An overview of running Oracle Database, Fusion Middleware and Oracle Applications on AWS. Covers licensing, pricing, support, security, networking, Amazon VPC, Amazon EC2, Amazon EBS, use cases, and customer successes.
4. This timeline highlights the collaboration between Oracle and AWS along with the major
milestones and joint deliverables.
Oracle on
Amazon
EC2
2008 2010 2012
Oracle Secure Backup
Cloud Module
on Amazon EC2
Oracle VM
virtualization
support
Oracle on
RDS
Oracle Test
Drive
Oracle &
AWS
201120082007 2013
Ref Arch,
AMIs
AWS and Oracle
5. Oracle
Licensing and Support
Processor & socket licensing
• Standard Edition: EC2
instances with 4 or less
virtual cores are counted as
1 socket
• 0.5 core multiplier for
enterprise licenses
(processor)
BYOL
• Enterprise license agreement
• Unlimited license agreement
• Oracle partner network
• BPO license
• Oracle Technology Network
Pay-as-you-go
• RDS for Oracle SE One
Oracle AWS cloud licensing document: oracle.com/us/corporate/pricing/cloud-
licensing-070579.pdf
6. Oracle E-Business Suite
JD Edwards EnterpriseOne
Oracle Fusion
Applications
PeopleSoft Applications
Hyperion
ATG Web Commerce
Oracle SOA
Suite
Identity and Access
Management
WebLogic
Suite
WebCenter TimesTen
MySQL
Community Edition
Data Guard Active Data
Guard
GoldenGate
RMAN
OSB Enterprise
Manager
Oracle NoSQL
Coherence
Oracle Products on AWS
http://www.oracle.com/technetwork/topics/cloud/faq-
098970.html#support
9. Use Multiple Layers of Defense
• Security Groups (EC2, VPC, RDS,
ElastiCache)
• IPTables
• Bastion Host
• Host-based Firewalls*
• IDS*
Protect privacy and enforce your
policies with data encryption
• Encrypt data in transit
• (SSL/TLS) and TDE
• Encrypt data at rest
– TDE with keys in AWS CloudHSM
– OS level : Trucrypt, TrendMicro
SafeNet, CipherCoud (EBS+RDS),
3RD party
Identity and Access Management
• Create Users and Groups within
a master account
Operating system security
• EC2 Key Pairs
• No external SSH to Oracle DB
VPC
• Database in private subnet
• Database access only from
application server or bastion host
AWS Account Management
• Multiple accounts may be created to
isolate resources. Accounts may be
isolated by: Environment (e.g., dev,
test, prod), Major System, Line of
business / function, Customer, Risk
level
Security : Best Practices
11. EBS
• PIOPS (applies to I/O with a block size
of 16KB)
• Stripe using RAID 0, 10, LVM, or ASM
• RAID 10 (can decrease performance)
• Snapshot often : Single volume DB
• 20 TB DB size (max)
Tuning
• Maintain an average queue
length of 1 for every 200
provisioned IOPS in a minute
• Pre-warm $ dd of=/dev/md0
if=/dev/null
• fio, Oracle ORION
• Oracle Advanced Compression
File system
• ext3/4, XFS (less mature)
• Try different block sizes : start
with 64K
Stripping
• Stripe multiple volumes for more
IOPS (e.g., (20) x 2,000 IOPS
volumes in RAID0 for 40,000 IOPS)
• ASM with external redundancy
• More difficult to Snapshot : Use
OSB
Storage
• Use Instance storage for
temporary storage or database
Storage : Best Practices
15. Setting up Oracle on your own
Put together all the necessary AWS infrastructure components
for networking, compute and storage based on best practices.
Install and configure Oracle Database
Two ways to deploy Oracle on
AWS
Oracle on EC2
• Fully control of database
and operating system
• You are responsible for
backups
• You are responsible for HA
16. Using Amazon RDS for Oracle
Avoid all the heavy lifting and launch fully configured Oracle
Database instance with a couple of clicks or an API call
Two ways to deploy Oracle on
AWS
Oracle on RDS
• No access to OS
• AWS does database
patching
• One click/API HA
• One click/API for backups
• Some restrictions apply :
Ebusiness Suite not
supported, UTL_File,
UTL_HTTP, etc.
26. • Protocols
– File transfer to Amazon S3 or EC2 using S/FTP, SCP, NFS,
UDP, Aspera, Attunity CloudBeam, Tsunami
– AWS Import/Export service: Ship your disk to AWS
• Transfer methods
– Configure on-premises backup application (like NetBackup,
CA, CommVault, Riverbed) to use Amazon S3
– AWS Storage Gateway for asynchronous backup to Amazon S3
– Database backup tools like Oracle Secure Back
– Database replication tools like GoldenGate, DbVisit
• Special process for loading to Amazon Oracle RDS
Data Migration options
29. Global manufacturing company with operations
in APAC, Europe, and North America
Vendor consolidation1
Infrastructure management challenge across multiple locations
2
Hardware refresh cycles and cost optimization
3
RISO, Inc - Business Overview
Key Business Drivers
30. • Capital and operational cost reduction by avoiding new hardware purchases
and by redeploying IT staff to projects that directly supported the core business
• Other benefits included:
– 55% reduction in total IT operations costs
– 35% reduction in backup infrastructure costs
– Ability to start and stop nonproduction services to reduce operational costs
– Reduction in the number of IT vendors (from 6 to 3)
– Able to perform an office relocation of HQ in early 2013, with no
interruptions to business leveraging the centralized AWS computing
platform
What was achieved
31. Migrate
Business
Critical
Applications
•Migrate infrastructure
components like domain
controller, monitoring
solutions
•Migrate E-Business Suite,
OBIEE
•Tune – enhance - optimize
Migrate
Non-
Mission
Critical
Applications
•Migrate Test / DEV
application
•Migrate noncritical
applications like Track-it
•Migrate backups and validate
restore process
Proof of
Concept
•Build POC environments for
each critical application and
validate functionality
•Perform functional,
integration testing
Assessment
•Complete study of IT
infrastructure & costs,
including recommendations
and a detailed plan
•Perform cost analysis and
estimate project duration and
resources
Migration Process
32. US East
AZ-1
Headquarters
VPC Public Subnet
VPC Private Subnet
Location 2
Internet
OBIEE
EBS
R12
Monitoring Solution OpenVPN
VPN
Connection
VPN
Connection
AWS Architecture
33. • Complete infrastructure for North America on Amazon Web Services
– Office locations and warehouses connected via VPN to VPC on AWS
– Oracle EBS/OBIEE on Linux
• Complete in-house infrastructure including SQL Server, Oracle EBS, OBIEE and
domain controllers, track-it applications , LACROSSE etc.
• Migrate from Tivoli tape backups to Amazon S3 backups using Zamanda/Glacier,
Snapshots
• Integrated active directory with Salesforce.com, Office 365, various file, print, fax
services throughout North America
• All production backups to Amazon S3 using third-party tool
• All nonproduction backups to Amazon S3 (reduced redundancy store)
AWS Infrastructure
34. Carters migrated an on-premise Powerbuilder Oracle DB application
to Oracle APEX and Database on EC2. This project is documented
as a chapter in the book Migrating to the Cloud.
KPIT Cummins runs their Oracle E-Business Suite 12.1.3
environments on Amazon EC2/OVM. They have benefitted from the
reduced complexity of AWS “infrastructure at a click.”
Advanced Innovations hosts their entire Oracle Applications and
technology platform on Amazon EC2. SOA Suite, WebCentre,
Beehive, Ebusiness etc.
Blue Gecko deployed SAGE Manufacturing’s dev, test, DR and
production Oracle E-Business Suite environments on Amazon EC2.
Customer Successes
35. The French National Railway Corporation uses Amazon EC2 to host
their test reservations system backed by Oracle Database.
Deploying on the cloud has allowed VSC Technologies to reduce
testing and deployment times by two thirds. Oracle Data
Integrator/Mainframe.
Capgemini uses AWS to host the development, test and production
Oracle E-Business Suite Financials supporting their business in
Latin America.
PBS uses AWS to host their internet streaming websites which run
on MySQL and Oracle Databases hosted on Amazon EC2.
The European Space Agency’s GAIA mission uses an AWS,
including Oracle Database on Amazon EC2, to rapidly and cost-
effective scan astrometric data sets for indications of planets outside
our solar system.
Customer Successes
36. Amazon.com backs up retail databases using the Oracle Secure
Backup Cloud Module. The Client Experience Analytics (CXA) team
uses Amazon RDS to support customer simulations against
Amazons web properties on an ongoing basis.
Oracle eBusiness Suite 11 - Imperia was established officially on
February 3rd, 1932 as the development of a little artisan workshop
and started at once to distribute pasta machines around the world.
McGraw-Hill migrated an Oracle WebLogic and Oracle RAC
environment to AWS using a hybrid architecture. Oracle WebLogic is
clustered on EC2 using ELB and Auto Scaling. The Oracle RAC
Database runs in Data Pipe.
Smarter Agent is the leading provider of white label mobile
applications and services to real estate industry. Smarter Agent
decided to “forklift” entire stack (vs hybrid) to AWS. They used
smartShift to move the Oracle 11g Database to AWS RDS and
JBoss to EC2.
smartShift customer success :
http://www.youtube.com/watch?v=t2UcCdnNsRc&feature=youtu.be
Customer Successes
39. • Get started with a free trial
– http://aws.amazon.com/free
• White papers
– http://aws.amazon.com/whitepapers/
• Reference architectures
– http://aws.amazon.com/architecture/
• Enterprise on AWS
– http://aws.amazon.com/enterprise-it/
• Executive-level overview : Extending Your Infrastructure to the AWS Cloud (4 minutes)
– http://www.youtube.com/watch?v=CsGqu5L_PFI
• Simple Monthly Pricing Calculator
– http://calculator.s3.amazonaws.com/calc5.html
• TCO calculator for web applications
– http://aws.amazon.com/tco-calculator/
AWS Resources
40. • AWS Marketplace Offerings for Oracle Database
– Oracle 12c and 11g on RHEL (BYOL) :
https://aws.amazon.com/marketplace/search/results/ref=sp_navgno_search_box?page=1&
searchTerms=oraclempbyol
• Oracle Database Reference Implementation
– Standard, enterprise class, large enterprise class and high performance Oracle 11g
configuration on AWS
EC2http://media.amazonwebservices.com/AWS_RDBMS_Oracle_11g_on_EC2_Referenc
e_Architecture.pdf
• Oracle Test Drives : http://awstestdrive.com
• Amazon Relational Database Service: aws.amazon.com/rds
• Running Oracle on AWS: aws.amazon.com/oracle
• Oracle FAQ: http://www.oracle.com/technetwork/topics/cloud/faq-098970.html
• Pre-configured Oracle AMIs:
https://aws.amazon.com/amis?ami_provider_id=4&selection=ami_provider_id
• Oracle Secure Backup Cloud Module product
Page: http://www.oracle.com/us/products/database/secure-backup-066578.html
• Oracle AWS cloud licensing document: oracle.com/us/corporate/pricing/cloud-licensing-
070579.pdf
• Oracle Enterprise Manager 12c plug in:http://www.oracle.com/technetwork/oem/grid-
control/downloads/oem-aws-plugin-1852739.html
Oracle on AWS Resources
41. • OEM 12c as a Hosted Service
– http://www.slideshare.net/tomlaszewski/oow-em-blueprintsv3
• AWS reInvent Sessions
– Storage Tiering and Ebsuiness Suite customer success:
http://www.slideshare.net/tomlaszewski/storage-tiering-for-oracle-database-on-aws-and-
oracle-ebusiness-suite-on-aws-case-study
– Peoplesoft on RDS and customer success:
http://www.slideshare.net/tomlaszewski/dat202-using-amazon-rds-to-power-enterprise-
applications-1-0
– Migrating Enterprise Applications: http://www.slideshare.net/tomlaszewski/ent303-
migrating-enterprise-applications-to-aws
– Migrating data from on premise to AWS RDS:
http://www.slideshare.net/tomlaszewski/advanced-data-migration-techniques-for-
amazon-rds
• Oracle OpenWorld Session
– Best Practices for running Oracle Database on AWS:
http://www.slideshare.net/tomlaszewski/oracle-db-on-ec2-partner-webinar
Oracle on AWS : OOW and Reinvent
AWS started support for Oracle Virtual Manager (OVM) in 2010. OVM is the only hypervisor other than AWS Xen that AWS supports. With support for OVM, all Oracle products from the Database to the application server (WebLogic and SOA Suite) to the business applications PeopleSoft, E-Business Suite, Seibel and others, become fully supported by Oracle on AWS. In May 2011 Oracle on the Amazon Relational Database Service (RDS) was introduced before Microsoft SQL Server and after Oracle MySQL which was introduced October 2009. As it become apparent that enterprises were moving production workloads to AWS, AWS released the first set of Oracle on AWS test drives in 2012. These test drives were created by AWS Oracle System Integrator partners. By the end of 2012, there were 23 Oracle test drives from OSB, Oracle Standby Database, Oracle APEX, Oracle Business Intelligence Suite (OBIEE), PeopleSoft, E-Business Suite and more. The test drives were an opportunity for customers to try the Oracle products on AWS before they bought anything. Try before you buy!2013 is the year of repeatable solutions! This includes new Amazon Machine Images (AMIs) with the latest Oracle Linux operating systems and products on them, reference configurations which include white papers, CloudFormation scripts, and associated best practices, white papers, and additional test drives labs including those for WebLogic.
Microsoft “License Mobility through Software Assurance” program provides qualifying Microsoft Volume Licensing customers with the flexibility to deploy Windows server based applications in the AWS cloud.AWS provides Windows Server, SQL Server on AWS todayAmazon Machine Images (AMIs) jointly developed by Microsoft and AWSSharePoint Server, Exchange and other Microsoft server products can be licensed to run on AWSGeneral info on AWS and License Mobility for a variety of MS server products: http://aws.amazon.com/windows/mslicensemobility/server products: http://aws.amazon.com/windows/mslicensemobility/Detail on AWS and License Mobility with SQL Server: http://aws.amazon.com/windows/mslicensemobility/sql/
Without getting into the industry debate about public vs. private cloud it’s clear that most cloud benefits cannot be realized with on-premise virtualization technologies. In the on-premise virtualization model, you often have to buy expensive hardware and software which virtually eliminates the cost benefits of cloud computing. Although on-premise virtualization allows you to quickly provision new servers, your ability to scale up is limited to your physical infrastructure. You still need to buy physical servers to grow. If you want to scale down you won’t see significant cost-savings as you already paid for the hardware. These limitations of the on-premise virtualization model impact your ability to innovate fast and free up money to invest in new projects.
on Slide 14, under encryption we can split encryption at rest by usingo Oracle Transparent data encryption at database and store keys in CloudHSMo OS level encryption by using tools like trucrypt or third party encryption tools like SafeNet
Without getting into the industry debate about public vs. private cloud it’s clear that most cloud benefits cannot be realized with on-premise virtualization technologies. In the on-premise virtualization model, you often have to buy expensive hardware and software which virtually eliminates the cost benefits of cloud computing. Although on-premise virtualization allows you to quickly provision new servers, your ability to scale up is limited to your physical infrastructure. You still need to buy physical servers to grow. If you want to scale down you won’t see significant cost-savings as you already paid for the hardware. These limitations of the on-premise virtualization model impact your ability to innovate fast and free up money to invest in new projects.
Oracle ASM disk groups provide three types of redundancy: normal, high, and external. With normal and high redundancy, files are replicated within the disk group. With external redundancy, ASM does not provide any redundancy for the disk group. When creating setting up ASM for a group of volumes, we recommend using external redundancy since Amazon EBS volumes are already redundant within an availability zone.Oracle ASM best practices like having different disk groups for data and log files, work and recovery areas, also apply in Amazon EBS.Because this architecture is targeted at a medium-sized enterprise class database, we recommend using fewer than 10 total volumes. To provide a benefit, a provisioned IOPS volume must maintain an average queue length (rounded up to the nearest whole number) of 1 for every 200 provisioned IOPS per minute. If you set the queue length to less than 1 per 200 IOPS provisioned, your volume will not consistently deliver the IOPS that you've provisioned. Setting the queue length too far above the recommended setting won't affect the IOPS your volume delivers, however per-request latencies will increase. For a Provisioned IOPS volume of 500, the queue length average must be 3. If the average queue length is less than 3 for this volume, you aren't consistently sending enough I/O requests.Instance StoreZero network overhead; local, direct attached resource.No network variabilityNot optimized for random I/OGenerally better for sequential I/ORoot volume and data volume are lost on physical disk failure, stopping, or terminating of instanceIdeal for storing temporary data like buffers, caches, scratch data, and other temporary content, or for data that is replicated across a fleet of instances, such as a load-balanced pool of web servers.Maintain a number of pending I/O requests to get the most out of your Provisioned IOPS volume. The volumes must maintain an average queue length of 1 (rounded up to the nearest whole number) for every 200 provisioned IOPS in a minute Maintain a queue depth of 10 for a 2,000 Provisioned IOPS volumeMaintain a queue depth of 3 for a 500 Provisioned IOPS volumeExample: a 2000 Provisioned IOPS volume can handle:2000 16KB read/write per second, or 1000 32KB read/write per second, or 500 64KB read/write per second You will get consistent 32 MB/sec throughput (with 16KB or higher IOs)Perform an index creation action and sends I/O of 32K, IOPS becomes 1000, you still get 32MB/sec throughputOn best effort, you may get up to 40 MB/sec throughput fioLinux, WindowsFor benchmarking I/O performance. (Note that fio has a dependency on libaio-devel.)Oracle ORIONLinux, WindowsFor calibrating the I/O performance of storage systems to be used with Oracle databases.SQLIOWindowsFor calibrating the I/O performance of storage systems to be used with Microsoft SQL Server.We like ext3/4, but we love XFSHigh performance, consistentRobust and lots of options for tweaking/adjusting as neededOur favorite mount options: (your mileage may vary)inode64, noatime, nodiratime, attr2, nobarrier, logbufs=8, logbsize=256k, osyncisdsync, nobootwait, noautoYields great performance, reduces unnecessary writes, stableWe like ZFS a lot too, but we want to see more runtime on linux firstBut FreeBSD/ZFS would be a fine choiceHowever: test your workload!File systems behave differently under different workloadsAn EC2 instance comes with a certain amount of “local” storage, which is ephemeral. Any data placed on those devices will not be available after that instance is terminated by the customer, or if the underlying hardware fails which would cause an instance restart to happen on a different server. This characteristic makes instance storage ill-suited for database persistent storage. AWS offers a storage service called Amazon EBS (Elastic Block Storage), which provides persistent block-level storage volumes. Amazon EBS volumes are off-instance storage that persists independently from the life of an instance. Amazon EBS volumes are designed to be highly available and reliable. Amazon EBS volume data is replicated across multiple servers in an Availability Zone (datacenter) to prevent the loss of data from the failure of any single component. For all these reasons, we recommend to use EBS for data files, log files and for the flash recovery area. Using ephemeral storage intelligently can boot performance. This can be used for many kind of temp files and regularly backup static files.For high I/O workloads, an alternative to Provisioned IOPS EBS volumes is to use High I/O instances, which contain SSD drives as internal storage and address the most demanding database workloads. The High I/O Quadruple Extra Large instance can provide up to 120,000 random read IOPS and 85,000 random write IOPS. The High Memory Cluster Eight Extra Large Instance offers 244 GB of memory in addition to 240 GB of local SSD storage. Note however that this SSD storage is internal to the instance and will be lost if the instance is stopped or if the underlying hardware fails. When using this type of storage for databases, you should make sure that you have a solid strategy to avoid loss of data, for example by frequently backing up your data to Amazon S3. In addition to storage performance, High I/O and High Memory Cluster Instances also have very high I/O performance via 10 Gigabit Ethernet, which allows for increased EBS performance.
Without getting into the industry debate about public vs. private cloud it’s clear that most cloud benefits cannot be realized with on-premise virtualization technologies. In the on-premise virtualization model, you often have to buy expensive hardware and software which virtually eliminates the cost benefits of cloud computing. Although on-premise virtualization allows you to quickly provision new servers, your ability to scale up is limited to your physical infrastructure. You still need to buy physical servers to grow. If you want to scale down you won’t see significant cost-savings as you already paid for the hardware. These limitations of the on-premise virtualization model impact your ability to innovate fast and free up money to invest in new projects.
6. IDS : An intrusion detection system (IDS) is a device or software application that monitors network or system activities for malicious activities or policy violations and produces reports to a management station. Some systems may attempt to stop an intrusion attempt but this is neither required nor expected of a monitoring system.7. IPS : Intrusion prevention systems (IPS), also known as intrusion detection and prevention systems (IDPS), are network security appliances that monitor network and/or system activities for malicious activity. The main functions of intrusion prevention systems are to identify malicious activity, log information about this activity, attempt to block/stop it, and report it. Intrusion prevention systems are considered extensions of intrusion detection systems because they both monitor network traffic and/or system activities for malicious activity.A host-based intrusion detection system (HIDS) is an intrusion detection system that monitors and analyzes the internals of a computing system, and in some cases the network packets on its network interfaces (just like an NIDS). A host-based IDS monitors all or parts of the dynamic behavior and the state of a computer system. HIDS was first designed for the mainframe. HIDS uses sensors (agents) located on each host. These host-based agents, which are sometimes referred to as sensors (or agents), would typically be installed on a machine that is deemed to be susceptible to possible attacks. The term “host” refers to an individual computer/virtual host. This means that separate sensor would be needed for every machine/virtual host. Sensors/agents work by collecting data about events taking place on the system being monitored. This data is recorded by operating system in audit trails. Therefore, HIDS is very log intensive.Network-based intrusion detection systems offer a different approach. NIDS collects information from the network itself rather than from each separate host. They operate essentially based on a “wiretapping concept" (network taps). Information is collected from the network traffic stream, as data travels on the network. The intrusion detection system checks for attacks or irregular behavior by inspecting the contents and header information of all the packets moving across the network. The network sensors come equipped with “attack signatures” that are rules on what will constitute an attack, and most network-based systems allow advanced users to define their own signatures. this method is also known as packet sniffing, and allows the sensor to identify hostile traffic.I still don't believe that we are injecting a 0/0 route, but I haven't personally tried setting up a no-BGP tunnel to an ASA, I will try and find one to test and reach out to the VPC team to ask. On the HIPS/HIDS question, the typical FUD is around additional resources being used by the HIPS agent, aka Amazon wants you to run HIPS so you need to run more instances (and pay more $) because the IPS agent will use a bunch of resources. In fact the HIPS solution we recommend, Trend Micro Deep Security, is really lightweight because it only loads the signatures that are required for that instance based on the software and OS that is running plus it has the advantage of being able to stop attacks as well as reducing false positives since the signature set is automatically tuned for that particular instance. This is a huge benefit in my opinion because typical NIDS create a crapton of noise and thus typically no one ever looks the output, resulting in a lower security posture in many cases. Also if they really want NIDS the Alert Logic Threat Manager product is also fairly lightweight, though it does impact network performance, and since few instances are really ever 100% network bound the additional bandwidth has a negligible impact. CISCO ASA and SonicWall dedicated device for AWS VPC. Configure VPN on AWS side it generates an ACL that tunnel is requesting needs to be 0.0.0.0/0 on both device then all traffic on that device will only go to AWS. BGP is available this is not an issue. Only an issue when using ASA (specific routes).Migrate R5 Demo ApplicationWhat is required to be Active/Active : How to use shopping cart session data (DynamoDB), AZ to AZ using ELB, Auto Scaling, Route 53. Database only running in one AZ. How do they manage?· How should specific application design be modified to utilize AWS such as shared data, shopping carts and content delivery (S3) · Requires Application architect resource to provide direction to the THG development team to modify application code to be Active/Active
Without getting into the industry debate about public vs. private cloud it’s clear that most cloud benefits cannot be realized with on-premise virtualization technologies. In the on-premise virtualization model, you often have to buy expensive hardware and software which virtually eliminates the cost benefits of cloud computing. Although on-premise virtualization allows you to quickly provision new servers, your ability to scale up is limited to your physical infrastructure. You still need to buy physical servers to grow. If you want to scale down you won’t see significant cost-savings as you already paid for the hardware. These limitations of the on-premise virtualization model impact your ability to innovate fast and free up money to invest in new projects.
Without getting into the industry debate about public vs. private cloud it’s clear that most cloud benefits cannot be realized with on-premise virtualization technologies. In the on-premise virtualization model, you often have to buy expensive hardware and software which virtually eliminates the cost benefits of cloud computing. Although on-premise virtualization allows you to quickly provision new servers, your ability to scale up is limited to your physical infrastructure. You still need to buy physical servers to grow. If you want to scale down you won’t see significant cost-savings as you already paid for the hardware. These limitations of the on-premise virtualization model impact your ability to innovate fast and free up money to invest in new projects.
Many architecture diagrams have all the latest and greatest services in them along with a fully scalable, available, loosely coupled, fault tolerant, and multi-tier design. In some cases, customers are moving a very basic implementation with 5 to 20 users. This is the case for the architecture shown above. It is an Oracle PeopleSoft implementation with minimal availability and DR requirements. It is a light weight and low cost solution for hosting PeopleSoft on AWS. The things that stand out about the architecture are: 1. No load balancing as there are only 5 concurrent online users. 2. No long term archiving as there are no regularity compliance needs. 3. No auto scaling for application tier as the application server can be recovered manually using the Amazon EC2 instance snapshots. 4. No automatic HA/multi-AZ for database tier as RDS backups can be used to recover the Oracle database. 5. No session recover as there are limited online transactions and the users can resubmit a failed session.PeopleSoft is hosted on an Amazon EC2 Instance. This is an Amazon Elastic Block Storage (EBS) based Amazon EC2 large Instance with 7.5 GB of memory and 4 Amazon EC2 Compute Units. The database is hosted on an Amazon RDS Oracle Instance. This is an Amazon EBS based Amazon RDS large Instance with 7.5 GB of memory and 4 Amazon EC2 Compute Units. Amazon RDS is backed up automatically. The frequency of the backups can be set automatically. A backup snapshot can be take at anytime but I/O will be suspended for a few minutes unless multi-AZ is set for Amazon RDS. Amazon EBS Snapshots will be used for Application Server high availability and potentially disaster recovery. The snapshots can be located in the same region in a different AZ or snapshot to another region for additional protection. AWS spot instances, spare Amazon EC2 instances that you bid on, can be used when there are extreme large batch files to process and load into the database.Example Architectural Patterns (sorted by increasingly optimal RTO/RPO)Backup and RestorePilot LightFully Working Low Capacity StandbyMulti-Site Hot Standby
On the other end of the spectrum from the minimal PeopleSoft configuration is highly available and scalable Oracle E-Business Suite implementation. These implementations can be complex and expensive. There are typically dense peak periods and wild swings in traffic patterns result in low utilization rates of expensive hardware. Amazon Web Services provides the reliable, scalable, secure, and high-performance infrastructure required for Oracle E-Business Suite while enabling an elastic, scale out and scale down infrastructure to match IT costs in real time as customer traffic fluctuate.The database server is a High-Memory Quadruple Extra Large Instance with 68.4 GB of memory and 8 virtual cores,26 EC2 Compute Units. The application server instances are also high memory as a minimum of 6 GB of memory is recommended for Oracle E-Business Suite. We will use the High-CPU extra large instances which have 7 GB of memory and 8 virtual cores. The HTTP Servers can be High-CPU Medium instances with 1.7 GB of memory and 2 virtual cores. The user's DNS requests are served by Amazon Route 53, a highly available Domain Name System (DNS) service. Network traffic is routed to infrastructure running in Amazon Web Services. The HTTP requests are first handled by the Elastic Load Balancing, which automatically distributes incoming application traffic across multiple Amazon EC2 instances across AZs. It enables even greater fault tolerance in your applications, seamlessly providing the amount of load balancing capacity needed in response to incoming application traffic. The Oracle Web, application and database servers are deployed on Amazon EC2 instances. This will be a custom AMIusing Oracle Enterprise Linux 5.3 and Oracle E-Business Suite 12.1.3. Amazon Spot Instances or Auto Scaling can be used to support batch processing.Web and application servers are deployed in an Auto Scaling group. Auto Scaling automatically adjusts your capacity according to conditions you define. This ensures that the number of Amazon EC2 instances increases seamlessly during demand spikes. Oracle database backups and the batch flat files for integration with the corporate data center are stored on Amazon S3.The storage volumes for the Applications Servers will be standard Amazon EBS volumes.The Oracle database storage volumes will be Amazon EBS PIOPS volumes. These provide up to 1000 IOPS per volume. These will be stripped using Oracle ASM. Spot instances can be used to handle large batch loads.
This hybrid architecture applies to all the use cases except the Amazon Glacier use case. The Oracle Database could run in an AWS Direct Connect facility. AWS Direct Connect facility are essentially a colocation allowing for low latency, high bandwidth connections directly into the AWS Datacenters. These facilities are located in close proximity to the AWS data centers and offer 1Gbps to 10 Gbps to the AWS data centers. For this Oracle configuration that is utilizing a Direct Connect facility, the web and application servers running Oracle WebLogic, or this could be any another application such as Tomcat, IBM Websphere, Microsoft IIS will run in the AWS cloud. The architecture can include all the AWS services we used in the previous use cases such as Route 53, Elastic Load Balancing, Auto Scaling, EBS, and others. The Oracle Real Application Cluster (RAC) is running in the Data Connect facility connected over a 1 Gbps or 10 Gbps dedicated link to the AWS data center. Oracle RAC is not supported inside of AWS so this is an excellent use case for running a hybrid architecture. Datapipe is one Direct Connect partner that offers RAC-as-a-service with usage based pricing for Oracle RAC. In addition to hosting Oracle RAC other AWS partners, like NetApp, offer hardware and software solutions in a Direct Connect facility.
Store target file(s) on a file share.Configure policies on target S3 bucketsEncrypt / Compress data sets on premiseTransfer files via regular file transfer (S3, SFTP, SCP, FTP, Custom UDP etc) – Increase transfer rate using third-party solutions (Aspera, Attunity)Retrieve encrypted file from S3 using the same optionsTest Integrity / Security / Operations / PerformanceAdd parallelization for performance optimizationConfigure on premise NetBackup (or CA, CommVault, Riverbed Whitewater etc. there are many options) to use S3Backup and Restore directly from host agentBackup agent communicates with cloud (S3) over Internet linksUse NetBackup Encryption, Compression, DeDupe, Backup Management toolsCheck Security / Integrity / Functionality / Performance / Operations / Speed Integrates on-prem IT environments with Cloud storage for remote office backup and DRUtilizes a virtual appliance that sits in customer datacenterExposes compatible iSCSI interface on front endProvides low-latency on-prem performanceAsynchronously uploads data to AWS where it is stored in Amazon S3 as Amazon EBS snapshotsPoint-in-Time snapshots accessible locally and from Amazon EBSEncryption via SSL and Amazon S3 Server Side EncryptionSnapshot schedulingWAN compressionSupported in all public RegionsBandwidth Throttling
Speaker Notes:[Type your notes here]
Carters migrated an on-premise Powerbuilder Oracle DB application to Oracle APEX and Database on EC2. This project is documented as a chapter in the book Migrating to the Cloud.KPIT Cummins runs an Oracle Ebusiness Suite 12.1.3 environment on EC2 running the Oracle Virtual Machine (OVM). The customer real likes the easy of use that the AWS web management console provides in what they call ‘infrastructure at a click’.Advanced Innovations hosts Oracle eBusiness Suite R12 on EC2 running Oracle Enterprise Linux 5.4. They also run a number of Oracle products including Oracle DataGuard, RMAN, Oracle Secure Backup Cloud Module,Oracle Fusion / SOA Middleware 11g,Oracle Beehive 2.0.1,Oracle IDM / SSO,Oracle Web Center ,Oracle Business Intelligence EE 11g, and Oracle Grid Control 11g.Sage Manufacturing moved an on premise development, test, DR, and production E-Business Suite environment to Amazon EC2 using the AWS SI partner Blue Gecko.Oracle will most likely captureHigh end enterprise market : top 10% or lessAll Oracle shopsISVs that are Oracle centric : Oracle public cloud targeted at ISVs AWS will capture : The rest … 90 % or moreProduction DaaSSmall to mid-size Oracle application environments Heterogeneous ISVs and customersOracle is showing keen interest in partnering with AWSEM 12c plug in : http://www.oracle.com/technetwork/oem/grid-control/downloads/oem-aws-plugin-1852739.html
VSC Technologies is a subsidiary of the French National Railway Corporation (SNCF).To move the architecture to AWS, theycreated their own 64-bit Amazon Machine Image (AMI) running Oracle Database 11g Enterprise Edition using Oracle Automated Storage Management (ASM) on top of Amazon Elastic Block Store (EBS). They also used the Oracle Data Integrator to retrieve data from the mainframe.Capgemini in Latin America moved development, test, and production Oracle E-Business Suite workloads to AWS.PBS hosts a MySQL and Oracle Database backed internet streaming website on Amazon EC2.In a success story outside of corporate and typical enterprise customers, the European Space Agency used on Oracle Database on Amazon EC2 to scan astrometric data in attempt to discover life beyond our solar system.
1. Amazon.com uses OSB to backup to backup retail databases to AWS. The Client Experience group uses Amazon RDS for customer simulations.2. The latest Oracle public success story, involves another Oracle E-Business Suite implementation. This one with pasta machine maker Imperia.3. McGraw Hill work was done by Wipro and his a highly elastic, scalable environment. The story of what they have done is good. You can watch the presentation at http://www.youtube.com/watch?&v=R1AjAKz73M8 and the section starts at 43:00 minutes in.4. Smarter Agent by smartShift : HIGHLIGHTS Customer Smarter Agent hosts a platform for mobile applications in real estate industry. Project Forklifting Oracle DB and app to the cloud Key outcomes Consistently seeing the average IO response times of less than 1 ms Total outage time for the migration < 2 hours Core Oracle DB is stable and performs well under the load Products / Services used Cloud migration strategy Oracle DB + app transformation 24X7 cloud management and monitoring
The Module ObjectivesBy the end of this training you will be able to do the following:Identify the Oracle and AWS alliance timeline. Describe how to identify opportunities that can be solved by AWS products and services and what other customers have done before. Verify some common best practices using Oracle and AWS product and services. Describe the support and licensing polices and other online resources.
The Module ObjectivesBy the end of this training you will be able to do the following:Identify the Oracle and AWS alliance timeline. Describe how to identify opportunities that can be solved by AWS products and services and what other customers have done before. Verify some common best practices using Oracle and AWS product and services. Describe the support and licensing polices and other online resources.
The Module ObjectivesBy the end of this training you will be able to do the following:Identify the Oracle and AWS alliance timeline. Describe how to identify opportunities that can be solved by AWS products and services and what other customers have done before. Verify some common best practices using Oracle and AWS product and services. Describe the support and licensing polices and other online resources.
These are six key concepts when it comes to using Oracle on AWS. Amazon S3: Plays a key role in disaster recover and high availability of Oracle databases and application servers. Amazon S3 can be used even if the production environment is running on premise. Amazon Virtual Private Cloud (VPC): Amazon VPC is used to create a virtual network for each AWS customers. It isoften times used to extend the data center in to the cloud in a secure manner.Virtual Private Network (VPN) Tunnel: VPC does not imply the use of a VPN IPSec tunnel. However, most Oracle customers run VPN when using Amazon VPC. AWSDirect Connect: Can be used to provide dedicated connection from the enterprise to AWS, as well as hosting of Oracle Real Application Cluster (RAC).