October 7, 2015

886 words 5 mins read

Roundup from AWS re:Invent Day 1

Today was the first day (sans instructional courses) of the 4th annual AWS re:Invent conference. While I was unable to attend this year, I’ve been eagerly watching the streams and keeping an eye on the news feeds. There have been many product announcements leading up to re:Invent, but the “really good stuff” was kept for today’s keynote. It is my suspicion that tomorrow’s keynote will be even better, so keep an ear to the ground. In the mean time, let’s take a quick look at what was announced today:

  • Amazon Inspector — One of the big challenges in any Operation’s environment is making sure you follow all of the required policies & procedures. There is no difference between cloud & on-premise environments, with the exception that things can spiral out of control much faster in the cloud (e.g. spin up hundreds of instances with the same policy ‘flaw’). Amazon Inspector lets you set rules that will be run against your environment on a regular basis to ensure audit compliance. It even comes with some out-of-the-box rule sets, such as PCI DSS 3.0.

    • AWS Config Rules — The problem with policies, procedures, & auditing is that they are either something you can violate (either unintentionally or purposefully) or don’t alert you until long “after the fact”. AWS Config Rules lets you create rule sets that provide enforcement actions in real time. So instead of finding out you had a production server with SSH open for X hours/days/weeks (until an audit caught it), AWS Config Rules can terminate the instance before it even gets live.

    • MariaDB for RDS — After MySQL got bought the community wasn’t terribly excited with the new overlords and forked out MariaDB as a drop in replacement to MySQL.

    • AWS Snowball — I think this is the first physical product that has been launched by Amazon Web Services. It’s a shock mounted storage device with 50 TB of on-board storage. In addition the Snowball contains encryption capabilities and an Amazon Kindle mounted to the front to provide a lovely eInk shipping label. For only $200 (plus shipping), which is REALLY cheap, you can Sneakernet data up to AWS. It appears that you can also Export data via Snowball for the same $200 base price, plus $0.03 per GB (or ~$1,536 for 50 TB).

    • Amazon Kinesis Firehose — The original Amazon Kinesis Streams has apparently been too complicated to setup for many customers to set it up, so the new Firehose option streamlines the process significantly. It is much simpler now in that you simply point data at the Firehose and it writes that data directly to S3 or Redshift without processing.

    • Amazon QuickSight — QuickSight is the single biggest “win” for products released today. Taking the ease and scale of AWS and mashing in dead-simple-BI (business intelligence) is going to make a LOT of people very happy. I don’t think QuickSight will kill big products like Tableau because they have a huge amount of power. However those classic BI products also require a non-trivial investment in time and money to stand up and run. I expect a lot of small companies (and startups) will take to QuickSight like moth to flame.

    And a few items announced in the last week:

  • EC2 Spot Blocks — The biggest issue with EC2 Spot instances was that there was no assurances for run length. If your batch jobs could be spun up and down in a matter of seconds, it wasn’t an issue. However, if the batch job couldn’t be interrupted for a fixed interval you were out of luck… until now. Spot Blocks allows you get enjoy some of the discounts of regular spot instances, with the advantage of being able to run from 1 to 6 hours continuously.

  • EC2 Dedicated Hosts — The joy of the cloud is that you don’t have to deal with the hardware, the sorrow of the cloud is that you can’t deal with the hardware (when you need to). For some software licensing needs, dedicated hardware is a requirement… one which you can now meet in AWS EC2. The dedicated host functionality may also prove to be of some use to people who want to eliminate “nosy neighbor” issues for their most sensitive of workloads.

  • AWS WAF — One of the major features CloudFlare has had over AWS’s CloudFront CDN is the Web Application Firewall. While I don’t think this one feature will push many customers over from CloudFlare (they do a lot more than CDN with WAF), it will help protect products already running in AWS environments. It certainly will be easier to use than making sure modsecurity is installed on every single web-facing box.

  • Amazon Elasticsearch Service — Like MySQL or MariaDB, Elastisearch is an awesome open source project. Just like the databases, not having to think about running the infrastructure related to search, is even more awesome.

There are so many new toys to play with, many of which aren’t even out yet, so it’s going to take quite some time to see how all of these services pan out. I’m looking forward to taking a few of them for a spin, once they are all fully released. Until then, we’ve got two more days of AWS re:Invent to go!

Stay tuned for more information on AWS re:Invent.