It’s no secret that migrating to the cloud has its advantages, from increased uptime to scalability and agility to name a few. But often forgotten are the operational changes that you have to make when embarking on this journey – and what impact these have on your business.
There is a saying in the Amazon Web Services (AWS) Cloud Adoption Framework Workshop; “Migrating to the cloud doesn’t change what you do, just how you do what you do”. As part three in this ongoing migration series which has already broken down the security, tooling and necessary compliance as well as the different strategies available when migrating to the cloud, here we focus on this one question: How can you ensure that, operationally, you are ready for your cloud journey?
Jaco Venter, head of the cloud management team at BBD, an international software development company and managed cloud services provider, weighs in on the types of operational changes you will need to factor in when moving to an AWS cloud environment.
Consumption billing
First things first. How are you going to structure the necessary payments for your cloud environment? Drawing from BBD’s experience and looking at AWS billing, there are a couple of things to be aware of.
1 – Do I have a company credit card that can be linked?
Venter explains that for most companies, AWS billing is actioned using a linked credit card. This is important to look at because in the South African context for example, the Reserve Bank put a limit of R50,000.00 on credit card transactions in 2019. This means that if your bill is expected to be over this limit, you’ll need to look at an alternative such as invoice-based billing.
“As an option, AWS users can also opt to handle their consumption billing via an AWS partner such as BBD” offers Venter.
2 – Is my company able to handle variable billing?
There are two considerations here. Many organisations are used to buying hardware as a once-off and depreciating that hardware over time. The first consideration therefore is around the fact that AWS services are billed based on what you actually use (referred to as on-demand), so if you use less services one month your bill will drop as compared to another where you used more.
The second consideration is that any fluctuation in the exchange rate between AWS’ USD and the currency your business operates in could also result in your bill varying from one month to the next.
Venter explains that there are a couple of procurement options that you can leverage to make billing a little bit easier. “One example is AWS Reserved Instances (RIs), which allow you to pay for your server (EC2) or database (RDS) upfront for the next one to three years. Another example comes in the form of Savings Plans which are a similar procurement option to RIs, but focus solely on compute services.” This option brings the billing process closer to the more traditional procurement processes that your organisation may be used to. “Plus, what’s great is that for taking out an RI or a Savings Plan as an alternative, you can get up to a 70% discount on your compute or database spend when compared to the on-demand costs”.
Venter also points out that another key consideration is to look at how you can leverage the on-demand billing by implementing and scheduling your environment to scale down or even switch off when not in use. “Just be mindful that if you are planning on leveraging RIs or Savings Plans, the way you’re able to do such scheduling could change” he warns.
3 – What controls are we going to put in place to avoid bill shock?
This is quite an important one – one that could make your cloud journey look like the best thing you ever did, or result in you spending far more on the project than you anticipated. Why? Because nobody likes unexpectedly large bills ruining their budgeting.
The AWS platform has a vast array of services and can lead you to think: Let’s just try this service, it looks good. We’ll switch it off quickly so it shouldn’t cost us much. And it’s true, the AWS platform allows you to spin services up very quickly and then decommission them equally as fast. “Only problem is, if the process isn’t controlled correctly, you might see the value of your bill increasing a little bit more than what you expected.”
Consumption billing is very easy to manage… If you have the right processes and tools in place.
Venter explains that one of the first things BBD recommends putting in place is a budget – determine how much you are able to spend on your cloud project and use the AWS Budget function to warn you when you are projected to reach or surpass your budget. This will allow you to avoid bill shock and ensure you are always aware of expected spend.
Further to that, he adds that one of the models to implement from the get-go is the least privileged access. “Not only is this important from a security perspective, but it is a good way to make sure teams only have access to the resources and services that they should have access to, and that can only action what you have deemed necessary for them to be able to action.”
Shared responsibility
After sorting out what is needed from a payment, procurement and billing perspective, an important operational process to tackle is ensuring that your environments will run optimally so that you can effectively manage them in the long run while making sure you are not at risk from a security point of view.
To understand which processes are involved for this, it’s beneficial to understand what the Shared Responsibility Model looks like. Venter explains that the Model details what AWS is responsible for, and in turn, what you are responsible for. Interestingly most breaches that occurred within public clouds did not lack the necessary security technology. Instead, there was a lack of understanding about the roles and responsibilities of each party.
In a nutshell, AWS is responsible for the overall security of the cloud while you would be responsible for everything you put into the cloud.
Managing your environment
As mentioned earlier, leveraging the cloud doesn’t change what you do, it’s just how you do what you do that will change. Things like patching, backups and even monitoring, standard fare for onsite environments, will now just have to be done on the cloud.
“AWS has a couple of tools that you can leverage to make this just a little bit easier.” Two such tools that add a lot of value and take the operational overhead away from you are:
1 – AWS Systems Manager
Systems Manager allows you to, amongst other things, tackle the patching and backups of your environment. It provides a unified user interface so that you can track and resolve operational issues across your applications and resources from a central place. With Systems Manager in play you can automate operational tasks for both server and database instances.
Overall, Systems Manager simplifies resource and application management, shortens the time to detect and resolve operational problems, and makes it easier to operate and manage your infrastructure at scale, explains Venter.
2 – AWS CloudWatch
CloudWatch helps you ensure you know exactly what’s going on with each of the resources running in your AWS environment. It provides you with data and actionable insights to monitor your applications, respond to system-wide performance changes, optimise resource utilisation, and get a unified view of your operational cloud health across AWS resources, applications, and services running both on the cloud and on-premises servers (as applicable for hybrid setups).
“This is a useful addition because you can use CloudWatch to detect anomalous behaviour in your environments, set alarms, visualise logs and metrics side-by-side, take automated actions, troubleshoot issues, and discover insights to keep your applications running smoothly. This saves you not only the occasional headache, but also the time and energy you would have spent on these tasks” remarks Venter.
Optimising your environment
On-going optimisation is key to a successful cloud project, and assists in understanding what operational effort may be affected as your business grows and changes. “Not only that, but AWS releases new services and features on a regular basis. When you consider these in relation to insights on how your users leverage your systems, you may find yourself in a position where in order to leverage your cloud environment as optimally as possible, you’ll need to fully review your environment, and then make adjustments to accommodate any necessary changes.”
There are three things BBD recommends keeping an eye on:
1 – Compute utilisation
AWS has a tremendous array of options when it comes to EC2 including variances in RAM, CPU, storage and networking. Venter explains that this is why it’s important to review what you are using periodically and then take advantage of any opportunity to better performance and/ or save costs by making necessary changes.
2 – Savings Plans / Reserved Instances
“When engaged as a managed cloud services provider,” says Venter, “BBD always keeps as eye on Savings Plans and RIs because they are tools which can easily be leveraged to drive operational costs down in the long run after a new environment has settled down”.
To take advantage of this though, you will need to understand which will give you the better discounts based on the specifics of your environment. Partnering with a managed service provider can help you make a call in this regard.
3 – Unused services
Unused services are an easy way to unnecessarily spend money. There are a couple of options that AWS offers that can help you avoid this (and the resultant bill shock!):
- Elastic IPs: AWS does not charge for IPs while they are allocated to a resource, but if the resource gets decommissioned, then your IP should be as well, otherwise you’ll be paying for something you aren’t using
- EBS volume rightsizing: think of these as hard drives for your servers. When you create your volume you also have to select how much storage you would like to allocate. And while you might be tempted to select a size that you think you might need to allow for future growth, this is an opportunity to save some money by only deploying for what you need now and not provisioning for what you might need in a couple of years. Just keep an eye on it so you don’t run out of space
Venter and BBD are firm believers that a migration plan should always be evolving. The trick to making it a true success is to make sure your operations are evolving right along with it. With a team in place who keeps up to date on the new services and features launched for use in the cloud, you’re able to implement changes that could help you increase your security posture or even optimise cost and performance.
If you’re looking for a team that deeply understand the ins and outs of how to align your operations to your migration strategy while partnering with you to leverage the cloud for your business, learn more about BBD and reach out here.