FinOps - AWS Cost and Operational Efficiency - Pop-up Loft Tel Aviv

Doron RogovHead of Operations [email protected]

FinOps: Financial Operations

mailto:[email protected]

CloudZone, Matrix’s cloud unit, is a leading AWS solution provider. With over 7 years of experience over AWS, CloudZone provides its customers with a complete service package that includes consulting, professional services and managed services.

As an Premier Consulting Partner, Worldwide Channel Reseller and Managed Service Provider of Amazon Web Services, we ensure that our customers adopt the most advanced technologies and best practices.

BIG F^$&ING ###

Dedicated Tenancy:Dedicated Instances are Amazon EC2

instances that run in a VPC on hardware that's dedicated to a single customer

*$2 per hour (Per Region Fee)

Detailed Monitoring for EC2 Detailed Monitoring for EC2 instances with higher resolution and metric aggregation

*$3.50 per instance

CloudWatch Custom MetricsSubmit Custom Metrics generated by

operating systems or your own applications*$0.50 per metric

Case StudyPhase 1Highly Available PHP App (x100s) and MongoDB (x10s)

Case StudyPhase 2Highly Available PHP App and Fully Managed DynamoDB

Case StudyPhase 3Serverless App using Lambda, API Gateway and DynamoDB

Design for Cost Reduction

Finding and Eliminating Waste

Leveraging the Cloud to Reduce Costs

Implementing governance policies

and rules

FinOps is a 4 step continuous cost optimization service:

What is FinOps?





and rules


What is FinOps?


• Underutilized or unused resources (EC2, EBS, RDS, etc.)

• EBS Snapshots retenation

• Archiving Amazon S3 Data to Amazon Glacier

• Reserved Instance purchase (EC2, RDS, Redshift)





and rules


What is FinOps?


• Dev/test environments can be shut down at project termination.

• Shutdown specific services after business hours, during holidays.

• Disaster Recovery environments can remain inactive until you need them.

• Tag resources that can be turned off or deleted after a specified time period.

Parameters for Tagging

10 custom tags per resource.Max key length: 127 Unicode characters.Max value length: 255 Unicode characters.

➢ Non-ASCII characters return as Unicode escapes (example: \u65e5\u672c).

Prefix aws: is reserved.Few resources cannot be tagged; different resources require using different commands.

Tag’s Key Examples

Business Unit Cost Center Owner

Shutdown Time Environment Support Contact

Dept./GroupApplication/ProductEndpoint

Tagging CLI Commands

Resource view: use --filter argument to the relevant AWS CLI command:➢ Provides access to all values regarding resource.aws ec2 describe-instances --filter "Name=tag:Role,Values=DEV"

Use --query to get list of specific values, such as instance ID:aws ec2 describe-instances --filter "Name=tag:Role,Values=DEV" --query 'Reservations[*].Instances[*].InstanceId'





and rules


What is FinOps?

Design for Cost Reduction• “Right-size” & “Right-family” instances.

• Purchasing Reserved Instances (RI) for groups of long-running instances.

• Leverage spot instances to get the best price.

• Use AWS obstructed services to leverage a “Pay as you go” model to reduce cost(Lambda, DynamoDB, SQS, etc.).

• Design for server-less architecture.






and rules

What is FinOps?

Implementing governance policies and rules

• Track and manage changes like: launching new resources, tracking and terminating unused or underutilized assets, sudden cost spikes, security risks and adherence to business guidelines.

• Automate workflow for policy actions like: stop or terminate instances, delete volumes, etc.

• Automate the process of purchasing and modifying reserved instances across one of more accounts.

• Avoid costly surprises in your cloud. Proactively manage your cloud with policy notifications and “Pulse” subscriptions for timely cost, usage, performance, and budget considerations.

AWS Config AWS CloudTrail

Top 5-ish tools (That you can start using right now!)

Trusted Adviser

CloudWatch

Cost Explorer

CLI Budgets

Cost Allocation

Price List API

Identity Access Management

Netflix Ice

Ice communicates with AWS Programmatic Billing Access and maintains knowledge of the following key AWS entity categories:

• Accounts • Regions • Services (e.g. EC2, S3, EBS) • Usage types (e.g. EC2 - m3.xlarge) • Cost and Usage Categories (On-Demand,

Reserved, etc.)

https://github.com/Netflix/ice

EverythingMe ncdu-s3

NCDU stands for NCurse Disk Usage which is Linux program that displays Disk usage statistics in a Ncurse menu, which makes things easier where you don’t know exactly where to start – Giving you a good overview and letting you know where is the bottom of disk space issues. No imagine these abilities over S3 buckets!

https://github.com/EverythingMe/

• Power Scale - Take control of your AWS Auto Scaling.

• Power Cycle - No more wasted AWS EC2 usage.

• Alerts - Put an end to AWS billing surprises • Teams - Sophisticated permissions for

multiple users • Integration with Slack and HipChat

www.gorillastack.com

https://github.com/GorillaStack/auto-tag

This is an open-source tagging solution for AWS. Deploy auto tag to lambda and set up CloudTrail and have each of your resources tagged with the resource who created it. It was written by GorillaStack.

Lambda Auto-Tag by

www.cloudhealthtech.com

With the CloudHealth’s platform, customers can control their data through knowledge. CloudHealth can quantify, understand, optimize and automate its cloud resources, giving customers visibility across their entire cloud ecosystem to effectively optimize resources and define governance policies for ongoing management. CloudHealth allows customers to scale their cloud without scaling their IT workforce.

Doron RogovHead of Operations [email protected]

Thank you!

BTW - We’re hiring! (DevOps | Cloud Engineers | Jugglers)

mailto:[email protected]?subject=

Technology

FinOps - AWS Cost and Operational Efficiency - Pop-up Loft Tel Aviv