AWS re:invent 2017 annoucements

A straight-to-the-point recap of all the new services and improvements announced during the AWS re:invent 2017.

EC2 Instances

New family of instances launched

• M5 - new generation of general purpose instances
• H1 - big data optimized instances
• I3.metal - bare metal high I/O

M5 instances (announcement)

• EBS only, VPC-only, HVM-only, and EBS-Optimized
• Phisical processor based on Intel Xeon Platinum 2.5Ghz (M4 family is based on Zeon 2.4Ghz)
• 14% better price/performance than the M4 instances on a per-core basis

H1 instances (announcement)

• Features large amount of magnetic storage from 1 up to 8 x 2TB HDD

I3.metal (announcement)

• 2x Intel Xeon E5-2686 v4 processors running at 2.3 GHz, with a total of 36 hyperthreaded cores (72 logical processors)
• 512 GiB memory
• 15.2 TB SSD-based storage
• 25 Gbps networking
• Now in preview

Spot instances (announcement)

Smoother Price Changes

Spot prices change are moving to a model where prices adjust more gradually, based on longer-term trends in supply and demand.

New Streamlined Access

It’s now possible to turn on spot instances via RunInstances API, immediately getting an instance ID, with no more need to poll an API to check if the spot request has been processed and accepted.

Instance Hibernation

Spot instances now support instance hibernation, where the in-memory state is written to the root EBS volume of the instance. The private IP address is also preserved across stop/start cycles.

Courtesy of awsgeek.com.

Containers and Kubernetes

EKS: Elastic Container Service for Kubernetes (announcement)

• EKS manages only masters for you - you’ve manage nodes by yourself and have them join the cluster.
• EKS will vertically scale masters - in a rolling update to honor HA - based on load and number of nodes
• EKS is not a K8S fork and supports the latest version. The user specifies the minor version (ie. 1.x) and EKS manages upgrades to patch level. Automatic upgrades across minor versions (ie. 1.7 to 1.8) is also possibile. EKS will support the latest 3 minor versions and notify when a version is deprecated.
• EKS supports bith Horizontal Pod Autoscaler (HPA) and nodes autoscaler out of the box
• Integrated with CloudTrail, CloudWatch Logs, VPC, IAM (partnered with Heptio), PrivateLink. You can assign RBAC roles directly to each IAM entity. You can also use PrivateLink if you want to access your Kubernetes masters directly from your own Amazon VPC. With PrivateLink, your Kubernetes masters and the Amazon EKS service endpoint appear as an elastic network interface with private IP addresses in your Amazon VPC.
• Uses Project Calico from Tigera to manage network policies
• Supports Kubernetes add-ons, running on master. Currently K8S dashboard and KubeDNS, but will support more add-ons in future
• AWS built a CNI plugin to add native VPC networking for pods and open sourced it at amazon-vpc-cni-k8s
• Coming: AWS will release EKS optimized AMI based on Amazon Linux and built with packer
• Coming: EKS will manage nodes too in the future, but they focus on master right now
• Now in preview

AWS Fargate (announcement)

• Run containers without managing servers or clusters
• No clusters to manage
• Manages underlying infrastructure
• Apparently similar to Azure Container Instances
• Each task running with Fargate can get its own ENI
• Coming: AWS Fargate support for Amazon EKS will be available in 2018
• Generally available

Resources:

• Securing Struts in AWS Fargate

Database

Aurora Multi-Master (single-region)

• Scale out read and writes
• Multi-region coming in 2018
• Now in preview

Aurora Serverless

• On-demand, auto-scaling database for applications with unpredictable or cyclical workloads
• Pay per second
• Now in preview

DynamoDB Global Tables

• Fully managed, multi-master, multi-region
• Generally available

DynamoDB Backup and Restore

• On-deman and continuous backups
• Point In Time Restore (up to the second) for the last 45 days
• Generally available

Amazon Neptune (announcement)

• Fully-managed graph database
• Supports Apache TinkerPop and SPARQL
• 6 replicas of data, across 3 AZs
• Backup and restore
• Now in preview

Message broker

Amazon MQ

Managed message broker service for Apache ActiveMQ.

Networking

Inter-Region VPC peering

You can now connect two or more VPCs in different AWS regions, solving the problem to have private connectivity between VPCs located in two different AWS regions. Highly available, no single point of failure. All traffic is routed via the AWS backbone (Amazon Global Network) and encrypted.

Data transferred across Inter-Region VPC Peering connections is charged at the standard inter-region data transfer rates (~ $0.02 / GB in most of the regions).

Currently available in us-east-1, us-east-2, us-west-2 and eu-west-1

New PrivateLink endpoints (announcement)

New AWS PrivateLink endpoints to connect via private VPC networking (IPs in the VPC CIDR block) to the AWS services: Kinesis, Service Catalog, EC2 Systems Manager, Amazon EC2 APIs, and ELB APIs.

Amazon Time Sync Service (announcement)

Similar to the Google public one, AWS is now offering an internal NTP server not susceptible to leap second (it gets automatically smoothed out over a larger time window). The Amazon Time Sync Server is available at the 169.254.169.123 IP address from any instance running on VPC.

Currently the new C5 and M5 instances don’t support it, but support will be introduced soon. Check out this page for more information.

API Gateway with VPC integration

No reference yet.

Lambda

AWS Serverless Application Repository

• Now in preview

Double max memory for Lambda (announcement)

• You can now allocate up to 3008MB of memory to your AWS Lambda functions
• Generally available

Go support

• Added Go language support to Lambda

Storage / Analytics

S3 Select (announcement)

• Pull out only the data you need from S3 objects
• New API to select and retrieve data within objects
• Based on SQL-like syntax

Glacier Select (announcement)

• Run queries directly on data stored on Glacier

Machine learning

Amazon SageMaker (announcement)

• Easily build, train and deploy machine learning models
• Multi AZs
• Supports A/B testing to test new algorithms before deploying to production
• Generally available

AWS DeepLens (announcement)

• Wireless HD video camera for developers
• Features on-board compute optimized for deep learning
• Integrates with SageMaker and Lambda
• Pre-orders available on amazon.com at 249$

Amazon Rekognition Video (announcement)

• Get video in input
• Detects people, activities, details out of the input video

Media

Amazon Kinesis Video Streams

• Ingest and store video, audio and other time-encoded data
• Generally available

Amazon Transcribe (announcement)

• Automated speech recognition, to transcribe audio into text
• Can analyze audio files stored on S3 in many formats (WAV, MP3, Flac, …)
• Multiple languages (english and spanish right now, more languages will be added in the next future)
• Intelligent punctuation and formatting
• Timestamp generation
• Support for telephony audio
• Recognize multiple speaker (not available yet)
• Now in preview

Amazon Translate

• Translate text between languages
• Supports real-time translation
• Supports batch operations / analysis
• Recognize source language (not available yet)
• Now in preview

Amazon Comprehend (announcement)

• Natural language processing service
• Generally available

IoT

AWS IoT 1-Click

• Register a device, get a list of lambdas, click a butto to trigger a lambda
• Now in preview

AWS IoT Device Management

• Fleet management for connected devices
• Automate provisione of fleet of devices
• Organize device inventory
• Monitor and query the fleet
• Remotely manage devices
• Generally available

AWS IoT Device Defender

• Security management for IoT devices
• Audit device policies
• Monitor device behaviour
• Identity anomalies and out of compliance behaviours
• Generate alerts
• Coming in 2018

AWS IoT Analytics

• Cleans, processes, stores and queries analytics
• Now in preview

Alexa for Business

• Integrated to work well with conference systems and just say “Hey Alexa, start a meeting”

Generally available.

Amazon FreeRTOS (announcement)

Amazon FreeRTOS is an IoT microcontroller operating system that simplifies development, security, deployment, and maintenance of microcontroller-based edge devices. Amazon FreeRTOS extends the FreeRTOS kernel, a popular real-time operating system, with libraries that enable local and cloud connectivity, security, and (coming soon) over-the-air updates.

Security

Amazon GuardDuty (announcement)

Amazon GuardDuty is a service that inspect networking attivity via VPC Flow Logs, CloudTrail and DNS logs to detect suspected behaviour. Findings are provided in the AWS console and as CloudWwatch Events to alert on. You can also setup Lambda functions to automatically remediate specific types of issues or fire the alert via an external system (ie. Slack).

Generally available.

IDE

AWS Cloud9 (announcement)

A browser-based IDE to write, run and debug your code.

Generally available.

Pics from Werner’s Keynote

You may also be interested in ...

• Lessons learned running AWS Cloud Map service discovery for EC2 instances
• Growing an AWS EBS RAID 0 array, increasing volumes size
• Announcements during AWS re:invent 2018 - Andy Jassy Keynote
• Install Spark JobServer on AWS EMR
• Kubernetes Security: book review
• My take on the future of applications development and operability
• PHP realpath cache and Kubernetes secrets / configmap updates
• Kubernetes pods /etc/resolv.conf ndots:5 option and why it may negatively affect your application performances
• Kubernetes RBAC with kops
• Stepping back from CTO and jumping into operations
• KubeCon 2017 - Kubernetes Takeaways
• Prometheus: understanding the delays on alerting
• Graceful shutdown of pods with Kubernetes
• Display the current kubectl context in the Bash prompt
• Distributed Matters Conf: Takeaways

Upcoming conferences

Incontro DevOps 2020	Virtual	22 October 2020

Comments