AWS re:Invent 2023
Ready for Whats Next Designing Networks for Growth and Flexibility Net310

Title

AWS re:Invent 2023 - Ready for what’s next? Designing networks for growth and flexibility (NET310)

Summary

  • Sid, a principal solutions architect at AWS, and Ben, a principal network engineer at Sonos, discuss building scalable and flexible networks on AWS.
  • Organizations are migrating to the cloud or building new applications, often with generative AI, necessitating scalable network designs.
  • Sid emphasizes the importance of choosing the right EC2 instance types, load balancing strategies, application isolation, security enforcement, and global routing.
  • The session focuses on network connectivity challenges at scale, including internal and external application requirements, business unit isolation, and global network design.
  • Sid reminisces about the pre-cloud era of data centers and contrasts it with the complexity of cloud networking, advocating for AWS as the central networking hub.
  • The AWS Well-Architected Framework is used to evaluate different network design options.
  • Sid discusses VPC design, Network Address Usage (NAU) limits, VPC sharing, and the importance of not creating extremely large or small numbers of VPCs.
  • Transit Gateway and AWS Cloud WAN are presented as solutions for connecting VPCs at scale, with Cloud WAN offering global dynamic routing and a single management pane.
  • Sid introduces Tunnel-less Connect for SD-WAN connectivity, offering higher bandwidth without GRE tunnels.
  • Ben shares Sonos' journey from on-premises to hybrid cloud and eventually to AWS Cloud WAN, highlighting the benefits of scalability, cost-effectiveness, and security.
  • The session concludes with a call to action for attendees to learn more about AWS networking services and to complete a survey.

Insights

  • Scalability and Flexibility: The talk underscores the need for scalable and flexible network designs to accommodate the growing number of applications, especially with the advent of generative AI.
  • VPC Design: Sid stresses the importance of proper VPC design, suggesting that VPCs should serve as network isolation boundaries and be neither too large nor too small.
  • Network Address Usage (NAU): Understanding NAU limits is crucial for managing large VPCs, especially when using services like VPC endpoints, Lambda functions, and NAT gateways.
  • Transit Gateway vs. AWS Cloud WAN: While Transit Gateway offers a hub-and-spoke design and supports global connectivity, AWS Cloud WAN provides a global dynamic routing layer on top of AWS's global backbone, simplifying global network management.
  • Tunnel-less Connect: This new feature for SD-WAN connectivity is a significant development, offering 100 Gbps per availability zone and simplifying the setup by eliminating the need for GRE tunnels.
  • Customer Journey - Sonos: Ben's account of Sonos' transition from on-premises to AWS Cloud WAN illustrates the real-world application of AWS networking services and the benefits of migrating to a cloud-based network.
  • Operational Excellence and Automation: The talk highlights the importance of NetDevOps and network automation, encouraging the treatment of network configuration as code and the integration of testing into CI/CD pipelines.
  • Security Considerations: Security is a recurring theme, with discussions on segmenting networks for security zones, centralized inspection, and the use of AWS Firewall Manager for managing WAF rules.
  • Future Directions: The mention of new service integrations and the shift towards Tunnel-less Connect peers indicates ongoing improvements and innovations in AWS networking services.
Putting Your Data to Work with Generative Ai Aim250 IntReady Set Data Perfecting the Art of Talent Matching with Ai Aim309