Will you be at AWS re:Invent 2018? 2nd Watch is sponsoring the event, and we want to see you! Stop by booth #2440 to speak with a cloud solutions expert or pre-schedule your meeting with us today.
Plus, pick up your limited-edition 2nd Watch t-shirt – back by popular demand, The Datafather t-shirt! – and enter to win an Amazon DeepLens. And don’t forget about the 2nd Watch After Party! Request your invitation to one of the hottest parties at re:Invent. You’ve worked hard. You deserve a little fun.
Last, 2nd Watch is hiring and will be meeting with top-talent professionals at re:Invent. If you are attending re:Invent and would like to discuss opportunities to join our dynamic team, please contact our team at email@example.com or check out our careers page to see a complete list of open positions
See you in Vegas!
-Nicole Maus, Marketing Manager
The annual AWS re:Invent conference is just around the corner kicking off on November 26th in Las Vegas. Rest assured, there will be lots of AWS-related products, partners, and customer news, not to mention more than a few parties and chances to network with fellow conference-goers. Here are some helpful tips and a few topics we expect to hear about this year.
1. Enterprise Security – Always a hot topic.
As Enterprise cloud adoption continues to grow at an increasing pace, so does the need for strong governance and security offerings. This year we have seen many new releases and enhancements from AWS to beef up its security offerings. Amazon Guard Duty was released at re:Invent 2017, so we may see some new capabilities announced such as improved integration with other new or existing AWS services.
GRC is not just for your old data center anymore. Governance, Risk and Compliance is vital for long-term success of your adoption of the cloud. With the initial release of AWS Compliance Center for Financial Services in early September, we anticipate some updates there as well.
The dynamic nature of the cloud continues to create specific challenges for security. Better security and visibility for ephemeral resources, such as containers, and especially for AWS Lambda, are a particular challenge. We would be extremely surprised if we didn’t see some more announcements in this area.
2. Will CEO Andy Jassy finally bring me the Transit VPC Service I’ve been dreaming of?
For many years we have had the architectural challenge of transitive routing in AWS, and for many years I have sat in attendance at the re:Invent keynote in awe over Andy Jassy and Werner Vogels, hanging on their every last word as they masterfully fire out new product releases like it was some sort of magic show, many of us hoping they would one day announce that they are going to solve this transitive routing challenge with a cloud native AWS service. But alas, each year it has been like opening all your Christmas gifts only to find the one thing you really, really hoped for was nowhere to be found. Will this finally be the year? Will Santa Jassy bring us the easy button for transitive routing? With the recent releases and lots of extensive activity around Transit VPC via CFT in combination with Lambda, tags and Cisco CSR’s, it feels like we’re almost there. Surely they will not let another year pass. My bet is this is the year we see it come to fruition. I will get my most sought-after gift this year. I will get my Atari 2600, my Optimus Prime, my AT-AT Walker. You bet I will! Well, at least I hope.
3. General Releases – ‘nuff said!
Amazon Data Lifecycle Manager was released in July of this year and is a simple way to schedule and manage EBS volume backups without relying on a third-party tool. We expect to see expansion into more regions and are hopeful for more granular snapshot timing options. Currently it only allows scheduled backups to run every 12 or 24 hours.
As has become the norm, we anticipate new instance types and/or families to be announced. Last year we saw M5 and H1 instance types as well as Bare Metal instances (preview) introduced. Per an article by Jeff Barr earlier this year, Bare Metal Instances with 6 TB, 9 TB, 12 TB, and more memory are in the works, all designed specifically for SAP HANA and other in-memory workloads. We wouldn’t be surprised to see some sort focus around this.
4. Parties, let’s get this place rockin’!
2nd Watch will be teaming up with Palo Alto Networks this year to host its annual party at the Omnia Nightclub located in Caesars Palace. There will be great food, an open bar, an awesome DJ, and of course friends from years past. Every year this is a sold out party, so if you’re not yet on the guest list, request your invitation at https://offers.2ndwatch.com/aws-reinvent-2018. We’d love to connect with you, and it’s a party you will not want to miss.
In keeping with a long-running tradition, AWS’ re:Play Party will be off the chain and likely cause some rough flights home the next day. Last year, DJ Snake spun the night away while attendees bounced on mega castles, played games and took advantage of the open bar. Amazon Web Services always pulls out all the stops, and we expect this year they will continue to raise the bar.
2nd Watch Tips & Tricks
Last, we want to offer up some information we think will be beneficial to maximize your time at re:Invent. Here are a few tips & tricks we have learned over the past 6 years (Wow! Has it been that long already?)
- Avoid walkup breakout sessions, unless there is a very short, or no, line. Many people have waited up to 2 hours for a walkup breakout session only to be turned away at the door due to a full house. Have no fear, friends! All of the breakout sessions are recorded and will be posted online, so if you can’t make one live, use your lunch break to play catch up once you get home.
- Consider signing up for the Hackathons, Security JAMs, Labs, Workshops, and Chalk Talks instead of breakout sessions. These are usually a really good investment of your re:Invent time where you get to interact and learn a lot. These are often not recorded and shared online, so taking advantage of these in person is a great opportunity not available after re:Invent is over.
- Avoid relying on the shuttle service if you have limited time between events in different hotels. Instead, consider using the Monorail system. This now seems to be the fastest and most consistent way to get around. Plan ahead, though, so you know where the entrances are, as you may not have time to do that while you are racing from event to event.
We are sure that there will be many new acronyms to learn after this year and lots of new services to sift through. One thing we do know for certain is that once the re:Invent dust has settled, 2nd Watch will be at the ready and by your side to help you consume and adopt the BEST solutions for your cloud journey. Swing by our booth, #2440, for some swag and a chat. This year we are giving away Amazon DeepLens cameras, and we are super excited to see you!
We also invite you to join us at our breakout session, ‘Proven Methodologies for Accelerating Your Cloud Journey.’ Here you will learn how to accelerate your journey to the cloud while implementing a cloud-first strategy without sacrificing the controls and standards required in a large, publicly-traded enterprise.
- Benefit from insights developed from working with some of the most recognized brands in the world.
- Discover how these household names leverage automation, CI / CD, and a modular approach to workload design to ensure consistent application of their security and governance requirements.
- Learn which approaches to use when transforming workloads to cloud native technologies, including serverless and containers.
With this approach, business users can finally receive properly governed resources without delaying or disrupting their need for agility, flexibility and cloud scale.
Finally, don’t forget to schedule a meeting with one of our AWS Professional Certified Architects, DevOps or Engineers while you’re at re:Invent. We would love to hear all about your cloud journey needs! That is all for now, we hope you are as excited as we are this year and can’t wait to see you in Las Vegas.
– Dustin Snyder, Cloud Practice Manager
The simple way to describe Azure Cloud Shell is an on-demand Linux VM with a managed toolset that is accessible from virtually anywhere. You can access it via the Azure Portal, shell.azure.com, the Azure Mobile App, and Visual Studio Code. Pricing is simple. you only need to pay for storage that is used to persist your files between Cloud Shell sessions. Finally, Cloud Shell offers two shell experiences – Bash and PowerShell – however you can access PowerShell from Bash and Bash from PowerShell, so just choose whatever you are most comfortable with.
Cloud Shell contains the following tools:
- Linux Tools– bash, zsh, sh, tmux, dig
- Azure Tools– Azure CLI, AzCopy, Service Fabric CLI
- Programming Languages– .NET Core, Go, Java, Node.js, PowerShell, Python
- Editors– vim, nano, emacs, code
- Source Control– git
- Build Tools– make, maven, npm, pip
- Containers– Docker CLI / Docker Machine, Kubectl, Helm, DC/OS CLI
- Databases– MySQL client, PostgreSQL client, sqlcmd utility, mssql-scripter
- Other– iPython Client, Cloud Foundry CLI, Terraform, Ansible, Chef InSpec
You are probably thinking to yourself, that’s great, but what can I use it for? Good question…
Got a bunch of Azure management scripts that you have developed and need to be able to run? Cloud Shell is a great way to run and manage those scripts. You can leverage git for version control and run PowerShell, Bash, or Python scripts whenever and wherever you are. For example, you are grabbing some lunch and the boss sends you an email asking how many VMs are currently running in your environment and wants the answer right now. Being that this isn’t the first time that the boss has asked this question, you have already created a script that will send a report with how many VMs are currently running. So, you load the Azure Mobile App on your phone, connect to Cloud Shell to run the script and get back to your lunch without having to run back to the office.
Are you an Azure CLI master? Cloud Shell has you covered! Cloud Shell always has the latest version of the Azure CLI without you ever having to maintain a VM or update your local installation.
Need to deploy an agent to a bunch of VMs but don’t want to manage a Configuration Management tool? Once again, Cloud Shell has you covered. Use the built-in Ansible to run a playbook that deploys the agent you need installed.
Do you run a multi-cloud shop? Need to deploy things to both Azure and AWS? Then you are in luck! With Cloud Shell you can use Terraform to deploy both Azure and AWS resources. Another multi-cloud idea would be to install the AWSPowerShell.NetCore PowerShell module to be able to perform day-to-day tasks and automation of AWS.
There are some limitations of Cloud Shell, such as your Cloud Shell session being temporary. It will be recycled after your session is inactive after 20 minutes.
The pricing for Azure Cloud Shell is great. Like I mentioned before, you only pay for storage. Storage is used to persist data between instances of Cloud Shell. If you install a PowerShell module or use git to clone a repo, the next time you fire up Cloud Shell, those files are still there.
Azure Cloud Shell can help with a lot of different use cases and requires very little management. For more information on Azure Cloud Shell visit https://docs.microsoft.com/en-us/azure/cloud-shell/overview or for help getting started with Azure, contact us.
-Russell Slater, Senior Cloud Consultant
It’s been about one month since VMworld 2018, and the focus was heavy on VMware on AWS. Let’s review 6 of the major announcements around the offering and what’s coming next.
- NSX Upgrades
If you’re familiar with NSX, we’re looking at the upgrade of NSX-V to NSX-T inside of the VMware on AWS environment. This is going to open a lot of new functionality for users as it’s a “cloud-ready” version of the product. We saw this with the announcement of NSX micro-segmentation and security upgrades (Distributed Firewall) and with the changes to the Direct Connect to allow NSX to pass both management and compute traffic across the private link. We’re excited to see the NSX-T load balancing options on the roadmap and look forward to testing those out.
- Node Counts and Discounts
The minimum number of nodes to run in the SDDC was reduced from 4 to 3, effectively reducing the price to get in the door by 25%. They further offered to only charge you for 2 of the 3 nodes for 90 days. This effectively gets you down to half price. For clients looking to use SDDC for smaller datacenters or as a pilot light to DR, this is very good news. But let’s be honest, 4 nodes were still cheaper than your physical DR datacenter. Note that a two-host SDDC cluster is on the roadmap, so look for that entry price point to be even cheaper.
- New Instance and Storage Options
VMware on AWS now has the option to choose the R5.metal instance type instead of the i3.metal instance type. With this instance type there are a number of important changes. First, the hosts are 50% bigger than the i3 instance type. Secondly, you can only get EBS based storage that comes between 15Tb – 35Tb in size (in 5Tb increments). These EBS disks for the R5 will be available over iSCSI networking paths as opposed to being connected directly with the i3. There might be a case where the performance will dictate one or the other. We hope to see more instance types in the future and, on the storage front, are excited about shared disks on the roadmap so we can run our classic active/passive sql clusters and cut our sql licencing bill in half.
- Speaking of Licensing, Custom Core Counts
When enterprise software is licensed by core (*cough* oracle *cough), having flexibility to choose/limit core counts can save a lot of money.
- HCX or should I say “NSX Hybrid Connect”?
HCX got a lot of love and a rebranding. With the new VMware Cloud Motion with vSphere Replication feature for HCX you can live migrate thousands of vms reliably. Basically, you schedule your migration, and the data is pre-migrated and ready for the final move when you are. VMware HCX was rebranded as NSX Hybrid Connect.
VMware announced its new region in APAC and is continuing to push for new regions on an aggressive release cycle. The next regions on the roadmap are Tokyo, Ohio, north CA, and Dublin. We hope that Tokyo is soon so that APAC gains a pairing for regional active/passive failover strategies.
That’s our list of 6 major VMware on AWS announcements from VMWorld and a review of the roadmap for features coming down the pipe. If you’re interested in learning more about VMware on AWS, contact us.
-Coin Graham, Principal Consultant
By now you’ve likely heard of VMware Cloud on AWS, either from the first announcement of the offering, or more recently as activity in the space has been heating up since the product has reached a state of maturity. On-premises, we loved what VMware could do for us in terms of ease of management and the full utilization of hardware resources. However, in the cloud the push for native services is ever present, and many first reactions about VMC are “Why would you do that?” This is certainly the elephant in the room whenever the topic arises. Previous experience with manually deployed VMware in the AWS cloud required nested virtualization and nearly the same care and feeding as on-premises. This further adds to initial reaction. Common sense would dictate however, that if the two 800-pound gorillas come together in the room, they may be able to take on the elephant in the room! As features have been added to the product and customer feedback implemented, it has become more and more compelling for the enormous installed base of VMware to take advantage of the offering.
What are the best features of VMware Cloud on AWS?
Some of the most attractive features of the cloud are the managed services, which reduce the administrative overhead normally required to maintain reliable and secure operations. Let’s say you want to use SQL Server in AWS. Moving to the RDS service where there is no maintenance, configuration or patching of the underlying server is an easy decision. After some time, the thought of configuring a server and installing/maintaining a RDBMS seems archaic and troublesome. You can now have your DBA focus on the business value that the database provides. VMware Cloud on AWS is no different. The underlying software and physical hardware is no longer a concern. One can always be on the optimum version of the platform with no effort, and additional hardware can be added to a cluster at the press of a button.
So, what software/service helps manage and control the entirety of your IT estate?
There are many third-party software solutions, managed service providers, and up and coming native services like Simple Systems Manager. Now imagine a cloud based managed service that works for on-premises and cloud resources, and has an existing, mature ecosystem where nearly everyone in Enterprise IT has basic to advanced knowledge. Sounds attractive, doesn’t it? That is the idea behind VMware Cloud on AWS.
The architecture of VMC is based on dedicated bare metal systems that are physically located in AWS datacenters. VMware Cloud on AWS Software Defined Datacenters (SDDCs) are deployed with a fully configured vSAN running on NVMe Flash storage local to the cluster, which currently can expand up to 32 nodes. You are free to provision the hosts anyway you see fit. This arrangement also allows full access to AWS services, and keeps resources in the same low latency network. There is also a connector between the customer’s AWS account and the VMC SDDC, allowing direct low latency access to existing AWS resources in a client VPC. For management, the hybrid linked mode gives a single logical view spanning both on-premises and VMC vCenter servers. This allows control of the complete hybrid environment with vCenter and the familiar web console.
Figure 1. VMware Cloud on AWS Overview
Below are some selected capabilities, benefits, and general information on the VMware Cloud on AWS:
- There is no immediate requirement for refactoring of existing applications, but access to AWS services allows for future modernization.
- Very little retraining of personnel is required. Existing scripts, tools and workflows are reusable.
- Easy expansion of resource footprint without deploying more physical infrastructure.
- Easy migration of VMs across specific geographies or between cloud/premises for compliance and latency reasons.
- VMware native resiliency and availability features are fully supported: including DRS for workload distribution, shared storage for clustered application support, and automatic VM restart after node failure.
- DR as a service with Site Recovery is supported, including the creation of stretched clusters. This can provide zero-RPO between AZ’s within the AWS region. This service takes advantage of the AWS infrastructure which is already designed with high availability in mind.
- VMware Horizon 7 is fully supported. This can extend on-premises desktop services without buying additional hardware and enables placement of virtual desktops near latency-sensitive applications in the cloud.
- The service has GDPR, HIPAA, ISO, and SOC attestations to enable the creation of compliant solutions.
- Region expansion is underway and two new regions have recently come online in Europe.
- Discounts are available based on existing product consumption and licensing.
- Integration with CloudFormation for automated deployment is available.
Figure 2: VMware Cloud on AWS Target use cases
So for those currently using VMware and considering a move to the cloud and/or hybrid architecture, VMware Cloud on AWS offers the most straightforward gateway into this space. The service then brings all the hundreds of services in the AWS ecosystem into play, as well as a consistent operational model, the ability to retain familiar VMware tools, policies, management, and investments in third-party tools. So instead of planning and executing your next hardware refresh and VMware version upgrade, consider migrating to VMware Cloud on AWS!
For help getting started migrating to VMware Cloud on AWS, contact us.
-Eric Deehr, Cloud Solutions Architect & Technical Product Manager