Road to re:Invent - AWS Compute

56 minute read | Last updated 13-Nov-2019 |  AWS, AWS re:Invent, Livestream

AWS offers a number of services it labels as “compute”. What are they? How do you pick one that makes sense for your workload? How are they different from each other? This live stream tackles these questions as we take a look at computation in the AWS Cloud.

Here are the slides that I used during the live stream.

Bad Robot Transcript

Good morning, everybody. How are you doing today? Are we go thanks for joining. This is the latest in a series of Screams. I’ve been doing leading up to eight areas reinvent. Eighth of this treatment is the end of first week of December. 18 days remaining kind of crazy ass. So we’re live right now on Twitter and on LinkedIn fire up your comments here in in LinkedIn, or you can send me a tweet as well.

And we will I will respond to them as I can on the Stream So I wasn’t on last week. I’m doing this series because I’ve started another series at for Trend Micro call Blitz talk cloud and Batman going really really well actually that end in two seconds. And also I was at the Fast Company Innovation Festival in New York City was giving a talk there and that kind of took up a Bunch of my week.

So apologies for not having a stream about eight of us last week at but we’re back at it right now and I don’t want to talk about a divorced compute Services because I think a lot of people assume they’ve got it on lock but I think there’s a lot of questions and the lowest I see a lot of questions, but she won’t talk of people are just getting started the end of his Cloud.

What should they be picking? What are the options? Where are they that kind of stuff. So we’re going to dive into AWS compute Services just like we did with a dubious database Services a couple of weeks ago. So I’m going to share something on my screen for a second.

So I already dropped this link in the LinkedIn Chatham and you can hit it up. Obviously Mark end. CA and it’s one of the main links there and you see I have my Ultimate Guide to reinvent switch to come to the show in 18 days. This link will let you know.

I’m what’s going on as far as activities at how to sign up for talks all that kind of stuff. And then also I have an official guide on the 8th of your sight. I’m giving to talk so SEC 204 and then. 204 but yeah, you can see here. The last one we had was databases as well as a Redemption on Dynamo, right? Because I messed up that a little bit as well.

So I keep the questions going on. But as I mentioned trend on the Trend Micro Channel and we started this new let’s talk Cloud series written episode last week another one yesterday and basically it’s very casual sort of informal. I’m talking to various folks and we’re starting with people in Trend just because we’re not sure about the format.

We’re trying to experiment a little bit. Then we can be expanding it up to get guests from around the community and really just kind of giving you that on the ground sort of real-world experience. It’s been going really well. I’m actually really happy with that one and let’s get rolling here and I see a Ashley’s already got a question on LinkedIn, which is great and how to use AWS with a IMDb the configuration management database.

A great question. There’s a lot of stuff in that that we can dive into and we’ll talk about a bit about that today. But really what we want to talk about is AWS compute services. So here’s some slides I pull together as always I’ll publish these afterwards for you have to keep the comments coming here in in LinkedIn and on Twitter and I’ll tackle the one I can basically we’ve got a computer vs.

Breakdown or I find a breakdown far more easily around what type of compute you’re getting so compute basically means making a decision. So this is where you have time either Cody written or cold you’ve gotten and you’re trying to make some sort of decision or manage the flow of information.

So you’re doing some sort of processing on information that you’ve done really that’s all programming is is that you take an input you do something to it and you have an output that’s what the computer services are doing, right? You have some sort of input you’re doing some sort of action or transfer.

Listen to it and then you have some sort of output. And of course there’s a myriad a million different ways that that actually happens now the main unit of compute at for most people at least conceptually for most people is an instance or a virtual machine. Now all of the services you see on screen right now are instance based and we’re going to dive into each of them a little bit.

I’ll give you this so the overview of what’s going on, but some of the classic is the Amazon elastic compute cloud or ec2. That’s where you ask AWS to give you a instance Linux or Windows server and you take over from their recovery that the shared-responsibility model but that’s the core of Amazon ec2.

And that is final. It’s fundamental unit is an instance in AWS parlance. You pick how much memory how many CPUs are graphics cards at all that kind of stuff. In fact, we’ll dive in in a second and try to do Do that on our own. Try. We’re going to be successful at least we’d better be successful if we fail making an instance in ec2.

Then I’m going to have to stop screaming because that’s just sad I should be able to pull that off and I’m just making sure I’m logged in on the background here. So the instance is arcore piece of compute. Now everything else on this screen is either there to support or a more specific version sort of an additional level of management.

I’m on top of that. Let me just grab my password here. This is not liking let me log in this morning just never a good sign that we go get some background. So when we’ve got you’ll notice elastic Beanstalk create an instance in a bunch of stuff around it to help you build out a web application.

So it Elastic Beanstalk, it comes pre-configured with a number of I think it pulled that out. Let me pull it up for you. It’s far simpler just to show you guys this stuff. Right? So elastic Beanstalk helps out with Java with PHP flip over to my browser. There we go.

So you can see you got things like Jabba PHP. If we go to the fact of the FAQ, you’ll see the development stack. So if you’re building something with Apache Tomcat with Apache HTTP engine X Ruby applications. Net applications Java Docker go Beanstalk does a whole bunch of heavy lifting for you and krates database crate to load balancer crates ec2 instance.

So it is taken your core of compute your instance. I build stuff around it. Right which is why I have it laid out on the same page as the rest of this ec2r instant space stuff same with VMware Cloud on AWS VMware client on a Nabi takes VMware and put it on some a solid Hardware.

So it’s bare metal instance is running an AWS and then you have virtual machine. So not strictly instances but virtual machines in a VMware concept, but it’s the same. Logical unit of compute a time and then you can expand out in the AC to as well at 8 to post is this super-cool at on-prem yet on-prem environment.

Where a what you basically get is you get a giant rock. Filled with Native localized services. So I’m very very cool. I don’t know if I can show you this video the mbed. Yeah, they don’t actually have a picture of it. Unfortunately. I wish they had a picture that would be super cool.

But essentially it’s a giant rack that runs AWS services that you can have local and I’m so same thing you’re getting that core in idea of AWS compute of being an instance on your in your own data center, right? That’s a de Brazil close batch is a way to stitch instances together to accomplish a task.

So if you have a bunch of files that need to be crunched you do this with AWS batch and it’s configures a bunch of instances together to work as one workflow. But again the same course as an instance and then lightsail is designed to Run around without can compete with things like digitalocean or HostGator.

If you’re running like a lamp stack or WordPress. It’s a really low cost single server way with a bunch of rappers around it again. Now in the corneal notice elastic load balancing and then actually a mistake here with the container registry that should be on the next page but elastic load balancing helps you wrote things to your ec2 instance, but it’s classified as a computer service kind of dog do to be honest.

If you guys have questions as we’re going along this just hit me up in the comments either. I reply on Twitter or in LinkedIn happy to address specific concerns, but then you might notice a TCS is here on the page. So Amazon elastic container service. I’m showing in the instance page people probably going to why why you doing that? That’s a container service it is but it isn’t so it’s designed help you run containers, but you have to run the instances that host those containers which is why it’s on the instance page because that is the fundamental unit of computer.

Is that you are running instances in order to accomplish your goal of running containers sounds kind of weird, but it’s really important from a responsibility perspective is that you’re responsible for those instances. So if we go to the next page are we get the next round of compute to make sure that’s there for you.

All right. Next ride a computer. I pulled ECS back onto this because you are trying to run containers on ECS AWS fargate, which is a managed container service and then I put the registry where is actually supposed to be that’s where you get your containers from to run them that we have functions which are serverless Computing AWS Lambda and then we have the application repository or Tsar as well to run though.

So very different types of computer on the first page. It was all variants of you have a server somewhere which is an instance in AWS parlance and you are going to load it up. You’re going to configure you’re going to run it like any other system you have so like my iMac same kind of concept it just eats in the cloud and it’s running server-based were closed.

Four containers that something different you get rid of the operating system and your packaging or application up essentially like a like a zip file for your application, right? You’ve you’ve taken all the dependencies and everything you require to run your application. You put it into it a one package.

That’s a container and we’re going to try to run it now an ECS you run it on your own Fleet of virtual machines and fargate you’re running it on AWS is Fleet and you have to worry about the management of that Fleet. You just worry about the the containers themselves.

Now when you move over to Lambda functions as a service or serverless compute and I always say serverless Computing because serverless refers to the architecture of these things have but for a function in Lambda, you’re now getting rid of all that extra stuff as well any operating dependencies and things like that and you’re just writing your code see if removed another level of abstraction more another level of support away and you’re getting a simpler and simpler.

So Lambda is far more. Micro sort of event driven and you see that scales up wildly. So we’ve got containers and functions to really instances containers and functions are our main units of compute with a native elder scroll down. This is where it starts to get kind of interesting.

So let’s look at how you going to want. Why do these matter? Why are these different? Why would you want different levels of compute? Well, it turns out the goal of the cloud is really to do less to generate more value, right you want to do last work and I know I want to do less work cuz you know, that’s just what is about technology is supposed to really amplifier ability supposed to streamline things as opposed to make them simpler.

So with compute you need to keep that in mind you say. Okay. What what fits my needs how much work do I have to do to get how much value out of this and if we look at the start the to soar biggest heaviest loads are going to be eight of yours outposts and VMware Cloud on AWS.

Things you need to be aware of what you’re getting for what you’re spending. And spending an actual cash as well as an effort. So afraid of us Outpost if you have a Data Center and you want to start working in it if it was cloudy and avoid Outpost is fantastic because you can leverage that data center Space by putting racks of AWS equipment in essentially and leveraged at their same with VMware cloud in a TBS.

If you already have a huge VMware installation VMware cloud in a TBS helps you leverage the same set of Technologies in operational set up to move forward, but that’s a lot of heavy lifting is a lot of parts. You need to worry about here and with AWS outposts actually physical Hardware that you need to worry about.

So these are concerns right because you’re doing more work and you’re not getting necessarily more value compared to that that ratio right to the next kind of thing we move over to is he actually see to sew spitting up an instance and getting access to something that’s easy to know Matt is the bread and butter of most people’s are compute workloads on AWS and there’s nothing wrong with it.

And this is sort of the normal forklift method if you have existing stuff Over to ECF easy to because that just works right? If you’re running on Windows in your data center in another environment. You can run on Windows N Easy to have there’s a whole bunch of benefits to that but it’s still not like super cloudy, right? You start to get more value As you move over so something like AWS batch.

Now if I have a whole bunch of files that I need to convert from one format to another I can start to do that in a back to where it’s going to automate spitting up instances doing work and then spinning them back down and completing that work flow. So now I’m starting to leverage some of the power of the AWS cloud with this extras around ec2.

And the same thing applies when we look at ECS elastic Beanstalk and light sale so lightsail is I have a little website that I want to run that runs on WordPress. They put a whole bunch of rappers and smooth that out elastic Beanstalk is I have more of like a corporate application that I need running and then tcs’s I have containers that I need to run all of these things are based on ec2.

They live Play leverage ec2 and you pay easy to prices for a bunch of the stuff with the exception being light sale and that moves you forward with your computer. They put rappers around it to streamline that experience for you and that helps out a huge huge amount. But now we get into the really interesting things and we look at a fargate no fun games referred to as a number of things serverless containers which drives me insane as a as a reference point.

But think the concept is there is I’d like ECS where you’re running a bunch of servers instances to run your containers fight. You’re just running containers. So you can figure these containers they contain a lot more weight than a function but they are huge amount of value for very very little at effort on your part.

And then we add in the final one. We get to Landa and Landa is the least amount of effort on your part for a huge return. So you want to be more over at she want to try for landing want to try for fargate because you’re going to see the most amount of value that ratio works in your favor because of the little amount of effort that you have to put forward to take advantage of the services.

It’s the last thing and slides that I wanted to show you is really boils down to this and yes, there are a bunch of arrows already instances containers and functions or serverless Computing ec2 is where your bread-and-butter as with the instances is when people are most comfortable most familiar.

Caters mainly fargate but ECS plays there as well. You can see ecso kind of slid down from the instances because conceptually most people think of it as containers and then four functions at were serverless compute. You want Lambda, but again fargate kind of falls into the service piece because you don’t have to worry about the infrastructure that you’re running on it.

I got a little bit more all the others kind of fit into the instance level but really what it comes down to is. How do you pick? Bright, how do you choose which one you want? Well, that’s actually very very simple if you’re starting fresh assuming you’re starting fresh.

You don’t have anything in place right now Lambda you want build your applications in a serverless architecture pattern, which means Lambert is going to be your computer layer. It is the most effective it is by far the lowest cost in vast majority of cases because it is truly event-driven user makes a request something executes the background if a user doesn’t make a request nothing executes your cost a very very low your operational over head stays very very low your security concerns are very very minimal.

If you can’t make it work in a Lambda you want to go to a container and ideally that containers deployed by AWS fargate so you don’t have to worry about the infrastructure underneath. If you have more customers at the customizations required with your containers, or you’re deploying a group of containers to build one application.

That’s when you go to ECS and you’re probably going to end up with kubernetes cuz we can’t get through video with a Thank you for that. He’s a kubernetes in place to manage containers at scale kubernetes is only about managing containers and keeping track of them. So if you have a bunch of them, that’s when it’s useful if you only have a few of them don’t worry about.

You can use the native Tools in fargate to to pull that off to fall back TCS it again because you’re taking on more work. That’s why I say if you have to and then finally you get to the traditional designs are going to fit into our Amazon ec2 because that’s really where you know, most of those designs get forklift it over at because they can run the exact same kind of Hardware or paint kind of software configuration.

Sorry because they are literally sitting in in the same environment so very very simple, but that’s how you choose you start Lambda go to fargate ECS if you have to do for containers and then into ec2 because that’s where you want to be pushing with modernised applications. That’s the Real of the real benefit here is getting to that point where you can you can get the maximum amount of value out of your efforts.

I’m in building compute at any ATM u.s. Cloud. So what I’m going to do is I’m going to flip over and I’ll show you a couple of these Services because they let me just arrange some windows and let’s jump into the Management console. So I’m here with my Management console looks pretty solid.

I’m just trying to make sure that I can actually see the screen to make sure if there’s any issues that I can jump on it. We’ve got a right in the console. If you haven’t seen easy to let me walk you through making a virtual machine or an instance very very simple.

You can click the big blue launch instant buttons. This is going to take you to your first choice, which is what is the base image template or am I that you were looking to launch from you can see right off the bat. We got Amazon Linux 2 how we go to Amazon Linux one if we wanted to but if I scroll down you’re going to see all your normal sort of expected operating systems Red Hat Susie, you boot to Windows Server 2019 R2 some customized one.

So deep learning on a boat to deep learning on Amazon Linux. These are pre-configured with a bunch of extra software on top of the operating system that make life easier for you. So you can see for deep learning. We have a ton of things that you may not be familiar with if you’ve never played around with deep learning or AI research, but trust me the amount of configuration required to set these things up is ridiculous.

Having this bullet fully just like one click away makes life much much easier. But if we want to watch a Linux instance, we just simply select Amazon Linux 2 will keep it 64 bit x86 is standard arm is mobile chipset to the whole bunch of software compatibility challenges there but useful to know if you need it.

So we just click the blue select and now we get into our instant size. Each of these are going to be different choices different prices. I just saw a fantastic question from Ashley in the Stream about Kali Linux. So Kali Linux is a great distribution for security work and what you can do if you can find that either in the marketplace or the community am I section? So let me just go back one for a second.

So if I click on previous I can search for a search for Callie and you’ll see I’ve got one in the marketplace which can be paid for or free and 13 in the community. So if I click on the marketplace You’ll see Kali Linux is actually set up here free to of this is managed by Kali Linux themselves.

So these are normally the best ones and you’ll see it’s actually $0 per hour for software plus my normal ec2 instance fees. So this is a professionally-managed image is opposed to a community matters best app for 1. So if I want Kali Linux, I can actually just select Kali Linux and it’s going to tell me wait a minute.

There’s different configurations for this so I can just say yes. I want to continue with Kali Linux and it’s going to tell me the prices for ec2. So very very simple and we can do that by default same with any other customized distributions you’re looking for you can normally find them in the marketplace or Community again.

Look at the pricing in Marketplace. That is absolutely key before open source stuff like Callie. There’s normally 0 charges on top of the normal ec2 instances soap for people who sell software through the marketplace. You can charge something on top of the normal AWS bees. I’m so that’s what you need to be aware of community ones are always free Marketplace could be free double check the pricing there.

But yeah, really simple just fall off a search in the search box here and you’ll find a lot of really great customized a.m. Eyes. This will go back to the default Amazon Linux quick select and now we need to pick the size. So you see here. It’s in a really kind of Handy at able to tell you the general purpose the actual type.

Sorry about all the pop ups on the web. You lies crazy number CPUs number memory storage type Network performance ballpark whether or not you can get at EBS elastic Block store volumes in the back of it. So you can see basically just get bigger and bigger and bigger as you scroll down my favorite watch out for your pocket or the big one.

So 96 CPUs 384 gigs of RAM for 900 900 gig SSD write like the M5 dn-24 x-large. There’s monsters monsters compute images in here. You’re bigger by the minute for ec2. I’m in this is generally with a WIC want to make sure you understand what you’re built by for each of these at because you don’t want to spend more than you have to but you also don’t want to sacrifice performance.

So sometimes you get any scenarios where if you’re trying to cut corners and save on costs there. She going to cost yourself more money because your task is going to take longer. So if I say, well, you know what I can squeeze out in half a gig of RAM, but it’s going to take me 20 minutes to finish my job versus if I did it in a gig of RAM.

It’s going to take 5 minutes. It’s actually cheaper to go to a gig of RAM to go up a size to get that job done faster to reduce my overall cost. So once you figure out what you want, you simply select it and then go to the next which is configure the instance details a lot of this stuff won’t make sense for you right now.

Unless you’re I used to AWS and building on instances infant has need to go somewhere is why we said, you know, push into fargate push into Landa because you don’t don’t worry about where they go with instances. I need to send in a network somewhere. So all this screen is setting up.

You know, how many do you want to watch you can launch up a bunch of them at a time. You don’t have to have launched just one so you can launch 20 identical as is or how do I spot instances me making be terminated at any time but they cost much last.

So if you have a job that’s recover or failure tolerant that you can do this so in batch, it’s a really good idea because baffle automatically just been up a new one since you can save a ton of money, then this network subnet and auto assign public IP is for where it’s sitting in your vpcs have same with placement group IAM role as its permissions a so, you don’t have to give it at credentials.

I am rolls take care of the credentials and then some options around monitoring and tenancy and stuff like that. So just some basic stuff that you get more more familiar with it as you play around with easy to and as you get more familiar with it or else we’ll just click next to go to add storage.

You can customize how much you want. You can pick whether you want a slower or faster. You can give it more storage. You can give it guaranteed IHOP’s and then you can give it encryption. I’m So based on encryption keys in KMS really amazing to be able to set that up.

Now next if you go you got the tags tags are super important at is actually a whole white paper on tag specially if you have a lot of people use an account there just customized keys and values for you to set up like application. No team responsible Mark’s team right team responsible at operations, like something like that to keep track of what do the what the purpose of the stuff is who’s paying for it? Who is responsible for it tags are very very useful.

If you want to set those up we can so in this case what I could just say his name road to reinvent demo instance. All right, so I just gave it a name next is configured Security Group. You can create a new group this allows traffic in and out or by default traffic blocked.

So you need to explicitly add Are credentials in here? So if I add a demo My Demo Security Group only allows people to remotely access o s h is the way to Lenox to remotely access you couldn’t run a web like you can’t run or people can access it through normal default ports for web browsing you need to add that in your Security Group.

Security groups can be changed later on. So this isn’t the end of the world but you really should be launching a locked down so that when you fire pit and since it is minimally accessible just for security purposes, then you click review and launch and you’ll see there’s some mornings I can’t miss is not eligible for free tier.

That’s okay. And this one Security Group demo allows access from the outside world. So hey, that’s bad. You should fix that unless you know what you’re doing you get this summary and then you’re going to click launch on launch. It’s going to ask you one final question. And that is for Linux instances.

It says, you know, what T. Do you want to use to access that you create a private key in a public-key. You keep the private key interviewer says the public key if I have access to this file, then I can login. Your knowledge it and then I click launch and it’s going to go I’ll show you what actually happens there.

You’ll see it gives you a summary by click the blue view instances. You’re going to see I cuz I added a name tag for your scroll that out. There is my name road to reading that demo instance and it’s actually pending so it was a ton of decisions just to get one server up and running.

This is why I said you want to push it as far as you can over to deal with Lambda and fargate because as you’ve seen from our previous streams with lamb. You just need to literally give it the code and you’re Off to the Races. So if you see all that stuff’s in our instance is actually running so we can log-in if we wanted to have but we’re running tight on time here.

So what I want to show you what is the difference I all the way to the other side if I go to Lambda. When we create a new function for Lando I can offer from scratch or I can create a blueprint right? We’ve already covered this in-depth so not going to go all the way but if you simply let me actually even make this easier.

I’m going to show you the existing one we made last time for creating my Lambo. You just have to add a trigger if you want one and an output and then you add your code and you hit save that’s it. I’m so you just watched we went through five minutes of configuration on ec2 to get a server up and running Lambda.

It’s going to take about 15 seconds to get to the point where you can paste in your coat or you can start writing code that fundamentally is why I said that you should start let me just put back to my slides to make a point that’s fundamentally is why you should be doing this why you should be starting at Landa going to fargate for containers and then dc2 is your last resort.

Just amount of work simply put you know, the cloud is all about amplifying the cloud is all about getting you a head getting more value in stop building it4it sake or building all these it infrastructure layers to get to the point where you deliver value. So when you’re looking at servers or when you’re looking at computer, you have a ton of options, right? You want to start with Lambda though go to forget if you have to go to ECS if you have to been finally down to ec2 because when you look at this as a layout for computer options, there’s a lot of flexibility here, which is fantastic.

You can use any move into the end of this cloud is going to come with a bunch of benefits. The goal here is to maximize those benefits. So the further over to the right towards land and farm gate you can get the better off you’re going to be so that was a quick overview of intervals compute services at really appreciate you guys joining me this morning.

I know it’s hard when I’m not on regularly. Like I said last week I was kicking off that news. Thanks for trying. I was at the Fast Company Innovation Festival, which was very very cool. That was a place where I’m Kanye announces new weird algae foam made in the US sneakers.

So yeah, it was a great Festival is very different for me have not normally at non-technical festivals and let alone at non-security Pete left Festival. So it was interesting but I’ll be back on Wednesday at 18 days 18 days before we go to kicks off which is absolutely insane and I’m kind of starting to panic a couple more of these out before we get onto the ground.

If you’re a true event, please by all means. Hit me up. Let me know on Twitter at Mark NCAA here on LinkedIn MLB streaming live under the Twitter handle as well as my own from reinvented be super active on Twitter at during the week as well. What’s going on? I appreciate you taking the time today.

I’m thank you for the great comments keep them coming and I will see you on the next escrime. Thanks a lot daycare. Good morning, everybody. How you doing today? Are we go thanks for joining. This is the latest in a series of Screams. I’ve been doing leading up to eight areas reinvent.

Eighth of this treatment is the end of first week of December. 18 days remaining kind of crazy ass. So we’re live right now on Twitter and on LinkedIn fire up your comments here in in LinkedIn, or you can send me a tweet as well. And we will I will respond to them as I can on the Stream So I wasn’t on last week.

I’m doing this series because I’ve started another series at for Trend Micro call Blitz talk cloud and Batman going really really well actually that end in two seconds. And also I was at the Fast Company Innovation Festival in New York City was giving a talk there and that kind of took up a Bunch of my week.

So apologies for not having a stream about eight of us last week at but we’re back at it right now and I don’t want to talk about a divorced compute Services because I think a lot of people assume they’ve got it on lock but I think there’s a lot of questions and the lowest I see a lot of questions, but she won’t talk of people are just getting started the end of his Cloud.

What should they be picking? What are the options? Where are they that kind of stuff. So we’re going to dive into AWS compute Services just like we did with a dubious database Services a couple of weeks ago. So I’m going to share something on my screen for a second.

So I already dropped this link in the LinkedIn Chatham and you can hit it up. Obviously Mark end. CA and it’s one of the main links there and you see I have my Ultimate Guide to reinvent switch to come to the show in 18 days. This link will let you know.

I’m what’s going on as far as activities at how to sign up for talks all that kind of stuff. And then also I have an official guide on the 8th of your sight. I’m giving to talk so SEC 204 and then. 204 but yeah, you can see here. The last one we had was databases as well as a Redemption on Dynamo, right? Because I messed up that a little bit as well.

So I keep the questions going on. But as I mentioned trend on the Trend Micro Channel and we started this new let’s talk Cloud series written episode last week another one yesterday and basically it’s very casual sort of informal. I’m talking to various folks and we’re starting with people in Trend just because we’re not sure about the format.

We’re trying to experiment a little bit. Then we can be expanding it up to get guests from around the community and really just kind of giving you that on the ground sort of real-world experience. It’s been going really well. I’m actually really happy with that one and let’s get rolling here and I see a Ashley’s already got a question on LinkedIn, which is great and how to use AWS with a IMDb the configuration management database.

A great question. There’s a lot of stuff in that that we can dive into and we’ll talk about a bit about that today. But really what we want to talk about is AWS compute services. So here’s some slides I pull together as always I’ll publish these afterwards for you have to keep the comments coming here in in LinkedIn and on Twitter and I’ll tackle the one I can basically we’ve got a computer vs.

Breakdown or I find a breakdown far more easily around what type of compute you’re getting so compute basically means making a decision. So this is where you have time either Cody written or cold you’ve gotten and you’re trying to make some sort of decision or manage the flow of information.

So you’re doing some sort of processing on information that you’ve done really that’s all programming is is that you take an input you do something to it and you have an output that’s what the computer services are doing, right? You have some sort of input you’re doing some sort of action or transfer.

Listen to it and then you have some sort of output. And of course there’s a myriad a million different ways that that actually happens now the main unit of compute at for most people at least conceptually for most people is an instance or a virtual machine. Now all of the services you see on screen right now are instance based and we’re going to dive into each of them a little bit.

I’ll give you this so the overview of what’s going on, but some of the classic is the Amazon elastic compute cloud or ec2. That’s where you ask AWS to give you a instance Linux or Windows server and you take over from their recovery that the shared-responsibility model but that’s the core of Amazon ec2.

And that is final. It’s fundamental unit is an instance in AWS parlance. You pick how much memory how many CPUs are graphics cards at all that kind of stuff. In fact, we’ll dive in in a second and try to do Do that on our own. Try. We’re going to be successful at least we’d better be successful if we fail making an instance in ec2.

Then I’m going to have to stop screaming because that’s just sad I should be able to pull that off and I’m just making sure I’m logged in on the background here. So the instance is arcore piece of compute. Now everything else on this screen is either there to support or a more specific version sort of an additional level of management.

I’m on top of that. Let me just grab my password here. This is not liking let me log in this morning just never a good sign that we go get some background. So when we’ve got you’ll notice elastic Beanstalk create an instance in a bunch of stuff around it to help you build out a web application.

So it Elastic Beanstalk, it comes pre-configured with a number of I think it pulled that out. Let me pull it up for you. It’s far simpler just to show you guys this stuff. Right? So elastic Beanstalk helps out with Java with PHP flip over to my browser. There we go.

So you can see you got things like Jabba PHP. If we go to the fact of the FAQ, you’ll see the development stack. So if you’re building something with Apache Tomcat with Apache HTTP engine X Ruby applications. Net applications Java Docker go Beanstalk does a whole bunch of heavy lifting for you and krates database crate to load balancer crates ec2 instance.

So it is taken your core of compute your instance. I build stuff around it. Right which is why I have it laid out on the same page as the rest of this ec2r instant space stuff same with VMware Cloud on AWS VMware client on a Nabi takes VMware and put it on some a solid Hardware.

So it’s bare metal instance is running an AWS and then you have virtual machine. So not strictly instances but virtual machines in a VMware concept, but it’s the same. Logical unit of compute a time and then you can expand out in the AC to as well at 8 to post is this super-cool at on-prem yet on-prem environment.

Where a what you basically get is you get a giant rock. Filled with Native localized services. So I’m very very cool. I don’t know if I can show you this video the mbed. Yeah, they don’t actually have a picture of it. Unfortunately. I wish they had a picture that would be super cool.

But essentially it’s a giant rack that runs AWS services that you can have local and I’m so same thing you’re getting that core in idea of AWS compute of being an instance on your in your own data center, right? That’s a de Brazil close batch is a way to stitch instances together to accomplish a task.

So if you have a bunch of files that need to be crunched you do this with AWS batch and it’s configures a bunch of instances together to work as one workflow. But again the same course as an instance and then lightsail is designed to Run around without can compete with things like digitalocean or HostGator.

If you’re running like a lamp stack or WordPress. It’s a really low cost single server way with a bunch of rappers around it again. Now in the corneal notice elastic load balancing and then actually a mistake here with the container registry that should be on the next page but elastic load balancing helps you wrote things to your ec2 instance, but it’s classified as a computer service kind of dog do to be honest.

If you guys have questions as we’re going along this just hit me up in the comments either. I reply on Twitter or in LinkedIn happy to address specific concerns, but then you might notice a TCS is here on the page. So Amazon elastic container service. I’m showing in the instance page people probably going to why why you doing that? That’s a container service it is but it isn’t so it’s designed help you run containers, but you have to run the instances that host those containers which is why it’s on the instance page because that is the fundamental unit of computer.

Is that you are running instances in order to accomplish your goal of running containers sounds kind of weird, but it’s really important from a responsibility perspective is that you’re responsible for those instances. So if we go to the next page are we get the next round of compute to make sure that’s there for you.

All right. Next ride a computer. I pulled ECS back onto this because you are trying to run containers on ECS AWS fargate, which is a managed container service and then I put the registry where is actually supposed to be that’s where you get your containers from to run them that we have functions which are serverless Computing AWS Lambda and then we have the application repository or Tsar as well to run though.

So very different types of computer on the first page. It was all variants of you have a server somewhere which is an instance in AWS parlance and you are going to load it up. You’re going to configure you’re going to run it like any other system you have so like my iMac same kind of concept it just eats in the cloud and it’s running server-based were closed.

Four containers that something different you get rid of the operating system and your packaging or application up essentially like a like a zip file for your application, right? You’ve you’ve taken all the dependencies and everything you require to run your application. You put it into it a one package.

That’s a container and we’re going to try to run it now an ECS you run it on your own Fleet of virtual machines and fargate you’re running it on AWS is Fleet and you have to worry about the management of that Fleet. You just worry about the the containers themselves.

Now when you move over to Lambda functions as a service or serverless compute and I always say serverless Computing because serverless refers to the architecture of these things have but for a function in Lambda, you’re now getting rid of all that extra stuff as well any operating dependencies and things like that and you’re just writing your code see if removed another level of abstraction more another level of support away and you’re getting a simpler and simpler.

So Lambda is far more. Micro sort of event driven and you see that scales up wildly. So we’ve got containers and functions to really instances containers and functions are our main units of compute with a native elder scroll down. This is where it starts to get kind of interesting.

So let’s look at how you going to want. Why do these matter? Why are these different? Why would you want different levels of compute? Well, it turns out the goal of the cloud is really to do less to generate more value, right you want to do last work and I know I want to do less work cuz you know, that’s just what is about technology is supposed to really amplifier ability supposed to streamline things as opposed to make them simpler.

So with compute you need to keep that in mind you say. Okay. What what fits my needs how much work do I have to do to get how much value out of this and if we look at the start the to soar biggest heaviest loads are going to be eight of yours outposts and VMware Cloud on AWS.

Things you need to be aware of what you’re getting for what you’re spending. And spending an actual cash as well as an effort. So afraid of us Outpost if you have a Data Center and you want to start working in it if it was cloudy and avoid Outpost is fantastic because you can leverage that data center Space by putting racks of AWS equipment in essentially and leveraged at their same with VMware cloud in a TBS.

If you already have a huge VMware installation VMware cloud in a TBS helps you leverage the same set of Technologies in operational set up to move forward, but that’s a lot of heavy lifting is a lot of parts. You need to worry about here and with AWS outposts actually physical Hardware that you need to worry about.

So these are concerns right because you’re doing more work and you’re not getting necessarily more value compared to that that ratio right to the next kind of thing we move over to is he actually see to sew spitting up an instance and getting access to something that’s easy to know Matt is the bread and butter of most people’s are compute workloads on AWS and there’s nothing wrong with it.

And this is sort of the normal forklift method if you have existing stuff Over to ECF easy to because that just works right? If you’re running on Windows in your data center in another environment. You can run on Windows N Easy to have there’s a whole bunch of benefits to that but it’s still not like super cloudy, right? You start to get more value As you move over so something like AWS batch.

Now if I have a whole bunch of files that I need to convert from one format to another I can start to do that in a back to where it’s going to automate spitting up instances doing work and then spinning them back down and completing that work flow. So now I’m starting to leverage some of the power of the AWS cloud with this extras around ec2.

And the same thing applies when we look at ECS elastic Beanstalk and light sale so lightsail is I have a little website that I want to run that runs on WordPress. They put a whole bunch of rappers and smooth that out elastic Beanstalk is I have more of like a corporate application that I need running and then tcs’s I have containers that I need to run all of these things are based on ec2.

They live Play leverage ec2 and you pay easy to prices for a bunch of the stuff with the exception being light sale and that moves you forward with your computer. They put rappers around it to streamline that experience for you and that helps out a huge huge amount. But now we get into the really interesting things and we look at a fargate no fun games referred to as a number of things serverless containers which drives me insane as a as a reference point.

But think the concept is there is I’d like ECS where you’re running a bunch of servers instances to run your containers fight. You’re just running containers. So you can figure these containers they contain a lot more weight than a function but they are huge amount of value for very very little at effort on your part.

And then we add in the final one. We get to Landa and Landa is the least amount of effort on your part for a huge return. So you want to be more over at she want to try for landing want to try for fargate because you’re going to see the most amount of value that ratio works in your favor because of the little amount of effort that you have to put forward to take advantage of the services.

It’s the last thing and slides that I wanted to show you is really boils down to this and yes, there are a bunch of arrows already instances containers and functions or serverless Computing ec2 is where your bread-and-butter as with the instances is when people are most comfortable most familiar.

Caters mainly fargate but ECS plays there as well. You can see ecso kind of slid down from the instances because conceptually most people think of it as containers and then four functions at were serverless compute. You want Lambda, but again fargate kind of falls into the service piece because you don’t have to worry about the infrastructure that you’re running on it.

I got a little bit more all the others kind of fit into the instance level but really what it comes down to is. How do you pick? Bright, how do you choose which one you want? Well, that’s actually very very simple if you’re starting fresh assuming you’re starting fresh.

You don’t have anything in place right now Lambda you want build your applications in a serverless architecture pattern, which means Lambert is going to be your computer layer. It is the most effective it is by far the lowest cost in vast majority of cases because it is truly event-driven user makes a request something executes the background if a user doesn’t make a request nothing executes your cost a very very low your operational over head stays very very low your security concerns are very very minimal.

If you can’t make it work in a Lambda you want to go to a container and ideally that containers deployed by AWS fargate so you don’t have to worry about the infrastructure underneath. If you have more customers at the customizations required with your containers, or you’re deploying a group of containers to build one application.

That’s when you go to ECS and you’re probably going to end up with kubernetes cuz we can’t get through video with a Thank you for that. He’s a kubernetes in place to manage containers at scale kubernetes is only about managing containers and keeping track of them. So if you have a bunch of them, that’s when it’s useful if you only have a few of them don’t worry about.

You can use the native Tools in fargate to to pull that off to fall back TCS it again because you’re taking on more work. That’s why I say if you have to and then finally you get to the traditional designs are going to fit into our Amazon ec2 because that’s really where you know, most of those designs get forklift it over at because they can run the exact same kind of Hardware or paint kind of software configuration.

Sorry because they are literally sitting in in the same environment so very very simple, but that’s how you choose you start Lambda go to fargate ECS if you have to do for containers and then into ec2 because that’s where you want to be pushing with modernised applications. That’s the Real of the real benefit here is getting to that point where you can you can get the maximum amount of value out of your efforts.

I’m in building compute at any ATM u.s. Cloud. So what I’m going to do is I’m going to flip over and I’ll show you a couple of these Services because they let me just arrange some windows and let’s jump into the Management console. So I’m here with my Management console looks pretty solid.

I’m just trying to make sure that I can actually see the screen to make sure if there’s any issues that I can jump on it. We’ve got a right in the console. If you haven’t seen easy to let me walk you through making a virtual machine or an instance very very simple.

You can click the big blue launch instant buttons. This is going to take you to your first choice, which is what is the base image template or am I that you were looking to launch from you can see right off the bat. We got Amazon Linux 2 how we go to Amazon Linux one if we wanted to but if I scroll down you’re going to see all your normal sort of expected operating systems Red Hat Susie, you boot to Windows Server 2019 R2 some customized one.

So deep learning on a boat to deep learning on Amazon Linux. These are pre-configured with a bunch of extra software on top of the operating system that make life easier for you. So you can see for deep learning. We have a ton of things that you may not be familiar with if you’ve never played around with deep learning or AI research, but trust me the amount of configuration required to set these things up is ridiculous.

Having this bullet fully just like one click away makes life much much easier. But if we want to watch a Linux instance, we just simply select Amazon Linux 2 will keep it 64 bit x86 is standard arm is mobile chipset to the whole bunch of software compatibility challenges there but useful to know if you need it.

So we just click the blue select and now we get into our instant size. Each of these are going to be different choices different prices. I just saw a fantastic question from Ashley in the Stream about Kali Linux. So Kali Linux is a great distribution for security work and what you can do if you can find that either in the marketplace or the community am I section? So let me just go back one for a second.

So if I click on previous I can search for a search for Callie and you’ll see I’ve got one in the marketplace which can be paid for or free and 13 in the community. So if I click on the marketplace You’ll see Kali Linux is actually set up here free to of this is managed by Kali Linux themselves.

So these are normally the best ones and you’ll see it’s actually $0 per hour for software plus my normal ec2 instance fees. So this is a professionally-managed image is opposed to a community matters best app for 1. So if I want Kali Linux, I can actually just select Kali Linux and it’s going to tell me wait a minute.

There’s different configurations for this so I can just say yes. I want to continue with Kali Linux and it’s going to tell me the prices for ec2. So very very simple and we can do that by default same with any other customized distributions you’re looking for you can normally find them in the marketplace or Community again.

Look at the pricing in Marketplace. That is absolutely key before open source stuff like Callie. There’s normally 0 charges on top of the normal ec2 instances soap for people who sell software through the marketplace. You can charge something on top of the normal AWS bees. I’m so that’s what you need to be aware of community ones are always free Marketplace could be free double check the pricing there.

But yeah, really simple just fall off a search in the search box here and you’ll find a lot of really great customized a.m. Eyes. This will go back to the default Amazon Linux quick select and now we need to pick the size. So you see here. It’s in a really kind of Handy at able to tell you the general purpose the actual type.

Sorry about all the pop ups on the web. You lies crazy number CPUs number memory storage type Network performance ballpark whether or not you can get at EBS elastic Block store volumes in the back of it. So you can see basically just get bigger and bigger and bigger as you scroll down my favorite watch out for your pocket or the big one.

So 96 CPUs 384 gigs of RAM for 900 900 gig SSD write like the M5 dn-24 x-large. There’s monsters monsters compute images in here. You’re bigger by the minute for ec2. I’m in this is generally with a WIC want to make sure you understand what you’re built by for each of these at because you don’t want to spend more than you have to but you also don’t want to sacrifice performance.

So sometimes you get any scenarios where if you’re trying to cut corners and save on costs there. She going to cost yourself more money because your task is going to take longer. So if I say, well, you know what I can squeeze out in half a gig of RAM, but it’s going to take me 20 minutes to finish my job versus if I did it in a gig of RAM.

It’s going to take 5 minutes. It’s actually cheaper to go to a gig of RAM to go up a size to get that job done faster to reduce my overall cost. So once you figure out what you want, you simply select it and then go to the next which is configure the instance details a lot of this stuff won’t make sense for you right now.

Unless you’re I used to AWS and building on instances infant has need to go somewhere is why we said, you know, push into fargate push into Landa because you don’t don’t worry about where they go with instances. I need to send in a network somewhere. So all this screen is setting up.

You know, how many do you want to watch you can launch up a bunch of them at a time. You don’t have to have launched just one so you can launch 20 identical as is or how do I spot instances me making be terminated at any time but they cost much last.

So if you have a job that’s recover or failure tolerant that you can do this so in batch, it’s a really good idea because baffle automatically just been up a new one since you can save a ton of money, then this network subnet and auto assign public IP is for where it’s sitting in your vpcs have same with placement group IAM role as its permissions a so, you don’t have to give it at credentials.

I am rolls take care of the credentials and then some options around monitoring and tenancy and stuff like that. So just some basic stuff that you get more more familiar with it as you play around with easy to and as you get more familiar with it or else we’ll just click next to go to add storage.

You can customize how much you want. You can pick whether you want a slower or faster. You can give it more storage. You can give it guaranteed IHOP’s and then you can give it encryption. I’m So based on encryption keys in KMS really amazing to be able to set that up.

Now next if you go you got the tags tags are super important at is actually a whole white paper on tag specially if you have a lot of people use an account there just customized keys and values for you to set up like application. No team responsible Mark’s team right team responsible at operations, like something like that to keep track of what do the what the purpose of the stuff is who’s paying for it? Who is responsible for it tags are very very useful.

If you want to set those up we can so in this case what I could just say his name road to reinvent demo instance. All right, so I just gave it a name next is configured Security Group. You can create a new group this allows traffic in and out or by default traffic blocked.

So you need to explicitly add Are credentials in here? So if I add a demo My Demo Security Group only allows people to remotely access o s h is the way to Lenox to remotely access you couldn’t run a web like you can’t run or people can access it through normal default ports for web browsing you need to add that in your Security Group.

Security groups can be changed later on. So this isn’t the end of the world but you really should be launching a locked down so that when you fire pit and since it is minimally accessible just for security purposes, then you click review and launch and you’ll see there’s some mornings I can’t miss is not eligible for free tier.

That’s okay. And this one Security Group demo allows access from the outside world. So hey, that’s bad. You should fix that unless you know what you’re doing you get this summary and then you’re going to click launch on launch. It’s going to ask you one final question. And that is for Linux instances.

It says, you know, what T. Do you want to use to access that you create a private key in a public-key. You keep the private key interviewer says the public key if I have access to this file, then I can login. Your knowledge it and then I click launch and it’s going to go I’ll show you what actually happens there.

You’ll see it gives you a summary by click the blue view instances. You’re going to see I cuz I added a name tag for your scroll that out. There is my name road to reading that demo instance and it’s actually pending so it was a ton of decisions just to get one server up and running.

This is why I said you want to push it as far as you can over to deal with Lambda and fargate because as you’ve seen from our previous streams with lamb. You just need to literally give it the code and you’re Off to the Races. So if you see all that stuff’s in our instance is actually running so we can log-in if we wanted to have but we’re running tight on time here.

So what I want to show you what is the difference I all the way to the other side if I go to Lambda. When we create a new function for Lando I can offer from scratch or I can create a blueprint right? We’ve already covered this in-depth so not going to go all the way but if you simply let me actually even make this easier.

I’m going to show you the existing one we made last time for creating my Lambo. You just have to add a trigger if you want one and an output and then you add your code and you hit save that’s it. I’m so you just watched we went through five minutes of configuration on ec2 to get a server up and running Lambda.

It’s going to take about 15 seconds to get to the point where you can paste in your coat or you can start writing code that fundamentally is why I said that you should start let me just put back to my slides to make a point that’s fundamentally is why you should be doing this why you should be starting at Landa going to fargate for containers and then dc2 is your last resort.

Just amount of work simply put you know, the cloud is all about amplifying the cloud is all about getting you a head getting more value in stop building it4it sake or building all these it infrastructure layers to get to the point where you deliver value. So when you’re looking at servers or when you’re looking at computer, you have a ton of options, right? You want to start with Lambda though go to forget if you have to go to ECS if you have to been finally down to ec2 because when you look at this as a layout for computer options, there’s a lot of flexibility here, which is fantastic.

You can use any move into the end of this cloud is going to come with a bunch of benefits. The goal here is to maximize those benefits. So the further over to the right towards land and farm gate you can get the better off you’re going to be so that was a quick overview of intervals compute services at really appreciate you guys joining me this morning.

I know it’s hard when I’m not on regularly. Like I said last week I was kicking off that news. Thanks for trying. I was at the Fast Company Innovation Festival, which was very very cool. That was a place where I’m Kanye announces new weird algae foam made in the US sneakers.

So yeah, it was a great Festival is very different for me have not normally at non-technical festivals and let alone at non-security Pete left Festival. So it was interesting but I’ll be back on Wednesday at 18 days 18 days before we go to kicks off which is absolutely insane and I’m kind of starting to panic a couple more of these out before we get onto the ground.

If you’re a true event, please by all means. Hit me up. Let me know on Twitter at Mark NCAA here on LinkedIn MLB streaming live under the Twitter handle as well as my own from reinvented be super active on Twitter at during the week as well. What’s going on? I appreciate you taking the time today.

I thank you for the great comments keep them coming and I will see you on the next escrime. Thanks a lot daycare.