private Storage

Your Data Center

Private Connectivity, Private Storage

Your Data Center

Trend: Virtual Private Cloud

Your Data Center

Project ADeployed

Virtual Private Cloud (VPC)

Direct Connect

Extending Your DC to your Cloud Provider

Your Data Center

Your LANSegments

AWS VPC

Tools to Support Hybrid IT Architectures

VM Import/Export

VPC Network

IAM Policies

Virtual Images

On-Premise Apps

Private Network

Your Data CentersVPC

Corporate Directory

Your Cloud Apps

Your Data Our Storage

Integration into existing Tools

Management Portal for vCenter

Management Pack for SCOM

Systems Manager for SCVMM

Common Hybrid Workloads

ApplicationServer

VirtualServer

FileServer

DatabaseServer

BackupSystem

Backup to Cloud Storage• Eliminate tape, hardware, off-site storage

• Reduce capital expense for backup

infrastructure

• Never worry about backup durability

• Never run out of backup capacity

• Data stored off-site, with high durability, in

multiple locations

Backup and Archive

Amazon S3

ApplicationServer

VirtualServer

FileServer

DatabaseServer

Amazon S3

Solutions supporting backup to S3

Veeam Backup & Replication

Symantec Net Backup

Oracle RMAN and Secure Backup Module

CommVault Simpana

AltaVault (SteelStore)

BackupSystem

Backup and Archive

AWS Marketplace

Pre-Configured machine images

1-Click Launch on AWS

BYOL or hourly licenses

NextMedia needs Infrastructure and Ecosystem flexibility

Singapore Exchange (SGX) is the Asian Gateway, connecting investors in search of Asian growth to corporate

issuers in search of global capital.

AWS provides increased

infrastructure flexibility [..] and it’s partner ecosystem allows to evaluate a range of complementary products when

looking for more functionality.

Mai Wah CheungGroup CIO, Next Media

”

“

• NextMedia needed a highly available, secure and scalableplatform for it’s websites that would sustain attempted disruptions by malicious groups.

ApplicationServer

VirtualServer

FileServer

DatabaseServer

BackupServer

Cloud on standby DR setup• Eliminate need for DR data center

• Reduce capital expense for duplicate

infrastructure

• Pay for only what you use when you use it

• Real-time, secure, database replication from

on-premise to down-sized database servers

• Application backups and virtual server images

stored on cloud storage

Amazon S3

DatabaseServer

Disaster Recovery

Corporate Network

App A

App B App C

Container

DevOps

TemplateVDI

Innovation & AgilityAutomated builds and deployment of

code

IdempotenceNumerous disposable environments that can be (re)built within a click allowing regression tests in identical setups

Cost EffectiveEnvironments can be disposed or

stopped when unused

ScalabilityPerform performance and stress tests with potentially thousands of simulation

nodes

Development and Test

Turn it off when unused!

• Treat your infrastructure like a lightbulb, switch it off when you leave the office and stop paying for it’s consumption

Example:• Development and Test environments don’t need to run 24/7

• Automatically turn them off when employees badge out of the building

But how about Security & Compliance?

Gain access to a world-class security team

Where would some of the world’s top security people like to work? At scale on huge challenges with huge rewards

So AWS has world-class security and compliance teams watching your back!

Every customer benefits from the toughscrutiny of other AWS customers

Build on a constantly improving security baseline

AWS Foundation Services

Compute Storage Database Networking

AWS Global Infrastructure Regions

Availability ZonesEdge Locations





Client-‐side Data Encryption

Server-‐side Data Encryption

Network Traffic Protection

Platform, Applications, Identity & Access Management

Operating System, Network & Firewall Configuration

Customer content

Custom

ers

Let your cloud provider do the heavy lifting for you

Customers are responsible for their security and compliance INthe Cloud

AWS is responsible for the security OFthe Cloud





Your own accreditation

Meet your own security objectives

Your own certifications

Your own external audits

Customer scope and effort is reduced

Better results through focused

efforts

Built on AWS consistent

baseline controls

Custom

ers

Example: Data Sanitization at AWS

You can choose to keep all your content in the AWS region of YOUR choice• AWS makes no secondary use of customer content• Managing your privacy objectives any way that you want• Keep data in your chosen format and move it, or delete it, at any time you choose

• No automatic replication of data outside of your chosen AWS Region

• Customers can encrypt their content any way they choose

You always have full ownership and control

How often do you map your network?

What’s in your environment right now?

Security becomes Visible

Who is accessing the resources?Who took what action?

• When?• From where?• What did they do?• Logs Logs Logs

AWS CloudTrail

AWS Config

Amazon CloudWatch

Thank you!