Get Started and Migrate Your Data to AWS

© 2016, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Markku Lepistö
Principal Technology Evangelist, APAC
Getting Started with AWS

What we’ll cover today
 Creating an AWS account
 Creating an IAM user and enabling MFA
 Launching and connecting to EC2 instances
 Backing up and restoring EC2 instances
 Using S3 to store and serve files
 Visualizing AWS costs and setting billing alerts
 Migrating data to AWS

Characteristics of Cloud Computing?
On-Demand
delivery…
…of IT resources via
the Internet…
…with pay-as-you-go
pricing

The AWS Free Tier
 Includes most AWS services
 Available for all new accounts
 Good for one year from the day the account is created
 Everything we show today can be done within the free tier
 For more details: http://aws.amazon.com/free/

Signing up for an AWS account
 Sign up through https://aws.amazon.com
 You will need a credit card
 There will be a telephone verification

First Steps: Creating IAM Users
 Using AWS Identity and Access
Management (IAM), you can create
and manage AWS users and
groups.
 You can control what resources
each user has access to within an
AWS account.

First Steps: Enabling MFA
 AWS allows you to require multi-
factor authentication for your
users through physical or software-
based single use login tokens. This
protects against stolen passwords
and key loggers.
 Enable this on IAM users and the
root account

Demo: Creating an IAM user
and enabling MFA

Amazon EC2 – Creating an SSH key pair
 SSH stands for Secure Shell
 SSH keys are used for secured access to EC2 instances
 SSH keys avoid password weaknesses
 You can import your own key or have AWS generate a key pair for you.
 AWS does not store the private part of the key pair

Demo: Creating an SSH key
pair for Amazon EC2

Amazon EC2 – Creating a Security Group
 Security Groups are firewalls for your instances
 By default, they block all traffic
 You can choose what protocols and ports to open
 You can use port ranges (e.g. 22-24)
 You can choose who the ports are open to
 Create rules with CIDR notation for groups of IP addresses (/32 is a single IP)
 Create rules that specify Security Groups for other EC2 Instances

Demo: Creating a Security
Group in Amazon EC2

Amazon EC2 – Launching an Instance
 Instances are virtual machines running in the cloud
 You have full control of the instance and can install any
software that you choose
 You can choose the instance type and size to get different
amounts of memory, CPU, disk, etc.
 You will need your Key Pair and a Security Group to launch
the instance into

Demo: Launching and
connecting to EC2 Instances

Amazon EBS – Storage for EC2 Instances
 Amazon Elastic Block Store is persistent block storage for EC2 instances
 As small as 1GB and as large as 16TB
 Available in several different types
 Create snapshots of EBS volumes in S3 to create backups

Amazon EBS – Volume Types
General Purpose
SSD (gp2)
Provisioned IOPS
SSD (io1)
Throughput
Optimized HDD (st1)
Cold HDD (sc1)

Amazon EBS – Volume Types
General Purpose
SSD (gp2)
Provisioned IOPS
SSD (io1)
Cold HDD (sc1)Throughput
Optimized HDD (st1)

Demo: Creating EBS Volumes,
Snapshots, and AMIs

Amazon S3
 S3 is Amazon’s Simple Storage Service
 Store and retrieve almost any amount of data: 1 byte to 5
terabytes per object
 Highly scalable and durable
 Encryption available
 Objects exist in the AWS region you choose
 Object level permissions
 Easily accessible

Demo: Storing and Serving
Objects with S3

Billing and Cost Management
 There are several features to help you monitor costs and
visualize your AWS spend:
 Cost Explorer
 Alerts on Spending Limits
 Detailed Billing Reports
 Consolidated Billing

Demo: Exploring Billing and
Cost Management

Storage is the Gravity
for Cloud Applications

Amazon EFS
File
Amazon EBS
Amazon EC2
Instance Store
Block
Amazon S3 Amazon Glacier
Object
Data Transfer
AWS Direct
Connect
ISV
Connectors
Amazon
Kinesis
Firehose
Storage
Gateway
S3 Transfer
Acceleration
AWS Storage is a Platform
AWS
Snowball
Amazon
CloudFront
Internet/VPN

What is Internet/VPN…
Globally Available
Default method of ingesting content into Amazon S3
Simple standards based (HTTP) connection
Use your existing internet connection
Available within a VPC for VPN connectivity
Acceleration via Multipart Upload
Data Transfer Into AWS is free
VPN Connections using VPC Virtual Private Gateway
•$0.05 per VPN Connection-hour
•$0.048 per VPN Connection-hour for connections to the Tokyo region

How does Internet / VPN ingest work?
Accelerate Data Transfer using
Multipart Upload
Ingest Data Directly Into S3 Buckets with
existing internet connectivity
S3 Bucket
AWS Region
and
Via Management Console or API
customer
gateway
endpoints
VPN
connection
Internet Internet via VPN + VPC

Amazon S3 Transfer Acceleration

What is Amazon S3 Transfer Acceleration…
Network and Protocol Based Data Transfer Service
Acceleration of Data Ingress / Egress with S3 Buckets
Typically 50% to 400% faster
Feature of S3 Enabled at the Bucket Level
Available at All S3 Regions Worldwide
No Client / Server Software Required
No Code Changes to Your Application
No Firewall Exceptions
Simple Pricing Model

Ingest & Egress with S3 transfer acceleration
S3 Bucket
AWS Edge
Location
Uploader
Optimized
Throughput!
Uses AWS 55 global edge locations
AWS determines best edge location
Data transfer optimized between edge
and customer, and edge and S3
Data is not stored on the edge cache

Using the Service is as easy as 1, 2, 3…
Update Application to Point to new S3 URL
• Update“bucket.s3.amazonaws.com” to
“<bucket-name>.s3-accelerate.amazonaws.com”
• Original bucket location and contents are the same, only
namespace changes
Or Use Permissions via API
s3:PutAccelerateConfiguration
Enable the Service in the Management Console
Start Uploading Data to Amazon S3
1
2
3

How fast is S3 transfer acceleration?
Rio De
Janeiro
Warsaw New York Atlanta Madrid Virginia Melbourne Paris Los
Angeles
Seattle Tokyo Singapore
Time[hrs]
500 GB upload from these edge locations to a bucket in Singapore
Public InternetS3 Transfer Acceleration

Global Content Delivery Network
55 Edge Locations Worldwide
Supports Ingest via PUT/POST methods
Works with S3 Multi-part upload
Supports SSL SNI and TLS connections
Integrated with ACM and AWS WAF for additional security
Proxy ingest to S3, EC2 and even your own origins
Tiered and Custom Pricing Models
What is Amazon CloudFront…

Using CloudFront to Ingest Data into AWS
AWS Region
Customer Client
HTTP/S PUT/POST
“upload_files.zip”
Amazon EC2
S3 Bucket
ELB
Custom Origin
CloudFront
Edge Location
Ingest content into S3, EC2, ELB or your own custom origin
with Amazon CloudFront
Use cache behaviors to direct to the correct origin based on
PATH pattern matching
Restrict Access via Geo Restriction or AWS WAF Web ACL

Dedicated, 1 or 10 GE private pipes into AWS
Create private (VPC) or public virtual interfaces to AWS
Reduced data-out rates (data-in still free)
Consistent network performance
At least 1 location to each AWS region
Option for redundant connections
Uses BGP to exchange routing information over a VLAN
What is AWS Direct Connect…

At the Direct Connect Location
CORP
AWS
Direct
Connect
Routers
Custo
mer
Router
Colocat
ion
DX Location
Customer
Network
`
AWS Backbone
Network
Cross
Connect
Customer
Router
Customers
Network
Demarcation

Dedicated Port via Direct Connect Partner
AWS
Direct
Connect
Routers
Colocat
ion
DX Location
Partner
Network
AWS Backbone
Network
Cross
Connect
Customer
Router
Partner
Network
Access
Circuit
Demarcation
Partner
Equipment
CORP

Amazon Kinesis Platform
Amazon Kinesis streaming data on the AWS cloud
• Amazon Kinesis Streams
• Amazon Kinesis Firehose
• Amazon Kinesis Analytics

Amazon Kinesis Firehose
Load massive volumes of streaming data into Amazon S3 and Amazon Redshift
Zero administration: Capture and deliver streaming data into S3, Redshift, and other destinations
without writing an application or managing infrastructure.
Direct-to-data store integration: Batch, compress, and encrypt streaming data for delivery into data
destinations in as little as 60 secs using simple configurations.
Seamless elasticity: Seamlessly scales to match data throughput w/o intervention
Capture and submit streaming
data to Firehose
Firehose loads streaming data continuously
into S3 and Redshift
Analyze streaming data using your
favorite BI tools

What is AWS Storage Gateway?
Works with your existing applications
Secure and durable storage in AWS
Low-latency for frequently used data
Scalable and cost-effective on-premises storage - $125 per
gateway per month + S3/Glacier storage fees
Service connecting an on-premises software appliance
with cloud-based storage

How does AWS Storage Gateway work?
Amazon EBS
snapshots
Amazon S3
Amazon
Glacier
AWS
Storage Gateway
appliance
Application
server
AWS
Storage Gateway
backend
Customer premises
S3
Transfer
Acceleration
AWS
Direct
Connect
Internet

AWS Storage Gateway configurations
iSCSI block storage
Gateway-stored volumes
iSCSI virtual tape storage
Low-latency for all your data with point-in-time
backups to AWS
Replacement for on-premises physical tape
infrastructure for backup and archive
Gateway-cached volumes
Gateway-virtual tape library (VTL)
Low-latency for frequently used data with all data
stored in AWS

Amazon Storage Partner Ecosystem
Gateway/NAS
Data
Management
Sync and ShareBackup/DR
Content and
Acceleration
Archive
File System

Get Started and Migrate Your Data to AWS

Get Started and Migrate Your Data to AWS

Recomendados

Recomendados

Mais conteúdo relacionado

Mais procurados

Mais procurados (20)

Destaque

Destaque (20)

Semelhante a Get Started and Migrate Your Data to AWS

Semelhante a Get Started and Migrate Your Data to AWS (20)

Mais de Amazon Web Services

Mais de Amazon Web Services (20)

Último

Último (20)

Get Started and Migrate Your Data to AWS