Upload
boaz-ziniman
View
191
Download
4
Embed Size (px)
Citation preview
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Boaz Ziniman, Technical Evangelist, AWS
@ziniman
Introduction to Serverless computing & AWS Lambda
Israel AWS User Group - November 2017
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
ServersHow will the application
handle server hardware failure?
How can I control access from my servers?
When should I decide to scale out my servers?
When should I decide toscale up my servers?
What size servers areright for my budget?
How much remainingcapacity do my servers have?
(AAHHHHHHHHH!!)
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
What isserverless?
Build and run applicationswithout thinking about servers
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Let’s take a look at the evolution of computing
Physical ServersDatacenters
Virtual ServersDatacenters
Virtual Serversin the cloud
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Each progressive step was better
Physical ServersDatacenters
Virtual ServersDatacenters
Virtual Serversin the cloud
• Higher utilization
• Faster provisioning speed
• Improved uptime
• Disaster recovery
• Hardware independence
• Trade CAPEX for OPEX
• More scale
• Elastic resources
• Faster speed and agility
• Reduced maintenance
• Better availability and
fault tolerance
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
But there are still limitations
Physical ServersDatacenters
Virtual ServersDatacenters
• Trade CAPEX for OPEX
• More scale
• Elastic resources
• Faster speed and agility
• Reduced maintenance
• Better availability and
fault tolerance
• Still need to administer
virtual servers
• Still need to manage
capacity and utilization
• Still need to size
workloads
• Still need to manage
availability, fault tolerance
• Still expensive to run
intermittent jobs
Virtual Serversin the cloud
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Evolving to serverless
SERVERLESS
Virtual serversin the cloud
Physical serversin datacenters
Virtual serversin datacenters
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
No server is easier to manage than any server
All of these responsibilitiesgo away
Provisioning and utilizationAvailability and fault toleranceScalingOperations and management
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Serverless with AWS Lambda
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Deliver on demand, never pay for idle
EVENT DRIVEN CONTINUOUS SCALING PAY BY USAGE
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
What does Serverless mean?
No servers to provision or manage
Scale with your usage
Built in availability and fault-tolerance
Never pay for idle/unused capacity
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Serverless runs on functions
• Functions are the unit of deployment and scale• This scales per request!• Skip the boring parts, skip the hard parts
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
How it works?
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Using AWS Lambda
Bring your own code• Node.js, Java, Python, C#• Bring your own libraries
(even native ones)
Simple resource model• Select power rating from
128 MB to 1.5 GB• CPU and network
allocated proportionately
Flexible use• Synchronous or
asynchronous• Integrated with other
AWS services
Flexible authorization• Securely grant access to
resources and VPCs• Fine-grained control for
invoking your functions
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Using AWS Lambda
Authoring functions• WYSIWYG editor or
upload packaged .zip• Third-party plugins
(Eclipse, Visual Studio)
Monitoring and logging• Metrics for requests,
errors, and throttles• Built-in logs to Amazon
CloudWatch Logs
Programming model• Use processes, threads,
/tmp, sockets normally• AWS SDK built in (Python
and Node.js)
Stateless• Persist data using
external storage• No affinity or access to
underlying infrastructure
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Example event sources
Data stores Endpoints
Configuration repositories Event/message sources
Amazon S3 Amazon DynamoDB
Amazon Kinesis
Amazon Cognito
Amazon IoT AWS Step Functions
Amazon Alexa
AWS CloudTrail
AWS CodeCommit
Amazon CloudWatch
Amazon SES Amazon SNS Cron events
Amazon API Gateway
AWS Cloudformation
…and more!
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Lambda Use Cases
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
#1: 3-Tier Web Application
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
3-Tier web application
Data stored in Amazon
DynamoDB
Dynamic content in AWS Lambda
Amazon API Gateway
Browser
Amazon CloudFront
Amazon S3
Browser
Amazon CloudFront
Amazon S3
Amazon API Gateway
Dynamic content in AWS Lambda
Data store in Amazon DynamoDB
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Amazon API Gateway AWS
LambdaAmazon
DynamoDB
AmazonS3
Amazon CloudFront
• Bucket Policies• ACLs
• OAI• Geo-Restriction• Signed Cookies• Signed URLs• DDOS
AuthZ
IAM
Serverless web app security
• Throttling• Caching• Usage Plans
Browser
IAM
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Amazon API Gateway AWS
LambdaAmazon
DynamoDB
AmazonS3
Amazon CloudFront
• Bucket Policies• ACLs
• OAI• Geo-Restriction• Signed Cookies• Signed URLs• DDOS
AuthZ
Serverless web app security
• Throttling• Caching• Usage Plans
Browser
Amazon CloudFront
• HTTPS• Disable Host
Header Forwarding
AWS WAF
IAMIAM
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Amazon API Gateway
AWSLambda
AmazonDynamoDB
AmazonS3
Amazon CloudFront
• Access Logs in S3 Bucket• Access Logs in S3 Bucket
• CloudWatch Metrics-https://aws.amazon.com/cloudfront/reporting/
Serverless web app monitoring
AWS WAF• WebACL Testing• Total Requests• Allowed/Blocked
Requests by ACL
logslogs
• Invocations• Invocation Errors• Duration• Throttled
Invocations
• Latency• Throughput• Throttled Reqs
• Latency• Count• Cache Hit/Miss• 4XX/5XX Errors
Streams
AWSCloudTrail
BrowserCustom CloudWatch
Metrics & Alarms
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Serverless web app lifecycle management
• AWS SAM (Serverless Application Model) - blogAWS
Lambda
Amazon API Gateway
AWS CloudFormation
AmazonS3
AmazonDynamoDB
Package & Deploy
Code/Packages/Swagger
Serverless Template
Serverless Template
w/ CodeUri
package deploy
CI/CD Tools
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
http://bit.ly/ServerlessShop
https://github.com/patrick-michelberger/serverless-shop
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
#2: automation
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Automation characteristics
• Respond to alarms or events• Periodic jobs • Auditing and Notification• Extend AWS functionality• Highly Available and scalable
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
AWS Lambda: Resize Images
Users upload photos
S3:Source Bucket
S3:Destination Bucket
Triggered on PUTs
Automation: image thumbnail creation from S3
https://github.com/awslabs/serverless-image-resizing
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
#3: IoT
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
IoT – Click to Website
MQTT
AWS
IoT
Static S3
Site
Read
SMS
Amazon
CloudFront
Read/
Write
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
MQTT
AWS
IoT
Static S3
Site
Read
SMS
Amazon
CloudFront
Read/
Write
IoT – Click to Website
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
IoT – Click to Website
MQTT
AWS
IoT
Static S3
Site
Read
SMS
Amazon
CloudFront
Read/
Write
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
http://bit.ly/OneClickIoT
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
A few Lambda specific best practices
Lambda is stateless à architect accordingly!• Assume no affinity with underlying compute infrastructure• Local filesystem and child processes may not extend beyond
the lifetime of the Lambda request
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Lambda considerations and best practices
• Can your Lambda functions survive the cold?
• Instantiate AWS clients and database clients outside the scope of the handler to take advantage of connection re-use.
• Schedule with CloudWatch Events for warmth
• ENIs for VPC support are attached during cold start
import sys
import logging
import rds_config
import pymysql
rds_host = "rds-instance"
db_name =
rds_config.db_name
try:
conn = pymysql.connect(
except:
logger.error("ERROR:
def handler(event, context):
with conn.cursor() as cur:
Executes during
cold start
Executes with
each invocation
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Lambda considerations and best practices
How about a file system?• Don’t forget about /tmp
(512 MB of scratch space)exports.ffmpeg = function(event,context)
{
new ffmpeg('./thumb.MP4', function (err,
video)
{
if (!err) {
video.fnExtractFrameToJPG('/tmp’)
function (error, files) { … }
…if (!error)
console.log(files);
context.done();
...
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Other resources
• AWS documentation: http://docs.aws.amazon.com/lambda/latest/dg/welcome.html
• Tons of compute blog posts: https://aws.amazon.com/blogs/compute/category/aws-lambda/
• Lambda reference architecture: https://github.com/awslabs/lambda-refarch-webapp
• Hello Retail:https://github.com/Nordstrom/hello-retail
• Serverless beyond Functions – Serverless using IoT:https://medium.com/cloud-academy-inc/serverless-beyond-functions-cd81ee4c6b8d
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Thanks!Boaz Ziniman, Technical Evangelist, AWS
@ziniman