You. Hey, you. You’ve been reading my stuff and despite all evidence to the contrary, are probably running Kubernetes. You might be puling images from k8s.gcr.io in your environment. This is dangerous, because that thing’s not getting updated with current stuff. Take a minute right now and do a find-and-replace; repoint it to registry.k8s.io in your codebase. It works the same way, it’ll almost certainly be more responsive, and yknow… it won’t leave you any more vulnerable than you already are by running Kubernetes. If you have questions or concerns, by all means do not tell me about them, and instead go check out this blog post to learn more.
From the Community
So… how do you truly solve the challenges of today’s ever-growing big data analytics needs? To help answer that, I, Corey Quinn, am incredibly excited to share ChaosSearch’s newly-launched video series focused on the seven deadly (ie. costly & complex) challenges of big data analytics! Check it out: The Data Journey – 7 Challenges of Big Data Analytics. During this 7 episode series, ChaosSearch’s CTO & Founder, Thomas Hazel, delves deep into the technical challenges (and solutions) around: Data Pipelining, Prep, Destination, Governance, Platforms, Analytics and Lifecycle! Each episode is about 10 minutes long, easy to consume, and designed specifically to help you supercharge your insights from your data! And now, without further ado, grab some popcorn, tell them that the esteemed Corey Quinn sent you, and enjoy the show!
How to implement login systems using DynamoDB talks about a pattern you probably don’t want to be using, just because the risks of screwing up login and authentication are so high–but it’s still way nicer than Cognito from a user experience perspective.
Yet another round of Favorite Obscure AWS Service Names with appropriate levels of snark included.
This post talking about what ails Google rings true to me from what I’ve seen at the outside. I suspect it’s true for folks inside as well, given the sheer number of them forwarding it to me last week
When Aerin Booth calls a cloud provider out for greenwashing, smart people listen. AWS needs to do a lot better on this front.
One of the best guides to AWS Lambda Layers Best Practices I’ve encountered yet. I learned a lot from this one…
The Washington Post has a writeup of AWS’s concerns with AWS’s Virginia data center expansion.
Kentik has an infomercial style video out that is utterly deranged in the most delightful ways possible. You want to watch this.
Last Week In AWS: Attacked S3s and Guilty Pleas
Last Week In AWS: Santa’s EKS Workshop Massacre
Last Week In AWS: The Dumbest Dollars a Cloud Provider Can Make (Replay)
Screaming in the Cloud: Building Community in Open Source with Floor Drees
Screaming in the Cloud: The Complexity and Value of Scaling Reliability with Kannan Solaiappan
MinIO object storage runs everywhere the cloud operating model runs – offering S3 compatible, cloud-native storage to enterprises that value simplicity, scale and performance in a software-defined, self-hosted solution. Learn more at www.min.io and be sure to tell them that Corey sent you.
Amazon EC2 Dedicated Hosts now support automated maintenance on rare degradation – What’s going on with the "What’s New" feed this week? Usually they wind up not including anything beyond the basic facts; the "rare" in this headline screams of insecurity. "THIS ALMOST NEVER HAPPENS TO ME I SWEAR!"
Workspot announces Cloud PCs powered by Amazon WorkSpaces Core – Okay, no. Just no. There are 43 distinct AWS-provided RSS feeds I consume in the preparation of this newsletter every week; the "What’s New" feed has (until now) been the single authoritative source of truth for enhancements to AWS services. Now it’s getting polluted by what I can only interpret as "Amazon pouring ads into yet another channel." There are many other places to find out about third parties doing neat things; we see blog posts about it constantly. The what’s new RSS feed is at least in theory supposed to be about what AWS does, not what random other companies are selling you on top of AWS. Content like this does not belong there.
Building a Solution for China Cross-Border VPC Connection – I think it’s more than a little bold to put up a solution explaining step by step how to do an end-run against a sovereign power’s laws. Whenever I try to do such a thing I get told things like "no, Corey; that’s called fraud and you will go to prison."
Behind the Scenes at AWS – DynamoDB UpdateTable Speedup – This is the kind of enhancement that almost nobody will notice unless it’s pointed out to them. More posts like this, please! How AWS works behind the scenes is (at least to me) endlessly fascinating.
New Graviton3-Based General Purpose (m7g) and Memory-Optimized (r7g) Amazon EC2 Instances – This is something of a watershed moment for EC2 instance economics. Always before, going like-for-like to a new instance family meant you’d pay less for the new generation. Now, going from a gen 6 equivalent to one of these (say, a c6g.medium to a c7g.medium) appears to cost on average a bit over 6% more. "It performs better" doesn’t really hold water for a lot of customer workloads that mandate things like "ten of these nodes go over here." The economics of AWS appear to be subtly shifting.
New – Amazon EKS Anywhere on Snow – Finally, at long last we can have AWS ship us computers, and then run Kubernetes on them in our own facilities–wait. I lost the plot somewhere. Exactly which problem is this solving for customers, again?
Blockchain and the future of event ticketing – It’s good to know that if I ever submit a "Route 53 is a database" blog post to the AWS Database blog, it won’t be the most heinous bullshit they’ve ever posted.
Reversing Technical Debt with Cloud – Sorry to be the bearer of ill tidings here, but cloud is at best a cash-out technical debt refinance exercise. You can’t outrun the poor decisions of yesteryear by making new poor decisions now.
AWS announces AWS Modular Data Center for U.S. Department of Defense Joint Warfighting Cloud Capability – At last, a data center that can be air-dropped along with a team of paratroopers. I can’t wait to use this thing to run containers.
AWS Security Profile: Jana Kay, Cloud Security Strategist – Ooh, the security blog is bringing back profiles of various employees. I love these, and wish more departments did them. What I particularly want to note is that usually the Security team does this only in the run-up to re:Invent for some godforsaken reason. There’s too much going on then to pay attention; I really like them coming out with more of these during more sedate periods.
Meet 11 amazing pups who go to ‘work’ at Amazon’s Culver City campus – What the hell is up with those scare quotes?! I don’t disparage what any of your leadership team does as not being real work, don’t do it to the puppers. That’s a fast-track to a wag & hour employment claim.
Wiz. The solution for securing your cloud environment. Wiz is the platform that brings together dev, ops and security teams to enable a true cloud-native security operation. Check out Wiz.
I rather like this aws cost CLI that I tripped over. I’m tempted to use it to make some of my existing tooling easier to work with…
… and that’s what happened Last Week in AWS.