From the CEO’s Desk: What do the re:Invent 2017 releases mean to your DevOps?
“What happens in Vegas stays in Vegas” is one of the most famous taglines used in modern times to brand or market a city especially from the tourism perspective. Luckily though this doesn’t hold true when it comes to AWS re:Invent as whatever happens in Vegas in these 5 days changes the whole cloud and related services market and this year was no exception. Hundreds of technology sessions, partner expos and product launches, after-hours events, parties, and networking events (which is my personal favorite) make AWS re:Invent a place to be for every cloud enthusiast and professional. Apart from the numerous product and service launches from the partners, according to the AWS’ product announcement page, several new products and services that can be categorized in 15 different areas were released in this year’s re:Invent by AWS. It will be a Sisyphean task to even list them all in one blog, forget about explaining them and their features. So, I will try to throw light on only selected few of those, which I think will surely have a bigger impact in terms of DevOps, containers, and cloud space.
A machine learning tool, which will analyze all the data, trends, patterns, anomalies, logs from AWS components, EC2 instances, and your virtual private cloud, domain, DNS logs, event logs to inform you if your AWS account is in danger from malicious attacks or unauthorized accesses. Not only that, but it will also inform you recommended corrective actions which you can take based on the threats, which are categorized into three levels (low, medium, and high). It also provides you an option to customize by adding threats and trusted IPs list. You can feed the GuardDuty findings to different event management and workflow systems.
GuardDuty will certainly improve your AWS infrastructure security and help your operations guys monitor various processes that will reduce efforts of DevOps team. And the good news is you can try this for 30 days without paying a dime.
EKS and Fargate
Most of us run Kubernetes clusters on AWS and we all know the efforts we have to put in to install and configure master and workers, their communication, load balancing, upgrades and not to mention the compulsion to have a particular number of masters for high availability and to protect ourselves from single point failure. Well, Amazon has planned to extricate us from all these efforts with EKS. Amazon Elastic Container Service for Kubernetes (EKS) is a fully managed service that will allow the use of Kubernetes on the AWS. In short, you can migrate all your K8s application with zero code change to AWS. Also, EKS will take care of monitoring, detecting and replacing unhealthy masters, upgrading and patching them.
In addition to EKS, and to add to your container’s compute power, AWS released Fargate. In real crux, AWS Fargate is like EC2 for containers. Fargate takes care of all the manage functions for your containers. You just need to provide a container image, select an orchestrator, define the application requirements and launch the container. Once you are done with this, Fargate will manage the containers for you and of course scale your containers too. Plus, you can integrate it with EKS and ECS. Currently, it is available for ECS but for EKS you will have to wait till 2018.
If you are a developer and are looking for an Integrated Development Environment (IDE) which will allow collaborative editing, and which can be integrated with AWS ecosystem then AWS has the exact thing for you. It is called Cloud9. Cloud9 was actually a different entity which AWS acquired in July 2016. In addition to write, run, and debug Cloud9, being a cloud-based IDE, will allow you to share your development environment with your peers, and you can track the progress in real-time. This will allow you and teams related to better coordinate and optimize the interdependent processes for better time and resource utilization and improve performance and productivity. Its integration capabilities with other AWS ecosystem components, especially AWS CodeStar, allow you to set up an end-to-end continuous delivery toolchain for your application. If you are using an EC2 instance, then there is more good news for you. It will be free for EC2 users, you just need to pay for the compute and storage resources. It will be interesting to see how it stands against Microsoft’s Visual Studio, which can be integrated with third-party services.
Now, that I have talked about container solutions for your applications and integrated development environments from AWS, I think it will be good to sum it up with a management tool. Systems manager is, as the name suggests, a tool that will allow you to have a look at all the operational data from all the AWS services and help you automate tasks across the AWS resources that you are using. With Systems Manager, you can see the recent API activity, configuration changes, alerts and notifications, inventory status, etc., everything in one place. It will help you detect your operational flaws in time and finetune the overall operations to maximize the productivity. This involves three simple steps:
- Resource grouping, which involves finding tagged AWS resources, group them and view group specific insights
- Insights gathering, which allows you to integrate all your existing AWS dashboards and insight indicators along with their inherent warnings and information at one place
- Acting on the insights
It is impossible to talk about the five-day event, all the happenings, the announcements, and releases in a blog. The above-mentioned services were the ones, which I think will certainly benefit DevOps and automation aficionados to leverage AWS ecosystem in a much more productive way than before – architecting container infrastructure, securing the infrastructure, enhancing storage and at the same time help your operations guys to monitor and manage the environment.