It’s been a damn good year for Amazon (s amzn). On October 1st, the day of the federal government shutdown, Amazon’s stock was up more than 8 points when the market closed. Year-over-year, Amazon stock is up 24 percent, despite global threats (Syria), political contention (Obamacare) and overall a highly volatile period for corporate earnings.
It seems logical that the continued success of Amazon’s cloud computing business, AWS, has something to do with these gains. At this year’s AWS Summit in New York City, Amazon CTO Werner Vogels said that AWS Marketplace has seen a 102 percent increase in customers since the start of 2013, and a 53 percent increase in usage of services per customer.
Customers love AWS because it’s extremely affordable and easy to spin up a server for new project or to scale up an existing one. Amazon continues to match or beat formidable competitors such as Microsoft and Google on pricing.
Yet don’t forget: EC2 is a commodity cloud architecture, which means there will be variations and occasional disruptions in performance, network latency and reliability in exchange for considerable value. There will be slowdowns and outages on AWS, and as with an internal data center; you must plan for them, design your apps for unpredictability in the cloud and measure performance all the time. WHere are a few tips on how to manage risk, optimize performance, close security gaps and get to agility nirvana while using AWS (or any other large public cloud provider).
- Application design: Closely align your development strategy with the architecture of AWS or any other major cloud provider. Amazon publishes information on its architecture and configurations to help customers optimize services to run on the platform, and you can hire AWS solution architects to help in that effort. At a certain point, you may want to engage in a deeper investment in Amazon’s PaaS offerings, such as by using AWS Elastic Beanstalk and OpsWorks. Doing so can help optimize performance and management of your cloud applications further.
- Scaling for performance: Design your cloud architecture for horizontal scaling, which will help cost-effectively achieve performance as demand grows as well as deliver a healthy measure of backup and redundancy. While horizontal scaling in traditional IT environments has typically been about over-provisioning, don’t overdo that in the cloud. If you are monitoring capacity and demand in real-time, you can provision resources at the point of need with less risk of buying hardware that sits underutilized. Elastic scaling is also important in the cloud. This is facilitated when application monitoring tools trigger events (such as adding nodes) based on capacity thresholds (such as nearing the ceiling on CPU).
Monitoring: Amazon has hundreds of components and services that are interdependent and susceptible to failure from aging hardware, electrical storms, natural disasters, integration failures or operator error. As the company continues to introduce new technologies and services for customers, invariably some will be weaker than others. Case in point is the EBS block level storage, which has been behind a few outages and can cause problems with other services that rely upon it. Real-time monitoring can help narrow down problems to a specific layer of the AWS infrastructure, which is extremely helpful to arrive at a quick resolution, such as moving the application to a more stable zone.
Use AWS CloudWatch for a base set of metrics, but you’ll need other cloud-centric tools to dig deeper. Integrate data from open source and commercial tools to provide a single-screen view of your entire environment. Modern tools should also incorporate alert mechanisms for when metrics have exceeded the parameters of normal behavior and require investigation.
Security considerations : Whether you host your applications on Amazon or some other provider, the considerations are largely the same. Do the proper diligence on the provider’s physical security, software-based security (such as AES encryption) and certifications. Policies and human behavior are always the sticking point. It’s tempting to issue shared logins, but that is just opening the door to potential trouble.
Spend the extra time to use the Identity Access Management (IAM) tool that AWS offers, which enables distinct logins per user including administrator-level permissions. You can also enable multi-factor authentication so that when users sign in to an AWS website, they must also supply an authentication code from an MFA device. The AWS Virtual Private Cloud (VPC) service allows you to add another layer of network security to your instances by creating private subnets or adding an IPsec VPN tunnel between your network and AWS.
- Cost management: Managing costs on Amazon or any other cloud provider is all about striking the right balance between benefits (such as uptime and response time) and efficiency. Monitoring tools that watch for capacity thresholds can help provision accurately in the real-time cloud infrastructure world so that you’re not over-provisioning unnecessarily. Keep in close touch with business leads, such as the marketing director, about upcoming campaigns for projects that may affect traffic volumes so you can plan ahead. Educate IT staff on best practices, such as shutting down instances when they are no longer being used to avoid unnecessary costs.
AWS, like other cloud services, has weak points and risks, and that is the trade-off of attaining quick access to flexible, low-cost infrastructure. With a team in place to monitor and manage AWS across the key areas of reliability, uptime, service levels, security, disaster recovery and costs, your company can have a positive experience in the public cloud.
Gary Read is president and CEO at Boundary.
This post was updated on Oct. 30 to correct Vogels’ title and specify that AWS Marketplace customers had grown by 102 percent.