Last Thursday, November 13, Amazon Web Services announced the availability of EC2 Container Service (ECS) to facilitate the management of Docker technology qua containers on the Amazon Web Services platform. The announcement represents another notable endorsement of Docker technology by a major cloud vendor that promises to continue catapulting Docker’s container technology to the forefront of the cloud computing revolution. Docker, recall, is a platform that enables developers to create and transport distributed applications. Docker streamlines software development by ensuring that applications housed within Docker containers remain unchanged when transported from one environment to another, thereby reducing the probability that applications which run smoothly in test environments fail in production. Docker’s container technology also introduces greater efficiencies with respect to the creation of applications by means of well defined parameters regarding application dependencies that enable developers to more effectively diagnose bugs and performance-related issues as they arise.
ECS enables Amazon customers to create clusters featuring thousands of containers across multiple Availability Zones. Moreover, ECS empowers customers to terminate and start containers in addition to providing scheduling functionality that optimizes the collective performance of containers within a cluster. ECS also allows users to transport containers from the AWS platform to on-premise infrastructures and vice versa while additionally providing deep AWS integration that allows customers to take advantage of AWS’s “Elastic IP addresses, resource tags, and Virtual Private Cloud (VPC)” that effectively transform Docker containers into another layer of the AWS platform on par with EC2 and S3, according to a blog post by Amazon’s Jeff Barr. Amazon’s announcement of its EC2 Container Service for container management means that it accompanies Microsoft and Google in offering support for Docker deployment, management and orchestration. Google’s Kubernetes project enables Docker container management on the Google Cloud Platform, while Microsoft Azure recently announced support for Kubernetes on the Azure platform.
The bottom line here is that Docker’s ability to enable the deployment of applications within containers as opposed to virtual machines has captured the minds of developers and enterprise customers to such a degree that the most significant IaaS players in the industry are differentially announcing indigenous or borrowed support for Docker technology. The key question now concerns the extent to which Docker usage proliferates to the point where it becomes the de facto standard for the deployment of applications and whether its technology can support the convergence of cloud computing and Big Data in the form of data-intensive applications designed to perform analytics on real-time, streaming data. Docker users will also be interested in container management frameworks that inter-operate across cloud frameworks such as Google Cloud Platform and Amazon Web Services in contrast to management frameworks designed for one cloud infrastructure as opposed to another.
On October 23, Amazon Web Services announced the launch of its 11th region in the form of the AWS EU (Frankfurt) region. The AWS EU (Frankfurt) region is the second region in Europe and will contain two Availability Zones upon launch. The availability of the AWS EU (Frankfurt) region helps German organizations comply with EU data protection requirements that impose constraints on the storage of data across national boundaries. JP Schmetz, Chief Scientist of Hubert Burda Media, remarked on the announcement as follows:
Now that AWS is available in Germany it gives our subsidiaries the option to move certain assets to the cloud. We have long had policies preventing data to be hosted outside of German soil and this new German region gives us the option to use AWS more meaningfully.
As Schmetz notes, German customers who have internal policies requiring intra-national hosting of data can now leverage the services of Amazon Web Services. In addition, German organizations who currently use AWS can now more fully take advantage of the AWS platform’s offerings by expanding the scope of their usage to include production-grade workloads and sensitive data. The AWS EU (Frankfurt) region represents the second AWS region in Europe alongside AWS EU (Ireland) region. AWS EU (Frankfurt) is expected to reduce latency for European customers and provide additional options for the architecture of disaster recovery solutions, in addition to enabling select German customers feel more comfortable about hosting data on AWS and achieve compliance with their own internal organizational policies with respect to data hosting and data storage.
AT&T recently announced a collaboration with Amazon Web Services to integrate AWS into the AT&T NetBond Virtual Private Network (VPN) architecture. As a result of the integration, AWS customers will access AWS products and services via the AT&T NetBond infrastructure by means a private network that bypasses the public internet. Because the NetBond infrastructure is accessed via a private connection, it delivers enhanced security, performance and reliability for Amazon Web Services customers who otherwise stand to endure the vagaries of public internet connections and their corresponding fluctuations in performance. The NetBond infrastructure additionally boasts network elasticity that adjusts network bandwidth in relation to the volume of network traffic, thereby enabling customers to save on network-related expenses. The collaboration between Amazon Web Services and AT&T with respect to NetBond illustrates an emerging trend in the IaaS space whereby infrastructures that connect public cloud platforms to a secure, private internet connection such as the Equinix Cloud Exchange proliferate as enterprises increasingly prioritize the security, performance and reliability of their cloud deployments. Existing AT&T NetBond customers include VMware, IBM, Equinix, HP and Box.
Amazon Web Services has initiated a massive reboot of EC2 instances in response to a security flaw that the company has yet to identify. AWS has notified customers to expect reboots to instances spanning multiple availability zones and regions. Many sources speculate that the reboot involves a security vulnerability in the open source Xen-108 hypervisor, the security patch for which is currently available via pre-release, embargoed code. Depending on the time zone of the targeted instance, the reboot starts on September 25 or 26 and ends on September 30. Amazon has confirmed that details of a security flaw specific to the Xen hypervisor will be officially released on October 1, but that “following security best practices, the details of this update are embargoed until then.” According to a RightScale blog post, T1, T2, M2, R3, and HS1 instances will not be affected and less than 10% of all EC2 instances will be impacted by the reboot and concomitant security patch. Notably, customers that independently reboot their EC2 instance will not necessarily experience the installation of the requisite security patch on their host machine. The reboot represents one of Amazon’s largest reboots in recent years and has the potential to affect application uptime, although the reboots will be staggered across different availability zones to minimize service disruptions.
Last Wednesday, Amazon Web Services announced the general availability of Zocalo, the cloud storage and collaboration platform, to AWS customers. Zocalo will be available free of charge for a 30 day period for up to 200 GB of storage for a maximum of 50 users. After the 30 day free trial, users can access the Zocalo platform at a rate of $5 per user per month. The announcement of the general availability of Zocalo also featured news that AWS CloudTrail now records API calls made to the Zocalo API and subsequently delivers log files containing details such as API caller identity, time, source, the nature of the API request and Zocalo’s corresponding response. More than just a cloud storage platform, Zocalo provides users with the ability to annotate and provide feedback on files and to additionally receive email notifications regarding team feedback and task-related deadlines. Zocalo has been in limited preview since July but now emerges as a serious contender in the hotly contested cloud storage and collaboration space amongst the likes of Box, Google Drive, Dropbox and Microsoft OneDrive.
Dropbox, for example, recently announced 1 TB of storage for Dropbox users at the rate of $10/month, in contrast to the 100 GB of storage per month to which Dropbox Pro customers were previously entitled. Moreover, Dropbox Pro now features enhanced security features such as passwords for shared links to Dropbox files, expiration dates for shared links and the ability to delete Dropbox files from lost or stolen devices. Zocalo now joins the cloud storage party with pricing and functionality to match its competitors, although it remains to be seen whether enterprise customers will choose to opt for AWS for their cloud storage and sharing needs given the heterogeneity of its other cloud products and services, or select to instead opt for a vendor dedicated purely to building a storage and document sharing platform for the enterprise such as Box or Dropbox. Regardless, the battle for cloud storage and collaboration continues to evolve with new twists and turns as AWS throws it hat into the ring with its now generally available Zocalo platform. Amazon Zocalo is now generally available in the US-West-2 (Oregon), US-East-1 (N.Virginia) and the EU (Ireland) AWS Regions.
On Thursday, Amazon Web Services (AWS) announced it had become the first cloud vendor to obtain provisional authorization from the Department information Systems Agency (DISA) to handle DISA data requiring levels 3-5 security clearance under the DISA Cloud Security Model (DISA CSM). Because AWS had already achieved authorization to manage data for levels 1-2 security clearance as of March, Thursday’s announcement means that AWS can now handle all unclassified data given that level 6 security clearance applies to classified data. The DISA CSM imposes even more restrictions on cloud-based data than the FedRAMP certification program. Department of Defense Agencies can now leverage the capabilities of the AWS GovCloud more quickly given the expanded scope of its authorization to handle a greater range of unclassified data. As the very first cloud vendor to obtain DISA clearance for levels 1-5 of unclassified data, AWS stands poised to strengthen its market share advantage in the battle for government-based cloud services given its receipt of a hotly contested contract for $600M and leadership with respect to obtaining FedRAMP certification.
On Friday, Amazon Web Services announced the release of Amazon Zocalo, an enterprise grade storage and collaboration platform. Zocalo delivers file storage, the ability for users to annotate files and provide feedback for team members in addition to version control and fine-grained access permissions. Users of Zocalo can request feedback from team members and return to the section in the original document to which the feedback refers as illustrated below:
Image source: Look Out Box and Dropbox – Here Comes Amazon’s Zocalo
Collaborators can highlight words or phrases in the original document and receive notifications via email about recently inputted feedback or impending deadlines. Moreover, users have the ability to set up a folder that synchronizes with Zocalo by means of an encrypted connection across all relevant devices. Enterprise customers can use Zocalo as a production-ready collaboration platform that allows employees to dispense with lengthy email collaborations to finalize documents. Moreover, Zocalo features advanced security functionality marked by data encryption, audit logs and integration with Active Directory, all for the low cost of $5 per user for 200 GB of storage per user. The Zocalo platform represents direct competition to file storage and collaboration vendors Box and Dropbox, both of whom target personal users and enterprise customers alike, although Amazon’s pricepoint and breathtaking ability to roll out features renders it an attractive option out of the gate despite being a late arriver to the enterprise file storage landscape. Most importantly, Zocalo constitutes yet another example of Amazon’s investment in courting enterprise customers by delivering a solution that meets enterprise needs for security, simplicity and collaboration-centric functionality.