lunchtime learning
TRANSCRIPT
ISC Cloud First Program Lunchtime Learning - Architecture, Infrastructure, & Migration Team
OCTOBER13, 2016
Oc
tob
er
2016
ISC's C
lou
d First Pro
gra
m
Cloud First Lunch0me Learning Topics: • What have we done so far • AWS Infrastructure overview • AWS App Design Infrastructure • Applica0on Infrastructure Deploy live demo
• Applica0on DB update • LiB and ShiB VCloud Air Demo • Q&A
What have we evaluated/tested? IAM
AWS AD connector, KITE to the cloud, Shibboleth for AWS UI IAM roles: users,db,ec2,ecs tasks
Infrastructure applica0ons Backups monitoring, aler0ng – Cloudwatch/BPPM
Security IAM roles, policies, groups
Cloud management soBware/ Automa0on tools Rightscale, Scalr, Vcloud Air, Redhat Cloudforms, etc. Puppet Jenkins
Applica0ons Mule web applica0on/SQS ECS/Docker DB Oracle , Mongo, Aurora, PostgreSQL Network
VPN to VPC, User VPN access Applica0on load balancers
AWS infrastructure
US East
VPC Subnet
VPC Subnet
VPC Subnet
VPC Subnet
VPC Subnet
VPC Subnet
Public Subnet 1 – AZ 1a
Public Subnet 2 – AZ 1b
Systems Subnet B – AZ 1b
Systems Subnet C – AZ 1c
Systems Subnet D – AZ 1d
Virtual Private Gateway
Internet Gateway
Route Table
UPENN
VPN Tunnel to 128.91.0.0/16130.91.0.0/16
165.123.0.0/16
InternetRoute Table
EC2 Instanc
eNAT Instance
10.129.0.0/16
ECS Applica:on Deployment
What is ECS? ECS is the AWS container service for Docker. It provides scalable container management for EC2 Docker instances. What are we going to demo? • Deploy ECS cluster
• Configure autoscaling • Deploy an EC2 docker instance
• Deploy applica0on infrastructure. • Applica0on load balancer • ECR repository • Create service
• Create applica0on CNAME in UPenn DNS • Create applica0on specific database if required • Create applica0on CI pipeline
Applica:on architecture
US East
VPC Subnet
VPC Subnet
VPC Subnet
VPC Subnet
VPC Subnet
VPC Subnet
Public Subnet 1 – AZ 1a
Public Subnet 2 – AZ 1b
Systems Subnet B – AZ 1b
Systems Subnet C – AZ 1c
Systems Subnet D – AZ 1d
Virtual Private Gateway
Internet Gateway
Route Table
UPENN
VPN Tunnel to 128.91.0.0/16130.91.0.0/16
165.123.0.0/16
InternetRoute Table
EC2 Instanc
eNAT Instance
10.129.0.0/16
EC2 Instance
EC2 Instance
EC2 Instance
EC2 Instance
Amazon RDS Database Instance
Amazon RDS Database Instance
Elastic Load Balancing
Elastic Load Balancing
Amazon CloudWatch
Build ECS
Cluster
User
input
Generate
variables
Create ECS
cluster
Create user
dataCreate
autoscaling
Create
cloudwatch
metrics
Cluster
Created
AWS API
Launch config
Autoscaling
Scale up policy
Scale down poicy
AWS ECS Cluster build – Jenkins
AWS API
Create-
cluster
Cluster, puppet
Host references clustername
/etc/ecs/ecs.config
AWS API
Create
Cloudwatch
alarms for
memory
Alarm actions
Scale up/down
Build ECSApp
infrastructure
User input
Generate variables
Confirm ECS cluster exists
Create ECRRepository
Create ECR policy, policy
file and attach
Create Application
Load balancer
App Infrastructure
Created
AWS APIEcs register-
task-definition
AWS App build – Jenkins
AWS APIList-
clusters
Validate against $clustername
AWS APIaws elbv2
create-load-balancer
AWS APIEcr create-repository
Create ELB Target
Group
AWS APIaws elbv2
create-target-group
Ass
oci
ate
wit
h E
LNB
Create ECS Service
AWS APIaws ecs create-service
Create CNAMECreate DBCreate CI
Jenkins Create CNAME
Job
Jenkins create DB
job
Jenkins create CI pipeline
job
Databases Tested So Far • EC2 instance:
MongoDB standalone instance MongoDb with Replica0on on mul0 availability zones
• RDS: • Aurora • PostgreSQL • standalone instance • High availability mul0AZ instance
• Oracle database on prem for data at rest.
MongoDB: Classified as a NoSQL database, MongoDB avoids the tradi0onal table-‐
based rela0onal database structure. Its is an open-‐source document database that provides high performance, high availability, and automa0c scaling.
Aurora on RDS: Amazon Aurora is a MySQL-‐compa0ble rela0onal database engine that
combines the speed and availability of high-‐end commercial databases with the simplicity and cost-‐effec0veness of open source databases.
PostgreSQL on RDS: Classified as an object-‐rela0onal database (ORDBMS) – i.e. a RDBMS, with addi0onal (op0onal use) "object" features – with an emphasis on extensibility and standards-‐compliance.
System LiC and shiC Current evalua0ons • AWS migra0on tools • vCloud Air
• Layer2 network extensions