AWS Outposts: A Practical Guide

What is AWS Outposts?

AWS Outposts is a hybrid IT service that lets you run AWS services locally in your organization. It connects to AWS management systems, provides the same APIs, and works in the same way as Amazon services running in the cloud, but lets you build and run applications locally using local compute and storage resources.

Outposts are hardware devices that provide a limited amount of AWS compute and storage capacity, deployed locally in your data center. The Amazon Outpost device is considered part of an Amazon Region – AWS manages and monitors on-premise capacity just like it does its cloud-based infrastructure. Outposts servers are deployed as 42U racks, as shown in the image below.

Outposts rack

Source : AWS
When you deploy an Outpost and create resources like Elastic Compute Cloud (EC2) instances, Elastic Block Storage (EBS) volumes, and Relational Database Service (RDS) instances, you can connect these resources to a local subnet. All instances in the Outpost subnet use private IP addresses in the same virtual private cloud (VPC). From within this secure environment, they can communicate with other resources in the AWS Region.

In this article, you will learn:

How Does AWS Outposts Work?

Ordering and Utilizing Outpost Capacity

rganizations can order Outposts configurations with a combination of compute and storage capacity that suits their needs. This is done through the AWS Console (see our tutorial below). Each configuration includes pre-validated SKUs that offer a combination of Amazon EC2 and Amazon Elastic Block Store (EBS) volumes, built-in networking.

After you make an order, within a few weeks an AWS representative physically delivers the hardware to the site, connects it to power, and establishes a network connection to the AWS Region and local network (see more details about networking below). The equipment used to configure AWS Outposts is fully managed, monitored, and operated by AWS, just like the equipment in AWS data centers.

Once the Outposts device is locally installed, you can launch EC2 instances locally – using standard AWS APIs or the AWS Console. Development teams can use native AWS services to build and run applications, leveraging local resources running on the Outpost device, or remotely on connected AWS Regions.

A major advantage of Outposts is the ability to manage resources on premises and in the public cloud in a uniform way. Both cloud sites and local sites supporting outposts use the same Intel Xeon technology and the same EC2 instance types to support seamless migration from on-premises to cloud resources.

Outpost Network Connectivity

AWS Outposts must be able to connect to the local network in order to serve local workloads. At the same time, it must maintain a constant connection to an AWS Region. To enable this, the local network must provide Wide Area Network (WAN) access to the Amazon Region and the Internet.

Amazon can extend Amazon VPCs from AWS Regions to Outposts, using the same VPC components such as Internet Gateways, Amazon VPC Transit Gateways, Virtual Private Gateways, and VPC Endpoints. An Outpost belongs to a specific Availability Zone (AZ) in its Region, and you can use resources in the AZ to improve resilience.

How Outposts connects to the local network
The following components are used to connect the outpost to the local network:

  • Physical connection from the Outpost patch panel to local network equipment.
  • Two Link Aggregation Group (LAG) connections from Outpost network equipment to local network equipment.
  • Virtual LAN (VLAN) connection between the outpost and the local network equipment.
  • Layer 3 connectivity for each VLAN.

The Border Gateway Protocol (BGP) is used to advertise routes between Outposts and local service links (your dedicated connection to the Amazon data center), and between Outposts and the local network, via a local gateway.

How Outposts connects to AWS Regions
When an AWS Outposts device is deployed, Amazon establishes a service link connection to the AWS Region you select. A service link is a set of encrypted VPN connections that are used whenever an Outpost communicates with an Amazon Region.

Outposts provides a private connectivity option—if you enable this option, the service link will establish VPN connections using your existing VPC and subnets.

Once the service link is established, the Outpost is used and managed by AWS. The service link is used for management commands, as well as traffic between the Outpost and the VPCs in which it manages resources.

Outpost service links support a maximum transmission unit (MTU) of 1300 bytes. To improve connection speeds, it is recommended to use AWS Direct Connect, or ensure you have at least a dual 1 Gbps Internet connection.

Related content: read our guide to hybrid cloud architecture

How Do You Order a New Outpost from Amazon?

To order a new Outpost device for deployment in your local data center, you need to create an Outpost and specify the required capacity in the AWS Console:

  1. Open the AWS Console and navigate to Outposts.
  2. Click Place order, and select the required capacity configuration for your Outpost. This specifies the number and type of EC2 instances you can run on the Outpost and the EBS Storage Volumes capacity. You can also request a custom configuration for the Outpost.
  3. Click Next, select a payment method, click Next again and select Create new Outpost.
  4. Type a name and description for your Outpost, and select the Amazon Availability Zone which will be the home AZ for the Outpost.
  5. If you want to use private connectivity, select a VPC and subnet within the same AWS account as the one you used to create the Outpost.
  6. In the Site section, select Create New Site, click Next, and enter information for your site—the physical location where the Outpost will be installed.
  7. In the Review and order section, ensure your order is correct, and click Place order.

At this point, an Amazon representative will get in touch with you, confirm details of the order, and schedule a time for technicians to arrive at your physical location and install the Amazon Outposts device.

AWS Outposts Q&A

Why Would I Use AWS Outposts Instead of Operating in an AWS Region?

AWS Outposts can help support applications with local data processing requirements and low latency. For example, you can use Outposts for workloads running on factory floors, real-time medical imaging or patient diagnosis, as well as media and content streaming.

Outposts can help you to securely process and store on-premises customer data or data located in countries outside the range of AWS regions. Outposts can also be more cost-effective, letting you use on-premises and cloud resources together.

Can I Use Outposts When it is Not Connected to the AWS Region?

Outposts rely on connectivity to AWS Regions. They are not suitable for environments with no Internet connection or limited connectivity. To use Outposts, Amazon recommends you have a highly available network connection to the AWS Region.

To use Amazon services in environments disconnected from the public Internet, you can use services like Snowball Edge, which operate independently without connectivity to Amazon data centers.

Can I Reuse my Existing Servers in an Outpost?

You cannot reuse your existing servers in an outpost. This is because Outposts uses AWS infrastructure design, which is supported only on hardware designed by AWS. This hardware is optimized by AWS for high performance, reliable operations, and security.

Mega Scale Storage for AWS Outposts with Cloudian

Cloudian® HyperStore® is a massive-capacity object storage device that is fully compatible with Amazon S3. It can store up to 1.5 Petabytes in a 4U Chassis device, allowing you to store up to 18 Petabytes in a single data center rack. HyperStore comes with fully redundant power and cooling, and performance features including 1.92TB SSD drives for metadata, and 10Gb Ethernet ports for fast data transfer.
cloudian object storage appliance

HyperStore is an object storage solution you can plug in and start using with no complex deployment. It also offers advanced data protection features, supporting use cases like compliance, healthcare data storage, disaster recovery, ransomware protection and data lifecycle management.

Learn more about Cloudian® HyperStore®.