Вы находитесь на странице: 1из 42

WSCA RFI Workshop June 14-15th, 2011

Mark Fox, Public Sector Sales Manager Greg Duncan, Public Sector Solutions Architect

RFI Workshop Guidelines


1. AWS Cloud baseline. 2. AWS business and technical model vs. cloud industry? 3. Organizational implications for customers. Ex. contract administration, customer technical expertise, staff re-purposing 4. Impact on customer infrastructure (Bandwidth). 5. AWS with GIS large datasets, and public access. 6. Critical Success Factors and potential pitfalls. 7. Experience and considerations with hybrid cloud? 8. Aggregated demand pricing model? Preconditions? 9. Implications of software licensing in the cloud?

Tenets of AWS Cloud Computing


On Demand/Self-Service Broad Network Access Resource Pooling (Multi-Tenant Virtualization) Rapid Elasticity; Scale up/down manual/auto Measured Utility Pricing Model No CAPEX Improves time to delivery Managed 70/30 operational flip

Elastic and Pay-Per-Use Infrastructure


Infrastructure Cost $ & Demand

Large Capital Expenditure

Unable to serve customers Predicted Demand Traditional Hardware Actual Demand Opportunity Cost Automated Virtualization

time

Current On-Premise
30%
On-Premise Infrastructure

70%

Your

Managing All of

AWS Goal: Flip This Equation


30%
On-Premise Infrastructure

70%

Your

Managing All of Confi


30%

AWS Cloud-Based Infrastructure

More Time
70%

The Living and Evolving AWS Cloud Portfolio


WSCA ESRI GIS Application(s)
Libraries and Authentication Parallel Processing
Amazon Elastic

Web Interface Monitoring Content Delivery


Amazon

Tools

Command Line

Tools to access services Cross Service features Platform building blocks

Deployment and Automation Workforce


Amazon Mechanical

Payments
Amazon DevPay

Messaging
Amazon SNS Amazon SQS

Email
Amazon SES

Compute
Amazon EC2

Infrastructure building blocks

Amazon Global Physical Infrastructure (Geographical Regions, Availability Zones, Edge Locations)

Amazon Elastic Compute Cloud


Amazon EC2 = Virtual Machine Amazon EC2: on-demand compute power
New server instances in minutes (11 different sizes) Quickly scale capacity up or down Servers from $0.02 (2 cents) per hour On Demand, Reserved, and Spot Pricing

Key features:
Support for Windows, Linux, FreeBSD, and OpenSolaris Supports all major web and application platforms Deploy across Availability Zones for reliability Monitors status and usage

The Living and Evolving AWS Cloud Portfolio


WSCA ESRI GIS Application(s)
Libraries and Authentication Parallel Processing
Amazon Elastic

Web Interface Monitoring Content Delivery


Amazon

Tools

Command Line

Tools to access services Cross Service features Platform building blocks

Deployment and Automation Workforce


Amazon Mechanical

Payments
Amazon DevPay

Messaging
Amazon SNS Amazon SQS

Email
Amazon SES

Compute
Amazon EC2

Storage
Amazon S3 Amazon EBS

Infrastructure building blocks

Amazon Global Physical Infrastructure (Geographical Regions, Availability Zones, Edge Locations)

Amazon Elastic Block Store (EBS)

You can use Amazon EBS as you would use a hard drive on a physical server. Amazon EBS is particularly well-suited for use as the primary storage for a file system, database or for any applications that require fine granular updates and access to raw, unformatted block-level storage.

Amazon Simple Storage Service (S3)

In traditional on-premise applications, this type of data would ordinarily be maintained on SAN or NAS. However, a cloud-based mechanism such as Amazon S3 is far more agile, flexible, and geo-redundant. Amazon S3 is a highly scalable, durable and available distributed object store designed for mission-critical and primary data storage with an easy to use web service interface.

Amazon Simple Storage Service (S3)


Scalable data storage in-the-cloud Highly available and durable (eleven 9s) Reduced Redundancy Option (four 9s) Pay-as-you-go pricing:
Storage: tiered $0.18/GB to $0.15/GB Data Transfer Out: tiered $0.17/GB to $0.10/GB Data Transfer In: $0.10/GB Requests: nominal charges

Aggregrate Compute & Storage to Leverage Economies of Scale across WSCA

Speed to Capacity

Everyday we add enough infrastructure capacity to power Amazon.com when it was in its 5th year of operation as a ~$3B company

The Cloud Scales: Amazon S3 Growth


Peak Requests: 200,000+ per second 262 Billion 339 Billion

102 Billion 40 Billion 2.9 Billion 14 Billion

Total Number of Objects Stored in Amazon S3

The Living and Evolving AWS Cloud Portfolio


WSCA ESRI GIS Application(s)
Libraries and Authentication Parallel Processing
Amazon Elastic

Web Interface Monitoring Content Delivery


Amazon

Tools

Command Line

Tools to access services Cross Service features Platform building blocks

Deployment and Automation Workforce


Amazon Mechanical

Payments
Amazon DevPay

Messaging
Amazon SNS Amazon SQS

Email
Amazon SES

Compute
Amazon EC2

Storage
Amazon S3 Amazon EBS

Network
Amazon VPC Elastic LB Direct Connect

Infrastructure building blocks

Amazon Global Physical Infrastructure (Geographical Regions, Availability Zones, Edge Locations)

Amazon VPC Architecture


Customers isolated AWS resources
Subnets

Internet

VPN Gateway

Router

Amazon Web Services Cloud


Secure VPN Connection over the Internet

Customers Network

The Living and Evolving AWS Cloud


WSCA ESRI GIS Application(s)
Libraries and Authentication Parallel Processing
Amazon Elastic

Web Interface Monitoring Content Delivery


Amazon

Tools

Command Line

Tools to access services Cross Service features Platform building blocks

Deployment and Automation Workforce


Amazon Mechanical

Payments
Amazon DevPay

Messaging
Amazon SNS Amazon SQS

Email
Amazon SES

Compute
Amazon EC2

Storage
Amazon S3 Amazon EBS

Network
Amazon VPC Elastic LB Amazon Route 53

Database
Amazon RDS Amazon SimpleDB

Infrastructure building blocks

Amazon Global Physical Infrastructure (Geographical Regions, Availability Zones, Edge Locations)

Amazon Relational Database Service (RDS)


Install your own database on EC2 Amazon RDS
MySQL and Oracle 11g Managed Database Relational Database by the hour (license included) BYOL

Amazon RDS automates common administrative tasks to reduce the complexity and total cost of ownership. Amazon RDS automatically backs up your database and maintains your database software, allowing you to spend more time on application development.

Amazon Data Center Locations: Regions vs Availability Zones


US East (Northern Virginia)
Availability Zone A Availability Zone C Availability Zone B Availability Zone D Availability Zone A Availability Zone B

US West (Northern California)

Amazon EC2 Regions: US East (Northern Virginia) / US West (Northern California) / EU (Dublin) / Asia Pacific (Singapore) / Japan (Tokyo)

Designing Applications for Scalability & Reliability


Amazon CloudWatch
Provides monitoring for AWS cloud resources.

Auto Scaling

Automatically scales Amazon EC2 capacity up or down according to pre-defined conditions.

Elastic Load Balancing


Automatically distributes incoming application traffic across multiple Amazon EC2 instances.

Availability Zone

Availability Zone

Availability Zones
Delivers High Availability through delivery of services from multiple data centers within a region.

US East Region

http://d36cz9buwru1tt.cloudfront.net/AWS_Cloud_Best_Practices.pdf

AWS Security
Certifications and Validations:
SAS 70 Type II PCI DSS ISO 27001 FISMA DIACAP IATO

Security White Paper Shared Security Model HIPAA White Paper Physical Security
Military-grade perimeters Non-descript facilities 3+ levels of two-factor authentication

Data Security
Redundant data storage SSH keys for EC2 access Stateful firewall / security groups Identity and Access Management (IAM)

http://d36cz9buwru1tt.cloudfront.net/pdf/AWS_Security_Whitepaper.pdf

Shared Responsibility Model


AWS
Facilities Physical Security Physical Infrastructure Virtualization Infrastructure

Customer
Operating System Application Security Groups OS Firewalls Account Management

Customer: Recovery.Gov
Challenge Recovery and Transparency Board needed a platform for their website that was scalable, secure, could be quickly deployed, and saved tax payer money Solution RATB chose a FISMA-compliant cloud computing solution based on Amazon Web Services Deployed applications: - Microsoft Sharepoint for web Content Management - Business Objection SAP for BI -Interactive map showing distribution of stimulus monies across state/local jurisdictions Benefit Avoided Capital expense, and added capacity to scale up and down based on demand Saved $750k per year in first year and additional dollars from existing solution

By migrating to the public cloud, the Recovery Board is in position to leverage many advantages including the ability keep the site up as millions of Americans help report potential fraud, waste, and abuse. The Board expects savings of about $750,000 during its current budget cycle and significantly more savings in the long-term. - Vivek Kundra, CIO, United States

Recovery.gov

Cloud computing strikes me as a perfect tool to help achieve greater transparency and accountability. Moving to the cloud allows us to provide better service at lower costs. I hope this development will inspire other government entities to accelerate their own efforts. The American taxpayers would be the winners. Earl E. Devaney, the Boards Chairman.

Recovery.gov

Geo-Location Services
Challenge USDA Food Nutrition Service needed to build a service, that would help constituents locate the geographically nearest stores that accept vouchers from the Supplemental Nutrition Assistance Program. This goal was set on an aggressive implementation schedule. Solution USDA FNS worked with the firm ESRI to deploy a geo-location service, hosted on AWS. Benefit Avoided the need to procure servers Fast time to market/time to implementation

http://www.fns.usda.gov/snap/

Its a pretty complicated GIS solution and theres lots of data involved. Instead of building the infrastructure to run this, were running it in the Amazon cloud. We were able to put it up there very quickly. We didnt have to procure the servers. We were just buying a service from Amazon and it seems to be working very well. I think its a good model that we might follow again or other agencies can follow to host a fairly complex solution in a pretty short order. - Jonathan Alboum, CIO, Food Nutrition Service (Federal News Radio Interview, July 28, 2010)

USDA SNAP FNS Locator

Haitian Earthquake
ESRI was able to provision ArcGIS server on Amazon EC2 in less than 2 hours

www.Gulfofmexicoresponsemap.com was built using ArcServer Standard version 9.3.1 leveraging the Flex API which utilizes ArcGIS Online, Microsoft Bing, and Response Content Response content is refreshed twice a day Solution was deployed on Amazon Web Services

Japan Earthquake + Tsunami

Examples of Best Practices


Apply Your Information Management Program - that integrates Information Assurance Build and test in a sandbox environment work out the bugs, figure out how to break it, architect to be resilient Standardize Machine Images create gold copy images for production deployment/to launch new instances Do the same stuff you do in-house quarterly patch management, IDS/IPS, logging, tripwire, etc. Conduct a Risk Assessment - to determine level of security controls you require Role Based Access Controls restrict access to system components based upon need to know

Examples of Best Practices (cont.)


Use Encryption for data in transit, for data at rest, filesystem Key Management rotate keys used to access your resources (AWS does not hold theseyou do) Setup Monitoring/Alerting collect metrics and enable alerting for when events occur Vulnerabilty Scans allowed via a permission process (else well kill/block the source of scans)

Prepare for Failure create backups, store data in


more than one location, test backups, have a contingency system ready

AWS Pace of Innovation


Premium Support Amazon CloudFront EC2 Elastic IP addresses & Availability Zones Windows Server, MySQL, Oracle, & JBoss on EC2 Lower Data Transfer Costs EC2 Reserved Instances New SimpleDB Features IBM on EC2 Windows Server 2008 on EC2 Amazon RDS Amazon Virtual Private Cloud Amazon Elastic MapReduce EBS Shared Snapshots Monitoring, Auto Scaling & Elastic Load Balancing for EC2 AWS Import/Export

Amazon Simple Notification Service RDS Multi-Availability Zone Support S3 Reduced Redundancy Storage New Locations and Features for CloudFront S3 Bucket Policies Cluster Instances for EC2

Amazon EC2 Amazon S3 Developer Portal & Forums

Amazon Linux AMI Oracle on EC2 New EC2 Features SUSE Linux on EC2

2005

2006

2007

2008

2009

2010 Micro Instances Lower Pricing for EC2 High Mem Instances Identity & Access Management

Amazon SimpleDB Amazon Flexible Payments Service S3 in Europe EC2 new instance types AWS Start-Up Challenge

Amazon SQS Amazon Mechanical Turk

Public Data Sets Elastic Block Store EC2 SLA EC2 in EU S3 Tiered Pricing

AWS Services in N. California AWS Multi-Factor Authentication AWS Management Console AWS Economics Center AWS Services in Singapore AWS in Education RDS Reserved Database Instances AWS Security Center RDS Read Replicas & Lower Pricing SAS70 Type II Audit Lower Outbound Transfer Pricing More services in EU Data Transfer Usage Tiers Lower EC2 Pricing Consolidated Billing for AWS Lower S3 Pricing Amazon S3 Versioning Feature Lower pricing for EC2 High Memory Instances Outbound Data Transfer AWS Solution Provider Program

Customers in 190 Countries

Growing Partner Ecosystem

Resources
http://aws.amazon.com/solutions/ global-solution-providers/esri/ http://www.esri.com/technologytopics/cloud-gis/arcgis-and-thecloud.html http://www.esri.com/library/ whitepapers/pdfs/estimating-cost-giscloud.pdf http://www.esri.com/library/ whitepapers/pdfs/gis-in-the-cloudchappell.pdf

Over 200 joint customers

RFI Workshop Guidelines Q&A


1. AWS Cloud baseline. 2. AWS business and technical model vs. cloud industry? 3. Organizational implications for customers. Ex. contract administration, customer technical expertise, staff re-purposing 4. Impact on customer infrastructure (Bandwidth). 5. AWS with GIS large datasets, and public access. 6. Critical Success Factors and potential pitfalls. 7. Experience and considerations with hybrid cloud? 8. Aggregated demand pricing model? Preconditions? 9. Implications of software licensing in the cloud?

Thank You

Mark Fox Public Sector Sales Manager K. Greg Duncan - Public Sector Solutions Architect Amazon Web Services markfox@amazon.com keduncan@amazon.com

42