When Amazon’s cloud computing platform, Amazon Web Services (AWS), suffered an outage this past Tuesday (December 7, 2021), the magnitude of the event was felt globally. What happened, and how can your business learn from this significant outage?
Why was there an AWS outage?
Reported issues within the AWS infrastructure began around 12:00 ET/17:00 GMT on Dec. 7, according to data from real-time outage monitoring service DownDetector.
Amazon reported that the “US-East-1” region went down in North Virginia on Tuesday, which disrupted Amazon’s own applications and multiple third-party services that also rely on AWS. The issue was an “impairment of several network devices” that resulted in several API errors and ultimately, impacted many critical AWS services.
What were the effects of the AWS outage?
The effects of the AWS outage were massive because any problem affecting Amazon impacts hundreds of millions of end-users. AWS constitutes 41% of the global cloud-computing business, and many of the largest companies in the world are dependent on AWS’s cloud computing services. These businesses rent computing, storage, and network capabilities from AWS, which means the outage prevented end-users ‘ access to a variety of sites and apps across the Internet.
The major websites and apps that suffered from the outage are ones we turn to on a daily basis: Xfinity, Venmo, Google, and Disney+, just to name a few.
On Tuesday morning, users were reporting that they couldn’t log on to a variety of vital accounts. Most of us were going through our normal daily routine of checking the news, our financial accounts, or our Amazon orders, only to frustratingly realize that we couldn’t do so.
With so many large organizations relying on AWS, when the outage occurred, it felt like the entire Internet went down.
Benefits of a High Availability Multi-Region Cloud Application Architecture
Even though the outage was a major headache, it serves as an important lesson for those who are relying on a cloud-based infrastructure. As they say, you should learn from mistakes.
So how can your business mitigate, or even avoid, the effects of a major failure within your cloud provider?
At 2nd Watch, we are in favor of a high availability multi-region cloud approach. We advise our clients to build out multi-region application architecture not only because it will support your mission-critical services during an outage, but also because it will make your applications more resilient and improve your end-user experiences by keeping latencies low for a distributed
user base. Below is how we think about a multi-region cloud approach and why we believe it is a strong strategy
1. Increase your Fault Tolerance
Fault tolerance is the ability of a system to endure some kind of failure and continue to operate properly.
Unfortunately, things happen that are beyond our control (i.e. natural disasters) or things slip through the cracks (i.e. human error), which can impact a data center, an availability zone, or an entire region. However, just because a failure happens doesn’t mean an outage has to happen.
By architecting a multi-region application structure, if there is a regional failure similar to AWS’s east region failure, your company can avoid a complete outage. Having a multi-region architecture grants your business the redundancy required to increase availability and resiliency, ensure business continuity and support disaster recovery plans.
2. Lower latency requirements for your worldwide customer base
The benefits of a multi-region approach goes beyond disaster recovery and business continuity. By adopting a multi-region application architecture, your company can deliver low latency by keeping data closer to all of your users, even those who are across the globe.
In an increasingly impatient world, keeping latency low is vital for a good user experience, and the only way to maintain low latency is keeping your users close to the data.
3. Comply with Data Privacy Laws & Regulations
“Are you GDPR compliant?” is a question you probably hear frequently. Hopefully your business is, and you want to remain that way. With a multi-region architecture, you can ensure that you are storing data within the legal boundaries. Also, with signs that there will be more regulations each year, you will stay a step ahead with data compliance if you utilize a multi-region approach.
How Can I Implement a Multi-Region Infrastructure Deployment Solution?
A multi-region cloud approach is a proactive way to alleviate potential headaches and grow your business, but without guidance, it can seem daunting in terms of adoption strategy, platform selection, and cost modeling.
2nd Watch helps you mitigate the risks of potential public cloud outages and deploy a multi-region cloud infrastructure. Through our Cloud Advisory Services, we serve as your trusted advisor for answering key questions, defining strategy, managing change, and providing impartial advice for a wide range of organizational, process, and technical issues critical to successful cloud modernization.
Contact us today to discuss a multi-region application architecture for your business needs!
Welcome back friends! AWS re:Invent turns 10 this year and once again 2nd Watch is here to help you navigate it like a pro. As we all know now, AWS re:Invent 2021 is back in person in Las Vegas. One addition this year, Amazon Web Services is also offering a virtual event option… well, kind of…. As it currently stands, only the keynotes and leadership sessions will be live streamed for the virtual attendees. Breakout sessions will only be live for in person attendees, but will be available on-demand after the event.
For the rest of this blog I will try to focus on my thoughts and limit my regurgitation of all the information that you can get from the AWS re:Invent website, such as the AWS Code of Conduct, but I think it’s worth noting what I think are some key highlights that you should know. Oh, and one more thing. I have added a small easter egg to this year’s blog. If you can find a Stan Lee reference, shoot me an email: email@example.com and call it out. One winner will be picked at random and sent a $25 Amazon gift card. Now let’s get to it.
Some important things to note this year
Now that AWS re:Invent is (mostly) back in person, AWS is implementing proper health measures to prevent the spread of COVID. Make sure to review the health guidelines published by AWS. (https://reinvent.awsevents.com/health-measures/). Here is the summary for those that don’t enjoy more eye exercise than necessary. Refer to aforementioned link for more details and FAQ’s if you do.
All badge holders attending in person must be fully vaccinated for COVID-19 (2 weeks after final shot) which means you must provide a record of vaccination in order to receive your badge. AWS makes it clear that there are no ifs, ands or buts on this. No vax proof, no badge. ‘Nuff said!
Masks will be required for everyone at the event. Real ones. Unfortunately face lingerie and train robber disguises will not count.
Keynotes at Glance
This year’s keynotes give you the best of both worlds with both a live option for in person attendees and on-demand viewing option for virtual attendees. The 2021 keynotes include:
Adam Selipsky, AWS CEO
Peter DeSantis, Senior Vice President, Utility Computing and Apps
Global Partner Summit presented by Doug Yeum, Head of AWS Partner Organization, Sandy Carter, Vice President, Worldwide Public Sector Partners and Programs, and Stephan Orban, General Manager of AWS Marketplace and Control Services
2nd Watch Tips n’ Tricks
Over the last 9 years we have watched the AWS re:Invent conference morph into a goliath of an event. Through our tenure there we have picked up an abundance of tips n’ tricks to help us navigate the waters. Some of these you may have seen from my previous blogs, but they still hold strong value, so I have decided to include them. I have also added a couple new gems to the list.
App for the win – I cannot stress this one enough. Download and use the AWS Events app. This will help you manage your time as well as navigate around and between the venues.
Embrace your extravert – Consider signing up for the Builder Sessions, Workshops, and Chalk Talks instead of just Breakout sessions. These are often interactive and a great way to learn with your peers.
Watch for repeats– AWS is known for adding in repeat Breakout sessions for ones that are extremely popular. Keep your eye on the AWS Events app for updates throughout the week.
Get ahead of the pack– After Adam Selipsky’s Keynote there will likely be sessions released to cover off on new services that are announced. Get ahead of the pack by attending these.
No fomo – Most of the Breakout sessions are recorded and posted online after re:Invent is over. Fear not if you miss a session that you had your eyes on, you can always view it later while eating your lunch, on a break or doing your business.
Get engaged – Don’t be afraid to engage with presenters after the sessions. They are typically there to provide information and love answering questions. Some presenters will also offer up their contact information so that you can follow up again at a later time. Don’t be shy and snag some contact cards for topics relevant to your interests.
Bring the XL suitcase – Now that we are back in person, get ready to fill that swag bag! You will need room to bring all that stuff home so have extra room in your suitcase when you arrive.
Don’t just swag and run – Look, we all love stuffing the XL suitcase with swag, but don’t forget to engage your peers at the booths while hunting the hottest swag give-a-ways. Remember that part of the re:Invent experience is to make connections and meet people in your industry. Enjoy it. Even if it makes you a little uncomfortable.
Pro tip! Another option if you missed out on a reserving a session you wanted is to try and schedule something else that is near it at the same time. This will allow you to do a drive by on the session you really wanted and see if there is an open spot. Worst case, head to your back up session that you were able to schedule.
Our re:Invent Predictions
Now that we have you well prepared for the conference, here are a couple of our predictions for what we will see this year. We are not always right on these, but it’s always fun to guess.
RDS savings plans will become a reality.
Specialty instance types targeted at specific workloads (similar to the new VT1 instance they just announced focused on video).
Security hub add-ons for more diverse compliance scanning.
Expanded playbooks for compliance remediation.
More compliance frameworks to choose from.
Potential enhancements to Control Tower.
Virtual only attendees will not get the opportunity for the coveted re:Invent hoodie this year.
We are sure that after December 3rd there will be an overwhelming number of new services to sift through but once the re:Invent 2021 hangover subsides, 2nd Watch will be at the ready and by your side to help you consume and adopt the BEST solutions for your cloud journey. Swing by our booth #702 for some swag and a chat. We are giving away Gretsch Guitars we are super excited to see you!
Finally, don’t forget to schedule a meeting with one of our AWS Cloud Solution Experts while you’re at re:Invent. We would love to hear all about your cloud journey! We hope you are as excited as we are this year and we look forward to seeing you in Las Vegas.
-Dustin Snyder, Director of Cloud Infrastructure & Architecture
As a business scales, so does its software and infrastructure. As desired outcomes adapt and become more complex that can quickly cause a lot of overhead and difficulty for platform teams to manage over time and these challenges often limit the benefits of embracing containers and serverless. Shared services offer many advantages in these scenarios by providing a consistent developer experience while also increasing productivity and effectivity of governance and cost management.
Introduced in December 2020 Amazon Web Services announced the general availability of Proton: an application targeted at providing tooling to manage complex environments while bridging infrastructure and deployment for developers. In this blog we will take a closer look into the benefits of the AWS Proton service offering.
What is AWS Proton?
AWS Proton is a fully managed delivery service, targeted at container and serverless workloads, that provides engineering teams the tooling to automate provisioning and deploy applications while enabling them to provide observability and enforce compliance and best practices. With AWS Proton, development teams utilize resources for infrastructure and to deploy their code. This in turn increases developer productivity by allowing them to focus on their code, software delivery, reduce management overhead, and increase release frequency. Teams can use AWS Proton through the AWS Console and the AWS CLI, allowing for teams to get started quickly and automate complicated operations over time.
How does it work?
The AWS Proton framework allows administrators to define versioned templates which standardize infrastructure, enforce guard rails, leverage Infrastructure as Code with CloudFormation, and provide CI/CD with Code Pipeline and Code Build to automate provisioning and deployments. Once service templates are defined, developers can choose a template and use it to deploy their software. As new code is released, the CI/CD pipelines automatically deploys the changes. Additionally, as new template versions are defined, AWS Proton provides a “one-click” interface which allows administrators to roll out infrastructure updates across all the outdated template versions.
When is AWS Proton right for you?
AWS Proton is built for teams looking to centrally manage their cloud resources. The service interface is built for teams to provision deploy and monitor applications. AWS Proton is worth considering if you are using cloud native services like Serverless applications or if you utilize containers in AWS. The benefits continually grow when working with a service-oriented architecture, microservices, or distributed software as it eases release management, reduces lead time, and creates an environment for teams to operate within a set of rules with little to no additional overhead. AWS Proton is also a good option if you are looking to introduce Infrastructure as Code or CI/CD pipelines to new or even existing software as AWS Proton supports linking existing resources.
Getting Started with AWS Proton is easy!
Since AWS Proton itself is free and you only pay for the underlying resources, you are only a few steps away from giving it a try! First a member of the platform infrastructure team creates an environment template. An environment defines infrastructure that is foundational to your applications and services including compute networking (VPCs), Code Pipelines, Security, and Monitoring. Environments are defined via CloudFormation templates and use Jinja for parameters rather than the conventional parameters section in standard CloudFormation templates. You can find template parameter examples in the AWS documentation. You can create, view, update, and manage your environment templates and their versions in the AWS Console.
Once an environment template is created the platform administrator would create a service template which defines all resources that are logically relative to a service. For example, if we had a container which performs some ETL this could contain an ECR Repository, ECS Cluster, ECS Service Definition, ECS Task Definition, IAM roles, and the ETL source and target storage.
In another example, we could have an asynchronous lambda which performs some background tasks and its corresponding execution role. You could also consider using schema files for parameter validation! Like environment templates, you can create, view, update, and manage your service templates and their versions in the AWS Console.
Once the templates have been created the platform administrator can publish the templates and provision the environment. Since services also include CI/CD pipelines platform administrators should also configure repository connections by creating the GitHub app connector. This is done in the AWS Developer Tools service or a link can be found on the AWS Proton page in the Console.
Once authorized, the GitHub app is automatically created and integrated with AWS and CI/CD pipelines will automatically detect available connections during service configuration.
At this time platform administrators should see a stack which contains the environment’s resources. They can validate each resource, interconnectivity, security, audits, and operational excellence.
At this point developers can choose which version they will use to deploy their service. Available services can be found in the AWS Console and developers can review the template and requirements before deployment. Once they have selected the target template they choose the repository that contains their service code, the GitHub app connection created by the platform administrator, and any parameters required by the service and CodePipeline.
After some time, developers should be able to see their application stack in CloudFormation, their application’s CodePipeline resources, and the resources for their application accordingly!
AWS Proton is a new and exciting service available for those looking to adopt Infrastructure as Code, enable CI/CD pipelines for their products, and enforce compliance, consistent standards, and best practices across their software and infrastructure. Here we explored a simple use case, but real world scenarios likely require a more thorough examination and implementation.
AWS Proton may require a transition for teams that already utilize IaC, CI/CD, or that have created processes to centrally manage their platform infrastructure. 2nd Watch has over 10 years’ experience in helping companies move to the cloud and implement shared services platforms to simplify modern cloud operations. Start a conversation with a solution expert from 2nd Watch today and together we will assess and create a plan built for your goals and targets!
Adrien Sieg, Head of Data at McDonald’s Global Technology France, Christina Moss, Director of AWS Cloud Services at McDonald’s, and Mathieu Rimlinger, Director of Global Technology France at McDonald’s, talk about their latest technological advancements in the cloud and how McDonald’s is using data lakes to set customer expectations and improve satisfaction. Listen now on Spotify, iTunes, iHeart Radio, Stitcher, or wherever you get your podcasts.
We’d love to hear from you! Email us at CloudCrunch@2ndwatch.com with comments, questions and ideas.
Everyone’s journey to the cloud is different. Before deciding your direction, you should consider your business goals, risk tolerance, internal skills, cost objectives, and existing technology ecosystem. For some, the choice is a 100% native cloud-first strategy on a single Cloud Service Provider (CSP). Others will use a mixture of services across multiple providers. And some others will choose a hybrid strategy in some form. For a hybrid approach, an interesting option worth considering is leveraging VMware Cloud (VMC) on AWS.
VMware Cloud on AWS is a great solution to consider whether you are integrating your on-prem work environment into the cloud, evacuating your datacenter, scaling datacenter extensions, looking at disaster recovery (DR), or focusing on remote workforce enablement.
What is VMware Cloud on AWS?
About three years ago, hundreds of engineers from VMware and AWS spent more than two years bringing the VMware Cloud solution to market. VMware Cloud on AWS refers to the VMware infrastructure stack or VMware cloud foundation. It encompasses the three infrastructure software pieces that VMware is known for: vSphere, NSX and vSAN. vSphere provides virtualization of compute, NSX is virtualization of the network, and vSAN virtualizes storage. VMC is an instance of the vCloud foundation being executed on AWS bear metal hardware. When you sign up for a VMware Cloud account, you can get access to the entire VMware stack in an AWS availability zone in just 90 minutes.
Traditionally, VMware has been in datacenters. Now, you can combine those servers into one piece of hardware. With AWS, you can now move functionality to the cloud and enjoy the many benefits of this platform.
1. Expanded functionality
There is so much more functionality in the VMware stack than in the cloud alone. There’s also more functionality in the cloud than you can build in your own environment. VMware Cloud on AWS is more than just a traditional VMware stack. It’s all the functionality of NSX, vSAN, and vSphere, plus the latest additions, at your fingertips, allowing you to always run the latest version of VMware to have access to the newest features. VMware takes care of the maintenance, upgrading, and patching, and with VMC being placed in AWS, you have instant access to all of the AWS cloud features in close physical proximity to your application, allowing you to experience improved performance.
2. Easy adoption
If you’re new to the cloud and have experience with VMware, you will easily be able to apply those existing on-prem skills to VMC on AWS. Because vShere on-prem is the same as the vSphere on AWS, it’s backwards compatible. The traditional management interface of the vCenter has the same look and feel and operates the same in the cloud as it does on-prem. These mirrored interfaces allow you to preserve the investment you have made in your existing VMware administrators, keeping headcount and employee costs down because you don’t have to hire for new skills or ask existing techs to increase their skillset. This quick familiarity lets you ramp up and use the service much faster than bringing in a completely new platform.
3. Agile scaling capability
After COVID-19 safety precautions sent 80-90% of the workforce home, organizations scrambled to enable and protect their new remote workers. Datacenters and BDi farms weren’t built to scale for the influx, and it’s just not possible to build additional datacenters as fast as necessary. Organizations needed to find already-built hardware and available datacenters and software that could meet their needs quickly. VMC on AWS solves the problem because it is built to scale without the limitations of on-prem environments.
4. Transition from CAPEX to OPEX
A fundamental change people are seeing from VMC on AWS is the ability to move from a capital expenditures (CAPEX) model to an operating expenditures (OPEX) model, freeing you from exceptionally long and expensive contracts for datacenters and DR locations.
With VMC, you can move to an OPEX model and spread your cost out over time, and the hardware, maintenance, and upgrades are no longer your responsibility. On top of that, the savings in headcount, manpower, and man hours creates a conversation between IT and financial staff as to what’s best for the overall organization.
5. Lower costs
Chances are, you’re already using VMware and recognize it as a premium brand, so if you’re looking at cost solely from a compute point of view, it might appear as if costs are higher. However, if you add up the individual expenses you incur without VMC – including real estate, hardware, software maintenance, headcount, management, travel costs – and compare that to VMC on AWS, you see the cost benefit ratio in favor of VMC. And additional resources are saved when you consider all the management roles that are no longer your responsibility. VMware also offers a hybrid loyalty program with incentives and savings for customers who are already invested in the VMware ecosystem.