Aptible Update Webinar - January 2018

Transcript

1. Aptible Update Webinar January 2018

2. 1. Meltdown & Spectre Panel Discussion 2. Enclave Metric Drains

   3. What else is new on Enclave? Agenda

3. Meltdown & Spectre Panel Discussion

4. Panel Discussion Meltdown & Spectre • Why Enclave is designed

   to protect you against this class of vulnerabilities • How we responded to this particular release
5. None
6. None
7. None
8. None
9. None
10. None

11. Remediation: Timeline Date Actions January 3, 2018 Early notification on

    our status page about upcoming maintenance January 4, 2018 Shared-Tenancy • Patched all app and database instances Dedicated-Tenancy: • Patched all app instances • Scheduled maintenance windows for database instances, notified customers January 9, 2018 All patching complete

12. • Identify abstract threats ◦ Where are you vulnerable? ◦

    Architecturally, what can you do to mitigate? • Respond to concrete vulnerabilities ◦ Prepare an incident response program ahead of time ◦ Execute on it • Assess and improve your security posture on an ongoing basis ◦ Enclave wasn’t built like this from day 1: re-architect as you identify new threats ◦ Continuously refine your incident response strategies and methods Meltdown & Spectre: Key Takeaways

13. Metric Drains (Container Performance Monitoring) Feature Focus

14. Metric Drains: Overview • Container Metrics captured every 30 seconds

    • Routed every 15 seconds to the destination of your choice ◦ InfluxDB (self-hosted on Enclave) ◦ InfluxDB (anywhere, e.g. hosted InfluxData) ◦ Datadog ◦ More third-party providers to come… feedback welcome!

15. Metric Drains: What is captured? • Metrics: ◦ Running status

    ◦ CPU Usage ◦ Memory Usage (RSS / Total) & Limit ◦ Disk I/O ◦ Disk Usage & Limit (DB Only) • Each destination has its own metric format, review the documentation: ◦ go.aptible.com/metrics-influxdb ◦ go.aptible.com/metrics-datadog • Documentation also covers what these metrics mean

16. Metric Drains Use Cases Empowering you to do more with

    your metrics

17. Retention Retain metrics for as long as you’d like across

    as many releases as you’d like

18. Alerting Respond to performance issues before they become user-facing problems

19. Correlation Incorporate in Dashboards, Correlate with APM

20. Metric Drains Tips

21. InfluxDB Support Ideal for time series data Integrates with Metric

    Drains

22. Metric Drains: Tips • InfluxDB is now a supported Database

    on Enclave ◦ InfluxDB is a great choice to use as a Metric Drain ◦ It’s what we use ourselves for Dashboard metrics • InfluxDB pairs very well with Grafana ◦ Grafana provides visualization & alerting ◦ Grafana is trivial to deploy on Enclave with Direct Docker Image Deploy ◦ go.aptible.com/grafana

23. What’s new on Enclave? Feature Review

24. Feature Review • Managed HIDS: Now generally available • VPC

    Peers & VPN Tunnels in Dashboard • Smarter CLI ◦ JSON Output ◦ Versions for aptible db:create • Smarter Databases ◦ MongoDB Replica Set Re-configuration on backup:restore ◦ Databases Auto Optimization • InfluxDB support

25. Managed HIDS (Host Intrusion Detection System) Now Generally Available!

26. Managed HIDS Audit-ready weekly PDF + CSV reports Satisfy compliance

    requirements for intrusion detection

27. Managed HIDS • Fully managed: enable it, we take care

    of everything else • All major compliance frameworks give credit for HIDS • Free for shared tenancy stacks. $0.02 / GB / hour for dedicated tenancy stacks. Try it out! Download reports through the Dashboard

28. VPC Peers & VPN Tunnels in Dashboard

29. VPC Peers Connect to any AWS VPC No maintenance 100%

    Free

30. VPN Tunnels Connect to any VPN network Requires a VPN

    Gateway $99 / VPN connection

31. VPC Peers & VPN Tunnels: Setup • Setup is through

    support: contact.aptible.com • Once setup, connection details are visible in the Dashboard

32. Smarter CLI

33. JSON Output Enhanced Scriptability More Data

34. Select any available version aptible db:versions aptible db:create

35. Smarter Databases

36. MongoDB Replica Set Re-configuration • Restored instances no longer attempt

    to join the existing replica set ◦ Required manual re-configuration before (potentially risky) ◦ Now fully automated

37. Database Auto Optimization • Databases now configure according to their

    container size ◦ Get the most out of the resources you choose ◦ Easier to experiment with new footprints

38. Thanks! Register for the next Aptible Product Update Webinar April

    25, 2018 2 p.m. ET / 11 a.m. PT http://go.aptible.com/product-webinar-apr-2018