What do the re:Invent 2017 releases mean to your DevOps?
“What happens in Vegas stays in Vegas” is one of the most famous taglines used in modern times to brand or market a city, especially from the tourism perspective. Luckily though, this doesn’t hold true when it comes to AWS re:Invent as whatever happens in Vegas in these 5 days changes the whole cloud and related services market, and this year was no exception. Hundreds of technology sessions, partner expos and product launches, after-hours events, parties, and networking events (which is my personal favorite) make AWS re:Invent a place to be for every cloud enthusiast and professional. Apart from the numerous product and service launches from the partners, according to the AWS’ product announcement page, several new products and services that can be categorized in 15 different areas were released in this year’s re:Invent by AWS. It will be a Sisyphean task to even list them all in one blog and forget about explaining them and their features. So, I will try to throw light on only selected few of those, which I think will surely have a bigger impact in terms of DevOps, containers, and cloud space.
A machine learning tool that will analyze all the data, trends, patterns, anomalies, and logs from AWS components, EC2 instances, and your virtual private cloud, domain, DNS logs, and event logs to inform you if your AWS account is in danger from malicious attacks or unauthorized accesses. Not only that, but it will also inform you of recommended corrective actions which you can take based on the threats, which are categorized into three levels (low, medium, and high). It also provides you an option to customize by adding threats and a trusted IPs list. You can feed the GuardDuty findings to different event management and workflow systems.
GuardDuty will certainly improve your AWS infrastructure security and help your operations guys monitor various processes that will reduce the efforts of the DevOps team. And the good news is you can try this for 30 days without paying a dime.
EKS and Fargate
Most of us run Kubernetes clusters on AWS, and we all know the efforts we have to put in to install and configure masters and workers, their communication, load balancing, and upgrades, not to mention the compulsion to have a particular number of masters for high availability and to protect ourselves from single point failure. Well, Amazon has planned to extricate us from all these efforts with EKS. Amazon Elastic Container Service for Kubernetes (EKS) is a fully managed service that will allow the use of Kubernetes on the AWS. In short, you can migrate all your K8s applications with zero code change to AWS. Also, EKS will take care of monitoring, detecting, and replacing unhealthy masters, upgrading and patching them.
In addition to EKS, and to add to your container’s compute power, AWS released Fargate. In real crux, AWS Fargate is like EC2 for containers. Fargate takes care of all the manage functions for your containers. You just need to provide a container image, select an orchestrator, define the application requirements, and launch the container. Once you are done with this, Fargate will manage the containers for you and, of course, scale your containers too. Plus, you can integrate it with EKS and ECS. Currently, it is available for ECS, but for EKS, you will have to wait till 2018.
If you are a developer and are looking for an Integrated Development Environment (IDE) which will allow collaborative editing and can be integrated with the AWS ecosystem, then AWS has the exact thing for you. It is called Cloud9. Cloud9 was actually a different entity that AWS acquired in July 2016. In addition to writing, running, and debugging Cloud9, being a cloud-based IDE, will allow you to share your development environment with your peers, and you can track the progress in real-time. This will allow you and teams related to better coordinate and optimize the interdependent processes for a better time and resource utilization and improve performance and productivity. Its integration capabilities with other AWS ecosystem components, especially AWS CodeStar, allow you to set up an end-to-end continuous delivery toolchain for your application. If you are using an EC2 instance, then there is more good news for you. It will be free for EC2 users; you just need to pay for the compute and storage resources. It will be interesting to see how it stands against Microsoft’s Visual Studio, which can be integrated with third-party services.
Now that I have talked about container solutions for your applications and integrated development environments from AWS, I think it will be good to sum it up with a management tool. Systems manager is, as the name suggests, a tool that will allow you to have a look at all the operational data from all the AWS services and help you automate tasks across the AWS resources that you are using. With Systems Manager, you can see the recent API activity, configuration changes, alerts and notifications, inventory status, etc., everything in one place. It will help you detect your operational flaws in time and finetune the overall operations to maximize productivity. This involves three simple steps:
- Resource grouping, which involves finding tagged AWS resources, group them, and view group specific insights
- Insights gathering, which allows you to integrate all your existing AWS dashboards and insight indicators along with their inherent warnings and information in one place
- Acting on the insights
It is impossible to talk about the five-day event, all the happenings, the announcements, and releases in a blog. The above-mentioned services are the ones that I think will certainly benefit DevOps and automation aficionados to leverage the AWS ecosystem in a much more productive way than before - architecting container infrastructure, securing the infrastructure, enhancing storage, and at the same time, helping your operations guys to monitor and manage the environment.