A Year's Worth of Innovation in 30 Minutes -
In this Keynote talk, Jinesh Varia discuss all the new features and services that AWS released in 2011 and discusses AWS growth and innovation along with customers and partners.
The speaker notes contain the links to the blog posts of announcements.
4. Each day, AWS adds the
equivalent server capacity to power Amazon when it was
a global, $2.76B enterprise (circa 2000)
5. In 2011, 3 new regions
New Asia Pacific Region New low-cost US West GovCloud Region for
In Tokyo, Japan Region in Oregon Government Applications
6. US-Persons-only Access
FISMA Moderate Compliant Controls
Data Isolation (Service & IAM Controls)
Network Isolation (VPC required, FIPS 140-2 Compliant
endpoints, AWS Direct Connect Optional)
Virtual Machine Isolation (Dedicated instances optional)
AWS GovCloud-US
Designed for US Government Customers
7. Global Infrastructure for Global Enterprises
GovCloud US West US East Europe Asia Asia
(US ITAR Region) (Northern (Northern West Pacific Pacific
California) Virginia) (Dublin) Region Region
(Singapore) (Tokyo)
AWS Regions
AWS Edge Locations
19. New Instance Type: “The Beast”
Micro Standard High High CPU Cluster Cluster
Memory Compute GPU
t1.micro m1.small m2.xlarge c1.medium cc1.4xlarge cg1.4xlarge
m1.large m2.2xlarge c1.xlarge cc2.8xlarge
m1.xlarge m2.4xlarge
In 2011, cc2.8xlarge was launched:
Linpak Test
2 Xeon Processors with 8 hardware cores = 88 ECUs 1064 cc2 instance cluster
60.6 GB RAM and 3.37 TB of instance storage generated 240 teraFLOPS
10GigE Full Bisection bandwidth non-blocking IO ranks #42 in Top500
Hardware Assisted Virtualization (HVM) at $2.40/Hour Supercomputers List
21. New Purchasing Options
On-demand Reserved Spot
Instances Instances Instances
• Pay as you go • Onetime • Requested
upfront + Pay Bid Price and
as you go Pay as you go
• Starts from • $56 for 1 • $0.005 /Hour
0.02/Hour year term as of today at
and then 9 AM
$0.01/Hour
For Steady For Time-
For Spiky
State insensitive
Workloads
Workloads workloads
22. New Purchasing Options
On-demand Reserved Savings over Spot
Instances Instances on-demand Instances
• Pay as you go Heavy 41% - 1 year • Requested
Utilization 58% - 3 Year Bid Price and
Pay as you go
Medium 34% - 1 Year
• Starts from Utilization 49% - 3 Year • $0.005 /Hour
0.02/Hour as of today at
Light 28% - 1 Year 9 AM
Utilization 34% - 3 Year
For Steady For Time-
For Spiky
State insensitive
Workloads
Workloads workloads
23. The Big Data Cloud Stack - Analytics
Amazon S3
Upload large
datasets or log Amazon S3
Data files directly Input
Source Data
Output
Data
Task
Amazon Elastic Node
MapReduce Amazon SimpleDB
Mapper
Code/ Reducer
Service
Name Task Metadata
Scripts HiveQL Node Node
Pig Latin
Cascading Runs multiple
JobFlow Core HiveQL
Steps Node Pig Latin
Query
Core
Node
HDFS
BI
JDBC/ODBC Apps
Amazon Elastic MapReduce
Hadoop Cluster
24. This is where the cloud really shines
Amazon Cluster Spot Elastic
Expand/
Hadoop Elastic Compute Instance
Shrink
Super
MapReduce HPC s computer
Your On-demand Each VM = Cost savings Expand or Elastic
Distributed Infrastructure 2 Xeon 8-core by Mix-n- Shrink a Super
Processing (Cloud) + 60.6 GB RAM match running Computer
Framework Automation 10G Ethernet instances cluster
2 GPGPUs (On-demand, Spot,
Reserved)
The 2011 Elastic Supercomputer
25. New Ways to Import existing VMs
Windows
Server 2008
APIs Buckets
VM Import
VMware ESX VMDK service Root Data
Volume Volume Snapshots
Citrix XenServer VHD
Microsoft Hyper-V VHD Amazon EBS
Availability Zone #1
26. New Ways to Import/Export Data
EBS Snapshot
Also, No inbound data transfer charges
27. New Features in 2011: Auto Scaling and
Elastic Load Balancing, CloudFormation
• Elastic Load Balancing • Amazon CloudWatch
– IPv6 Support – CloudWatch Alarms
– SSL Support – CloudWatch Custom Metrics
– Sticky Sessions • Messaging
• Auto Scaling – SMS Support for Amazon SNS
– Amazon SNS Notifications – SQS Batch Operations
– Auto Scaling policies • AWS CloudFormation
– Auto Scaling by Schedule – Validate Stack
– Auto Scaling Suspend/resume – Update Stack
– Recurrent Scaling Operations – Chef/Puppet – Cloud-init
– Instance Addition Control – Embedded Stacks
– Metadata
28. www.yourApp.com media.yourApp.com
(Static data)
Amazon Route 53 Amazon
Hosted Zone CloudFront
Elastic Load
Balancer
Amazon EC2
Amazon Instances
CloudWatch
Alarms
Amazon SNS Amazon S3
Auto Scaling Group Bucket
Notifications
Amazon
App Tier
SimpleDB
Domains
Amazon SES
Email
ElastiCache Tier
AZ-1 Amazon RDS
AZ-1
Region
29. www.yourApp.com media.yourApp.com
(Static data)
Amazon Route 53 Amazon
Hosted Zone CloudFront
Elastic Load
Balancer
Amazon EC2
Amazon Instances
CloudWatch
Alarms
AWS Amazon S3
Amazon SNS Auto Scaling Group
CloudFormation Bucket
Notifications
JSON Template
Amazon
App Tier
SimpleDB
Domains
Amazon SES
Email
ElastiCache Tier
AZ-1 Amazon RDS
AZ-1
Region
30. This is where the cloud really shines
Update Stack
AWS Version Control
CloudFormation
JSON Template
33. 10G
DirectConnect
Amazon VPC
Corporate Location
Data Center
34. Amazon Virtual Private Cloud (VPC)
• Create a logically isolated environment in Amazon’s highly scalable
infrastructure
• Specify your private IP address range into one or more public or private
subnets
• Control inbound and outbound access to and from individual subnets
using stateless Network Access Control Lists
• Protect your Instances with stateful filters for inbound and outbound traffic
using Security Groups
• Attach an Elastic IP address to any instance in your VPC so it can be
reached directly from the Internet
• Bridge your VPC and your onsite IT infrastructure with an industry
standard encrypted VPN connection
• Use a wizard to easily create your VPC in 4 different topologies
• Elastic Load Balancing and Spot Instances in VPC
35.
36. Corporate
data center
Availability Zone 1
DirectConnect
Location
10G
Private
Router Subnet
Customer VPN Gateway
Gateway
Corporate
Headquarters
Internet Public Subnet
Gateway
Amazon VPC
Availability Zone 2
Branch Offices
This is where the cloud Amazon S3 Amazon SimpleDB Amazon SES
AWS Region
Amazon SQS
really shines
37. New Database Options
Self-Managed Managed Databases
Database Server Amazon Relational Amazon SimpleDB
on Amazon EC2 Database Service (RDS) NoSQL Database
Your choice of
Oracle (11g) or MySQL Non-relational model;
database running on
(5.x) indices and queries
Amazon EC2
Bring Your Own Flexible Licensing: BYOL
Zero admin overhead
License (BYOL) or or on-demand License
On-demand for SQL Included
Server
39. In the cloud, security is a shared responsibility
SAS 70 Type II Audit
Encrypt data in transit
ISO 27001/2 Certification
Encrypt data at rest
PCI DSS 2.0 Level 1-5
Protect your AWS Credentials
HIPAA/SOX Compliance
Rotate your keys
FISMA A&A Moderate Infrastructure Application Secure your application
FIPS 140-2 Security Security
How we secure our How can you secure your
infrastructure application and what is
your responsibility?
Services Security
Enforce IAM policies
What security options
Use MFA, VPC, Leverage S3
and features are available
bucket policies, EC2 Security
to you?
groups, EFS in EC2 Etc..
40. Identity and Access Management : GA
AWS Identity And Access Management
• User management
• Policy-based granular access control
• Web login to individual users
• Identity Federation
Multi-Factor Authentication
• Device
• Virtual MFA
General Availability
42. Amazon S3 Server-Side Encryption
Amazon S3
Your PUT Encrypt
Key
Data Data
Generator
AES-256
Encrypted Encrypt
Data Key
Encrypted Key Store
Encrypted
Data Store S3 Key Management
at no additional cost
43. Dedicated Instances
On-demand Reserved Spot Dedicated
Instances Instances Instances Instances
• Pay as you go • Onetime • Requested • Standard and
upfront + Pay Bid Price and Reserved
as you go Pay as you go • Multi-Tenant
• Starts from • $56 for 1 • $0.005 /Hour Single
0.02/Hour year term as of today at Customer
and then 9 AM • $10/Region +
$0.01/Hour 0.105/Hour
For Steady For Time- For Regulatory
For Spiky
State insensitive and Compliant
Workloads
Workloads workloads Workloads
49. Enterprise Software in the cloud - BYOL
Microsoft Exchange Server, Microsoft SharePoint Server,
Microsoft SQL Standard Server, Microsoft SQL Enterprise
Server, Microsoft Lync Server, Microsoft System Center
servers, and Microsoft Dynamics CRM through License
Mobility Software Assurance
Oracle fully supports Oracle E-Business Suite, Oracle’s
PeopleSoft Enterprise, Oracle’s Siebel CRM, Oracle Fusion
Middleware, Oracle Database, and Oracle Linux on the
portion of AWS EC2 which uses Oracle VM.
IBM DB2, Informix, Lotus® Forms Turbo, WebSphere®
Application Server, WebSphere® sMash, WebSphere Portal
Server, Lotus® Web Content Management Standard
Edition , InfoSphere Information Server, Lotus Domino®,
Lotus Web Content Management Standard Edition®, Tivoli
Monitoring®
SAP® solutions, including SAP® Rapid Deployment
solutions and SAP® BusinessObjects™ solutions
50. 2011: A Year’s Worth of Innovation
Growth and New Services Customers
Expansion and Features and Partners
53. Thank you!
Jinesh Varia
jvaria@amazon.com Twitter:@jinman
Notas do Editor
In this presentation I will demonstrate how AWS grew in all dimensions in this year as we exit gracefully 2011 and enter 2012. Strategy of Amazon is very simple. Be Obsessed about customers, Continuously listen to customers, Work hard, releasing early, releasing often and iterating quickly and Make history.
The year 2011 was our best year ever. We surprised ourselves by the # of announcements that we made this year. We broke our own record in several areas and I am going to discuss 3 such areas Growth and Expansion, New Services and Features, and # and Quality of our customers. This I believe is the best way to truly assess the cloud service provider. Every customer when trying to choose a cloud service provider should examine every cloud service provider in these areas.
In 2011, as I said we really broke our own record. Growth in terms of investment that we have made, the new geographies that we have touched and goals and Metrics that we exceeded. Being data-driven is in DNA of the company. We set ourselves with goals every start of the year like most of you also do. Each team goes through this process and active customers, revenue, features and so on. This year, the management had to review the goals that we had set at the beginiing for the year and reset because most of them exceedAmazon CloudFront Update - Fall 2011Now Open - US West (Oregon) RegionAmazon S3 - 566 Billion Objects, 370,000 Requests/Second, and Hiring!Amazon CloudFront & Route 53 - New Edge Location: BrazilAWS Direct Connect Heads WestNew - AWS GovCloud (US) Region - ITAR CompliantNew AWS Enterprise Features: VPC Everywhere Amazon CloudFront and Amazon Route 53 in SwedenNew Elastic MapReduce Locations (Singapore and Tokyo) and FeaturesNew Location for Route 53 and CloudFront + Route 53 Tool Roundup + JobsAWS Import/Export Now in SingaporeAnother New Edge Location for Amazon CloudFront and Amazon Route 53Now Open: AWS Region in Tokyo
2011 was the year with most number of AWS Region launches. These are pretty intense cross-team projects that involve tons of paper work dealing with local regulations, paperwork, legal and tax.
One region I would like to call out is theGovCloud. This isCustomers must be:U.S. Persons;not subject to export restrictions; and comply with U.S. export control laws and regulations, including the International Traffic In Arms Regulations
And this makes a total of 7 regions around the globe and more coming very very soon. We are not only seeing new local customers but also seeing that our existing customers would like to go to new geographies with us. They want to do expand their business in different geographies and leverage the cloud. and hence stay tuned for more.
Customer Decides Where Applications and Data Reside
566b objects stored as of 10/3/2011We will let our Numbers speak
Amazon CloudFront Update - Fall 2011Now Open - US West (Oregon) RegionAmazon S3 - 566 Billion Objects, 370,000 Requests/Second, and Hiring!Amazon CloudFront & Route 53 - New Edge Location: BrazilAWS Direct Connect Heads WestNew - AWS GovCloud (US) Region - ITAR CompliantNew AWS Enterprise Features: VPC Everywhere Amazon CloudFront and Amazon Route 53 in SwedenNew Elastic MapReduce Locations (Singapore and Tokyo) and FeaturesNew Location for Route 53 and CloudFront + Route 53 Tool Roundup + JobsAWS Import/Export Now in SingaporeAnother New Edge Location for Amazon CloudFront and Amazon Route 53Now Open: AWS Region in Tokyo
There are 3 main ideas
I am going to discuss New Services and features in 4 main Sun looking things that represent rays in all dimensions. What I call the “Items that make the cloud shine”. Its an interesting to discuss sun in the context of the cloud
New - AWS Toolkit for Visual StudioUpdated Mobile SDKs for AWS - Improved Credential ManagementAWS Toolkit for Eclipse - Version 2.0New AWS SDKs for Mobile Development (Android and iOS)Introducing the AWS SDK for RubyAmazon Simple Notification Service Now Supports SMSAmazon Simple Queue Service: Batch Operations, Delay Queue, and Message TimersPowerful New Features for AWS CloudFormationAmazon Linux AMI - General Availability and New FeaturesAmazon Simple Email Service Now Supports AttachmentsIntroducing the Amazon Simple Email ServiceIntroducing AWS Elastic BeanstalkNew AWS Premium Support: Lower Prices, New Plans, Faster ResponseAWS CloudFormation - Create Your AWS Stack From a RecipeAmazon ElastiCache - Distributed In-Memory Caching
AWS Management ConsoleAWS Management Console Now Supports the Simple Queue Service (SQS)New - AWS Management Console Support for the Simple Email ServiceAWS Management Console Now Supports Amazon Route 53Integrated IAM Policy GeneratorNew S3 Features for The AWS Management ConsoleIdentity and Access Management in the AWS Management ConsoleImproved CloudFront Support in the AWS Management ConsoleEven More EC2 Goodies in the AWS Management ConsoleAWS CloudFormation in the AWS Management ConsoleNew AWS Console Features: Forced Detach, Termination ProtectionAWS Identity and Access Management Users Can Now Log in to the AWS Management ConsoleAmazon CloudWatch Console SupportAWS Elastic Beanstalk From The AWS Management ConsolePurchase Reserved DB Instances Using the AWS Management Console
Additional Reserved Instance Options for Amazon EC2 Now Available: Windows Server 2008 R2 Cluster Compute and Cluster GPUNow Available: Windows Server 2008 R2 on Amazon EC2Run SUSE Linux Enterprise Server on Cluster Compute InstancesNow Available: Amazon EC2 Running Red Hat Enterprise LinuxNext Generation Cluster Computing on Amazon EC2 - The CC2 Instance Type Elastic Load Balancing: More IPv6 Support, More Metrics, More IP AddressesElastic Load Balancer SSL Support OptionsElastic Load Balancing - IPv6, Zone Apex Support, Additional Security Additional VM Import Functionality - Windows 2003, XenServer, Hyper-VEC2 VM Import ConnectorVM Import - Bring Your VMware Images to The Cloud Run Amazon Elastic MapReduce on EC2 Spot InstancesAuto Scaling - Notifications, Recurrence, and More ControlAdditional CloudWatch Metrics for Amazon SQS and Amazon SNSNew - Custom Metrics for Amazon CloudWatch EC2 Spot Pricing - Now Specific to Each Availability ZoneAmazon EC2 Cluster Instances Available on Spot MarketElastic MapReduce Updates - Hive, Multipart Upload, JDBC, Squirrel SQL
With more than 6,000 certified applications from over 1,500 independent software vendors, SUSE Linux Enterprise Server is a versatile Linux platform that provides superior reliability and security. Suse Enterprise 10 and 11 in all regions in all instance type in all combinations You can now launch 32 and 64-bit instances in every AWS Region and on every EC2 instance type. You can choose between versions 5.5, 5.6, 6.0, and 6.1 of RHEL.If you are a member of Red Hat's Cloud Access program you can use your existing licenses. and AWS premium support with back-line support from Red Hat.
Light Utilization RIs –Light Utilization RIs offer the lowest upfront payment of all of the Reserved Instance types. Along with this low upfront payment, customers will receive a significantly discounted hourly usage fee. Light Utilization RIs allow customers to turn off their instance at any point and not pay the hourly fee. Light Utilization RIs are ideal for periodic workloads that only run a couple of hours a day, a few days per week, or very sporadically (like Disaster Recovery where they hardly ever are needed, but when they are, you must be sure you have the reserved capacity to handle). Using Light Utilization RIs, customers can save up to 28% for a 1-year term and 34% for a 3-year term vs. running On-Demand Instances. Customers are economically advantaged using Light Utilization RIs (vs. On-Demand Instances) if you plan to use your instance more than 32% of a 1-year term or 17% of a 3-year term. Medium Utilization RIs – Medium Utilization RIs have a higher upfront payment than Light Utilization RIs, but a much lower hourly usage fee. Medium Utilization RIs allow customers to turn off your instance at any point and not pay the hourly fee. Medium Utilization RIs are best suited for workloads that run most of the time, but have some variability in usage (like web server traffic where demand may increase or decrease throughout the year). Using Medium Utilization RIs, customers can save up to 34% for a 1-year term and 49% for a 3-year term vs. running On-Demand Instances. Customers are economically advantaged using Medium Utilization RIs (vs. On-Demand Instances) if you plan to use their instance more than 49% of a 1-year term or 24% of a 3-year term. Heavy Utilization RIs – Heavy Utilization RIs offer the most absolute savings of any public Reserved Instance type. They’re most appropriate for steady-state workloads where customers are willing to commit to always running these instances in exchange for our lowest hourly usage fee. With this RI, customers will pay a little higher upfront payment than Medium Utilization RIs, a significantly lower hourly usage fee, and their charged that lower hourly rate for every hour in the Reserved Instance term. Using Heavy Utilization RIs, customers can save up to 41% for a 1-year term and 58% for a 3-year term vs. running On-Demand Instances. Customers are economically advantaged using Heavy Utilization RIs (vs. On-Demand Instances) if you plan to use their instance more than 85% of a 1-year term or 79% of a 3-year term.
This year, HIVE, PIG, Spot Instances, Expand and Shrink Running Cluster and
Lets put everything in a context of a web application. You can create an application 3-tier application today. I mean it right now. You are enjoying the holidays with your family, you get an SMS notification (with Amazon SNS) that you Auto scaling alarm threshold is met and you click on the link that points you to a cloudformation stack that will update the stack by modify the autoscaling launch configuration so it adds more resources double the rate. Readjusts “cloud secretary” calls you iteractive voice response
Lets put everything in a context of a web application
You can put this all into a CloudFromation script. I recommend that you put that in version control and let it manage the resources for you. CF engine will manage the ordering, rollback, update etc.
AWS Import/Export Now Supports Amazon EBSHost Your Static Website on Amazon S3Amazon RDS Updates - Oracle Improvements and a New Minor VersionNow Available Amazon RDS for Oracle DatabaseAmazon RDS: MySQL 5.5 Now AvailableNetworkingNew - AWS Elastic Load Balancing Inside of a Virtual Private CloudLaunch EC2 Spot Instances in a Virtual Private CloudAWS Direct ConnectAmazon Route 53 - Now an Even Better ValueAmazon Route 53 - The AWS Domain Name ServiceMoving Ahead With Amazon Route 53Amazon EC2 Dedicated InstancesA New Approach to Amazon EC2 NetworkingLive Streaming With Amazon CloudFront and Adobe Flash Media Server
A new VPC Wizard to streamline the setup process for a new VPC.Full control of network topology including subnets and routing.Access controls at the subnet and instance level, including rules for outbound traffic.Internet access via an Internet Gateway.Elastic IP Addresses for EC2 instances within a VPC.Support for Network Address Translation (NAT).Option to create a VPC that does not have a VPN connection.
AWS Identity and Access Management - Now With Identity FederationIAM: AWS Identity and Access Management - Now Generally AvailableClient-Side Data Encryption for Amazon S3 Using the AWS SDK for JavaAWS Achieves PCI DSS 2.0 Validated Service Provider StatusNew - AWS Virtual (Software) Multi-Factor Authentication - RFC 6238 SupportNew - Amazon S3 Server Side Encryption for Data at Rest
For Infrastructure security, you can get full SAS 70 audit report on requestFor Services Security, we provide detailed technical documentation on how to use the featuresFor Application Security, we have security bulletins (security center), provide you with security guidance, Premium Support
This year this team was on a roll. They launched late last year and have ben meticulously delivering great features and services.
This is where the cloud really shines
There are 3 main ideas
There are 3 main ideas
2006 year of awareness2007 was the year of Disruption in IT departments 2008 was the year of market validation2009 was the year of Startups2010 was the year of Security2011 was the year of maturity (Growth, Features, and Enterprises)2012 will be ??
2012 I don’t know, but I can assure you and guarantee you that it will more (again in all dimensions) than 2011. We will continue to innovate and the next time, I will more than 30 minutes to talk about AWS