Tag: cloud

Amazon EC2 推出 T3 系列機器了...

Amazon EC2 推出新的 family type,T3 系列了:「Introducing Amazon EC2 T3 Instances」。

官方宣稱比 T2 系列的機器快 30%:

T3 instances also feature the latest 2.5 GHz Intel Xeon Scalable processors which combined with the AWS Nitro System result in up to a 30% better price to performance improvement over T2 instances.

另外 T3 低階系列的機器 (t3.nanot3.microt3.small) 都是 2 vCPU 了,而且「CPU credits earned per hour」是原來的兩倍,但 t3.mediumt3.large 就跟原來一樣了,而再更大台的 t3.xlarget3.2xlarge 又比較大了... (參考「CPU Credits and Baseline Performance」)

另外是價錢上的差異,T3 的單價反而比 T2 低了一些:以 us-east-1 來看,t3.nano 是 USD$0.0052/hr,而 t2.nano 則是 USD$0.0058/hr,大約是 10% 的差距。

Reserved Instance 也是類似的情況,t3.nano 是 USD$27/y 與 USD$51/3y,t2.nano 則是 USD$29/y 與 USD$57/3y。

這次發佈把台灣團隊常用的區域都納入了,包括了北美的 us-east-1 (北維吉尼亞)、us-west-2 (奧勒崗) 與亞洲的 ap-northeast-1 (東京)、ap-southeast-1 (新加坡):

Amazon EC2 T3 Instances are available immediately in the US East (N. Virginia), US East (Ohio), US West (N. California), US West (Oregon), Canada (Central), Asia Pacific (Singapore), Asia Pacific (Sydney), Asia Pacific (Tokyo), Europe (Frankfurt), Europe (Ireland), Europe (London), and South America (Sao Paulo) AWS Regions.

現有的機器都可以考慮換過去了... 這也是買三年 RI 最好的時機了 XD

GCP 推出 Cloud HSM (beta)

這算是 Google Cloud Platform 在補產品線,讓那些有強制使用 HSM 的需求的應用 (通常是遇到一定要 FIPS 140-2 的規範) 可以搬上雲端:「Introducing Cloud HSM beta for hardware crypto key security」。

從圖片上可以看到 LiquidSecurity,應該是「LiquidSecurity® General Purpose HSM Adapters and Appliances」這個產品:

如同 AWSCloudHSM 服務,GCP 的 Cloud HSM 也是提供 FIPS 140-2 Level 3:

Cloud HSM allows you to host encryption keys and perform cryptographic operations in FIPS 140-2 Level 3 certified HSMs (shown below).

演算法上,支援 AESRSAECC (NIST 的 P-256 與 P-384):

In addition to symmetric key encryption using AES-256 keys, you can now create various types of asymmetric keys for decryption or signing operations, which means that you can now store your keys used for PKI or code signing in a Google Cloud managed keystore. Specifically, RSA 2048, RSA 3072, RSA 4096, EC P256, and EC P384 keys will be available for signing operations, while RSA 2048, RSA 3072, and RSA 4096 keys will also have the ability to decrypt blocks of data.

目前只支援 us-east1us-west1,另外價錢也比軟體服務版本的 Cloud KMS 貴不少:

Billable item For keys with protection level SOFTWARE For keys with protection level HSM
Active AES-256 and RSA 2048 key versions $0.06 per month $1.00 per month
Active RSA 3072, RSA 4096 or Elliptic Curve key versions $0.06 per month $2.50 per month for the first 2,000
$1.00 per month thereafter
Destroyed key versions Free Free
Key operations: Cryptographic $0.03 per 10,000 operations $0.03 per 10,000 operations for AES-256 and RSA 2048 keys
$0.15 per 10,000 operations for RSA 3072, RSA 4096, and Elliptic Curve keys
Key operations: Admin Free Free

不過一般情況應該不會得用 CloudHSM,先有個印象就好...

Aurora Serverless MySQL 進入 GA

AWS 宣佈能 auto-scale 的 Aurora Serverless MySQL 進入 GA:「Aurora Serverless MySQL Generally Available」:

不過目前開放的區域有限:

Aurora Serverless for Aurora MySQL is available now in US East (N. Virginia), US East (Ohio), US West (Oregon), Europe (Ireland).

以秒計費,但低消是 5 分鐘:

You pay a flat rate per second of ACU usage, with a minimum of 5 minutes of usage each time the database is activated.

us-east-1 的價錢來看,每個 ACU 是 USD$0.06/hour,而每個 ACU 大約是 standard instance 的價錢:

1 ACU has approximately 2 GB of memory with corresponding CPU and networking, similar to what is used in Aurora Standard instances.

但這沒看懂,是 db.t2.small 還是 db.t2.medium?另外比較是全速還是 small 的 20% 或 medium 的 40%?這部份也許還要再問看看才知道...

storage 與 I/O 的費用則是相同,倒是不用比較這塊... 再來不知道有沒有推出 Reserved ACU 的計畫,光是一年付清就差蠻多的。

要不要換過去其實還是要看看使用的量,以及可以接受的成本來決定...

Amazon DynamoDB 的 Global Tables 推到東京了...

DynamoDBGlobal Tables 可以把 DynamoDB 複製到其他區域,讓各地存取自己的資料:

剛剛看到 AWS 宣佈這個功能展到 ap-northeast-1 (東京) 了:「Amazon DynamoDB Global Tables Now Available in Three Additional Asia Pacific Regions」。

Global tables is now available in the Asia Pacific (Tokyo), Asia Pacific (Seoul), and Asia Pacific (Sydney) Regions.

這樣測起來就更接近實際的情況了...

Amazon MQ 在 ap-northeast-{1,2} 推出了...

Amazon MQap-northeast-{1,2} 推出了,先前自己架的,現在可以直接拿現成的服務了:「Amazon MQ is Now Available in the Asia Pacific (Seoul) and Asia Pacific (Tokyo) regions」。

不過 AWS 上的開發主要還是以 SQS 之類的服務為主,可以避免 scalability 的問題 (另外一種可能是一開始就打定要搬出來,所以選擇 open protocol 的方案)。在這樣的前提下,Amazon MQ 的定位就變成將現有軟體丟上去跑... (而不想自己管 XD)

EC2 推出了 R5、R5d、z1d 三種機器...

上個禮拜 Amazon EC2 就放話預定要推出 r5r5dz1d 三種機器,但當時沒公佈價錢,只公佈了規格,這樣就沒辦法比較成本。尤其 R 系列的機器主要就是看記憶體的單位成本...

今天總算是正式推出公開價錢了:「Now Available: R5, R5d, and z1d Instances」。

r{4,5}.large 比較,都是 2 vCPU,但 r5 的 ECU 快了一些,記憶體多了一些,價錢少了一些:

vCPU ECU Memory (GiB) Instance Storage (GB) Linux/UNIX Usage
r5.large 2 8 16 GiB EBS Only $0.126 per Hour
r4.large 2 7 15.25 GiB EBS Only $0.133 per Hour

完全是個「麵多一點、湯多一點,但錢少一點」的概念 XD

另外這次推出的 z1d 系列主打高時脈:

The high frequency z1d instances use custom Intel® Xeon® Scalable Processors running at up to 4.0 GHz, powered by sustained all-core Turbo Boost, perfect for Electronic Design Automation (EDA), financial simulation, relational database, and gaming workloads that can benefit from extremely high per-core performance.

vCPU ECU Memory (GiB) Instance Storage (GB) Linux/UNIX Usage
z1d.large 2 11 16 GiB 1 x 75 NVMe SSD $0.186 per Hour

對於沒有辦法利用平行化加速的工作會有幫助,不過在目前 EC2 的價位表上面大概是因為比 r4 的記憶體還多,所以放在「Memory Optimized - Current Generation」而不是 Compute Optimized,不知道實際上用的時候會偏向哪塊...

CloudFront 在東京又擴點了...

Twitter 上看到 CloudFront 又擴點的消息了:

點進去一看發現亞洲的點又是擴東京:

And in Asia, one Edge location is being added in Tokyo, Japan, our ninth in the city.

同樣是日本,不考慮擴一下大阪的點嗎... 或是加開名古屋的點?(蠻多海纜從志摩跟豐橋拉上去的)

AWS 提供自帶 IP 到 AWS 上的服務了...

AWS 宣佈提供自帶 IP 到 AWS 上的服務了:「Announcing Bring Your Own IP for Amazon Virtual Private Cloud (Preview)」。

目前只在 us-west-2 有,另外需要申請:

Bring Your Own IP is available for preview in the US West (Oregon) region. You can request access to this feature by completing this request form.

不知道是不是直接放 routing 出來?如果是的話,照慣例 IPv4 應該是至少要 /24?從申請表格上看起來像是這樣沒錯:

IPv4 Prefix you want to onboard. You need a minimum of /24 ARIN registered prefix. The Net Type should either be Allocated or Assigned:

Amazon S3 提供更高的存取量...

AWS 宣佈提高了 Amazon S3 的效能:「Amazon S3 Announces Increased Request Rate Performance」。

每個 S3 prefix 都可以到 5500 RPS read 與 3500 RPS write:

Amazon S3 now provides increased performance to support up to 3,500 requests per second to add data and 5,500 requests per second to retrieve data, which can save significant processing time for no additional charge. Each S3 prefix can support these request rates, making it simple to increase performance exponentially.

舊的資料可以看「Request Rate and Performance Considerations」這邊,裡面沒有明講速度,但有提到如果超過 800 RPS read 與 300 RPS write 的門檻,建議開 case:

However, if you expect a rapid increase in the request rate for a bucket to more than 300 PUT/LIST/DELETE requests per second or more than 800 GET requests per second, we recommend that you open a support case to prepare for the workload and avoid any temporary limits on your request rate.

不過如果有量的話,還是建議照著原來的 prefix 建議,打散處理會比較好,通常在前面的 CDN 通常可以跑簡單的 url rewrite 處理掉 (像是 CloudFront 自家或是 Cloudflare),像是把使用 unix timestamp (ms) 的 https://www.example.com/1531843366123.jpg 變成 https://www.example.com/6123/1531843366123.jpg,這樣可以讓 Amazon S3 的後端依照 prefix 打散 loading,避免當站愈來愈大的時候很難處理。

Amazon Translate 支援繁體中文!

Twitter 上看到 Jeff Barr 提到 Amazon Translate 支援繁體中文與日文的消息:

console 上也可以測試:

翻了一下價錢:

Amazon Translate is priced at $15 per million characters ($0.000015 per character).

定價與其他服務相比算是中間... 隔壁微軟Translator Text API 的 PAY AS YOU GO 方案是 $10 (Per million characters),如果有量的話會降更多。而 GoogleCloud Translate 則是 $20 per 1,000,000 characters。