Posts Tagged 'Amazon EC2'

Implementing a Private Cloud Solution

Last week I attended Learning Tree’s “Implementing a Private Cloud Solution” course at our Reston Education Center. It is a great course for anyone seeking in-depth technical details on how to build their own on-premises private cloud. The course also covers using a hosted private cloud solution and building secure connections to your own data center.

This course is not for the faint of heart! It is also not for the technically challenged! When you show up Tuesday morning you need to be prepared to work very hard for the next four days. The course author, Boleslav Sykora, has put together a fast paced session that gives you as much technical detail as you would ever want on the subject. It is the type of course where you will want to come early and stay late each and every day so you can work through all the extensive bonus exercises that are offered. I loved it and I think you will too!

We feature building two private clouds, one using Eucalyptus and another using Microsoft System Center, completely from scratch. There is a lot of Linux command line stuff and quite a bit of detailed networking configuration. This is exactly the reality of what is involved if you want to build your own private cloud. Over the four days you come to understand that private cloud computing is not some mystical, magical hype but is an evolution of solid fundamental concepts that have been around for some time. This course will appeal to technical professionals who want to gain real experience implementing solutions that will define the future of the on-premises data center.

For those who would prefer not to bother with the complexity of an internal private cloud implementation there are many hosted solutions to choose from. Probably the best known is Amazon’s Virtual Private Cloud (VPC). Once you use VPC on Amazon you will likely never go back to using EC2 without it.

In fact as I write this blog I am on a train heading to New York. There I will teach Learning Tree’s “Cloud Computing with Amazon Web Services” course. That, also, is a great course!

Because there are many private cloud implementations based on the Amazon EC2 model and API (particularly Eucalyptus) Amazon has kind of become the de facto standard for how Infrastructure as a Service (IaaS) is done. Even if you believe you would never use a public cloud for a production system there is much to be learned about cloud computing from Amazon. Beyond that the public cloud is a great place to do testing, development and proof-of-concept before investing the time and capital required to build your own private cloud. Public clouds such as Amazon can also become part of a hybrid solution that features the best of what private clouds and public clouds have to offer. Learning Tree’s Amazon Web Services course gives you hands-on experience with many aspects of Amazon’s cloud and shows you how to build solutions using the various services offered there.

So if you are a hardcore techie who wants to have end-to-end control over all aspects of a cloud solution come to Learning Tree’s private cloud course. If you would like to understand how to leverage the Amazon public cloud or to understand the service models of arguably the most dominant cloud provider in the world then come to Learning Tree’s Amazon Web Services course. Either way I hope to see you soon!

Kevin Kell

Configuring Exchange Servers in the Cloud

This week I digress once again from my intended progression of posts to deal with some real world issues …

Learning Tree’s “choice in the classroom” now offers attendees the option of working either with a partner or on their own when doing the hands-on exercises. As part of this initiative authors are reviewing classroom hardware requirements for each of their courses.

In our Office 365 course we feature a hands-on exercise where the students perform an actual cutover migration from Exchange 2010 Server on premises to Exchange Online in Office 365. This exercise requires one fully configured Exchange server per student team. Allowing students the option to work solo could potentially double the number of Exchange servers needed for an event. Note that this is essentially a load variation problem and is something for which the Infrastructure as a Service cloud delivery model is particularly well suited!

I had previously provisioned 12 EC2 servers and configured them in a VPC where each had an assigned Elastic IP address. This allows for all of the instances to remain stopped until the actual day in which they are needed in the class. The instructor can simply start as many machines as necessary based on the size of the class that week and how many students choose to work solo or in pairs. In this way we only incur instance run charges for when the machines are actually in use. When the instances are stopped there is a modest charge of $0.11 per GB per month. This works out to less than $50 per month for 12 Windows instances with 35 GB of provisioned storage each. It is relatively simple to extend this solution for 24 servers at very little additional cost.

There are some complications I encountered with an Exchange installation that made it impossible to simply clone existing instances. In fact I could not even start from a custom AMI where I had already installed Exchange. Making Exchange work for the exercise required that each server be on a separate Active Directory domain. Further, it required that a “real” UCC certificate (i.e. from a proper Certification Authority, not just self-signed) for a validated domain be installed on each machine.

Briefly, here are the steps I needed to go through:

  1. Start from a custom AMI that has all downloads and latest service packs required for installing Exchange. This AMI has also been setup with the desired user accounts and has had some of the necessary Windows Server roles and features turned on. It has also had some unwanted and unneeded features turned off.
  2. Install the Active Directory Domain Services role and assign the custom domain.
  3. Install and configure Exchange.
  4. Assign license to Exchange.
  5. Create Exchange mailboxes for use in class.
  6. Enable Outlook Anywhere.
  7. Request UCC certificate.
  8. Complete certificate request using certificate file issued by CA.

I was able to script some of this using PowerShell. In actuality building each machine did require some manual effort. In this case, though, it was done as a one-time thing. I will no doubt continue to explore options for rapidly building these and other types of servers for use in the classroom. One area I would like to look at further is orchestrating the provisioning of Exchange server perhaps using something like RightScale’s Configuration Framework. That, however, will have to be a topic for another time.

Kevin Kell

Amazon Simple Workflow Service

Amazon continue its relentless release of new Cloud Computing services with the release of the Simple Workflow Service (SWF). This sophisticated service enables distributed asynchronous applications to be implemented as workflow. A workflow is built from three core components:

  • Workflow starters
  • Activity workers
  • Deciders

Workflow starters initiate the workflow. This can be any application. The classic example is a customer placing an order on an e-commerce site starting a workflow that completes with a shipped order and includes all the intermediate stages including payment processing, stock allocation and shipping.
Activity workers are the threads that perform the tasks required by the workflow. These are written by the software developers, in potentially any programming language, and can run anywhere (on-premise or cloud hosted) as long as they can access SWF through the provided API.
Deciders implement the workflows decision logic. The deciders look at the workflow history to determine what has been completed and make a decision as to what to do next.

With the release of SWF, Amazon have provided an elegant solution to a difficult problem: how to build applications that make use of a number of distributed components that can be a mixture of on-premise and cloud hosted and monitor and co-ordinate them in a reliable and scalable manner.

What I like about Amazon AWS in general is that they make it straightforward to use. With SWF, then the service addresses an area that is complex and yet Amazon have provided a clean elegant solution. I look forward to using it soon.

Chris Czarnecki

Amazon Announces Trusted Advisor

When considering using cloud computing services, one of the major factors is the level of support that can be provided by the cloud vendor. In particular, when using Infrastructure as a Service, it is vital to ensure that cloud resources are not only appropriately secured but are also running at their most cost effective. Who better to provide this information than the cloud provider.

In the case of Amazon Web Services, where the range of services is so wide (consider storage: SimpleDB, Simple Storage Service, Relational Data Service, Elastic Block Storage, DynamoDb) with many alternatives, it is not always easy to make the correct choice. When buying infrastructure, the purchase model is no longer straightforward either, with options for on-demand, reserved and spot instances. When deploying high availability systems, instances are typically spread across availability zones. Are these balanced and evenly distributed ?

To help better support deployed systems making use of Amazon infrastructure, Amazon have today announced AWS Trusted Advisor. This service, which uses the experience of supporting hundreds of thousands of Amazon customers, will inspect a customer’s AWS environment and, if appropriate, will make recommendations on improving security, performance and cost reduction. All of this is automated and makes use of a large knowledge base built up by Amazon over the last few years.

The Trusted Advisor is an example of the way in which Amazon continues to innovate in providing services that not only provide great new functionality, but also in the monitoring and control of these services. If you would like to know more about Amazon Web Services and how they can benefit your organisation, consider attending Learning Tree’s comprehensive course, Cloud Computing with Amazon Web Services™, in which you’ll learn from an expert instructor about the major services and how they can be integrated to form a coherent scalable reliable infrastructure.

Chris Czarnecki

Compare Cloud Security to Your Security

There’s an assumption people make that if they put their data in the cloud it is less secure. There are three aspects to security: confidentiality, integrity, and availability. They are known as the CIA security model.

Confidentiality

Private data is kept confidential using encryption. This might require encrypting the data in the database. When transporting data across the internet, it requires using the HTTPS protocol. Whether using the cloud or local servers this does not change. It is our responsibility to secure our data no matter where it is physically stored.

Integrity

Integrity is maintained in distributed systems by verifying messages sent between computers have not tampered with. This is also achieved by using the HTTPS protocol. Again, this does not change when using the cloud.

Availability

Data should only be made available to those who are allowed to see it. This is done through some sort of authentication process, along with rules that govern access to the data. Authentication can be done using passwords, digital certificates, biometrics, passcodes, keys etc.

Securing the Infrastructure

Without a secure infrastructure, you can’t achieve the CIA’s of security. Servers must be patched, firewalls need to be configured, access to physical hardware needs to be limited, intrusion-detection systems need to be put in place, etc. Securing the infrastructure is very expensive and requires a great deal of administration.

This is where we can take advantage of a cloud provider’s economies of scale and expertise, to make our systems more secure! The fact is, very few people can afford to do what Microsoft and Amazon do to secure their data centers. And even if you can afford it, do you have the people who know how to do it?

To better understand why this is so, read the links below which describe what Microsoft and Amazon do to secure their data centers. Then, compare what they do, to what your organization does. You will likely realize that your data would be considerably MORE secure in the cloud than it is in your computer room.

Links

Windows Azure Security Overview – Microsoft

AWS Security and Compliance Center – Amazon Web Services

If you want to learn more about cloud computing and how it can benefit your organization, come to one of the courses in Learning Tree’s Cloud Computing curriculum

Doug Rehnstrom

 

Using Amazon EC2 in Learning Tree’s Office 365 Course

Our upcoming Office 365 course will feature an exercise where attendees will gain real hands-on experience migrating on-premises Exchange mailboxes to the cloud. In order to do this we will require one on-premises Exchange server per student team. Further, each Exchange server has to exist on a unique domain which has been registered with a DNS provider, is available over the Internet and has been added to each student’s Office 365 subscription.

In order to accomodate a large class this could result in a potentially big investment in hardware and classroom setup time. Or, we could look to the cloud as a potential solution. As it turns out this is a perfect problem to solve using EC2.

Why? Well, we can create instances of Exchange Servers on uniquely named Active Directory domains and have them available for use when we need them in class. These, effectively, become our “on-premises” mail servers for our exercise, even though they are actually themselves in the cloud!

In this way we will only incur charges for running instances for the few hours of each class where we actually need them. When they are not needed we can leave them in a stopped state. Sure there will be some charges for storing the volume but those will be relatively small. Also, while the course is under development, we can work with these Exchange servers from anywhere and testing can be done by our geographically dispersed development team.

Are we storing any sensitive data in the cloud? No. Is the application mission critical? Well, I guess if we can’t connect to the Internet for some reason that could cause a problem in the classroom but if that were to occur we would have a problem anyway because the whole class is about the cloud!

So, in summary, the cloud is not a solution to every problem. There are some problems, however, like this case in point where the cloud is a good fit and solves real world technical problems in a cost effective manner.

Kevin Kell

Amazon EC2 Security Groups for Elastic Beanstalk

Amazon’s Elastic Beanstalk is an elegant Platform as a Service (PaaS) for Java application deployment. Anybody who has provisioned servers with the Elastic Compute Cloud (EC2) will be familiar with configuring security groups. A security group is like a firewall, and defines a set of permissions for accessing Amazon Web Services (AWS) resources. More details can be found here.

When deploying an application using Elastic Beanstalk, a security group is automatically created for you and it allows access from all IP addresses on port 80. In many cases applications will use a database that is hosted on Amazon’s Relational Database Service (RDS). When a database instance is configured, this also requires a security group to be configured. To enable access from the beanstalk hosted application an extra rule allowing access from the beanstalk application must be added. For administrating the database, a rule for your local machine based on your IP address is also added. This process is straightforward, it just requires an awareness of what needs to be done.

Amazon provide an incredible set of Infrastructure services with AWS. To use these services effectively and integrate them into a coherent whole requires a good knowledge of how they work individually and the role they should play in your systems. Acquiring this knowledge is not a trivial task, so to fast track this process Learning Tree have developed a four day course that provides hands-on experience of what is available, how it works and how you can best use it for your systems. If you are interested in, or considering using Amazon AWS, I think you will find the course invaluable. You can even attend from your office using the Anyware system. Details and a schedule can be found here.

Chris Czarnecki

“Agile” Cloud Computing

Agile

I often see the word “Agile” associated with cloud computing. That’s a word I know well. I wrote a class on Agile Programming, and I teach XP and SCRUM. I believe I’m Agile in my projects. But what does it really mean?

For some, “agile” is just a tactful way of saying “get it done cheaper”! But it’s more than that.

When we write “Agile” with a capital “A” it means it abides by the 12 principles of Agile programming. We could summarize those principles by saying; give customers high quality, quickly and for a good value. And when the customer changes their mind, adapt. That all sounds very obvious doesn’t it?

If we write “agile” with a lower case “a”, then it means “quick and well-coordinated in movement” (see http://dictionary.reference.com/browse/agile).

Cloud Computing

So, what does “cloud computing” mean?

  • In part, it means rented. We are going to purchase software and/or resources when we need them and for only how long we need them.
  • It also means elastically scalable. As demand fluctuates we easily add or remove resources, paying only for what we need at any moment in time.
  • Cloud computing means fault tolerant; the system is almost always available.
  • For many, cloud computing means online; the system is available from anywhere.
  • It also means resilient; the system can automatically recover from failures.
  • Cloud computing means reduced administration. Someone else is responsible for patches and backups and hardware upgrades.

Agile Cloud Computing

Does cloud computing make IT more Agile (agile)? To determine this, we can analyze the cost, but cost can’t be the only driving factor. To be Agile, cloud services must satisfy users and must provide even greater benefit than traditional software.

I moved all my servers to EC2, not because it is cheaper, but because it is better for my company. The fact that it’s also cheaper is a pleasant by-product.

Using Windows Azure is not the cheapest way to deploy an ASP.NET application. It can however be the best (most Agile) way. At least if you care about things like scalability, fault-tolerance, security and simplicity.

Conclusion

There are many ways to streamline IT using cloud computing services. These services include Office 365, Google Apps, Windows Live, Amazon Web Services, Windows Azure, Salesforce.com, SharePoint Online and many more.

If you want a better understanding of cloud computing and how it can make your organization more Agile, take one of the courses in Learning Tree’s Cloud Computing curriculum. You can even take the course from the cloud using Learning Tree AnyWare
J

You may also like to read these articles that explain more about the different cloud services.

Doug Rehnstrom

Please visit Learning Tree’s new .NET Programming blog.

Is Amazon Now the Only Choice for Cloud Computing ?

Cloud Computing is big news, that is without question. It seems every time I open a newspaper or watch a TV program Microsoft informs me how my life, both business and personal would be improved by Cloud Computing. When I search on Google it seems every other advert is suggesting Google Apps could make my life easier. I mentioned in a previous post EMC having running Cloud Computing banners at Heathrow airport. In fact all the major vendors have significant marketing campaigns, aimed at convincing customers their cloud solutions are of significant benefit. Except one that is. I have yet to see an advert for Amazon AWS and its comprehensive set of cloud computing facilities.

The only thing I ever hear from Amazon is news on new service features and improvements – and there are lots of these. No marketing, no fuzziness, just pure useful functionality delivered without fuss or fanfare. Just looking at the month of March, Amazon announced the following:

  • A second AWS availability zone ion Tokyo
  • EC2 dedicated instances
  • Windows Server 2008 R2 support
  • Virtual Private Cloud internet Access
  • Identity and Access Management Support for CloudFront
  • VM Import connector for VMWare vCenter
  • AWS support in Japenese

These announcements, some significant, especially for private clouds, some more nice to have’s are all on top of what is already the most wide ranging, comprehensive set of cloud services available from any one vendor. So, does this mean that Amazon is the goto vendor for Cloud Computing ? Not necessarily, but they are making a strong case for being the one. The reality is that much depends on what your organisation and projects require. For instance, Amazon is an Infrastructure as a Service (IaaS) and Platform as a Service (PaaS) provider not a Software as a Service (SaaS) provider. But when it comes to Iaas or Paas Amazon is really hard to beat, and appears to be increasing its range of functionality over competitors. Google, Microsoft and the rest have their work cutout to catch up – and do not currently appear to be making up any ground on Amazon.

Making the correct choice of Cloud Computing vendor is critical, and a thorough understanding of the products and services vital in helping make this choice. Learning Tree’s hands-on Cloud Computing course equips attendees with the skills required to make the correct choice for their organisations. Why not consider attending.

Chris

Amazon EC2 or Microsoft Windows Azure

I haven’t written a blog post for a while because I’ve been programming. So much fun!

I’m working on a new Web site using Microsoft ASP.NET Dynamic Data and Entity Framework. ASP.NET Dynamic Data is a bit like Ruby on Rails. It allows Web pages to be automatically generated based on the data they are displaying. Entity Framework automates all the data access code. I’m using what’s called a “model-first’ implementation of Entity Framework, so I don’t even have to manually create the database. That is automated as well!

The whole thing is very cool. I create the models using a graphical designer, and apply attributes for field validation and formatting. Then, on the one side the database code is generated, and on the other side the user-interface is generated. It’s a bit more complicated than I make it out to be, but once you have it figured out making changes to the application is very simple. That’s why I wanted to use this approach in the first place. (Check Learning Tree course 2620 to learn more about it.)

Okay, so what’s this have to do with the cloud? I have to decide where I want to deploy my program, on EC2 or on Windows Azure. I guess I’m writing this article so I can weigh the pros and cons of each.

Advantages of Amazon EC2

  1. EC2 is cheaper, at least to start. I can get an EC2 Windows 2008 R2 Server instance up and running for about $40 per month.
  2. EC2 is familiar. The nice thing about EC2 is it’s like having your own Windows Server without buying the hardware. I can do anything I want to it; I just have to remote desktop into it.
  3. I’m already using EC2 for a couple of projects.

Advantages of Microsoft Windows Azure

  1. Azure may be cheaper than EC2 in the long run. Azure is a zero maintenance solution. You just deploy your application and Microsoft takes care of the software, patches and backups. There’s a cost to maintenance which has to be taken into account when using EC2 compared to Azure. The problem is that cost is a bit hard to calculate.
  2. Scalability with Windows Azure is seamless. There’s a good chance this application will grow to have many users and consume a massive amount of data. If it does, adding additional machines with Windows Azure is as simple as changing a value in the configuration file.
  3. It’s completely integrated with Visual Studio. Once set up, deploying changes from Visual Studio to Windows Azure is just a couple clicks.

Well, I haven’t made up my mind yet, but interestingly I’m not even considering setting up my own server. Maybe I should go to Learning Tree’s Cloud Computing course. That course covers cloud computing in general and explores a number of different vendors and options for taking advantage of the cloud.

You might also like to go to Learning Tree’s Windows Azure course. That course covers Windows Azure in detail.

Doug Rehnstrom

As cloud computing continues to make information technology headlines, vendors are aggressively promoting the many benefits it can provide organizations.  Our White Paper, Cloud Computing Promises: Fact of Fiction , addresses the claims and questions that are often raised in relation to cloud computing and provides a clear view of what the cloud can—and can’t—deliver in reality.


Learning Tree Logo

Cloud Computing Training

Learning Tree offers over 210 IT training and Management courses, including Cloud Computing training.

Enter your e-mail address to follow this blog and receive notifications of new posts by e-mail.

Join 51 other followers

Follow Learning Tree on Twitter

Archives

Do you need a customized Cloud training solution delivered at your facility?

Last year Learning Tree held nearly 2,500 on-site training events worldwide. To find out more about hosting one at your location, click here for a free consultation.
Live, online training
.NET Blog

Follow

Get every new post delivered to your Inbox.

Join 51 other followers

%d bloggers like this: