1

Enterprise Applications on AWSAlastair Nash | Neil JenningsAWS London Meetup 28th May 2014

2

• About Orange Digital

• Enterprise applications on AWS

3

company

we are an end-to-end solutions provider

85

2013100%

2010formed as a standalone

offices inLondon & Leeds

owned byOrange

demandsled us toexternal clients

digital teamfor more thana decade

strongteam

Orange UK’s

4

we provide large scale enterprise technology solutions which deliver high-performance digital channels and infrastructure

  

our expertise: technology solutions

bringing together Percona, MySQL, MongoDB, PHP, Python,

Magento,

implementation of large scale, high-performance CMS specialist

architecture leadership in AWSAWS hosting configuration, build

and

fast, reliable and secure web integration with your back-office

ITL-based expect support and operations tuned to the speed of

web

cloud services enterprise CMS

open source

integration support & operations

data visualisationITL-based expect support and

operations tuned to the speed of web

5

• About Orange Digital

• Enterprise applications on AWS

6

AWS and the Enterprise

- Improve resilience- Scale with demand- Improve time to market- Reduce costs- Business agility

- Host Hybris on AWS - Host AEM (CQ) on AWS- Integrate with existing

data centres

Business rationale for AWS Focus of tonight’s talk

7

Selling AWS into the Enterprise

- Target stakeholders

Talk about:- TTM- capital expense, TCO- multiple environments- auto scaling (up and down)- self healing

- Do lots of demonstrations

- Business value

8

- Licensing / Procurement- Expectation of fixed infrastructure- Sticky sessions- Single database support- Node IDs- Logs (on variable number of instances)- Replication- Cluster support- Deployment- Integration, backend doesn’t auto-scale

Typical challenges with Enterprise Applications on AWS

9

- Documentation (define the scope and solution)

- Use AWS best practices (ELB, Multi-AZ, Immutable AMIs, No SSH access)

- Use the tools provided (CF, scaling groups, security groups, Puppet/Chef/Salt/Ansible)

- Assume failure, design for instances or services to be replaced on the fly

Solutions for Enterprise Applications on AWSPart 1 - General good stuff isn’t all that different

10

- Enterprise licenses (all you can eat)- Session replication- Database proxy/abstraction *not actually tried

this- Centralised storage (scalable)- rsyslog / centralised logging server- Bespoke deployment scripts- Offsite backup

Solutions for Enterprise Applications on AWSPart 2 – Application work-arounds

Illustrative Example

12

- Any EC2 instance or application service may fail at any time- Best practices mitigate most of the risk

- Orchestration of change can be complex

- Hybris, Hybris Cockpit, Hybris Batch, AEM Publisher, AEM Author, AEM Dispatcher, APM, IDS/IPS, SEIM, Logging, Audit software, Hybris Database, NAT, Web Server, Load-balancer, Monitoring, Control Server…

- Automate change- Monitoring & Alarms

Achieving Resilience Lots of applications, dependent on each other

13

- Understand the risk presented, find a way mitigate it. - VPC (isolated subnets)- Encryption at rest and transit- Data anonymisers- IDS, IPS- Direct Connect- SEIM- System logging, audit trails- DDoS

Enterprise Security Considerations

14

- Multiple vendors and stakeholders involved- Place ops guys in development teams- Share Helpdesk & Ops Tools- Share Builds- Share Tests- Share Monitoring Tools- Share Deployment tools- Version everything

People are key

15

- 50% People - 50% technology

- Flexibility can increase complexity

- Some Enterprise software is not cloud friendly

- Best practices always apply

Key Takeaways

16

Questions?

@furbingfor more

details

thank you

Alastair Nash | Neil Jennings Alastair.Nash@orange.com+44 (0)20 3637 0050@OrangeDigitalUKorange-digital.co.uk