SlideShare uma empresa Scribd logo

Case Study: Lucidchart's Migration to VPC

Matthew Barlocker
Matthew Barlocker

This document summarizes Lucidchart's migration from EC2 Classic to VPC. Some key points: - Lucidchart chose to migrate to VPC for improved security, interoperability with other AWS services, and new features like internal ELBs and dynamic security groups. - Benefits of VPC included enhanced security from private IPs and network ACLs, easier ELB and reserved instance management. Drawbacks included extra cost and maintenance of NAT instances and more complex networking configuration. - Lucidchart's migration plan moved servers layer by layer starting with web servers, then applications, then databases, with monitoring servers moved last. Managing security groups carefully during the phased migration was important. - The top

TecnologiaNegócios
1 de 21
Baixar para ler offline
Case Study: Lucidchart's Migration to VPC by Matthew Barlocker www.lucidchart.com/jobs
“The Barlocker” • • • • • Chief Architect at Lucid Software Inc since 2011 Bachelors in CS from BYU Managed data center, Rackspace and AWS deployments Love to play board games, go 4wheeling, wrestle my sons, and fly airplanes nineofclouds.blogspot.com www.lucidchart.com/jobs
Why Lucid Chose VPC • Same price as EC2 Classic • Interoperability with existing AWS services (S3, Route53, etc) • New features like Internal ELBs and on-the-fly security group changes • Heightened security using only private IPs www.lucidchart.com/jobs
Other Benefits • • • • • All ELBs have security groups Additional security layer with Network ACLs Elastic IPs stay associated with stopped instances VPN support for common hardware Reserved instances can be transferred between EC2 classic and VPC www.lucidchart.com/jobs
Drawbacks Cost & maintenance of NAT instance(s) Setup time New terminology VPN or SSH tunnel is required to access instances on private subnets • Internal DNS names are disabled by default • • • • www.lucidchart.com/jobs
Things You Should Know • Instances in the public subnets must have an elastic IP to communicate with the internet • NAT instances are just normal instances that are configured to be routers • NAT instances must be in a public subnet • Public & private subnets are defined by their route tables, network ACLs, and DHCP options www.lucidchart.com/jobs
Migration Plan www.lucidchart.com/jobs
Migration Constraints • EC2 cannot connect to private VPC servers • Private VPC server connections must go through the NAT instances • EC2 & VPC have different security groups, load balancers, autoscale groups • EC2 & VPC share EBS volumes, snapshots, instance sizes, zones, regions www.lucidchart.com/jobs
Migration Plan • • • • • Move top layer first Move one layer at a time Meticulously manage security groups Move monitoring/utility servers last http://nineofclouds.blogspot.com/search/label/VPC www.lucidchart.com/jobs
Starting Layout www.lucidchart.com/jobs
Move Webservers First www.lucidchart.com/jobs
Move Next Layer www.lucidchart.com/jobs
Move Databases Next www.lucidchart.com/jobs
Top 5 Pain Points www.lucidchart.com/jobs
5. Setup & Terminology • Took time to determine which VPC configuration we wanted • Took time to troubleshoot network ACL and security group issues • It took us 3 days with 1 person • We have not had to revisit the configuration since we got it working • Unavoidable www.lucidchart.com/jobs
4. Security Groups • Private VPC instances communicate through the NAT instances • EC2 instances only see traffic from the NAT • EC2 security groups were open to entire VPC • Avoidable by doing 2 moves – one to public VPC, one to private VPC www.lucidchart.com/jobs
3. VPN • Highly available configuration supported for some hardware • We chose OpenVPN, which took 3 days to configure and test properly • Avoidable in a number of different ways www.lucidchart.com/jobs
2. MongoDB Election = Downtime • MongoDB has an election process to determine primary and secondaries • To elect a primary, a majority of servers must vote • Because EC2 cannot speak to VPC, we had to move each server to the public subnet, and then to the private afterward • During move from public to private, MongoDB died for 15 minutes • Avoidable by not using MongoDB www.lucidchart.com/jobs
1. NAT Bandwidth • The traffic between private VPC and EC2 exceeded the capacity for our NAT instances • Requests timed out as throughput maxed out • Downtime of 30 minutes on some services • Completely avoidable! During the migration, increase size of NAT instances. Decrease after the migration is done. www.lucidchart.com/jobs
Thank You www.lucidchart.com/jobs
www.lucidchart.com/jobs

Recomendados

Mobycraft - Docker in 8-bit by Aditya Gupta
Mobycraft - Docker in 8-bit by Aditya Gupta Mobycraft - Docker in 8-bit by Aditya Gupta
Mobycraft - Docker in 8-bit by Aditya Gupta Docker, Inc.
 
Application Deployment and Management at Scale with 1&1 by Matt Baldwin
Application Deployment and Management at Scale with 1&1 by Matt BaldwinApplication Deployment and Management at Scale with 1&1 by Matt Baldwin
Application Deployment and Management at Scale with 1&1 by Matt BaldwinDocker, Inc.
 
Sebastien goasguen cloud stack the next year
Sebastien goasguen cloud stack the next yearSebastien goasguen cloud stack the next year
Sebastien goasguen cloud stack the next yearShapeBlue
 
Docker for Ops: Docker Networking Deep Dive, Considerations and Troubleshooti...
Docker for Ops: Docker Networking Deep Dive, Considerations and Troubleshooti...Docker for Ops: Docker Networking Deep Dive, Considerations and Troubleshooti...
Docker for Ops: Docker Networking Deep Dive, Considerations and Troubleshooti...Docker, Inc.
 
Sebastien goasguen cloud stack and docker
Sebastien goasguen cloud stack and dockerSebastien goasguen cloud stack and docker
Sebastien goasguen cloud stack and dockerShapeBlue
 
Structured Container Delivery by Oscar Renalias, Accenture
Structured Container Delivery by Oscar Renalias, AccentureStructured Container Delivery by Oscar Renalias, Accenture
Structured Container Delivery by Oscar Renalias, AccentureDocker, Inc.
 
Proof of Concept: Serverless with Swarm by Nirmal Mehta, Booz Allen Hamilton
Proof of Concept: Serverless with Swarm by Nirmal Mehta, Booz Allen Hamilton Proof of Concept: Serverless with Swarm by Nirmal Mehta, Booz Allen Hamilton
Proof of Concept: Serverless with Swarm by Nirmal Mehta, Booz Allen Hamilton Docker, Inc.
 
A New Centralized Volume Storage Solution for Docker and Container Cloud by W...
A New Centralized Volume Storage Solution for Docker and Container Cloud by W...A New Centralized Volume Storage Solution for Docker and Container Cloud by W...
A New Centralized Volume Storage Solution for Docker and Container Cloud by W...Docker, Inc.
 

Recomendados

Mobycraft - Docker in 8-bit by Aditya Gupta
Mobycraft - Docker in 8-bit by Aditya Gupta Mobycraft - Docker in 8-bit by Aditya Gupta
Mobycraft - Docker in 8-bit by Aditya Gupta Docker, Inc.
 
Application Deployment and Management at Scale with 1&1 by Matt Baldwin
Application Deployment and Management at Scale with 1&1 by Matt BaldwinApplication Deployment and Management at Scale with 1&1 by Matt Baldwin
Application Deployment and Management at Scale with 1&1 by Matt BaldwinDocker, Inc.
 
Sebastien goasguen cloud stack the next year
Sebastien goasguen cloud stack the next yearSebastien goasguen cloud stack the next year
Sebastien goasguen cloud stack the next yearShapeBlue
 
Docker for Ops: Docker Networking Deep Dive, Considerations and Troubleshooti...
Docker for Ops: Docker Networking Deep Dive, Considerations and Troubleshooti...Docker for Ops: Docker Networking Deep Dive, Considerations and Troubleshooti...
Docker for Ops: Docker Networking Deep Dive, Considerations and Troubleshooti...Docker, Inc.
 
Sebastien goasguen cloud stack and docker
Sebastien goasguen cloud stack and dockerSebastien goasguen cloud stack and docker
Sebastien goasguen cloud stack and dockerShapeBlue
 
Structured Container Delivery by Oscar Renalias, Accenture
Structured Container Delivery by Oscar Renalias, AccentureStructured Container Delivery by Oscar Renalias, Accenture
Structured Container Delivery by Oscar Renalias, AccentureDocker, Inc.
 
Proof of Concept: Serverless with Swarm by Nirmal Mehta, Booz Allen Hamilton
Proof of Concept: Serverless with Swarm by Nirmal Mehta, Booz Allen Hamilton Proof of Concept: Serverless with Swarm by Nirmal Mehta, Booz Allen Hamilton
Proof of Concept: Serverless with Swarm by Nirmal Mehta, Booz Allen Hamilton Docker, Inc.
 
A New Centralized Volume Storage Solution for Docker and Container Cloud by W...
A New Centralized Volume Storage Solution for Docker and Container Cloud by W...A New Centralized Volume Storage Solution for Docker and Container Cloud by W...
A New Centralized Volume Storage Solution for Docker and Container Cloud by W...Docker, Inc.
 
Moving Legacy Applications to Docker by Josh Ellithorpe, Apcera
Moving Legacy Applications to Docker by Josh Ellithorpe, Apcera Moving Legacy Applications to Docker by Josh Ellithorpe, Apcera
Moving Legacy Applications to Docker by Josh Ellithorpe, Apcera Docker, Inc.
 
Container Orchestration with Docker Swarm and Kubernetes
Container Orchestration with Docker Swarm and KubernetesContainer Orchestration with Docker Swarm and Kubernetes
Container Orchestration with Docker Swarm and KubernetesWill Hall
 
Rohit yadav cloud stack internals
Rohit yadav cloud stack internalsRohit yadav cloud stack internals
Rohit yadav cloud stack internalsShapeBlue
 
Linux kit meetup_v1.0.0
Linux kit meetup_v1.0.0Linux kit meetup_v1.0.0
Linux kit meetup_v1.0.0Anshul Patel
 
Building Micro-Services with Scala
Building Micro-Services with ScalaBuilding Micro-Services with Scala
Building Micro-Services with ScalaYardena Meymann
 
Everything You Need to Know About Docker and Storage by Ryan Wallner, ClusterHQ
Everything You Need to Know About Docker and Storage by Ryan Wallner, ClusterHQ Everything You Need to Know About Docker and Storage by Ryan Wallner, ClusterHQ
Everything You Need to Know About Docker and Storage by Ryan Wallner, ClusterHQ Docker, Inc.
 
Velocity NYC 2016 - Containers @ Netflix
Velocity NYC 2016 - Containers @ NetflixVelocity NYC 2016 - Containers @ Netflix
Velocity NYC 2016 - Containers @ Netflixaspyker
 
Dell Trials and Triumphs using Docker on Client Systems by Sean McGinnis and ...
Dell Trials and Triumphs using Docker on Client Systems by Sean McGinnis and ...Dell Trials and Triumphs using Docker on Client Systems by Sean McGinnis and ...
Dell Trials and Triumphs using Docker on Client Systems by Sean McGinnis and ...Docker, Inc.
 
Containers docker-docker hub-azureacr-azure aci
Containers docker-docker hub-azureacr-azure aciContainers docker-docker hub-azureacr-azure aci
Containers docker-docker hub-azureacr-azure aciRajesh Kolla
 
Take an Analytics-driven Approach to Container Performance with Splunk for Co...
Take an Analytics-driven Approach to Container Performance with Splunk for Co...Take an Analytics-driven Approach to Container Performance with Splunk for Co...
Take an Analytics-driven Approach to Container Performance with Splunk for Co...Docker, Inc.
 
Container orchestration overview
Container orchestration overviewContainer orchestration overview
Container orchestration overviewWyn B. Van Devanter
 
How to Build Your First Web App in Go
How to Build Your First Web App in GoHow to Build Your First Web App in Go
How to Build Your First Web App in GoAll Things Open
 
Docker for Ops: Operationalize your Docker Built Apps in Production by Evan H...
Docker for Ops: Operationalize your Docker Built Apps in Production by Evan H...Docker for Ops: Operationalize your Docker Built Apps in Production by Evan H...
Docker for Ops: Operationalize your Docker Built Apps in Production by Evan H...Docker, Inc.
 
DevCloud - Setup and Demo on Apache CloudStack
DevCloud - Setup and Demo on Apache CloudStack DevCloud - Setup and Demo on Apache CloudStack
DevCloud - Setup and Demo on Apache CloudStack buildacloud
 
Securing Containers From Day One | null Ahmedabad Meetup
Securing Containers From Day One | null Ahmedabad MeetupSecuring Containers From Day One | null Ahmedabad Meetup
Securing Containers From Day One | null Ahmedabad MeetupKumar Ashwin
 
JEEconf 2017
JEEconf 2017JEEconf 2017
JEEconf 2017Ihor Kolodyuk
 
Re:invent 2016 Container Scheduling, Execution and AWS Integration
Re:invent 2016 Container Scheduling, Execution and AWS IntegrationRe:invent 2016 Container Scheduling, Execution and AWS Integration
Re:invent 2016 Container Scheduling, Execution and AWS Integrationaspyker
 
From VMs to Containers: Decompose and Migrate Old Legacy JavaEE Application
From VMs to Containers: Decompose and Migrate Old Legacy JavaEE ApplicationFrom VMs to Containers: Decompose and Migrate Old Legacy JavaEE Application
From VMs to Containers: Decompose and Migrate Old Legacy JavaEE ApplicationJelastic Multi-Cloud PaaS
 
Cassandra Day Denver 2014: Setting up a DataStax Enterprise Instance on Micro...
Cassandra Day Denver 2014: Setting up a DataStax Enterprise Instance on Micro...Cassandra Day Denver 2014: Setting up a DataStax Enterprise Instance on Micro...
Cassandra Day Denver 2014: Setting up a DataStax Enterprise Instance on Micro...DataStax Academy
 
Using Containers and HPC to Solve the Mysteries of the Universe by Deborah Bard
Using Containers and HPC to Solve the Mysteries of the Universe by Deborah BardUsing Containers and HPC to Solve the Mysteries of the Universe by Deborah Bard
Using Containers and HPC to Solve the Mysteries of the Universe by Deborah BardDocker, Inc.
 
DevOps Condensed
DevOps CondensedDevOps Condensed
DevOps CondensedJeyaram Gurusamy
 
AWS Distilled
AWS DistilledAWS Distilled
AWS DistilledJeyaram Gurusamy
 

Mais conteúdo relacionado

Mais procurados

Moving Legacy Applications to Docker by Josh Ellithorpe, Apcera
Moving Legacy Applications to Docker by Josh Ellithorpe, Apcera Moving Legacy Applications to Docker by Josh Ellithorpe, Apcera
Moving Legacy Applications to Docker by Josh Ellithorpe, Apcera Docker, Inc.
 
Container Orchestration with Docker Swarm and Kubernetes
Container Orchestration with Docker Swarm and KubernetesContainer Orchestration with Docker Swarm and Kubernetes
Container Orchestration with Docker Swarm and KubernetesWill Hall
 
Rohit yadav cloud stack internals
Rohit yadav cloud stack internalsRohit yadav cloud stack internals
Rohit yadav cloud stack internalsShapeBlue
 
Linux kit meetup_v1.0.0
Linux kit meetup_v1.0.0Linux kit meetup_v1.0.0
Linux kit meetup_v1.0.0Anshul Patel
 
Building Micro-Services with Scala
Building Micro-Services with ScalaBuilding Micro-Services with Scala
Building Micro-Services with ScalaYardena Meymann
 
Everything You Need to Know About Docker and Storage by Ryan Wallner, ClusterHQ
Everything You Need to Know About Docker and Storage by Ryan Wallner, ClusterHQ Everything You Need to Know About Docker and Storage by Ryan Wallner, ClusterHQ
Everything You Need to Know About Docker and Storage by Ryan Wallner, ClusterHQ Docker, Inc.
 
Velocity NYC 2016 - Containers @ Netflix
Velocity NYC 2016 - Containers @ NetflixVelocity NYC 2016 - Containers @ Netflix
Velocity NYC 2016 - Containers @ Netflixaspyker
 
Dell Trials and Triumphs using Docker on Client Systems by Sean McGinnis and ...
Dell Trials and Triumphs using Docker on Client Systems by Sean McGinnis and ...Dell Trials and Triumphs using Docker on Client Systems by Sean McGinnis and ...
Dell Trials and Triumphs using Docker on Client Systems by Sean McGinnis and ...Docker, Inc.
 
Containers docker-docker hub-azureacr-azure aci
Containers docker-docker hub-azureacr-azure aciContainers docker-docker hub-azureacr-azure aci
Containers docker-docker hub-azureacr-azure aciRajesh Kolla
 
Take an Analytics-driven Approach to Container Performance with Splunk for Co...
Take an Analytics-driven Approach to Container Performance with Splunk for Co...Take an Analytics-driven Approach to Container Performance with Splunk for Co...
Take an Analytics-driven Approach to Container Performance with Splunk for Co...Docker, Inc.
 
Container orchestration overview
Container orchestration overviewContainer orchestration overview
Container orchestration overviewWyn B. Van Devanter
 
How to Build Your First Web App in Go
How to Build Your First Web App in GoHow to Build Your First Web App in Go
How to Build Your First Web App in GoAll Things Open
 
Docker for Ops: Operationalize your Docker Built Apps in Production by Evan H...
Docker for Ops: Operationalize your Docker Built Apps in Production by Evan H...Docker for Ops: Operationalize your Docker Built Apps in Production by Evan H...
Docker for Ops: Operationalize your Docker Built Apps in Production by Evan H...Docker, Inc.
 
DevCloud - Setup and Demo on Apache CloudStack
DevCloud - Setup and Demo on Apache CloudStack DevCloud - Setup and Demo on Apache CloudStack
DevCloud - Setup and Demo on Apache CloudStack buildacloud
 
Securing Containers From Day One | null Ahmedabad Meetup
Securing Containers From Day One | null Ahmedabad MeetupSecuring Containers From Day One | null Ahmedabad Meetup
Securing Containers From Day One | null Ahmedabad MeetupKumar Ashwin
 
Re:invent 2016 Container Scheduling, Execution and AWS Integration
Re:invent 2016 Container Scheduling, Execution and AWS IntegrationRe:invent 2016 Container Scheduling, Execution and AWS Integration
Re:invent 2016 Container Scheduling, Execution and AWS Integrationaspyker
 
From VMs to Containers: Decompose and Migrate Old Legacy JavaEE Application
From VMs to Containers: Decompose and Migrate Old Legacy JavaEE ApplicationFrom VMs to Containers: Decompose and Migrate Old Legacy JavaEE Application
From VMs to Containers: Decompose and Migrate Old Legacy JavaEE ApplicationJelastic Multi-Cloud PaaS
 
Cassandra Day Denver 2014: Setting up a DataStax Enterprise Instance on Micro...
Cassandra Day Denver 2014: Setting up a DataStax Enterprise Instance on Micro...Cassandra Day Denver 2014: Setting up a DataStax Enterprise Instance on Micro...
Cassandra Day Denver 2014: Setting up a DataStax Enterprise Instance on Micro...DataStax Academy
 
Using Containers and HPC to Solve the Mysteries of the Universe by Deborah Bard
Using Containers and HPC to Solve the Mysteries of the Universe by Deborah BardUsing Containers and HPC to Solve the Mysteries of the Universe by Deborah Bard
Using Containers and HPC to Solve the Mysteries of the Universe by Deborah BardDocker, Inc.
 

Mais procurados (20)

Moving Legacy Applications to Docker by Josh Ellithorpe, Apcera
Moving Legacy Applications to Docker by Josh Ellithorpe, Apcera Moving Legacy Applications to Docker by Josh Ellithorpe, Apcera
Moving Legacy Applications to Docker by Josh Ellithorpe, Apcera
 
Container Orchestration with Docker Swarm and Kubernetes
Container Orchestration with Docker Swarm and KubernetesContainer Orchestration with Docker Swarm and Kubernetes
Container Orchestration with Docker Swarm and Kubernetes
 
Rohit yadav cloud stack internals
Rohit yadav cloud stack internalsRohit yadav cloud stack internals
Rohit yadav cloud stack internals
 
Linux kit meetup_v1.0.0
Linux kit meetup_v1.0.0Linux kit meetup_v1.0.0
Linux kit meetup_v1.0.0
 
Building Micro-Services with Scala
Building Micro-Services with ScalaBuilding Micro-Services with Scala
Building Micro-Services with Scala
 
Everything You Need to Know About Docker and Storage by Ryan Wallner, ClusterHQ
Everything You Need to Know About Docker and Storage by Ryan Wallner, ClusterHQ Everything You Need to Know About Docker and Storage by Ryan Wallner, ClusterHQ
Everything You Need to Know About Docker and Storage by Ryan Wallner, ClusterHQ
 
Velocity NYC 2016 - Containers @ Netflix
Velocity NYC 2016 - Containers @ NetflixVelocity NYC 2016 - Containers @ Netflix
Velocity NYC 2016 - Containers @ Netflix
 
Dell Trials and Triumphs using Docker on Client Systems by Sean McGinnis and ...
Dell Trials and Triumphs using Docker on Client Systems by Sean McGinnis and ...Dell Trials and Triumphs using Docker on Client Systems by Sean McGinnis and ...
Dell Trials and Triumphs using Docker on Client Systems by Sean McGinnis and ...
 
Containers docker-docker hub-azureacr-azure aci
Containers docker-docker hub-azureacr-azure aciContainers docker-docker hub-azureacr-azure aci
Containers docker-docker hub-azureacr-azure aci
 
Take an Analytics-driven Approach to Container Performance with Splunk for Co...
Take an Analytics-driven Approach to Container Performance with Splunk for Co...Take an Analytics-driven Approach to Container Performance with Splunk for Co...
Take an Analytics-driven Approach to Container Performance with Splunk for Co...
 
Container orchestration overview
Container orchestration overviewContainer orchestration overview
Container orchestration overview
 
How to Build Your First Web App in Go
How to Build Your First Web App in GoHow to Build Your First Web App in Go
How to Build Your First Web App in Go
 
Docker for Ops: Operationalize your Docker Built Apps in Production by Evan H...
Docker for Ops: Operationalize your Docker Built Apps in Production by Evan H...Docker for Ops: Operationalize your Docker Built Apps in Production by Evan H...
Docker for Ops: Operationalize your Docker Built Apps in Production by Evan H...
 
DevCloud - Setup and Demo on Apache CloudStack
DevCloud - Setup and Demo on Apache CloudStack DevCloud - Setup and Demo on Apache CloudStack
DevCloud - Setup and Demo on Apache CloudStack
 
Securing Containers From Day One | null Ahmedabad Meetup
Securing Containers From Day One | null Ahmedabad MeetupSecuring Containers From Day One | null Ahmedabad Meetup
Securing Containers From Day One | null Ahmedabad Meetup
 
JEEconf 2017
JEEconf 2017JEEconf 2017
JEEconf 2017
 
Re:invent 2016 Container Scheduling, Execution and AWS Integration
Re:invent 2016 Container Scheduling, Execution and AWS IntegrationRe:invent 2016 Container Scheduling, Execution and AWS Integration
Re:invent 2016 Container Scheduling, Execution and AWS Integration
 
From VMs to Containers: Decompose and Migrate Old Legacy JavaEE Application
From VMs to Containers: Decompose and Migrate Old Legacy JavaEE ApplicationFrom VMs to Containers: Decompose and Migrate Old Legacy JavaEE Application
From VMs to Containers: Decompose and Migrate Old Legacy JavaEE Application
 
Cassandra Day Denver 2014: Setting up a DataStax Enterprise Instance on Micro...
Cassandra Day Denver 2014: Setting up a DataStax Enterprise Instance on Micro...Cassandra Day Denver 2014: Setting up a DataStax Enterprise Instance on Micro...
Cassandra Day Denver 2014: Setting up a DataStax Enterprise Instance on Micro...
 
Using Containers and HPC to Solve the Mysteries of the Universe by Deborah Bard
Using Containers and HPC to Solve the Mysteries of the Universe by Deborah BardUsing Containers and HPC to Solve the Mysteries of the Universe by Deborah Bard
Using Containers and HPC to Solve the Mysteries of the Universe by Deborah Bard
 

Destaque

Amazon EC2 to Amazon VPC: A case study
Amazon EC2 to Amazon VPC: A case studyAmazon EC2 to Amazon VPC: A case study
Amazon EC2 to Amazon VPC: A case studyMatthew Barlocker
 
Ssl in a nutshell
Ssl in a nutshellSsl in a nutshell
Ssl in a nutshellFrank Kelly
 
DevOps – Culture of continuous delivery & collaboration
DevOps – Culture of continuous delivery & collaborationDevOps – Culture of continuous delivery & collaboration
DevOps – Culture of continuous delivery & collaborationVinothini Raju
 

Destaque (6)

DevOps Condensed
DevOps CondensedDevOps Condensed
DevOps Condensed
 
AWS Distilled
AWS DistilledAWS Distilled
AWS Distilled
 
Amazon EC2 to Amazon VPC: A case study
Amazon EC2 to Amazon VPC: A case studyAmazon EC2 to Amazon VPC: A case study
Amazon EC2 to Amazon VPC: A case study
 
Ssl in a nutshell
Ssl in a nutshellSsl in a nutshell
Ssl in a nutshell
 
Git essentials
Git essentialsGit essentials
Git essentials
 
DevOps – Culture of continuous delivery & collaboration
DevOps – Culture of continuous delivery & collaborationDevOps – Culture of continuous delivery & collaboration
DevOps – Culture of continuous delivery & collaboration
 

Semelhante a Case Study: Lucidchart's Migration to VPC

Global Operations with Docker for the Enterprise - Nico Kabar, Docker
Global Operations with Docker for the Enterprise - Nico Kabar, DockerGlobal Operations with Docker for the Enterprise - Nico Kabar, Docker
Global Operations with Docker for the Enterprise - Nico Kabar, DockerDocker, Inc.
 
Global Operations with Docker Enterprise
Global Operations with Docker EnterpriseGlobal Operations with Docker Enterprise
Global Operations with Docker EnterpriseNicola Kabar
 
Powering Remote Developers with Amazon Workspaces
Powering Remote Developers with Amazon WorkspacesPowering Remote Developers with Amazon Workspaces
Powering Remote Developers with Amazon WorkspacesAmazon Web Services
 
Oracle Enterprise Manager - EM12c R5 Hybrid Cloud Management
Oracle Enterprise Manager - EM12c R5 Hybrid Cloud ManagementOracle Enterprise Manager - EM12c R5 Hybrid Cloud Management
Oracle Enterprise Manager - EM12c R5 Hybrid Cloud ManagementMarketingArrowECS_CZ
 
(DEV202) Under the Desk to the AWS Cloud with Windows PowerShell
(DEV202) Under the Desk to the AWS Cloud with Windows PowerShell(DEV202) Under the Desk to the AWS Cloud with Windows PowerShell
(DEV202) Under the Desk to the AWS Cloud with Windows PowerShellAmazon Web Services
 
Securely Publishing Azure Services
Securely Publishing Azure ServicesSecurely Publishing Azure Services
Securely Publishing Azure ServicesBizTalk360
 
ECS and Docker at Okta
ECS and Docker at OktaECS and Docker at Okta
ECS and Docker at OktaJon Todd
 
AWS re:Invent 2016: Development Workflow with Docker and Amazon ECS (CON302)
AWS re:Invent 2016: Development Workflow with Docker and Amazon ECS (CON302)AWS re:Invent 2016: Development Workflow with Docker and Amazon ECS (CON302)
AWS re:Invent 2016: Development Workflow with Docker and Amazon ECS (CON302)Amazon Web Services
 
Understanding Virtual Networking in the Cloud - RightScale Compute 2013
Understanding Virtual Networking in the Cloud - RightScale Compute 2013Understanding Virtual Networking in the Cloud - RightScale Compute 2013
Understanding Virtual Networking in the Cloud - RightScale Compute 2013RightScale
 
The impact of cloud NSBCon NY by Yves Goeleven
The impact of cloud NSBCon NY by Yves GoelevenThe impact of cloud NSBCon NY by Yves Goeleven
The impact of cloud NSBCon NY by Yves GoelevenParticular Software
 
IDERA Slides: Managing the Transition to Hybrid Cloud
IDERA Slides: Managing the Transition to Hybrid CloudIDERA Slides: Managing the Transition to Hybrid Cloud
IDERA Slides: Managing the Transition to Hybrid CloudDATAVERSITY
 
Cloud computing & windows azure intro
Cloud computing & windows azure introCloud computing & windows azure intro
Cloud computing & windows azure introHaddy El-Haggan
 
Migration of Microsoft Workloads
Migration of Microsoft WorkloadsMigration of Microsoft Workloads
Migration of Microsoft WorkloadsAmazon Web Services
 
Presentation citrix cloud platform for infrastructure as a service
Presentation citrix cloud platform for infrastructure as a servicePresentation citrix cloud platform for infrastructure as a service
Presentation citrix cloud platform for infrastructure as a servicexKinAnx
 
AWS re:Invent 2016: Securing Container-Based Applications (CON402)
AWS re:Invent 2016: Securing Container-Based Applications (CON402)AWS re:Invent 2016: Securing Container-Based Applications (CON402)
AWS re:Invent 2016: Securing Container-Based Applications (CON402)Amazon Web Services
 
AWS re:Invent 2016: Securing Container-Based Applications (CON402)
AWS re:Invent 2016: Securing Container-Based Applications (CON402)AWS re:Invent 2016: Securing Container-Based Applications (CON402)
AWS re:Invent 2016: Securing Container-Based Applications (CON402)Amazon Web Services
 
Building Efficient Parallel Testing Platforms with Docker
Building Efficient Parallel Testing Platforms with DockerBuilding Efficient Parallel Testing Platforms with Docker
Building Efficient Parallel Testing Platforms with DockerLaura Frank Tacho
 
Migration of Microsoft Workloads
Migration of Microsoft WorkloadsMigration of Microsoft Workloads
Migration of Microsoft WorkloadsAmazon Web Services
 
TechWiseTV Workshop: Intercloud Fabric
TechWiseTV Workshop: Intercloud FabricTechWiseTV Workshop: Intercloud Fabric
TechWiseTV Workshop: Intercloud FabricRobb Boyd
 

Semelhante a Case Study: Lucidchart's Migration to VPC (20)

Global Operations with Docker for the Enterprise - Nico Kabar, Docker
Global Operations with Docker for the Enterprise - Nico Kabar, DockerGlobal Operations with Docker for the Enterprise - Nico Kabar, Docker
Global Operations with Docker for the Enterprise - Nico Kabar, Docker
 
Global Operations with Docker Enterprise
Global Operations with Docker EnterpriseGlobal Operations with Docker Enterprise
Global Operations with Docker Enterprise
 
Powering Remote Developers with Amazon Workspaces
Powering Remote Developers with Amazon WorkspacesPowering Remote Developers with Amazon Workspaces
Powering Remote Developers with Amazon Workspaces
 
Oracle Enterprise Manager - EM12c R5 Hybrid Cloud Management
Oracle Enterprise Manager - EM12c R5 Hybrid Cloud ManagementOracle Enterprise Manager - EM12c R5 Hybrid Cloud Management
Oracle Enterprise Manager - EM12c R5 Hybrid Cloud Management
 
(DEV202) Under the Desk to the AWS Cloud with Windows PowerShell
(DEV202) Under the Desk to the AWS Cloud with Windows PowerShell(DEV202) Under the Desk to the AWS Cloud with Windows PowerShell
(DEV202) Under the Desk to the AWS Cloud with Windows PowerShell
 
Securely Publishing Azure Services
Securely Publishing Azure ServicesSecurely Publishing Azure Services
Securely Publishing Azure Services
 
ECS and Docker at Okta
ECS and Docker at OktaECS and Docker at Okta
ECS and Docker at Okta
 
AWS re:Invent 2016: Development Workflow with Docker and Amazon ECS (CON302)
AWS re:Invent 2016: Development Workflow with Docker and Amazon ECS (CON302)AWS re:Invent 2016: Development Workflow with Docker and Amazon ECS (CON302)
AWS re:Invent 2016: Development Workflow with Docker and Amazon ECS (CON302)
 
Understanding Virtual Networking in the Cloud - RightScale Compute 2013
Understanding Virtual Networking in the Cloud - RightScale Compute 2013Understanding Virtual Networking in the Cloud - RightScale Compute 2013
Understanding Virtual Networking in the Cloud - RightScale Compute 2013
 
The impact of cloud NSBCon NY by Yves Goeleven
The impact of cloud NSBCon NY by Yves GoelevenThe impact of cloud NSBCon NY by Yves Goeleven
The impact of cloud NSBCon NY by Yves Goeleven
 
IDERA Slides: Managing the Transition to Hybrid Cloud
IDERA Slides: Managing the Transition to Hybrid CloudIDERA Slides: Managing the Transition to Hybrid Cloud
IDERA Slides: Managing the Transition to Hybrid Cloud
 
Cloud computing & windows azure intro
Cloud computing & windows azure introCloud computing & windows azure intro
Cloud computing & windows azure intro
 
Containers 101
Containers 101Containers 101
Containers 101
 
Migration of Microsoft Workloads
Migration of Microsoft WorkloadsMigration of Microsoft Workloads
Migration of Microsoft Workloads
 
Presentation citrix cloud platform for infrastructure as a service
Presentation citrix cloud platform for infrastructure as a servicePresentation citrix cloud platform for infrastructure as a service
Presentation citrix cloud platform for infrastructure as a service
 
AWS re:Invent 2016: Securing Container-Based Applications (CON402)
AWS re:Invent 2016: Securing Container-Based Applications (CON402)AWS re:Invent 2016: Securing Container-Based Applications (CON402)
AWS re:Invent 2016: Securing Container-Based Applications (CON402)
 
AWS re:Invent 2016: Securing Container-Based Applications (CON402)
AWS re:Invent 2016: Securing Container-Based Applications (CON402)AWS re:Invent 2016: Securing Container-Based Applications (CON402)
AWS re:Invent 2016: Securing Container-Based Applications (CON402)
 
Building Efficient Parallel Testing Platforms with Docker
Building Efficient Parallel Testing Platforms with DockerBuilding Efficient Parallel Testing Platforms with Docker
Building Efficient Parallel Testing Platforms with Docker
 
Migration of Microsoft Workloads
Migration of Microsoft WorkloadsMigration of Microsoft Workloads
Migration of Microsoft Workloads
 
TechWiseTV Workshop: Intercloud Fabric
TechWiseTV Workshop: Intercloud FabricTechWiseTV Workshop: Intercloud Fabric
TechWiseTV Workshop: Intercloud Fabric
 

Mais de Matthew Barlocker

Getting Started on Amazon EKS
Getting Started on Amazon EKSGetting Started on Amazon EKS
Getting Started on Amazon EKSMatthew Barlocker
 
ORM or SQL? A Better Way to Query in MySQL
ORM or SQL? A Better Way to Query in MySQLORM or SQL? A Better Way to Query in MySQL
ORM or SQL? A Better Way to Query in MySQLMatthew Barlocker
 
Your First Scala Web Application using Play 2.1
Your First Scala Web Application using Play 2.1Your First Scala Web Application using Play 2.1
Your First Scala Web Application using Play 2.1Matthew Barlocker
 

Mais de Matthew Barlocker (8)

Getting Started on Amazon EKS
Getting Started on Amazon EKSGetting Started on Amazon EKS
Getting Started on Amazon EKS
 
Optimizing Uptime in SOA
Optimizing Uptime in SOAOptimizing Uptime in SOA
Optimizing Uptime in SOA
 
Relate
RelateRelate
Relate
 
Highly Available Graphite
Highly Available GraphiteHighly Available Graphite
Highly Available Graphite
 
Nark: Steroids for Graphite
Nark: Steroids for GraphiteNark: Steroids for Graphite
Nark: Steroids for Graphite
 
ORM or SQL? A Better Way to Query in MySQL
ORM or SQL? A Better Way to Query in MySQLORM or SQL? A Better Way to Query in MySQL
ORM or SQL? A Better Way to Query in MySQL
 
Your First Scala Web Application using Play 2.1
Your First Scala Web Application using Play 2.1Your First Scala Web Application using Play 2.1
Your First Scala Web Application using Play 2.1
 
Magic methods
Magic methodsMagic methods
Magic methods
 

Último

Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyKhushali Kathiriya
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamUiPathCommunity
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...DianaGray10
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDropbox
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...Zilliz
 
JohnPollard-hybrid-app-RailsConf2024.pptx
JohnPollard-hybrid-app-RailsConf2024.pptxJohnPollard-hybrid-app-RailsConf2024.pptx
JohnPollard-hybrid-app-RailsConf2024.pptxJohnPollard37
 
Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)Zilliz
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoffsammart93
 
AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)
AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)
AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)Samir Dash
 
Vector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptxVector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptxRemote DBA Services
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherRemote DBA Services
 
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...apidays
 
Introduction to use of FHIR Documents in ABDM
Introduction to use of FHIR Documents in ABDMIntroduction to use of FHIR Documents in ABDM
Introduction to use of FHIR Documents in ABDMKumar Satyam
 
CNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In PakistanCNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In Pakistandanishmna97
 
Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusExploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusZilliz
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMESafe Software
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAndrey Devyatkin
 

Último (20)

Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor Presentation
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
 
JohnPollard-hybrid-app-RailsConf2024.pptx
JohnPollard-hybrid-app-RailsConf2024.pptxJohnPollard-hybrid-app-RailsConf2024.pptx
JohnPollard-hybrid-app-RailsConf2024.pptx
 
Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)
AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)
AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)
 
Vector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptxVector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptx
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
 
Introduction to use of FHIR Documents in ABDM
Introduction to use of FHIR Documents in ABDMIntroduction to use of FHIR Documents in ABDM
Introduction to use of FHIR Documents in ABDM
 
CNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In PakistanCNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In Pakistan
 
Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusExploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with Milvus
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 

Case Study: Lucidchart's Migration to VPC

  • 1. Case Study: Lucidchart's Migration to VPC by Matthew Barlocker www.lucidchart.com/jobs
  • 2. “The Barlocker” • • • • • Chief Architect at Lucid Software Inc since 2011 Bachelors in CS from BYU Managed data center, Rackspace and AWS deployments Love to play board games, go 4wheeling, wrestle my sons, and fly airplanes nineofclouds.blogspot.com www.lucidchart.com/jobs
  • 3. Why Lucid Chose VPC • Same price as EC2 Classic • Interoperability with existing AWS services (S3, Route53, etc) • New features like Internal ELBs and on-the-fly security group changes • Heightened security using only private IPs www.lucidchart.com/jobs
  • 4. Other Benefits • • • • • All ELBs have security groups Additional security layer with Network ACLs Elastic IPs stay associated with stopped instances VPN support for common hardware Reserved instances can be transferred between EC2 classic and VPC www.lucidchart.com/jobs
  • 5. Drawbacks Cost & maintenance of NAT instance(s) Setup time New terminology VPN or SSH tunnel is required to access instances on private subnets • Internal DNS names are disabled by default • • • • www.lucidchart.com/jobs
  • 6. Things You Should Know • Instances in the public subnets must have an elastic IP to communicate with the internet • NAT instances are just normal instances that are configured to be routers • NAT instances must be in a public subnet • Public & private subnets are defined by their route tables, network ACLs, and DHCP options www.lucidchart.com/jobs
  • 8. Migration Constraints • EC2 cannot connect to private VPC servers • Private VPC server connections must go through the NAT instances • EC2 & VPC have different security groups, load balancers, autoscale groups • EC2 & VPC share EBS volumes, snapshots, instance sizes, zones, regions www.lucidchart.com/jobs
  • 9. Migration Plan • • • • • Move top layer first Move one layer at a time Meticulously manage security groups Move monitoring/utility servers last http://nineofclouds.blogspot.com/search/label/VPC www.lucidchart.com/jobs
  • 14. Top 5 Pain Points www.lucidchart.com/jobs
  • 15. 5. Setup & Terminology • Took time to determine which VPC configuration we wanted • Took time to troubleshoot network ACL and security group issues • It took us 3 days with 1 person • We have not had to revisit the configuration since we got it working • Unavoidable www.lucidchart.com/jobs
  • 16. 4. Security Groups • Private VPC instances communicate through the NAT instances • EC2 instances only see traffic from the NAT • EC2 security groups were open to entire VPC • Avoidable by doing 2 moves – one to public VPC, one to private VPC www.lucidchart.com/jobs
  • 17. 3. VPN • Highly available configuration supported for some hardware • We chose OpenVPN, which took 3 days to configure and test properly • Avoidable in a number of different ways www.lucidchart.com/jobs
  • 18. 2. MongoDB Election = Downtime • MongoDB has an election process to determine primary and secondaries • To elect a primary, a majority of servers must vote • Because EC2 cannot speak to VPC, we had to move each server to the public subnet, and then to the private afterward • During move from public to private, MongoDB died for 15 minutes • Avoidable by not using MongoDB www.lucidchart.com/jobs
  • 19. 1. NAT Bandwidth • The traffic between private VPC and EC2 exceeded the capacity for our NAT instances • Requests timed out as throughput maxed out • Downtime of 30 minutes on some services • Completely avoidable! During the migration, increase size of NAT instances. Decrease after the migration is done. www.lucidchart.com/jobs