Orchestration & Deployment Options for Hybrid Enterprise Environments (ARC310) | AWS re:Invent 2013
-
Upload
amazon-web-services -
Category
Technology
-
view
1.225 -
download
3
description
Transcript of Orchestration & Deployment Options for Hybrid Enterprise Environments (ARC310) | AWS re:Invent 2013
© 2013 Amazon.com, Inc. and its affiliates. All rights reserved. May not be copied, modified, or distributed in whole or in part without the express consent of Amazon.com, Inc.
ARC310: Orchestration and Deployment Options for Hybrid Enterprise Environments
Donn Morrill, Amazon Web Services
November 13, 2013
What is Hybrid Cloud? A composition of two or more distinct cloud
infrastructures that remain unique entities, but are bound together by standardized or
proprietary technology that enables data and application portability.
“Special Publication 800-145 - The NIST Definition of Cloud Computing” – September, 2011
Requisite Gartner Quote
“Nearly half of large enterprises will have hybrid cloud deployments by
the end of 2017.”
http://www.gartner.com/newsroom/id/2599315 - October 1, 2013
Why Hybrid Cloud? • All the things the cloud provides
– Agility – Economics – Scale
• But something gets in the way – Compliance – Previous investment – Legacy workloads – Attitudes
What do Enterprises Want in Hybrid?
• Ability to deploy identical stacks
• Interoperability between clouds
• Ability to leverage one provisioning framework
• Ability to leverage one operational framework
Hybrid Considerations • Core Infrastructure
• Security – Authentication and Entitlements
– Identity Management
– Data Sovereignty
• Operations and Monitoring
Hybrid Considerations
• Cost Containment
• Pace of Innovation
• Cloud Orchestration
• Application Deployment
• Processes and Change Management
Today We’ll Focus On
• Preparing Core Infrastructure
• Orchestration Strategies
• Application Deployment Strategies
Preparing Core Infrastructure
Active Directory
Network Configuration
Encryption
Back-up Appliances
Users & Access Rules
Your Private Network
HSM Appliance
Cloud back-ups
AWS Direct Connect
Your Data Center Your Cloud
Core Infrastructure Considerations Driven by Business Requirements!
• Performance & Latency • Business Continuity • Geography • Data Sovereignty • Security • And Many More…
Some Relevant AWS Services • Amazon Virtual Private Cloud (VPC)
– ARC202: Wednesday, 1:30 – Delfino 4003
• AWS Direct Connect – ARC304: Friday, 9:00 AM – Lando 4303
• AWS Identity and Access Management (IAM) – SEC201: Wednesday, 1:30 – Marcello 4406
Some Relevant AWS Services • AWS CloudFormation
• VM Import / Export
• AWS Management Pack for Microsoft System Center
• AWS API, SDKs, and Tools
Hybrid Orchestration Strategies
A Decision Framework DIMENSION LOW MEDIUM HIGH
Organizational Buy-In
None or grassroots
Divisional Top Down (CIO/CEO)
IT Capabilities In-house Limited Partner Limited
In-house Limited Trusted Partner
In-house Advanced Trusted Partner(s)
IT Vision
Operational Somewhat forward thinking
Innovative and cutting edge
AWS Experience
None/Limited Some Extensive
Choices, Choices, Choices
Tool Capabilities Considerations • Multi Public Cloud Support • Monitoring and Alerting • Identity Federation • Service Catalog • End-user Self Provisioning • Cost Reporting and Chargeback • Cloud-based Operation
Three Orchestration Strategies
• Native Integration
• Deploy New Orchestration Layer
• Extend Existing Orchestration Tools
Native Integration Build a custom layer using API-level capabilities. Best When: • Have in-house development skills • Need very fine-grained control • Licensing costs are a big issue
Native Integration DIMENSION LOW MEDIUM HIGH
Organizational Buy-In
None or grassroots
Divisional Top Down (CIO/CEO)
IT Capabilities In-house Limited Partner Limited
In-house Limited Trusted Partner
In-house Advanced Trusted Partner(s)
IT Vision
Operational Somewhat forward thinking
Innovative and cutting edge
AWS Experience
None / Limited Some Extensive
Native Integration - Pros • Incorporate all services or only what you need • Maximum flexibility • React quickly to new features and services • Leverage existing open-source tools
– Eucalyptus – Netflix Asgard – CloudStack
• No licensing fees
Native Integration - Cons • Need in-house development skills • Possible long development cycles • Private cloud must support API-level access • Support must come from in-house
New Orchestration Layer Invest in new hybrid orchestration tools. Best When: • Have moderate time constraints • Want the latest and greatest • Have trusted partners
New Orchestration Layer DIMENSION LOW MEDIUM HIGH
Organizational Buy-In
None or grassroots
Divisional Top Down (CIO/CEO)
IT Capabilities In-house Limited Partner Limited
In-house Limited Trusted Partner
In-house Advanced Trusted Partner(s)
IT Vision
Operational Somewhat forward thinking
Innovative and cutting edge
AWS Experience
None / Limited Some Extensive
New Orchestration Layer - Pros • Get latest and greatest capabilities • Multi-cloud support • Faster than DIY • Vendor-provided support
New Orchestration Layer - Cons • Licensing costs • Rip-and-replace legacy tools • Maintaining feature parity with AWS • Requires some specialized skills
Extend Existing Tools Leverage existing investments in tools Best When: • Have aggressive time constraints • Don’t need latest and greatest • Have strong relationship with
existing tools vendor
Extend Existing Tools DIMENSION LOW MEDIUM HIGH
Organizational Buy-In
None or grassroots
Divisional Top Down (CIO/CEO)
IT Capabilities In-house Limited Partner Limited
In-house Limited Trusted Partner
In-house Advanced Trusted Partner(s)
IT Vision
Operational Somewhat forward thinking
Innovative and cutting edge
AWS Experience
None / Limited Some Extensive
Extend Existing Tools - Pros • No rip-and-replace • Can be fastest path to hybrid • Familiarity with tools and vendors • Vendor-provided support • Requires least amount of specialized skills
Extend Existing Tools - Cons • Limited feature sets • Licensing costs • Maintaining feature parity with AWS • A “good enough” approach
Application Deployment Strategies
...
Corporate Data Centers
App 1
App 2
App N
... App 1
App 2
App N
Horizontal Run partial application layers on AWS
• Storage • Disaster Recovery • Database • Extend / Burst into AWS
Horizontal - Pros • Can keep sensitive layers in-house
– Data – IP / Trade Secrets – Regulatory Restricted
• Relatively easier compliance
Horizontal - Cons • More complex than vertical • Harder to undo if relationship with cloud
vendor sours
Vertical Deploy full application stacks on AWS • Net-new Workloads • Development and QA
Vertical - Pros • Quick to Implement / Minimal Integration • Good Application Stack Isolation • Leverages Cloud Benefits at Each Layer • Fairly Easy to Undo
Vertical - Cons • Doesn’t Really Leverage In-House IT
Resources • Must Have Well Established Governance
Policies for All Layers
That’s all great Donn, but how do I actually get started?
Getting Started • Storage / Backups and Archive
• Development and Test
• Net New Workloads
• Disaster Recovery
• Cloud Bursting
• Migrate Legacy Workloads
Getting Started – Storage / Backup
Getting Started – Storage / Backup
Getting Started – Network Topology
Subnet 1
… Subnet 2 Subnet N
Considerations • Overlapping networks • IP stinginess
• VPC CIDR too small • Subnets too small
Getting Started – Connectivity
Considerations • Public Internet vs. Direct Connect • Redundancy
Customer Data Center
DX Location
Getting Started – IAM
Considerations • Identity Federation • AWS vs. App Stack Access • Build vs. Buy
What Next? • AWS Account Team • Trusted Partners • Resources
– http://aws.amazon.com/architecture – http://aws.amazon.com/enterprise
Please give us your feedback on this presentation
As a thank you, we will select prize winners daily for completed surveys!
ARC310