Se ha denunciado esta presentación.
Utilizamos tu perfil de LinkedIn y tus datos de actividad para personalizar los anuncios y mostrarte publicidad más relevante. Puedes cambiar tus preferencias de publicidad en cualquier momento.

Modernize and Move your Microsoft Applications on AWS

655 visualizaciones

Publicado el

越來越多的企業正在使用 Amazon Web Services 的靈活、可擴展和安全的基礎架構來運行他們的 Microsoft Windows 工作負載。 這場線上研討會將演示 AWS 如何確保大多數 Microsoft 應用程序的定制、高可用性和可擴展性。 我們分享在 AWS 上部署 Active Directory(AD)的最佳做法,以支援 Microsoft 工作負載,如何在AWS上部署 SQL Server 以確保高可用性,以及 AWS 上的客戶使用案例。 立即報名參加這場研討會,了解有關在 AWS 上運行 Microsoft 工作負載的最佳做法和注意事項。

  • Sé el primero en comentar

Modernize and Move your Microsoft Applications on AWS

  1. 1. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Rebeker Choi, Solutions Architect, AWS November 2017 Modernize and Move your Microsoft Applications on AWS
  2. 2. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Sponsor
  3. 3. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. What to Expect from the Session • The Fundamentals • Best Practices of Deploying • Microsoft Applications on AWS • SQL Server • Active Directory
  4. 4. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Flexible Why Are Customers Migrating Windows Applications to AWS? Secure Reliability & Scalability High-Performance Cost-Effective Extensive Optimization for Windows-based workloads Wide range of scalable services Alignment with business needs
  5. 5. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. The Fundamentals
  6. 6. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
  7. 7. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Availability Zone (AZ) Single digit msNetwork multiple tier‐1 transit providers Power isolated electrical grids, UPS, onsite backup generator Geo isolated fault lines flood plains Network multiple tier‐1 transit providers Power isolated electrical grids, UPS, onsite backup generator Geo isolated fault lines flood plains Zone A Zone B
  8. 8. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Availability Zone (AZ) Zone A Zone B Network multiple tier‐1 transit providers Power isolated electrical grids, UPS, onsite backup generator Geo isolated fault lines flood plains Network multiple tier‐1 transit providers Power isolated electrical grids, UPS, onsite backup generator Geo isolated fault lines flood plains Web DB Master Load Balancer DB Slave Web Storage StorageSingle digit ms
  9. 9. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Availability Zone - A Availability Zone - B The Fundamentals - Multi-AZ Deployment Private SubnetPrivate SubnetPublic Subnet Private SubnetPrivate SubnetPublic Subnet 10.1.0.0/16 10.1.1.0/24 10.1.2.0/24 10.1.3.0/24 10.1.4.0/24 10.1.5.0/24 10.1.6.0/24
  10. 10. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Availability Zone - A Availability Zone - B The Fundamentals - Multi-AZ Deployment Private SubnetPrivate SubnetPublic Subnet Private SubnetPrivate SubnetPublic Subnet SQL SQL WEB / App WEB / App Load Balancer 10.1.0.0/16 TCP 80 Users
  11. 11. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Availability Zone - A Availability Zone - B The Fundamentals - Multi-AZ Deployment Private SubnetPrivate SubnetPublic Subnet Private SubnetPrivate SubnetPublic Subnet Web Security Group Accept Port 80 from LB SQL Security Group Accept Port 1433 from Web WEB / App WEB / App SQL SQL TCP 80 Load Balancer TCP 80 TCP 80 TCP 1433 10.1.0.0/16 Users
  12. 12. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. The Fundamentals - Multi-AZ Deployment Availability Zone - A Availability Zone - B Private SubnetPrivate SubnetPublic Subnet Web Security Group Accept Port 80 from LB SQL Security Group Accept Port 1433 from Web Private SubnetPrivate SubnetPublic Subnet Users Load Balancer Auto- Scaling Group WEB / App WEB / App Always-On Availability Group or Amazon RDS SQL SQL 10.1.0.0/16
  13. 13. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. The Fundamentals - Multi-AZ Deployment Availability Zone - A Availability Zone - B Private SubnetPrivate SubnetPublic Subnet Web Security Group Accept Port 80 from LB SQL Security Group Accept Port 1433 from Web Private SubnetPrivate SubnetPublic Subnet Users Load Balancer Auto- Scaling Group WEB / App WEB / App Always-On Availability Group or Amazon RDS SQL SQL 10.1.0.0/16 Route 53 or other DNS www.example.com -> xxx.us-west2.elb.amazonaws.com xxx.us-west2.elb.amazonaws.com
  14. 14. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. The Fundamentals - Multi-AZ Deployment Availability Zone - A Availability Zone - B Private SubnetPrivate SubnetPublic Subnet Web Security Group Accept Port 80 from LB SQL Security Group Accept Port 1433 from Web Private SubnetPrivate SubnetPublic Subnet Users Load Balancer Auto- Scaling Group WEB / App WEB / App Always-On Availability Group or AWS RDS SQL SQL 10.1.0.0/16 Route 53 or other DNS www.example.com -> xxx.us-west2.elb.amazonaws.com xxx.us-west2.elb.amazonaws.com Corporate Office IPSec VPN / Direct Connect
  15. 15. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Deploying Web/App Tier
  16. 16. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. AWS Elastic Beanstalk vs. Amazon EC2 Your code Managed by Elastic Beanstalk Focus on building your application HTTP server Application server Language interpreter Operating system Host HTTP/Application server Operating system Host Your code Managed by Customer Managed by AWS Elastic Beanstalk EC2
  17. 17. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Elastic Beanstalk • Preconfigured infrastructure: • Single-instance (dev, low cost) • Load-balanced, Auto Scaling (production) • Web and worker tiers • Elastic Beanstalk provisions necessary infrastructure resources, such as the load balancer, Auto Scaling group, security groups, database (optional), etc.
  18. 18. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Information required to deploy an application 01 02 03 04 Region Stack type Single-instance Load balanced with autoscaling Or Database (RDS) Optional Your code Supported platforms
  19. 19. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. AWS Toolkit for Visual Studio • Full integration in Visual Studio • Deploy from Visual Studio AWS Toolkit for Visual Studio Deploy code to AWS Select AWS Region Select AWS Service
  20. 20. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Deploying SQL Server
  21. 21. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Database Tier – Deployment Options
  22. 22. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Database Tier – Deployment Options Amazon RDS for SQL Server SQL Server on Amazon EC2 Versions Supported: 2008 R2, 2012, 2014, 2016 2005, 2008, 2008 R2, 2012, 2014, 2016, 2017 Editions Supported: Express, Web, Standard, Enterprise High Availability: Self-managed; AlwaysOn, Mirror, Log ShipAWS-managed Encrypted storage using AWS KMS (all editions); TDE supportEncryption: Authentication: Windows & SQL authentication Maintenance plans & third-party toolsManaged automated backupsBackups: Self-managedAutomatic software patchingMaintenance:
  23. 23. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Multi-AZ Always-On Availability Group Availability Zone A Private Subnet Primary Replica Availability Zone B Private Subnet Secondary Replica Synchronous Commit Automatic Failover Primary: 10.0.2.100 WSFC: 10.0.2.101 AG Listener: 10.0.2.102 Primary: 10.0.3.100 WSFC: 10.0.3.101 AG Listener: 10.0.3.102 AG Listener: ag.awslabs.net SQL Server running on EC2 – High Availability
  24. 24. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon RDS – On-Demand, Pay-as-you-go AWS deals with Microsoft on licenses
  25. 25. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon RDS - Flexibility of Choices Flexibility of Choices on MS SQL server engine version
  26. 26. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon RDS – built-in Multi-AZ deployment For high availability:- • Automatic failover • Synchronous replication across AZs
  27. 27. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon RDS is simple and fast to scale • Scale up or down among instance types on demand • Minimal downtime for multi-AZ deployment • Select your window to apply the change
  28. 28. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon RDS – consistent IOPS performance Provisioned IOPS is available for IOPS demanding database workload
  29. 29. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon RDS – consistent IOPS performance VPC support • Web / application servers can access SQL database via private IP addresses
  30. 30. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon RDS - High availability Availability Zone A AWS Region 10.1.0.0/16 10.1.1.0/24 Availability Zone B 10.1.2.0/24 Synchronous replication Same instance type as master Automatic failover Synchronous replication Private subnet Private subnet
  31. 31. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Migrating data to and from Amazon RDS AWS Database Migration Service Minimize downtime during migrations, migrate on- premises SQL server to RDS for SQL or SQL server running on EC2 Amazon RDS Native Backup / Restore Store your existing SQL Server backups ‘.bak’ files in Amazon S3 and restore them on Amazon RDS 1 2 3 AWS Marketplace Third-party data import and export tools and solutions
  32. 32. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Deploying Active Directory
  33. 33. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Microsoft AD Options for AWS Workloads • Enable users to use Single Sign-On (SSO) on corporate applications • Domain join EC2 instances to Active Directory environment • Provide central application/resources access management using groups • Three deployment options: AWS VPC AWS Microsoft AD DC AD AWS VPC EC2 Windows Server DC AD On-premises Windows Server DC AD self-managed self-managed AWS-managed
  34. 34. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Application Availability Zone Private Subnet (10.0.2.0/24) SQL Server App Server IIS Server Availability Zone Private Subnet (10.0.3.0/24) SQL Server App Server IIS Server Remote Users / Admins Example: Domain join EC2 to on-premises AD Domain Controllers company.local DC corporate data center VPN Connection DBAPPWEB DBAPPWEB Auth/ LDAP Auth/ LDAP
  35. 35. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Availability Zone Private Subnet (10.0.2.0/24) DBAPPWEB SQL Server App Server IIS Server Availability Zone Private Subnet (10.0.3.0/24) DBAPPWEB SQL Server App Server IIS Server Remote Users / Admins Domain Controllers company.local DC corporate data center VPN Connection DC Domain Controller DC Domain Controller AD Replication (company.local) Auth/ LDAP Auth/ LDAP Application Auth/ LDAP Example: AD on EC2 with AD replication
  36. 36. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Auth/ LDAP Auth/ LDAP Availability Zone Private Subnet (10.0.2.0/24) APPWEB App Server IIS Server Availability Zone Private Subnet (10.0.3.0/24) APPWEB App Server IIS Server Remote Users / Admins Domain Controllers company.local DC corporate data center VPN Connection AWS Directory Service DC Domain Controller DC Domain Controller Application SQL SQL Server APP SQL Server Example: AWS Microsoft AD with AD trust to on-premises Auth/ LDAP company.cloud AD Trust
  37. 37. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. https://aws.amazon.com/quickstart AWS Quick Starts for Microsoft Deploy complete Microsoft Solutions for free including: o SQL Server, Exchange, SharePoint, & Lync o Windows PowerShell DSC o Active Directory Domain Services o Web Application Proxy and AD FS o Remote Desktop Gateway AWS Quick Starts follow architectural best practices from AWS and Microsoft.
  38. 38. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Key Takeaways High Availability • Multi-AZ deployment for production workload • Single-AZ deployment for dev/test workload Focus more on your application development by • offloading underlying infrastructure O&M to AWS • leveraging AWS managed services if possible (Amazon RDS, AWS Elastic Beanstalk & AWS Directory Service)
  39. 39. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. AWS Facebook Hong Kong Page
  40. 40. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Remember to complete your evaluations!Remember to complete your evaluations!
  41. 41. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Thank you! rebeker@amazon.com

×