aws public sector jerusalem | 19 nov 2014 aws service ... · pdf fileaws public sector...

AWS Public Sector!

AWS Public Sector Jerusalem | 19 Nov 2014!

AWS Service Drill Downs

Leo Zhadanovsky Senior Solu*ons Architect @leozh

AWS Public Sector!

AWS Global Infrastructure

Application Services

Networking

Deployment & Administration

Database Storage Compute

AWS Public Sector!


Networking





Networking



AWS Public Sector!


11 Regions!consisting of !

28 Availability Zones!

and!52 Edge Locations (CDN)!

AWS Public Sector!

US REGIONS GLOBAL REGIONS

Availability Zone A

Availability Zone B

Availability Zone C

EU (Ireland)

Availability Zone A

Availability Zone B

South America (Sao Paulo)

Availability Zone A

Availability Zone B

Asia Pacific (Sydney)

Availability Zone A

Availability Zone B

GovCloud (OR)

Availability Zone A

Availability Zone B

Availability Zone C

Availability Zone D

US East (VA)

Availability Zone A

Availability Zone B

US West (CA)

Availability Zone A

Availability Zone B

Asia Pacific (Singapore)

Availability Zone A

Availability Zone B

Availability Zone C

Asia Pacific (Tokyo)

Availability Zone A

Availability Zone B

Availability Zone C

US West (OR)

Customer Decides Where Applica*ons and Data Reside Note: Conceptual drawing only. The number of Availability Zones may vary.

Availability Zone A

Availability Zone B

China (Beijing)

AWS Regions & Availability Zones

AWS Public Sector!



Networking



Networking


AWS Public Sector!

Networking

AWS Public Sector!

Networking VPC Isolated Cloud Resources

Virtual Private Cloud

•  Secure and seamless bridge between a company’s existing private network and the AWS cloud

•  Connect existing infrastructure to a set of isolated AWS compute resources via a Virtual Private Network (VPN) connection

•  Bring your own address space and extend existing management capabilities

AWS Public Sector!


EC2

10.0.2.12

AWS Region – VPC network isolation

AZ A AZ B

VPC 10.0.0.0/16

SN 10.0.1.0/24 SN 10.0.2.0/24

(23.20.103.11)

Internet

EC2

10.0.1.11

Internet GW

AWS Public Sector!


Route 53

Route 53 Scalable DNS

•  Route end users to Internet applications •  Answers DNS queries with low latency by using a global network of DNS

servers •  Latency based routing to closest AWS endpoint (e.g. EC2 instances, Elastic

IPs or ELBs) •  Application Health Checks •  Deep integration with other AWS services (ELB,

EC2 NAT/EIP, etc.) •  DNS failover

AWS Public Sector!


Direct Connect

Route 53 Scalable DNS

Direct Connect Dedicated network connection to AWS

•  Establish a dedicated network connection from your premises to AWS.

•  Industry standard 802.1q VLANs

•  Multiple virtual interfaces may be configured to access AWS services such as Amazon EC2 and Amazon S3 using public IP space, or resources in a VPC using private IP space.

•  Choose 1 and 10 Gbps ports

AWS Public Sector!



Networking


Database Storage Compute Compute

Networking

AWS Public Sector!

Compute EC2 Virtual servers in the cloud

ElasUc Compute Cloud

•  Resizable compute capacity in 27 instance types •  Reduces the time required to obtain and boot new server instances to minutes

or seconds •  Scale capacity as your computing requirements change •  Pay only for capacity that you actually use •  Choose Linux or Windows •  Deploy across Regions and Availability Zones for reliability •  Support for virtual network interfaces that can be attached to EC2 instances in

your VPC

AWS Public Sector!

General Purpose

Name vCPU Memory (GiB)

m3.medium 1 3.75

m3.large 2 7.5

m3.xlarge 4 15

m3.2xlarge 8 30

Compute Optimized


c3.large 2 3.75

c3.xlarge 4 7

c3.2xlarge 8 15

c3.4xlarge 16 30

c3.8xlarge 32 60

cc2.8xlarge 32 60.5

Memory Optimized


r3.large 2 15

r3.xlarge 4 30.5

r3.2xlarge 8 61

r3.4xlarge 16 122

r3.8xlarge 32 244

AWS Public Sector!

Storage Optimized


Local Storage (GB)

i2.xlarge 4 30.5 1 x 800 SSD

i2.2xlarge 8 61 2 x 800 SSD

i2.4xlarge 16 122 4 x 800 SSD

i2.8xlarge 32 244 8 x 800 SSD

hs1.8xlarge 16 117 24 x 2048

GPU Instances


g2.2xlarge 8 15

Cost Optimized Instances


t2.micro 1 1

t2.small 1 2

t2.medium 2 4

AWS Public Sector!


Amazon Machine Image

•  Building blocks of EC2 instances •  An AMI is like a template of a computer's root volume. •  Can be public or private and shared with other accounts •  Create hardened or gold “Images” of your EC2 infrastructure •  Copy AMIs between regions

AWS Public Sector!


ElasUc Block Storage (EBS)

•  Use for persistent storage from 1GB – 1TB •  Can use to create RAID configuration for a server •  Off-instance block storage that persists independently •  Storage volumes for use with Amazon EC2 instances – create, attach, backup,

restore and delete •  Can be attached to a running Amazon EC2 instance and exposed as a block

device for raw or formatted (file system) access •  Snapshots are durably saved to S3 •  Ideal use cases:

•  OS Boot device / root file system; secondary volumes/file systems

•  Typical basis for database storage

•  Raw block devices for RAID, some databases

•  Available in magnetic, general purpose SSD, and provisioned IOPS

AWS Public Sector!


Auto Scaling

•  Client Defined Business Rules •  Scale your Amazon EC2 capacity automatically once you define the conditions

(may be 1000’s of servers) •  Can scale up just a little…doesn’t need to be massive number of servers (may

be simply 2 servers) •  Well suited for applications that experience variability in usage •  Set minimum and maximum scaling policies •  Alternate Use is for Fault Tolerance

AWS Public Sector!


ElasUc Load Balancing

•  Supports the routing and load balancing of HTTP, HTTPS and generic TCP traffic to EC2 instances

•  Supports SSL termination and Proxy protocol •  Supports health checks to ensure detect and remove failing instances •  Dynamically grows and shrinks required resources based on traffic •  Seamlessly integrates with Auto-scaling to add and remove instances based

on scaling activities •  Single CNAME provides stable entry point for DNS configuration •  Supports internal load balancing within a VPC

AWS Public Sector!


ElasUc Map Reduce

•  Managed Hadoop 0.20.205, 1.0.3 and 2.2 infrastructure •  EMR supports the MapR M7, M5, and M3 Hadoop Distributions. •  Reduces complexity of Hadoop management

•  Handles node provisioning, customization, and shutdown

•  Tunes Hadoop to your hardware and network

•  Provides tools to debug and monitor your Hadoop clusters

•  Provides tight integration with AWS services •  Optimized for Amazon Simple Storage Service (S3)

•  EC2 integration with automatic re-provisioning on node failure

•  Cluster monitoring/alarming through CloudWatch

•  Leverages significant operational experience •  Monitor thousands of clusters per day

•  Use cases span from University students to Fortune 50

EMR Managed Hadoop Framework

AWS Public Sector!



Networking


Database Storage Compute Storage Compute

AWS Public Sector!

Storage

AWS Public Sector!

Storage S3 Scalable Storage in the Cloud

Simple Storage Service

•  A “Bucket” is equivalent to a “folder” •  Able to store unlimited number of Objects in a Bucket •  Objects from 1B-5 TB; no bucket size limit •  Highly available storage for the Internet (object store) •  HTTP/S endpoint to store and retrieve any amount of data, at any time, from

anywhere on the web •  Highly scalable, reliable, fast, and inexpensive •  Annual durability of 99.999999999% •  Designed for 99.99% availability

•  Over 2 trillion objects stored •  Peak requests 1,100,000+ per second

AWS Public Sector!

Storage

Glacier Archive Storage in the Cloud

Glacier

•  A low-cost storage service for data archiving and backup •  $0.01 per GB / Month •  Optimized for data that is infrequently accessed •  Retrieval times measured in hours not days or weeks (typical retrieval job is

3-5 hours) •  Annual durability of 99.999999999% for an archive •  AES 256 data at rest encryption •  Data stored as archives within a vault. Vaults are located within a specific AWS

region

•  Move data from S3 to Glacier using data lifecycle policies

S3 Scalable Storage in the Cloud

AWS Public Sector!

Storage

Storage Gateway Integrate On-‐Premises IT Environments with Cloud Storage

Storage Gateway

•  Storage gateway service connects an on-premise software appliance with cloud-based storage

•  On-premises software appliance solution to store data on Amazon S3’s storage infrastructure

•  Exposes standard iSCSI interface to on-premises applications, while maintaining low-latency data access

•  Data in Amazon S3 stored as Amazon EBS snapshots for local & EC2-based recovery

•  Cached volumes •  VTL support for Amazon Glacier

•  Use Cases •  Backup/Restore on-premise data

•  Set up a test/dev environment with production data

•  Migrating applications to the cloud

•  On-premise DR/COOP to AWS



AWS Public Sector!

Storage


AWS Import/Export

•  Accelerates moving large amounts of data into and out of S3 or EBS •  Transfers your data directly onto and off of USB or SATA storage devices

shipped to AWS with manifest file •  Final copy uses high-speed datacenter network



AWS Import/Export Bulk Data Transfer

AWS Public Sector!

Storage


CloudFront

•  Web service for content delivery •  Distribute content to end users with low latency, high data transfer speeds,

and no commitments •  Delivers your content using a global network of 40+ edge locations •  Supports download, streaming, live streaming, and dynamic content

•  Key features: RTMP Streaming, HTTPS Delivery, Private Content for HTTP & Streaming, Programmatic Invalidation, Detailed Logs for HTTP & Streaming, Default Root Object

•  Use Cases: Video and Rich Media, Online Gaming, Interactive Agencies, Software Downloads, Static Websites

•  Static web content that must be delivered to global user base at Highest bandwidth / Lowest latency / Lowest cost



AWS Import/Export Bulk Data Transfer

CloudFront Global Content Delivery Network

AWS Public Sector!



Networking


Database Storage Compute Database Storage

AWS Public Sector!

Database

AWS Public Sector!

Database DynamoDB Scalable NoSQL Data Store

DynamoDB

•  Fully managed NoSQL database. •  Eliminates the administrative burden of data modeling, index maintenance, and

performance tuning. •  Durability and high-availability - stores data on Solid State Drives (SSDs) and

replicates it synchronously across multiple AWS Availability Zones in an AWS Region.

•  Scalability - With AWS Console, you can grow your DynamoDB table from 1 to 100,000+ writes per sec.

AWS Public Sector!


RelaUonal Database Service

•  Fully-managed, tuned MySQL, PostgreSQL, Oracle 11g, or MS SQL •  Cost-efficient and resizable capacity •  Manages time-consuming database admin tasks •  Code, applications, and tools you already use today work seamlessly •  Automatically patches the database software and backs up your database •  Flexible Licensing: BYOL or License Include •  Multi-AZ deployment option for MySQL, PostgreSQL and Oracle •  Cross-Region Read Replica support for MySQL

RDS Managed Rela*onal Database Service

AWS Public Sector!


Redshi[

•  Fully managed scalable data warehousing service •  Scale from a single 2TB XL node to a hundred 16TB 8XL clustered nodes for a

total 1.6PB of compressed user data •  Standard PostgreSQL JDBC or ODBC drivers •  Massively parallel processing (MPP) architecture •  Certified by Jaspersoft and MicroStrategy, with additional business intelligence

tools coming soon •  Priced as low as $1000 per terabyte per year •  Continuously backed up to S3


Redshi[ Managed Petabyte-‐Scale Data Warehouse Service

AWS Public Sector!


ElasUCache

•  Fully-managed, distributed, in-memory cache •  Memcached or Redis cache cluster on-demand •  Manages patching, cache node failure detection and recovery •  Simple APIs calls to grow and shrink the cache cluster •  Seamlessly caches in front of RDS instances •  Integrated with CloudWatch and SNS for monitoring and alerts


Redshi[ Managed Petabyte-‐Scale Data Warehouse Service

ElasUCache In-‐Memory Cache

AWS Public Sector!



Networking




Database

AWS Public Sector!


AWS Public Sector!

Application Services SQS Message Queue Service

Simple Queue Service

•  Hosted queue for storing messages as they travel between computers •  Move data between distributed components of their applications •  SQS messages can contain up to 256 KB of text data, including XML, JSON

and unformatted text.

AWS Public Sector!


Simple NoUficaUon Service

•  Set up, operate, and send notifications •  Publish messages from an application and immediately deliver them to

subscribers or other applications •  Publishers, Topics, and Subscribers

•  Subscribers can be SQS, HTTP/S, Email, and SMS endpoints

SNS Push No*fica*on Service

AWS Public Sector!


Simple Workflow Service

•  Easily manage workflows, including state, decisions, executions, tasks and logging

•  Coordinate processing steps across distributed systems •  Ensure tasks are executed reliably, in order, and without duplication •  Simple API calls that can be executed from code written in any language and

run on your EC2 instances, or any of your machines located anywhere in the world that can access the Internet


SWF Workflow Service

AWS Public Sector!


Simple Email Service

•  Bulk and transactional email-sending service •  Eliminates the hassle of email server management, network configuration, and

meeting rigorous Internet Service Provider (ISP) standards •  Provides a built-in feedback loop, which includes notifications of bounce

backs, failed and successful delivery attempts, and spam complaints



SES Email Sending Service

AWS Public Sector!


ElasUc Transcoder

•  Highly scalable video transcoding service •  Specify S3 input and output buckets •  Outputs SD and HD H.264/MP4/ACC and WebM •  Input formats include: 3GP, AAC, AVI, FLV, MP4 and MPEG-2




ElasUc Transcoder Scalable Media Transcoding

AWS Public Sector!


CloudSearch

•  Fully-managed search service •  Integrate fast and highly scalable search functionality into applications •  Scales automatically: with increases in searchable data or as query rate

changes •  AWS manages hardware provisioning, data partitioning, and software patches




ElasUc Transcoder Scalable Media Transcoding

CloudSearch Managed Search Service

AWS Public Sector!



Networking





AWS Public Sector!


AWS Public Sector!

Application Services IAM Secure AWS Access Control

IdenUty and Access Mangment

•  IAM enables customers to create and manage users in AWS’s identity system •  Identity Federation with local directory is an option for enterprises

•  Very familiar security model •  Users, groups, permissions

•  Allows customers to •  Create users

•  Assign individual passwords, access keys, multi-factor authentication devices

•  Grant fine-grained permissions

•  Optionally grant them access to the AWS Console

•  Organize users in groups

AWS Public Sector!


CloudWatch

•  Visibility into resource utilization, operational performance, and overall demand patterns

•  Metrics such as CPU utilization, disk reads and writes, and network traffic •  Accessible via the AWS Management Console, web service APIs or Command

Line Tools •  Add custom metrics of your own •  Alarms (which tie into auto-scaling, SNS, SQS, etc.) •  Billing Alerts to help manage charges on AWS bill

CloudWatch Resource Monitoring

AWS Public Sector!


CloudFormaUon

•  Create templates of stack of resources •  Deploy stack from template with runtime parameters •  Templates are simple JSON formatted text files •  CloudFormer supports generating templates from running environments


CloudFormaUon Templated AWS Resource Crea*on

"Resources" : {! "Ec2Instance" : {!

"Type" : "AWS::EC2::Instance",! "Properties" : {!

"SecurityGroups" : [ { "Ref" : "InstanceSecurityGroup" } ],! "ImageId" : { "Fn::FindInMap" : [ "RegionMap", { "Ref" : "AWS::Region" },

"AMI" ]},! "Tags" : [{!

"Key" : "MyTag",! "Value" : "TagValue"!

}]! }! },!

AWS Public Sector!


ElasUc Beanstalk

•  Simply upload your application (Java, NET, PHP, Node.js, Ruby and Python) •  Automatically handles the deployment details of capacity provisioning, load

balancing, auto-scaling, and application health monitoring •  Retain full control over the AWS resources powering your application



ElasUc Beanstalk AWS Applica*on Container

AWS Public Sector!


OpsWorks

•  DevOps service for applications in the AWS cloud •  Helps manage complete application lifecycle:

•  Resource provisioning

•  Configuration management

•  Application deployment

•  Software updates

•  Monitoring

•  Access control

•  Visualized through application layers •  Uses Chef recipes used to deploy and configure software components on EC2

instances




OpsWorks DevOps Applica*on Management

AWS Public Sector!


Data Pipeline

•  Automates the movement and processing of data using data-driven workflows and built-in dependency checking




OpsWorks DevOps Applica*on Management

Data Pipeline Orchestra*on for Data-‐Driven Workflows

AWS Public Sector!

More Services! •  Amazon WorkSpaces

•  Fully managed desktop computing service in the cloud.

•  Amazon Zocalo •  Fully managed, secure enterprise storage and sharing service with strong administrative

controls and feedback capabilities that improve user productivity.

•  Amazon AppStream •  Low-latency service that lets you stream resource intensive applications and games

from the cloud.

•  Amazon Kinesis •  Fully managed service for real-time processing of streaming data at massive scale.

•  Amazon CloudTrail •  Web service that records AWS API calls for your account and delivers log files to you.

AWS Public Sector!

SDKs

Java! Python! PHP! .NET! Ruby! nodeJS!

iOS! Android! AWS Toolkit for Visual

Studio!

AWS Toolkit for Eclipse!

Tools for Windows

PowerShell!

CLI!

AWS Public Sector!

AWS Services are a few clicks away…

h4ps://console.aws.amazon.com

AWS Public Sector!

AWS Public Sector!

AWS Government Jerusalem | 19 Nov 2014!

Thank You ! Leo Zhadanovsky Senior Solu*ons Architect @leozh

aws public sector jerusalem | 19 nov 2014 aws service ... · pdf fileaws public sector...

Documents