1-888-317-7920 info@2ndwatch.com

2nd Watch AWS re:Invent 2019 Breakout Sessions

2nd Watch is presenting two breakout sessions at AWS re:Invent 2019. Add these to your session agenda to attend!

Simple Path to AWS Managed Services (AMS): Wednesday, December 4 – 1:45PM – The Venetian

With AWS Managed Services (AMS) you can eliminate the complexity of managing IT Ops and re-focus on enhancing and delivering your applications. In this session, learn how to accelerate your journey to the cloud by using AMS. We’ll cover the process for assessing, migrating and operationalizing your infrastructure from your on-premise datacenter or existing cloud environment to AMS. Attend this session to learn key steps to streamline this process using automation and infrastructure as code to set up network connectivity, access management, logging, monitoring, backups and configuration. You’ll also discover integration points for an existing managed service provider to seamlessly work with AMS.

Add to your agenda

CCPA – State Privacy Laws’ Effect On Cloud Development: Wednesday, December 4 – 2:10PM – The Venetian

Several states followed the European Union’s Global Data Protection Regulation (GDPR) by enacting their own consumer privacy laws.  California’s Consumer Protection Act (CCPA), effective January 2020, goes even further in defining what constitutes private data. What does that mean for your cloud journey and the development of cloud native applications? How will you secure private data, adhering to each state’s regulations, while building a foundation for future law changes without straining cloud infrastructure and digital application teams? This session highlights obligations to be aware of, policies and procedures to pursue, cloud architectural considerations, and KPI’s to determine successful implementation.

Add to your agenda

See you in Vegas!

Facebooktwitterlinkedinmailrss

Meet 2nd Watch at AWS re:Invent 2019

Will you be at AWS re:Invent 2019? 2nd Watch is sponsoring the event, and we want to see you! Stop by booth #2013 to speak with a cloud solutions expert or pre-schedule your meeting with us today.

SCHEDULE A MEETING
Pick up your limited-edition t-shirt and enter to win a DJI Robomaster S1 Robot, the coolest way to learn programming! After assembling the RoboMaster, drive it around firing soft pellets with the help of the on-robot camera to see where you’re aiming and driving.

2nd Watch is hiring and will also be meeting with top-talent professionals at re:Invent. If you are attending re:Invent and would like to discuss opportunities to join our dynamic team, please contact us at careers@2ndwatch.com. Check out our careers page to see a complete list of open positions

See you in Vegas, 2nd Watch Booth 2013!

Facebooktwitterlinkedinmailrss

2020 Predictions: Multicloud

Multicloud has risen to the fore in 2019 as customers continue to migrate to the cloud and build out a variety of cloud environments.

When it comes to multicloud, it offers obvious benefits of not being locked in with a single provider, as well as being able to try varying platforms. But how far have customers actually gotten when it comes to operating multicloud environments? And what does 2020 hold for the strategy?

Adoption

As 2020 approaches and datacenter leases expire, we can expect to see continued cloud adoption with the big public cloud players – Amazon and Azure in particular. Whether a move to a multicloud environment is in the cards or whether that may be a step too far for firms that are already nervous about shifting from a hosted datacenter to the public cloud is a question cloud providers are eager to get answers to.

But there isn’t a simple answer, of course.

We have to remember that with a multicloud solution, there has to be a way to migrate or move workloads between the clouds, and one of the hurdles multicloud adoption is going to face in 2020 is organizations not yet having the knowledge base when it comes to different cloud platforms.

What we may well see is firms taking that first step and turning to VMware or Kubernetes – an opensource container orchestration platform – as a means to overlay native cloud services in order to adopt multicloud strategies. At VMworld in August, the vendor demonstrated VMs being migrated between Azure and AWS, something users can start to become familiar with in order to build their knowledge of cloud migrations and, therefore, multicloud environments.

For multicloud in 2020 this means not so much adoption, but awareness and investigation. Those organizations using an overlay like VMware to operate a multicloud environment can do so without having deep cloud expertise and sophistication in-house. This may be where multicloud takes off in 2020. Organizations wouldn’t necessarily need to know (or care) how to get between their clouds, they would have the ability to bounce between Azure, Amazon and Google Cloud via their VMware instead.

Still, as we’re moving into a multicloud world and companies start to gravitate towards a multicloud model, they’re going to see that there are multiple ways to utilize it. They will want to understand it and investigate it further, which will naturally lead to questions as to how it can serve their business. And at the moment, the biggest limiter is not having this in-house knowledge to give organizations that direction. Most firms don’t yet have one single person that knows Amazon or Azure at a sophisticated enough level to comfortably answer questions about the individual platforms, let alone how they can operate together in a multicloud environment.

What this means is that customers do a lot of outsourcing when it comes to managing their cloud environment, particularly in areas like PaaS, IaaS, Salesforce and so on. As a result, organizations are starting to understand how they can use these cloud technologies for their internal company processes, and they’re asking, ‘Why can’t we use the rest of the cloud as well, not just for this?’ This will push firms to start investigating multicloud more in 2020 and beyond – because they will realize they’re already operating elements of a multicloud environment and their service providers can advise them on how to build on that.

Adoption steps

For firms thinking about adopting a multicloud environment – even those who may not feel ready yet – it’s a great idea to start exploring a minimum of two cloud providers. This will help organizations get a feel for the interface and services, which will lead to an understanding of how a multicloud environment can serve their business and which direction to go in.

It’s also a good idea to check out demos of the VMware or Kubernetes platforms to see where they might fit in.

And lastly, engage early with Amazon, Azure and VMware or a premier partner like 2nd Watch. Companies seeking a move to the cloud are potentially missing out on monies set aside for migration assistance and adoption.

What will 2020 bring?

2020 is certainly set to see multicloud questions being asked, but it’s likely that hybrid cloud will be more prevalent than multicloud. Why? Because customers are still trying to decide if they want to get into cloud rather than think about how they can utilize multiple clouds in their environment. They just aren’t there yet.

As customers still contemplate this move to the cloud, it’s much more likely that they will consider a partial move – the hybrid cloud – to begin with, as it gives them the comfort of knowing they still hold some of their data on-premise, while they get used to the idea of the public cloud. This is especially true of customers in highly regulated industries, such as finance and healthcare.

What does this mean for multicloud? A wait. The natural step forward from hybrid cloud is multicloud, but providers will need to accept that it’s going to take time and we’re simply not quite there yet, nor will we be in 2020.

But we will be on the way – well on the way – as customers take a step further along the logical path to a multicloud future. 2020 may not be the year of multicloud, but it will be the start of a pretty short journey there.

-Jason Major, Principal Cloud Consultant

-Michael Moore, Associate Cloud Consultant

Facebooktwitterlinkedinmailrss

2nd Watch is a Great Place to Work-Certified™ Company

We are proud to announce that 2nd Watch is again Great Place to Work-Certified! Using validated employee feedback gathered with Great Place to Work’s rigorous, data-driven For All methodology, certification confirms 94% of employees have a consistently positive experience at 2nd Watch. Great Place to Work is the global authority on workplace culture, employee experience and the leadership behaviors proven to deliver market-leading revenue and increased innovation.

We make employee experience and our culture a top priority every day, and it means a lot that our employees have reported a positive experience with their coworkers, their leaders, and with their jobs. This is important to us because we want our employees to be happy and fulfilled here and we know that when our employees have a high-trust experience they are more productive, drive better business results and make a difference to our clients.

“We congratulate 2nd Watch on their Certification,” said Sarah Lewis-Kulin, Vice President of Best Workplace List Research at Great Place to Work. “Organizations that earn their employees’ trust create great workplace cultures that deliver outstanding business results.”

Are you interested in joining our amazing team? Visit our Careers page to view all open positions.

Great Place to Work® is the global authority on workplace culture. Since 1992, they have surveyed more than 100 million employees around the world and used those deep insights to define what makes a great workplace: trust. Great Place to Work helps organizations quantify their culture and produce better business results by creating a high-trust work experience for all employees. Emprising®, their culture management platform, empowers leaders with the surveys, real-time reporting, and insights they need to make data-driven people decisions. Their unparalleled benchmark data is used to recognize Great Place to Work-Certified™ companies and the Best Workplaces™ in the US and more than 60 countries, including the 100 Best Companies to Work For® and World’s Best list published annually in Fortune. Everything they do is driven by the mission to build a better world by helping every organization become a Great Place to Work For All™.

-Director of Human Resources

Facebooktwitterlinkedinmailrss

What to Expect at AWS re:Invent 2019

The annual AWS re:Invent conference is nearing upon us, kicking off December 2nd in Las Vegas. We are pumped up to participate once again and to hear about all of the AWS-related product updates and customer news, not to mention more than a few parties and chances to network with fellow conference-goers. After years of sponsoring and attending the conference, here are some helpful ‘how to re:Invent’ tips we’ve compiled and a few topics we expect to hear about this year, to help you prepare for and maximize your re:Invent experience

Service release announcements

Last year at re:Invent, AWS announced Control Tower (preview). It was then released into GA on June 24, 2019. Since then, we have been keeping a close eye on its adoption as well as a potential roadmap for enhancements. The largest and most obvious of enhancements that we are hoping to see released this year at re:Invent is the ability to integrate existing accounts or organizations into Control Tower – even more specifically, the ability to pull your AWS Landing Zone into Control Tower. This will be a game changer for those who have already heavily adopted AWS and a true must for the overall success of the product.

Just like Control Tower, Security Hub (preview) also was announced last year at re:Invent and then subsequently released into GA on June 24, 2019. Security Hub is a fantastic tool that integrates with multiple AWS services such as Amazon GuardDuty, Amazon Inspector, and Amazon Macie, as well as AWS Partner solutions to monitor compliance. However, it is limited to (at time of writing this article) compliance checks based only on Center for Internet Security (CIS) AWS Foundations Benchmark. The release of integration with Cloud Custodian earlier this year did open up the potential for tons of custom-written compliance checks, but we would like to see more compliance checks released that are out-of-the-box to remove reliance on custom coding and 3rd party tooling. Based on our experience, we believe that PCI may be the next compliance check released for Security Hub.

Let’s talk about the parties

2nd Watch will be hosting its annual AWS re:Invent After Party at the Omnia Nightclub located in Caesars Palace, and it’s sure to be an epic time! There will be great food, drinks, an awesome DJ, and of course the 2nd Watch crew. This party sells out every year! Check out the details on our website.

AWS will be hosting its annual re:Play Party on December 5th and will likely lead to a few active snooze buttons the following morning. Between Broomball, Dodgeball, music, food, drinks and plenty of other entertainment it will definitely measure up to its predecessors. As Chris Traeger (Parks and Recreation) would say, “It is, literally, the best party, ever. “

You can see the full list of activities and events at https://reinvent.awsevents.com/play/.

2nd Watch Tips n’ Tricks

Over the last 7 years we have watched the AWS re:Invent conference grow from about 8,000 to 50,000+ attendees. As we have attended every year, we have picked up an abundance of tips and tricks along the way to help us survive the madness. We are excited to share some of those with you to help you get the most out of your re:Invent adventure.

  • App for the win – Download and use the AWS Events app. This will help you manage your time as well as navigate around and between the venues.
  • Hurry up and wait Lines, lines, and even more lines. Have you ever been to Disneyland during spring break? We say this every year and will say it again. Book your spots early. Relying on walk-up attendance for sessions, bootcamps, etc. will likely net you a very frustrating week. Although we have been fortunate enough to hit some gems via the walk-up, it is typically rarer than finding a leprechaun in the middle of the winter with its pot of gold.
  • Embrace your extravert Consider signing up for the Hackathons, Security JAMs, Labs, Workshops, and Chalk Talks instead of just Breakout Sessions. These are often interactive and a great way to learn with your peers.
  • Watch for repeats AWS is known for adding repeat Breakout Sessions for those that are extremely popular. Keep your eye on the AWS Events app for updates throughout the week.
  • Get ahead of the pack After Andrew Jassy’s Keynote there will likely be sessions released to cover new services that were announced. Get ahead of the pack by attending these. Take note that this year Jassy’s keynote will be on Tuesday instead of Wednesday.
  • Try not to boil the ocean – You will not be able to attend every session that you are interested in. Pick one learning track and try to get the most out of it. Attempting to pack in several tracks will only have you running around frantically all week.
  • No fomo Most of the sessions are recorded and posted online after re:Invent is over. Fear not if you miss a session that you had your eyes on. You can always view it later while eating your lunch or while attending another meeting about ‘why meetings are important.’
  • Get engaged – Don’t be afraid to engage with presenters after the sessions. They are typically there to provide information and love answering questions. Some presenters will also offer up their contact information so you can follow up again at a later time. Don’t be shy, snag some contact cards for topics relevant to your interests.

We are sure that, after December 6th, there will be an overwhelming number of new services to sift through. Once the re:Invent 2019 hangover subsides, 2nd Watch will be at the ready to help you consume and adopt the BEST solutions for your cloud journey. Swing by our booth, #2013, for some swag and a chat. This year we are giving away DJI Robomaster S1 robots (the coolest way to learn programming), and we are excited to see you!

We also invite you to join us at one of our Breakout sessions, Simple Path to AWS Managed Services (AMS) or CCPA – State Privacy Laws Effect on Cloud Development. You can find details and add these sessions to your agenda at https://offers.2ndwatch.com/aws-reinvent-2019.

Finally, don’t forget to schedule a meeting with one of our AWS Cloud Solution Experts while you’re at re:Invent. We would love to hear all about your cloud journey! We hope you are as excited as we are this year and we look forward to seeing you in Las Vegas.

-Dustin Snyder, Cloud Practice Manager

Facebooktwitterlinkedinmailrss

Troubleshooting VMware HCX

I was on a project recently where we had to set up VMware HCX in an environment to connect the on-premises datacenter to VMware Cloud on AWS for a Proof of Concept migration.  The workloads were varied, ranging from 100 MB to 5TB in size.  The customer wanted to stretch two L2 subnets and have the ability to migrate slowly, in waves.  During the POC, we found problems with latency between the two stretched networks and decided that the best course of action would be to NOT stretch the networks and instead, do an all-at-once migration.

While setting up this POC, I had occasion to do some troubleshooting on HCX due to connectivity issues.  I’m going to walk through some of the troubleshooting I needed to do.

The first thing we did was enable SSH on the NSX manager.  To perform this action, you go into the HCX manager appliance GUI and under Appliance Summary, start the SSH service.  Once SSH is enabled, you can then login to the appliance CLI, which is where the real troubleshooting can begin.

You’ll want to login to the appliance using “admin” as the user name and the password entered when you installed the appliance.  SU to “root” and enter the “root” password.  This gives you access to the appliance, which has a limited set of Linux commands.

You’ll want to enter the HCX Central CLI (CCLI) to use the HCX commands.  Since you’re already logged in as “root,” you just type “ccli” at the command prompt.  After you’re in the CCLI, you can type “help” to get a list of commands.

One of the first tests to run would be the Health Checker. Type “hc” at the command prompt, and the HCX manager will run through a series of tests to check on the health of the environment.

“list” will give you a list of the HCX appliances that have been deployed.

You’ll want to connect to an appliance to run the commands specific to that appliance.  As shown above, if you want to connect to the Interconnect appliance, you would type “go 0,” which would connect you to node 0.  From here, you can run a ton of commands, such as “show ipsec status,” which will show a plethora of information related to the tunnel.  Type “q” to exit this command.

You can also run the Health Check on this node from here, export a support bundle (under the debug command), and a multitude of other “show” commands.  Under the “show” command, you can get firewall information, flow runtime information, and a lot of other useful troubleshooting info.

If you need to actually get on the node and run Linux commands for troubleshooting, you’ll enter “debug remoteaccess enable,” which enables SSH on the remote node.  Then you can just type “ssh” and it will connect you to the interconnect node.

Have questions about this process? Contact us or leave a reply.

-Michael Moore, Associate Cloud Consultant

Facebooktwitterlinkedinmailrss

A Case for Enterprises to Leverage Managed Cloud Services

Cloud Adoption is almost mainstream. What are you doing to get on board?

If you follow the hype, you’d think that every enterprise has migrated their applications to the cloud and that you’re ‘behind the times’ when it comes to your on-premise or co-located datacenter. The truth is, many cloud computing technologies are a few years away from mainstream adoption. Companies find the prospect of moving the majority of their workloads to cloud daunting, not only due to the cost to migrate, but because their IT organization isn’t ready to operate in this new world. The introduction of new standards like Infrastructure as Code, CI/CD, serverless, containers, and the concern over security and compliance can place IT operations teams in a state of flux for years, which causes uptime, reliability, and costs to suffer.

Despite the challenges, Gartner predicts that Cloud Computing and Software as a Service (SaaS) is less than 2 years from mainstream adoption. {reference Gartner Hype Cycle for Cloud Computing, 2018 – published July 31, 2018 by David Smith & Ed Anderson.}

One expected early adopter of cloud technologies and IaaS is Independent Software Vendors (ISVs). Delivering their software as a service, enabling their customers to pay as they go, has become a requirement of the industry. The majority of ISVs are not dealing with green-field technology. They have legacy code and monolithic architectures to contend with, which require, in many cases, a rewrite to function effectively in cloud. I remember a time where my team (at a multi-national ISV) thought it was ‘good enough’ to fork-lift our executable into Docker and call it a day. This method of delivery will not compete with the Salesforce, ServiceNow, and Splunks of the world.

But how do ISVs compete when Cloud or SaaS Ops isn’t their core competency; when SaaS Ops has now become a distinct part of their product value stream?

The answer is Managed Cloud Services – outsourcing daily IT management for cloud-based services and technical support to automate and enhance your business operations.

Gartner says 75% of fully successful implementations will be delivered by highly skilled, forward looking boutique managed services providers with cloud-native, DevOps-centric services delivery approach.

Though this has traditionally been considered a solid solution for small to medium-sized companies looking to adopt cloud without the operational overhead, it has proven to be a game-changer for large enterprises, especially ISVs who can’t ramp up qualified SaaS operations staff fast enough to meet customer demand.

AWS has jumped on board with their own managed services offering called AWS Managed Services (AMS), which provides companies with access to AWS infrastructure, allowing them to scale their software deployments for end-users without increasing resources to manage their operations. The result is a reduction in operational overhead and risk as the company scales up to meet customer demand.

The AMS offering includes:

  • Logging, Monitoring, and Event Management
  • Continuity Management
  • Security and Access Management
  • Patch Management
  • Change Management
  • Provisioning Management
  • Incident Management
  • Reporting

In addition, if the ISV leverages AWS Marketplace to sell their SaaS solution, their billing, order processing, and fulfillment can be automated from start-to-finish letting them focus on their software and features rather than the minutia of operating a SaaS business and infrastructure, further reducing the strain of IT management. An example of an integration between AWS Marketplace and AMS that our team at 2nd Watch built for Cherwell Software is pictured here:

An example of an integration between AWS Marketplace and AMS

This AMS/AWS Marketplace integration is a win-win for any ISV looking to up their game with a SaaS offering. According to 451 Research, 41% of companies indicate they are lacking the platform expertise required to fully adopt hosting and cloud services within their organization. If this is the case, for companies whose core competency is not infrastructure or cloud, a managed service is a sure fit.

If you’re really looking to get up to speed quickly, our new onboarding service for AWS Managed Services (AMS) helps enterprises accelerate the process to assess, migrate, and operationalize their applications from on-premises to AWS. In addition, our Managed Cloud solutions help clients save 42% more than managing cloud services alone. Schedule a Discovery Workshop to learn more or get started.

I’ll throw one more stat at you; 72% of companies globally, across industries, will adopt cloud computing by 2022 based on the latest Future of Jobs Survey by the World Economic Forum (WEF). If you want to beat the “mainstream” crowd, start your migration now, knowing there are MSPs like 2nd Watch who can help with the transition as well as minimizing strain on your IT Operations team.

-Stefana Muller, Sr Product Manager

Facebooktwitterlinkedinmailrss

Cloud Autonomics and Automated Management and Optimization: Update

The holy grail of IT Operations is to achieve a state where all mundane, repeatable remediations occur without intervention, with a human only being woken for any action that simply cannot be automated.  This allows not only for many restful nights, but it also allows IT operations teams to become more agile while maintaining a proactive and highly-optimized enterprise cloud.  Getting to that state seems like it can only be found in the greatest online fantasy game, but the growing popularity of “AIOps” gives great hope that this may actually be closer to a reality than once thought.

Skeptics will tell you that automation, autonomics, orchestration, and optimization have been alive and well in the datacenter for more than a decade now. Companies like Microsoft with System Center, IBM with Tivoli, and ServiceNow are just a few examples of autonomic platforms that harness the ability to collect, analyze and make decisions on how to act against sensor data derived from physical/virtual infrastructure and appliances.  But when you couple these capabilities with advancements brought through AIOps, you are able take advantage of the previously missing components by incorporating big data analytics along with artificial intelligence (AI) and Machine Learning (ML).

As you can imagine, these advancements have brought an explosion of new tooling and services from Cloud ISV’s thought to make the once utopian Autonomic cloud a reality. Palo Alto Network’s Prisma Public Cloud product is great example of a technology that functions with autonomic capabilities.  The security and compliance features of Prisma Public Cloud are pretty impressive, but it also has a component known as User and Entity Behavior Analytics (UEBA).  UEBA analyzes user activity data from logs, network traffic and endpoints and correlates this data with security threat intelligence to identify activities—or behaviors—likely to indicate a malicious presence in your environment. After analyzing the current state of the vulnerability and risk landscape, it reports current risk and vulnerability state and derives a set of guided remediations that can be either performed manually against the infrastructure in question or automated for remediation to ensure a proactive response, hands off, to ensure vulnerabilities and security compliance can always be maintained.

Another ISV focused on AIOps is MoogSoft who is bringing a next generation platform for IT incident management to life for the cloud.  Moogsoft has purpose-built machine learning algorithms that are deigned to better correlate alerts and reduce much of the noise associated with all the data points. When you marry this with their Artificial Intelligence capabilities for IT operations, they are helping DevOps teams operate smarter, faster and more effectively in terms of automating traditional IT operations tasks.

As we move forward, expect to see more and more AI and ML-based functionality move into the core cloud management platforms as well. Amazon recently released AWS Control Tower to aide your company’s journey towards AIOps.  While coming with some pretty incredible features for new account creation and increased multi-account visibility, it uses service control policies (SCPs) based upon established guardrails (rules and policies).  As new resources and accounts come online, Control Tower can force compliance with the policies automatically, preventing “bad behavior” by users and eliminating the need to have IT configure resources after they come online. Once AWS Control Tower is being utilized, these guardrails can apply to multi-account environments and new accounts as they are created.

It is an exciting time for autonomic platforms and autonomic systems capabilities in the cloud, and we are excited to help customers realize the many potential capabilities and benefits which can help automate, orchestrate and proactively maintain and optimize your core cloud infrastructure.

To learn more about autonomic systems and capabilities, check out Gartner’s AIOps research and reach out to 2nd Watch. We would love to help you realize the potential of autonomic platforms and autonomic technologies in your cloud environment today!

-Dusty Simoni, Sr Product Manager

 

 

 

Facebooktwitterlinkedinmailrss

5 Steps to Cloud Cost Optimization: Hurdles to Optimization are Organizational, Not Technical

In my last blog post, I covered the basics of cloud cost optimization using the Six Pillars model, and focused on the ‘hows’ of optimization and the ‘whys’ of its importance. In this blog, I’d like to talk about what comes next: preparing your organization for your optimization project. The main reason most clients delay and/or avoid confronting issues regarding cloud optimization is because it’s incredibly complex. Challenges from cloud sprawl to misaligned corporate priorities can cause a project to come to a screeching halt. Understanding the challenges before you begin is essential to getting off on the right foot. Here are the 5 main challenges we’ve seen when implementing a cloud cost optimization project:

  • Cloud sprawl refers to the unrestricted, unregulated creation and use of cloud resources; cloud cost sprawl, therefore, refers to the costs incurred related to the use of each and every cloud resource (i.e., storage, instances, data transfer, etc.). This typically presents as decentralized account or subscription management.
  • Billing complexity, in this case, specifically refers to the ever-changing and variable billing practices of cloud providers and the invoices they provide you. Considering all possible variable configurations when creating many solutions across an organization, Amazon Web Services (AWS) alone has 500,000 plus SKUs you could see on any single invoice. If you cannot make sense of your bill up front, your cost optimization efforts will languish.
  • Lack of Access to Data and Application Metrics is one of the biggest barriers to entry. Cost optimization is a data driven exercise. Without billing data and application metrics over time, many incorrect assumptions end up being made resulting in higher cost.
  • Misaligned policies and methods can be the obstacle that will make or break your optimization project. When every team, organization or department has their own method for managing cloud resources and spend, the solution becomes more organizational change and less technology implementation. This can be difficult to get a handle on, especially if the teams aren’t on the same page with needing to optimize.
  • A lack of incentives may seem surprising to many, after all who doesn’t want to save money, however it is the number one blocker in large enterprises that we have experienced toward achieving optimization end goals. Central IT is laser focused on cost management and application/business units are focused more on speed and innovation. Both goals are important, but without the right incentives, process, and communication this fails every time. Building executive support to directly reapply realized optimization savings back to the business units to increase their application and innovation budgets is the only way to bridge misaligned priorities and build the foundation for lasting optimization motivation.

According to many cloud software vendors, waste accounts for 30% to 40% of all cloud usage. In the RightScale State of the Cloud Report 2019, a survey revealed that 35% of cloud spend is wasted. 2nd Watch has found that within large enterprise companies, there can be up to 70% savings through a combination of software and services.  It often starts by just implementing a solid cost optimization methodology.

When working on a project for cloud cost optimization, it’s essential to first get the key stakeholders of an organization to agree to the benefits of optimizing your cloud spend. Once the executive team is onboard and an owner is assigned, the path to optimization is clear covering each of the 6 Pillars of Optimization.

THE PATH TO OPTIMIZATION

STEP ONE – Scope It Out!

As with any project, you first want to identify the goals and scope and then uncover the current state environment. Here are a few questions to ask to scope out your work:

  • Overall Project Goal – Are you focused on cost savings, workload optimization, uptime, performance or a combination of these factors?
  • Budget – Do you want to sync to a fiscal budget? What is the cycle? What budget do you have for upfront payments? Do you budget at an account level or organization level?
  • Current State – What number of instances and accounts do you have? What types of agreements do you have with your cloud provider(s)?
  • Growth – Do you grow seasonally, or do you have planned growth based on projects? Do you anticipate existing workloads to grow or shrink overtime?
  • Measurement – How do you currently view your cloud bill? Do you have detailed billing enabled? Do you have performance metrics over time for your applications?
  • Support – Do you have owners for each application? Are people available to assess each app? Are you able to shutdown apps during off hours? Do you have resources to modernize applications?

STEP TWO – Get Your Org Excited

One of the big barriers to a true optimization is gaining access to data. In order to gather the data (step 3) you first need to get the team onboard to grant you or the optimization project team access to the information.

During this step, get your cross-functional team excited about the project, share the goals and current state info you gathered in the previous step and present your strategy to all your stakeholders.

Stakeholders may include application owners, cloud account owners, IT Ops, IT security and/or developers who will have to make changes to applications.

Remember, data is key here, so find the people who own the data. Those who are monitoring applications or own the accounts are the typical stakeholders to involve. Then share with them the goals and bring them along this journey.

STEP THREE – Gather Your Data

Data is grouped into a few buckets:

  1. Billing Data – Get a clear view of your cloud bill over time.
  2. Metrics Data – CPU, I/O, Bandwidth and Memory for each application over time is essential.
  3. Application Data – Conduct interviews of application owners to understand the nuances. Graph out risk tolerance, growth potential, budget constraints and identify the current tagging strategy.

A month’s worth of data is good, though three months of data is much better to understand the capacity variances for applications and how to project into the future.

STEP FOUR – Visualize and Assess Your Usage

This step takes a bit of skill. There are tools like CloudHealth that can help you understand your cost and usage in cloud. Then there are other tools that can help you understand your application performance over time. Using the data from each of these sources and collaborating them across the pillars of optimization is essential to understanding where you can find the optimal cost savings.

I often recommend bringing in an optimization expert for this step. Someone with a data science, cloud and accounting background can help you visualize data and find the best options for optimization.

STEP FIVE – Plan Your Remediation Efforts and Get to Work!

Now that you know where you can save, take that information and build out a remediation plan. This should include addressing workloads in one or more of the pillars.

For example, you may shut down resources at night for an application and move it to another family of instances/VMs based on current pricing.

Your remediation should include changes by application as well as:

  1. RI Purchase Strategy across the business on a 1 or 3-year plan.
  2. Auto-Parking Implementation to part your resources when they’re not in use.
  3. Right-Sizing based on CPU, memory, I/O.
  4. Family Refresh or movement to the newer, more cost-effective instance families or VM-series.
  5. Elimination of Waste like unutilized instances, unattached volumes, idle load balancers, etc.
  6. Storage reassessment based on size, data transfer, retrieval time and number of retrieval requests.
  7. Tagging Strategy to track each instance/VM and track it back to the right resources.
  8. IT Chargeback process and systems to manage the process.

Remediation can take anywhere from one month to a year’s time based on organization size and the support of application teams to make necessary changes.

Download our ‘5 Steps to Cloud Cost Optimization’ infographic for a summary of this process.

End Result

With as much as 70% savings possible after implementing one of these projects, you can see the compelling reason to start. A big part of the benefits is organizational and long lasting including:

  • Visibility to make the right cloud spending decisions​
  • Break-down of your cloud costs by business area for chargeback or showback​
  • Control of cloud costs while maintaining or increasing application performance​
  • Improved organizational standards to keep optimizing costs over time​
  • Identification of short and long-term cost savings across the various optimization pillars:

Many companies reallocate the savings to innovative projects to help their company grow. The outcome of a well-managed cloud cost optimization project can propel your organization into a focus on cloud-native architecture and application refactoring.

Though complex, cloud cost optimization is an achievable goal. By cross-referencing the 6 pillars of optimization with your organizations policies, applications and teams, you can quickly find savings from 30 – 40% and grow from there.

By addressing project risks like lack of awareness, decentralized account management, lack of access to data and metrics, and lack of clear goals, your team can quickly achieve savings.

Ready to get started with your cloud cost optimization? Schedule a Cloud Cost Optimization Discovery Session for a free 2-hour session with our team of experts.

-Stefana Muller, Sr Product Manager

Facebooktwitterlinkedinmailrss

Serverless Aurora – Is it Production-Ready Yet?

In the last few months, AWS has made several announcements around it’s Aurora offering such as:

All of these features work towards the end goal of making serverless databases a production-ready solution. Even with the latest offerings, should you explore migrating to a serverless architecture? This blog highlights some considerations when looking to use Backend-as-a-Services (BaaS) at your data layer.

Let’s assume that you’ve already either made the necessary schema changes and have migrated already or have a general familiarity of implementing a new database with Aurora Classic. Aurora currently comes in two models -Provisioned and Serverless Aurora. A traditional AWS database that is provisioned either has a self-managed EC2 instance or operates as a PAAS model using an AWS managed RDS instance. In both use cases, you have to allocate memory and CPU in addition to creating security groups to allow applications to listen on a TCP connection string.

In this pattern, issues can arrive right at the connection. There are limits as to how many connections can access a database before you start to see performance degradation or an inability to connect altogether when the limit is maxed out. In addition to that, your application may also receive varying degrees of traffic (e.g., a retail application used during a peak season or promotion). Even if you implement a caching layer in front, such as Memcache or Redis, you still have scenarios where the instance will eventually either have to scale vertically to a more robust instance or horizontally with replicas to distribute reads and writes.

This area is where serverless provides some value. It’s worth recalling that a serverless database does not equal no servers. There are servers there, but that is abstracted away from the user (or in this case the application). Following recent compute trends, Serverless focuses more on writing business logic and less on infrastructure management and provisioning to deploy from the requirements stage, to prod-ready quicker. In the traditional database model, you are still responsible for securing the box, authentication, encryption, and other operations unrelated to the actual business functions.

How Aurora Serverless works

What serverless Aurora provides to help alleviate issues with scaling and connectivity is a Backend as a Service solution. The application and Aurora instance must be deployed in the same VPC and connect through endpoints that go through a network load balancer (NLB). Doing so allows for connections to terminate at the load balancer and not at the application.

By abstracting the connections, you no longer have to create logic manage load balancing algorithms or worry about making DNS changes to facilitate for database endpoint changes. The NLB has routing logic through request routers that make the connection to whichever instance is available at the time, which then maps to the underlying serverless database storage. If the serverless database needs to scale up, a pool of resources is always available and kept warm. In the event the instances scale down to zero, a connection cannot persist.

By having an available pool of warm instances, you now have a pay-as-you-go model where you pay for what you utilize. You can still run into the issue of max connections, which can’t be modified, but the number allowed for smaller 2 and 4 ACU implementations has increased since the initial release.

Note: Cooldowns are not instantaneous and can take up to 5 mins after the instance is entirely idle, and you are still billed for that time. Also, even though the instances are kept warm, the connection to those instances still has to initiate. If you make a query to the database during that time, you can see wait times of 25 seconds or more before the query fully executes.

Cost considerations:

Can you really scale down completely? Technically yes, if certain conditions are made:

  • CPU below 30 percent utilization
  • Less than 40 percent of connections being used

To achieve this and get the cost savings, the database must be completely idle. There can’t be long-running queries or locked tables. Also, varying activities outside of the application can generate queries such as open sessions, monitoring tools, health-checks, so on and so forth. The database only pauses when the conditions are met, AND there is zero activity.

Serverless Aurora at .06/VCU starts at a higher price than its provisioned predecessor at .041. Aurora classic also charges hourly, where Serverless Aurora charges by the second with a 5-minute minimum AND a 5-minute cool-down period. We already discussed that cool-downs in many cases are not instantaneous, and now you pile on that billing doesn’t stop until an additional 5 minutes after that period. If you go with the traditional minimal setup of 2 VCU and never scale down the instances, the cost is more expensive by a magnitude of at least 3x. Therefore, to get the same cost payoff, your database would have to run only 1/3 of the time and can be achievable for dev/test boxes that are parked or apps only used during business hours in a single time-zone. Serverless Aurora is supposed to be highly available by default, so if you are getting two instances at this price point, then you are getting a better bargain performance-wise than running a single, provisioned instance for an only slightly higher price point.

Allowing for a minimum of 1ACU allows you the option of fully scaling down to a serverless database and makes the price point more comparable to RDS without enabling pausing.

Migration

Migrating to Serverless Aurora is relatively simple as you can just load in a snapshot from an existing database.

Data API

With Data API, you no longer need a persistent connection to query the database. In previous scenarios, a fetch could take 25 seconds or more if the query is executed after a cool-down period. In this scenario, you can query the serverless database even if it’s been idle for some time. You can leverage a Lambda function via API gateway which works around the VPC implementation. AWS has mentioned it is providing performance metrics around the time it takes on average to execute a query with data API in the next coming months.

Conclusion

With the creation of EC2, Docker, and Lambda functions, we’ve seen more innovation in the area of compute and not as much on the data layer. Traditional provisioned relational databases have difficulties scaling and have a finite limit on the number of connections. By eliminating the need for an instance, this level of abstraction presents a strong use case for unpredictable workloads. Kudos to AWS for engineering a solution at this layer. The latest updates these last few months embellish AWS’ willingness to solve complex problems. Running 1ACU does bring the cost down to a rate comparable to RDS while providing a mechanism for better performance if you disable pauses. However, while it is now possible to run Aurora serverless 24/7 more cost-effectively, this scenario contrasts their signature use case of having an on/off database.

Serverless still seems a better fit for databases that are rarely used and only see spikes on occasion or applications primarily used during business hours. Administration time is still a cost, and serverless databases, despite the progress, still has many unknowns. It can take an administrator some time and patience to truly get a configuration that is performant, highly available, and not overly expensive. Even though you don’t have to rely on automation and can manually scale your Aurora serverless cluster, it takes some effort to do so in a way that doesn’t immediately terminate the connections. Today, you can leverage ECS or Fargate with spot instances and implement a solution that yields similar or better results at a cheaper cost if a true serverless database is the desired goal. I would still recommend this for dev/test workloads and see if you can work your way up to prod for smaller workloads as the tool still provides much value. Hopefully, AWS releases GA offerings for MySQL 5.7 and Postgres soon.

Want more tips and info on Serverless Aurora or serverless databases? Contact our experts.

-Sabine Blair, Cloud Consultant

Facebooktwitterlinkedinmailrss