Sean Keery 1

AWS Retrospective

Scope :Production and development colocation migration and cutover.

Payment Gateway development, QA and production environment buildout.

Regardless of what we discover, we understand and truly believe that everyone did the best job they could, given what they knew at the time, their skills and abilities, the

resources available, and the situation at hand - Norman Kerth

11/5/12

Sean Keery 2

Lessons Learned/Analysis

• Aligned with business goals• We were going to start mall• Fail Fast and Improve• Go Green • AWS Value Add• Looking Forward

11/5/12

Sean Keery 3

Align with business goals• High availability - five 9's SLA• Growth - take it to 500,000

merchants• Change – quick response to market

needs• Minimize capital investments

11/5/12

Sean Keery 4

We were going to start small

• Multiple accounts and VPC’s– Separation of concerns– Increased hack vectors– More points of failure– Patching complexity

• Consistency across environments– Domain federation– Change management– Metrics

11/5/12

Sean Keery 5

Fail Fast and Improve• "It's just a dev site”• Release & deploy

• Remote teams/multiple environments - everyone can have their own sandbox

• Tags - use them to avoid sprawl• Amazon challenges

– Even if you don’t have paid support there are people who will help you

• Use the forums• Submit increase requests before you need to

11/5/12

Sean Keery 6

Web Service Constraint Examples • Limits - Instances, Elastic IP addresses ,

EBS/Snapshot volumes and aggregate size, security groups.

• DCHP/DNS integration• Storage - S3, Glacier, ISO’s, Gluster (for the cluster)• Keys across regions for custom AMI’s• Network - plan subnets for growth• ELB - No SNI support• VPC – VPN bandwidth, intra-VPC comms

11/5/12

Sean Keery 7

Go Green • Vmware - baseline images, hybrid -

Reuse• Bring your own license - Reuse• Domain federation - Reduce

Complexity• Pricing

– Buy ahead, sell for spot – Recycle– Cost benefit analysis– Value benefit analysis

11/5/12

Sean Keery 8

AWS Value Add • API Maturity - awesome• Avoid vendor lock in

– Eucalyptus shared api• Import/Export• Compliance - PCI• Innovation & continuous delivery new

of products

11/5/12

Sean Keery 9

Innovation examples• Console - service catalog & metrics

dashboard• IAM – directory integration• SES - pre delivery spam filter• Route 53 – geographic or latency

based DNS load balancing• Cloudformation - templates plus Chef

integration11/5/12

Sean Keery 10

Looking Forward• RDS – Ready for primetime• Provisioned IOPS – Storage & DB• OpenStack – AWS killer ?• Open Flow –Software defined

networks• VDI – Managed desktops• xAAS – Anything as a service

11/5/12

Sean Keery 11

About Me• BIO

Sean Keery began hacking obscure video game systems at the age of 13.  By the time he turned down an IBM internship to work developing direct mail software for anon-profit in DC, VisiCalc, NEXT, COBOL and a little Japanese had been added to the mix.Sean then developed interpersonal skills while teaching snowboarding around Aspen and Ohakune.  He got dragged back into the IT world by a well meaning marketing guy.  After completing the suite for managing instructors, and the industries first customer loyalty system, he was allowed to play with avalanche forecasting and SCADA stuff. However, the age of the internet beckoned.  XML GDI integrations, SEO and remote dev teams followed.  SOX put firewalls, PCI and ITIL into the picture.So, at TMS, audits of all kind now get done in no time.  Making sense of the sprawl that is the "Data Center" is one of his primary responsibilities, with our migration to the cloud providing plenty of opportunities to improve business continuity.The daily commute home is filled with podcasts and chipmunk bunny hops.  Some family time, spicy food, a good book or hacking on the newest toy are up next. A cup of milk & honey rounds out the day.

• Contact :Sean KeeryCloud System Architectzgrinch@gmail.com970.316.2269LinkedIn Profile: http://us.linkedin.com/pub/dir/Sean/Keery

11/5/12