EPAM Cloud Problem Resolution Consulting

Similar documents
Amazon AWS-Solutions-Architect-Professional Exam

Orchestrator ver

Orchestrator ver

Amazon Web Services. Block 402, 4 th Floor, Saptagiri Towers, Above Pantaloons, Begumpet Main Road, Hyderabad Telangana India

Overview. AWS networking services including: VPC Extend your network into a virtual private cloud. EIP Elastic IP

Certificate Certificate number:

Cloud Computing /AWS Course Content

Certificate. Certificate number: Certified by EY CertifyPoint since: November 20, 2015

Resizing your AWS VPC NAT Instance to a Lower Cost Instance Type

Reaping the Benefits of Managed Services

ANNEX A.1 TECHNICAL SPECIFICATIONS OPEN CALL FOR TENDERS

Orchestrator ver

SAA-C01. AWS Solutions Architect Associate. Exam Summary Syllabus Questions

Amazon Web Services Training. Training Topics:

Asset Bank - Shared Hosting. Service Description

Certificate. Certificate number: Certified by EY CertifyPoint since: February 28, 2017

At Course Completion Prepares you as per certification requirements for AWS Developer Associate.

AWS Solutions Architect Associate (SAA-C01) Sample Exam Questions

E-Seminar. Voice over IP. Internet Technical Solution Seminar

Introduction to Cloud Computing

Cloud & AWS Essentials Agenda. Introduction What is the cloud? DevOps approach Basic AWS overview. VPC EC2 and EBS S3 RDS.

Amazon Web Services (AWS) Solutions Architect Intermediate Level Course Content

Accelerating the HCLS Industry Through Cloud Computing

AUTOMATE THE DEPLOYMENT OF SECURE DEVELOPER VPCs

LINUX, WINDOWS(MCSE),

Amazon Web Services (AWS) Training Course Content

LB Cache Quick Start Guide v1.0

Getting Started with AWS Security

1 The intersection of IAM and the cloud

FUTURE-PROOF IT VNET ABC Emil Šadek

AWS Solution Architect Associate

KillTest *KIJGT 3WCNKV[ $GVVGT 5GTXKEG Q&A NZZV ]]] QORRZKYZ IUS =K ULLKX LXKK [VJGZK YKX\OIK LUX UTK _KGX

How to Configure a Site-To-Site IPsec VPN to the Amazon AWS VPN Gateway

Magento Commerce Architecture and Security Model Last updated: Aug 2017

PrepAwayExam. High-efficient Exam Materials are the best high pass-rate Exam Dumps

WHITE PAPER. Decoupling Hardware from Software in the Next Generation of Connected Vehicles AUTOMOTIVE CONNECTIVITY

Creating Your Virtual Data Center

AWS Administration. Suggested Pre-requisites Basic IT Knowledge

AWS Solution Architect (AWS SA)

Evolve Your Security Operations Strategy To Account For Cloud

About Intellipaat. About the Course. Why Take This Course?

Creating your Virtual Data Centre

Benefits of Extending your Datacenters with Amazon Web Services

CS / Cloud Computing. Recitation 9 October 22 nd and 25 th, 2013

unisys Unisys Stealth(cloud) for Amazon Web Services Deployment Guide Release 2.0 May

Cisco Cloud Services Router 1000V and Amazon Web Services CASE STUDY

EBOOK: VMware Cloud on AWS: Optimized for the Next-Generation Hybrid Cloud

How to Configure Route 53 for F-Series Firewalls in AWS

Cloud Computing Patterns & Best Practices. Ezhil Arasan Babaraj Director of R&D Labs CSS Corp, India

AWS SysOps Administrator Certification BootCamp Level 3 Associate: SOA-C00

SECURITY ON AWS 8/3/17. AWS Security Standards MORE. By Max Ellsberry

Hosting DesktopNow in Amazon Web Services. Ivanti DesktopNow powered by AppSense

25 Best Practice Tips for architecting Amazon VPC

VMware Cloud on AWS. A Closer Look. Frank Denneman Senior Staff Architect Cloud Platform BU

Minfy MS Workloads Use Case

How the Cloud is Enabling the Disruption of the Construction Industry. AWS Case Study Construction Industry. Abstract

Cisco SP Base Service

AWS VPC Cloud Environment Setup

Disclaimer This presentation may contain product features that are currently under development. This overview of new technology represents no commitme

Mid-Market Data Center Purchasing Drivers, Priorities and Barriers

Backtesting in the Cloud

Cloud-based architectures help Discovery Networks International plan for growth and changing business needs

Amazon ElastiCache 8/1/17. Why Amazon ElastiCache is important? Introduction:

Configuring AWS for Zerto Virtual Replication

Transform your network and your customer experience. Introducing SD-WAN Concierge

COMPTIA CLO-001 EXAM QUESTIONS & ANSWERS

Security Camp 2016 Cloud Security. August 18, 2016

City of Carlsbad Web Mapping in the Amazon Cloud. Karl von Schlieder, GIS Manager June Acosta, GIS Administrator October 9, 2013

EMC should be your partner of choice for Transforming Your IT Organization. We are the largest information-focused consultancy in the world.

AWS Integration Guide. Full documentation available at

NGF0502 AWS Student Slides

High School Technology Services myhsts.org Certification Courses

On a continuous mission for sustaining companies in order to exploit the benefits of IT technology

Amazon. Exam Questions AWS-Certified-Solutions-Architect- Professional. AWS-Certified-Solutions-Architect-Professional.

ActiveNET. #202, Manjeera Plaza, Opp: Aditya Park Inn, Ameerpetet HYD

Network and Security Administrator 2018

Introduction to cloud computing

Transform your network and your customer experience. Introducing SD-WAN Concierge

San Jose Water Company Expedites New Feature Delivery with DevOps Help from ClearScale on AWS

10 Cloud Myths Demystified

Coca-Cola Migration Case Study

Disclaimer This presentation may contain product features that are currently under development. This overview of new technology represents no commitme

AWS Course Syllabus. Linux Fundamentals. Installation and Initialization:

CLOUD AND AWS TECHNICAL ESSENTIALS PLUS

WAF on AWS Deployment Kit. On Demand. Configuration Guide

DESCRIPTION OF AUDITING STANDARDS

Infradata Corporate Presentation. February 2017

MyCloud Computing Business computing in the cloud, ready to go in minutes

Top 30 AWS VPC Interview Questions and Answers Pdf

VoIP for the Small Business

CLOUD COMPUTING. A public cloud sells services to anyone on the Internet. The cloud infrastructure is made available to

Look Who s Hiring! AWS Solution Architect AWS Cloud TAM

Transit Network VPC. AWS Reference Deployment Guide. Last updated: May 10, Aviatrix Systems, Inc. 411 High Street Palo Alto, CA USA

F5 BIG-IQ Centralized Management and Amazon Web Services: Setup. Version 5.4

Getting Started with Amazon Web Services

Configuring Aviatrix Encryption

Whitepaper CLOUDSCAPE SWEDEN. Pim Bilderbeek Partner and Principal Analyst

CIT 668: System Architecture. Amazon Web Services

Configuring VPC Peering For AWS

25 Best Practice Tips for architecting Amazon VPC. 25 Best Practice Tips for architecting Amazon VPC. Harish Ganesan- CTO- 8KMiles

Transcription:

EPAM Cloud Problem Resolution Consulting 1 EPAM SYSTEMS, INC. May 2013

Abstract Most of new and existing customers of EPAM Cloud Computing Competency Center eventually face problems they cannot resolve on their own. This is when we receive requests to review their infrastructure and solve issues related to cloud computing and cloud services. This case study has been drawn up based on actual project experience. It addresses our cooperation with a big European customer who uses Amazon Web Services (AWS) as a hosing for their infrastructure. The project lasted for one week and has been successfully completed. 2 EPAM SYSTEMS, INC.

Request Receiving Initially we received a request to review infrastructure and suggest possible solutions for issues experienced by the customer at that time. The request itself consisted of two parts: infrastructure plan problems description The challenge faced by this project has been amplified as the technical person responsible for all hardware and cloud part configuration had left the company and there was no one able to perform any changes to the infrastructure. The customer s technical staff did not include cloud experts. The project infrastructure consisted of two parts: Data Center (DC) with dedicated hardware servers AWS Virtual Private Cloud (VPC) with running virtual instances DC and AWS facilities are connected by a VPN handled by a Cisco ASA device from the DC side and a single m1.small instance from the AWS side. The VPN connection is sometimes unstable, inciting the customer to perform a refactoring of this solution. The application that hosted under AWS is located in a combination of private and public VPC subnets and uses internal and external Elastic Load Balancers (ELBs). One of the major issues with the ELBs is their IP addresses can be changed anytime. An ELB instance can be scaled up or down, depending on request rate or traffic load. The customer uses CNAME DNS records to assign a domain name to ELB. This is why when an ELB s IP changes, subdomain experience propagation and resources become unavailable. 3 EPAM SYSTEMS, INC.

Request Review Having received a request, we performed its initial review and prepared a list of questions to be sent to the customer s technical team regarding the infrastructure and related issues. Our team went through every part of project and found different ways to solving the issues that customer faced. After consideration of the possible solutions we decided to establish a call with customer s technical team to clarify some points and to provide them with suggestions regarding the infrastructure improvements. 4 EPAM SYSTEMS, INC.

Meeting with Customer s Team Meeting the customer s team usually takes form of a call including experts, managers and technical people, who consider and decide to go on with specific solutions. On our first meeting with the technical team from the customer side we provided them an exhaustive explanation of service workflows and suggested to perform changes to the infrastructure. The VPN issue could be solved using default VPC tools of Customer Gateway and Virtual Private Gateway. This method allowed connecting the customer s hardware gateway to a VPC network with IPSec VPN. It would be monitored and maintained by AWS. Besides the ease of configuration and maintenance it also had a financial advantage. This solution was twice cheaper than what they had at the moment. The ELB IP change issue has a solution of using Amazon Route53 DNS service. It has complete integration with ELB and when a subdomain is pointed to ELB as A record with Alias, ELB IP change does not influence on availability of a resource. DNS propagation is minimal. After this explanations customer s team decided to consider this solutions and asked us to go deeper into the infrastructure and find points to 5 EPAM SYSTEMS, INC.

Deep Analysis After receiving a request to analyze the AWS infrastructure closer, we started from the following points: security financial efficiency cloud services optimization From the security point of view, the project had a significant breach. In order to log in to the AWS console all project members used root credentials. This account has full control over all services, financial and reporting settings. Root account security breach could be fixed by using AWS Identity and Access Management (IAM). This service provides personal user accounts with complete integration to various services. Users could be divided to groups and assigned with different access policies. In order to work in a big team of developers and operationsб IAM is a must-have security application. When we were reviewing the infrastructure, we noticed that it contained more than 50 servers running 24/7. However, the customer did not reserve any of these instances. In this case reserving instances could save up to 65% of expenses for compute resources. Virtual machines that run 24/7 have to be covered by Heavy Utilization Reservation that has the biggest upfront fee, but the lowest price of per-hour instance work. 6 EPAM SYSTEMS, INC.

Final Overview After a week of cooperating with the customer s technical team we achieved the following results: Issues experienced by the application have been solved with no downtime. Infrastructure security situation has been reviewed and dramatically improved by means of AWS Identity and Access Management. As a consequence of this successful cooperation, the customer decided to continue their contract with EPAM for a long term. One of EPAM Cloud Computing Competency Center experts became a permanent AWS consultant on this project. After reserving EC2 instances, the customer saved more than 40% of monthly costs for compute resources. 7 EPAM SYSTEMS, INC.

Established in 1993, EPAM Systems (NYSE: EPAM) provides complex software engineering solutions through its award-winning Central and Eastern European service delivery platform. Headquartered in the United States, EPAM employs approximately 8,900 IT professionals and serves clients worldwide from its locations in the United States, Canada, UK, Switzerland, Germany, Sweden, Belarus, Hungary, Russia, Ukraine, Kazakhstan, and Poland. EPAM is ranked #6 on the 2013 Forbes America s 25 Fastest-Growing Tech Companies list and is recognized among the leaders in software product development services by Forrester and Zinnov analysts. The company is also included in the top 30 in IAOP s The 2013 Global Outsourcing 100 list. For more information, please visit www.epam.com Global 41 University Drive Suite 202, Newtown (PA), 18940, USA Phone: +1-267-759-9000 Fax: +1-267-759-8989 EU Corvin Offices I. Futó street 47-53 Budapest, H-1082, Hungary Phone: +36-1-327-7400 Fax: +36-1-577-2384 CIS 9th Radialnaya Street, bldg. 2 Moscow, 115404, Russia Phone: +7-495-730-6360 Fax: +7-495-730-6361 8 1993-2013 EPAM SYSTEMS, EPAM Systems. INC. All Rights Reserved.

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback