AWS

Migrating to AWS isn’t a ‘set and forget’ affair.

It’s a journey with many different stages!

Organizations typically begin with using EC2 instances, then evolve their practices from there to leverage more and more of what AWS has to offer.

If you’re building a new application from scratch, building it as a cloud-native application that’s fully reliant on AWS is easy. However, for legacy enterprise apps, migrating them is a long, tedious process, with many stages. You’d likely decompose the application into a collection of microservices, and migrate each to AWS gradually.

Either way (whether you’re working with legacy or cloud-native apps), AWS has a learning curve. Once you’re done with your initial setup in AWS, what more can you do? Let’s take a look.

Auto-scaling and Direct Connect

It’s likely that your journey with AWS begins with EC2 instances. You may replace some of your servers or VMs in your data center with EC2 instances. At the infrastructure level, if most of your computing happens on-premises, there’s a lot to gain by moving to the AWS cloud. The cloud is more cost-effective and, as we’ll see in this post, delivers a lot of powerful features that make it superior to a traditional data center. Ideally, you need to get to the point where all your computing happens primarily in the cloud, and only if absolutely necessary, in your data center.

As you start, one feature you can leverage easily is Autoscaling. It provisions EC2 instances automatically as your traffic spikes, and if you have too many EC2 instances, it automatically scales back down to avoid waste.

If you’re a large enterprise, especially in niche sectors like financial trading, you are probably heavily reliant on a physical data center, and have major concerns about the cloud—in which case, you can consider AWS Direct Connect which essentially makes AWS behave like your own data center. You get the best of both worlds—the ease and cost-efficiency of the cloud, and the low latency of a local network.

Adopt a New Approach to Computing: Containers and Serverless

Computing has changed drastically in the past three years. In 2014, two major movements began—Docker and AWS Lambda. They both ushered in a new paradigm in computing. Though there’s comfort in using VMs to run applications, there is much to gain by replacing VMs with containers. ECS is AWS’s Containers-as-a-Service platform that handles all the nitty-gritty details of containers, and lets you easily migrate workloads from EC2. Granted, ECS is not a purebred container experience as it runs containers within EC2, which tends to defeat the purpose of containers—but at last year’s re:Invent, AWS announced the Elastic Container Service for Kubernetes (EKS) for those that want a managed service that greatly simplifies the process of creating and using Kubernetes clusters in AWS.

For an even higher level of abstraction, you could try AWS Lambda. Lambda is AWS’s solution for serverless computing. It lets you run your code as functions without having to worry about the underlying infrastructure. No VMs, no containers—just your code on AWS’ managed infrastructure. Organisations like Netflix and Localytics rely on Lambda for many of their critical applications.

AWS Fargate, also announced at re:Invent removes the infrastructure management required to run ECS/EKS clusters, allowing you to run containers without having to manage servers. Serverless containers, essentially.

Read more about the potential of EKS and Fargate here: What Do Amazon ECS Kubernetes Services and Fargate Mean for You?

Stay Secure in the Cloud

AWS Identity and Access Management (IAM) is the service used to control access and permission for your AWS applications and AWS services. At a basic level, you can control access to individual users and teams within your organization. But as you go further, you could graduate to using the ‘Organizations’ feature that lets you manage multiple AWS accounts from a single IAM control panel. You could have individual AWS accounts for applications, teams, or geolocations. This way you can better isolate teams and services from each other, and more easily manage org-wide security and access policies.

Data security is different in the cloud, and with AWS, you need to secure your data with key-based encryption using AWS KMS. This service lets you secure data at any level— databases, tables, rows, or even individual objects. Only users who possess the key can access the data it encrypts. Along with IAM, KMS is great for enforcing additional layers of security so you can share data at multiple levels with complete control.

Take your DevOps into High Gear

Automation is central to the DevOps methodology. AWS provides many tools to automate the entire software delivery cycle. Here are a few of them:

  • CloudFormation: This service lets you create templates for resource creation. It also allows you to make changes to infrastructure using templates, and thus lets you treat infrastructure like software.

  • CodeDeploy: As you start out, all your deployments to EC2 are managed the traditional, manual way, but AWS CodeDeploy lets you automate releases. It can integrate with S3, GitHub, or Bitbucket and deploy any code, files, or packages to EC2 instances.

  • CodePipeline: Implementing checks and balances along each step of the software delivery pipeline can greatly improve the quality and speed of your releases. That’s what CodePipeline does. It adds approvals at each step, and once all approvals are passed, it automatically releases the code to the instances you specify. It’s a nifty shortcut to continuous delivery.

  • OpsWorks: If you’re familiar with using Chef to automate infrastructure in your datacentre, OpsWorks is a service that works with Chef and lets you automate EC2 instance creation using Chef.

While these options are great to start automation, you can really kick it up a notch when you leverage automation across multiple AWS services. For example, Lambda and AWS API Gateway can be used together to integrate legacy apps with apps in AWS. This can breathe new life into aging enterprise applications. Similarly, Lambda and CloudTrail can be integrated to automatically execute changes based on events that occur at the API level. The possibilities are endless when you approach automation with Lambda functions.

Make Artificial Intelligence a Reality Today

Artificial intelligence (AI) is making its way into every type of application. From smarter ecommerce search to contextual music and movie recommendations, they’re all powered by AI. AWS has a range of services that let you plug AI into your apps without needing to hire a data science team in-house. Here are a few examples of these services:

  • Lex: A deep learning tool that lets you add voice interactivity to your apps. Think Amazon Alexa for the masses.

  • Polly: A text-to-speech engine

  • Rekognition: An image recognition engine for automatic tagging of images at scale

With AWS making these services so accessible, AI is no longer a thing of the future, but is a reality for today’s applications.

In conclusion, setting up a few EC2 instances doesn’t mean your migration to AWS is complete. In fact, it’s just the beginning. AWS is a universe in itself. Exploring all it has to offer is worth the effort. Whether it’s new approaches to computing, or improved security, automation across the development pipeline, or complex AI services—AWS has it all.

  • Benjamin Wootton

    Co-Founder and CTO

    Benjamin Wootton is the Co-Founder and CTO, EMEA of Contino. He has worked with tens of enterprise organisations on DevOps transformation and is a hands-on DevOps engineer with expertise in cloud and containers.

    More Articles by Benjamin