How we architect, build, and manage world class AWS infrastructure.
You’ve likely heard the Serverless buzzword. Powerful but loaded. Are there really no servers? You may have heard of Fargate: AWS’s new container management product. With Fargate AWS manages your underlying container hosts & cluster for you… just drop...
Last weekend, we had the pleasure of participating in the Indiana AT&T IoT Civic Hackathon. This year’s theme was based on First Responders, and the combination of 4G LTE and FirstNet formed the backdrop for the hackathon. FirstNet (the...
Trek10 uses the best tools and AWS services to design, build, and support cutting-edge solutions for our clients. With multiple deployments under our belt, our team is one of the foremost experts on building serverless apps and enabling enterprises to...
Update 3/23/2018 The AWS CodePipeline team has updated their documentation to indicate that it is, in fact, possible to use IAM resource-level permissions on approvals. I’ve updated the post below to explain how this works, and the remaining gotchas.
...
We’re big users of Datadog at Trek10, and particularly Datadog’s AWS integration. It’s an incredibly powerful service and an integral part of our 24/7 CloudOps offering. And like any responsible power user, we’re always on the lookout for...
This is an update to a post we did in late 2016… the basics are still relevant but AWS has added a lot of other tools to the toolbox, which we’ve tried to enumerate. Enjoy!
Serverless on AWS represents a...
With all the security breaches that occurred on AWS in 2017, be they caused by poorly managed Amazon S3 permissions to inadequate security group configurations, we have seen that no company or government agency is above making simple mistakes. This...
So you’ve built your first Serverless app (if you haven’t, start here) and are ready to go into production. Given a lot of the rhetoric about Serverless these days (or for our purposes, more clearly… cloud-native apps built with...
Given the many S3 breaches over the past year and some inaccurate information I have seen across various news outlets about the default security of S3, I thought it would be beneficial to demystify some of the complexities of S3...
Dead letter configs are a pretty slick part of the AWS Serverless ecosystem. The basic idea is this: There are some events which trigger Lambda functions synchronously (such as API Gateway) and others which trigger Lambda asynchronously (such as...
My single largest complaint with the entire AWS Serverless ecosystem was that running a multi-region API Gateway was impossible to do. Well, impossible without servers. You could do it if you were willing to run a few nginx reverse proxies...
At Trek10, one of the great things about running our 24/7 CloudOps support service is that we often have to solve problems on AWS for ourselves and then use our learning to implement the same solution for our customers. In...
In order to meet compliance or just general best practices, it is well worth your time to leverage encrypted root volumes on your EC2 instances. This protects your data from someone grabbing the hard disk in the data center or...
Josh von Schaumburg, Customer Solutions Lead and Senior Solutions Architect at Trek10, recently spent some time with the team at LinkedIn Learning recording a new course, Amazon Web Services: Disaster Recovery.
In his role with Trek10, Josh works...
AWS Lambda makes it easy for developers to write and deploy code at almost limitless scale. What has been hard is debugging that code. Live debugging has been a pipe dream, and offline tools work most of the time but...
September 13, 2017 — Trek10, Inc, Indiana’s fastest growing AWS cloud services partner, has announced the selection of Shane M. Fimbel, Ph.D., as its Chief Executive Officer. With a predominantly national client base, Fimbel will lead Trek10’s efforts to further...
Update: Since writing this post, AWS has updated their policy to align with our enhancements and also mitigate a vulnerability. Use the JSON from the AWS docs for your ForceMFA policy. In the updated policy, AWS has also moved...
We founded Trek10 three and a half years ago with a mission to transform our clients’ IT infrastructure by leveraging the very best and latest in cloud technologies. Since then, we’ve been racing at full speed to build a company...
TechPoint, the growth accelerator for Indiana’s tech ecosystem, is recognizing Indiana’s tech builders with the announcement of the third annual Tech 25 Class of 2017.
In 2015, TechPoint launched the Tech 25 Awards, a prestigious selection of twenty-five individuals...
In case you’ve missed it, AWSume is a cross-platform AWS command-line tool that makes working with the AWS CLI under different profiles or roles super easy.
At Trek10, we always try to consider the need for automation and repeatability with everything that we do. That’s why we focus on using tools like CloudFormation, Serverless, and CI, as well as building other tools. Recently, I was tasked...
June 7, 2017 — Trek10, Inc, an AWS Partner Network (APN) Advanced Consulting Partner with the DevOps and IOT Competencies, today announced support for AWS Greengrass. AWS Greengrass is a new service from Amazon Web Services (AWS) that seamlessly extends...
Way back in March of 2011, AWS announced the release of Dedicated Instances, which allows organizations to launch EC2 instances on dedicated infrastructure. Typically, when an EC2 instance is launched in a VPC, the virtualized infrastructure is built from...
One question we often face at Trek10 as we design Serverless AWS architectures is, what is the most cost-effective and efficient AWS platform service for a new system to use for ingesting data? Of course you could always just spin...
DynamoDB just launched Auto Scaling natively. See here.
We have several projects that use DynamoDB heavily. And, while DynamoDB works great, you can hit throttle limits if you are trying to tightly match your provisioned capacity to your actual...
Today we were looking for a quick way to replace scheduled jobs in Jenkins with GitLab CI. Unfortunately GitLab CI does not support scheduled runs.
Being the lambda lovers we are, we figured a quick scheduled lambda function could fix...
In a quickly changing technology landscape of immutable Docker deployments and Lambda-based Serverless architectures, IPsec VPN tunnels are far from sexy… but they certainly are critical.
At Trek10, we use the IPsec VPN functionality of
Its more formal and slightly less catchy name is Cloudwatch Events with a Scheduled Event Source and a Lambda Target… but we think “Lambda Cron” just rolls off the tongue a bit better.
Cloudwatch Events is a service that lets...
As you know, Lambda functions run in a contained environment. But, what you may not know is that this environment is also often reused for subsequent invocations.
To demonstrate this, we created a Node.js Lambda function with the following code...
It’s no secret that we love AWS Lambda for building serverless applications. Development costs can be dramatically reduced. Because you pay per invocation, operating costs (in most cases) will be less than running your application even on inexpensive...
GraphQL, currently one of the biggest squares on the buzzword bingo card, is gaining a lot of steam recently and serverless sits right next to it. Recently, I have had the joy (and sorrow) of working with both...
You may have seen the announcement recently about what we at Trek10 consider to be the biggest update to CloudFormation since CloudFormation itself. AWS CloudFormation Update – YAML, Cross-Stack References, Simplified Substitution.
YAML is more...
Serverless on AWS represents a new way to architect highly performant, highly resilient, and very low-maintenance cloud-native systems. In this occasional series, we’re going to review some interesting design patterns for Serverless systems on AWS. Hopefully this will give you...
There are many compelling reasons to consider a Serverless / Lambda-based architecture for your next project: scalability, fault-tolerance, low maintenance cost, high flexibility. But one of the most often-cited is cost.
A typical AWS serverless stack has several cost...
If you live anywhere near a park, you may have suddenly started to see people standing around like this in the past few weeks.
It isn’t as much of...
When you hear “Serverless” I know what you’re thinking… oh boy, another buzzword! I get it. And it’s a pretty confusing one, on two levels:
Good news Windows users! You can now use this AWSume script on Windows. I assume I am not the only one that uses Windows for AWS work? … Right?!?
The Serverless Framework is fantastic at managing AWS API Gateway, AWS Lambda, and helping wire up all the events and streams. It makes creating and managing complex infrastructures less painful and more straightforward. At Trek10, we have seen the...
WE HAVE OPEN SOURCED AN IMPLEMENTATION: CHECK IT OUT
So you’re building your serverless app on AWS for unlimited scalability and true pay-per-use. Your web server is Amazon API Gateway - unlimited scale with zero scaling effort....
We have several clients at Trek10 using the Amazon ECR (EC2 Container Registry) as their Docker registry for storing and shipping images to ECS and other systems.
Some of our clients have run into the 500 image limit on ECR...
Update: Good news Windows users! You can now use this AWSume script on Windows too.
Here at Trek10, we work with many clients, and thus work with multiple AWS accounts on a regular (daily) basis. We needed a...
As a follow up to our post HTTPS Everywhere, today we’ll discuss some history behind the SSL certificate and why they seem to cost so much money. We will also dive into the current landscape of SSL certificates...
AWS Lambda now allows scheduling a one minute intervals. See here.
Currently, CloudWatch Event rules can be scheduled at minimum intervals of 5 minutes. At Trek10, we saw the need for a smaller interval, namely 1 minute. This need...
Often with new technology some of the primary benefits are realized when you reevaluate how you approach a problem. AWS Lambda and event driven computing is no exception.
I’m going to walk you through one of the more exciting types...
Like any good engineering-driven culture, at Trek10 we constantly evaluate new technologies, tinkering with them to figure out how they might fit into our workflows and processes. Want to know what the coolest new framework we have been playing with...
In our Part 1 post, we provided an overview of one of AWS’s most powerful and flexible security features -- roles. It can take some time and experience to fully wrap one’s mind around the varying capabilities...
New technology appears and old job functions become obsolete. The practitioners move on to retrain on higher-value tasks and in the end the whole system is more productive. It happened when cars replaced blacksmiths, when the computer replaced armies...
Customers often ask us, “What is the best way we can improve our overall security?” At Trek10, we have developed a security audit framework for reviewing customer environments and providing our expertise on where an AWS account may deviate...
AWS’s recent outage to DynamoDB and related services in the US East region is a good reminder of some fundamentals of designing for availability on AWS.
AWS’s recent outage to DynamoDB and related services in the US East region...
October 21, 2015 — Trek10, a cloud enablement company that specializes in Amazon Web Services (AWS), today announced a partnership with Docker, the company behind the Docker open source platform and chief sponsor of the Docker ecosystem. Trek10...
Admission to the Advanced Tier of AWS Partners and a new Partnership with Docker highlight Trek10’s ascendance in the cloud.
Docker provides a consistent and repeatable way to manage your application life-cycle, and ECS is AWS’s platform for running Docker containers at scale. You cannot deny that Docker+ECS is a compelling solution to many of the promises of DevOps...
The bytes that make up the page you are reading right now were delivered by a set of servers close to you. They were not generated by a server running WordPress or Joomla. In fact, the entire Trek10 website has...
In our last post, we reviewed why strong passwords and using LastPass is a good idea, especially for MSPs, like Trek10, who need to be sure that customer data are stored securely using best practices.
Given this summer’s security breach on LastPass, we thought it would be a good idea to discuss password protection and general password storage best practices. AWS and cloud architecture have driven the success of numerous valuable services, which often require...
July 23, 2015 - Innovation Park at Notre Dame today announced an Acceleration Award ceremony beginning at 4:00pm Thursday, July 23, 2015 at Innovation Park. The event recognizes client company Trek10’s rapid commercial advancement and transition to Union Station Technology...
The safest, most consistent way to deploy an application. Why it matters and how Docker is a big step forward in working immutably.
At Trek10, we’re big believers in immutable infrastructure and immutable deploys. We think this is one of...
A customer of ours asked a few questions about TLS/SSL/HTTPS, and we thought our conversation would be a great time to kick off our Security blog.
First, let’s do a quick review of what we mean by Transport Layer Security...
Amazon EC2 has over 40 different instance types and keeping track of them all can feel a little daunting. To simplify it, pay attention to something called an “instance family”. This is the prefix before the period in the instance...
While we’re still in the early stage of Infrastructure-as-a-Service (IaaS) adoption among traditional IT departments and large enterprises, for developer-centric organizations, IaaS is already the default. Why is that, and why does it matter?
If your organization values great software...
AWS forced reboots are a good reminder for cloud adopters… if you did not architect for high availability, you may see some downtime on AWS periodically. If you took the simple steps below, you almost certainly saw no downtime.
Running...
How to deploy your software on Amazon Web Services? There are numerous options out there. Many people stick with traditional methods, but the flexibility of cloud services (particularly with the rich feature set of AWS, unmatched by rivals) open up...
This week, Trek10 was selected from over 2,000 global partners to present on the emergence of SMBs and Mid-Market Enterprises as major adopters of cloud computing services.
You don’t hear a lot about AWS Redshift in the marketplace, and frankly I think it is the most under-appreciated service on AWS. Simply put, Redshift is a revolution in data warehousing infrastructure. Column-oriented databases, which are a type of...
Last week was AWS Re:Invent in Las Vegas, their big annual event. Trek10 was lucky enough to have a contingent of three at the conference. Here are a few quick thoughts & notes
