For my day 1 recap, please jump here.
For the second day of that conference, I decided first to attend the keynote of Adam Selipsky, CEO of Amazon Web Services. Lots of annoucements as always covering various area and services. For instance : AWS Lake Formation, new Row and cell-level security, transactions for governed tables, a AWS Private 5G service allowing users to create their own private mobile network, a new AWS Mainframe Modernization service, new types of EC2 instances, aso.
The video from AWS is available here https://www.youtube.com/watch?v=WGA2P_oH5Xc
Right after this keynote, I rushed and headed to a very interesting workshop.
Testing resiliency of AWS workloads using chaos engineering
Organized by Seth Eliot and Mahanth Jayadeva from AWS, this was a 135 min workshop. As its title says, it is focused on testing resiliency. Workloads deployed on AWS cloud should apply best practices established by AWS. They called this set of best practices the AWS Well-Architected Framework. Five pillars in that framework : Operational excellence, Security, Reliability, Performance efficiency and Cost optimization.
Here, we were there to test resiliency and improve reliability.
Design principles for reliability:
- Automatically recover from failure
- Test recovery procedures
The workshop started, a kind-of basic workload was already deployed to a given AWS account using AWS Cloud formation. It consisted in a set of EC2 instances, using RDS MySQL databases, with an ALB on top of it.
Various activities allowed us to inject EC2 failures (for instance an instance goes down, how the system could react ?) or RDS instance failures (Is the RDS is deployed in a multi-AZ schema ?)
Failures were manually triggered either by executing bash scripts or by using the AWS FIS service, FIS standing for Failure Injection Simulator.
One of the sessions I then decided to attend was related to Kubernetes on AWS cloud : EKS. I jumped into a shuttle and was right on time for that presentation.
Getting to large Amazon EKS clusters
Presented by Alex Kestner and Shyam Jeedigunta, the presentation started right by showing the result of a CNCF study, claiming that 65% of organizations choose AWS to run their containers (including so all AWS related solutions).
A quick recap then showed the benefit of running on AWS EKS : easy to scale, more security, better integration with other AWS services.
AWS EKS runs vanilla Kubernetes, is upstream and supports 4 versions of Kubernetes, giving time for the users to test and roll out upgrades. A slide surprised me, showing how portable EKS is : you can run it on AWS cloud of course, but also on AWS Outpost, on AWS Local Zones, using AWS EKS Anywhere on on-premises infrastructures (using VMware vSphere). There is even a dedicated Linux distro, called Amazon EKS Distro.
In term of high-availability, Amazon EKS survives to single-AZ events, provides highly available cluster endpoints, with a 99.95% SLA. To support large clusters deployments, AWS made some changes. They improved the etcd volume throughput up to 3000 IOPS. The api-server was also improved : its throughput is increased dynamically, as well as kube-controllers for an increase of pods creation/deletion rate and the kubelet.
In term of networking, IPv6 has been introduced, one of the advantage here is to fight against IP shortage and get a unique IPv6 address assigned per pod.
Two components brought my attention.
Karpenter is an open-source Kubernetes auto-scaler. By using it, you should be able to spin-off automatically new compute resources when pods are in pending state because of lack of resources.
Bottlerocket OS is an open-source OS built by AWS and designed to run containers only. Promising faster boot-time and better resource utilization as only the need components are there, it is fully compatible with EKS
Both available on GitHub and not tighted to AWS only, those tools are definitely on my to-do list on my journey with AWS EKS.
And even more fun…
This event is synonym of learn and sharing sessions, but also with fun ! In a total respect of health measures in place, lots of side events are organized. For example, ping pong tournaments were scheduled. We also met a real human-sized pac-man or safely played with light-saber.
This day was very dense, here is just an extract of the sessions we attended. The steps count on the smartwatch reached its peak ! However, looking forward for the third day.