Skip to content

    Latest Posts

    Minimum Viable Cloud

    Josh Stella

    Every time a new, hot technology appears on the scene, many companies with old, boring technologies slap a sticker on the front of their product, proclaiming it to be a torchbearer for the new tech. It's something of a parlor trick. Certainly this has been the case with cloud technologies. As a result, there's a need to differentiate things that actually deliver the promised benefits of cloud from things that are just cloudwashed . After a decade of building service-oriented architectures and cloud products for AWS and others, I've had time to reflect on how to distinguish the real from the marketed. Others have taken a crack at this, but explanations that begin with the developer's perspective - the developer who builds and uses new systems on cloud infrastructure - are not especially...

    Read More

    Something as a Service

    Josh Stella

    Several years ago, NIST produced documents (SP 800 145 & 146) that made admirable and compelling efforts to categorize cloud service offerings with the tripartite taxonomy already in use: Infrastructure as a Service (IaaS), Platform as a Service (PaaS), and Software as a Service (SaaS). NIST sought to tighten loose definitions. This was about as good a categorization as was possible at the time. While comprehensive, the perspective set forth in the documents zeroed in on "consumer-provider interaction dynamics." It represented an important perspective, albeit not a preclusive one. The terms have proved useful for understanding the array of cloud services available in the market, at least in a general, commerce­-oriented sense. AWS is an IaaS, Heroku is a PaaS, and Salesforce is a SaaS.

    Read More

    The Problem With Early Standardization

    Josh Stella

    I've noticed recently that I'm getting quite a bit of grey in my beard. While there are many downsides to being an aging geek (I can't pull all-nighter coding sessions any more without hell to pay for several days), one of the benefits is gaining some perspective on how innovations play out over time. I started building software in the late '80s on my beloved Amiga, began programming OO in Objective-C on NeXTStep in 1990, and built my first web application in 1993. Along the way, I've seen all manner of approaches to standardization of new technologies. Some ultimately yield successful standards, some do not. Innovation Lifecycle When a new technology that has broad relevance arrives, it tends to develop along a lifecycle that is more or less similar to that of other innovations...

    Read More

    Luminal at AWS re:Invent

    Josh Stella

    The entire Luminal team will be attending AWS re:Invent 2013 this week. Since we are still in stealth mode we won't have a booth, but we will have a product preview and a detailed white paper on our first product, Fugue. If you're attending re:Invent and would like to talk to us, drop me an email and I'll reach out to you. We are actively recruiting alpha customers for Q1 2014 who want declarative control, native security and simplified operations & maintenance on AWS. Hope to see you in Vegas! Related Posts Why AWS re:Invent 2013 Mattered November 20th, 2013 If You Start Me Up... Doing Business on AWS November 25th, 2013

    Read More

    Your Beautiful Baby VPC on AWS: Part 3

    Josh Stella

    In the last two posts in this series, I illustrated how an unconsidered VPC architecture can lead to inefficiency and poor resiliency. In this post, I'll show how to get to an efficient, secure and highly resilient VPC design. Keep in mind that there are many successful patterns to building VPC and this is only one of them, but is in most cases the most logical starting design. In order to succeed in creating high fidelity, resiliency and efficiency, you'll want to: keep things simple, design for multi-AZ, and use Security Groups Keep it Simple There is a lot of complexity in typical LAN designs in on-premise data centers, and for good reason. With on-premise networks, subnets and address ranges become the focus for rules and filtering. This is not only unnecessary in most...

    Read More

    Your Beautiful Baby VPC on AWS: Part 2

    Josh Stella

    Dennis, an engineer at Complicado Corporation, has decided to try porting his company's web application to AWS. Dennis does a little reading and realizes that he should use VPC so his database server is in a private subnet and hits the AWS web console. He fires up the Start VPC Wizard. Scanning the options, Dennis sees "VPC With Public and Private Subnets". Cool - Dennis' work is done! He leaves the defaults alone and ends up with a network that looks like this: Dennis starts creating EC2 instances and notices that they are instantiated into a particular subnet, so Dennis drops his web server into his Public subnet and his database server into Private. Dennis slaps an Elastic IP onto his web server, creates some DNS entries in Route 53 and is off to the AWS races. Now Dennis's...

    Read More

    Your Beautiful Baby VPC on AWS: Part 1

    Josh Stella

    Most of the features of Amazon Web Services (AWS) are low risk in terms of changing your mind later. Don't like an EC2 instance type? Just stop it and start it with a new type. Want a larger EBS volume? Simply snapshot the current one and create a larger volume from it. The flexibility and low costs of errors are some of the great features of the AWS platform. However, one place where you really need to get things right from the start on the AWS platform is in your Virtual Private Cloud (VPC) design. Unfortunately there isn't a lot of wisdom imparted through the defaults or documentation provided. The purpose of this post is to lay out some best practices so you won't find yourself up a creek later. If you've already gone partway up a creek, you'll be fine - AWS is a pretty agile...

    Read More
    1 2 3
    Fugue Developer

    Free Cloud Security for Engineers

    • Visualize your cloud infrastructure
    • Run policy checks and get feedback
    • Detect change and eliminate misconfiguration
    GET STARTED CONTACT SALES