AWS re:Invent 2017: Build a Multi-Region Serverless Application for Resilience and High Availability Workshop

November 28th, 2017 No comments

Steven Challis & Derek Felska from AWS were the workshop leaders and it was very hands on, basically up to you and anyone else you wanted to team up with.

2017-11-27 12.58.36 2017-11-27 12.58.45

This is one of the reasons to actually attend a conference, you get to do things in person and interact with other people rather than watching a recorded session or just follow a step by step plan when you can’t confer.

Intro

Availability and fast performance is key to user experience. Building a global application from the start is traditionally extremely difficult. Think before serverless how you would have to manage a global fleet of EC2 instances, load balancers, databases and storage. You would need to be a DNS guru and keeping your compute generic yet regionalised was super tough. Enter serverless and the promise was there but Lambda needed a whole lot of hacking to get functions to fire based on geographical access.

2017-11-27 13.15.14 2017-11-27 13.05.29

In the workshop we set up a fictional company called www.wildrydes.com (would you use a ride sharing company called this!). This wasn’t just a normal rider sharing company though, the drivers were unicorns! They needed a customer support application which customers can use to report any issues, be it lost property or a grumpy unicorn! As the service was global and needed to be built, serverless was touted as the ideal platform to use as much as possible (of course, it’s re:Invent!). We needed to lash together Lambda, API Gateway, DynamoDB, Route 53, CloudFront and S3 for better availability. Cognito Federated Identities was also used for user authentication.

The workshop was also to highlight the new “API Gateway regional endpoints” feature which was recently released.

There’s no reason to feel left out though, you can go through it all at: https://github.com/awslabs/aws-serverless-workshops/

Read more…

AWS re:Invent 2017: Security Anti-Patterns: Mistakes to Avoid – FSV301

November 27th, 2017 No comments

FSV301 – Security Anti-Patterns: Mistakes to Avoid

Kurt Gray from AWS and Jonathan Baulch from Fidelity Investments

AWS has obviously spent a huge amount of effort building security into the very fabric of its cloud offerings. Enterprises still hesitant to use public cloud as they’re concerned about the security implications of AWS in my opinion are thinking old school. They are often taking the processes and procedures that they currently use on-prem and applying it to AWS rather than looking at all the new possibilities which are often more secure than they can do themselves.

AWS famously has touted the security split of “security OF the cloud” which is AWSs job and “security IN the cloud” which is the customer’s responsibility, however AWS has a huge number of tools to help with the IN part.

Kurt and Jonathan went through some of their learning about best practices and pitfalls. There are a number of governance patterns to avoid even though they may seem logical at first but may limit scale and throttle getting stuff done. This is all bundled under the banner of DevSecOps on a massive scale.

Read more…

Categories: AWS, Cloud, re:Invent Tags: , ,

AWS re:Invent 2017: The Day 0 Buzz

November 27th, 2017 No comments

2017-11-26 20.09.49

I flew yesterday from London to Las Vegas and with it being Thanksgiving Weekend, the airport was rather quieter than expected which made for a pleasantly quick immigration experience. The streams of travellers inbound to one of the most important IT conferences of the year has given Vegas some more buzz today.

I wrote a comprehensive Preview Blog Post: AWS re:Invent 2017: The Show Preview with my reasons for why I’m here, what I hope to get out of it and some crystal ball gazing about what I expect we’ll see.

I buffeted up big time for breakfast this morning as I didn’t have much conference stuff on. Marvellous glutonny. Smile

2017-11-26 10.22.29 2017-11-26 09.07.11 2017-11-26 09.40.14

Registration

I then registered which was painless and had a DJ playing which was nice and lively.

2017-11-26 12.52.10 2017-11-26 12.52.02

Robocar Rally

2017-11-26 18.21.01This was an interesting “session”. The idea was getting behind a keyboard for a hackathon for getting your hands dirty with deep learning, IoT, AI and autonomous cars, sounds like a fun mix.

Read more…

Categories: AWS, re:Invent Tags: , ,

AWS re:Invent 2017: The Show Preview

November 27th, 2017 No comments

image_thumb5

Scaling Up and Out

re:Invent has turned into a vast conference, dwarfing many other IT get togethers, 50,000 people expected with an unmanageable schedule spread across 5 hotels. Even if you can walk quickly, its at least 30-45 minutes walk between quite a few of the venues.

This is the first time I’m attending re:Invent so the rush of excitement of a new event is invigorating for me.

I’d love to meet up with anyone who is here so please get in touch via @julian wood

AWS seems an unstoppable machine and that’s not in any way to say it should be stopped. Its rare a single company rises so spectacularly to create a major new part of an already established industry. 10 years ago this new thing called EC2 was a curiosity, now its old hat as services like Lambda become the new compute engine.

Why I’m here

I’m coming to AWS self funded so don’t have a company/vendor agenda I need to follow, I can truly see what interests me! My plan is to first of all see what’s new. This isn’t just about announcements although those are important but more how AWS develops into a service provider specifically for enterprises. Cloud is a new way of doings things yet enterprises have been doing things in a particular way for a long time, sometimes for good reasons and sometimes it is plain old toxic heritage IT!

I’m also investigating how enterprises change themselves to do cloud properly, taking advantage of the flexibility and scalability of public cloud and also how AWS updates itself to service enterprises better. This is a complicated dance which needs a lot of back and forth fancy foot work from both sides. I’m expecting more enterprise features, plenty of compliance, governance and security as a service. The recently announcement of PrivateLink as a new way to connect your VPCs to AWS services with more control is a nod to enterprises that’s don’t want all their stuff near the internet by default. AWS is working hard to ensure enterprises can take advantage of all the clever cloud stuff they have to offer.

Secondly I’m watching the serverless space very keenly and expecting a huge focus on Lambda. I’m not being hyperbolic by stating the serverless/FaaS pattern is the future of compute. A new cloud operating model where all infrastructure is abstracted, business processes as pure code without restrictions on scale, billed per invocation giving you financial super-powers.

What could be coming?

AWS releases new features and major updates to existing ones in an unprecedented manor. Just last week, more than 30 announcements were made and that’s before re:Invent and the big picture announcements likely reserved for the show. Make sure you subscribe to the excellent Last Week in AWS mailing list by Corey Quinn

At this stage its a guessing game as to what they might be, but certainly more IoT, ML, AI and buckets of enticing delicious serverless. I’m expecting some Blockchain as a Service and likely Kubernetes as well.

Amazon is also a remarkable company in the way it is able to erm. reinvent itself. This isn’t just an AWS thing but AWS certainly helps all of the rest of Amazon be incredible agile, be able to continually experiment, use its own platform as a sensing engine, rely on real data to make decisions and cannibalise itself. Lambda has been built to cannibalise EC2.

Read more…

Serverless, Show Me the Servers! – A UK VMUG 2017 Presentation

November 16th, 2017 No comments

I was happy to be asked to present at the National UK VMUG about Serverless. I had done the closing keynote last year so pretty relieved that I was at least invited back!

The presentation was similar to the London VMUG presentation I had done in July although updated as the Serverless ecosystem is moving at breakneck speed.

Changes of note since July are the addition of the new and momentum gathering OpenFaas framework, Azure Functions now available in the wild with Azure Stack, AWS adding more Lambda functionality particularly with its announcement that traffic shifting is coming soon for canary releases and blue/green routing. Iron.io bought by Oracle and VMware shutting down Photon Platform and shifting direction to Pivotal Container Service (PKS) and vSphere Integrated Containers (VIC).

AWS Re:Invent is in less that 2 week’s time so I’m sure there will be plenty more to talk about!

Here are the slides:

Presentation Summary:

I went though some of the public cloud examples like Amazon Lambda, Azure Functions and Google Cloud Functions. There are also Kubernetes based options you can deploy yourself like Fission, Kubeless and Funktion as well as cross container platforms such as Apache OpenWhisk, IronFunctions and the new and exciting OpenFaaS. I spent time going through what events are, why they are so critical to understanding serverless and gave some examples. How much it costs was covered, the differences between PaaS and containers. Listed the benefits and currently many disadvantages as its very new.

I also talked about how Ops is changing and doesn’t mean Ops goes away, just evolves. As it was a VMware user group I went through two connections to VMware, the kinds of things you could use serverless for to manage a VMware environment as well as the VMware cloud native story and using Pivotal Container Service the new Kubernetes based container runtime from VMware as your private serverless hosting platform.

Functional billing was highlighted as probably the most important future benefit for serverless, being able to track the cost of every single function call you make which can very easily highlight the inefficiencies you have and the benefit of being now able to have business costings matching up to IT costings.

Looking into the future there’s lots that needs to evolve but perhaps this is the time to decide whether you skip PaaS and containers for some things that have event triggers and go straight to serverless?

Joining the CloudInsiders Podcast to talk all about Serverless

November 15th, 2017 No comments

I was thrilled to be asked recently to join the CloudInsiders podcast to talk about Serverless. I was joined by Chan Ekanayake and we had a wide ranging discussion on what Serverless is, use cases, pros and cons and much more. It’s worth a listen if you’re trying to get your head around what its all about.

Thanks for having me.

Listen to the episode here: Serverless: Viva la revolución

The whole CloudInsiders podcast series is certainly worth subscribing to via iTunes or Stitcher.

Cloud Field Day 2 Preview: NetApp

July 21st, 2017 No comments

Cloud Field Day 2, part of the Tech Field Day family of events is happening in San Francisco and Silicon Valley, from 26-28 July and I’m super excited to be invited as a delegate.

We are hearing from a number of companies about how they cloud!

NetApp is one of the grand daddy’s of the storage industry. I first encountered NetApp 16 years ago. I was struck how relatively easy it was to use and set up. Having unified management across all its devices made learning it simpler than many competitors and the knowledge stayed relevant as in time you upgraded to the bigger, better, faster, more option. I loved that NetApp championed the use of NFS for VMware early on even though you often had to purchase an additional NFS license. I worked for a company that was one of the very first VMware on NFS on NetApp at scale customers. LUNs are yuck (still) and NFS provided so many advantages over the clunky block based alternatives of FC and iSCSI. NetApp was at the forefront of virtualisation and I was happy to see it soar.

In the decade since it seems it spent way too many cycles trying to integrate other things and landed up spinning its wheels when others caught up to the ease of use and in many cases surpassed in performance and flexibility. NetApp had SnapShots, SnapMirror and secondary storage before many others and being able to move data around easily was very attractive, however everyone else caught up. Arch competitor EMC combined with Dell and HPE split up and then bought Nimble and SimplVity.

SolidFire

Read more…

Categories: CFD2, Tech Field Day Tags: , , , ,

Cloud Field Day 2 Preview: HPE Nimble Storage

July 21st, 2017 No comments

Cloud Field Day 2, part of the Tech Field Day family of events is happening in San Francisco and Silicon Valley, from 26-28 July and I’m super excited to be invited as a delegate.

We are hearing from a number of companies about how they cloud!

Nimble Storage is a storage company with lofty goals of “giving users the fastest, most reliable access to data – on-premise and in the cloud”. The premise is their wording, certainly not mine, really should be premises, Nimble!

Nimble has an interesting Tech Field Day history as it announced its original product, the CS200 hybrid array at Tech Field Day 3 in Seattle in 2010. Fast forward to March 2017 when Nimble was purchased by HPE for just over $1 Billion.

HPE Land

Read more…

Categories: CFD2, Cloud, Storage, Tech Field Day Tags: , , ,

Cloud Field Day 2 Preview: Gigamon

July 21st, 2017 No comments

Cloud Field Day 2, part of the Tech Field Day family of events is happening in San Francisco and Silicon Valley, from 26-28 July and I’m super excited to be invited as a delegate.

We are hearing from a number of companies about how they cloud!

Gigamon is an established vendor which provides network traffic visibility. In its simplest form it is a large network tap. You chose what traffic you want to inspect more closely and run it through Gigamon’s devices. Gigamon then can hand off to other vendor products to then analyse the data. It could be security scanning with an intrusion detection system or watching traffic for data loss prevention or seeing if you have a bot net running internally.

In terms of virtualisation inspection, Gigamon already has its GigaVUE solutions which provide visibility into virtual workloads running in VMware networking with ESXi and NSX as well as OpenStack KVM powered clouds. Its Cloud Field Day so of course Gigamon is heading to the clouds and has recently announced the Gigamon Visibility Platform for AWS.

Enterprises love the simplicity of cloud networking, create a VPC with pretty much all the address space you need. Connect via an API and easily connect servers and clouds together. Nothing can communicate unless you specifically say it can so some of your firewalling is already taken care of and all the config can be more easily managed as code. Amazon looks after all the underlying compute, network and storage so you don’t have to, sounds great. It can be easy to think you then don’t have to worry about more security at the network level. Well, you may have permissioned a web server to be able to talk to an app server but how do you know what is actually running across port 443. What if the web server is in AWS but your app server is on-prem?

Visibility Platform for AWS

Read more…

Categories: AWS, CFD2, Cloud, Tech Field Day Tags: , , , ,

Cloud Field Day 2 Preview: ServiceNow

July 21st, 2017 No comments

Cloud Field Day 2, part of the Tech Field Day family of events is happening in San Francisco and Silicon Valley, from 26-28 July and I’m super excited to be invited as a delegate.

We are hearing from a number of companies about how they cloud!

ServiceNow has a SaaS suite of products and is trying to take traditional enterprise IT Service Management to the next level. It has had a number of leadership changes recently so seems to be shaking itself up for new things.

ITSM products have been often maligned and I have been fairly vocal over the years in my scorn for some ITSM/ITIL products. They often insert an inordinate amount of unnecessary bureaucracy between getting things done and protecting your IT estate. This causes all sorts of problems. IT teams try as hard as they can to navigate around the horrible tools they are forced to use, hence some shadow IT. ITSM bureaucrats continually add more and more process to trap more and more potential issues, more process = more hassle. Processes get so complicated and change is avoided at any cost. It can take weeks to shepherd a change through the system and finally get approved. People dump as much as they can in a change to avoid having to repeat the process. Business users have to log IT issues in a system that makes them feel IT doesn’t care. IT SLAs are tracked through the ITSM tools so solving tickets becomes wack-a-mole for IT staff.

ITSM Dispair

Read more…

Categories: CFD2, Cloud, DevOps, Tech Field Day Tags: , , ,