Welcome to This Week in DevOps where I bring you the top news in the DevOps world every week. Don’t forget to Subscribe if you’re reading this on the Blog to get this info straight to your inbox each week. If you’re receiving this via email, thanks for being a subscriber!
This week we are releasing a little late due to AWS re:Invent wrapping up their announcements on a Tuesday. There are a LOT of announcements so we are covering the most interesting and compelling this week. For a full summary you can check out this blog post put out by AWS after re:Invent: AWS re:Invent Summary
AWS
AWS::ECS – Cluster Autoscaling is now generally available
It looks like this feature still uses Autoscaling Groups under the hood but sets up a policy on the ASG automatically for you. It also gives you access to a new scaling metric called Capacity Provider Reservation. This new metric measures combined CPU and Memory requirements currently and for future scale up events. In theory this allows quicker scaling than CPU or memory based triggers alone.
Cluster Autoscaling also comes with Container Aware Instance Termination Protection which should make scale in/down events much less risky for running containers. It’s not immediately clear how termination will be prioritised however.
AWS::EKS – EKS on Fargate now generally available
Fargate for ECS has seen rapid adoption amongst customers looking for quick hassle free container deployments but one of the major complaints has been the proprietary nature of ECS. This announcement puts AWS squarely in competition with Google Cloud Kubernetes Engine and may inspire some companies to migrate their Kubernetes workloads.
Keep in mind that ECS Fargate still has some serious limitations such as lack of persistent storage options and this Kubernetes based offering is likely to be similar. So make sure it meets the requirements of your application before planning a migration.
AWS::LocalZone – Now available in Los Angeles
AWS Local Zones are smaller regions with a subset of their most popular services. This zone appears to be targeting companies looking to minimize latency for Southern California based customers.
This zones programmatic access name is us-west-2-lax-1a. For CLI and console access use the us-west-2 API endpoint and the US West (Oregon) Console. The Los Angeles zone is connected to us-west-2 via a private AWS backbone network.
AWS::Outposts – Now available to order
AWS Outpost is a mini EC2 zone in your own office or data center. Once ordered, AWS will deliver a rack with EC2 instances based on your specification. The rack connects to one of 16 global regions and is controlled through that regions API. Outposts currently supports Intel Nitro based instances in the following sizes: C5, C5d, M5, M5d, R5, R5d, G4, and I3en.
AWS::MCS – Managed Cassandra Service now generally available
Great news for AWS clients using Cassandra, MCS is serverless for easy scaling and storage is unlimited. Data is automatically replicated across 3 Availability Zones for extra reliability.
MCS implements the Apache Cassandra version 3.11 CQL API so migration should be fairly seamless. It also integrates with IAM for access management using your existing roles and policies.
AWS::Braket – Quantum Computing
Yes that’s right, AWS now supports Quantum Computing as a service. You would be forgiven for doing a double take on this headline since AWS published a Quantum Computing announcement on their blog as an April fools joke almost 10 years ago.
Braket appears to consist of a Quantum Computing Lab located adjacent to CalTech along with a Consulting Arm that aims to help potential users roll out Quantum workloads. Quantum resources are accessed via a cloud based notebook style interface.
AWS::WAF – Introducing Managed Rules
Anyone who’s maintained WAF rules in the past knows that it can be a confusing and time consuming process. With the introduction of managed rules for AWS WAF you can now offload some of that burden to AWS directly and get out of the box protection immediately when you start using WAF. AWS should be able to do an excellent job maintaining these rules with the amount of data on threat vectors that they have available.
AWS::SageMaker – Introducing Studio, a fully integrated IDE for machine learning
Sagemaker Studio ties together all the tools used for Machine Learning development into one convenient IDE. For now it is available only in us-east-2 (Ohio).
The main IDE components appear to be comprised of the following:
- Notebooks – Jupyter notebooks on Sagemaker and EC2.
- Debugger – Better debugging and visibility into your ML models.
- Experiments – Run and track thousands of models simultaneously and compare results.
- Model Monitor – Detect model deviation and degradations and alerts on these events.
- Autopilot – Automated algorithm selection, data pre-processing and tuning.
Putting all of these components into one place is sure to make life easier for ML developers, however the quality of each component needs to be proven before this can be considered a success.
GoogleCloud
GoogleCloud::StackDriver – CloudCode Plugin for Visual Studio Code
This plugin allows you to view StackDriver logs directly within Visual Studio code. This will be useful for developers working with Terraform or similar automation tools as they can now view results from their changes within their editor.
The plugin also supports Kubernetes specific filtering and is fully integrated with StackDriver. You can get Cloud Code for VSCode here.
GoogleCloud::FedRamp – Google Cloud is now FedRamp High Authorized
If you’ve been putting off migrations to Google Cloud due to FedRamp compliance concerns, this is your chance to finally migrate those legacy applications. Although this is a niche authorization, there were enough clients requesting that Google felt it would be worthwhile. This is also undoubtedly a play to poach government clients from AWS GovCloud and Azure.
Azure
Azure::AKS – Application Gateway Ingress Controller
The new Application Gateway Ingress Controller (AGIC) for AKS is open source and leverages Azures L7 Application Gateway Load Balancer. Azure claims that the Application Gateway Ingress Controller has almost 50% lower latency than in-cluster ingress controllers due to it’s direct connection to Kubernetes Pods.
AGIC currently supports the following features with more on the way according to Azure:
- URL routing
- Cookie-based affinity
- SSL termination
- End-to-End SSL
- Integrated WAF
Leave a Reply