![Page 1: AWS re:Invent 2016: Hybrid Architectures: Bridging the Gap to the Cloud( ARC208 )](https://reader034.vdocuments.net/reader034/viewer/2022051709/586f90b61a28ab54768b7a1d/html5/thumbnails/1.jpg)
© 2016, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Jamie Butler
Manager, Solutions Architecture
11/29/2016
ARC208: Hybrid Architectures, Bridging
the Gap to the Cloud
![Page 2: AWS re:Invent 2016: Hybrid Architectures: Bridging the Gap to the Cloud( ARC208 )](https://reader034.vdocuments.net/reader034/viewer/2022051709/586f90b61a28ab54768b7a1d/html5/thumbnails/2.jpg)
Introductions
![Page 3: AWS re:Invent 2016: Hybrid Architectures: Bridging the Gap to the Cloud( ARC208 )](https://reader034.vdocuments.net/reader034/viewer/2022051709/586f90b61a28ab54768b7a1d/html5/thumbnails/3.jpg)
What to Expect from the Session
• What is a 200 level talk
• Prerequisites
• Basic understanding of Cloud Computing
• Familiarity of AWS Regions/AZs
• Overview of the AWS services used for hybrid cloud
• Customer use-cases for hybrid cloud
• How to build a hybrid environment from scratch
![Page 4: AWS re:Invent 2016: Hybrid Architectures: Bridging the Gap to the Cloud( ARC208 )](https://reader034.vdocuments.net/reader034/viewer/2022051709/586f90b61a28ab54768b7a1d/html5/thumbnails/4.jpg)
Not an all or nothing decision
“Many of you may think what we’re
promoting here is that cloud is an all or
nothing decision. You either go into the
cloud or stay home. That is not the case.
What we’ve built is a whole set of
services that allow you to run both on-
premise and in the cloud seamlessly
together.”
– Werner Vogels
![Page 5: AWS re:Invent 2016: Hybrid Architectures: Bridging the Gap to the Cloud( ARC208 )](https://reader034.vdocuments.net/reader034/viewer/2022051709/586f90b61a28ab54768b7a1d/html5/thumbnails/5.jpg)
Customer’s Journey to the Cloud
![Page 6: AWS re:Invent 2016: Hybrid Architectures: Bridging the Gap to the Cloud( ARC208 )](https://reader034.vdocuments.net/reader034/viewer/2022051709/586f90b61a28ab54768b7a1d/html5/thumbnails/6.jpg)
Customer Environment
corporate data center
File Server
Active Directory
Domain Controller
Desktop
![Page 7: AWS re:Invent 2016: Hybrid Architectures: Bridging the Gap to the Cloud( ARC208 )](https://reader034.vdocuments.net/reader034/viewer/2022051709/586f90b61a28ab54768b7a1d/html5/thumbnails/7.jpg)
Let’s first talk about Identity
![Page 8: AWS re:Invent 2016: Hybrid Architectures: Bridging the Gap to the Cloud( ARC208 )](https://reader034.vdocuments.net/reader034/viewer/2022051709/586f90b61a28ab54768b7a1d/html5/thumbnails/8.jpg)
Identity Management - IAM
• Fine grained access control for AWS
resources
• Multi-factor authentication for highly
privileged users
• Can integrate with corporate directory
Identity and Access
Management
![Page 9: AWS re:Invent 2016: Hybrid Architectures: Bridging the Gap to the Cloud( ARC208 )](https://reader034.vdocuments.net/reader034/viewer/2022051709/586f90b61a28ab54768b7a1d/html5/thumbnails/9.jpg)
IAM- Federation
• Grant external identities access
to AWS resources
• External providers such as
Microsoft AD, Amazon,
Facebook, Google, or any
OpenID provider AWS Security
Token Service
![Page 10: AWS re:Invent 2016: Hybrid Architectures: Bridging the Gap to the Cloud( ARC208 )](https://reader034.vdocuments.net/reader034/viewer/2022051709/586f90b61a28ab54768b7a1d/html5/thumbnails/10.jpg)
Identity Management - Directory Service
• 3 versions; Microsoft AD, Simple AD,
AD Connector
• Managed Service
• Join instances to an AD Domain
• Single Sign-On to AWS Console and
Applications AWS Directory
Service
![Page 11: AWS re:Invent 2016: Hybrid Architectures: Bridging the Gap to the Cloud( ARC208 )](https://reader034.vdocuments.net/reader034/viewer/2022051709/586f90b61a28ab54768b7a1d/html5/thumbnails/11.jpg)
SSO in Action
Demo of Directory Services Console Login…
![Page 12: AWS re:Invent 2016: Hybrid Architectures: Bridging the Gap to the Cloud( ARC208 )](https://reader034.vdocuments.net/reader034/viewer/2022051709/586f90b61a28ab54768b7a1d/html5/thumbnails/12.jpg)
![Page 13: AWS re:Invent 2016: Hybrid Architectures: Bridging the Gap to the Cloud( ARC208 )](https://reader034.vdocuments.net/reader034/viewer/2022051709/586f90b61a28ab54768b7a1d/html5/thumbnails/13.jpg)
Let’s Move Some Data to AWS
![Page 14: AWS re:Invent 2016: Hybrid Architectures: Bridging the Gap to the Cloud( ARC208 )](https://reader034.vdocuments.net/reader034/viewer/2022051709/586f90b61a28ab54768b7a1d/html5/thumbnails/14.jpg)
Storage
S3 Standard S3 Standard - IA Amazon Glacier
Designed for Durability99.999999999% 99.999999999% 99.999999999%
Designed for Availability99.99%
99.9%N/A
Availability SLA99.9% 99% N/A
Minimum Object Size N/A 128KB* N/A
Minimum Storage Duration N/A 30 days 90 days
Retrieval Fee N/A per GB retrieved per GB retrieved**
First Byte Latency milliseconds milliseconds 4 hours
Storage Classobject level object level object level
Lifecycle Transitions yes yes yes
![Page 15: AWS re:Invent 2016: Hybrid Architectures: Bridging the Gap to the Cloud( ARC208 )](https://reader034.vdocuments.net/reader034/viewer/2022051709/586f90b61a28ab54768b7a1d/html5/thumbnails/15.jpg)
AWS Snowball
• Fast Data Transfer
• 256-bit Encryption
• Rugged and Portable
• End-to-End Tracking
• Secure Erasure
AWS Snowball
![Page 16: AWS re:Invent 2016: Hybrid Architectures: Bridging the Gap to the Cloud( ARC208 )](https://reader034.vdocuments.net/reader034/viewer/2022051709/586f90b61a28ab54768b7a1d/html5/thumbnails/16.jpg)
Start with backups
AWScorporate data center
File Server
Active Directory
Domain Controller
Desktop
Amazon S3
Backup Data
over the Internet
Glacier
Archive
Lifecycle Policy
![Page 17: AWS re:Invent 2016: Hybrid Architectures: Bridging the Gap to the Cloud( ARC208 )](https://reader034.vdocuments.net/reader034/viewer/2022051709/586f90b61a28ab54768b7a1d/html5/thumbnails/17.jpg)
Storage Gateway
• 3 Modes – Stored, Cached, VTL
• Securely transfers and stores data
• Durably backed by S3 and Glacier
• Uses industry standard iSCSI interface
AWS Storage
Gateway
![Page 18: AWS re:Invent 2016: Hybrid Architectures: Bridging the Gap to the Cloud( ARC208 )](https://reader034.vdocuments.net/reader034/viewer/2022051709/586f90b61a28ab54768b7a1d/html5/thumbnails/18.jpg)
Running out of SAN Space, No Problem
AWScorporate data center
File Server
Active Directory
Domain Controller
Desktop
Amazon S3
Storage Gateway
Cached Volume
![Page 19: AWS re:Invent 2016: Hybrid Architectures: Bridging the Gap to the Cloud( ARC208 )](https://reader034.vdocuments.net/reader034/viewer/2022051709/586f90b61a28ab54768b7a1d/html5/thumbnails/19.jpg)
Let’s talk about connectivity…
![Page 20: AWS re:Invent 2016: Hybrid Architectures: Bridging the Gap to the Cloud( ARC208 )](https://reader034.vdocuments.net/reader034/viewer/2022051709/586f90b61a28ab54768b7a1d/html5/thumbnails/20.jpg)
Virtual Private Cloud (VPC)
• Logical isolation of the AWS Cloud
• Complete control of your virtual networking environment
• Set your own IP address ranges
• Create subnets
• Configure routing tables and networking gateways
• Extend your corporate network and launch AWS
resources in a virtual network that you define
![Page 21: AWS re:Invent 2016: Hybrid Architectures: Bridging the Gap to the Cloud( ARC208 )](https://reader034.vdocuments.net/reader034/viewer/2022051709/586f90b61a28ab54768b7a1d/html5/thumbnails/21.jpg)
Virtual Private Cloud (VPC)
Three ways to connect to your VPC
• Over the Internet
• Hardware Virtual Private Network (VPN) using IPSec
• Configured in minutes
• AWS Direct Connect
• Service provided by Amazon Partner Network (APN) Partners
![Page 22: AWS re:Invent 2016: Hybrid Architectures: Bridging the Gap to the Cloud( ARC208 )](https://reader034.vdocuments.net/reader034/viewer/2022051709/586f90b61a28ab54768b7a1d/html5/thumbnails/22.jpg)
AWS Direct Connect
• Dedicated network connection to AWS
• Consistent network performance
• Speeds of 50-500Mbps, 1Gbps, and 10Gbps
• Most hardware VPN solutions top at 4Gbps
• Supports Active/Active and Active/Passive Border
Gateway Protocol (BGP) Multipath
![Page 23: AWS re:Invent 2016: Hybrid Architectures: Bridging the Gap to the Cloud( ARC208 )](https://reader034.vdocuments.net/reader034/viewer/2022051709/586f90b61a28ab54768b7a1d/html5/thumbnails/23.jpg)
Connectivity to AWS
virtual private cloudcorporate data center
File Server
Active Directory
Domain Controller
Desktop
VPN or Direct Connect
![Page 24: AWS re:Invent 2016: Hybrid Architectures: Bridging the Gap to the Cloud( ARC208 )](https://reader034.vdocuments.net/reader034/viewer/2022051709/586f90b61a28ab54768b7a1d/html5/thumbnails/24.jpg)
Compute
• Elastic Web-Scale Computing
• You’re in Control
• Flexible
• Reliable
• Secure
![Page 25: AWS re:Invent 2016: Hybrid Architectures: Bridging the Gap to the Cloud( ARC208 )](https://reader034.vdocuments.net/reader034/viewer/2022051709/586f90b61a28ab54768b7a1d/html5/thumbnails/25.jpg)
Let’s Move File Server to the Cloud
virtual private cloudcorporate data center
File Server
Active Directory
Domain Controller
Desktop
![Page 26: AWS re:Invent 2016: Hybrid Architectures: Bridging the Gap to the Cloud( ARC208 )](https://reader034.vdocuments.net/reader034/viewer/2022051709/586f90b61a28ab54768b7a1d/html5/thumbnails/26.jpg)
Let’s Move File Server to the Cloud
virtual private cloudcorporate data center
File Server
Active Directory
Domain Controller
Desktop
![Page 27: AWS re:Invent 2016: Hybrid Architectures: Bridging the Gap to the Cloud( ARC208 )](https://reader034.vdocuments.net/reader034/viewer/2022051709/586f90b61a28ab54768b7a1d/html5/thumbnails/27.jpg)
Let’s Move File Server to the Cloud
virtual private cloudcorporate data center
File Server
Active Directory
Domain Controller
Desktop
![Page 28: AWS re:Invent 2016: Hybrid Architectures: Bridging the Gap to the Cloud( ARC208 )](https://reader034.vdocuments.net/reader034/viewer/2022051709/586f90b61a28ab54768b7a1d/html5/thumbnails/28.jpg)
Building Servers in the Cloud
virtual private cloudcorporate data center
File Server
Active Directory
Domain Controller
Active Directory
Domain Controller
Desktop
![Page 29: AWS re:Invent 2016: Hybrid Architectures: Bridging the Gap to the Cloud( ARC208 )](https://reader034.vdocuments.net/reader034/viewer/2022051709/586f90b61a28ab54768b7a1d/html5/thumbnails/29.jpg)
Configure Directory Service
virtual private cloudcorporate data center
File Server
Active Directory
Domain Controller
Active Directory
Domain ControllerAWS Directory
Service
Desktop
AD Replication
![Page 30: AWS re:Invent 2016: Hybrid Architectures: Bridging the Gap to the Cloud( ARC208 )](https://reader034.vdocuments.net/reader034/viewer/2022051709/586f90b61a28ab54768b7a1d/html5/thumbnails/30.jpg)
Add EC2 File Server
virtual private cloudcorporate data center
File Server
Active Directory
Domain Controller
File Server
Active Directory
Domain ControllerAWS Directory
Service
Desktop
AD Replication
![Page 31: AWS re:Invent 2016: Hybrid Architectures: Bridging the Gap to the Cloud( ARC208 )](https://reader034.vdocuments.net/reader034/viewer/2022051709/586f90b61a28ab54768b7a1d/html5/thumbnails/31.jpg)
Configure Replication
virtual private cloudcorporate data center
File Server
Active Directory
Domain Controller
File Server
Active Directory
Domain ControllerAWS Directory
Service
Desktop
DFS Replication
AD Replication
![Page 32: AWS re:Invent 2016: Hybrid Architectures: Bridging the Gap to the Cloud( ARC208 )](https://reader034.vdocuments.net/reader034/viewer/2022051709/586f90b61a28ab54768b7a1d/html5/thumbnails/32.jpg)
EC2 Instances in Action
Demo video of building EC2 ADDC and File Server
![Page 33: AWS re:Invent 2016: Hybrid Architectures: Bridging the Gap to the Cloud( ARC208 )](https://reader034.vdocuments.net/reader034/viewer/2022051709/586f90b61a28ab54768b7a1d/html5/thumbnails/33.jpg)
Demo Environment
virtual private cloudcorporate data center
File Server
DFSR-Fileserver
Active Directory
Domain Controller
DFSR-DC
File Server
DFSR-FS-VPC
Active Directory
Domain Controller
DFSR-DC1-VPC
AWS Directory
Service
Desktop
DFS Replication
AD Replication
VegasCorp.com
CL4-VPC
![Page 34: AWS re:Invent 2016: Hybrid Architectures: Bridging the Gap to the Cloud( ARC208 )](https://reader034.vdocuments.net/reader034/viewer/2022051709/586f90b61a28ab54768b7a1d/html5/thumbnails/34.jpg)
![Page 35: AWS re:Invent 2016: Hybrid Architectures: Bridging the Gap to the Cloud( ARC208 )](https://reader034.vdocuments.net/reader034/viewer/2022051709/586f90b61a28ab54768b7a1d/html5/thumbnails/35.jpg)
What If We Added Storage Gateway?
virtual private cloudcorporate data center
File Server
Active Directory
Domain Controller
File Server
Active Directory
Domain ControllerAWS Directory
Service
Desktop
DFS Replication
AD Replication
Storage Gateway
Amazon S3
Backups / Snapshots
![Page 36: AWS re:Invent 2016: Hybrid Architectures: Bridging the Gap to the Cloud( ARC208 )](https://reader034.vdocuments.net/reader034/viewer/2022051709/586f90b61a28ab54768b7a1d/html5/thumbnails/36.jpg)
Storage Gateway Cost Comparison
Service Cost
Compute $359.42
EBS Storage $2,003.00
Total $2,362.42
Service Cost
Compute $534.37
EBS Storage $43.00
Storage GW $125.00
S3 604.68
Total $1,307.05
*Estimated pricing per month on demand
• Windows File Server on EC2
• 20TB EBS Storage
• Windows File Server on EC2
• Storage Gateway on EC2
• 20TB S3 Storage
![Page 37: AWS re:Invent 2016: Hybrid Architectures: Bridging the Gap to the Cloud( ARC208 )](https://reader034.vdocuments.net/reader034/viewer/2022051709/586f90b61a28ab54768b7a1d/html5/thumbnails/37.jpg)
Workspaces
• Windows 7/10 Desktop
• Easy Provisioning
• Secure and Encrypted
• Desktop and Mobile Clients
Amazon
WorkSpaces
![Page 38: AWS re:Invent 2016: Hybrid Architectures: Bridging the Gap to the Cloud( ARC208 )](https://reader034.vdocuments.net/reader034/viewer/2022051709/586f90b61a28ab54768b7a1d/html5/thumbnails/38.jpg)
Microsoft DFS-R Hybrid Deployment
virtual private cloudcorporate data center
File Server
Active Directory
Domain Controller
File Server
Active Directory
Domain ControllerAWS Directory
Service
Amazon
WorkSpaces
Desktop
DFS Replication
AD Replication
Storage Gateway
Amazon S3
Backups / Snapshots
![Page 39: AWS re:Invent 2016: Hybrid Architectures: Bridging the Gap to the Cloud( ARC208 )](https://reader034.vdocuments.net/reader034/viewer/2022051709/586f90b61a28ab54768b7a1d/html5/thumbnails/39.jpg)
Modifying Files On-premises or in AWS
Demo modifying data and showing sync….
![Page 40: AWS re:Invent 2016: Hybrid Architectures: Bridging the Gap to the Cloud( ARC208 )](https://reader034.vdocuments.net/reader034/viewer/2022051709/586f90b61a28ab54768b7a1d/html5/thumbnails/40.jpg)
![Page 41: AWS re:Invent 2016: Hybrid Architectures: Bridging the Gap to the Cloud( ARC208 )](https://reader034.vdocuments.net/reader034/viewer/2022051709/586f90b61a28ab54768b7a1d/html5/thumbnails/41.jpg)
Microsoft DFS-R Hybrid Deployment
virtual private cloudcorporate data center
File Server
Active Directory
Domain Controller
File Server
Active Directory
Domain ControllerAWS Directory
Service
Amazon
WorkSpaces
Desktop
DFS Replication
AD Replication
Storage Gateway
Amazon S3
Backups / Snapshots
![Page 42: AWS re:Invent 2016: Hybrid Architectures: Bridging the Gap to the Cloud( ARC208 )](https://reader034.vdocuments.net/reader034/viewer/2022051709/586f90b61a28ab54768b7a1d/html5/thumbnails/42.jpg)
What does this cost?
Service Cost
EC2 Compute $714.45
EBS Storage $46.00
Storage Gateway $125.00
S3 for SGW $604.68
S3-IA for backups $256.00
WorkSpaces (100 users) $3,500
Directory Service $0.00
Direct Connect $219.60
Business Support $546.50
Total $6,011.55*Estimated pricing per month on demand
** Data egress fees apply
![Page 43: AWS re:Invent 2016: Hybrid Architectures: Bridging the Gap to the Cloud( ARC208 )](https://reader034.vdocuments.net/reader034/viewer/2022051709/586f90b61a28ab54768b7a1d/html5/thumbnails/43.jpg)
Moving All In w/ HA
virtual private cloud
File Server
Active Directory
Domain ControllerAWS Directory
Service
Storage Gateway
Amazon S3
Backups / Snapshots
Availability Zone C
File Server
Active Directory
Domain ControllerAWS Directory
Service
Amazon
WorkSpaces
Storage Gateway
Availability Zone B
DFS Replication
AD Replication
![Page 44: AWS re:Invent 2016: Hybrid Architectures: Bridging the Gap to the Cloud( ARC208 )](https://reader034.vdocuments.net/reader034/viewer/2022051709/586f90b61a28ab54768b7a1d/html5/thumbnails/44.jpg)
Take a Look at these Other Services
Amazon EMR Amazon
Kinesis Elastic
TranscoderAWS OpsWorks
Amazon
WorkDocs
new!
Amazon Redshift AWS Database
Migration Service
Amazon
CloudFrontAWS
CodeCommit
AWS
CodeDeploy
AWS
CodePipeline
AWS
CloudHSM
![Page 45: AWS re:Invent 2016: Hybrid Architectures: Bridging the Gap to the Cloud( ARC208 )](https://reader034.vdocuments.net/reader034/viewer/2022051709/586f90b61a28ab54768b7a1d/html5/thumbnails/45.jpg)
Thank you!
![Page 46: AWS re:Invent 2016: Hybrid Architectures: Bridging the Gap to the Cloud( ARC208 )](https://reader034.vdocuments.net/reader034/viewer/2022051709/586f90b61a28ab54768b7a1d/html5/thumbnails/46.jpg)
Remember to complete
your evaluations!
![Page 47: AWS re:Invent 2016: Hybrid Architectures: Bridging the Gap to the Cloud( ARC208 )](https://reader034.vdocuments.net/reader034/viewer/2022051709/586f90b61a28ab54768b7a1d/html5/thumbnails/47.jpg)
Related Sessions
ARC316 - Hybrid IT: A Stepping Stone to All-In