2. Overview
Jisc – a
Cloud first
organisation
How we apply the
advantages of Cloud
to remain agile
Liberate and
AMF Cloud
architecture
walkthrough
A technical overview of
how Cloud underpins
Liberate and AMF
Jisc Cloud
Services
A look at Jisc Cloud
Services: how we are
helping members to move
to the Cloud
3. Often asked for examples of organisations who have moved
to the Cloud.
Eureka moment: “Yes!, Jisc are a cloud first organisation”
For me a case of not seeing the wood for the trees.
A priority for Jisc is responding to member needs rapidly;
developing services and solutions through applying agile and
iterative processes.
The application of Cloud as an enabling technology enables
Jisc to leverage the benefits of hyperscale computing; SaaS
and PaaS to underpin a wide range of services.
4. Cloud services we use as enablers
> Office 365
> Salesforce
> Eventsforce
> Remedyforce (internal and external
facing service desks)
> Microsoft Teams
> Power BI
> Data Warehouse (Amazon Redshift)
> HR System
> SharePoint apps
> Finance system
> Moving to a soft phone system
> Agile working hot desking software
> Risk Management software
> PM/Agile tools: Pivotal Tracker, Trello, JIRAetc
> Dev ops tools: Jenkins, Git, Docker etc
6. >Overview of how Cloud underpins Liberate and AMF
>Example of how Jisc are agnostic in approach using both
AWS and Azure; leveraging their respective advantages
Acknowledgment:
Liberate and AMF Cloud solution design, architecture and
implementation; and the following technical information
courtesy of:
Dr Rhys Smith
Chief technical architect, trust and identity @Jisc
Liberate and AMF technical walk through
7. >Web-based federated identity and SSO
>Uses SAML
>1,130 members; 5,023 entities
>Connected globally via eduGAIN –
worldwide inter-federation with around 40 countries
UK Federation
8. >Jisc’s new Cloud Managed Services platform for
identity and access management
We run an organisation’s:
>UK federation (SAML) IdP
>eduroam home and visitor
>govroam home and visitor
>Assent IdP/SP
>Web proxy
Liberate
9. >AMF and Liberate use two major cloud providers for public
facing services
>Resilient, elastic, scalable; auto backup and archiving
and a global distributed architecture
>UK federation metadata signing uses a Hybrid model running
security critical services in our own secure data centres
Applying Cloud
12. UK federation – Designing for High Availability
Azure Traffic Manager
(Priority Routing)
Azure Load Balancer
RHEL 7
VM
RHEL 7
VM
North Europe Region West Europe Region
Azure Load Balancer
RHEL 7
VM
RHEL 7
VM
13.
14.
15. Liberate
> Requirements:
> Multiple backend systems
– Custom orchestration infrastructure
– Configuration Database
– Statistics Database
> Multiple Public facing systems
– One per service per organization
– Potentially hundreds of
(t2.micro)VMs
> Backend:
> All services running on RHEL 7 VMs
in one AWS DC
> Databases are PostgreSQL and
Aurora RDS instances
> Frontend:
> Managed services run on Debian
VMs, controlled by our custom
orchestration platform, interacts
with AWS APIs
16.
17.
18.
19. Jisc Cloud services
How do I take
advantage of
the Cloud?
Hi! We are
here and
ready to help!
+ =
Great!
22. Jisc Cloud Services
Advice and guidance to
our members
Jisc consultants and subject
specialists & partner led
consultancy.
Cloud strategy formulation.
Cloud readiness assessments.
Cloud security and GDPR.
Cloud procurement advice.
Cloud implementation services.
Sector insights: facilitating
inter-member Cloud strategy
knowledge sharing and
collaboration.
Extensive partner eco-system
Cloud platforms.
Shared Data Centres.
Chosen for focus on Research and
Education.
Frameworks; for direct selection, or
mini completion.
Highly expert supporting cloud
services and technologies.
Managed services and professional
services.
IaaS, PaaS, SaaS: heterogenous
platform support. Many supporting
no egress charges for data.
World class cloud connectivity
Highspeed peering to global and
UK cloud providers; highspeed
peering with Google, Microsoft and
Amazon.
Microsoft Azure Express Route
circuits: for dedicated Layer 2
private connections to Azure Cloud.
GÉANT IaaS framework.
Discounts available via GÉANT for
cloud services and network egress
charges.
Cloud partners available via G-
Cloud framework for fast track
procurement.
A strong voice for
our members
Strong working relationships with
the major cloud providers; high
level contact with senior education
and cloud leadership teams within
Azure, AWS & Google.
Advising how they can bring their
cloud service offering to
focus around the needs of the
community.
Providing feedback with our voice
of a trusted advisor for our
community.
Ensuring an agnostic and
balanced relationship to all
providers.
.
Advice,
Consultancy
and
Professional
Services
Partners
and
Platforms
Connectivity
and
Frameworks
Hyperscale
and
Public Cloud