“Zero Trust” is a big security concept / buzzword at the moment. When most people think Zero Trust, they often think policies around systems in the form of firewalls or enclaves. Banyan, however, sees it differently. Banyan brings the least privilege access model to remote access. Banyan positions their solution as a replacement to VPN spurred on by Security Teams and DevOps professionals.Read More
Amazon has made available a new set of graphics in Visio, and other formats. These stencils are an excellent resource for architects and engineers who need to document cloud environments.
The symbols can be found here: https://aws.amazon.com/architecture/icons/
All the major file formats are available including: EPS, PNG, SVG, Visio, and PowerPoint. Interestingly, there are two sets of PowerPoint shapes. One supports light backgrounds. The other supports dark backgrounds. I’ve included an example of what each looks like for comparison.Read More
I recently read through Nick Triantafillou’s excellent review of AWS re:Invent 2018 SWAG and feel there needs to be a bit of a level set for people who didn’t attend. This is especially true if you are considering attending next year, and you expect to take home a massive haul of free stuff. Not everyone who attends walks away with all of the items. Know that the best way to get swag at re:Invent is to have a plan.Read More
AWS is the clear leader in cloud, Microsoft, Google, and even Oracle have recently made attempts to cut into Amazon’s market share. Microsoft has done an admirable job of leveraging enterprise connections coupled with some very nice cloud products to emerge has a worthy challenger. Google recently made some leadership changes at the top which observers of the space find intriguing. Finally, Oracle keeps pushing in terms of price to performance ratios. AWS has to keep the pedal to medal in terms of innovation to keep their lead position.Read More
In my past, I've worked with NetApp, Equallogic, EMC, and various other NAS/SAN devices. After working briefly with SoftNAS, I can say that anyone familiar with those types of systems will feel right at home. Think of the SoftNAS vm as a "controller" and the local cloud storage as "shelves." The layout and terminology should make sense to anyone with a storage background. That level of knowledge could be comforting to an organization making a transition to the public cloud.Read More
Amazon Web Services offers several services which are region specific. When encountering an error, the first thing you should do is validate that you are operating in the correct region(s). This was an issue I ran into recently when using CloudFormation.Read More
Amazon's AWS public cloud is often used by IT pros to test and prototype ideas on their own often replacing a traditional home lab setup. The ability to quickly spin up virtual infrastructure components and then shut them down after testing completes is a great help for exploring new ideas. Costs for AWS are based upon consumption. Customers "pay by the drink." Because the monthly bill is based on what's consumed, it's important to keep track of the costs.
Recently, I was confronted with a higher than usual monthly bill. I wasn't sure how it was possible as I hadn't used the service very much the previous month. Moreover, I always remember to shutdown unused servers.Read More
I recently had an experience which underscored for me the power of AWS CloudFormation. My test lab is almost exclusively run in the cloud now. So when I need to demo things before discussing them with a customer, I build environments in AWS. One such environment was for SQL Server 2016. The original idea was to use Windows Server 2012 as the OS with SQL Server 2016 as the database platform. The customer recently decided that we should look at Windows Server 2016 as the OS instead.
I was able to adjust to the customer's request by altering two lines of code - one per EC2 instance. That's it! Just two lines of code, and I could redeploy the whole setup. The only lines that needed to be updated were the ones referencing the ImageId property. Previously, I would have built these servers in VMware workstation or Hyper-V and it would have taken a few hours. Now, it's just minutes.Read More
I recently created an Amazon EC2 CloudFormation template to automate the build out of a Windows Server with SQL Server pre-installed. The template came from an official Amazon/Microsoft ami in the Amazon Marketplace. Since this was for a simple proof-of-concept test, I wanted to use the t2.medium type, which I've used for various other projects. The t2.medium instance type usually provides a reasonable value in terms of price to performance. Upon execution of the CF Template, I noticed the template rolled back. When I looked for an error, it read "Microsoft SQL Server is not supported for the instance type 't2.medium'."
The error threw me for a minute, but then I ran a quick google search and it came back with a few hits. I wasn't the first person to hit this error. I found the page defining the Windows Server 2012 with SQL Server 2016 Standard Edition. That page can be found here (https://aws.amazon.com/marketplace/pp/B01H4DL45A?qid=1518460124383&sr=0-1&ref_=srh_res_product_title) . The page lists all supported instance types. My favorite, the t2.medium was not among them. I instead chose to use the m4.medium, and the template ran to completion as expected. The moral of the story - always check the documentation.
At the time of this writing, the full list of supported EC2 Instance Types for Windows Server 2012R2 with SQL Server 2016 Standard is:
I've been working more hands-on with AWS off and on for the past few months. I've worked on a few cool projects hosted on the AWS infrastructure. Those projects have included SQL Server 2017 containers, CloudFormation templates and working with some of the basic DevOps tools like CodeCommit. During my time working with AWS I began to see the benefits of the platform. I also decided that I should formalize my understanding through certification.
Over the years, I've certified in many different vendor's technologies. While I've tested myself with most of the major vendors, I've yet to go up against an Amazon exam. I'm still somewhat undecided which exam to take first. I've purchased books for both the AWS Certified Solutions Architect - Associate and the AWS Certified SysOps Administrator - Associate exams. SysOps is where my heart has been my entire career, yet there's more employer understanding around the Solution's Architect cert given the certification's' number of years available. Maybe I'll do both, but I'll cross that bridge later.
Confession time - I've never set up my own AWS instance. Ever. I've read about it, and I've even taken training for AWS; but I've never setup my own AWS anything for personal use. I've used competitive offerings such as MS Azure and Verizon's Terremark, but not AWS. I decided to take the plunge today since #vDM30in30 is about new experiences, learning, and experimentation. This post will cover my general impressions of the AWS sign up process.
So how did it go? Well, My honest impression of the setup process is that it probably could have been a little easier. I decided to select the Free tier. I was asked to sign up. The login / sign up dialogue box resembled the same screen used for buying products through Amazon, however, the same UID / pw combination didn't work. It's a new and separate account. It's a minor annoyance but definitely not a show stopper.
Next, I had to verify my tier. Amazon does a pretty good job of explaining what you get for free. The problem is in knowing if it's enough. In addition, only a small subsection of services are mentioned.
After some basic payment info, I thought I'd be done. Not so fast! Amazon does an interesting and welcome Identity verification check where an automated system calls a telephone number you provide. Upon answering the call, the applicant enters a four digit code that's provided onscreen.
The applicant is then asked to review the support plan options. Nothing here is too surprising, but the upper tiers really provide what appears to be exceptional support. Then again for a minimum of $15,000 an enterprise should receive "white glove case handling." Also eye-catching is the fact that telephone support isn't available for anything less than $100. Basic developer level support allows for e-mailing support.
There's a lot of information, and I could see how someone buying AWS in a shadow IT ops type of situation would make a mistake by either buying too much or not enough support.
So after all of the screens and choices, I signed into the console and was overwhelmed by the choices. The vast number and types of options was intimidating. It reminded me of a friend who installed Oracle back when he was starting out in IT. Upon seeing a screen full of icons he asked, "So what do I do now?" I had a very similar feeling looking over the ocean of choices.
The last few years have been filled with warnings of Shadow Ops. This concept of non-IT departments buying and deploying cloud-based services on their own without the knowledge or consent of a centralized IT department. Based on what I just experienced, I see this trend slowing down when it comes to AWS. AWS has added tons of features. So many features, I'd argue that the complexity associated with deploying an app properly has also increased. Confronted by all of these options it seems unlikely for a less sophisticated power user to go out and deploy an app on AWS. Amazon makes sign up and payment easy, but that's not the difficult part.