ask the architect: rightscale & aws dive deep into hybrid it
DESCRIPTION
With the increased use of cloud services, organizations are faced with finding the most efficient way to use existing IT infrastructure alongside cloud-based compute, storage and networking resources. This has resulted in the rise of hybrid IT whereby companies leverage both on-premises and cloud resources to drive increased agility, stability and accessibility.TRANSCRIPT
Ask the Architect Diving Deep into Hybrid IT
Brian Adler, Sr. Services Architect, RightScale Miles Ward, Senior Manager, SoluAons Architecture, AWS Claudio GenAle, Cloud SoluAons Engineer, RightScale
IntroducAons
Brian Adler Senior Services Architect RightScale
Claudio Gen/le Cloud SoluAons Engineer RightScale
Miles Ward Senior Manager SoluAons Architecture AWS
What We’ll Cover Today
• Overview • What’s your strategy? • Typical use cases • Design consideraAons • Real-‐world experiences with Hybrid IT • Q&A session
Overview
Four Tracks for Business Value Increase Enterprise Agility
Drive Operational Efficiencies
Expand Markets & Capabilities
Increase Investment Flexibility
Faster Time to Market Accelerate Innovation Fail (or Succeed) Fast
Cut Infrastructure Costs Reduce Overprovisioning Increase IT Efficiency
New Geographies New Capabilities Web-Scale Applications
CapEX to OpEX Reduce sunk costs Reduce lock-in
Why Hybrid IT?
Operate anywhere
Public Public Private Hosted
Future-proof cloud strategy
Maintain vendor leverage Access unique capabilities
Leverage existing investments Create resilient architectures
Optimize costs Multi-cloud happens
RightScale’s View of Cloud Management A framework of tools to solve cloud challenges and increase your ability to enjoy cloud benefits
!
• Consistency and reliability of shared, commodity resources
• Secure access to a variety of remote, networked resources
• Self-service accessibility of an approved configuraAon menu
• ElasAc, instantaneous scalability driven by automation!
• Usage transparency and optimization!
The Core Cloud Management Toolset Resource management
• Compute, network, storage
Governance • Policy management • IdenAty and access management • Usage and cost management
Configura/on • ConfiguraAon management • Service catalog • License management
Automa/on • Resource monitoring and alerAng • Automated scaling and deployment orchestraAon
What’s Your Strategy?
EvaluaAng ApplicaAons for the Cloud Business impact
• Should we put this app on the cloud? • What benefits will we get?
Technical requirements • Can we put this app on the cloud? • How much will migraAon or build out cost?
Choose the quick wins! • High business impact • Appropriate technical requirements • Start greenfield and worry about migraAon later
EvaluaAon Framework Sample App 1 App 2 App 3 App 4 App 5
Business Impact
Demand fluctuation / uncertainty u u u u u
Fast time to market u u u u u
Time limited u u u u u
…
Technical Requirements
Load Balancer: Session Affinity u u u u u
Application: Licensing u u u u u
Cache: Persistent u u u u u
Database: Working set size u u u u u
Security: Egress filtering u u u u u
…
Refactor
Don’t Migrate Hold Off
Quick Wins
Rank Your Apps to PrioriAze
App 9 App 7
App 2
App 3
App 5
App 1 App 4
App 8
App 6 B
usin
ess
Impa
ct
Technical Fit
Typical Use Cases
Use Cases Cloudburs/ng
• An applicaAon deployment model in which an applicaAon runs in your on-‐premises environment and bursts to a cloud provider when the demand for compuAng capacity spikes.
• The advantage of a cloud bursAng-‐enabled deployment is that an organizaAon only pays for extra compute resources when they are needed.
Considera/ons: • Control – public Internet traversal may be required • Latency – traversal of public Internet involves the Great Unknown • Cost – bandwidth charges for public Internet traversal • Complexity – numerous opAons exist for configuraAon of a hybrid secure
environment
Hybrid IT / CloudbursAng
ON-PREMISES CLOUD
LOAD BALANCERS
APP SERVERS
MASTER DATABASE
SLAVE DATABASE
OBJECT STORAGE
APP SERVERS
PUBLIC INTERNET
CloudbursAng
Use Cases
Disaster Recovery (DR) • ProducAon environment in on-‐premises environment • DR environment in the cloud • Most common configuraAon is the “Warm DR” scenario
• ReplicaAng slave in the cloud • All other servers in non-‐operaAonal state
Use Cases
On-Premises Public Cloud or On-Premises Resources
Disaster Recovery (DR)
Use Cases Self-‐Service IT Portal (“IT Vending Machine”)
• Users select one of several pre-‐configured tech stacks • Isolated Test/Dev environments
Design ConsideraAons
On-‐Premises IT: Key ConsideraAons
Cost • Sunk investment in physical infrastructure – try to maximize the uAlizaAon of
this CAPEX Workload and Infrastructure Interac/on
• ApplicaAons have different resource needs • Choose the right fit for your applicaAon and your infrastructure
Compliance • Data may be contained on-‐premises for compliance needs or requirements.
On-‐Premises IT: Key ConsideraAons
Latency • Consumers of the on-‐premises resources are generally “closer” to the
environment, which reduces latency User Experience
• Related to latency, end user experience is enhanced due to proximity to resources.
Management ConsideraAons
Elevates: • Configurations • APIs • Automation behaviors • Access control • Billing and governance
Users and systems
RightScale – Multi Infrastructure Resource Management
Common API and UI
AWS On-Premises OS
Hardware Hypervisor Services
APIs APIs
Design Considerations
Location of Physical Hardware • On-premises
• Availability considerations (power, cooling, networking, etc.) • Hosted or Co-location facility
• Accessibility of hardware for additions and/or modification • Latency to end users • Security
Design ConsideraAons
Availability and Redundancy Configuration
• Easiest configuration (single zone, single region, single API endpoint) does not promote high availability
• High Availability of resources requires more complex configurations
Design ConsideraAons/OpAons
Simple ConfiguraAon No HA or Redundancy
HA ConfiguraAon
Design ConsideraAons
Intended Workloads and Use Cases
• Does the applicaAon require high availability or is it tolerant of interrupAons of service? • Does the applicaAon require (or greatly benefit from) specialized hardware or network
configuraAons?
MigraAon ConsideraAons
MigraAon ConsideraAons
AWS Slides?
Lunch
Real-‐World Examples
Customer Example #1: HA/DR Issue faced:
• Highly-‐available web applicaAon architecture. Disaster Recovery environment with RPO as low as possible, and RTO of under two hours.
SoluAon developed: • MulA-‐AZ applicaAon with redundant components in two or more AZs per Aer. DR environment in separate AWS region.
Architecture • Three-‐Aer (four, with caching) in AWS US East • “Warm DR”/”Pilot Light” in separate AWS region
Customer Example #2: CloudbursAng Issue faced:
• Private cloud with limited capacity. Web applicaAon with unpredictable demand, and prone to viral events.
SoluAon developed:
• On-‐premises environment “bursts” into AWS US East VPC. Architecture
• Three-‐Aer applicaAon with scalable array in AWS, and secondary slave. • Direct Connect configuraAon between on-‐premises and AWS US East
Customer Example #3: IT Vending Machine • Issue faced:
• Sales Engineers need to be able to provision mulA-‐node deployments for Hadoop, allowing customers to evaluate the soluAon for a specified period of Ame. Deployments need to be automaAcally cleaned aier that Ame.
• SoluAon developed: • Web UI consuming the RightScale API to assemble required deployments, tracking and cleaning them aier the evaluaAon period.
• Architecture • N/A
User identity Your portal
On-Premises
end users (web browser)
request a certain server type is launched, and specify cloud location
Amazon Web Services
Deploy the chosen server in a private or public cloud, based on the ServerTemplate
Service catalog of IaaS applications (ServerTemplates) RightScale API
RightScale UI
service designers(web browser)
server instance
Self Service IT Portal
server instance
is displayed as service catalogue items within
review access logs, version control and change logs, set permissions
managers (web browser)
billing data sent to RightScale, for all cloud usage
Ask the ArchitectDiving Deep into Hybrid IT Q&A
Q&A
• [I am] looking for reusable templates, best pracAces, and approaches to perform assessments on moving workloads to the cloud.
• RightScale MulACloud Marketplace
• Repository of hundreds of publicly-‐available ServerTemplates
• Onboarding/CloudSight/CloudRank
Q&A
• How does applicaAon management work in hybrid clouds where the private cloud workload may burst to AWS? What are good pracAces for app data sync when the app is running in private cloud and AWS?
• Stateless applicaAon servers are best-‐suited to cloudbursAng. • If data synchronizaAon is required:
• Highly-‐available shared storage (such as S3) • High-‐performance shared filesystem (like GlusterFS or OpenAFS) • Implement a low-‐latency secure link (such as DirectConnect).
Q&A
• Is there a published checklist somewhere of what all needs to be validated prior to deciding to move a system (Exchange, AD, etc.) to the cloud? And is there a checklist for what all needs to take place when you actually decide to move something? Do you have any whitepapers to show how customers have been impacted posiAvely by moving on prem systems to cloud that most customers have (i.e. Exchange, Email, etc.) How have they saved money, provided beler performance, etc.), and made their lives easier?
• This is a common quesAon we get at RightScale -‐-‐ so common that we developed a consulAng product offering around for this exact need (CloudSight). This is tough to answer in general terms, but would be a great topic for our in-‐person events.
Q&A
• How does using Amazon VPC impact using right scale middle ware? • Instances need to route out to RightScale (no inbound access required).
• NAT
• EIPs
• Route through on-‐premise device
Q&A
• How to deal with long distance latency issues in data transfer? • WAN OpAmizaAon Tools
• Compression/De-‐dup/TCP OpAmizaAons, etc.
Q&A
• If we save data to the AWS cloud, does the key reside on the cloud or with us exclusively? (for security reasons, we would prefer not to have the key reside on the cloud as it does on some systems)
Upcoming “Ask the Architect” Events
OperaAonalize Your AWS Usage Through An Enterprise IT Vending Machine
Webinar
AWS re:Invent
Online 9/17
Connecting your Datacenter to AWS Designing and Implementing a Hybrid IT Strategy and Solution
@ AWS re:Invent Las Vegas, NV
11/12
Ask the ArchitectDiving Deep into Hybrid IT Appendix
Agenda
10:30AM -‐ 11:00AM RegistraAon 11:00AM – 11:15AM IntroducAons 11:15AM – 12:00PM Planning for a Hybrid IT Environment 12:00PM – 01:00PM Lunch/Networking 01:00PM – 02:00PM Planning for a Hybrid IT Environment (conAnued) 02:00PM – 03:00PM Q&A
Hybrid IT Trends
Source: RightScale State of the Cloud 2013
Currently running apps in public cloud
Currently running apps in on-premises environments
Currently running apps in hybrid environments
Current Cloud Usage By organizations with a Hybrid IT strategy
Enterprises want multi-cloud/hybrid IT
Hybrid IT 47%
Multi-private 15%
Multi-public 15%
DefiniAons and Terminology
On-‐Premises IT A collecAon of compute, storage, and network resources for a single tenant that are accessed programmaAcally via an API endpoint.
Cloud Architecture A similar set of resources that is mulA-‐tenant and is provided by a cloud vendor with access via an API endpoint.
Hybrid IT An environment that spans your cloud provider as well as one or more on-‐premises IT environments.
Mul/-‐Cloud An environment that spans two or more separate cloud providers or regions
AWS ConnecAons to the Enterprise
Enterprises are AdopAng AWS to Achieve the Benefits of the Cloud
Replace CapEx with OpEx
✔
Lower Overall Costs
✔
No More Guessing Capacity
✔
Agility / Speed / Innovation
✔ ✔
Shift Focus to Differentiation
Go Global in Minutes
✔
Many Enterprises Worry that These Are the Only Two Choices
Build a new ‘private’
cloud.
Rip everything out and move to AWS.
#1 #2
The Good News Is that the Cloud Isn’t an ‘All or Nothing’ Choice
Corporate Data Centers
On-premises Resources
Cloud Resources Integration
Active Directory Network Configuration
Encryption Back-up Appliances
Users & Access Rules (IAM) Your Private Network (VPC)
Encryption (S3, RDS, HSM) Back-ups (Storage Gateway)
AWS Direct Connect
Your On-premise Apps Your Cloud Apps
IntegraAng AWS with Your ExisAng On-‐premises Infrastructure
Corporate Data Centers
The AWS Ecosystem Allows You to Use Your ExisAng Management Tools
Single Pane of Glass
On-premises Data Centers
Consulting & Management Partner
Strategies Enterprises Are Using to Connect with AWS
Strategy 1: Cloud for Development and Test Environments
SAP
Reduced deployment time from weeks to days
SAP
70% reduction in operational costs
Oracle
Reduced dev & test environment costs
“Using cloud for Test and Development workloads is an easy win. A lot of enterprises are using AWS in this way first.”
James Governor, Founder
Strategy 2: Build New Apps for the Cloud
Faster to build
Facebook app
Global web sites
Mobile streaming
Social games
Consumer apps
Genetic sequencing
Marketing campaigns
Less expensive to run
Distributed architectures for high availability
Easier to manage
Financial record archiving
Analytics
Backup
Storage Gateway
Elastic Map Reduce
Redshift
Amazon S3
Strategy 3: Use Cloud to Make ExisAng On-‐Prem Apps Beler
Corporate Data Centers
...
App 1
App 2
App N
Operational applications
Export data to AWS for analytics processing
Oracle databases
Automated back-up to S3 with Oracle RMAN
Strategy 3: Use Cloud to Make ExisAng On-‐Prem Apps Beler
Retail operational applications
Data synchronization & back-up with AWS storage gateway
Strategy 4: New Cloud Apps that Integrate Back to On-‐Prem Systems
On-premises Data Centers
Hybrid App
AWS serves up application content & data
Integration back to Samsung Data Centers for financial transactions
Strategy 5: Migrate ExisAng Apps to the Cloud
1/3 of servers migrated to AWS
Saved 1-1.5 million GBP
App
Your Data Center
Migrated 500 web properties in 5
months
New product web sites in 2 days vs. 2
weeks
Migrated clinical trials simulations platform
Simulations in 1.2hrs vs. 60hrs
64% reduction in costs
App
Strategy 6: All-‐In
10,000s of EC2 instances in multiple regions & zones
100s of middle tier services & applications to support 33M+ global members
At peak consumes 1/3 of US Internet bandwidth
On-premises Cloud
AWS Direct Connect
Internet
VPC VPN
The AWS Storage Gateway
Internet
S3 Storage Gateway
App
Volume
On-premises Cloud
Storage Gateway
The AWS Storage Gateway
On-premises
Internet
S3 Storage Gateway
App
Cloud
Volume
Volume
Internet
Cloud
Storage Gateway
On-premises
Internet
S3 Storage Gateway
App
Volume
A Disaster Happens
Internet
Storage Gateway
Internet
Storage Gateway
App
Volume
Disaster Recovery
EBS
On-premises
S3 Storage Gateway
Internet
SNAPSHOT
Internet
S3 Storage Gateway
App
Volume
Disaster Recovery
EC2 EBS
On-premises
Storage Gateway
Internet
App
Internet
Disaster Recovery
EC2 EBS
App
On-premises
EC2 EBS
App
Internet
ImplementaAon and Management of Hybrid IT
On-‐Premises IT: Key ConsideraAons
Cost • Sunk investment in physical infrastructure – try to maximize the uAlizaAon of
this CAPEX Workload and Infrastructure Interac/on
• ApplicaAons have different resource needs • Choose the right fit for your applicaAon and your infrastructure
Compliance • Data may be contained on-‐premises for compliance needs or requirements.
On-‐Premises IT: Key ConsideraAons
Latency • Consumers of the on-‐premises resources are generally “closer” to the
environment, which reduces latency User Experience
• Related to latency, end user experience is enhanced due to proximity to resources.
Management ConsideraAons
Elevates: • Configurations • APIs • Automation behaviors • Access control • Billing and governance
Users and systems
RightScale – Multi Infrastructure Resource Management
Common API and UI
AWS On-Premises OS
Hardware Hypervisor Services
APIs APIs
Design Considerations
Location of Physical Hardware • On-premises
• Availability considerations (power, cooling, networking, etc.) • Hosted or Co-location facility
• Accessibility of hardware for additions and/or modification • Latency to end users • Security
Design ConsideraAons
Availability and Redundancy Configuration • Easiest configuration (single zone, single region, single API endpoint)
does not promote high availability • High Availability of resources requires more complex configurations
Design ConsideraAons/OpAons
Simple ConfiguraAon No HA or Redundancy
HA ConfiguraAon
Design ConsideraAons
Intended Workloads and Use Cases • Does the applicaAon require high availability or is it tolerant of interrupAons
of service? • Does the applicaAon require (or greatly benefit from) specialized hardware or
network configuraAons?
Use Cases Cloudburs/ng
• An applicaAon deployment model in which an applicaAon runs in your on-‐premises environment and bursts to a cloud provider when the demand for compuAng capacity spikes.
• The advantage of a cloud bursAng-‐enabled deployment is that an organizaAon only pays for extra compute resources when they are needed.
• ConsideraAons: • Control – public Internet traversal may be required • Latency – traversal of public Internet involves the Great Unknown • Cost – bandwidth charges for public Internet traversal • Complexity – numerous opAons exist for configuraAon of a hybrid secure environment
Hybrid IT / CloudbursAng
ON-PREMISES CLOUD
LOAD BALANCERS
APP SERVERS
MASTER DATABASE
SLAVE DATABASE
OBJECT STORAGE
APP SERVERS
PUBLIC INTERNET
CloudbursAng
Use Cases
Disaster Recovery (DR) • ProducAon environment in on-‐premises environment • DR environment in the cloud • Most common configuraAon is the “Warm DR” scenario
• ReplicaAng slave in the cloud • All other servers in non-‐operaAonal state
Use Cases
On-Premises Public Cloud or On-Premises Resources
Disaster Recovery (DR)
Use Cases Self-‐Service IT Portal (“IT Vending Machine”)
• Users select one of several pre-‐configured tech stacks • Isolated Test/Dev environments
User identity Your portal
On-Premises
end users (web browser)
request a certain server type is launched, and specify cloud location
Amazon Web Services
Deploy the chosen server in a private or public cloud, based on the ServerTemplate
Service catalog of IaaS applications (ServerTemplates) RightScale API
RightScale UI
service designers(web browser)
server instance
Self Service IT Portal
server instance
is displayed as service catalogue items within
review access logs, version control and change logs, set permissions
managers (web browser)
billing data sent to RightScale, for all cloud usage
The Business Case for Moving to the Cloud IT Needs The AWS + RightScale Solution
The ability to scale your project portfolio without the need to scale headcount.
• Professional services to design and implement. • Provision predictable and repeatable AWS and on-
premises resources. • Ensure compliance on all IT resources.
Ensuring 24x7 uptime in a global marketplace.
• Advanced monitoring and alerting. • Automated remedial actions across all your IT
resources.
Maintain visibility and control. Advanced reporting and user access providing visibility and control across all your IT resources.
Consolidated management of infrastructure environments.
A single pane of glass for managing both all your IT resources.
Upcoming “Ask the Architect” Events
OperaAonalize Your AWS Usage Through An Enterprise IT Vending Machine De
pth of con
tent
Webinar
Digging Deep with Hybrid IT
AWS re:Invent
In Person
Online 9/17
Los Angeles 9/10 NYC 10/1 Boston 10/15
Connecting your Datacenter to AWS Designing and Implementing a Hybrid IT Strategy and Solution
@ AWS re:Invent Las Vegas, NV
11/12
Q&A
• [I am] looking for reusable templates, best pracAces, and approaches to perform assessments on moving workloads to the cloud.
• RightScale MulACloud Marketplace • Repository of hundreds of publicly-‐available ServerTemplates
• Onboarding/CloudSight/CloudRank
Q&A
• How does applicaAon management work in hybrid clouds where the private cloud workload may burst to AWS? What are good pracAces for app data sync when the app is running in private cloud and AWS?
• Stateless applicaAon servers are best-‐suited to cloudbursAng. • If data synchronizaAon is required:
• Highly-‐available shared storage (such as S3) • High-‐performance shared filesystem (like GlusterFS or OpenAFS) • Implement a low-‐latency secure link (such as DirectConnect).
Q&A
• Is there a published checklist somewhere of what all needs to be validated prior to deciding to move a system (Exchange, AD, etc.) to the cloud? And is there a checklist for what all needs to take place when you actually decide to move something? Do you have any whitepapers to show how customers have been impacted posiAvely by moving on prem systems to cloud that most customers have (i.e. Exchange, Email, etc.) How have they saved money, provided beler performance, etc.), and made their lives easier?
• This is a common quesAon we get at RightScale -‐-‐ so common that we developed a consulAng product offering around for this exact need (CloudSight). This is tough to answer in general terms, but would be a great topic for our in-‐person events.
Q&A
• How does using Amazon VPC impact using right scale middle ware?
• Instances need to route out to RightScale (no inbound access required). • NAT • EIPs • Route through on-‐premise device
Q&A
• How to deal with long distance latency issues in data transfer?
• WAN OpAmizaAon Tools • Compression/De-‐dup/TCP OpAmizaAons, etc.
Q&A
• If we save data to the AWS cloud, does the key reside on the cloud or with us exclusively? (for security reasons, we would prefer not to have the key reside on the cloud as it does on some systems)
• TrendMicro, a RightScale partner, has SecureCloud which allows data encrypAon with the key management provided by Trend’s SaaS platorm (not in AWS), or in your own datacenter.
The Business Case for Moving to the Cloud IT Needs The AWS + RightScale Solution
The ability to scale your project portfolio without the need to scale headcount.
• Professional services to design and implement. • Provision predictable and repeatable AWS and on-
premises resources. • Ensure compliance on all IT resources.
Ensuring 24x7 uptime in a global marketplace.
• Advanced monitoring and alerting. • Automated remedial actions across all your IT
resources.
Maintain visibility and control. Advanced reporting and user access providing visibility and control across all your IT resources.
Consolidated management of infrastructure environments.
A single pane of glass for managing both all your IT resources.