Most of us work for a company with multiple AWS accounts. Perhaps there is one for Production and another one for everything else. Perhaps more. From a security perspective, this account-level isolation is great.

When it comes to running a reliable system, we've been trained to utilize services across multiple regions. An RDS master in N. Virginia and a read-replica in Oregon, for example.

We all know managing this type of infrastructure requires automation, so there's a little CloudFormation here, some custom scripts there, maybe even a little Terraform if you're into that kinda thing. It's ...

AWS Lambda is the future, it's the new normal. Great! Awesome.

Can you do anything useful with it?

At CloudNative, we took that as a challenge. Could we, using AWS Lambda, create a multi-user, dynamic web application without using EC2 or resorting to hacks? I mean no instances, no ELBs, not even a security group. And especially no hard-coded AWS credentials.

We did, and it's called Lambda Chat.

Live demo

http://lambda-chat.s3-website-us-west-2.amazonaws.com/

Code on GitHub

https://github.com/cloudnative/lambda-chat/

Lambda Chat is a simple chat application using AWS Lambda, SNS, DynamoDB and S3.

Static ...

On July 30, 2012, Netflix open sourced the Simian Army, which includes the now world famous Chaos Monkey. That was 3 years ago. For those not familiar, Chaos Monkey is a little service that runs in the background and goes around killing EC2 instances. Yes, that's right:

Chaos Monkey terminates live servers with real users in production.

The question is...

Why is this scary?

Why would I, running a mission critical system, not want to be continuously testing the resiliency of my service? Why would I want to be woken up in the middle of the night by PagerDuty ...

This is the next post in our series of CloudNative's "Cloud Best Practices". After covering AWS's IAM, EC2, EBS, S3 and Blue/Green Deployments we now turn our attention to AWS's Route 53 service. Since it's a DNS service - it plays one of the most critical roles, if not the most critical - connecting us all together on the Internet. Take out DNS and the Internet will grind to a halt within mere hours if not immediately.

But Route 53 does way more that providing a DNS service for registration of your A, NS or MX records ...

The term "blue/green deployment" is so misunderstood, we can't even decide on what to call it. Netflix call it Red/Black Deployment, while others call it A/B Deployment. Personally, I don't even know which color represents which thing, but this is only the beginning of the confusion.

So, I thought it might help to get some thoughts out there, have others weigh in, and see if we can't reach some consensus. After all, it's been 5 years since the oracle spoke. :-)

Here goes...

First off, blue/green deployment is the process of having 2 ...

This is another installment in CloudNative's series of "Cloud Best Practices". Previous posts covered AWS IAM Best Practices, AWS EC2 Performance Tuning and AWS EBS Best Practices and Performance Tuning.

This time we're going to talk about one of the most essential (and earliest!) AWS services - Simple Storage Service or S3. How does one go about optimizing performance of one's S3 buckets? Is it infinitely scalable out of the box?

Let's find out by watching "Maximizing Amazon S3 Performance" AWS re:Invent 2014 session by Felipe Garcia. As it turns out, not everything about S3 buckets ...

One of my ex-colleagues used to be a race car driver. He probably still is, and what he told me once has stuck in my mind ever since. "Do you know where the sport car starts? Oh no, not the engine. It's the tires, man. You see, tires are the only thing that hold you to the ground. And that's where it all starts and then everything else follows."

Similarly, EBS is where it all starts on AWS. All modern AMIs have their root volumes backed by EBS, meaning an EC2 instance's root device is an Amazon ...

This is the second post in the series of "Cloud Best Practices". Last time we reviewed AWS IAM Best Practices to cover essentials of your AWS security barriers.

Now, let's get to basics - EC2 performance. When we "cloudify" our applications we tend to think of how we scale them and make robust, fault-tolerant and cloud-compatible in general. However, before going up and multiplying your EC2 instances with Auto Scaling groups you may need to look at that single EC2 box and ask yourself... "Why so slow?". Yes, that dreaded performance tuning task most of us never know enough to ...

This is the first blog post in our "Cloud Best Practices" series. You see, CloudNative is all about wrapping the best known cloud practices in an easy-to-use package. We study them regularly and we love sharing what we learn, whether you use our tools or not. Today we start with the subject of AWS security, the most important one when moving your application up to the cloud.

As you may know, AWS Identity and Access Management (IAM) enables you to securely control access to AWS services and resources. Anders Samuelsson gave an excellent talk at AWS re:invent 2014 titled ...

What an amazing 2014 it was. In just the few short months since July, we went from just an email signup page, to having two functional products and over 150 users. I sincerely want to thank each and every one of you cloud natives. Your desire to take cloud management to the next level is a shining beacon to the rest of the world.

So what does 2015 have in store? Well, some people like to reflect on the past, and put together a list of new year's resolutions to improve themselves and their surroundings. We do too, so ...

What is cheaper than a reserved instance on AWS? How about not running an instance in the first place?

AWS announced a new reserved instance model, designed to save you up to 63% per instance. Most small and mid-sized companies aren’t going to commit for 3 years, so we are looking at something closer to 40% savings. That’s a good start.

However, chances are you are over provisioning - running more and/or larger EC2 instances than you actually need. Let me illustrate this with a few charts. Suppose the traffic to your site follows the usual wave.

I am pleased to announce the release of our second tool: Delta.

Delta is a tool for deploying your application following the current AWS best practices. Instead of launching EC2 instances manually, Delta creates an Auto Scaling Group (ASG) which is responsible for launching instances.

ASGs are famous for allowing your application to scale with demand, but perhaps less so for the fault tolerance. You see, an ASG does everything it can to maintain a minimum number of servers running and serving your application. If you were to go in an terminate one of those servers, the ASG will notice ...

Just a quick note to let you all know the Bakery can now build Hardware Virtual Machine (HVM) Amazon Machine Images as Paravirtual (PV) AMIs.

Why is this important? Because all second generation AWS instance types support HVM, while only a subset support PV. The T2 instance class for example only support HVM, and who doesn't want to play the CPU Credits game.

To create an HVM AMI, start with an HVM Base AMI, and remember to change the virtualization type when creating (or updating) a pipeline to HVM. Just changing the flag without changing the Base AMI will ...

Once upon a time, about last Monday, I thought PV AMIs were "the thing". Then I noticed the AWS Web Console had moved the HVM Amazon Linux AMI to the top of the list. I did a little more digging, and found that every 2nd generation instance type can use HVM, but only a subset can use PV. This is the opposite of the 1st generation instances.

Intrigued, I started asking around but no one could say for certain what the future held. So, since I was paying for Business Support anyway, I though I'd ask them. The response ...