Image

Welcome to issue number 40 of Last Week in AWS, and welcome to 2018!

We’re off to a bit of a slow start in official AWS news this year– so let’s talk about the giant elephant in the room: the Meltdown and Spectre vulnerabilities. The internet is full of panic, explainers, etc. of what the vulnerabilities actually are, so I wanted to focus today on how it impacts your cloud environments.

  1. The impact on any given application is hard to determine. Some system calls are now a lot more latent– what impact this is going to have on your systems is going to be extremely dependent upon your workload.
  2. Keep an eye on your CPU utilization over the next few weeks, but most cloud workloads aren’t generally pegging CPUs across your environments; that’s usually a sign that you should have scaled up sooner. An awful lot of workloads are RAM or IO constrained, rather than CPU bound.
  3. Try not to blame the various providers for this. Nobody goes to work hoping to do a poor job in the morning; these bugs has been hiding since the 90s. The only actions I’ve seen so far that could be called into question was Intel’s CEO selling every last share that he contractually could before this news broke; legitimate or not, that doesn’t look good.

And now, Last Week in AWS:

Community Contributions

Etsy goes on a deep dive of the laborious process of selecting a cloud provider. They’ve built up an impressive amount of documentation explaining why they went with GCP– and for better or worse, if you’re selecting a non-AWS vendor in this space at the moment, you’re likely to want to have an impressive amount of documentation upon which you can fall back.

What I love about this approach to getting your EC2 instance name is the raw honesty that accompanies it. Not too many blog posts admit to breaking things along the path to discovery– I’d like to see a lot more like this.

How Eventbrite sped up S3 to EBS data transfer via the power of Go concurrency.

An exploration of Terraform and ALBs includes a few handy gotchas that are really obvious– the second time you see them.

It’s not my beloved vim, but Slalom Consulting’s Boston office gives a handy guide to writing Lambda functions in Cloud9.

Building a URL shortener” has always been one of my favorite open-ended interview discussion questions for SRE types. There are remarkably few wrong ways to do it, and it always tends to expose areas that showcase what the candidate is good at. This article gives an answer using Lambda and S3– which is one perfectly valid way to do it.

There are no silver bullets when it comes to cloud reliability, but these four tips serve as a valuable starting point.

A great tale of using serverless to reduce costs resulted in a 70% cost reduction comes our way this week by way of A Cloud Guru.

Date math is hard. A dinner guest had a minor heart-attack when they received this message from AWS about a small account on New Year’s Eve.

Some good notes taken on DynamoDB auto-scaling; if you’re statically setting your DynamoDB throughput, you may wish to reconsider.

Oh my stars– where was DynamoDB, explained when I was building out my newsletter publishing system? Yes, it runs a lot of custom code– and the source of truth is DynamoDB, because of course it is.

Julian Dunn speculates about why Amazon Linux exists. I have my own thoughts on this, but I’d love to hear any feedback people have.

While this post is correct in that actual-dollar costs of cloud aren’t dropping all that much over the past year, the overall economic trend is definitely in the large cloud providers’ favor.

Choice Cuts From the AWS Blog

Amazon ECS Adds ELB Health Check Grace Period - In this edition of “grievous limitation of a service is removed and we’ll call it a feature rather than an embarrassing bug that got fixed,” slow to start ECS tasks no longer get whacked by the ELB marking them as down if you set a grace period.

Amazon WorkSpaces Now Supports Configurable Storage and Switching Between Hardware Bundles - For those of you still running on WYSE terminals, Workspaces have gotten a lot more flexible. That said, I still haven’t met anyone who uses these things for more than a proof of concept.

Amazon CloudFront announces six new Edge Locations, adding two more in Tokyo, JP, and its first location in Perth, AU - ♪ ♫ ♬ Her name is Rio and she dances on the sand / Rio’s got another CloudFront edge location launch that’s well in hand / CloudFront Edge locations just mean you keep doing the stuff that you’ve got planned / This is the useless type of AWS blog post I can’t stand ♪ ♫ ♬

Send Real-Time Amazon CloudWatch Alarm Notifications to Amazon Chime | AWS Developer Blog - It’s super handy to be able to send CloudWatch alarms to Amazon Chime–, provided you work at Amazon. Otherwise, there’s no way in the world you use Amazon Chime, and should see Cloudonaut’s guide on doing this via Slack instead.

Tools

This handy snippet helps identify bugs in your Python Lambda code by converting them to Static Type Checkers.

Want to run CapitalOne’s Cloud Custodian autotagging dingus in Fargate? You’re one make away!

…and that’s what happened Last Week in AWS.

I’m Corey Quinn. I help people significantly reduce and understand their AWS bills and speak broadly on the conference circuit. I advise companies doing interesting things in the cloud space, such as ReactiveOps.

If you’ve enjoyed reading this, tell your friends to sign up at LastWeekinAWS.com (or post a link in your company Slack team!) about it. As always, if you’ve seen a blog post, a tool, or anything else AWS related that you think the rest of the community should hear about, send them my way. You can either hit reply– or join the #lastweekinaws channel on the og-aws Slack team.

List archives are always available at https://snarkive.lastweekinaws.com/