One of the key business drivers of cloud based DevOps is greater scalability, which the DevOps team here at Flux7 sees quite often -- especially for eCommerce and digital business. So, as more and more organizations move to AWS for its scalability, availability, and reliability, it makes sense we’d get more and more questions about moving to new solutions like AWS Web Application Firewall (WAF). In today’s blog, we will address why such a move is a good choice for companies migrating their digital business to the cloud. Let’s kick-off the discussion with a little background on AWS WAF.
In a recent blog, we shared the AWS case study of a major US airline and how we used the Kubernetes project for managing production-grade Kubernetes (K8) clusters, KOPS, to run its AWS-based K8 clusters. The goal was to host the company’s applications in an AWS-enabled framework, which the team at Flux7 helped implement in the form of its Enterprise DevOps Framework (EDF). As promised, today we will share the second part of their story, illustrating how we used Ubuntu CIS benchmarked images to help proactively safeguard against security threats.
At re:Invent just a few weeks ago, AWS announced Amazon GuardDuty, to enable secure monitoring. At the time, we lauded the announcement for its ability to grow security in AWS with a more holistic view of security in the cloud. In the past few weeks, we’ve fielded inquiries from several customers asking about the service, its features, and potential fit for their organization. Knowing that their questions may be indicative of a wider interest in the new managed service that monitors and detects malicious or unauthorized behavior across an organization’s AWS infrastructure, we are sharing today our analysis of Amazon GuardDuty.
According to eMarketer, ecommerce in 2017 increased 23%, continuing to surpass traditional retail growth rates; total retail sales -- including ecommerce gains -- were 5.8% in 2017. Yet, as we look into a competitive retail landscape for 2018, and begin to field calls from retailers looking to parlay 2017 gains into 2018 advantages, one discussion point is often around what role AWS best practices can play in ecommerce insurance. That is, through the process of digital transformation, building in consistency and availability for retail customers regardless of the channel they choose.
As an AWS Premier Consulting Partner, we are often asked about using the Kubernetes container management system within AWS. While Google created Kubernetes (K8s), Google’s Cloud Platform is generally seen as a better fit for running K8s clusters. However, until the recent re:Invent announcement of EKS, KOPS, the Kubernetes project for managing production-grade K8s clusters, was the best tool to deploy and manage K8s clusters in AWS. Which brings us to the topic of today’s blog, a customer story of how we used KOPS to run AWS-based K8s clusters. Stay tuned for the second part of today’s AWS case study in which we discuss the details of doing so with Ubuntu CIS benchmark images.
In the middle ages Byzantine emperors and European monarchs issued decrees with a golden seal that was testament to the origin of the decree. Fast forward to today and we can see how the idea of a golden seal -- or golden copy-- is used in technology to express that something is the official or master version. Taking the idea of a golden copy one step further, today we will discuss the concept of the golden Amazon Machine Image (AMI), its role in supporting a successful DevOps model, and how it can generate greater agility and stability.
As more organizations move to cloud computing, the ability to deploy with a blue-green deployment scenario is gaining popularity as a proven strategy to reduce downtime and risk. As this agile approach is one we are being asked about more often, today we will discuss the benefits of blue-green deployments, specifically within AWS hosted infrastructure, and how it can be even more easily facilitated now that Amazon CloudWatch events support AWS CodePipeline as a target.
At Flux7, we are passionate about sharing the power of DevOps. In that vein, we recently gave a workshop introducing developers to the power, ease of use, and governance that comes with moving to a DevOps model reinforced with well-architected tooling. The goal of the workshop was to teach developers more about AWS and Docker-based microservices architecture. And, how using Amazon services like EC2 Container Service, CodePipeline, and CodeBuild can come together to create a platform for developer teams to focus on their application. We highlighted the Anchore solution as part of our microservices architecture for security and will share in today’s blog why we deployed Anchore, how we used it to ensure DevOps security and policy compliance, and our overall experience with the tool.
We are excited to announce that Flux7 CEO, Aater Suleman, will present at this year’s AWS reInvent. If your plans take you to AWS reInvent this year, we’d encourage you to attend this session in which Dr. Suleman will be joined by AWS’ Tom Witman, Head of BD, Edge/Security, and Shawn Marck, Systems Development Manager, to present “Living on the Edge, It’s Safer Than You Think! Building Strong with Amazon CloudFront, AWS Shield and AWS WAF.”
At the recent HashiConf 2017 here in Austin, HashiCorp announced several updates and new features that we are pretty excited about. If you are a regular follower of this blog, you know that we’ve become heavy users of many HashiCorp tools of the past few years as they excel at helping further DevOps automation for greater efficiency, security and productivity. Today we’re going to share with you which new announcements we’re most excited about and why.