How do I migrate my skills to the cloud?

via GIPHY


Hi, I’m currently an IT professional and I’m training for AWS Solutions Architect – Associate exam. My question is how to gain some valuable hands-on experience without quitting my well-paying consulting gig I currently have which is not cloud based. I was thinking, perhaps I could do some cloud work part time after I get certified.

Join 38,000 others and follow Sean Hull on twitter @hullsean.


I work in the public sector and the IT contract prohibits the agency from engaging any cloud solutions until the current contract expires in 2019. But I can’t just sit there without using these new skills – I’ll lose it. And if I jump ship I’ll loose $$$ because I don’t have the cloud experience.


Hi George,

Here’s what I’d suggest:

1. Setup your AWS account

A. open aws account, secure with 2FA & create IAM roles

First things first, if you don’t already have one, go signup. Takes 5 minutes & a credit card.

From there be sure to enable two factor authentication. Then stop using your root account! Create a new IAM user with permissions to command line & API. Then use that to authenticate. You’ll be using the awscli python package.

Also: Is Amazon too big to fail?

2. Automatic deployments

B. plugin a github project
C. setup CI & deployment
D. get comfy with Ansible

Got a pet project on github? If not it’s time to start one. ๐Ÿ™‚

You can also alternatively use Amazon’s own CodeCommit which is a drop-in replacement for github and works fine too. Get your code in there.

Next setup codedeploy so that you can deploy that application to your EC2 instance with one command.

But you’re not done yet. Now automate the spinup of the EC2 instance itself with Ansible. If you’re comfortable with shell scripts, or other operational tools, the learning curve should be pretty easy for you.

Read: Is AWS too complex for small dev teams? The growing demand for Cloud SRE

3. Clusters

E. play around with kubernetes or docker swarm

Both of these technologies allow you to spinup & control a fleet of containers that are running on a fixed set of EC2 instances. You may also use Amazon ECS which is a similar type of offering.

Related: How to deploy on EC2 with Vagrant

4. Version your infrastructure

F. use terraform or cloudformation to manage your aws objects
G. put your terraform code into version control
H. test rollback & roll foward infrastructure changes

Amazon provides CloudFormation as it’s foundational templating system. You can use JSON or YAML. Basically you can describe every object in your account, from IAM users, to VPCs, RDS instances to EC2, lambda code & on & on all inside of a template file written in JSON.

Terraform is a sort of cloud-agnostic version of the same thing. It’s also more feature rich & has got a huge following. All reasons to consider it.

Once you’ve got all your objects in templates, you can checkin these files into your git or CodeCommit repository. Then updating infrastructure is like updating any other pieces of code. Now you’re self-documenting, and you can roll-forward & backward if you make a mistake!

Related: How I use terraform & composer to automate wordpress on AWS

5. Learn serverless

I. get familiar with lambda & use serverless framework

Building applications & deploying only code is the newest paradigm shift happening in cloud computing. On Amazon you have Lambda, on Google you have Cloud Functions.

Related: 30 questions to ask a serverless fanboy

6. Bonus: database skills

J. Learn RDS – MySQL, Postgres, Aurora, Oracle, SQLServer etc

For a bonus page on your resume, dig into Amazon Relational Database Service or RDS. The platform supports various databases, so try out the ones you know already first. You’ll find that there are a few surprises. I wrote Is upgrading RDS like a sh*t storm that will not end?. That was after a very frustrating weekend upgrading a customers production RDS instance. ๐Ÿ™‚

Related: Is Amazon about to disrupt your data warehouse?

7. Bonus: Data warehousing

K. Redshift, Spectrum, Glue, Quicksight etc

If you’re interested in the data side of the house, there is a *LOT* happening at AWS. From their spectrum technology which allows you to keep most of your data in S3 and still query it, to Glue which provides an ETL as a service offering.

You can also use a world-class columnar storage database called Redshift. This is purpose built for reporting & batch jobs. It’s not going to meet your transactional web-backend needs, but it will bring up those Tableau reports blazingly fast!

Related: Is Amazon about to disrupt your data warehouse?

8. Now go find that cloud deployment job!


With the above under your belt there’s plenty of work for you. There is tons of demand right now for this stuff.

Did you do learn all that? You’ve now got very very in-demand skills. The recruiters will be chomping at the bit. Update those buzzwords (I mean keywords). This will help match you with folks looking for someone just like you!

Related: Why I don’t work with recruiters

Get more. Grab our exclusive monthly Scalable Startups. We share tips and special content. Our latest Why I don’t work with recruiters

What’s the *real* way to deploy on Google Cloud?

via GIPHY

I was talking to a customer recently and they asked about deployments. They wanted to do things the real way. Here’s a snippet…

Iโ€™m helping out a company called Blue Marble and they are getting ready to deploy a new POS system. The app has been built using a Node.js back-end and Google Cloud Datastore for storage. The current dev build is hosted on AWS and connects to Google for the data bits.

Join 38,000 others and follow Sean Hull on twitter @hullsean.


For prod launch, they are interested in migrating to the โ€œrealโ€ way of deployment on Google for everything.

They are pressed on time and looking for someone who can jump in quickly. Are you available? Do you have Google Cloud expertise?

Here’s what I said.

Cultural hurdles


Yep, I’ve have used Bigquery & GCE.

What are they looking for specifically? Full deployment automation? Multiple deploys per day?

I’ve found that sometimes the biggest hurdle to fully automated deploys can be cultural issues.

In other words yes you can automate your deployment so it is push button, get all the artifacts & moving parts automated. Then deploy without much intervention. But to go from that to the team having *faith* in the system, that is a challenge.

Also: Why would I help a customer that’s not paying?

Unit testing


Once the process has been streamlined, a lot often still needs to happen around unit & smoke tests.

If the team isn’t already in the habit of building tests for each bit of code, this may take some time. Also building tests can be an art in itself. What are the edge cases? What values are out of bounds?

Consider for example odd vulnerabilities that show up when hackers type SQL code into fields that devs were expecting. Sanity checking anyone?

Read: Is AWS too complex for small dev teams? The growing demand for Cloud SRE

Integraton testing

What makes this all even more complicated is integration testing. Today many application use various third party APIs, service-based authentication, and even web-based databases like Firebase. So these things can complicate testing.

Related: How to build an operational datastore on Amazon Redshift with S3

Getting there

Although your project, startup or business may be pressed for time, that may not change the realities of development. Your team has to become culturally ready to be completely agile. Many teams choose a middle ground of automating much of the deployment process, but still having a person in the loop just in case.

Same with testing. Sure automating can make you more agile & more efficient. But you’ll never automate out creative thinking, problem solving & ownership of the product.

Related: Why did Flatiron School fail?

Get more. Grab our exclusive monthly Scalable Startups. We share tips and special content. Our latest Why I don’t work with recruiters

What does the failure of Flatiron School mean for coding bootcamps?

via GIPHY

If you missed the news, New York’s AG announced a settlement with Flatiron School over operating without a license and false advertising.

The news of the coding bootcamp failure splashed all over hacker news a couple of days ago.

Join 37,000 others and follow Sean Hull on twitter @hullsean.

With the explosion of coding bootcamps in recent years, it speaks volumes, as demand for coding & software skills continues to outpace supply. What’s more the starting salaries aren’t bad either.

But how will this affect coding bootcamps going forward?

Would you like a helping of beaurocracy?

Part of the ruling was regarding licensed teachers…

“In order to obtain a SED license, a non-degree granting career school must meet a number of criteria, including using an approved curriculum and employing a licensed director and teachers.”

One thing that sets coding bootcamps apart is that they train their own teachers. And they also use their own curricula. And while protecting consumers is certainly a worthwhile goal, the ruling means bootcamps will have to navigate government bureaucracy for approval. Some have pointed out that the process can be slow & full of red tape. Which is sort of counter to the whole agile startup private industry philosophy. We’ll see!

Also: Is Amazon too big to fail?

$75k after 3 months?

One of the claims their marketing made was that many students were making $75k after a few months of study. The ruling underscored this as particularly misleading. more here

As anyone who has studied computer science knows, there’s a lot of foundational concepts in logic, mathematics & problem solving, which you don’t develop overnight. Hopefully this ruling with hammer home the idea, that it takes a little bit more time folks!

Read: Is AWS too complex for small dev teams? The growing demand for Cloud SRE

Does it please the crown?

One of the comments on hacker news asks “Does it please the crown?”. By slapping these guys on the wrist, the barrier to entry will be higher. Going forward, they will have to pass more hurdles & government beaurocracy.

One of the things that sets coding schools apart is that they can train their own teachers & build their own syllabus. We’ll see if these new hurdles slow things down or not.

Related: How to build an operational datastore on Amazon Redshift with S3

Billion dollar Google bet

Almost as if to provide a counterpoint, timely knews comes out of the google camp. They have commited to $1 billion in grants to train workers.

It seems demand for coding skills will be strong for the foreseeable future.

Related: How to build an operational datastore on Amazon Redshift with S3

Get more. Grab our exclusive monthly Scalable Startups. We share tips and special content. Our latest Why I don’t work with recruiters

Why would I help a customer that’s not paying? The reason might surprise you

via GIPHY

I just received an email. It was from a woman building a website, and wanted help with AWS. She wondered if I might be able to provide any assistance.

Join 37,000 others and follow Sean Hull on twitter @hullsean.

Having a popular publicly facing blog, I get a lot of leads that seem to come out of thin air. This is the good problem of publicity. ๐Ÿ™‚

I followed up with her and asked what she was building. “Nothing” she explained, I just want to learn about AWS. I was a little confused at first, but as we talked further, it seemed she was just beginning to branch out onto the wild world of the internet, and didn’t know where to start.

I explained that to build an e-commerce site, she could use a service like Shopify, and would likely not need to use AWS directly, and certainly wouldn’t have to learn it. That might take five to ten years learning computing first!

I realized I was telling her she didn’t need the services of someone like me, and further giving her half of a solution. Though I couldn’t help her build a product, the information could surely help her sell it.

Then I thought to myself, why would I do that? Why give away your time & advice for free?

1. Find time to followup

LESSON: a quick call is always worthwhile networking

Yep it’s true, I’ve learned over the years it’s always worth your time for a quick call. I even talk to recruiters on occasion though I don’t work with them.

You’d be surprised how often you learn from someone, especially when they don’t work in your domain. You learn from the way they frame questions, how others might view or search for you. You learn how better to explain & sell your services to future customers too.

Also: When clients don’t pay

2. Be helpful

LESSON: Provide some real help or value

In a call like this one, it costs me very little to “drop some knowledge” as the cool kids like to say. ๐Ÿ™‚ Sure my time is worth something, and yes I’m giving something away for free. But in this case it was someone who currently doesn’t have the budget for my services so isn’t my target audience anyway.

Read: When you have to take the fall

3. Pay forward

LESSON: Always be networking

Be patient. As Keith Ferrazzi likes to say “Never Eat Alone”! I’ve taken hundreds of calls like this one over the years, and some later get funded & call me back. They’re eager to put me to work, already sold on my integrity & personality.

What’s more she may run in different circles than I do, bump into a colleague or recommend me at some point. If your openness really stands out, it’ll leave a memorable impression long into the future.

In a place like New York where we’re often singularly focused on profit & personal gain, it’s easy to stand out by a small act of kindness.

Related: A look at the serverless hype cycle

Get more. Grab our exclusive monthly Scalable Startups. We share tips and special content. Our latest Why I don’t work with recruiters

10 things you definitely didn’t know about bitcoin

via GIPHY

The news is ablaze with stories of bitcoin. Everyday I see something new, whether it’s wild volatility, to some fraudulent transaction or other.

Join 35,000 others and follow Sean Hull on twitter @hullsean.

I’ve been digging into them myself of late, and learned a few surprising facts about them. Read on!

1. It’s disrupting banking itself

That’s right, it’s bitcoin is not just an experiment anymore. Cyptocurrencies (of which Bitcoin is just one example), are ruffling the feathers of the IMF. Managing Director Christine Lagarde predicts the end of banking. Now that’s pretty big.

Meanwhile Chris Skinner outlines the major use cases for blockchains. These are the scaffolding of digital currencies, the financial plumbing if you will. Among those uses include smart contracts & assets, digital identity, clearing & settlement & of course payments.

Also: Is Amazon too big to fail?

2. There are many digital currencies

Although Bitcoin was the first, and the one you hear about in the news a lot, there are many more. Etherium is one. Take a look at this colorful map of all the current cryptocurrencies out there. There are hundreds!

Related: Was Fred Wilson wrong about Apple?

3. Banks are already using it

UBS-led 6 bank clearing house initiative
http://fortune.com/2017/08/31/banks-ubs-blockchain-settlements/

Read: Why the android ecosystem is broken

4. You can mine them & spend them

Coins can be mined like gold in the real world, and of course spent using a digital wallet.

A. Mining: This requires either a physical device or a contract with a provider such as Genesis Mining. The more coins in the world that are mined, the harder it becomes to discover more. My early results show that, if the price remains stable, my contract will become profitable in about 18 months. In other words, I will have ‘made my money’ back on the original upfront price to get started. From then on it’s profit, but not stellar… about 20% per year. If the value of the coin itself goes up, it becomes more profitable, if the value of coin goes down, well then mining pauses, or ceases entirely.

B. Wallets: You get a website and a phone app, that allows you to pay/receive person-to-person. One thing I noticed is that there is a LOT of security, because they must be a target of a lot of hacking. My online bitcoin wallet, CoinBase provides not only 2-factor authentication (text to phone) but after your account reaches $1000 USD value you unlock a ‘vault’ in which you can store coins. You don’t earn any interest, instead you get extra security: you must verify your withdrawl/transfer request from TWO different email addresses.

Read: 30 questions to ask a serverless fanboy

5. You can build your own

With Build a Coin project you can build your own currency. This isn’t building an app for Etherium or an API to some existing currency. This project helps you build the code to support your own virtual digital fiat currency!

Read: Professional services and the art of resistance

We’ll be back soon with 5 more. Don’t worry!

Get more. Grab our exclusive monthly Scalable Startups. We share tips and special content. Our latest Why I don’t work with recruiters

Is maintenance as sexy as innovation?

via GIPHY

A recent NYT piece on our aging american infrastructure got me thinking. It seems that roads, bridges, airports & city sewer systems are all in need of repair. Sadly as budgets to maintain these systems in good repair are often short, they become larger problems to fix as their status becomes critical.

Join 37,000 others and follow Sean Hull on twitter @hullsean.

“Americans have an impoverished and immature conception of technology, one that fetishizes innovation as a kind of art and demeans upkeep as a mere drudgery.”

I’m not sure this is an American-only phenomenon. However I do see it a lot with technology companies & startups.

1. Do we have to manage ops in the cloud?

The cloud has enabled infrastructure automation in some pretty phenomenal ways. Code pipelines can deliver changes to a repo, through automated unit testing, and out to customers all without human intervention. This makes teams more agile, and ultimately businesses faster & more profitable.

We might be distracted enough to stop worrying about operations altogether. After all Amazon knows how to manage broken servers & alert us right? I write do we have to manage operations in the cloud previously, as this sentiment seems to be growing.

Modern applications have a ton of interdependencies. Even with decent integration testing, the full stack is complex, and requires monitoring. Co-tenancy can complicate your performance tuning efforts as neighboring customers may directly affect your application. Third party services may be delivered from smaller or less experienced companies, whose SLA may be limiting besides. And hey if Amazon goes down, I can just tell my customers it was their fault, right?

Also: Is Amazon too big to fail?

2. Do you know Dustin Moskovitz?

Chances are I’m guessing you’ll say no. He was part of the original Facebook team alongside Zuckerberg. You don’t know his name? He had the sexy job of, you guessed it maintenance! He was the operations guy. Did he write the application code? More than likely he knew that code very well as he had to fix & maintain it. Along with the infrastructure to scale & support Facebook’s massive growth.

Read: Is AWS too complex for small dev teams? The growing demand for Cloud SRE

3. Is a little technical debt ok?

Ward Cunningham has an excellent interview about technical debt. Is a little bit ok? Maybe. But each amount is kicking the can down the road. As the NYT article on maintenance makes clear, you can move the responsibility on to the next administration, the next term, or someone else, but eventually you’ll have a critical problem on your hands, which will be much more expensive to fix.

Related: How to build an operational datastore on Amazon Redshift with S3

Get more. Grab our exclusive monthly Scalable Startups. We share tips and special content. Our latest Why I don’t work with recruiters

Do I need a broker to buy real estate in Brooklyn?

via GIPHY

I’ve been toying with the idea of writing about Brooklyn real estate for a while. This week I decided to give it a whirl.

Join 35,000 others and follow Sean Hull on twitter @hullsean.

Back in 2011 I had a crazy idea. I wondered if it was possible to sell the loft I owned in Manhattan, and trade up that equity for a townhouse in Brooklyn?

As it turns out selling the coop ended up being its own complicated ordeal. Think of it more like getting a divorce, with all the attendant challenges of ending a long love affair! I may write a longer post about that soon enough, but for today let’s talk about the buying part.

Also: Why airbnb didn’t have to fail

Do I need a buyer’s broker?

In NYC it seems every real estate transaction is still encumbered by brokers at either end. One for the buyer & one for the seller. The seller will pay a 6% transaction fee & that’ll be divided 3% for each of the teams. But that 3% is further divided, 1.5% to the broker themself, and 1.5% to their firm.

Also: Why I use airbnb chat even when texting is easier

It’s important to understand who is incentivized & by what. This helps you see motivations, and better discern the “truth” when you’re looking for an answer. Back to the question, do you need one? On the sell side I would say more than likely yes. Unless you are a master seller & even then it’s hard to get by without one. I tried it using RealDirect.com. Although this put my listing in all the right places (NYT & streeteasy) which brought me plenty of traffic, I still didn’t get many strong offers. Most buyers come with a broker, and they’re likely to steer away from you for fear they won’t get their fee. After all, you’re trying to play outside the system to begin with. Contract or not, it’s very tough. So on sell side I would say yes you’ll need a broker.

Also: My DISQUS hack for blog discovery

On buy side its different. If you don’t bring a broker, the seller will pay 5% to the single selling broker, so this is great for them. But what about for you? Again understanding incentives really helps. For me this made the time spent using Real Direct a learning experience. I saw the ins & outs of real estate.

Also: Is Amazon too big to fail?

I’m going to call it quits for today. But I have a lot more to write about. Future pieces will include working with NYC agencies, like HPD & DOB, avoiding violations, understanding all the players in a large transaction, from underwriters, bank lawyer, seller & buyer lawyer, mortgage agent, title company & insurance agent.

Also: Is AWS too complex for small startups?

I’ll also try to share what I’ve learned about the physical moving parts. The engineering… gas vs oil boilers, roofs, brick vs wood frame structures, cosmetic vs structural renovations, appliances, faucets, fixtures & cabinets, bath & kitchen tiling, decks & outdoor structures, backyards, plants & vegetation, pests & animals.

Until next time!

Get more. Grab our exclusive monthly Scalable Startups. We share tips and special content. Our latest Why I don’t work with recruiters

How to interview an amazon database expert

via GIPHY

Amazon releases a new database offering every other day. It sure isn’t easy to keep up.

Join 35,000 others and follow Sean Hull on twitter @hullsean.

Let’s say you’re hiring a devops & you want to suss out their database knowledge? Or you’re hiring a professional services firm or freelance consultant. Whatever the case you’ll need to sift through for the best people. Here’s how.

Also: How to interview an AWS expert

What database does Amazon support for caching?

Caching is a popular way to speed up access to your backend database. Put Amazon’s elasticache behind your webserver, and you can reduce load on your database by 90%. Nice!

The two types that amazon supports are Memcache & Redis. Memcache is historically more popular. These days Redis seems a clear winner. It’s faster, and can maintain your cached data between restarts. That will save you I promise!

Also: Is AWS too complex for small dev teams?

How can I store big data in AWS?

Amazon’s data warehouse offering is called Redshift. I wrote Why is everyone suddenly talking about Redshift?. Why indeed!

When you’re doing large reports for your business intelligence team, you don’t want to bog down your backend relational database. Redshift is purpose built for this use case.

I’ve see a report that took over 8 hours in MySQL return in under 60 seconds in Redshift!

A new offering is Amazon Spectrum. This tech is super cool. Load up all your data into S3, in standard CSV format. Then without even loading it into Redshift, you can query the S3 data directly. This is super useful. Firstly because S3 is 1/10th the price. But also because it allows you to stage your data before loading into Redshift itself. Goodbye Google Big Query! I talked about spectrum here.

Related: Which engineering roles are in greatest demand?

What relational database options are there on Amazon?

Amazon supports a number of options through it’s Relational Database Service or RDS. This is managed databases, which means less work on your DBAs shoulders. It also may make upgrades slower and harder with more downtime, but you get what you pay for.

There are a lot of platforms available. As you might guess MySQL & Postgres are there. Great! Even better you can use MariaDB if that’s your favorite. You can also go with Aurora which is Amazon’s own home-brew drop in replacement for MySQL that promises greater durability and some speedups.

If you’re a glutton for punishment, you can even get Oracle & SQL Server working on RDS. Very nice!

Read: Can on-demand consulting save startups time & money?

Does AWS have a NoSQL database solution?

If NoSQL is to your taste, Amazon has DynamoDB. According to . I haven’t seen a lot of large production applications using it, but what he describes makes a lot of sense. The way Amazon scales nodes & data I/O is bound to run into real performance problems.

That said it can be a great way to get you up and running quickly.

Read: Can on-demand consulting save startups time & money?

How do I do ETL & migrate data to AWS?

Let’s be honest, Amazon wants to make this really easy. The quicker & simpler it is to get your data there, that more you’ll buy!

Amazon’s Database Migration Service or DMS allows you to configure your old database as a data source, then choose a Amazon db solution as destination, then just turn on the spigot and pump your data in!

ETL is extract transform and load, data warehouse terminology for slicing and dicing data before you load it into your warehouse. Many of todays warehouses are being built with the data lake model, because databases like Redshift have gotten so damn fast. That model means you stage all your source data as-is in your warehouse, then build views & summary tables as needed to speed up queries & reports. Even better you might look a tool like xplenty.

Amazon’s new offering is called Glue. Five ways to get data into Amazon Redshift. This solution is purpose build for creating a powerful data pipeline, complete with python code to do transformations.

Read: Is data your dirty little secret?

Get more. Grab our exclusive monthly Scalable Startups. We share tips and special content. Our latest Why I don’t work with recruiters

What does the fight between palantir & nypd mean for your data?

via GIPHY

In a recent buzzfeed piece, NYPD goes to the mat with Palantir over their data. It seems the NYPD has recently gotten cold feet.

Join 35,000 others and follow Sean Hull on twitter @hullsean.

As they explored options, they found an alternative that might save them a boatload of money. They considered switching to an IBM alternative called Cobalt.

And I mean this is Silicon Valley, what could go wrong?

Related: Will SQL just die already?

Who owns your data?

In the case of Palantir, they claim to be an open system. And of course this is good marketing. Essential in fact to get the contract. Promise that it’s easy to switch. Don’t dig too deep into the technical details there. According to the article, Palantir spokeperson claims:

“Palantir is an open platform. As with all our customers, their data & analysis are available to them at all times in an open & nonproprietary format.”

And that does appear to be true. What appears to be troubling NYPD isn’t that they can’t get the analysis, for that’s available to them in perpetuity. Within the Palantir system. But getting access to how the analysis is done, well now that’s the secret sauce. Palantir of course is not going to let go of that.

And that’s the devil in the details when you want to switch to a competing service.

Also: Top serverless interview questions for hiring aws lambda experts

Who owns the algorithms?

Although the NYPD can get their data into & out of the Palantir system easily, that’s just referring to the raw data. That’s the data they ingested in the first place, arrest records, license plate reads, parking tickets, stuff like that.

“This notion of how portable your data is when you engage in a contract with a platform is really, really complex, and hasnโ€™t really been tested” – Tal Klein

Palantir’s secret sauce, their intellectual property, is finding the needle in the haystack. What pieces of data are relevant & how can I present the detectives the right information at the right time.

Analysis *is* the algorithms. It’s the big data 64 million dollar question. Or in this case $3.5 million per year, as the contract is reported to be worth!

Related: Which engineering roles are in greatest demand?

The nature of software as a service

The web is bringing us great platforms, like google & amazon cloud. It’s bringing a myriad of AI solutions to our fingertips. Palantir is providing a push button solution to those in need of insights like the NYPD.

The Cobalt solution that IBM is offering goes the other way. Build it yourself, manage it, and crucially control it. And that’s the difference.

It remains to be seen how the rush to migrate the universe of computing to Amazon’s own cloud will settle out. Right now their in a growth phase, so it’s all about lowering prices. But at some point their market muscle will mean they can go the Oracle route a la Larry Ellison. That’s why customers start feeling the squeeze.

If the NYPD example is any indication, it could get ugly!

Read: Can on-demand consulting save startups time & money?

Get more. Grab our exclusive monthly Scalable Startups. We share tips and special content. Our latest Why I don’t work with recruiters

Do we have to manage ops in the cloud?

via GIPHY

One of the things that is exciting about the cloud is the reduced need for operations staff. There seem to be two drivers of this trend. One is devops, and all the automation that comes with it. As we formalize configurations, things become repeatable, and fewer people can manage greater armies of servers.

The second is by moving to a cloud hosting provider, we essentially outsource the operations to their team.

1. Pretty abstractions? still hardware buried somewhere

That’s right, beneath all the virtual EC2 instances & VPCs there is physical hardware. Huge datacenters sit in North Virginia, Oregon, Ireland, London and many other cities. Within them there are racks upon racks of servers. The hypervisor layer, the abstraction built on top of that, orchestrates everything.

Although we outsource the management of those datacenters to Amazon, there are still responsibilities we carry. Let’s dig into those more.

Also: Top serverless interview questions to ask an expert

2. Full-stack dev – demand for generalists?

These days we see the demand for a full stack developer. That is someone who does not only front end dev, but also backend. In turn, they are often asked to wear the had of ops. Spinup EC2 instance, decide on the capacity & size, choose proper disk I/O, place it within the right subnet & vpc & then configure the security groups properly.

All of these tasks would previously been managed by a dedicated ops team, but now those responsibilities are being put on developers shoulders. In some cases, such as with microservices, devs also carry the on-call duties of their applications.

Lastly there is likely ops to handle automation. Devops will formalize configurations, into ansible playbooks or chef recipes, so they can be checked into version control. At this point infrastructure can even be unit tested.

Read: Build an operational datastore on aws S3 with Spectrum

3. Design, resiliency, instrumentation, debugging

In previous eras, ops teams would be heavily involved with design of applications & architecture to support that. Now that may be handed to devs, but it still needs to happen.

Furthermore resiliency is said to be the customers responsibility. In the pre-cloud days, hardware was more reliable. It had a slower failure rate. With virtual machines, they’re expected to fail, and all the components to make your applications resilient are given to you. But it’s your job to architect them together.

That means your applications need to be self-healing. Failures need to be detected, taken out of autoscaling groups, and replaced. All automatically. Code or not, that is certainly operations.

Check this: Which engineering roles are in top demand?

4. It’s amazon’s fault we’re down!

I’ve seen quite a few outages in the past year, from Dropbox to Airbnb, and DYN themselves. Ultimately these outages could be tied back to a failure with Amazon. But when your business customers are relying on your service, it is *YOUR* business that answers to it’s own SLA.

In the news we see many of these firms pointing the finger at Amazon, “hey it’s not our fault, our cloud provider went down!”. Ultimately your customers don’t care. They don’t want excuses. If using multiple regions in AWS is not sufficient, you’ll need to build your application to be multi-cloud.

Also: 30 questions to ask a serverless fanboy

5. It’s hard to outsource your expertise

Remember, while you outsource your operations to Amazon, you’re getting very professional management of those systems. However they will optimize for their many customers. Your particular problems are less of a concern.

Read this: What can startups learn from the DYN DNS outage?

6. Only you can thinking holistically about interdependancies

Your application more than likely uses a number of APIs to capture data, perhaps do single sign on or even a third party database like Firebase. It’s your responsibility to do integration testing. All that becomes more complex in the cloud.

Also: How to lock down systems from outgoing employees

7. How do services complicate things?

SaaS solutions are everywhere now. auth0, firebase and an infinite variety of third party apis complicate reliability, security, storage, performance, integration testing & debugging?

Security is a traditional responsibility held by the operations hat. Much of that becomes more complex in the cloud. With serverless applications for example you may use a few APIs, plus an authentication broker, and a backend database. As this list of services grows, the code you write may decrease. But testing & securing it all becomes much more complex.

With more services like this, the attack vector or surface area becomes greater. Each of those services, can and will have bugs. What if a zero day is found in the authentication broker, allowing a hacker to break into a broad cross section of applications across the internet? How do you discover this? What if your vendor hasn’t found out yet?

Read: Is Amazon cloud too complex for small dev teams?

8. How does co-tenancy impact performance tuning?

Back to point #1 above, all these virtual servers sit on real physical servers. That affects customers in two ways. One you may be sharing the same host. That is if you use a very small vm, it may sit along side another customer with a small vm. If those eat up CPU cycles or network on that box, neighbors or co-tenants will suffer.

There are many other instance types where you get your own dedicated hardware. With those you have your own nic as well, so no competition. Except wait there’s network storage! That’s right all the machines in the AWS environment use EBS now, which is all co-tenant. So your data is sitting alongside other customers, and you are all fighting for usage of the same disk read heads.

One way to mitigate this is to configure specific provisioned IOPS for your servers. But that costs more. It’s normally reserved for database instances where disk I/O is really crucial.

Granted the NewRelics of the world will certainly help us with this process. But they’re not giving us a hypervisor or global view of those servers, network or storage. So we can’t see how the overall systems performance may be impacted.

Related: Is AWS a patient that needs constant medication?

9. Operations can be invisible

When security is done well, you don’t have breakins, you don’t have data stolen, everything just runs smoothly. Operations is like that too. When it is done well it can be invisible.

It can also be invisible in a different way. When you deploy your application on serverless, all the servers & autoscaling is completely abstracted away. So when you get some weird outage because the farm of servers is offline, or because you hit some account limit in the number of functions you can run at once, then it quickly comes into focus.

Beware of invisible operations, because it’s harder to see what to monitor, and know how to stay ahead of outages.

Read: Is amazon too big to fail?

10. We can’t oursource true ownership

At the end of the day you can’t outsource ownership of your application or your business. The holistic view of your application in totality can only be understood by your engineers.

And that in the end is what operations is all about, no matter who’s wearing the hat!

Also: 5 reasons to move data to amazon redshift

Get my monthly newsletter for more thoughts on data, startups & innovation. Scalability. Automation. Amazon cloud.