Transcript Presentation Title

Alfresco Deployments on AWS
Cost-Effective, Scalable & Secure
Michael Waldrop
Director, Solutions Engineering
email. [email protected]
#SummitNow
Before we begin…
follow along:
bit.ly/alfresco-summitaws
#SummitNow
#SummitNow
Survey
#SummitNow
#SummitNow
SI Partners?
#SummitNow
#SummitNow
Customers?
#SummitNow
#SummitNow
Bare Metal
Deployments?
#SummitNow
#SummitNow
Virtualization?
#SummitNow
#SummitNow
On premise?
#SummitNow
#SummitNow
Experienced
Deploying
Alfresco
Clusters?
#SummitNow
#SummitNow
How long does it
take?
#SummitNow
#SummitNow
Simplified Illustration of an
Alfresco Cluster
Load Balancer
…
Shared
Search Index
Shared
File Storage
Shared
Database
#SummitNow
#SummitNow
It’s really
more
complex!
What about:
• Purchasing
equipment?
• Network
configuration?
• System
security?
• Database
redundancy?
#SummitNow
#SummitNow
It can take weeks
or months
planning…
#SummitNow
#SummitNow
Why?
#SummitNow
#SummitNow
Don’t lose
HOPE!
#SummitNow
#SummitNow
What if you could
launch a full
cluster in
minutes?
#SummitNow
#SummitNow
Let’s give it a
shot…
#SummitNow
#SummitNow
DEMO
#SummitNow
#SummitNow
What did we
just do?
#SummitNow
#SummitNow
Fully redundant
Alfresco
Cluster
Includes:
• Load-balancer
• Replicated DB
• Redundant
Storage
• Network Security
#SummitNow
#SummitNow
How does this
work?
#SummitNow
#SummitNow
Basics of AWS
#SummitNow
#SummitNow
AWS: Components of Interest
Elastic Compute Cloud
Amazon EC2 provides resizable
compute capacity in the cloud.
Virtual Private Cloud
EC2
Amazon VPC lets you securely
extend your corporate network into
AWS.
VPC
Simple Storage Service
Amazon S3 is cloud storage that is
secure, durable, reliable, fast and
inexpensive.
RDS
S3
Relational Database Service
Amazon RDS is a web service that
makes it easy to set up, operate, and
scale a cloud relational database.
#SummitNow
#SummitNow
There’s one more
thing…
#SummitNow
#SummitNow
CloudFormation
Automates AWS
Deployments
• EC2 Instances
• Network Subnets
• Firewall
• Databases
• Any other AWS
resources!
#SummitNow
#SummitNow
Let’s take a
closer look…
#SummitNow
#SummitNow
Basic Alfresco Template: Part I
Alfresco Instance
• Base AMI
• Instance Size
• SSH Key
• Monitoring
• References
Firewall
#SummitNow
#SummitNow
Basic Alfresco Template: Part II
Firewall rules
• Protocol & Port
• Allowed IP range
• Examples:
• SSH
• HTTP
• HTTPS
• Sharepoint
Protocol
• etc. #SummitNow
#SummitNow
Basic Alfresco Template: Part III
Template Output: Connection details
#SummitNow
#SummitNow
Revisiting the Alfresco CloudFormation
Template
Configures:
• Multiple Availability
Zones
• Redundant infrastructure
• Subnets for different
server roles.
#SummitNow
#SummitNow
Let’s look at one of the two AZ’s
• Independent
Load Balancer
• Public and
Private Subnets
• MySQL Master
• “Bastion” NAT
Host
#SummitNow
#SummitNow
Auto-configures Alfresco…
This section configures Hazelcast in Share
#SummitNow
#SummitNow
DEMO:
Review
Template
#SummitNow
#SummitNow
Reference Architecture & Implementation Guide
#SummitNow
#SummitNow
Let’s talk about
security…
#SummitNow
#SummitNow
Intrusion Prevention
• Private subnet
prevents direct
access.
• “Bastion” NAT host
acts as SSH
gatekeeper.
• Firewall rules
explicitly allow only
select protocols from
specific IP ranges
• Load-balancer is
allowed to proxy only
certain protocols.
• Database is isolated
#SummitNow
#SummitNow
Other Security Concerns
• Security is a shared
responsibility
• Configure Alfresco ACLs
correctly
• Know who has the keys
and credentials.
• Protect credentials
• Use SSL and other
encryption where
practical.
• Be vigilant.
• Study AWS’s compliance
and security whitepapers.
aws.amazon.com/security/
aws.amazon.com/compliance/
#SummitNow
#SummitNow
Let’s talk
$ • £ • € •¥
#SummitNow
#SummitNow
Why AWS?
Financial Reasons:
• Pay-as-you-go Utility
(OpEx vs. CapEx)
• Up to 70% Lower TCO
than On-Premises*
• Up to 50% less IT Staff
http://aws.amazon.com/whitepa
pers/idc-the-business-value-ofaws-accelerates-over-time/
#SummitNow
#SummitNow
Alfresco on AWS:
Faster time to Success!
30
X
install & configure
faste
r
40
go-live
200
%
up to
in IT productivity
gains
earlier
#SummitNow
#SummitNow
Alfresco ROI
Forrester study shows Alfresco pays for
itself in first 10 months after launch.*
A faster deployment accelerates time to
ROI.
Time
OnPremis
e
Implementation
10 Months to ROI
AW
S
Implementation
Go-Live / Launch
Date
* http://www.alfresco.com/forrester
#SummitNow
#SummitNow
It all adds up!
Alfresco on AWS
vs. On-Premise or Datacenter
Infrastructure and IT TCO Up to 70%
Lower
Infrastructure Acquisition Time Up to 30X
Faster (1-2 days)
Time to Install & Configure Alfresco
Environment Up to 30X
Faster (1-2 days)
Time to Alfresco ROI Up to 20%
Faster
Time to Develop / Customize No Change
#SummitNow
#SummitNow
Let’s
Summarize
#SummitNow
#SummitNow
Summary
• Deployments on AWS take minutes, not weeks.
• Customize CloudFormation to automate your
Alfresco deployments.
• Security is a shared responsibility, but the
templates employ some common best practices
• There are many factors to cost-efficiency:
• Resources, hosting & time
#SummitNow
#SummitNow
Alfresco Test Drive, powered by AWS
Built with CloudFormation
#SummitNow
#SummitNow
Resources…
Presentation
bit.ly/alfresco-summit-aws
Whitepaper & Reference Implementation
aws.amazon.com/whitepapers/alfresco-enterprise-on-aws/
CloudFormation Template
github.com/AlfrescoLabs/alfresco-cloudformation
Email
[email protected]
#SummitNow
#SummitNow
#SummitNow