Professional Documents
Culture Documents
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential and Trademark
Agenda
1. Microsoft Workloads on AWS
2. Assessment
3. Migration
4. Optimization
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential and Trademark
AWS
Microsoft Workloads
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential and Trademark
Windows Workloads Market
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential and Trademark
Assessing Microsoft Workloads
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential and Trademark
Traditional technology consumption
Technology
teams Request Procurement Model
Engineers as requesters
Procurement as approvers
Rack & Approve
stack & track Step function spend and capacity forecasting
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential and Trademark
Cloud technology consumption
Model
Deploy Operate
Engineers and Finance acting as one
Procurement is instant
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential and Trademark
Not a traditional data center
Sources:
1. RightScale 2019 State of the Cloud Report from Flexera;
2. (451 Research Report) Cost Management in the Cloud Age Enterprise readiness threatens innovation. (451 Research study commissioned by Cloudability)
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential and Trademark
Use Optimization and Licensing Assessments
to Analyze Business Impact
On-Premises vs. Rightsized to AWS
Annual
on-prem cost
36% in
Rightsized compute savings
to AWS
core savings
SQL Ent Core
SQL Ent Cores
Optimized in AWS
Optimized in AWS
0 1000 2000 3000 4000 5000 6000 7000 8000 9000 10000
§ Scope of opportunity: What to move, focus on under § Analysis allows customer to right size based on actual
utilized servers, servers running at peak capacity, resource consumption (ARC) and pivot on multiple
heavily virtualized, older server, etc. scenarios
§ Cost: What it really costs once all the credits, § Identify optimized licensing and provisioning to ensure
discounts, & rebates are used. Ability to weigh the the most cost-effective cloud solution
pros and cons of BYOL and LI
§ Provide recommendations for Dedicated Hosts,
§ Timing and effort: Concerns the process will take optimized CPU, Reserved Instances, and Spot
months and the customer may need to go through
this exercise with another cloud provider § Customer has access to all the data, and
recommendations are available fast
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential and Trademark
Migrating Microsoft Workloads
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential and Trademark
How would you migrate a three tier application?
Presentation Tier
Application Tier
Database Tier
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential and Trademark
Migration Planning
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential and Trademark
Determine the best option
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential and Trademark
Rehost: Lift and shift servers onto Amazon EC2
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential and Trademark
Migration Tool: CloudEndure Migration
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential and Trademark
Migration Tool: Server Migration Service
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential and Trademark
Three Tier Application Rehost
AWS Server
Migration
Presentation Tier Service Presentation Tier
1. Use a Migration Tool
1. Server Migration Service (SMS)
2. CloudEndure
3. Third-Party Tools
AWS Database
Migration Service
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential and Trademark
Replatform: Migrate to a Managed Service
• Optimized architecture
• Automated patching
• Automated backups Amazon RDS Amazon FSx
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential and Trademark
Three Tier Application Replatforming
AWS Server
Migration
Presentation Tier Service Presentation Tier
1. Use a Migration Tool
1. Server Migration Service (SMS)
2. CloudEndure
3. Third-Party Tools
AWS Database
Migration Service
• Containers\Micro-Services
• Amazon EKS
AWS Lambda Amazon Elastic Container
• Amazon ECS Service for Kubernetes
• AWS Lambda
• Amazon API Gateway
Amazon API Amazon Elastic
• Aurora: SQL/OLTP Gateway Container Service
• DynamoDB: NoSQL
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential and Trademark
AWS Serverless Portfolio
APPLICATION PRIMITIVES – COMPUTE AND DATASTORES
APPLICATION INTEGRATION
DEVELOPER TOOLS
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential and Trademark
Three Tier Application – Refactor/Modernized
Presentation Tier Presentation Tier
1. Use Containers
1. Amazon ECS
Amazon Simple Storage Containers
2. Amazon EKS Service (S3)
2. Serverless Architecture
Application Tier Application Tier
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential and Trademark
Sample Modernized Architecture with Lambda
Browser
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential and Trademark
Sample Modernized Architecture with Containers
Amazon Amazon S3
CloudFront Amazon ECR
Amazon
Aurora
serverless
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential and Trademark
Hybrid:
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential and Trademark
Optimizing Microsoft Workloads
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential and Trademark
Optimizing your workloads on AWS
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential and Trademark
AWS Managed Active Directory
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential and Trademark
AD on AWS supports many options
Actual Microsoft AD, HIPAA and A modern, hybrid approach Run or extend AD-dependent
PCI Eligible, Trust support, to AD that shares privileges workloads onto EC2 or AWS
Group-based policies, SSO, and data from on-premises Managed Services
Seamless domain join, AWS AD to AWS Managed
Management Console Microsoft AD on AWS
Federation, Daily snapshots
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential and Trademark
AWS Managed Microsoft AD
• High availability
• Increased security
• Reduce management overhead
• Deploy workloads faster
• Automate deployments using APIs
• Create managed instances in AWS using the AWS Management Console, CLI, or API
• Connect to on-prem Active Directory using trusts or utilize as a stand alone
directory
• Seamlessly domain join your EC2 instances, and use on-prem identities for AWS
apps
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential and Trademark
AWS Managed Microsoft AD: What’s in the box?
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential and Trademark
Common Use Cases
Amazon EC2 AWS Managed Services
.NET Apps SharePoint SQL Server Always- Amazon EC2 Amazon RDS for Amazon RDS for Amazon RDS for Amazon FSx for
Server On Linux SQL Server Oracle PostgreSQL Windows File Server
CLI v2 SAML
Amazon Amazon Amazon AWS Client VPN
Chime WorkMail Connect
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential and Trademark
Active Directory Trust Model
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential and Trademark
Understanding the trust model
Trusting Trusted
VPC On-premises
network
Trust
AD Access AD
Managed AD DC Windows
AD DC
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential and Trademark
Trust considerations
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential and Trademark
Reference Architecture:
Availability Zone
AWS Managed Microsoft AD
Private Subnet AWS Managed Services
RDS
SQL Server DB
WEB APP
Auth/
LDAP Domain
IIS App Controller
Server Server DC
Application
Managed AD
10.0.2.0/24
Remote
Users/Admins
Auth/ Direct
LDAP Connect Trust
Availability Zone
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential and Trademark
Amazon FSx for Windows
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential and Trademark
What is Amazon FSx for Windows?
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential and Trademark
Designed for a wide spectrum of use cases:
NEW! NEW!
Microsoft Windows
Amazon EC2 Amazon VPN AWS Direct
Server 2008+ and
WorkSpaces Connect
Windows 7+
MacOS
On-premises In-VPC access
compute instance
Single-AZ Multi-AZ
NEW!
Note: Based on Amazon FSx for Windows File Server pricing in US East (N. Virginia)
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential and Trademark
Backups
Region
Admin-initiated backup
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential and Trademark
Operations and Management:
AWS Systems Manager (SSM)
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential and Trademark
Operate Safely and At Scale
Operations for any cloud at any scale
Group
The building blocks of your applications
Act
Using AWS best practices with built-in controls
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential and Trademark
AWS Systems Manager Capabilities
Distributor
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential and Trademark
Manage Resources at Scale
Resource groups
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential and Trademark
Improved Visibility and Control
Setup operational
dashboards
Build and customize your
own ops-dashboards
Leverage your existing Amazon
CloudWatch dashboards
Leverage your existing
CloudWatch metrics
Monitor Compliance
Visualize your application’s metrics
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential and Trademark
Compliance with Patch Manager
Patch Manager
Patch Group=SQLCluster
Individual instances
not grouped
Maintenance
Compliance Notifications!
Window
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential and Trademark
Compliance as Code
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential and Trademark
Safe and Secure Operations
VPC2
Tags
IAM
Tags
VPC1
Auditing
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential and Trademark
Interactive Access to Instances with Session Manager
• Interactive browser-based shell and CLI for
EC2 instances
Shell or CLI
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential and Trademark
Questions?
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential and Trademark
Hands-on Experience
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential and Trademark
Lab Information
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential and Trademark