Reality Sets In for Amazon Web Services

Users are lining up to throw all they’ve got at the cloud computing platform.
But is it the golden goose people believe it to be? BY ALAN R. EARLS

EDITOR’S NOTE STAY IN CONTROL DON’T LET AWS THIRD-PARTY

OF THE AWS QUIRKS GET THE TOOLS ASSUAGE
MANAGEMENT BEST OF YOU IMPLEMENTATION
CONSOLE WOES
 EDITOR’S
NOTE

How to Avoid AWS’s Sneaky Surprises

Amazon Web Services offers diverse and
HOME
scalable capabilities that have users flocking
EDITOR’S NOTE to the cloud computing platform. Consumer
services, like point-and-click options, secure
STAY IN CONTROL
OF THE AWS mobile applications and speed of services, can
MANAGEMENT
CONSOLE
take most of the credit.
But not all AWS resources are convenient.
DON’T LET AWS
Scalability or functionality limitations can eas-
QUIRKS GET
THE BEST OF YOU ily stop a project dead in its tracks. As with
any software service, some workaround tips
THIRD-PARTY
TOOLS ASSUAGE are necessary. This three-part guide addresses
IMPLEMENTATION
commonly recognized AWS problems—and
WOES
offers solutions.
Because scaling from a small business to
a larger one can easily inhibit data access,
we first discuss how to leverage and manage
AWS resources at all levels of data through
the Management Console. With the console
at the center of AWS organizational resources,
mastering the user interface is key to ensuring
business processes run smoothly
Next, we list the top four AWS “gotchas,”
with advice on how to control cost and tips
on adjusting services to avoid configuration
build-ups.
Although AWS offers some great tools and
services, it could use some help in instance
management and monitoring. Fortunately, a
wide range of tools have sprung up to make
using AWS easier. To that end, we close with
a look at significant third-party management
tools that are easing concerns about implemen-
tation. n
Brein Matturro
Managing Editor, SearchAWS

2 REALITY SETS IN FOR AMAZON WEB SERVICES

MANAGEMENT
Stay in Control of the AWS Management Console
The Amazon Web Services’ Management
HOME
Console is a central point for managing all your
EDITOR’S NOTE AWS resources. It’s the place to initiate tasks
ranging from deploying new applications to
STAY IN CONTROL
OF THE AWS monitoring the health of an application.
MANAGEMENT
CONSOLE
According to Shlomo Swidler, CEO of con-
sultancy Orchestratus, the console is great for
DON’T LET AWS
the beginner because it provides a simple view
QUIRKS GET
THE BEST OF YOU of all AWS resources—like Elastic Compute
Cloud (EC2) and Relational Database Service
THIRD-PARTY
TOOLS ASSUAGE (RDS)—and allows you to manipulate them
IMPLEMENTATION
easily. In fact, he noted, smaller-scale AWS
WOES
users can use it to do just about everything
they need. As soon as you operate sizable
deployments in AWS, however, the console’s
limitations will begin to chafe.
“When you have five or six EC2 instances
listed in the console, it’s relatively easy to
zero in on the one you intend to manipulate
at that moment,” Swidler said. “But when your
screen lists tens or hundreds or even thousands
3 REALITY SETS IN FOR AMAZON WEB SERVICES
of instances, it will be much more difficult
to identify your target instance.” For example,
an innocent mistake by a developer, think-
ing he or she is terminating a development
instance, could disrupt a production
environment.
At a larger scale, the console’s limitations
are again made clear by the resource-centric
view it provides. Swidler explained that the
console organizes AWS resources according
to resource type: EC2 instances on one panel,
RDS instances on another and load balancers
separately. “Your application or service may
use several of each of these resource types,
yet these will be spread across different con-
sole views,” he said. It would be much easier
to manage an application or service if you could
view and control all its component resources
grouped accordingly, especially when there are
multiple applications and services, Swidler
explained.
MANAGEMENT
READY, SET, EVOLVE
Because AWS is tag-based—categorizing the
AWS resources in different ways, such as pur-
pose, owner or environment—it’s easy to cre-
ate a “management mess,” with lots of servers
and inconsistent use of tags for different users,
HOME
explained Raj Bhargava, CEO of JumpCloud, a
EDITOR’S NOTE company that provides management capabili-
ties that work with open source cloud data
STAY IN CONTROL
OF THE AWS management tools Puppet and Chef. “Many
MANAGEMENT
CONSOLE
organizations don’t understand how to cre-
ate separate islands of servers from an access
DON’T LET AWS
control standpoint. Because of this, many busi-
QUIRKS GET
THE BEST OF YOU nesses built on AWS end up with more permis-
sions than is probably ideal,” Bhargava said.
THIRD-PARTY
TOOLS ASSUAGE Bhargava said other common mistakes are
IMPLEMENTATION
inconsistency in practice and users simply “not
WOES
keeping their house in order.” Because of the
flexibility of AWS and the relative ease with
which businesses can dial up infrastructure,
“folks often become complacent in terms of
actively managing and adjusting their setup,” he
explained.
Thus, he argued, diligence is really the name
of the game.
“Many people choose the cloud for its
4 REALITY SETS IN FOR AMAZON WEB SERVICES
scalability, and as your organization grows
so then does your number of servers, your
employee headcount and your physical foot-
print,” Bhargava said. These changes mean that
the way that you manage your infrastructure
must also evolve. “You can’t dial up your cloud
with AWS and set it and forget it. It must
change and adapt as your business does.” A
simple somewhat tactical step, which can pre-
vent headaches, is to create separate billable
accounts based on business needs, he added.
DON’T FORGET ABOUT LOCATION
A related issue encountered by Dan Sullivan, an
AWS user and a system architect at DS Applied
Technologies LLC, is managing instances with
the best price. “In terms of where I spend most
of my time, it is probably there,” he said. He
noted that the console does provide an instance
tab and you can track instance states. That
is also his starting point for monitoring spot
instance pricing. “One thing to keep in mind
is that spot instances are priced differently in
different regions,” he said. For example, prices
may be lower in the U.S. West than in most of
MANAGEMENT

the U.S. East for the same instance—so it pays capacity out from under you later if your
to look carefully when you select an instance, bid came in below the offered price, that
he said. rarely happens. “There usually isn’t too much
volatility. If jobs are short or you are running
“You can’t dial up your cloud jobs in parallel, you may be able to justify
with AWS, set it and forget it. bidding low and taking your chances,” Sullivan
HOME
said.
It must change and adapt as
EDITOR’S NOTE A final bit of advice on using the console
your business does.” comes from Swidler, who advises leveraging
STAY IN CONTROL
OF THE AWS
—RAJ BHARGAVA, CEO of JumpCloud AWS OpsWorks, an application management
MANAGEMENT
CONSOLE
service that makes it easy for DevOps users to
Sullivan said the spot prices provide a way model and manage an entire application from
DON’T LET AWS
to save money. You may win the capacity load balancers to databases. Several third-party
QUIRKS GET
THE BEST OF YOU by bidding low. Although there is some risk alternatives can also help enhance the view
another party could come along and buy the from the console, he said. n
THIRD-PARTY
TOOLS ASSUAGE
IMPLEMENTATION
WOES

5 REALITY SETS IN FOR AMAZON WEB SERVICES

 PROBLEM
SOLVING

Don’t Let AWS Quirks Get the Best of You

Amazon Web Services may be the leading
HOME
cloud service provider, but that doesn’t make it
EDITOR’S NOTE fool-proof. Far from it, in fact.
For all of its capabilities, AWS has its shares
STAY IN CONTROL
OF THE AWS of “gotchas” and annoyances. But the list of
MANAGEMENT
CONSOLE
leading offenders is not long, and experts agree
mastering its peculiarities isn’t all that hard.
DON’T LET AWS
Avoiding accumulating costs is the first
QUIRKS GET
THE BEST OF YOU challenge. “If you are not careful, AWS and
the cloud in general can lead to a spiraling
THIRD-PARTY
TOOLS ASSUAGE infrastructure and subsequently a spiraling
IMPLEMENTATION
bill,” said Raj Bhargava, CEO of JumpCloud.
WOES
He explained that, while it’s easy and rela-
tively cheap to just turn the dial and spin up
instances on AWS, organizations must carefully
manage cost, efficiency and efficacy of this
flexible infrastructure.
“It’s very easy to spin up instances, but the
billing can actually get very complicated as
you continue to build out your infrastructure
to meet your organization’s growing needs,”
Bhargava said. “What may make sense from
both a financial and functional standpoint
today may not actually make sense tomorrow.”
For instance, the way servers are provisioned
on day one of your business will probably no
longer make sense in six or 12 months, he said.
NOT THE BE-ALL AND END-ALL
There is a common misperception that AWS
simply takes care of or outsources all IT needs,
Bhargava said. “Don’t get me wrong, what they
provide is hugely valuable and well-designed
[Infrastructure as a Service] solution, [but] I
think there are a number of folks out there who
believe that AWS is responsible for things like
security, patching, user management, et cetera,”
he said. In most cases this is simply not true.
“If a business thinks AWS is taking care of
these things and they are not, they are opening
the organization up to serious risk.”

6 REALITY SETS IN FOR AMAZON WEB SERVICES

 PROBLEM
SOLVING

Looking at AWS more broadly, Shlomo umbrella of a single master account, showing
Swidler, CEO of Orchestratus, shared what he consolidated usage information and allowing
has found to be the top four most-cited AWS for one payment. Swidler also recommended
gotchas: setting spending alerts on each account to
notify you when spending levels reach impor-
■■ Failing to isolate production from development tant milestones.
HOME
and testing environments. Mistakes in devel-
EDITOR’S NOTE opment or testing should not be able to affect ■■ Keeping up with your changing needs. “It’s
easy
the delivery of your service, but with a single to launch resources in AWS and use them
STAY IN CONTROL
OF THE AWS integrated account for all environments, this long term, but you’d be missing out on one
MANAGEMENT
CONSOLE
isolation can be difficult to enforce, Swidler of the main benefits of cloud: the flexibility
explained. “You’ll also want tight controls to adjust to changing needs,” Swidler said. He
DON’T LET AWS
over your production environment’s configu- recommended re-examining your needs regu-
QUIRKS GET
THE BEST OF YOU ration—which may contain such secrets as larly, at least every quarter. As AWS reduces
payment gateway credentials and [Domain prices and adds new services, you may find
THIRD-PARTY
TOOLS ASSUAGE Name System] passwords,” Swidler said. In that you can meet your needs more efficiently
IMPLEMENTATION
short, use separate AWS accounts for each by changing your resource usage, he added.
WOES
environment.
■■ Depending on traditional data center tools to
■■ Losing Swidler explained that
track of your bill. manage AWS resources. “Data center manage-
as the number of AWS resources across user ment tools are excellent for managing a rela-
accounts multiplies, it can be increasingly tively static set of resources, but the cloud
difficult to audit and track your AWS usage. usage model allows you to dynamically add
Swidler recommends using Consolidated and remove resources to your inventory, a
Billing, an AWS billing feature that allows usage pattern that data center-centric tools
you to collect many accounts under the cannot natively handle,” Swidler explained.

7 REALITY SETS IN FOR AMAZON WEB SERVICES

 PROBLEM
SOLVING
Instead, AWS customers should use “modern
tools that are designed to handle dynamism,
such as Chef, Puppet and RunDeck.”
COST CONTROL
HOME
“AWS has a smart business model where they
EDITOR’S NOTE want people to buy reserve servers to lock in
the price early on. This is marketing at its best,
STAY IN CONTROL
OF THE AWS and it flourishes because people feel like they
MANAGEMENT
CONSOLE
are getting a deal and that prices will actually
go up,” Bhargava said. This is often not the case.
DON’T LET AWS
“Therefore diligence and education can go [a]
QUIRKS GET
THE BEST OF YOU long way toward getting not only the infra-
structure that you need, but getting it at the
THIRD-PARTY
TOOLS ASSUAGE best price possible,” he said.
IMPLEMENTATION
Determine what the business needs are, and
WOES
if it is unclear whether AWS can meet all those
needs, ask. “AWS can help you to do a lot of
things, but if not properly bolstered by good
security and management practices and tools,
8 REALITY SETS IN FOR AMAZON WEB SERVICES
simply spinning up a business in the cloud can
actually put you at risk,” Bhargava said.
Finally, looking at “end of life” issues, Dan
Sullivan, a system architect at DS Applied
Technologies LLC, reminds users that when
you start an Amazon instance it comes
equipped with local storage. When you later
decommission or deprovision that instance,
whatever data is there will be wiped out unless
you find it a home—for example, elastic block
storage.
Similarly, he noted, when you create virtual
machines it is simpler to start with a base
image, like Ubuntu Linux, and then install
packages for development or production.
“You probably want to save that for yourself
as your own image, so you don’t have to rebuild
that structure every time you want to set up a
new image,” Bhargava noted. And, if you require
a rebuild, it’s helpful to employ a tool like Pup-
pet or Chef. n
OUTSOURCING
Third-Party Tools Assuage Implementation Woes
Although Amazon Web Services comes
HOME
with lots of “standard features” and a substan-
EDITOR’S NOTE tial number of extra tools and gadgets, they can
be exceedingly complex to operate. Fortunately,
STAY IN CONTROL
OF THE AWS a wide range of third-party tools and services
MANAGEMENT
CONSOLE
has emerged to make using AWS easier. Indeed,
experts say without those add-ons, companies
DON’T LET AWS
with complex AWS implementations may be in
QUIRKS GET
THE BEST OF YOU trouble.
“In general, AWS will help you manage your
THIRD-PARTY
TOOLS ASSUAGE AWS resources as such, but not at higher levels
IMPLEMENTATION
of abstraction closer to your business domain,”
WOES
explained Shlomo Swidler, CEO of Orchestra-
tus. As is, AWS can provide you with detailed
performance monitoring for infrastructure-
level metrics, such as CPU utilization, network
traffic and load balancer latency. What AWS’s
standard features won’t provide is an under-
standing of how your application is performing
and how infrastructure issues influence appli-
cation performance, he said.
9 REALITY SETS IN FOR AMAZON WEB SERVICES
EXPECTATION VERSUS REALITY
The biggest issue when it comes to managing
AWS is knowing the load you are running at
any given point, said Rick Sizemore, the direc-
tor of the cloud computing practice at Dallas-
based consultancy Alsbridge. “Managing your
load, especially using something like IBM
CloudBurst, is actually fairly complex,” he said.
Sizemore said a fundamental problem is that
people look at AWS as just a replacement for
VMware virtualization, where applications have
already been built or have evolved to take full
advantage of the platform. There is an expecta-
tion that AWS will be able to deliver the same
functionality. “To really take advantage of any
extension within AWS, there are about 20 tools
under AWS related to storage and computing
that you might need to use. If you don’t, AWS
is just a dumb box,” he said.
It is also crucial to have a tool that illumi-
nates demand management as well as capacity
OUTSOURCING
management on an application, Sizemore said.
So when you create an instance on Amazon,
“You really need a management layer to do
that,” he said. Among the tools available, the
most established is probably RightScale. “Once
you get everything in a process through a tool
HOME
like RightScale, then you end up getting the
EDITOR’S NOTE benefits you thought you were going to get
from Amazon in the first place,” Sizemore said.
STAY IN CONTROL
OF THE AWS “The nice thing is that with most of the tools
MANAGEMENT
CONSOLE
you would use with AWS is that they are fairly
open, so you can use them to manage beyond
DON’T LET AWS
just AWS and they will usually even integrate
QUIRKS GET
THE BEST OF YOU into your overall environment,” Sizemore said.
THIRD-PARTY
TOOLS ASSUAGE
IMPLEMENTATION
ROOM TO GROW
WOES
Raj Bhargava, CEO of JumpCloud, credits AWS
for offering some great tools and services,
but he said the company needs to improve its
instance management and monitoring. Gener-
ally, AWS has stayed at the cloud layer, but it
10 REALITY SETS IN FOR AMAZON WEB SERVICES
has been reluctant to really go into a customer’s
private instance, he said.
“There is a great deal of opportunity to help
manage individual server instances and moni-
tor them from the inside. AWS has done a great
job of monitoring through APIs, but you can
understand more about what is going on with a
server from the inside out,” Bhargava said.
Automation is another area of opportunity.
“AWS helps you automate the spin-up of a new
server and even through its native OpsWorks
will let you configure it. Automating the man-
agement of those servers is a critical task that
AWS has not focused on to date.”
A final area of need is server security. “AWS
has spent a great deal of time securing their
infrastructure and cloud but has largely left it
up to each individual customer to secure their
instances,” Bhargava said. “That’s a huge chal-
lenge for most customers. Strong products and
services that help lock down instances are a
major opportunity.” n
 ABOUT
THE
AUTHOR
ALAN R. EARLS writes for several TechTarget sites,
including SearchBusinessAnalytics and SearchData
Management. He has also done freelance work for
publications including The Boston Globe, The
Chicago Tribune and American Cemetery. Email
Reality Sets In for Amazon Web Services
him at

[email protected].
is a SearchAWS.com e-publication.
HOME
Scot Petersen | Editorial Director
EDITOR’S NOTE
Jason Sparapani | Managing Editor, E-Publications

STAY IN CONTROL Joe Hebert | Associate Managing Editor, E-Publications

OF THE AWS
MANAGEMENT Jan Stafford | Executive Editor
CONSOLE
Brein Matturro | Managing Editor

DON’T LET AWS Linda Koury | Director of Online Design

QUIRKS GET
THE BEST OF YOU Neva Maniscalco | Graphic Designer

Rebecca Kitchens | Publisher | [email protected]

THIRD-PARTY
TOOLS ASSUAGE Amalie Keerl | Director of Product Management
IMPLEMENTATION [email protected]
WOES
TechTarget
275 Grove Street, Newton, MA 02466
www.techtarget.com
© 2014 TechTarget Inc. No part of this publication may be transmitted or re-
produced in any form or by any means without written permission from the
publisher. TechTarget reprints are available through The YGS Group.
About TechTarget: TechTarget publishes media for information technology
professionals. More than 100 focused websites enable quick access to a deep
store of news, advice and analysis about the technologies, products and pro-
cesses crucial to your job. Our live and virtual events give you direct access to
independent expert commentary and advice. At IT Knowledge Exchange, our
social community, you can get advice and share solutions with peers and experts.

COVER ART: THINKSTOCK

11 REALITY SETS IN FOR AMAZON WEB SERVICES