kreuzwerker AWS Modernizing Legacy Operations with Containerized Solutions 2023-06-26.pdf

Modernizing Legacy Operations
with Containerized Solutions
26.06.2023
online

| Streamlined Data Flow
© kreuzwerker 2023
© kreuzwerker 2023
Agenda
2
ECS and Fargate Overview, 15”
Daisy Daivasagaya, AWS
Quick Demonstration, 15”
JooYong Kim, AWS
Case Study of an Event-Driven
Serverless Architecture, 10”
Kateryna Oliferchuck, kreuzwerker
Sharib Jafari, kreuzwerker

kreuzwerker
We unleash digital technology. Made to measure.

4
Founded 2012
AWS Partner since 2013
100% AWS
Berlin, Frankfurt,
Munich, Warsaw, Zurich
Migration & Modernization
Data & Analytics
Cloud Native Development
Managed Security Services
Cloud Financial Management

© 2023, Amazon Web Services, Inc. or its affiliates. All rights reserved. Amazon Confidential and Trademark.
AWS Fargate
Roadmap and Updates
Daisy Daivasagaya
Senior GTM Container Specialist

Agenda
- ECS/Fargate Overview
- Summary of releases over the past 12 months
- Looking forward at 2023’s roadmap for AWS Fargate
Features, capabilities, and timelines are shared in good faith and reflect the
roadmap today, but are subject to change

ECS and Fargate overview
3
Fargate – serverless compute
- No EC2 AMIs to patch, upgrade, secure, and manage
- Secure-by-design with each task running in separate kernel
- No capacity management overhead!
ECS - fully managed container orchestrator
- No control plane to upgrade, patch, and secure
- Manages deployments, autoscaling, self-healing…
ECS
Fargate
…

ECS core constructs
4
Task
Task
Service
Cluster
Task
…
Cluster is logical grouping of
services and tasks
Service is a group of
identical tasks
Task is one or more containers
performing specific
application function
Task Definition describes the
task needs (cpu, memory,
images, networking type, IAM)

• Serverless container engine
• No container host (OS) to upgrade, patch, secure
• Isolation and security by design
• Simpler and faster auto scaling
• Fully managed service
• No middleware to install and upgrade
• Free!
ECS with Fargate serverless container service overview

Notable Fargate releases in
the past 12 months
6

Notable Fargate releases in the past 12 months
AWS Compute Optimizer Support
Receive prescriptive recommendations on “right sizing” Task configurations
4x increase in Fargate’s largest configuration sizes
8 and 16 vCPU combinations with up to 120GB memory
12x task launch rate improvements in 2 years
Scale out the number of tasks to meet demand more quickly
Service quota transition
Migration from task/pod counts to number of vCPU
Disk utilization metrics
Monitor the disk utilization of tasks’ ephemeral storage

Planned enhancements
coming to Fargate
8

Fargate investment themes
New capabilities
Unblocking customers and expanding Fargate’s flexibility through
more intelligent image handling and use of Linux capabilities
Security and efficiency
Behind-the-scenes improvements to enhance reliability,
accelerating CVE remediations, and improving security monitoring
Operational excellence
Expedite availability of Fargate in new regions through automation
improvements and under-the-hood service optimizations
9

Fargate roadmap highlights: Performance
Faster Task start times
More efficient image pulls through “lazy loading” of images
Consistent compute and networking
Greater performance consistency across Fargate
Graviton price reduction
Modifications coming for select regions including Mumbai
10

Fargate roadmap highlights: Security
Advanced security and network controls
Enable additional Linux capabilities for runtime security monitoring,
utilize eBPF, and customize the network stack.
FIPS 140-2 compliance
Ensuring Fargate meets federal standards for cryptography
Secure ephemeral storage with Customer Managed Keys (CMK)
Expanding on today’s default of service managed keys for enhanced
control and security.
11

Thank you!
12

AMAZON ECS BLUEPRINT
© 2023, Amazon Web Services, Inc. or its affiliates.
Jooyoung Kim
Specialist Solutions Architect, Container
joozero@amazon.com
ECS Blueprint

Motivation for ECS
Blueprint

Customers new to containers face a steep learning curve
Deploy
Build Run
CI/CD and infra-as-code
automation
Container service &
container infrastructure
Observability Security Cost

• What is ECS? What is Fargate?
• What is ECS cluster service, task, task definition, container
definition?
• What all IAM roles do I need?
• What is different between task execution role and task role?
• How to build containers? How to setup CI and CD?
• How to configure rolling deployment?
• How to monitor ECS Fargate workload?
• How to configure logs?
• How to handle sensitive secrets?
• How to use ALB? How to use service discovery?
• How to setup VPC endpoints? What all VPC endpoints to set?
• How to use Fargate Spot?
• How to use Graviton from start?
• How to setup multi-account CI/CD?
• How and what to use for run time security monitoring?
• …
ECS Fargate is easy but …
4
Automate all this using with
IaC(Infrastructure as Code) Tool

Can we accelerate ECS Fargate adoption for beginners?
5
Technical deep dive presentations
Workshops
Immersion days
Customer using ECS Fargate
In their accounts
With their applications
With end-to-end automation
Can we start here?

ECS Blueprint Overview

Sample Architecture

Overview of Core Infra Template
18

Overview of Backend Service Template
19

Overview of Frontend Service Template
20

Overview of CICD Service Template
21

Demo
27

Get started today!
• Official Github repository
• Terraform and CDK blueprints are included
• https://github.com/aws-ia/ecs-blueprints
• ECS Blueprints workshop
• https://catalog.workshops.aws/ecs-solution-blueprints/en-US
• AWS CDK Workshop for Python
• https://cdkworkshop.com/30-python.html
28

Thank you!

6
Case Study of an Event-Driven Serverless Architecture
Streamlined Data Flow using EventBridge and Step Functions

© kreuzwerker 2023
Client
7
- Operating in the ﬁeld of clinical diagnostics and research
- Prominent company utilizing data-driven approaches
- Utilizes a Biodatabank containing over half a million
individuals' data
- Primarily focused on laboratory operations and diagnostics
- Limited expertise in software development and
implementation
Client

© kreuzwerker 2023
The Client: A rare disease company
8
Client
The customers mission is to provide
data-driven, life-changing answers to
patients, physicians, and pharma
companies for rare and
neurodegenerative diseases.
Leading data-driven rare disease company.

© kreuzwerker 2023 9
Design and implement a cloud-native, serverless solution,
streamlining the data synchronization process between
CRM, ERP and LIMS systems
Challenge
Challenge

© kreuzwerker 2023
Challenge
10
- Multiple systems, including a webshop, products database,
LIMS, ERP, and CRM, are currently in use
- Each system is managed by a separate external vendor
- These systems have overlapping data, such as customer and
product information
- No single system has exclusive ownership of the data
- Data is duplicated across the systems with custom
transformation
- Real-time data synchronization is lacking, resulting in
inconsistencies
Challenge

© kreuzwerker 2023
Use Case: Product Sync
11
- Extract relevant data from Master Data Management (MDM)
via REST
- Transform data into a single product entity with nested
attributes by aggregating multiple entities
- Load product data into different external systems, such as
CRM and ERP via REST
Use Case: Product Sync

© kreuzwerker 2023
North Star
12
- Low maintenance
- Simple to use and understand
- Includes error handling and retry mechanisms
- Utilizes REST API to integrate with external systems
- Transforms and syncs a large volume of products in parallel
for multiple targets
- Adoptable to a real-time synchronization solution when the
external systems incorporate support for it.
North Star

© kreuzwerker 2023 14
− Parallel processing of bulk data
− Cost based on actual usage
− Automated error handling and
retries
− Convenient setup of monitoring
and alarms
− Low maintenance due to modular,
automated, extensible, and
managed design
− Requires all target systems to
be idempotent
− It’s challenging to visualize
the entire workﬂow without
adequate documentation and
diagrams
Beneﬁts Tradeoffs
Tradeoffs

Serverless Readiness Assessment
Scope: Assessment of Scope, Architecture, Tech
Stack, DevOps and AWS usage.
Deliverable: Result Presentation and optional
Enablement, Trainings, Consulting
Time & Effort: 5 Person Days
Application Modernisation & Cloud Native Software Development - Proof-of-Concept
Scope Identiﬁcation of (Modernisation) Use Cases and Implementation / Building of a PoC
Deliverable Proof-of-Concept
Time & Effort: 10-25 Person Days
Funding Options: PoC Funding
Well Architected Framework Review
Scope Analyse Data Workload/Architecture along the
Well-Architected Pillars
Deliverable Report of ﬁndings / recommendations
Time & Effort: 2 Person Days
Funding Options: 5k Credits
1.250 €/CHF
2.750 €/CHF
upon request

kreuzwerker GmbH
Ritterstr. 12
10969 Berlin
www.kreuzwerker.de
Fon +49 30 609 838 80
Fax +49 30 609 838 899
Thank you!
aws@kreuzwerker.de

kreuzwerker AWS Modernizing Legacy Operations with Containerized Solutions 2023-06-26.pdf

Recommended

Recommended

More Related Content

Similar to kreuzwerker AWS Modernizing Legacy Operations with Containerized Solutions 2023-06-26.pdf

Similar to kreuzwerker AWS Modernizing Legacy Operations with Containerized Solutions 2023-06-26.pdf (20)

More from kreuzwerker GmbH

More from kreuzwerker GmbH (17)

Recently uploaded

Recently uploaded (20)

kreuzwerker AWS Modernizing Legacy Operations with Containerized Solutions 2023-06-26.pdf