Today's leading minds talk Cloud with host David Linthicum
Marc Weaver is CEO of databasable, an IT consultancy that specializes in creating secure, highly available and cost efficient environments in the AWS cloud.
Marc is also an AWS instructor and SME for Simplilearn, an online IT training and certification site, and an instructor for A Cloud Guru, the world leader in cloud computing training.
Prior to starting databasable, Marc had 15 years of experience doing in-house IT consulting for large investment banks in New York, London and Sydney. Originally from Cambridge, UK, he now lives in Miami, Florida and when he isn't working with AWS, you can often find him out on his paddleboard.
Dave Linthicum: Hey guys, welcome to the GigaOm Voices in the Cloud podcast. This is the one place where you will hear from industry thought leaders, providing no nonsense advice on how to succeed with cloud computing, IoT edge computing and cognitive computing. I'm Dave Linthicum, bestselling author, speaker, executive and B-list geek, and this week my special guest is Mark Weaver. He's a top ranked certified data solutions architect, specializing in business, applications, and data center migrations to the AWS cloud.
So we've got a guy who really does it—focused on creating secure highly available and cost efficient environments in the AWS cloud to meet all manner compliance standards including HIPAA, PCI and SOC 2. We need to probably talk about that, I don't even know what that is. [He’s an] AWS instructor and SME for Simply Learn, an online IT training certification course(we have that in common), instructor for A Cloud Guru—world leading cloud computing training, and prior to starting his role at - how do you pronounce Databasable?
Mark Weaver: Data-base-able. Yeah, it's based off AWS, based on the fact that I used to be database related, I'll talk more about that in a moment.
15 years of experience and doing in-house IT consulting for large investment banks in New York, London, and Sydney. So this is interesting... so kind of catch us up on what you've been doing in the last three years specifically around the cloud stuff. And I want to know what SOC 2 is.
SOC 2, well that's just one of the many auditing procedures out there that ensures that service providers securely manage your data, your personal information. So it's just yet another auditing compliance [item] that's out there.
Got it. So what do you do day to day? What's your passion? What kind of things do you work on in the cloud these days?
Well I mean as Databasable, actually I'll go back to that. Databasable was the name I thought it was kinda cool because I worked with databases for so long and I thought it sounded catchy, but I'm actually sort of rebranding to ‘AWS migration expert.’ So I bought the URL for that which kind of encompasses and explains what I do a little bit better than what Databasable does. But on a day to day [basis] I find my work is 50% designing new AWS architectures for businesses and applications that want to move to the cloud. And the other 50% of my time is spent working with people who have already made the move to the cloud and [are] looking to progress to the next step.
I find people get into the cloud very easily and then lose their way even more easily. And I sort of come in to help re-engineer and reorganize things to make things a little bit more optimal and working a bit more efficiently and sort of navigating your way around AWS, as I heard you allude to in a couple of your other podcasts. You know it's a bit of a minefield now with the number of services they have available. So just being able to consult and advise and guide people in the correct direction.
Yeah. So I think we're going to reach a point where just the number of lily pads in AWS as a world that we can jump to, it's gonna be so confusing; it's gonna be very difficult; we're going to need guys like you to basically guide us through the minefields out there. But you know, some of the big announcements from AWS re:Invent last year and around the Outpost and things like that, AWS and hybrid Outposts and that new battleground for vendors, those sorts of things were Google’s early release Anthos, Outpost and those cloud optimization...
Ultimately these things are in essence, confusion on top of confusion for some of these enterprises. For other enterprises there is deep opportunity for them to kind of get control over some of the things that they needed to get control over. So let's talk a bit about Outpost, as I love to key in on that. I wrote some blogs about it and I actually attended re:Invent which is unusual for me. What do you think the fit for that is, and how do you think enterprises should be thinking about it?
Well I mean it's interesting because when AWS teamed up with VMware, which was a couple of years ago now, I didn't really see where it was going, but obviously this was the end game, so that you can run AWS in your own on premise data center as well as in the cloud. I'm seeing a lot of use for it. It's weird how when I went to work in the cloud I find things come in waves. Some of these are new. SOC 2 for instance: I had nothing to do with it, then all of a sudden three clients appear out of nowhere all wanting SOC 2 compliance.
And recently I've had a lot of clients come through that have stuff in the cloud, but they're handling my credit card data, for example. And the people who own the credit card data, the companies they're getting it from will not let them put it in the cloud. So it has to be in a co-location somewhere, and if the guy was saying “well how can do this?” So we're going to end up with two disparate IT environments.
And this is where Outpost is going to come in and sort of make it so much easier. I mean being able to run... have two identical AWS environments, but one's in your local datacenter which appeases all the security requirements of that particular vendor, and then you can have the advantage of running the rest of it in the cloud for a reduced cost and greater flexibility.
And also with VR (virtual reality) as well, I mean it's going to be remarkable that you can just have your infrastructure running in the cloud and with the click of a button you can bring it up in another datacenter in a totally different cloud or a different site, I can see it being a big thing, which is obviously what Google thinks as well because they have also released their thing Anthos, which only came out last week. And I would expect Microsoft will have something in the pipeline as well.
So let's talk about Anthos. I did a blog/podcast on my other podcast about Anthos and actually from the floor of Google [Cloud] Next. Then there seemed to be some confusion out there with people who weren't attending the conference and some people looked at it as Google kind of steering away from cloud as a strategic direction, and other people looked at it as really something that's gonna be a game changer in the fact that a cloud provider—in this case Google—will accept the fact that there are other clouds in the world and be able to build infrastructure to work and play with those clouds. What are your thoughts on this?
Yeah I think it's definitely a game changing thing to do. It reminds me of when Rackspace could see they were losing market share and decided to become an AWS specialist, and would help you migrate to AWS. I guess I'm not saying Google is going to go the way of Rackspace, but the fact that they aren't the only cloud in the game and they are losing market share.
But the fact you can now run Google products on AWS or Azure, that's pretty cool. That can only be a win for them, especially in the container realm, because I mean obviously Google invented Kubernetes or part of that, so it's definitely a big win for them. I can see it being huge. And it's interesting that they got it out much faster than Outpost because AWS with their users, they’ve been announcing it and you know, nothing's happened yet. If we see it in September we might be lucky. So it's definitely a game changer for me I feel.
Yeah I think that that's probably the trend of things going forward and are we going to get to a point [where] we're gonna have these redundant services that exist in different cloud providers? And in essence, have some [of them] emerge as ‘best of breed’ where a single cloud provider will provide something along the lines of... whatever Kubernetes 2.0 is, or whatever the next generation of container orchestration is what we're talking about, instead of leveraging things that are more proprietary and how we solve those things? We have one cloud provider that's able to produce a service, and the other cloud providers are able to build services around it. Are we going to have that kind of cooperation going on?
I think yeah, I think there's going to be a lot more cross pollination than we were led to believe because when this started, it seemed to be like a land grab: who could get the most data centers out there, and grab the most customers. And I know a lot of clients I speak to are concerned about vendor lock in. So yeah I can definitely see a hybrid approach, and you know if Microsoft is better at one thing and Google another, and AWS another, especially where cost is involved, then corporations will always go where the most cost savings can be made. So I can absolutely see that happening, which will be interesting.
Yeah it'll make my job and your job a little bit easier when we can, in essence, point to a single solution that the industry agrees upon that we should look and do some slicing and dicing about. It seems like I'm in a lot of meetings where we're just talking about the difference between the cloud providers and then many of the patterns are overlapping. And typically clients out there are moving into multi cloud environments in they're leveraging cloud management platforms, and I guess we're going to figure out how Anthos figures into that once we test the thing. Certainly things like Outpost is interesting and certainly things like Stack is interesting, but going forward we are going to see some winners and losers in the space, and I think that's going to be OK.
I think there's still going to be a trillion dollar market for all of these various cloud providers to get after and I think that ultimately we're able to mix and match these multi cloud solutions to get the best of breed, which I think enterprises are going to be doing anyway, that's OK. In fact I think it's beyond OK, I think it's better than currently doing the infighting now and the religious talks, things like that, that are that are kind of getting us nowhere in many instances.
I agree and also there's definitely been some reduction in the competitors out there. I mean if you look at the Gartner Magic Quadrant over the last five or six years, the number of dots on that graph that are disappearing... I mean like 5 or 6 I think from the last one, as Google and Microsoft and AWS sort of streak ahead. It was interesting what you were saying because I read a report the other day... (and I need to get more statistics to back this up) but I was saying that 10% of people that are moving to the cloud are already there for this [report]. By 2025 another 80% of businesses would be involved in the cloud somehow. So, that's kind of remarkable and obviously AWS, Microsoft and Google can't swallow all of that up. There has to be some other products and services out there that people will use, just need to wait and see what those will be.
I think that the fact and the reality is that everything is not a migratable thing to the cloud. And so we figure it's about 30% of the workloads on average, but it may be a little more or a little less as we kind of unpeel that and that are just not economically viable to move to the cloud. That doesn't mean they're not important applications, but if they're legacy based systems [like] DEC PDP-11s, things like that, that are running some of the businesses, it just doesn't really make sense that we're gonna rewrite them so they run on cloud based systems.
So I think the movement into these ‘catch all’ kinds of pseudo clouds like managed service providers, co-los, things like that, will be a much more viable option. So I think we will see a mix of the public cloud providers and I think it will be AMG that really kind of rise to the top. You know Alibaba is out there too. We'll see where those guys go, but I think that the managed service providers—and there's a lot of them out there—are really going to fulfill a niche that probably the enterprises don't understand they have right now. Does that make sense?
Yeah it's interesting. I've been working with another client recently who does renegotiation. They'll help you, no matter what your software licensing is, they'll help you get the best deal. They know what discounts you can get and they will work with you to get that down. And now they have them moved into the cloud space, so they're now trying to work out the best way forward for cloud negotiation because obviously battling with these guys is pretty hard work.
So you mentioned cloud optimization as a topic we're looking to discuss, and the thing is that that kind of jumped out at me as something that's of utmost importance but forgotten in the place, and the fact of the matter is that [when] picking cloud and picking cloud environments and best of breed environments—things like that, ultimately we need to have the ability to ensure that we're optimizing the solutions that we're getting to.
One other thing that drives me nuts as an architect is people coming to me and saying “well this is what we picked and it works.” And to me that's not a solution, that's basically you picking a path where there could be 100 or a thousand different paths through the different cloud based services that you have going forward, but it's really kind of one path which is completely optimized for what the business is looking to do.
Are we not having a good visibility into what those optimizations are, how to get to those optimizations? If not what should we do to ensure that we're getting to something that's going to be cheapest to run, most effective, most upgradeable, [cause] less lock in and things like that?
Yeah. Completely. I see it all the time. When I get a client that comes along and hasn't moved to the cloud, but they know they want to move to the cloud, that's great because I'll put together several different options for them: a variety of different costs, different availability models, levels of complexity. It could be the full on API lambda situation or it could just be some EC 2 instances scattered around, but the thing I don't like is when I go to clients and they've already just... because anyone can launch instances, anyone can launch databases, anyone can write lambda functions, and they just launch them willy nilly into their AWS environment. And then there's this mess, and they're saying “well this works, this is our production environment” and it's like there's no thought gone into disaster recovery, compliance.
So it's a total mess of what can be done, and this is what I'm talking about when I mentioned cloud optimization is that people, once they are in the cloud, it seems to me like carte blanche to just go crazy in there. I was dealing with someone the other day, I went [and] set their environment up for them just over a year ago, and came back to do a review, and it had quadrupled in size. I was like “What's going on there?” And we managed to like delete half of the instances and volumes and databases that they had just run amok with because there's no... unless you have some governance going on, anything seems to go, which is—you obviously couldn't do this in the traditional data center, [where it was] very much locked down, and you have a team that did this, and a team that did that.
Hardware going into the racks whereas in the cloud, you don't see that. You're just seeing virtual servers spin up and it is kind of fun to launch a thousand instances of stuff but when you get the bill, [it’s] not so fun.
Yeah that's how people come and say “well I thought the cloud was going to be cheaper than that,” and then you look at their account. You're like ‘Well it was if you stuck to the original plan.’ Yeah, so I think there's definitely a lack of planning and thought that goes on when moving to the cloud. People just, you know how it is, I mean it's exciting but I get it, devs don't like to deal with administrators or architects. They just want to build what they want to build, but all too often that seems to find its way into production, and then you're left reverse engineering everything to get it back to where it should be. Which is one of my few complaints is that the cloud is too easy to run amok with, but obviously the benefits far outweigh the minor complaints.
Yeah and I think that it's not really the cloud provider’s job to make sure that people don't run amok. In essence they're looking to sell services and that's their role and so they're not going to stop a lot of this stuff from happening, but it comes into good architectural planning and discipline, and to your point I think some of that's being tossed out the window as we're moving into the cloud. There [are] some organizations that are doing exceptional jobs in doing the optimization and planning. But in terms of the cost overruns, if they had cost based governance systems that are in place and are able to kind of monitor what's going on and whether or not we're going out of budget and be able to automatically shut down instances that aren't shut down, I think those are just kind of easy things to put in place.
I know you teach some online classes as well (so do I) in terms of understanding what the best practices are and how to leverage them. So should people take your courses, should they hire consultants, do they get smart people in the organization? Should they hire cloud leaders or thought leaders in their organization? Or is it all of the above?
I was just gonna say “all of the above.” I mean I definitely think anyone in IT that is thinking of utilizing the cloud, even if that's just at the management level, they should definitely do some of the more basic AWS cloud practitioner exams, just so they know what's going on. I mean, it's not vastly different from what used to be out there, but it's different enough that you need to understand.
Then of course anyone that's going to be involved on the front line, they absolutely should be learning. Getting AWS certified is definitely one of the first steps anyone should do, because there is so much that’s new and different, and this is a total different way of thinking about it. I love the way that AWS always calls it the ‘traditional data center.’ As if making it..., that's [it’s] not good, traditional is old. You know: ‘we're going to do the things the new cool way.’
So definitely get some education, and the course they have on Simply Learn is pretty good. And then on A Cloud Guru, there's a course coming out on RDS, which is a fun course about how you can easily get high availability with your databases, which previously would be like an absolute nightmare to set up. But, yeah I tend to work with small to medium sized businesses so they definitely don't have a cloud thought leader. Not like your role at Deloitte. But if you can afford one, then absolutely that would be the way forward.
I guess that's why they're working with you, you're their cloud thought leader.
Well yeah, exactly.
So final topic: what do you see in terms of cloud trends? What are you seeing gaining momentum? What's going to get traction in the next few years? Let's get our crystal balls out and see what's going to be a big deal in 2020/2021.
Well I mean, so essentially I see things in waves. It's almost like clients, it's almost like they're running an Olympic race and they finish, they get it, they win, they get a medal, they get bronze. And that's like the people that come in and are like “This is awesome: we've moved to the cloud, we now have auto scaling AC2 instances, it's much more dynamic, it's more highly available.” And then they sort of look up and see that the silver medal person in the race, has moved to containers.
And I’m seeing a lot more movement in that direction. The amount of times I've had to explain what a container is to someone is increasing all the time. And I see that that's the next step. I feel like that's going to become more mainstream and we're going to see less and less of people just breaking stuff where we see two instances. And then I feel at the moment like the one that's winning is without a doubt, serverless.
People, when you explain to them what lambda can do and how they can hook and with an API, people get crazy for it, maybe too crazy in some situations because there definitely does seem to be a cost, a break even point with lambda compared to EC2 or containers. But that's definitely the way, serverless is, without a doubt, the way things are going and I don't know what it would be, but I can see some new services in that arena being released by all that the cloud providers over the next few years.
Yeah they're definitely focused on severless and I can understand why, having built a few systems with serverless environments, because it's just way easier not having you do that backend sizing kinds of things to figure out how much storage to attach or memory to attach. It does it automatically for you, but to your point, I guess there is some cost tradeoff in doing that.
One of the things on my to do list is to set up a lab so I'm able to take a look at these various things in terms of how the cost is going to be affected in a serverless environment versus something where I'm trying to size the environment. But the reality is that I'm not sure about what you're seeing if you're seeing a sized environment, it's typically mis-sized. They're under resourcing it and over resourcing it, it’s not necessarily optimized for cost; and so you think it’s a good thing to take that out of the control of the people who are managing the clouds and put it into a serverless framework, where the back end resources are leveraged and returned back to the pool?
Yeah, as you said, I think it works well up to a certain point. I mean if you're going to build a piece of software or an application and the lambda functions [are] firing a thousand times every second, every minute of every day, then maybe serverless might not be the way to go. So there definitely needs to be more analysis on this.
I have a few clients that have some runaway lambda functions that got very expensive and they're going to be running a pretty significantly sized EC2 farm for the cost they were spending. So, yeah there definitely isn't enough cost governance, and there definitely needs to be some more. I mean it's not even not difficult—it's just taking stock of what you have and taking a step back and seeing what AWS has released and announced since you set this up. And maybe that isn't the way to go. And that's the beauty of the cloud... you can tear stuff down and create new stuff just as quickly.
Yeah it's all virtual, so you 're kind of removed from a lot of the details and moving around hardware and software like we used to do back in the day. I think it's better but it's like a chainsaw: you can make some productive moves with it or you can do a ton of damage, depending on how you want to point it.
So anyway, pick up a copy of my book, Cloud Computing and SOA Convergence, available on Amazon and other places books are sold. Also make sure to follow me on Twitter at @DaveLinthicum, as well as LinkedIn where I have several cloud computing courses on LinkedIn Learning, as does Mark. So Mark, where can we find you on the web? Where are your courses? Where can we find more about your company and yourself?
So you can find me on my website www.AWSmigrationExpert.com or on www.databasable.com. And then I've got courses on Simply Learn. If you just type in ‘Simply Learn Solutions Architect,’ you'll find me and I have a blog page on there as well, some stuff that you may find interesting.
Yeah. Check out Mark specifically on dealing with the migration and architectural issues. It's few and far between to find people who are kind of up on those, and always attach yourself to people who know what they're doing and learn all you can especially people like Mark that are willing to share. Talk to you guys next time. Bye bye.