AWS re:Invent 2017 Recap: Kubernetes, Security, and Microservices

Last week marked another milestone for the public cloud. I had the opportunity to attend Amazon Web Services (AWS) re:Invent, along with more than 43,000 other attendees who descended on Las Vegas to hear how organizations are using the cloud, learn from more than 1,300 technical sessions, and catch a highly anticipated lineup of product announcements from AWS (an exhaustive list can be found here).

AWS re:Invent registration area AWS re:Invent registration area

AWS re:Invent record attendance AWS re:Invent record attendance

The AWS business is now on an $18 billion annual revenue run rate, growing at 42%, and its pace of innovation only continues to speed up. This year, AWS announced it will ship more than 1,300 (!) major features across more than 100 services. Amidst that incredible trajectory, a few themes stood out to me throughout the week.

The Great Cloud Migration Continues In typical fashion, at his Wednesday morning keynote, Andy Jassy, CEO of AWS, was joined onstage by a number of customers who spoke about how they are strategically moving to AWS. Expedia announced it was going “all in” and moving 80% of its mission-critical apps to AWS. The Walt Disney Company selected AWS as its preferred public cloud provider. The National Football League (NFL) said it chose AWS as its “official cloud and machine learning provider.” And Goldman Sachs shared how it trusts AWS to power critical infrastructure capabilities.

Expedia investment in AWS Expedia investment in AWS

Goldman Sachs using AWS Goldman Sachs using AWS

AWS features and capabilities AWS features and capabilities

The common theme among these customer stories was their ability to accelerate digital transformation, enabled by a cloud platform that continues to emphasize its breadth of services. Throughout that morning and the rest of the conference, from breakout sessions to hands-on Lego activities, the message was clear: developers are “builders” poised to take advantage of a vast and flexible toolkit of AWS services to create any application they can imagine. As these developers increasingly build on AWS, they are turning to containers as the atomic unit of modern software development.

Front and Center: Containers and Kubernetes AWS had a lot of exciting news when it came to containers. With more than 40 sessions focusing on containers throughout the week, it was clear that containers are playing an increasingly prominent role in the AWS ecosystem. AWS first took the opportunity to highlight a number of customers who are running containers using the Amazon Elastic Container Service (ECS) and its benefits, which include integrations throughout the entire AWS platform.

Customers running containers with ECS Customers running containers with ECS

Why customers love ECS Why customers love ECS

What came next was a highly anticipated announcement that AWS would be supporting Kubernetes through two new container services: Amazon Elastic Container Service for Kubernetes (EKS) and AWS Fargate. This announcement reflects Kubernetes’ increasing popularity among customers as their orchestration system of choice for cloud-native environments. AWS cited that 63 percent of Kubernetes workloads already run on AWS, a metric that was referenced later in the conference with the note that there are “more customers running Kubernetes on AWS than anywhere else.”

Amazon EKS Amazon EKS

AWS Fargate AWS Fargate

Since it was first introduced, one of the biggest challenges of running Kubernetes that customers have noted is its complexity. These new AWS services are designed to make it easier for enterprise customers to run Kubernetes in production, but take different approaches. EKS provides customers with a managed Kubernetes cluster (which still allows them to access worker nodes), while Fargate abstracts the cluster itself, meaning customers do not have to manage any node instances at all (and consequently do not have access to the workers themselves). AWS is aiming to make Kubernetes as simple as possible, and we look forward to working with our customers to further secure their container environments on AWS regardless of the Kubernetes service they choose to use.

Security: A Top Requirement and Priority At his Thursday morning keynote, AWS VP and CTO Werner Vogels, took the stage to talk about reimagining 21st century cloud architectures, a nod to his keynote at the first re:Invent five years ago. Among the tenets of these systems, security was called out as a top need, core to the business, and one that must be designed-in prior to any software development. He highlighted the concept that “security is everyone’s responsibility,” the role of automation in effective security, and a number of principles that underlie well-architected security.

Werner Vogels on well-architected security in the cloud Werner Vogels on well-architected security in the cloud

Werner Vogels on well-architected security best practices Werner Vogels on well-architected security best practices

Many of these principles are reflected in StackRox’s unique security architecture, providing further validation of our approach to building in and automating security throughout cloud-native environments.

The Rise of Microservices Finally, the spotlight was placed on the more recent trend towards microservices architectures. Microservices were emphasized as crucial to building systems that are more secure, more reliable, and more scalable. Some of the benefits AWS believes microservices architectures enable are:

  • Independent scaling
  • Independent deployments
  • Independent security and permissions
  • Improved fault isolation

Werner Vogels on the move to microservices architectures Werner Vogels on the move to microservices architectures

By decomposing services into smaller building blocks, AWS itself has been able to achieve better availability while retaining the flexibility to change individual components without altering the overall system itself. It’s hard to think of a better case study where the benefits of microservices can be observed at scale. StackRox has also seen these benefits firsthand, both with its platform, which runs as a set of security microservices, and customers, who are deploying microservices-based applications on AWS and other cloud environments. There was a myriad of other announcements throughout re:Invent that spanned everything from machine learning to serverless to IoT. The AWS platform continues to make significant strides in further building blocks for software innovation. Thanks to AWS for putting on a fantastic show. The expo, keynotes, and breakout sessions all reflect an incredible platform that is empowering a new generation of software builders.

AWS re:Invent expo show floor AWS re:Invent expo show floor

AWS on the expo show floor AWS on the expo show floor

We look forward to seeing you at AWS re:Invent in 2018!