1. Enterprise Applications
on Amazon Web Services
Steffen Krause
Technology Evangelist
@sk_bln
skrause@amazon.de

2. Agenda
1. Extending the Enterprise Data Center
a.
b.
c.
Why?
Getting a private Network in the Cloud
Getting Connected
2. Using the elastic data center
a.
b.
c.
Backup, Storage, Archiving
Development & Test
Disaster Recovery
3. Running Enterprise Applications
a.
b.
c.
Oracle
SAP
Microsoft

3. Extending the Enterprise Data Center

4. Traditional Data Centers are limited by
Capacity
Cost
Agility

5. Corporate
Data Center

6. Extend!
Corporate Data
Center

7. With Cloud Resources
Corporate Data
Center

8. Network control
Your slice of the AWS cloud

9. 10.0.0.5
10.0.1.9
10.0.0.6
10.0.1.8
Availability Zone
Availability Zone
VPC Customer

10. Internet
Gateway
NAT
Private Subnet
Public Subnet
Virtual
Private
Gateway

11. Getting connected
secure and reliable

12. VPN
Router
Router
www
Data
center
AWS
Cloud

13. VPN
Router
Router
www
Data
center
AWS
Cloud
IPSec tunnel via
statically-routed or
dynamicallyrouted (BGP) VPN

14. Direct Connect
Data
center
AWS
Direct
Connect
Location
AWS
Cloud

15. Direct Connect
Data
center
Amazon Partner
Network suppliers
can hook up the
last leg
AWS
Direct
Connect
Location
AWS
New York
Cloud
Los Angeles
Washington DC
San Jose
Singapore
Tokyo
London Docklands
Dublin
Sao Paulo
Sydney

16. Direct Connect
Router
Data
center
AWS
Direct
Connect
Location
Dedicated
connection
Ethernet transport
50500Mbps/1Gbps/10
Gbps ports
Router
AWS
Cloud

17. Maximize reliability
www
Router
Router
Data
center
Direct Connect
AWS
Cloud

18. Using the elastic Data Centers

19. Managing data
Backup, storage, archiving

20. Storage Gateway
AWS Storage
Gateway
Corporate Data
Center
Elastic Data
Center

21. Storage Gateway
AWS Storage
Gateway
Corporate Data
Center
Elastic Data
Center

22. Storage Gateway
AWS Storage
Gateway
Corporate Data
Center
Restore from
S3 Snapshot
Elastic Data
Center

23. Storage Gateway
Cloud Copy
from S3
Snapshot
AWS Storage
Gateway
Corporate Data
Center
Elastic Data
Center

24. Development & Test
spin up, use & turn off

25. Frameworks & environments
Source control
Project management
Leverage EC2 to run
popular source control
systems
Add integrated project
management and issue
tracking
Workstations
Build servers
Enable standard build
developer/test
workstations
Use EC2 horsepower to
drive build servers and
continuous integration

26. Testing at scale
Unit & regression
Load & performance
Scale up and parallel run
unit and regression plans
in a fraction of the time
Utilize spot market for
generating load and test
how applications perform
A/B
Security
Run A/B scenario testing
with replica stacks
Create sandboxes for
aggressive security
testing

27. Disaster Recovery
reduce costs, reduce risk

28. Disaster Recovery
Primary Site
Routers and Switches
Secondary Site
Failover
Routers and Switches
Firewalls
Firewalls
Applications
Applications
Operating Systems
Operating Systems
Hypervisor
Hypervisor
Servers
Servers
SAN
Recovery
SAN
Backups
Backups
Archives
Archives

29. Pilot Light DR Scenario
Primary Site
AWS
Routers and Switches
Firewalls
Security Groups
Applications
Operating Systems
Hypervisor
Servers
Stopped EC2 Instances
and AMIs
SAN
Standby DB Server
Elastic Block Store
Backups
Backups on S3
Archives
Archives on Glacier

30. Disaster Recovery – pilot light
Corporate Data
Center
Synchronization of
key datasets
Elastic Data
Center

31. Disaster Recovery – pilot light
Corporate Data
Center
Elastic Data
Center

32. Disaster Recovery – pilot light
Promotion of
stopped instances
to live
Corporate Data
Center
Elastic Data
Center

34. Relational Database
Relational Database Service
Database-as-a-Service
No need to install or manage database instances
Scalable and fault tolerant configurations
Feature
Platform support
Preconfigured
Deployment & Administration
Automated patching
App Services
Backups
Compute
Storage
Database
Networking
AWS Global Infrastructure
Speed
Failover
Replication
Details
Create MySQL, SQL Server and Oracle RDBMS
Get started instantly with sensible default
settings
Keep your database platform up to date
automatically
Automatic backups and point in time recovery
and full DB backups
Provisioned IOPS enable up to 30.000 IO/s for
high throughput
Automated failover to slave hosts in event of a
failure
Easily create read-replicas of your data and
seamlessly replicate data across availability
zones

35. Key components of Oracle architectures on AWS
• Amazon Virtual Private Cloud (Amazon VPC)
• Elastic Block Store (EBS) provisioned IOPS volumes
– Up to 4,000 IOPS per volume
– Stripe across several volumes
•
•
•
•
•
EBS-optimized instances
Oracle Automatic Storage Management (ASM)
Oracle Data Guard and Active Data Guard
Oracle Secure Backup Cloud Module
Oracle Transparent Data Encryption (TDE)

36. Standard Oracle Database Architecture on Amazon EC2
Public Subnet
Private Subnet
App
Servers
Oracle DB
Server
S3 Bucket
AMI
(Ready to launch)
PIOPS
Root
Volume
Data
Volume
RMAN
Mirrored Redo
Log Volumes
EBS Snapshot
Backup
Volume
EBS Snapshot Copy
Primary Availability Zone
Primary Region
DR Region

37. Enterprise Class Database Architecture on Amazon EC2
Public Subnet
Private Subnet
App
Web
Servers
Oracle DB
Server
Private Subnet
ASM Striped
Data Volumes
Root
Volume
App
Web
Servers
Oracle DB
Server
Oracle Data Guard
PIOPS
Root Volume
Public Subnet
PIOPS
Root
Volume
CloudFormation
Template
(Ready to launch)
PIOPS
ASM Striped
Data Volumes
Root
Volume
AMI Used by
CFN Template
OSB + RMAN
Mirrored Redo
log Volumes
Primary Availability Zone
OSB + RMAN
Secondary Availability Zone
RMAN Backup in
S3 Bucket
Primary Region
DR Region

38. Simplify: Amazon RDS for Oracle
Public Subnet
Private Subnet
App
Web
Servers
Oracle DB
Server
Primary Availability Zone
Primary Region
Private Subnet
RDS Synchronous
Replication
Oracle DB
Server
Public Subnet
App
Web
Servers
Secondary Availability Zone

39. Oracle applications on AWS
• Oracle Applications are fully supported on AWS
–
–
–
–
BI, Siebel, E-Business Suite, Weblogic, Coherence,…
Database & middleware on AWS Xen
Applications on OVM
>30 AMIs by Oracle, look for OVM or Oracle on Community
AMIs
• Oracle licenses owned by customers are fully
portable to AWS
– But check your contract

40. Intranet Enterprise Class 3-tier Architecture
Private Subnet
Private Subnet
Web
Server
Web
Server
Web
Server
Web
Server
Web
Server
Private Subnet
Private Subnet
App
Servers
Web
Server
App
Servers
App
Servers
App
Servers
Private Subnet
Oracle
DB
App
Servers
Private Subnet
Synchronous Replication
Primary Availability Zone
AWS
App
Servers
Corporate
Data Center
Oracle
DB
Secondary Availability Zone
Corporate Network

41. Moving to the Cloud
Enrico Ancona
Amministratore Delegato
Imperia & Monferrina S.p.A.

42. Do You Recognize Any Brand?

43. Who We Are
• Imperia, established in
Italy in 1932, sells pasta
machines and other
small kitchen appliances
to 77 countries
worldwide.

44. Who We Are
• Imperia merged with Italian
pasta machine maker
Monferrina in 2010 to form
Imperia & Monferrina,
producing a range of products
from the small home-use
pasta machine to industrial
pasta makers, capable of
producing 600 kg of pasta per
hour.

45. Challenge
• When Imperia &
Monferrina merged
operations, the company
needed to quickly set up a
new infrastructure to
help bring the two
merging companies
together.
!

46. Challenge
• The IT team had to create
a flexible new Enterprise
Resource Planning (ERP)
system that would unify
the internal and external
management information
across the newly formed
entity.
• Additionally,
requirements dictated
that the solution be
reliable and efficient, and
could be set up quickly
and cost-effectively—all
in less than six months.

47. Architecture
?
• We have been
astonished by the
effectiveness and
simplicity of
the AWS Cloud.

48. Benefits
• By hosting Oracle
eBusiness Suite on AWS,
we reduced capital
expenses by 50 percent,
and operating expenses
by 15 percent.
• A normal ERP project
would have taken more
than six months, and we
completed this in under
four months.
• Our ERP system has
reached 99.95 percent
availability, as well.

49. Thanks!

50. Test Drive
Test Enterprise Apps on AWS
Free of charge for educational and demonstration purposes
Pre-configured environments
Examples:
• Oracle Data Guard Secure Backup
• Oracle BI
• Oracle E-Business Suite
• Siebel
• SAP Afaria
• Red Hat Storage Server

51. SAP
SAP Enterprise applications in the elastic data center
SAP Business Suite
SAP HANA One
SAP Business All-in-One
SAP BusinessObjects BI solutions
SAP Rapid Deployment Solutions (RDS)
SAP Afaria
http://aws.amazon.com/sap/

52. AWS / SAP Alliance
SAP has been an AWS customer
since 2008
AWS is an SAP-certified Global Cloud Services
Partner and Global Technology Partner
Most SAP products are now certified for production
deployment on AWS

53. Supported SAP Products: Production
http://aws.amazon.com/sap/
Suite
Product
License
SAP Business Suite
ECC, SRM, SCM, CRM, PLM
BYOL
SAP Netweaver
BW, Portal, PI, CE, BPC on NW
BYOL
SAP Business Objects
BI, EPM, GRC
BYOL or Marketplace
SAP HANA One
Premium
Platform
Developer
Yearly Subscription from the SAP
Marketplace
AWS Marketplace
SAP Business-All-In-One
A1
BYOL
SAP Business One
B1
BYOL & SaaS
SAP Mobility Platform
Afaria
BYOL, Marketplace or SAP Mobile Secure
SAP Cloud Appliance Library
Preconfigured SAP BS, HANA &
Rapid Deployment Suite
BYOL - existing SAP customers only
BYOL = bring your own license = buy license from SAP sales and just run it from the AWS cloud
The AWS Marketplace is an application marketplace from AWS
SAP mobile Secure is a service offering from SAP & Cap Gemini on AWS for enterprise mobility
Current as of July 1st , 2013. Please refer to the AWS website for confirmation after this date
SAP Note #165609 contains the latest information regarding SAP product, landscape and platform support on AWS

54. Hybrid IT SAP Deployment
SAP Production landscape runs in
customer’s own datacentre
SAP Development & Quality
Assurance landscape runs on AWS
DEV
QAS
ECC
ECC
BW
BW
SRM
SRM
PRD
ECC
BW
Customer
Data Centers
SRM
VPN or
Direct Connect
Secure connectivity
between datacentre &
AWS
Virtual Private Cloud

55. Cloud Appliance Library (SAP CAL)
• Quickly deploy demo, test & training
systems
• Full SAP Business Suite
• Deploy in under 1 hour
• Uses existing AWS account
•
http://scn.sap.com/docs/DOC-33187

56. Full SAP Deployment on AWS
Customer runs DEV, QAS & PRD on AWS
Customer
LAN
DEV
QAS
PRD
ECC
ECC
ECC
BW
BW
BW
SRM
SRM
SRM
VPN or
Direct Connect
Secure connectivity
between LAN & AWS
network
Virtual Private Cloud

57. Performance: Amazon EC2 SAPS
SAP SD 2-Tier Benchmark
Instance Type (VM)
Cores
Mem
ECU
SAPS
High Memory 2-XLarge
4
34.2
13
3,700
High Memory 4-XLarge
8
68.4
26
7,400
ECU = EC2 Compute Unit

58. Performance: Amazon EC2 SAPS
SAP SD 3-Tier Benchmark
Instance Type
#
Cores
Mem
ECU
SAPS
Cluster Compute 8-XLarge
1
16
60
88
DB
Cluster Compute 8-XLarge
6
16
60
88
SCS+DI
90,330
ECU = EC2 Compute Unit

59. HIGH AVAILABILITY
AND
DISATER RECOVERY
FOR SAP PRODUCTION APPLICATIONS

61. SAP HANA on AWS
SAP HANA One
Premium
Business
Developer
Overview
SAP HANA One, plus SAP Cloud Integration
(HCI) and approval to load SAP source data
Fully featured SAP HANA virtual appliance on
AWS
Fully featured SAP HANA virtual
appliance on AWS for individual
developers
Use Cases
 Production and non-production
 All SAP HANA use cases supported
including SAP Business Suite and SAP
NetWeaver Business Warehouse on HANA






 Non-production only
 Develop, test and demo applications
on top of the HANA platform
 Learning environment
Key Benefits
 Instant provisioning
 Enterprise Support included
 Annual subscription pricing – economical
for 24x7 customers
 Data Services included
 Instant, self-serve access – up and running
in 10 minutes
 Start and stop when needed – reduce
license and infrastructure cost
 Community support
 Free developer license
 Easily accessible and rapidly
deployable
 Pay-per-use infrastructure
Annual subscription
On-demand - $0.99 per hour
Free Developer License
SAP HANA Marketplace
AWS Marketplace
SAP SCN
License
Available from
Production and non-production
Analytics acceleration
Data merging
Temporary event-based analytics
Self-service BI
Prototypes and proofs-of-concept
Demo: http://aws.typepad.com/aws/2013/05/demo-sap-hana-one-on-aws.html

62. New: Big HANA Instances on AWS
http://www.saphana.com/docs/DOC-4181

63. Architecture with On Premises integration
10.0.0.0 / 16
10.0.1.x / 24 (Private Subnet)
Root
Volu
me
Amazon
S3
SAP
HANA
(Master)
SAP
Volu
me
Push/Pull
Backup
to/from S3
S3 Backup
Bucket
Mount
Global
Shares:
/hana/shared
/backup
LVM
Grou
p
HANA Data
HANA Log
& Backup
Area
10.0.2.x / 24 (Public)
Private IP
Address(es)
SAP
Volu
me
(50013/14)
(1128/9)
(30015/17)
(8000/4300)
RDP
HANA
Studio
Internet
Elastic IP
Address
Virtual Private
Gateway
SAP
HANA
(Workers)
Inbound
SSH
NAT
Outbound
Internet
Traffic
LVM
Grou
p
HANA Data
HANA Log
Availability Zone
SSH
Internet
Gateway
VPN Tunnel or
AWS Direct
Connect
Customer
Gateway
Corporate Network
Shar
es
From
Mast
er
Root
Volu
me
SSH (22)
Internal Comm
(30000-10)
NFS (Various)
Studio
HLM
JDBC
XS App

64. Windows on AWS
Provision fully licensed Windows Server
on AWS
in Minutes
With or without SQL Server

65. Windows and AWS
• Full, real, licensed Windows Server OS
– 2003, 2008, 2008r2, 2012 all via our Microsoft SPLA licensing
means no CAL’s required
– SQL Server Standard via SPLA as well
• VPC for static, user-defined networks
• Security groups for easy-to-configure firewalls
per VM
• Easily install services that you know
– AD, ADFS, SCOM, WSUS, SQL, MS Exchange, SharePoint, etc.

66. Windows-Based AMIs
• Microsoft Windows based
Amazon Machine Images (AMIs)
– Over 20 Amazon published
Windows and SQL AMIs
• Windows Server 2012
• Windows Server 2012 + SQL 2012
Standard, Web & Express
• Windows Server 2008
• Windows Server 2008 + SQL 2012
Standard, Web & Express
• Windows Server 2008 + SQL 2008
Standard, Web & Express
• Other Windows based AMIs….

67. Licensing... by the hour.
*Prices subject to (typically downward) change

68. Microsoft Licensing Models on AWS
• Two models of licensing
Pay-as-you-go – AMI pricing
includes software
• Windows Server
• SQL Server Standard
BYOL – use existing licenses on
AWS
• SQL Server Enterprise
• SharePoint Server
• Other Microsoft Windows Server
products
• BYOL requires active Microsoft Software
Assurance
– Use existing Microsoft licenses
– http://aws.amazon.com/windows/mslicensemobility/

69. Windows Free Usage Tier
•
AWS Free Usage Tier includes
Microsoft Windows Server
2008, 2008 R2, 2012.
•
Up to 750 hours per month of
t1.micro instances with
Windows Server for free.

70. Window and .NET Developer Center
One stop for all tools, documentation, scripts, videos, and sample code to help you run .NET on the
AWS Cloud
http://aws.amazon.com/net/
Develop
Manage
Connect
Learn
Design, Build, and Run .NET on
AWS
Automate and Scale Windows
on AWS
Expand and Explore the
possibility for .NET on AWS
•
AWS SDK for .NET
•
AWS Toolkit for Microsoft
Visual Studio
• AWS Tools for Windows
PowerShell
Get connected and join the
community of developers
running Windows and
.NET on AWS
•
.NET container for deploying
on AWS Elastic Beanstalk
• Community Forum
• AWS on Github
• Links to valuable articles
• Sample code to download

71. Amazon EC2 Windows Guide
What’s New:
• Using Windows Powershell
with the AWS SDK for
.NET
• AWS Diagnostic tools for
Windows Server
• Install EC2 command line
tools on Windows
• Setting up a Windows HPC
Cluster
http://docs.amazonwebservices.com/AWSEC2/latest/WindowsGuide/Welcome.html

72. Windows Server Cluster-Based SQL Server 2012 HA in AWS
Remote
Admin & Mgmt
Users
Elastic IP’s (Public Route)
NAT
Instance
Elastic IP’s (Public Route)
RDGW
Instance
NAT
Instance
RDGW
Instance
Windows Server Failover Clustering (WSFC) Cluster
Node
WSFC Configuration
Node
WSFC Configuration
SQL Server Instance
SQL Server Instance
Instance Network Name
Instance Network Name
AlwaysOn Availability Group
Secondary Replica
Availability Group Listener Virtual Network Name
Storage
Storage
Primary
DC/DNS
Rerplica
DC/DNS
Availability Zone 1
Availability Zone 2
AWS Region
Private IP’s (Private Route)
Private IP’s (Private Route)
Primary Replica

73. SharePoint Reference Implementation
Public Subnet
Private Subnet
Private Subnet
Private Subnet
Private Subnet
IIS & SharePoint
Web Front End
Central Admin &
SharePoint Services
Application Tier
Availability Zone 1
Primary DB
SQL Server
Primary DC/DNS
Database Tier
Active Directory
Database Tier
Active Directory
NAT
Remote
Admin
RDGW
Web Tier
ELB
Users
Web Tier
Application Tier
IIS & SharePoint
Web Front End
Internet
Gateway
Central Admin &
SharePoint Services
Mirror DB
Backup DC/DNS
RDGW
Witness
NAT
Public Subnet
Private Subnet
Private Subnet
Availability Zone 2
AWS Region
Private Subnet
Private Subnet

74. Deploy SharePoint Farm in 6 Steps
• NEW Article “Deploy a Microsoft SharePoint 2010
Server Farm in the AWS Cloud in 6 Simple Steps”:
– Builds upon the SharePoint Reference Implementation White Paper
– http://aws.amazon.com/articles/9982940049271604
• AWS CloudFormation Templates for each step:
–
–
–
–
Launch the network and Active Directory stack
Launch the database stack
Launch the app stack
Launch the web stack

75. Whitepapers
• SharePoint Reference Architecture on AWS whitepaper
http://aws.amazon.com/windows/sharepoint/
• Microsoft Exchange Server 2010 in the AWS Cloud:
Planning & Implementation Guide
http://aws.amazon.com/windows/exchange/
• Implementing Microsoft Windows Server Failover
Clustering (WSFC) and SQL Server 2012 AlwaysOn
Availability Groups in the AWS Cloud
• … and more
http://aws.amazon.com/windows/

76. Case Study
Lionsgate
deployed MS
SharePoint
workloads in
Production and
SAP apps
1
TCO cloud cost analysis and final results
show 50% of cost vs. traditional hosted facility
2
Started with VPC and conducted a thorough
security, licensing and certification
assessment
3
Reduced deployment time from 5 weeks to
few hours

77. Resources
• aws.amazon.com/sap
• aws.amazon.com/vpc
• aws.amazon.com/directconne • aws.amazon.com/microsoft
ct
• aws.amazon.com/oracle
• aws.amazon.com/storagegate
way
• aws.amazon.com/whitepapers
–
–
–
Development and Test
VPC networking
Backup & archive

78. aws.amazon.com