.AWS’s re:Invent 2018 is back again, bigger and just plain crazier than ever. It’s only day one but already some significant new announcements have landed. This follows on from a slew of pre-event announcement. Let’s have a look at the most important for our customers
AWS Transit Gateway
Networking can get pretty complex. When you have multiple VPCs and a hybrid solution with an on-premises environment, routing between VPCs and on-premises can get complicated. You have to set up VPC peering. You’ll also probably implement Direct Connect or an Internet based VPN. You might need multiple VPNs and you might need a Direct Connect Gateway! It can become tricky to manage very quickly.
At re:Invent 2018 today, AWS announced Transit Gateway. It allows you to implement a hub and spoke model within AWS. You can connect all your VPCs and on-premises environment to the Transit Gateway. Routing is taken care of automatically. No more complex routing challenges to deal with and far less components to manage. It also supports multi-account VPCs.
This new service will fundamentally change how we architect hybrid solutions for our customers, reducing complexity.
Firecracker
Have you ever wondered about the latest technology behind the serverless solutions on AWS such as Fargate and Lambda? Well, its called Firecracker and AWS have now open sourced it. It’s a super lightweight virtualisation technology that allows you to launch containers in milliseconds. You can download, install and run it on your own infrastructure or in the Cloud.
It maintains the same security isolation that you expect from an enterprise grade hypervisor. It’s high performance, low overhead and proven in use by AWS. Here’s a great opportunity to be involved with some cutting edge technology and contribute to its evolution!
Pre re:Invent 2018 announcements
In the run up to re:Invent 2018, there were a number of interesting announcements that were also very relevant to our customers and the AWS strategy as a whole.
CloudFormation drift control
We are big fans of automation. One of the tools that is foundational to us is CloudFormation. CloudFormation allows us to define and deploy an entire infrastructure stack from a template. It makes for a repeatable approach to infrastructure as code. One of the challenges for long running services is that once a CloudFormation stack has been launched from a template, it can be modified by anyone with the appropriate permissions. These changes can be made via the console or the CLI.
Drift control allows you to compare the running state of the stack with the template to identify changes that have been made and either back out the changes or update the template to suit. It’s like configuration management for infrastructure as code!
RDS on VMWare vSphere
Here’s an interesting one. You will soon be able to run RDS, AWS’s managed database service, on vSphere in your data centre. RDS will run as a fully AWS managed VM on your infrastructure. Now, backup your RDS database to the AWS Cloud. Run read replicas in the Cloud. Migrate the database to the Cloud at the click of a button! Think of it as a private Availability Zone (AZ) connected to the AWS Cloud. It will even support multi-AZ deployments giving you a very low RTO DR solution for your databases.
Route 53 Resolvers for hybrid Cloud
DNS resolution across AWS Cloud and on-premises can be a challenge for hybrid solutions. You could run Active Directory. Otherwise, you had to build and run DNS servers with forwarders.
AWS have now announced Route 53 resolvers that provides bi-directional querying between on-premises and AWS environments. Route 53 Resolver endpoints handle inbound DNS queries, allowing DNS queries from on-premises to resolve AWS hosted names. Conditional Forwarding rules enable outbound DNS queries to on-premises domains.
For environments that don’t make use of something like AD, Route 53 Resolvers will simplify the solution.
Systems Manager enhancements
AWS Systems Manager is a fantastic tool for managing your EC2 fleet. Until recently, it has been for single account only.
You can now see and manage your fleet for multiple regions and accounts in a single console. This is especially relevant for customers who have a multi-account solution. Now you know that your fleet is being managed consistently.
On top of that, Systems Manager Distributor allows you to secure store and distribute software packages, such as agents, to EC2 instances in your account. Manage and update you packages automatically!
Wow! There’s so much to consider. However, we are only just getting started here at re:Invent 2018. Stay tuned for further announcements and blog posts during the week.
