Deploying for Success on the Cloud: EBS on Amazon VPC Phani Kottapalli Pavan Vallabhaneni AST Corporation August 17, 2012
Agenda Amazon AWS Global Infrastructure AWS VirtualPrivateCloud(VPC) Architecture Different components in VPC Elastic Block Storage(EBS) Elastic Compute Cloud(EC2) Deploy E-Business suite database on EC2 running on VPC Other Available services in AWS 2
Amazon AWS Infrastructure 3
Amazon AWS Infrastructure AWS has 8 different Regions located throughout the world Each Region contains two or more availability zones. The AWS regions are isolated from each other. Multiple Network connected available zones in each region Edge locations serve requests for CloudFront and Route 53. Cloud Front is a content delivery network. Route 53 is a DNS service 4
Amazon AWS Infrastructure Regions are separate clouds Multiple Network connected available zones in each region * At present zone D is also available in US East Region 5
AWS Virtual Private Cloud(VPC) Enables to create virtual private network topology Launch AWS resources in a Virtual network Control on the ip-address range Control on subnets, routes, gateways and security Use VPC as extension of data center 6
AWS Virtual Private Cloud(VPC) 7
AWS Virtual Private Cloud(VPC) 8
Amazon Virtual Private Cloud(VPC) 9
Amazon Virtual Private Cloud(VPC) Step by Step process of VPC 10
Amazon Virtual Private Cloud(VPC) Login to AWS Management Console and select VPC service 11
Amazon Virtual Private Cloud(VPC) List of VPC options to build 12
Amazon Virtual Private Cloud(VPC) Select CIDR(Classless Inter-Domain Routing)range for VPC and click on create vpc 13
Amazon Virtual Private Cloud(VPC) 14
Amazon Virtual Private Cloud(VPC) 15
Amazon Virtual Private Cloud(VPC) VPC Status 16
Amazon Virtual Private Cloud(VPC) Main route table comes by default with vpc Custom route table is created by wizard Subnet is associated with custom route table 17
Amazon Virtual Private Cloud(VPC) Security Group is a group of instances that share common setup of rules The rules determines what traffic is allowed in and out the instances. 18
Amazon Virtual Private Cloud(VPC) 19
Amazon Virtual Private Cloud(VPC) 20
Amazon Virtual Private Cloud(VPC) 21
Amazon Virtual Private Cloud(VPC) 22
Amazon Virtual Private Cloud(VPC) 23
Amazon Virtual Private Cloud(VPC) 24
Amazon Virtual Private Cloud(VPC) 25
Amazon Virtual Private Cloud(VPC) Elastic IP(EIP) is used to assign static public ip-address for EC2 Instance. 26
Different components in VPC Routing Security Internet Gateway Virtual Private Gateway Customer Gateway 27
Different components in VPC AWS provides two ways for you to control security in VPC Security groups Network ACLs. They both enable you to control what traffic goes in and out of EC2 instances, but security groups work at the instance level, and network ACLs work at the subnet level. 28
Different components in VPC Feature Support for VPC in US-West (N.California), Asia Pacific (Singapore), Asia Pacific (Tokyo) Support for VPC in multiple Availability Zones in each Region Support for multiple VPN Connections per VPC VPN Connection Status Support for multiple VPCs per AWS account per Region Description You can create VPCs in any of the five AWS Regions (US-East (Virginia), US-West (N.California), EU-West (Ireland), Asia Pacific (Singapore), or Asia Pacific (Tokyo)). You can create a VPC that spans multiple Availability Zones in a Region. Since each VPC can have multiple subnets, you can put each subnet in a distinct Availability Zone. Virtual private gateways and Internet gateways are regional objects, and can be accessed from any Availability Zone. You can create multiple VPN connections to a single VPC. This can be used to connect multiple branch offices to a single VPC, or to provide redundant VPN connections from a single location. You can view the status of each VPN Connection on the AWS Management Console and via API/CLI. Status includes connection state (up or down), tunnel state, time since last state change, and descriptive text for connection errors. You can create multiple, fully-independent VPCs in a single Region without having to use additional AWS accounts. You can, for example, create production networks, development networks, staging networks, and test networks as needed. 29
Components - Limit in VPC Component Limit Comments Number of VPCs per region 5 Number of subnets per VPC 20 Number of Internet gateways per region 5 One per VPC Number of virtual private gateways per region 5 One per VPC Number of customer gateways per region 50 Number of VPN connections per region 50 Ten per virtual private gateway Number of route tables per VPC 10 Including the main route table Number of entries per route table 20 Number of VPC Elastic IP addresses per AWS account 5 You have one limit for VPC Elastic IP addresses (5) and another for standard EC2 addresses (5). Number of VPC security groups per VPC 50 Number of rules per VPC security group 50 Number of VPC security groups a VPC instance can be in 5 Number of network ACLs per VPC 10 Number of rules per network ACL 20 Number of BGP(Border Gateway Protocol) Advertised 100 Routes per VPN Connection Amazon EC2 CC1, CG1, and Micro Instances are not available in a VPC at this time Amazon DevPay paid AMIs are not supported in Amazon VPC Note: Some components limit can extend on request Ref: aws.amazon.com 30
Elastic Block Storage(EBS) Amazon Elastic Block Store (EBS) provides block level storage volumes for use with Amazon EC2 instances. Amazon EBS volumes are network-attached, and persist independently from the life of an instance. Amazon EBS allows you to create storage volumes from 1 GB to 1 TB that can be mounted as devices by Amazon EC2 instances. Multiple volumes can be mounted to the same instance. Amazon EBS enables you to provision a specific level of I/O performance if desired, by choosing a Provisioned IOPS volume. This allows you to predictably scale to thousands of IOPS per Amazon EC2 instance. Each storage volume is automatically replicated within the same Availability Zone. This prevents data loss due to failure of any single hardware component 31
Elastic Block Storage(EBS) Amazon EBS also provides the ability to create point-in-time snapshots of volumes, which are persisted to Amazon S3. These snapshots can be used as the starting point for new Amazon EBS volumes, and protect data for long-term durability. The same snapshot can be used to instantiate as many volumes as you wish. Once a volume is created, it can be attached to any Amazon EC2 instance in the same Availability Zone. A volume can only be attached to one instance at a time, but many volumes can be attached to a single instance. If an instance fails or is detached from an Amazon EBS volume, the volume can be attached to any other instance in that Availability Zone. 32
Elastic Compute Cloud(EC2) Amazon Elastic Compute Cloud (Amazon EC2) is a web service that provides resizable compute capacity in the cloud. Amazon EC2 presents a true virtual computing environment, allowing you to use web service interfaces to launch instances with a variety of operating systems. 33
Elastic Load Balancing Elastic Load Balancing automatically distributes incoming application traffic across multiple Amazon EC2 instances in a single Availability Zone or multiple Availability Zones. Reroutes traffic to healthy instances until the unhealthy instances have been restored. In VPC we can use as an internal load balancer Elastic Load Balancing supports the ability to stick user sessions to specific EC2 instances. Elastic Load Balancing supports use of both the Internet Protocol version 4 and 6 34
Deploy E-Business suite Database on EC2 35
Deploy E-Business suite Database on EC2 127.0.0.1 ebs.astaws.oracle.com ebs localhost.localdomain localhost 36
Other Available Services Amazon Simple Storage Service (Amazon S3) Amazon S3 provides a simple web services interface that can be used to store and retrieve data. Write, read, and delete objects containing from 1 byte to 5 terabytes of data. Objects are stored in buckets. Authentication mechanisms are provided to ensure data is secure. Secure data upload/download and encryption for additional data protection. Designed to provide 99.99% durability and 99.99% availability of objects. 37
Other Available Services Common Uses Amazon S3 Content Storage and Distribution Storage for Data Analysis Backup, Archiving and Disaster Recovery 38
Curiosity From the control room in Pasadena, California, NASA/JPL is using Simple Storage Service (S3) to capture and store images and metadata collected from the Mars Exploration Rover 39
Other Available Services Amazon Cloud Search (beta) Integrate fast and highly scalable search functionality into their applications. Simple to Configure Automatic Scaling For Data & Traffic Low Costs 40
Other Available Services Amazon Simple Workflow Service Automate business processes Processing steps in an application as tasks that drive work in distributed applications Managing cloud infrastructure services Coordination hub for all of the different components of your application 41
Questions and Open Discussions 42
Contact Details Phani Kottapalli Pavan Vallabhaneni AST Corporation pkishore@astcorporation.com pvallabh@astcorporation.com www.astcorporation.com 43