well-architected reviews€“-well-architected... · what? why? how? 2. are you well-architected?...
TRANSCRIPT
Well-Architected ReviewsCloud Pathways - November 2019
Aled Sage
When you look at the system your team is building, can you answer:
“Are you Well-Architected?”
Agenda
What?
Why?
How?2
Are you Well-Architected?
Operational Excellence Security Reliability Performance
EfficiencyCost
Optimization
3
Lower or mitigate risk
Make informed decisions
Learn AWS best practices
Build and deploy faster
Why AWS Well-Architected?
4
Cloudsoft is an AWS advanced consulting partner, with Well-Architected speciality
Conversation, rather than audit
~4 hours with two Solution Architects
● Experts in cloud, automation and applications
Pragmatic advice and recommendations
Present back finding
Help with remediation
Well-Architected Reviews
CloudApps
Automation
5
• Working together to improve
• Involve all key stakeholders
• Business owner’s priorities and trade-offs
• Operations
• Developers
• Security
• Repeat throughout workload’s lifecycle
Conversation, rather than Audit
6
Operational Excellencerun and monitor systems to deliver business value; measure achievement of desired business outcomes; continually improve supporting processes
Securityprotect information, systems, and assets while delivering business value through risk assessments and mitigation strategies
Reliabilityrecover from infrastructure or service disruptions; dynamically acquire computing resources to meet demand; mitigate disruptions such as misconfigurations or transient network issues
Performance Efficiencyuse computing resources efficiently to meet system requirements; maintain that efficiency as demand changes and technologies evolve
Cost Optimisationunderstand expenditure; avoid or eliminate unneeded cost; tune service configurations (instance types, RIs); evolve architecture (scaling, new services)
Well-Architected Five Pillars
AWSWell-Architected
Framework
• Great whitepapers available
• Whitepaper per pillar
• “Lenses” for specific kinds of workload
• Well-architected tool for self-service questions
• Fantastic ways to learn
• But recommend conversation and tailored advice
Well-Architected Framework Resources
8
Gap between “it runs” and “production-ready”
9
https://docs.aws.amazon.com/whitepapers/latest/aws-overview/six-advantages-of-cloud-computing.html
• Tailored to your priorities, application and level of expertise
• Discuss design principles and best practices
• Across each of the five pillars
• Concrete advice for AWS
• Inspect your account (if you agree to read-only access!)
• Help to fix it
Advice and Recommendations
10
“Don’t worry - we won’t forget that you are back there, just don’t create too much drag and slow us down!”
Security Example
11
Security Example
12
Great advice, but what should I do first and how?
This is not binary
Could an employee download all of your customer data?
Security Example
https://xkcd.com/538/
13
Could an employee delete your production database and all your backups?
Everyone on AWS uses IAM(Identity and Access Management);but it’s hard to use it well!
Other mechanisms as well as IAM to lock-down access.
Security Example
https://xkcd.com/538/
14
© Cloudsoft Corporation 2019
Reliability Trade-offs
© Cloudsoft Corporation 2019 15
Gartner
Why Business Leaders Don’t Care About the Cost of Downtime
9 April 2019get report for free
cloudsoft.io/report
Reliability Example
16
But it’s question 7
Automated healing quite far down. Start with monitoring and alerting.
Component failure: what many of us first think about.
Reliability Example
17
Startup’s story: ran with one VM (single point of failure) for a long time before migrating to AWS.
DR very important:
● Data backup.● Provision replacement
resources.● Test it!
Reliability Example
18
Production issues are often weird
How do you know your monitoring, alerting and recovery really works?
Goals and Tech Choices
Focus on business goals;
“Tech choices” are implementation details.
E.g. How do you mitigate deployment risks?
19