AWS 的 us-east-1 開放第六個 AZ

AWSus-east-1 上次加第五個 AZ 不知道是什麼時候了,找資料找不太到... 這次宣佈加第六個 AZ 進去了:「Sixth AZ in US East (N. Virginia) Region」。

依照 AWS 之前有提出來的架構,所有 AZ 之間都是有互向連接的... 所以 us-east-1 加 AZ 都會比其他區域辛苦不少...

Lambda@Edge 的 GA

AWSLambda@Edge 宣佈 GA 了:「Lambda@Edge – Intelligent Processing of HTTP Requests at the Edge」。

最直接的應用就是在 CloudFront 的 edge 上執行一小段 code,修改 HTTP request 或是 HTTP response 了,不過可以看到一些限制:

不過要用來解哪些問題要再想一下...

AWS CloudWatch 推出秒級的記錄功能

AWS CloudWatch 推出了秒級的記錄功能:「New – High-Resolution Custom Metrics and Alarms for Amazon CloudWatch」。

從一分鐘變成一秒鐘讓之後的調整以及 debug 好用很多... 不過這次支援秒級的是 custom metrics,原先 AWS 自家服務的支援不在這次範圍:

Today we are adding support for high-resolution custom metrics, with plans to add support for AWS services over time. Your applications can now publish metrics to CloudWatch with 1-second resolution.

另外 alarm 的時間可以降到十秒:

You can watch the metrics scroll across your screen seconds after they are published and you can set up high-resolution CloudWatch Alarms that evaluate as frequently as every 10 seconds.

對於市場上一堆服務的衝擊應該不小 XD

Amazon Route 53 將會加緊支援 DNS CAA

看到 Amazon Route 53 要支援 DNS CAA 的消息:「Announcement: Announcement: CAA Record Support Coming Soon」。

裡面有提到 CA/Browser Forum 的決議,要求各瀏覽器支援 DNS CAA:

On March 8, 2017, the Certification Authority and Browser Forum (CA/Browser Forum) mandated that by September 8, 2017, CA’s are expected to check for the presence of a CAA DNS record and, if present, refuse issuance of certificates unless they find themselves on the whitelist <https://cabforum.org/2017/03/08/ballot-187-make-caa-checking-mandatory/>.

DNS CAA 可以設定哪些 SSL certificate 可以發出你的證書,除了自己以外,也可以讓第三者比較容易確認是否有誤發的行為:

We have seen a lot of interest in Amazon Route 53 support for Certification Authority Authorization (CAA) records, which let you control which certificate authorities (CA) can issue certificates for your domain name.

Amazon EC2 推出新的 GPU 系列機器

這次 Amazon EC2 推出了 G3 instance:「New – Next-Generation GPU-Powered EC2 Instances (G3)」。

這次開放的只有這幾區,亞洲目前還沒有在內:

You can launch these instances today in the US East (Ohio), US East (Northern Virginia), US West (Oregon), US West (Northern California), AWS GovCloud (US), and EU (Ireland) Regions as On-Demand, Reserved Instances, Spot Instances, and Dedicated Hosts, with more Regions coming soon.

這次使用的 GPU 是 Nvidia 的 Tesla M60:

Today we are taking a step forward and launching the G3 instance type. Powered by NVIDIA Tesla M60 GPUs, these instances are available in three sizes (all VPC-only and EBS-only)[.]

G3 (M60) 應該會比 G2 (K520) 快,但未必會比 P2 (K80) 快,尤其是 double precision 的部份,可以參考「Nvidia Tesla」這邊的數據。所以還是得看應用程式才能決定要用 G3 還是 P2...

AWS 的 Patch Manager 支援 Linux

在「Amazon EC2 Systems Manager Patch Manager now supports Linux」這邊 AWS 宣佈了 Patch Manager 支援 Linux 的消息。

目前支援的包括了:

  • Amazon Linux 2014.03 and later (2015.03 and later for 64-bit)
  • Ubuntu Server 16.04 LTS, 14.04 LTS, and 12.04 LTS
  • RHEL 6.5 and later (7.x and later for 64-Bit)

連已經超過 LTS 支援期的 Ubuntu 12.04 都支援了... 不過 CentOS 看起來沒順便支援?

可以設計一些規定 (與組織內規範相關的,像是 approval process) 讓 Patch Manager 決定要怎麼佈:

可以用這個直接處理安全性更新...

小台機器上的 innodb_purge_threads 對效能的影響

雖然「MyISAM, small servers and sysbench at low concurrency」這篇標題是在講 MySQL 上的 MyISAM,但還是有提到一些 InnoDB 的東西...

其中提到了 innodb_purge_threads 對效能的影響:

the default value for innodb_purge_threads, which is 4, can cause too much mutex contention and a loss in QPS on small servers. For sysbench update-only I lose 25% of updates/second with 5.7.17 and 15% with 8.0.1 when going from innodb_purge_threads=1 to =4.

當機器不大的時候,innodb_purge_threads 對於效能帶來的影響其實頗大的?

另外從作者最近的一系列測試看起來,5.7 在小機器的效能比 5.6 差不少... 這點在考慮 RDS 的時候也許要注意 (因為 t2.* 應該不算大 XD)。

AWS 東京區支援 Amazon Athena 了

很簡單但也很直接的消息公佈,AWS 宣佈在東京區與新加坡區支援 Amazon Athena 了:「Amazon Athena is now available in Asia Pacific (Singapore) and Asia Pacific (Tokyo)」。

這樣就不需要在美國跑完丟回日本了...