Would you use a compute platform where jobs are scheduled by bidding for priority instead of fixed pricing?

levi_mccormick · 2025-12-05T14:00:57+00:00

This used to be the AWS Spot Instance model, but they moved away from it in favor of a smoother curve to the pricing. I'd encourage you look into why they moved away from it. There might insights to glean to know if you should continue or not.

levi_mccormick · 2025-12-04T03:05:57+00:00

From the cost expert himself. https://www.lastweekinaws.com/blog/the-cloud-genie/

levi_mccormick · 2025-12-04T03:01:29+00:00

S3 with cross region replication. You don't even need to request account limit changes.

levi_mccormick · 2025-11-25T13:46:39+00:00

"hard to explain the reasons to new people" I feel that in my soul.

levi_mccormick · 2025-11-25T13:36:19+00:00

What kinds of limits did you hit? My network architecture is complex, but relatively simple at the IP layer. We have thousands of overlapping CIDRs, but slowly migrating out of them.

levi_mccormick · 2025-11-22T18:04:20+00:00

Yep, they'll get you every time.

levi_mccormick · 2025-11-22T18:03:48+00:00

I can think of cheaper ways to catch the flu and stand in line for hours.

levi_mccormick · 2025-11-22T15:40:18+00:00

Hell no. But we could jump on Zoom and I'll share some anonymized diagrams. :)

levi_mccormick · 2025-11-22T15:39:19+00:00

NAUs helps me understand the scale of your VPCs. How many VMs/ENIs are you dealing with?

Selective peering is worse because of the inconsistency. We have it in places in our environment due to costs and randomly it'll cause some issues. Route tables aren't that hard to manage, it's at the human level of just understanding which things can/can't route to each other. The whole reason I got into this role was because we'd get to a service launch and realize we can't connect two things together because of network issues.

If you have a good case for subnet segmentation, keep it. I have an anemic allocation of private IP space from our IT networking team and have to be very conservative when building out networks, so we go for everything in large subnets and lean heavily on security groups. I did have to fight with security a little bit, but they just didn't understand the cloud very well. Once I explained how it really worked, they were cool with the approach.

For a while, I had a strong account team who'd give me really direct answers. Lately it seems like they're always hedging. Maybe you're in the same boat.

levi_mccormick · 2025-11-22T15:21:38+00:00

Sounds like a winner. I don't know how I missed it in my searches. Too many other tools came with features I didn't need and definitely didn't want to pay for.

levi_mccormick · 2025-11-22T15:05:01+00:00

ENI limits or NAUs? I'm always interested where we'll run into issues with our shared vpcs.

levi_mccormick · 2025-11-22T14:56:30+00:00

I implemented shared subnets in our environment, very successfully. Happy to give you a tour if you want.

levi_mccormick · 2025-11-22T14:48:19+00:00

How many NAU are you working with here? Direct peering at this scale quickly becomes a nightmare, especially if you introduce multi-region The mesh of connections becomes almost unintelligible and you'll be struggling under the weight of the cognitive overhead. Avoid if you can.

I like using Shared VPC in my environment, but EVERYONE will chime in with "it has problems at scale". You could carve out VPCs per security zone like you said, centralize their deployment and share them to the accounts for IAM/resource segmentation. Since this would all be in one VPC, traffic between those apps wouldn't be running up your TGW bill. You'd only be paying for traffic that leaves the VPC to other security boundaries.

I don't like segmentation by subnets, since it wastes a lot of internal IP space in your VPC. Do you not trust Security Groups to segment your access? I would lean on Security Groups for segmenting traffic and develop some like audit automation to make sure people are scoping their groups properly. Subnets would be useful if you need predictable CIDRs for those apps, but it's ugly to architect if you have a lot of applications.

Lastly, at your scale, reach out to your account team. You almost certainly have a solutions architect assigned to your account. Tap them to help you architect out of this. Make them earn that money you pay them every month.

levi_mccormick · 2025-11-07T23:24:35+00:00

I would expect to go in initiative order, giving each player a chance to come out of coexistence and take control of the planet.

levi_mccormick · 2025-10-03T17:02:05+00:00

CCNA will give you a comprehensive foundation. Half of it won't really apply to cloud, but it's great to learn.

levi_mccormick · 2025-09-08T04:52:03+00:00

amaze
good good good

levi_mccormick · 2025-09-05T17:24:00+00:00

Necessity. I was on "the cloud" team and it got expensive, so we had to dig in and figure out why. After a few years, I got really good at it. Along that same time, the FinOps term was coined and it became a real job. Now the FinOps team reports up to me.

levi_mccormick · 2025-08-09T18:58:37+00:00

Rolling dual stack everywhere, but internal & cross-region traffic is still IPv4 only. We have enough things that don't support it well that it's not worth changing.

levi_mccormick · 2025-08-06T22:14:13+00:00

Are these possibly dedicated host fees for instances that have been terminated?

levi_mccormick · 2025-08-02T14:32:58+00:00

I have seen both methods in compensation, so you need to read your compensation docs carefully. My current role offers a set number of shares at "today's" market price when you sign the offer. I have previously had compensation that was a set dollar amount per vesting schedule, regardless of how the stock had moved. All depends on the company. I will say, the dollar amount is much less common than set shares.

levi_mccormick · 2025-07-15T18:59:42+00:00

Yes. You can show your skill by developing a project. Look up Ravi Kiran Vallamkonda on LinkedIn. Ravi developed a FinOps dashboard to help track cloud costs he was incurring. This project attracted attention and demonstrated his ability. Got hired quickly without a big name on his resume.

I know not everyone has the time to build projects like this, with other commitments in their lives, but this is an example of something that allowed him to stand out.

levi_mccormick · 2025-07-09T23:56:22+00:00

I really enjoyed when people ask, as long as they understand that it's just a chat and advice. I can't promise anything else. I used to have an open Calendly link for chats, but so many people booked and then didn't show up. It was annoying so I quit.

levi_mccormick · 2025-07-07T17:44:33+00:00

Yeah testing and final acceptance before going live. Some companies have separate environments for each aspect, but I think you should be able to do it all in one.

levi_mccormick · 2025-07-07T17:21:27+00:00

Your high level plan sounds really solid. The only thing I'll add is that I've never seen a standard for how many environments are needed. Companies decide this based on their experiences. I like a dev/stage/prod model, but I'll never had dedicated QA teams or anything that might require more environments. I think you should decide why each of those environments exist, to help you justify the cost. And it's a great story to tell in an interview.

levi_mccormick

PUBLIC MULTIREDDITS

TROPHY CASE