running microsoft workloads on aws | aws public sector summit 2016
TRANSCRIPT
![Page 1: Running Microsoft Workloads on AWS | AWS Public Sector Summit 2016](https://reader033.vdocument.in/reader033/viewer/2022042604/58781ecd1a28aba12d8b6187/html5/thumbnails/1.jpg)
© 2016, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Bill Jacobi, Solutions Architect
June 20, 2016
Running Microsoft Workloads on AWS
![Page 2: Running Microsoft Workloads on AWS | AWS Public Sector Summit 2016](https://reader033.vdocument.in/reader033/viewer/2022042604/58781ecd1a28aba12d8b6187/html5/thumbnails/2.jpg)
Why Run Microsoft Servers on AWS?Amazon’s Migration to AWSDemo of Windows Architecture on AWSCost, Licensing, & Performance Architecture and Technology
Agenda
![Page 3: Running Microsoft Workloads on AWS | AWS Public Sector Summit 2016](https://reader033.vdocument.in/reader033/viewer/2022042604/58781ecd1a28aba12d8b6187/html5/thumbnails/3.jpg)
Why Run Microsoft Servers on AWS?Cloud Benefits
Agility Vertical and horizontal scaling takes place in minutes. Experiment, optimize with simple clicks or CLI commands
Cost You pay only for what you use, and you can turn up/down resources elastically according to demand or schedules
Elasticity Resources are provisioned according to demand. Horizontal and vertical scalability are programs, clicks or CLI commands.
Breadth of functionality Compute, Storage, Database, Networking, Dev Tools, Management tools, Security/Identity, Analytics, Mobile, App Services, Enterprise Apps
Go global 12 Regions across Americas, Europe, Asia, Australia, South America. 33 Availability Zones.
![Page 4: Running Microsoft Workloads on AWS | AWS Public Sector Summit 2016](https://reader033.vdocument.in/reader033/viewer/2022042604/58781ecd1a28aba12d8b6187/html5/thumbnails/4.jpg)
Why Run Microsoft Servers on AWS?AWS-specific Benefits
Add-On Compatibility ISV add-ons supported by Infrastructure as a Service platform
Enabled for compliance Applications can run under NIST, PCI, or HIPAA Accelerators that provide baseline regulatory controls
License management AWS Config can monitor license compliance of server-bound licenses on Amazon Dedicated Hosts
Auditability enabled Every API call, network packet in/out, and infrastructure change is audited, both ALLOWS/DENIES
DevOps enabled AWS CloudFormation builds infrastructure while Microsoft PowerShell builds applications, automating Windows on AWS deployments
Optimization Monitor and optimize the specific resources needed
![Page 5: Running Microsoft Workloads on AWS | AWS Public Sector Summit 2016](https://reader033.vdocument.in/reader033/viewer/2022042604/58781ecd1a28aba12d8b6187/html5/thumbnails/5.jpg)
In 2013, Amazon IT decided to migrate the Microsoft stack to AWSOver 200K Amazon users access Exchange, SharePoint, and Lync through the corporate imageExchange data points:
• There are 26 Exchange servers (4 per AZ)
• 7,600 users per server• DAG Architecture for HA• Supports users in Americas,
EMEA, and Asia
Amazon’s Migration to AWS
![Page 6: Running Microsoft Workloads on AWS | AWS Public Sector Summit 2016](https://reader033.vdocument.in/reader033/viewer/2022042604/58781ecd1a28aba12d8b6187/html5/thumbnails/6.jpg)
Demo: SharePoint Pushbutton Launch
SharePoint Deploys SharePoint Foundation running on Windows Server
View View in Designer
Launch Stack
![Page 7: Running Microsoft Workloads on AWS | AWS Public Sector Summit 2016](https://reader033.vdocument.in/reader033/viewer/2022042604/58781ecd1a28aba12d8b6187/html5/thumbnails/7.jpg)
Announcing
![Page 8: Running Microsoft Workloads on AWS | AWS Public Sector Summit 2016](https://reader033.vdocument.in/reader033/viewer/2022042604/58781ecd1a28aba12d8b6187/html5/thumbnails/8.jpg)
Accelerator for Microsoft Servers
• Single VPC for integrated cross-server experience
• Multiple AZs for high availability across all servers
• DMZ subnet for management
• Private subnet for app servers
• 2 AD sites mapped to the 2 AZs for high availability
• Connect to on-premises through AWS Direct Connect (not part of QuickStart)
![Page 9: Running Microsoft Workloads on AWS | AWS Public Sector Summit 2016](https://reader033.vdocument.in/reader033/viewer/2022042604/58781ecd1a28aba12d8b6187/html5/thumbnails/9.jpg)
• Exchange DAG architecture
• Lync Paired Pool architecture
• SQL Server Always On architecture for SharePoint
• Brick architecture represents a 10 K modular pod
• Add n pods for n-scale • Use the Microsoft capacity
calculators and load-testing tools to validate
Accelerator for Microsoft Servers
![Page 10: Running Microsoft Workloads on AWS | AWS Public Sector Summit 2016](https://reader033.vdocument.in/reader033/viewer/2022042604/58781ecd1a28aba12d8b6187/html5/thumbnails/10.jpg)
Accelerator for Microsoft Servers
![Page 11: Running Microsoft Workloads on AWS | AWS Public Sector Summit 2016](https://reader033.vdocument.in/reader033/viewer/2022042604/58781ecd1a28aba12d8b6187/html5/thumbnails/11.jpg)
• Exchange, SharePoint, Lync, SQL Server, and Active Directory on AWS
• Deployed from single Master template• 14 Servers, 2 AZs, 10 K Users• Exchange users have 5 GB mailboxes• Lync users have VOIP, video, web
conferencing, and desktop sharing• SharePoint Blog and Team Sites are
“Everyone”-enabled• ~$14/hour to operate
Demo: Microsoft Servers on AWS
![Page 12: Running Microsoft Workloads on AWS | AWS Public Sector Summit 2016](https://reader033.vdocument.in/reader033/viewer/2022042604/58781ecd1a28aba12d8b6187/html5/thumbnails/12.jpg)
![Page 13: Running Microsoft Workloads on AWS | AWS Public Sector Summit 2016](https://reader033.vdocument.in/reader033/viewer/2022042604/58781ecd1a28aba12d8b6187/html5/thumbnails/13.jpg)
Full Control of Infrastructure and Applications
![Page 14: Running Microsoft Workloads on AWS | AWS Public Sector Summit 2016](https://reader033.vdocument.in/reader033/viewer/2022042604/58781ecd1a28aba12d8b6187/html5/thumbnails/14.jpg)
![Page 15: Running Microsoft Workloads on AWS | AWS Public Sector Summit 2016](https://reader033.vdocument.in/reader033/viewer/2022042604/58781ecd1a28aba12d8b6187/html5/thumbnails/15.jpg)
$9,997 per Month or $13.70/Hour–Details
• $1.00/user/month
• Architecture supports10 K Users
• 5 GB Mailboxes
• 1 TB SSD Storage for User Profiles
![Page 16: Running Microsoft Workloads on AWS | AWS Public Sector Summit 2016](https://reader033.vdocument.in/reader033/viewer/2022042604/58781ecd1a28aba12d8b6187/html5/thumbnails/16.jpg)
$9,997 per Month or $13.70/Hour–Details
![Page 17: Running Microsoft Workloads on AWS | AWS Public Sector Summit 2016](https://reader033.vdocument.in/reader033/viewer/2022042604/58781ecd1a28aba12d8b6187/html5/thumbnails/17.jpg)
Licensing Microsoft Products on AWS
BYOL: Support for Microsoft servers• Exchange, Skype for Business,
SharePoint, Systems Center• See AWS Microsoft Licensing page for
details
License-included: Windows Server and SQL Server AMIs available from AWS
• Windows Server 2012• Windows Server 2012 R2• Windows Server 2008• Windows Server 2008 R2• Windows Server 2003• SQL Server 2012 • SQL Server 2014 http://aws.amazon.com/windows/resources/amis/
![Page 18: Running Microsoft Workloads on AWS | AWS Public Sector Summit 2016](https://reader033.vdocument.in/reader033/viewer/2022042604/58781ecd1a28aba12d8b6187/html5/thumbnails/18.jpg)
Architecture and Technology
• Architectural Considerations• SharePoint and SQL Server on AWS• Performance and Latency• DevOps • Enabled for Compliance• Auditability
![Page 19: Running Microsoft Workloads on AWS | AWS Public Sector Summit 2016](https://reader033.vdocument.in/reader033/viewer/2022042604/58781ecd1a28aba12d8b6187/html5/thumbnails/19.jpg)
Architectural Considerations
Amazon VPC
• Configure IP ranges, public/private subnets, routing tables, Internet or private gateway
Security groups, network ACLs, VPC flow logging
Remote administration
The principle of least privilege
![Page 20: Running Microsoft Workloads on AWS | AWS Public Sector Summit 2016](https://reader033.vdocument.in/reader033/viewer/2022042604/58781ecd1a28aba12d8b6187/html5/thumbnails/20.jpg)
SharePoint on AWS - link
![Page 21: Running Microsoft Workloads on AWS | AWS Public Sector Summit 2016](https://reader033.vdocument.in/reader033/viewer/2022042604/58781ecd1a28aba12d8b6187/html5/thumbnails/21.jpg)
SQL Server High Availability - link
Availability Zone 1
Private Subnet
Primary Replica
Availability Zone 2
Private Subnet
SecondaryReplica
Synchronous-commit Synchronous-commit
Automatic Failover
Primary: 10.0.2.100WSFC: 10.0.2.101AG Listener: 10.0.2.102
Primary: 10.0.3.100WSFC: 10.0.3.101AG Listener: 10.0.3.102
AG Listener:ag.awslabs.net
![Page 22: Running Microsoft Workloads on AWS | AWS Public Sector Summit 2016](https://reader033.vdocument.in/reader033/viewer/2022042604/58781ecd1a28aba12d8b6187/html5/thumbnails/22.jpg)
Performance and Latency: Wash DC–Portland, OR
88 ms round trip via Internet 59 ms round trip via Direct Connect
![Page 23: Running Microsoft Workloads on AWS | AWS Public Sector Summit 2016](https://reader033.vdocument.in/reader033/viewer/2022042604/58781ecd1a28aba12d8b6187/html5/thumbnails/23.jpg)
Basic standard in AWS for automating deployment of resources
CloudFormation template− JSON-formatted document which describes
a configuration to be deployed in an AWS account
− When deployed, refers to a “stack” of resources
PowerShell can be slipstreamed into UserData and run at instance start up
AWS CloudFormation
DevOps–CloudFormation
![Page 24: Running Microsoft Workloads on AWS | AWS Public Sector Summit 2016](https://reader033.vdocument.in/reader033/viewer/2022042604/58781ecd1a28aba12d8b6187/html5/thumbnails/24.jpg)
Create Lync FrontEnd1 Instance
Embed PowerShell
DevOps–PowerShell in CloudFormation
![Page 25: Running Microsoft Workloads on AWS | AWS Public Sector Summit 2016](https://reader033.vdocument.in/reader033/viewer/2022042604/58781ecd1a28aba12d8b6187/html5/thumbnails/25.jpg)
DevOps–AWS CodeCommitVersion Control with Git
![Page 26: Running Microsoft Workloads on AWS | AWS Public Sector Summit 2016](https://reader033.vdocument.in/reader033/viewer/2022042604/58781ecd1a28aba12d8b6187/html5/thumbnails/26.jpg)
Enterprise Accelerator for Compliance–link
![Page 27: Running Microsoft Workloads on AWS | AWS Public Sector Summit 2016](https://reader033.vdocument.in/reader033/viewer/2022042604/58781ecd1a28aba12d8b6187/html5/thumbnails/27.jpg)
Auditability Infrastructure:
− AWS CloudTrail− AWS Config− Amazon Inspector
Network:− VPC flow logs− Elastic Load Balancing access logs
Application:− Amazon CloudWatch Logs
CloudWatch Logs can integrate• Event logs• IIS logs• Event Tracing for Windows (ETW) logs• Any performance counter data• Exchange, Lync, SharePoint logs• Any text-based log files
![Page 28: Running Microsoft Workloads on AWS | AWS Public Sector Summit 2016](https://reader033.vdocument.in/reader033/viewer/2022042604/58781ecd1a28aba12d8b6187/html5/thumbnails/28.jpg)