aws re:invent 2016: bring microsoft applications to aws to save money and stay license compliant...
TRANSCRIPT
© 2016, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Scott Zimmerman, Solutions Architect
November 29, 2016
Bring Microsoft Applications to AWS to Save
Money and Stay License Compliant Using
PowerShell, Windows KMS, and Dedicated Hosts
WIN301
What to Expect from the Session
• BYOL Terminology
• Dedicated Hosts
• Cut SQL Server costs in half
• AWS Config
• AWS VMImport with PowerShell
What isn’t covered here
• Service Provider License Agreement
• Microsoft Office
• Amazon WorkSpaces
• Please email: [email protected]
AWS Resources for Microsoft WorkloadsDocumentation
http://docs.aws.amazon.com/AWSEC2/latest/WindowsGuide
Quick Starts
https://aws.amazon.com/quickstart
Whitepapers
Windows https://aws.amazon.com/windows/resources/whitepapers
All AWS https://aws.amazon.com/whitepapers
Tools
.NET SDK https://aws.amazon.com/net
Visual Studio Plugin https://aws.amazon.com/visualstudio
PowerShell Tools https://aws.amazon.com/powershell
AWS Developer Tools https://aws.amazon.com/tools
DevOps https://aws.amazon.com/devops/windows
Training & Certification
Qwiklabs https://aws.amazon.com/windows/resources/training
Training https://aws.amazon.com/training
Certification https://aws.amazon.com/certification
Getting Started
https://aws.amazon.com/windows/getting-started
Pricing & Calculators
https://aws.amazon.com/ec2/pricing
https://aws.amazon.com/pricing
Partners
https://aws.amazon.com/partners/competencies/microsoft
http://www.aws-partner-directory.com
Videos
https://aws.amazon.com/windows/resources/#videos
https://aws.amazon.com/windows/events
https://www.youtube.com/AmazonWebServices
https://www.youtube.com/AWSwebinars
Discussion Forums
EC2 https://forums.aws.amazon.com/forum.jspa?forumID=30
.NET https://forums.aws.amazon.com/forum.jspa?forumID=61
More
Windows on AWS Homepage https://aws.amazon.com/windows
FAQs https://aws.amazon.com/windows/faq
MS Licensing https://aws.amazon.com/windows/resources/licensing
SQL Server https://aws.amazon.com/windows/products/sql
SharePoint https://aws.amazon.com/windows/products/sharepoint
Exchange https://aws.amazon.com/windows/products/exchange
System Center https://aws.amazon.com/windows/products/system-center
Contact Us https://aws.amazon.com/windows/contact-us
Windows Resources https://aws.amazon.com/windows/resources
Support https://aws.amazon.com/premiumsupport
Software Marketplace https://aws.amazon.com/marketplace
Quick Start: SharePoint Server
Licensing Terminology
Buy License-Included Instances from AWS
Microsoft Licensing Options on AWS
Bring Your Own Licenses to AWS
Windows Server with
SQL Server
Dedicated options if
you don’t have
Software Assurance
Default tenancy for
licenses eligible for
License Mobility
Windows Server
Microsoft licensing options in Amazon EC2
Buy licenses from
AWS
Use
License Mobility
Bring your own
licenses (BYOL)
• Leverage existing
software investments
• You manage compliance
with Microsoft
• Software Assurance not
required
• Leverage existing
software investments
• AWS manages Windows
Server licensing
• Software Assurance
required
• AWS manages licensing
• Pay as you go pricing
• Default tenancy or
Dedicated Instances
• Software Assurance not
required
• Unlimited CALs
Licensing flexibility helps you optimize your costs.
License Included (AMIs from AWS)
• Fully managed licensing
• All versions of Windows Server, even 2003
• Supported versions of SQL Server (optional)
• Hourly instance cost includes license
• No need to buy Software Assurance
• No need to buy Client Access Licenses (CALs)
• Includes 2 Remote Desktop CALs
License Mobility
License Mobility is a benefit of
Microsoft Software Assurance allowing
customers to move existing licenses
from on-premises to the cloud
You Live
Here
Dedicated
Instance
Dedicated
Host
Default-
Tenancy
Until you
reboot
Dedicated Hosts
• Primarily used for processor and core-based products
• Software Assurance is not required
• AWS assigns the physical host to the customer
• Meets Microsoft’s 90 day reassignment rule
• Best choice for customers that want to carry in many
Microsoft licenses
• Windows Server cannot be bought from AWS (must use
ImportImage)
Dedicated Instances
• Can BYOL without Software Assurance, or for products
ineligible for License Mobility
• Supports products licensed by user (e.g. Skype for
Business, Exchange, and Remote Desktop Services)
• Windows Server must be bought from AWS (unless you
have MSDN and the workload is not “production”)
Microsoft Licensing on Amazon EC2
License TypeDedicated
Hosts
Dedicated
InstancesDefault-Tenancy
Windows ServerOnly with
ImportImage
Must Buy
License Included
Must Buy
License Included
SQL ServerLicense Mobility
or License Included
Other Microsoft
Products
User-based
License Required
License Mobility
Required
MSDN
Dedicated Hosts vs. Dedicated Instances
CharacteristicDedicated
Instances
Dedicated
Hosts
Enables use of dedicated physical servers
First instance per region $2 per hour
Per host billing
Visibility of sockets, cores
Affinity between host and instance
Targeted instance placement
Automatic instance placement
Add capacity with allocation request
Questions so far?
Dedicated Hosts
When to use Dedicated Hosts?
• To leverage your existing Windows Server investments
• To BYOL if you don’t have Software Assurance, or product isn’t
eligible for License Mobility (e.g., Windows or Microsoft Office)
• For compliance or accounting reasons
• To reduce costs at scale (e.g., fill the host)
Bringing your licenses to Dedicated Hosts
Allocate
dedicated
hosts3Launch
Instances onto
Dedicated
Hosts4Activate AWS
Config2Import VM
images with VM
Import/Export1
Host Lifecycle
1. Allocate an “On-Demand” Host
2. (optional) Purchase a Host Reservation and Assign it to
the Host
3. Launch Instances on the Host
• Must be an imported and licensed Windows Server image
4. Terminate the Instances
5. Release On-Demand Host. (When reservation expires,
it reverts to on-demand.)
Dedicated Host Allocation
DH instance
type sets its
max capacity:
For example, a c4 DH can hold:
• 16 * c4.large (2 vCPUs), or
• 2 * c4.4xlarge (16 vCPUs), or
• 1 * c4.8xlarge (32 vCPUs)
Technically there are 40 vCPUs in a c4 DH, but AWS
reserves some for the host OS.
Dedicated Host Configurations
Example: c3.xlarge host has capacity for 8 c3.xlarge instances
Dedicated Host Attributes Instance Capacity Per Host by Instance Size
Instance Type
SocketsPhysical
Coresmedium large xlarge 2xlarge 4xlarge 8xlarge 10xlarge 16xlarge 32xlarge
c3 2 20 - 16 8 4 2 1 - - -
c4 2 20 - 16 8 4 2 1 - - -
p2 2 36 - - 16 - - 2 - 1 -
g2 2 20 - - - 4 - 1 - - -
m3 2 20 32 16 8 4 - - - - -
d2 2 24 - - 8 4 2 1 - - -
r3 2 20 - 16 8 4 2 1 - - -
m4 2 24 - 22 11 5 2 - 1 - -
i2 2 20 - - 8 4 2 1 - - -
x1 4 72 - - - - - - - 2 1
How many licenses does a Dedicated Host
require?
• Microsoft:
Windows Server 2012 R2 Licensing Datasheet
• AWS:
Amazon EC2 Dedicated Hosts
Two payment options for your hosts
On-Demand• Per-hour host billing
• Allocation initiates billing
• Scale up and down
• Access to hosts on-demand
worldwide in seconds
Reservations• Save up to 70% over On-
Demand
• 1-year and 3- year terms
• Upfront payment options
• Reservations are assigned
to specific Dedicated Hosts
Should you BYOL or buy LI?
• Create a simple spreadsheet
• Grab some numbers from AWS Simple Monthly Calculator:
• Dedicated Host?
• Reservation?
• With SQL Server?
• With AWS Business Support?
• Do you have a sunk cost on your licenses, or considering new licenses?
• Do you plan to buy Software Assurance, and for how long?
• Multiply your Enterprise Agreement Level per-proc cost by number of vCPUs.
Dedicated Hosts
• Avoid buying extra licenses
• Instances automatically fill
available hosts
• Can reserve your own
excess capacity for DR
• Can run Windows Server
Standard Edition, but pay
attention to the OSE terms
in your agreement!
• Best Practice: Ensure your
workload is placed across
two Availability Zones for HA.
Advantages of License Included
• Easy to let AWS manage your license compliance
• Reduce costs if you decide to consolidate workloads later
• Reduce costs if you choose to stop the instances
• Reduce costs if you don’t need full Dedicated Host capacity
• Retain freedom to re-platform
SQL Server on Amazon EC2
Amazon RDS for SQL Server
SQL Server Options
SQL Server on Amazon EC2
BYOLLicense
IncludedBYOL
License
Included
DH DI DT DI DT
License Mobility
Required
SQL Server Architecture Impacts Licensing
• Network latency between AWS Availability Zones is so low that you can synchronous commit (therefore automatic failover) for most applications
• Does HA == DR?
• Think about potential data corruption spread
• Some customers have distance requirements disallowing separate Availability Zones for DR
• AWS also provides multi-region DR (RTO == a few hours)
• Deploy new farm from AWS CloudFormation
• Restore data from snapshots in Amazon S3
Multi-AZ AlwaysOn Availability Group
Availability Zone 1
Private Subnet
EC2
Primary
Replica
Availability Zone 2
Private Subnet
EC2
Secondary
Replica
AWS Region
Synchronous Commit
Automatic Failover
Multi-Region AlwaysOn Availability Group
Availability Zone 1
EC2
Primary
Replica
AWS Region A
Availability Zone 2
EC2
Secondary
Replica
Availability Zone 1
EC2
Secondary
Replica
AWS Region B
Elastic IP
VPNElastic IP
Synchronous Commit
Automatic FailoverAsynchronous Commit
Manual Failover
Architect SQL Server to Save Money
• Is your secondary SQL Server instance completely “passive,” not a
Read Replica, or even a backup source?
• With License Mobility, you can eliminate licenses for each vCPU in
the passive SQL Server instance
Amazon RDS for SQL Server
BYOL SQL Server in Amazon RDS
• Submit a License Mobility form to Microsoft for verification of your
licenses
• Microsoft will verify it to you and to AWS
• You may deploy your application up to ten days before submitting
the form
• RDS License Model: choose BYOL instead of License Included
SharePoint Server
BYOL Windows
Server?
BYOL Decision Tree: SharePoint Server
Do you have a SharePoint
Server license?1 No AWS
Marketplace
Is it MSDN and your
workload is not PROD?2
Yes DI or
DH
Do you have License
Mobility?3
No
Yes
No
Yes
No
BYOL Windows Server?Yes
DH
No
4
Yes
5
DT
Notes: SharePoint Server
ineligible for DI except
with MSDN. Cannot
BYOL on default-tenancy
without License Mobility.
AWS Config
AWS Config
• Microsoft requires that you track usage of your licenses
against physical resources such as sockets and cores.
• AWS Config tracks configuration changes that occur on
a Dedicated Host, including the instances and AMIs,
Host ID, and the number of sockets and physical cores.
• Also tracks instance tags (recommended).
AWS Config
You can accept the default for all of these:
• Which AWS resources do you want to track?
• Which Amazon S3 bucket will hold the files?
• Which Amazon SNS topic will get notifications?
• Which AWS IAM role will AWS Config use?
VM Import/Export Service
AWS VM Import/Export Demo with PowerShell
AWS Tools for Windows PowerShell
• More than 2,100 cmdlets and constantly growing
• Install options
• .msi with AWS SDK for .NET and AWS Visual Studio Toolkit
• PowerShell Gallery
• Pre-installed on EC2 Windows
• Initial setup
• Set credential profile(s) for local use
• Set a default region
Demo: VMImport with
PowerShell
Customer: Deltek
• Saving hundreds of thousands on licensing costs with
Dedicated Hosts
• Running production workloads on AWS for more than
20,000 organizations in 80+ countries
• Being on AWS has helped Deltek with scalability and
rapid growth via acquisitions
• Compliance is key with many public sector customers
(e.g., FedRAMP, ITAR)
Customer: Infor
• Running production workloads on dedicated hosts with BYOL to take
advantage of ELA pricing
• Delivering cloud solutions on AWS to ~5,000 companies around the
globe
• Running a very large multi-OS environment that includes 1,000
Windows instances
• Achieving the high availability essential for their business customers, as
well as the agility to respond faster to growing customer requirements
• “Friends don’t let friends build datacenters.”
– CEO Charles Phillips at AWS Summit in 2014
Grow your Business with APN Partners
Partner Solutions Finder (just
launched) – Find the best AWS
Competency and Service Delivery
partners to meet your business needs
Visit our kiosks in Sands Lower Lobby,
Executive Summit, or the AWS Booth
http://aws.amazon.com/partners/find
Questions?
Please come to the mic.
Visit the Windows Solutions kiosk in the main AWS booth.
Or email: [email protected]
Thank you!
Remember to complete
your evaluations!