Se ha denunciado esta presentación.
Utilizamos tu perfil de LinkedIn y tus datos de actividad para personalizar los anuncios y mostrarte publicidad más relevante. Puedes cambiar tus preferencias de publicidad en cualquier momento.

Introduction to Microsoft Workloads on AWS - AWS Online Tech Talks

382 visualizaciones

Publicado el

Learning Objectives:
- Learn about running Windows Server on AWS
- Learn about running Microsoft applications like SQL Server, SharePoint, Dynamics and Exchange on AWS
- Learn about the methodology to migrate Microsoft workloads to AWS

  • Sé el primero en comentar

Introduction to Microsoft Workloads on AWS - AWS Online Tech Talks

  1. 1. Zlatan Dzinic Solution Architect Amazon Web Services Introduction to Microsoft Workloads on AWS
  2. 2. Challenge • Can Amazon Web Services (AWS) simplify the infrastructure environment that I already know well? • Active Directory? • Corporate Applications • Office 365 • Exchange • SharePoint • Dynamics • System Center • SQL? • How do I deploy all of this? • Any good migration suggestions for simplifying my Microsoft workloads? • Can AWS make management of my Windows workloads more simple?
  3. 3. Simplify Infrastructure Environment
  4. 4. Innovation: Windows on AWS AWS Systems Manager
  5. 5. VPC Design Patterns: Single VPN—Multi-VPC Shared Services VPC Transit VPC
  6. 6. Private subnetPrivate subnet Availability Zone 2 Corporate Network San Francisco DC1 VPN / Direct Connect Availability Zone 1 DC3 Cost 10 Existing Active Directory domain extended to AWS; new Active Directory sites configured in each AZ; domain controllers on Amazon Elastic Compute Cloud (Amazon EC2) Windows servers; site-link costs correctly configured; and “try next closest site” configured DC4 AD Domain: abc.com AD Replication AD Site: AwsEastAZ1 AD Domain: abc.com AD Site: AwsEastAZ2 Cost 50 New York AD Domain: abc.com AD Site: SanFran DC2 AD Domain: abc.com AD Site: NewYork Active Directory Pattern: Extending Active Directory Domain to AWS
  7. 7. Private subnetPrivate subnet Availability Zone 2 Corporate Network Availability Zone 1 Federated Trust San Francisco DC1 Cost 50 New York AD Domain: abc.com AD Site: SanFran DC2 AD Domain: abc.com AD Site: NewYork Internet ADFS2 ADFS1 AD Domain: abc.aws.com Identities mastered on premises; Federated Trust (AD FS) configured between on-premises Active Directory and domain controllers running on Amazon EC2 Windows servers DC3DC1 or ADFS1 AD Domain: abc.aws.com DC3DC2 or ADFS2 Active Directory Pattern: Federated Trust
  8. 8. Private subnetPrivate subnet Availability Zone 2 Corporate Network San Francisco DC1 VPN / Direct Connect Availability Zone 1 DC3 Identities mastered on premises; Forest Trusts configured between on-premises Active Directory and AWS Directory Service for managed Active Directory DC4 AD Domain: abc.aws.com AD Authentication AD Domain: abc.aws.com Cost 50 New York AD Domain: abc.com AD Site: SanFran DC2 AD Domain: abc.com AD Site: NewYork AD Trust DC1 or DC3DC2 or Active Directory Pattern: Forest Trusts
  9. 9. Office 365 with AWS Microsoft Active Directory Credentials
  10. 10. Configuration • Add two containers to AWS Microsoft Active Directory for use by AD FS • Install AD FS • Integrate AD FS with Azure Active Directory • Synchronize users from AWS Microsoft Active Directory to Azure Active Directory with Azure AD Connect • Sign in to Office 365 by using your Microsoft Active Directory identities
  11. 11. Options for Deploying SQL Server on AWS Amazon RDS for SQL Server SQL Server on Amazon EC2 Customer-managedAWS-managed Power, HVAC, net OS Install/Maintenance OS Patching DBMS Install/Maintenance DBMS Patching Database Backups High Availability Scaling Power, HVAC, net OS Install/Maintenance OS Patching DBMS Install/Maintenance DBMS Patching Database Backups High Availability Scaling • Consider Amazon Relational Database Service (Amazon RDS) first • Focus on business value tasks • High-level tuning tasks • Schema optimization • No in-house database expertise • Need full control over DB instance • Backups • Replication • Clustering • Options that are not available in Amazon RDS
  12. 12. Multi-AZ AlwaysOn Availability Group
  13. 13. Multi-Region AlwaysOn Availability Group
  14. 14. Failover Cluster Instance SIOS DataKeeper Cluster Edition Windows Server 2016 Storage Replica
  15. 15. Simplify Infrastructure Deployment
  16. 16. Template AWS CloudFormation Stack JSON/YAML formatted file Parameter definition Resource creation Configuration actions Configured AWS resources Comprehensive service support Service event aware Customizable Framework Stack creation Stack updates Error detection and rollback AWS CloudFormation—Components and Technology
  17. 17. How AWS CloudFormation Works
  18. 18. AWS Quick Starts
  19. 19. Simplify Migration
  20. 20. Migration Tools from AWS and Partners Data transfer AWS Storage and File Gateway Amazon S3 Transfer Acceleration AWS Direct Connect Amazon Kinesis Firehose AWS Snowball and Snowmobile AWS Database Migration Service (AWS DMS) Server and database migrations AWS Server Migration Service Application monitoring/profiling Amazon CloudWatch AWS Config Discovery and planning AWS Application Discovery Service
  21. 21. Example Migration Sequence • Account structure • Network/VPC • Security • Active Directory Step 1. Landing zone On-Premises Data Center Domain Controller Amazon Route 53 Domain Controller SQL Server SQL Server App Server App Server Web Server Web Server VPN / DirectConnect Security Prod Root Dev Private Subnet, 10.0.0.64/18 10.0.0.0/16 Public Subnet, 10.0.0.0/18 On-Premises Data Center Domain Controller Amazon Route 53 Domain Controller SQL Server SQL Server App Server App Server Web Server Web Server VPN / DirectConnect AWS Shield AWS WAF CloudTrail CloudWatch VPC Flow Logs Systems Mgr Inspector Config Security Group Security Group Security Group Security Prod Root Dev 10.0.0.0/16 Private Subnet, 10.0.0.64/18 Public Subnet, 10.0.0.0/18 On-Premises Data Center Domain Controller Amazon Route 53 Domain Controller SQL Server SQL Server App Server App Server Web Server Web Server or Active Directory on EC2 VPN / DirectConnect AWS Shield AWS WAF AWS Managed Active Directory CloudTrail CloudWatch VPC Flow Logs Systems Mgr Inspector Config Security Prod Root Dev
  22. 22. Example Migration Sequence Step 2. Database tier • Build out your DBMS infrastructure • Choose a database replication and synchronization strategy • One-step migration (suitable for smaller databases and good connectivity) • Full-diff migration (suitable for larger databases and good connectivity) • Zero-downtime migration (software tool based solution) On-Premises Data Center Domain Controller Amazon Route 53 Domain Controller SQL Server SQL Server App Server App Server Web Server Web Server or Active Directory on EC2 or SQL Server on EC2 SQL Server on AWS RDS VPN / DirectConnect Security Prod Root Dev AWS Shield AWS WAF AWS Managed Active Directory CloudTrail CloudWatch VPC Flow Logs Systems Mgr Inspector Config
  23. 23. Example Migration Sequence Step 3. Server/app migration • Perform extensive testing at this stage • Choose a server/app migration strategy • Manual migration (build new servers—migrate app) • Tool based migration (block- level migration and synchronization) • Always maintain rollback capability On-Premises Data Center Domain Controller Amazon Route 53 Domain Controller SQL Server SQL Server App Server App Server Web Server Web Server or Active Directory on EC2 or SQL Server on EC2 SQL Server on AWS RDS VPN / DirectConnect App Server App Server Web Server Web Server Security Prod Root Dev AWS Shield AWS WAF AWS Managed Active Directory CloudTrail CloudWatch VPC Flow Logs Systems Mgr Inspector Config
  24. 24. Example Migration Sequence Step 4. Production cutover • Plan your final cutoff carefully • Ensure any final replication and/or synchronization occurs • Test your cutover mechanism (DNS TTL, and so on) • Maintain rollback after cutoff, if possible On-Premises Data Center Domain Controller Amazon Route 53 Domain Controller SQL Server SQL Server App Server App Server Web Server Web Server or Active Directory on EC2 or SQL Server on EC2 SQL Server on AWS RDS VPN / DirectConnect App Server App Server Web Server Web Server Security Prod Root Dev AWS Shield AWS WAF AWS Managed Active Directory CloudTrail CloudWatch VPC Flow Logs Systems Mgr Inspector Config
  25. 25. AWS Server Migration Service Overview • Support VMware virtual machine migration (support for additional hypervisors coming soon) • Agentless VM migration • Capture incremental change made to on-premises VMs and automatically transfer to AWS • Migrate a group of VMs simultaneously and orchestrate multiple migrations • AWS Management Console and API/CLI access Source: on-premises server AWS Server Migration Service Target: Amazon Machine Image
  26. 26. AWS Migration Hub Discover Migrate Track Discover servers in existing data centers (optional) Group servers as applications Track application migration status Migrate using tools outside AWS Migration Hub • Better understand your application portfolio • Streamline application portfolio migration planning and tracking • Track migration progress from multiple tools in one place • Reduce time spent determining current status and next steps
  27. 27. Tracking Status Made Easy
  28. 28. Migration via AlwaysOn Availability Groups
  29. 29. Simplify Management
  30. 30. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Systems Manager Capabilities Run Command Maintenance Window Inventory State Manager Parameter Store Patch Manager Automation Deploy, configure, and administer Track and update Shared capabilities
  31. 31. AWS Systems Manager—Components Run Command State Manager Inventory Maintenance Window Patch Manager Automation Parameter Store Documents
  32. 32. Managing Your Environment with Systems Manager Availability Zone Web security group Private subnet Accept traffic from SSM WEB2 WEB1 AWS administrator Corporate data center EC2 Systems Manager Amazon S3 bucket SNS topic CloudWatch metric IAM policy
  33. 33. Monitor EC2 metrics (CPU, disk usage, and so on) Monitor AWS resources (EBS volumes, Elastic Load Balancers, and so on)a Monitor logs and configure alerts Store logs and perform analytics Availability Zone S SharePoint Front-end SQL Server Domain Controller CloudWatch / CloudWatch Logs Amazon Kinesis Amazon S3 Amazon Redshift AWS Lambda Availability Zone S SharePoint Front-end SQL Server Domain Controller CloudWatch / CloudWatch Logs Email Amazon SMS Workflow CloudWatch Alarms CloudWatch and Amazon CloudWatch Logs
  34. 34. Monitoring Amazon CloudWatch AWS CloudTrail AWS Config AWS Trusted Advisor Flow logsAmazon VPC AWS Lambda Amazon Elasticsearch Service Amazon QuickSight EC2 Amazon Kinesis
  35. 35. Thank you! zlatan@amazon.com @ZlatanDzinic

×