Etermax at AWS re:Invent 2019

Two weeks ago we had the opportunity to attend this year’s AWS re:Invent, currently the biggest cloud computing conference in the world. So, if you never had the chance to assist, let us tell you a little bit about what this incredible event looks like.

It took place in Las Vegas, in more than 6 different hotels. Over 65000 attendees from around the globe participated in the different sessions, workshops, certifications, parties, networking meetings, ping pong tournaments, and many, many more activities. There were so many things to do that they had to split the event into 6 days, starting on Dec 1st.

What were we looking for

We’ve been hosting our services on AWS since the beginning, more than 10 years ago, and many things have changed since our first deploy into the cloud. However, what hasn’t changed is AWS’s leadership in the market. Consequently, this conference is the place to be if you are looking for innovation and want to interact with many of the leaders in different industries.

As a tech company focused on gaming, advertising and AI, our main focus is set into topics like architecture, serverless, containers, security, machine learning and cloud governance. Therefore, we’ll mainly summarize announcements under these categories, but keep in mind that this is not in any way an exhaustive list of everything that was announced during the event.

So, with no more introduction, here are the highlights.

Serverless, containers and more

EKS on Fargate (GA)

Fargate, a serverless compute engine for containers, has added the capability to work with EKS. This means that EKS can now manage Kubernetes pods powered by Fargate, instead of EC2 instances.

Fargate Spots (GA)

Fargate is now allowed to run interruption tolerant ECS tasks at up to a 70% discount off (similar to Spot Instances, but in the serverless way).

UltraWarm for Amazon Elasticsearch Service (Preview)

Amazon Elasticsearch service offers a new performance-optimized warm storage tier aimed at hot-warm architectures used for large time data analytics such as log analysis, thus reducing costs when compared to using only hot nodes.

Amazon Managed Apache Cassandra Service (Preview)

This allows running Cassandra workloads on AWS and releasing you from the provision, patch and update burdens. This preview requires no registration, so it is available right now.

Amazon CodeGuru (preview)

Automated code review service that uses machine learning to analyze code for performance, thread-safety, tainted input data and other common issues. Available only for code hosted at Github or CodeCommit repositories.

Amazon CloudWatch related announcements

• Synthetics (Preview): it monitors endpoints (REST APIs, web content, etc) by running tests on them and alerting when their behaviour departs from the expected one.
• ServiceLens: observability solution that helps correlate, visualize and analyze distributed application metrics to isolate performance and availability issues, by integrating CloudWatch with AWS X-Ray.
• Embedded metric format: it allows complex high-cardinality application data ingestion in the form of logs and generates custom metrics to take action based on its values.
• Contributor insights (Preview): it helps understand what is impacting your system or application performance by identifying outliers or patterns in log data.

RDS Proxy (Preview)

Database proxy that sits between your application and RDS to pool and share established database connections, improving database efficiency and application scalability. A surplus is managing automatic reconnection and credentials management. Useful to avoid lambda huge number of open connections.

Builder’s Library

Collection of articles on how Amazon architects, releases, and operates the software underpinning Amazon.com and AWS. It shows the Amazon way of using their own services.

Cloud governance and security

IAM Access Analyzer

The answer to “who has access to my data?”. It could be a public or shared S3 bucket, a role shared with separate accounts, an IAM user that you forgot. Best of all, it’s free, so go and check it out.

Transit Gateway Network Manager

Amazon keeps trying to dominate the on-premise world, as well as the cloud. This provides you with a single tool to manage, analyze and monitor traffic seamlessly between AWS and your local network.

Amazon Fraud Detector

This fully managed service provides you with the same technology used to detect fraudulent purchases on Amazon.com. It comes with extra customization rules that you can tweak to match your own preferences.

Amazon Detective

Services like GuardDuty, Macie and Security Hub can be used to find issues, but it can be hard to find the root cause of these. This service helps you rapidly correlate the information available on VPC Flow Logs, CloudTrail and GuardDuty and create a unified, interactive view of their interactions.

Machine Learning and AI

Development and model training

• Studio: dedicated IDE that leverages productivity, by combining many tools under a single interface, and collaboration using model sharing.
• Notebooks (preview): Fast notebooks startup and sharing available via SageMaker Studio. The already existing notebook instances will continue to be supported without the fast start-up and collaboration features.
• Experiments: It leverages iterative process development by tracking the inputs, parameters, configurations and results for the different experiments performed allowing you to track and compare them.
• Debugger: Analysis and debug tool used during model training via SageMaker Studio visual interface. Alert sending to developers when anomalies are detected can be enabled to help on model debugging.
• Autopilot (GA) : Giving input and predicted data, this service chooses the most accurate machine learning model testing with different combinations of data preprocessors, algorithms, and algorithm parameter settings

Deploys, running and monitoring

• EC2 Inf1 Instances: High performance, low cost machines built with machine learning applications in mind from their conception. It’s now possible to train your model in GPU instances and run it in Inf1 ones. Build from 2nd generation Intel® Xeon® processors and up to 100 Gbps networking to enable high throughput inference at a lower cost than G4 instances
• SageMaker Model Monitor: Continuous production model monitoring to correct trained model deviation from real world deviation
• SageMaker Operators for Kubernetes: One of ML hidden burdens is instance provisioning in time and scale to avoid incurring in extra costs while ensuring near 100% utilization. Using Kubernetes and auto-scaling greatly simplifies these tasks.

New hardware and virtualization

Graviton2 Instances

Amazon launched the new instance generation with their Graviton2 ARM processor. It’s based on their previous A1 instance chips, providing an improvement of up to 7x the performance, and 40% better price/benefit when compared to the 5th generation x86 instances. The M6g types are available now, with C6g and R6g coming soon.

Nitro chip evolution

Dr. Werner Vogels explained the evolution of their Nitro chips and how they offloaded networking (ENA), storage (EBS optimized), and I/O into Nitro Systems. Now the Hypervisor runs entirely into the Nitro chip, this removed access to Dom0 from the machines and provided a performance close to bare-metal, while making sure all communication is encrypted and traveling through a private dedicated network.

Fargate, Lambda and Firecracker evolution

Claire Ligori, Principal Software Engineer at AWS, took the stage to show us Fargate’s evolution and benefits. Having an isolated VM running each container provides extra layers of security and avoids Kubernetes over/under provisions and latency degradation in response to sudden traffic spikes. She also explained the interactions with Firecracker microVM technology, which handles Lambda functions as well; it’s open-source, and actively being developed on Github.

Physalia on EBS

AWS has improved their EBS management during last year using Physalia, effectively lowering error rates and failures while removing a management SPOF. This multi node cluster, connected via random shuffling, is responsible for managing a single partition key which in turn supports a single EBS volume.

Hybrid Cloud is now Amazon cloud

Outposts are now GA

We were able to see an outpost and learn more about how it works. Basically, it’s a server rack that extends an AWS region into your datacenter to provide you with single-digit latency speed. It’s especially useful when using AWS technology to manage automated robots, or performing advanced EMR queries with access to on-premise information. They’re not isolated from the AWS cloud, quite the opposite, these are meant to make the cloud closer to you for faster response times.

Local zones

As a solution for those who would like to have the speed benefits of Outposts, but wouldn’t like to run their own data centers, Amazon decided to build some themselves. Local zones are basically data centers with outposts on them, managed by Amazon, allowing you to have better latency speeds while also being able to connect to regional services. At the moment, the service is on preview at Los Angeles, connected to the Oregon AWS region.

WaveLength, featuring Verizon 5G

This technology provides single digit latency speeds with 5G networks, by directly connecting Verizon 5G infrastructure to Wavelength Zones. Similar to local zones, Amazon deployed their infrastructure directly on Verizon, providing the lowest latency possible for multiplayer games, live streaming, machine learning, augmented/virtual reality features, and more.

Wrapping up

As mentioned in the book Architects of intelligence (by Martin Ford), AI is the new electricity. We can confirm that this conception is also true to AWS, as there were many releases focused on making IA development easier, and some new features powered by Amazon own’s IA.

Generally speaking, we noticed there were a lot of tech talks circling around services released last year, many reaching GA several months after they were announced (such as control governance services, hybrid solutions) and in other cases it was about some services being faster or more secure than they were in the past (lambdas, EBS). So, our first overall impression is that this time it seemed to be more about services reaching a mature state, instead of flashy new announcements.

Finally, as we said at the beginning of this post, we’ve only covered the announcements related to areas of our interest, so if you want to know about all the announcements, you can check the 2019 re:Invent announcements page, and the youtube channel, where most of the talks will definitely be uploaded soon.

Authors: Victor Rodriguez, Emiliano Perez and Esteban Masoero