Saturday, November 22, 2014

Amazon Zocalo - The Silver Lining for Enterprises

Introduction


Zocalo is the new and fully managed self-service Document collaboration and Management Service introduced by Amazon Web Services which encompasses administration, mobile / PC apps fully out of the box with support to offline document access. Zocalo also readily allows enterprises to link up their corporate Active Directory for Access and Authentication.



Key Features & Overview


Amazon Zocalo’s key capabilities can be categorized as Storage, Administration, Document Management & Feedback, and PC & Mobile Support.

Storage


All the documents are stored in a reliable infrastructure and is fully managed by Amazon Web Services. There is essentially no limit on the amount of data and number of documents you can
store in Zocalo. The explicit storage limit for each user can be optionally enforced by an administrator.

Administration


The administration of Zocalo site for users and storage comes out of the box. The administration portal is web based and can be accessed from all popular latest browsers. Administrators can create new users or alternatively link up your Corporate Active Directory and sync it to Zocalo, enable / disable the users, set explicit limits to the storage for user’s account.

Document Management & Feedback

The documents can be accessed and reviewed directly out of the Zocalo web portal. The document management features of Zocalo doesn't stop at merely just document access over web or devices; but also leverages the collaboration by allowing the documents to be shared, requesting the documents for comments or review with optionally setting a deadline with reminders. With the built in Versioning Capability in Zocalo, naming the files with v1, v2, v3 would be a distant past and provides easy access to older or other versions. Documents can be uploaded using the web portal or synced via the PC / Mac using Zocalo sync applications.

The documents can also be shared externally outside of the corporate with fine grain control for
each file by setting access control like read-only, download disabled etc. The external access permissions to the documents can be revoked any time.

Any type of file can be stored in Zocalo. Zocalo supports instant access and review support for Microsoft Office files (Word, Excel, and PowerPoint), pdfs, images, text files. The files can be downloaded to your local machine and optionally documents can also include the reviewed comments along with it.

You can create, edit your files as usual using the standard applications,once when the document is ready it can be released as a newer version and notify the contributors.

System & Mobile Support


While the Zocalo portal for file access and review can be accessed through web-portal, Amazon Zocalo Service extends its offering over the major tablet platforms - iPad, Android Tablet and Amazon Kindle Fire; the apps can be downloaded from the respective apps market place for free. Using the mobile apps one can perform the same functionality of document sharing, review and comments which is possible using the web interface; the best part is to have the documents and files available offline; even during no network access and you can still review the documents and it would sync the new reviews as and when the tablet connects back to the internet.

The documents can be uploaded to Zocalo via the portal using the browser, you can also sync the files from your local machine using the Sync application for free. There are sync clients for PC (Windows 7) and Mac (OS X 10.7 +).


Zocalo for Enterprise


There are several reasons why Zocalo makes a good candidate for Enterprise Document Management and Storage viz.

Region Specific

The Zocalo site would be created in the specified Amazon Region like US-East-1 (Virginia), the documents and data would never leave the specific region. This is one of the major requirements
for the data to be stored only in the territory where the business is operated.

Access Logs


Zocalo bring along the reports of the details of the activity of the users in a Zocalo site like document viewed, downloaded, document ownership transfers etc. These types of logs are mandatory for several compliance standards. Integrate with Existing Active Directory Zocalo can be easily linked to the Corporate Active Directory; this solves the problem of not introducing yet another access management.



Make use of Direct Connect to access Corporate Active Directory



Amazon Direct Connect (DX) is a service offering which would enable enterprises to directly connect to Amazon’s Data Centers over a dedicated line, this enables the communication
between Enterprise and Amazon Zocalo to be more secure, faster and reliable with guaranteed bandwidth.

Compliments with Amazon Workspaces

Amazon workspaces is a fully managed desktop computing service (VDI - Virtual Desktop Infrastructure) which provides cloud-based desktops with access to documents, applications over laptops, iPad, Kindle Fire, Android tablet etc. Every Amazon Workspaces account is topped up with a FREE Zocalo account with storage of 50 GB per month; additional storage can always be upgraded for a reduced monthly subscription fee. 

Leverage Enterprise Productivity along with Existing Investment of Office Suite - Microsoft Office


Nothing would change or be removed from the corporate applications and tools ecosystem to bring in Zocalo to the enterprise. Rather Zocalo would form a creamy layer with enhanced collaboration for Microsoft Office Word, Excel, PowerPoint files.

Share Zocalo Documents Contents Externally with ease 

Inviting an external 3rd Party legal firm to review the documents is just a click away for which the access can be read-only / download-disabled. The access can be revoked any time.

Zocalo Cost overview


The charges are prorated for average usage for the month, if a user is removed / disabled / added in the middle of a given month. Beyond 200GB the pricing works out in a pay as you go model per GB per month for that particular user.



If you use Amazon Workspaces, you will get Zocalo free for every account of 50GB per month, additional storage can be added in the pay as you go model.

Friday, November 21, 2014

Features I wish are supported in AWS CloudFormation

There is a specific set of people who love CloudFormation and few use cases like DR network setup / restoration, redundant hadoop cluster which work the best for CloudFormation. When I personally tried to create a 3 tier application stack with Private / Public Subnet with EC2 it was an amazing experience, slowly when I tried to do this over and over again the excitement started to fade off - then I found CloudFormation and to compose a text file which will literally translate a bunch of Clicks,Configurations, attachments, launches, reconfigurations was enlightening. I was very proud to tell or enable people to "Version Control the Infrastructure now".

I really enjoyed when I first wrote a 3 tier VPC stack with multiple Subnets and Security Groups and was able to answer / proclaim to the team that - I can run this template in any Region with Option of selection of AZ ( Thanks to the Mapping Entity in CloudFormation )

Over the period of time, I felt the necessity of few features, better to put it as ways to add more glory to CloudFormation; these are my wishes for this Christmas from Amazon CloudFormation team.

1. Online IDE


2. Ordering of Parameters 
  • Now :
    • CloudFormation empowers flexibility and the principal way how we achieve that is by dynamically having the ability to "key in" the parameters  - the real power was that the parameters can be made used to create the NETBIOS name of the AD in the stack or the AZ of the stack or the selection of the Instance size based on that value; I can go on.
    • Lot of time we end up having nearly 20 parameters ( effect of uttering the word flexibility to your boss :) ) - and the ordering would be in no particular format ( most of the time is in Alphabetical) it would be really hard to look into each and every parameter and the chances of missing to change the key value like CIDR range will backfire you. 
  • Nice if:
    • The logical or best way to solve this issue is to put the key Parameters like CIDR - Range - AZ in the top followed by name of the Instance Tag towards the end, so essentially a way to specify the order / defined sequence of the Parameters.

3. Inbuilt Error Check based on Values Type
  • Now :
    • This is again with respect to Parameters. Chances are both the VPC CIDR and Subnet CIDR are accepted as parameters by your template.
    • There is very high probability that the User ( certainly during demo ) for the user to enter the CIDR for VPC as 10.10.0.0/16 and the subnets' to be in the range of 10.0.10.0/24
  • Nice if:
    • We can chain the parameter lists to check for use cases like CIDR ranges and sub net CIDR ranges. We have an option to check for the format of CIDR range / IP range using Regular Expressions but we can't specify if the subnet range is a valid range inside a VPC
4. Drop Down List of Available Values ( Valid Values ) - Improved GUI
  • Now :
    • The easiest way to restrict the user from not entering the dumb values like i1.mini just because there is iPad Mini is to restrict the allowed values like ["m1.small", "m1.large", "t2.micro"] etc.
    • When we launch the template the user can change the values and CFN will check if the user entered value is among the allowed values before proceeding for launch ( cool ! )
  • Nice if:
    • There was a clear drop down list to show the list of allowed values - chances are one will choose t1.micro rather than t2.micro in doubt. If the drop down list showed the t2.micro it is easy and intuitive.


5. Improved Error ( Static / Syntax ) Check 
  • Now :
    • When we upload the CFN template for deployment there are several Syntax checks like missing comma, colon, improper nesting etc.
    • There is one type of check which can still be performed in the compilation state - the data type of the property - especially between a direct parameter and the parameter between [ ] (a list)  i.e. for example the ELB can have n number of Security Groups but chances are during the unit testing phase we tend to put a { "Ref" : "ELBSG" } and run it but, the CFN starts deploying and then after launching the subnets, instances, VPC, SGs etc. then when CFN tries to materialize the ELB then it would tell that - it would like the parameter like [ { "Ref" : "ELBSG" } ].  - Works like Interpretation / Interpretor. 
  • Nice if :
    • Here we can completely agree about the syntax to be with [ ] but if the same was checked along with JSON "well-formed" error - it would save a bunch of unwanted launches - roll back - delete stack by extension money.

Tuesday, August 19, 2014

Heroku Cloud Application Development - Book Review

This book does really good level of hand-holding for developers who are new to Cloud platform and / or Heroku platform alone. Dedicating a separate chapter for introduction of Cloud Development explains how the Cloud can be put to practice is a good take off for complete beginners. Every single terminology and bare basics has been explained extensively which makes a smooth transition to more advanced topics.

The setup and environment configurations are illustrated clearly which is generally the initial learning curve for any new beginner.  The best thing which I like in this book is that, there is enough coverage of explanation which has been concentrated in architectural topics, deployment like loose coupling,  source control, GIT, High Availability etc. rather than merely emphasizing just APIs and services offered. 




 Inclusion of Best Practices is clearly the key reasons why one can chose this book to get started with Heroku.

Monday, July 21, 2014

Is Amazon PaaS-ifying the IaaS ?

The word burst compute can be made synonymous with explosion; perhaps I would like to relate this with respect to the idea / innovation of the t2 family - EC2 instance rather than associating the explosion with the instance capacity; as of today AWS t2 family of instance can handle burst capacity not explosion.

The idea behind the t2 instance type was really cool and was really the need for several small use-cases like
  • corporate website for an small enterprise might run drupal - the traffic to the site would generally be minimal
  • personal blogs - would get occasional higher number of hits while publishing a new post and posting it in the social networks
  • Daily / scheduled data load jobs

The way I feel this type of instance would help you out is like during the situations of " increasing your credit card's limit little bit when your are maxed out ". It completely makes sense for you to have little bit of additional breathing space of credit limit and time to think of the funds to pay the credit card company; rather than cutting you off to abrupt stop with out any options.

All along, the EC2 instance were more like T-Shirt sizes ranging from micro, small, medium, larger, extra-large; Suddenly t2 instance type was a unique creature all together in the ecosystem of EC2 instances. Accumulating the credits during off-time and redeeming the those again when there is a need is really worth every single compute cycle.

t2 family instances give a new dimension to the term "elastic computing & scalability" 


  • Since EC2's launch we have been relating the term scalability in the context of  number of instance count via. auto scaling or manual scaling
  • Changing the instance size from Large to X-Large etc.
  • Adding additional EBS volumes to the instances
There would several situation where you just a need a slight push / bonus to make the job done, increasing the instance count or upgrading the instance size would be a overkill; during that time t2 instances would just be perfect.

Instance sizing measured against socks not t-shirts

We generally specify whether we need a Large or X-Large but where as when we need a socks there would be possibly 2 size viz. children and adults. Socks are good candidates in illustrating the elasticity rather than forcing the the point of one-size fits all more appropriately - FREE SIZE.

Going forward, In my opinion there would be several t2 based instances which help in elasticity scenario by trying to expand itself little bit and only then reporting - I am maxed out.

So today, it is completely worth while to make all the single instance - application to be handled by the t2 based instance and get the good use of it both in terms of performance and cost i.e. move m1.small to t2.small, m1.medium to t2.medium

IMHO, just like in PaaS you generally deploy your app and forget the rest and the PaaS provides takes care of the rest, Amazon EC2 t2 family would PaaS-ify the same way in its IaaS style; your instance would burst out a little by its own to certain extent.

Friday, July 4, 2014

Packt’s celebrates 10 years with a special $10 offer

This month marks 10 years since Packt Publishing embarked on its mission to deliver effective learning and information services to IT professionals. In that time it’s published over 2000 titles and helped projects become household names, awarding over $400,000 through its Open Source Project Royalty Scheme.
To celebrate this huge milestone, from June 26th Packt is offering all of its eBooks and Videos at just $10 each for 10 days – this promotion covers every title and customers can stock up on as many copies as they like until July 5th.



Dave Maclean, Managing Director explains ‘From our very first book published back in 2004, we’ve always focused on giving IT professionals the actionable knowledge they need to get the job done. As we look forward to the next 10 years, everything we do here at Packt will focus on helping those IT professionals, and the wider world, put software to work in innovative new ways.
We’re very excited to take our customers on this new journey with us, and we would like to thank them for coming this far with this special 10-day celebration, when we’ll be opening up our comprehensive range of titles for $10 each.

If you’ve already tried a Packt title in the past, you’ll know this is a great opportunity to explore what’s new and maintain your personal and professional development. If you’re new to Packt, then now is the time to try our extensive range – we’re confident that in our 2000+ titles you’ll find the knowledge you really need , whether that’s specific learning on an emerging technology or the key skills to keep you ahead of the competition in more established tech.’  


More information is available at http://bit.ly/VzuviS

Tuesday, July 1, 2014

Python Boto Code to keep your EC2 instance's Security Group to be in sync with your changing Public IP

I came across a StackOverflow Question about securing and coping with your Public IP changes which is done by ISP as they tend to recycle the IP from their pool of IPs. Generally every time when your public IP changes, chances are you wouldn't connect to your EC2 Instance as you would have enabled ingress access only to your then Public IP address ( unless you want to use 0.0.0.0/0 which is not recommended).

I have tried to put down a small Python Boto Script which would get your Public IP address, sets that your Security group. You can enter your designated "Security Group Name"; then you can schedule it using a CRON process.


Tuesday, June 24, 2014

Preparing for AWS Certified Solutions Architect Certification

The certification interests in AWS is picking up slowly and there are several people who are opting to take up AWS Certification. I recently took up AWS Solutions Architect - Associate Level  Certification and cleared it.

I am writing this blog post in the interest to spread info about the AWS Certification and general tips on how to get prepared for the Certification - Solution Architect - Associate Level. Even before we start the test, we will be taking an NDA - Non Disclosure Agreement that we wouldn't share the questions and stuff; so abiding by that, I write this post to provide tips and pointer of how to prepare. This post is not about the question samples, dumps etc.


  1. First and foremost point, remember it is easy to understand the concepts of AWS than to search online for the dumps of the questions. If you are a hands-on guy on the AWS, that is the sufficient requirement to clear the test.
  2. Remember the Certification Title - Solution Architect so think in the aspects of what is the role of a Solution Architect and prepare accordingly.
  3. AWS - Documentation, AWS - SlideShare Channel, AWS -YouTube Channel are good places to learn about the certification. Again there is nothing like the hands on experience feel and learning you will get out of that.
  4. FAQs for the all services would be a very good place to refresh, recap, cover lot of ground and explore the topics you may need to concentrate.
  5. There are several courses and training materials offered by 3rd Party trainers like Udemy, CloudAcademy  are good; but in my opinion hands-on experience is sufficient to clear the certification exam.
  6. CloudAcademy provides very good quizzes and multiple choice Q&A. But that would cover the entire length and breadth of the AWS Services and Products which would cover topics like costing, size information, restrictions, negative scenarios etc. of which not all may contribute to the Solution Architecture Exam. Again CloudAcademy is a good place to test out skills but don't lose heart if you don't know many of the questions in that. If you are aligned toward the blueprint and curriculum provided by AWS then that is sufficient.
  7. Concentrate on the core services first then go to the add-ons and then deeper in to that.
  8. Think through the Scenarios and use cases; understand when to use what and where and how. Also the "why shouldn't scenario" is also important.
  9. Think in the lines of the Certification titles viz. Solution Architect, Developer, DevOps; know their responsibilities and concentrate on the depth and breadth of the AWS Services. 
  10. Look into the Sample Questions, Blue Prints, Curriculum fully end to end again after you get the feel that you have prepared. Those would be a good refresher.

These are my views and opinions after I took the test. Again these purely my personal opinions.

All the very best ...