WoodITWork.com

Another session on managing serverless and the new architectural patterns required to make it a success. The idea of to create reusable serverless patterns with an continual eye on reducing costs.

The venue was spectacular, in the Venetian Theatre which is magnificent. Shows the importance AWS is placing on serverless where most of the other sessions are in smaller rooms at the Aria.

Drew and Maitreya went through a number of patterns, giving operational and security best practices.

This was a fly by the seat of your pants session, so many AWS services were talked about, you needed an AWS dictionary to know what some are. If you are an infrastructure person who manages an OS, this was a very busy but insightful look at what is possible.

Serverless Foundations

For running your apps you can do it yourself with EC2 and even Docker, have managed services like EMR, ES, RDS etc. and then there’s services with no OS which is how they’re defining serverless, so that’s things like API Gateway, Kinesis Streams & Analytics, DynamoDB, S3, Step Functions, Config, X-Ray and Athena.

They reiterated the “never paying for idle” line and its all built for HA and DR.

You need to be aware of cold start, instantiate AWS client and database client outside the scope of the handler to take advantage of container re-use. Schedule with CloudWatch Events for pre-warming. ENUs for VPC support are attached during cold start

Lambda Best Practices

• Minimise package size to necessities
• Separate Lambda handler from core logic,
• Use environment variables to modify operational behaviours.
• Self-contain dependencies in your function package.
• Leverage “Max Memory Used” to right size your functions.
• Delete large unused functions
• Use X-Ray integration for great insights.

Read more…

Benjamin Thurgood from AWS

Cloud is awesome, you can scale your web app or site on demand! But where do you start when you’re planning for bi g numbers of users. Making some design choices up front can dramatically simplify your life later.

Benjamin showed how best to link together different AWS services and using the capabilities of the AWS platform.

Autoscaling is only the beginning, there’s a lot more to look at.

Use Native Sevices

First step is to use the AWS Global Infrastructure with Edge locations. Take advantage of the global AWS platfom so you don’t have to reinvent the wheel.

Many native features available like Cloudfront, S3, DynamoDB, EFS etc.

EC2, EBS, RDS etc are scalable but you need to work a little harder.

Lightsail is an easy way to get started as a developer.

You can scale up but you’ll reach an end some time.

Read more…

Steven Challis & Derek Felska from AWS were the workshop leaders and it was very hands on, basically up to you and anyone else you wanted to team up with.

This is one of the reasons to actually attend a conference, you get to do things in person and interact with other people rather than watching a recorded session or just follow a step by step plan when you can’t confer.

Intro

Availability and fast performance is key to user experience. Building a global application from the start is traditionally extremely difficult. Think before serverless how you would have to manage a global fleet of EC2 instances, load balancers, databases and storage. You would need to be a DNS guru and keeping your compute generic yet regionalised was super tough. Enter serverless and the promise was there but Lambda needed a whole lot of hacking to get functions to fire based on geographical access.

In the workshop we set up a fictional company called www.wildrydes.com (would you use a ride sharing company called this!). This wasn’t just a normal rider sharing company though, the drivers were unicorns! They needed a customer support application which customers can use to report any issues, be it lost property or a grumpy unicorn! As the service was global and needed to be built, serverless was touted as the ideal platform to use as much as possible (of course, it’s re:Invent!). We needed to lash together Lambda, API Gateway, DynamoDB, Route 53, CloudFront and S3 for better availability. Cognito Federated Identities was also used for user authentication.

The workshop was also to highlight the new “API Gateway regional endpoints” feature which was recently released.

There’s no reason to feel left out though, you can go through it all at: https://github.com/awslabs/aws-serverless-workshops/

Read more…

FSV301 – Security Anti-Patterns: Mistakes to Avoid

Kurt Gray from AWS and Jonathan Baulch from Fidelity Investments

AWS has obviously spent a huge amount of effort building security into the very fabric of its cloud offerings. Enterprises still hesitant to use public cloud as they’re concerned about the security implications of AWS in my opinion are thinking old school. They are often taking the processes and procedures that they currently use on-prem and applying it to AWS rather than looking at all the new possibilities which are often more secure than they can do themselves.

AWS famously has touted the security split of “security OF the cloud” which is AWSs job and “security IN the cloud” which is the customer’s responsibility, however AWS has a huge number of tools to help with the IN part.

Kurt and Jonathan went through some of their learning about best practices and pitfalls. There are a number of governance patterns to avoid even though they may seem logical at first but may limit scale and throttle getting stuff done. This is all bundled under the banner of DevSecOps on a massive scale.

Read more…

I flew yesterday from London to Las Vegas and with it being Thanksgiving Weekend, the airport was rather quieter than expected which made for a pleasantly quick immigration experience. The streams of travellers inbound to one of the most important IT conferences of the year has given Vegas some more buzz today.

I wrote a comprehensive Preview Blog Post: AWS re:Invent 2017: The Show Preview with my reasons for why I’m here, what I hope to get out of it and some crystal ball gazing about what I expect we’ll see.

I buffeted up big time for breakfast this morning as I didn’t have much conference stuff on. Marvellous glutonny.

Registration

I then registered which was painless and had a DJ playing which was nice and lively.

Robocar Rally

This was an interesting “session”. The idea was getting behind a keyboard for a hackathon for getting your hands dirty with deep learning, IoT, AI and autonomous cars, sounds like a fun mix.

Read more…

Scaling Up and Out

re:Invent has turned into a vast conference, dwarfing many other IT get togethers, 50,000 people expected with an unmanageable schedule spread across 5 hotels. Even if you can walk quickly, its at least 30-45 minutes walk between quite a few of the venues.

This is the first time I’m attending re:Invent so the rush of excitement of a new event is invigorating for me.

I’d love to meet up with anyone who is here so please get in touch via @julian wood

AWS seems an unstoppable machine and that’s not in any way to say it should be stopped. Its rare a single company rises so spectacularly to create a major new part of an already established industry. 10 years ago this new thing called EC2 was a curiosity, now its old hat as services like Lambda become the new compute engine.

Why I’m here

I’m coming to AWS self funded so don’t have a company/vendor agenda I need to follow, I can truly see what interests me! My plan is to first of all see what’s new. This isn’t just about announcements although those are important but more how AWS develops into a service provider specifically for enterprises. Cloud is a new way of doings things yet enterprises have been doing things in a particular way for a long time, sometimes for good reasons and sometimes it is plain old toxic heritage IT!

I’m also investigating how enterprises change themselves to do cloud properly, taking advantage of the flexibility and scalability of public cloud and also how AWS updates itself to service enterprises better. This is a complicated dance which needs a lot of back and forth fancy foot work from both sides. I’m expecting more enterprise features, plenty of compliance, governance and security as a service. The recently announcement of PrivateLink as a new way to connect your VPCs to AWS services with more control is a nod to enterprises that’s don’t want all their stuff near the internet by default. AWS is working hard to ensure enterprises can take advantage of all the clever cloud stuff they have to offer.

Secondly I’m watching the serverless space very keenly and expecting a huge focus on Lambda. I’m not being hyperbolic by stating the serverless/FaaS pattern is the future of compute. A new cloud operating model where all infrastructure is abstracted, business processes as pure code without restrictions on scale, billed per invocation giving you financial super-powers.

What could be coming?

AWS releases new features and major updates to existing ones in an unprecedented manor. Just last week, more than 30 announcements were made and that’s before re:Invent and the big picture announcements likely reserved for the show. Make sure you subscribe to the excellent Last Week in AWS mailing list by Corey Quinn

At this stage its a guessing game as to what they might be, but certainly more IoT, ML, AI and buckets of enticing delicious serverless. I’m expecting some Blockchain as a Service and likely Kubernetes as well.

Amazon is also a remarkable company in the way it is able to erm. reinvent itself. This isn’t just an AWS thing but AWS certainly helps all of the rest of Amazon be incredible agile, be able to continually experiment, use its own platform as a sensing engine, rely on real data to make decisions and cannibalise itself. Lambda has been built to cannibalise EC2.

Read more…