Ask Sendai

AWS has released a new whitepaper, Amazon Web Services’ Approach to Operational Resilience in the Financial Sector and Beyond, in which we discuss how AWS and customers build for resiliency on the AWS cloud. We’re constantly amazed at the applications our customers build using AWS services — including what our financial services customers have built, from credit risk simulations to mobile banking applications. Depending on their internal and regulatory requirements, financial services companies may need to meet specific resiliency objectives and withstand low-probability events that could otherwise disrupt their businesses.

Earlier this month my colleague Bala Thekkedath published a story about Extreme Scale HPC and talked about how AWS customer Western Digital built a cloud-scale HPC cluster on AWS and used it to simulate crucial elements of upcoming head designs for their next-generation hard disk drives (HDD). The simulation described in the story encompassed a little over 2.5 million tasks, and ran to completion in just 8 hours on a million-vCPU Amazon EC2 cluster.

Customers rely on us to help navigate the complexities of the increasingly competitive cloud wars. This inspired the 2018 Cloud Computing Report, where we benchmark performance, latency, CPU, network, I/O, and cost of AWS and GCP. Note: As of December 20, 2018, we have updated two sections in this report: Network Throughput and I/O Experiment. The updates do not change the relative performance of either cloud — however, it does narrow the gap.

Kiam: Iterating for Security and ReliabilityPaul InglesBlockedUnblockFollowFollowingMay 1Kiam bridges Kubernetes’ Pods with Amazon’s Identity and Access Management (IAM). It makes it easy to assign short-lived AWS security credentials to your application. We created Kiam in 2017 to quickly address correctness issues we had running kube2iam in our production clusters. We’ve made a number of changes to it’s original design to make it more secure, reliable and easier to operate. This article covers a little of the story that led to us creating Kiam and more about what makes it novel.

At Ibotta, we chose kube2iam to assign AWS IAM Roles to containers running in our Kubernetes cluster. Lately, we’ve run into some issues with it—specifically when running a job that scores all of our service repos. This spins up a number of pods in parallel and has often failed to correctly access roles. After further investigation, the future of the project seems to be uncertain and there are other issues logged around race conditions, etc.

Recently a question got asked on Hacker News that grabbed my attention. I wanted to know how others’ experience has been. At ACL, we have multiple Lambda functions that we heavily rely on, and we use Terraform to deploy them. It’s been working well for us, so I was curious to know how others have approached Lambda. However, it seemed that others were struggling: In short, I was left wondering “why don’t people simply use Terraform?

It’s been almost a year since support for the Go programming language in AWS Lambda was announced at re:Invent 2017. Meanwhile the Serverless hype train has gained full steam, FaaS offerings of all major cloud providers have reached a respectable level of maturity and an increasing amount of teams are building applications based on the model while figuring out how to best manage software consisting of a set of managed cloud resources and individually deployable functions.

Amazon introduces a new S3 Storage tier called Intelligent-Tiering which optimizes storage costs by automatically selecting the most cost-effective storage tier based on usage patterns. This new tier can help reduce costs for customers infrequently accessing their data in S3. Source: infoq.com

Cloud computing has become the dominant IT paradigm and multi-cloud looks poised to be the primary approach, with 81 percent of enterprises already adopting a multi-cloud strategy. A multi-cloud strategy prevents vendor lock-in, which is increasingly important as three major providers (AWS, GCP, and Azure) dominate the market. Despite the many benefits of a multi-cloud strategy, deploying across multiple clouds is still incredibly complex. While Kubernetes has emerged as the standard container orchestration platform, most organizations are running more than just container workloads, and thereâs currently no standard for workload portability across managed services.

I’ve been using EKS in production for a small number of months now and so far, so good. Really impressed by the simplicity of getting a cluster up and running and ready for workloads. AWS provide a greatGetting Started Guideon their website, which is super duper for getting your head around the components and glue required for getting EKS stood up. EKS is a very vanilla service, giving users a cluster that conforms to CNCF standards,which Kubernetes purists will be very happy with, however, don’t think that because AWS provides Kubernetes as a service, you no longer have to worry about getting your nodes optimised and ready for your heavy workloads.