AWS Security – Keynote Address (SEC101) | AWS re:Invent 2013
ARC201 Microservices Architecture @ AWS re:Invent 2015
-
Upload
mitoc-group-inc -
Category
Technology
-
view
2.191 -
download
0
Transcript of ARC201 Microservices Architecture @ AWS re:Invent 2015
© 2015, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Eugene Istrati, CTO @ Mitoc Group
Microservices Architecturefor Digital Platforms with AWS Lambda,
Amazon CloudFront, and Amazon DynamoDB
October 2015
ARC201
What to Expect from the Session
• Problem. Digital platforms at scale are getting slower, cost-intensive, and vulnerable to various attacks
• Solution. Serverless Platform-as-a-Service on AWS
• Presenter. Why we’re qualified to talk about this topic
• Dive Deep. Technical details, lessons learned, tips and tricks, and hands-on demos
• Success. Enable customers to achieve more by doing less
Digital Platform Challenges
Note: Credits and thanks are listed at the end of the presentation
…
…
…
Average cost of downtime• $500K - $1M / hour (IDC, Dec 2014)• $140K - $540K / hour (Garner, July 2014)• $474K / hour (Ponemon Inst., Dec 2013)
Most commonly reported consequences
• Damage to reputation (38%)• Increase in customer churn (37%)• Damage to credit rating (28%)• Increase to insurance premiums (26%)
Digital Platform Challenges
Outage
Degradation
No impact
0% 10% 20% 30% 40% 50% 60% 70%
27%
60%
13%
Impact of DoS/DDoS Attack
Note: Credits and thanks are listed at the end of the presentation
Digital Enterprise End-to-end Platform on AWS
About
Eugene Istrati
• CTO @ Mitoc Group Inc
• 15+ years in IT; 7+ years on AWS
• AWS Certified Solutions Architect – Associate Level
• Companies: Hearst, Amazon, GrubHub, Tenaris (Europe)
Mitoc Group Inc
• www.mitocgroup.com
• Web Development Studio
• AWS Technology Partner
• Focusing on enterprise applications and platforms
• Working with customers from media and entertainment industry
Agenda• Web Apps Hosting on AWS
• Reference Architecture• Serverless Architecture• Demo: Set up Serverless Environment
• Microservices Architecture• AWS Lambda in Action• Tips and Tricks• Digital Enterprise End-to-end Platform• Demo: dam.deep.mg
• Q&A + Next Steps
Web Apps Hosting / Reference Architecture
Availability Zone A Availability Zone B
Auto Scaling Group
Auto Scaling Group
www.example.com
static.example.com
webservers
webservers
appservers
appservers
• Scales in minutes
Web Apps Hosting / Reference Architecture
Availability Zone A Availability Zone B
Auto Scaling Group
Auto Scaling Group
www.example.com
static.example.com
webservers
webservers
appservers
appservers
• Scales in minutes• Huge challenge for breaking
news, viral content, or attacks
Web Apps Hosting / Reference Architecture
Availability Zone A Availability Zone B
Auto Scaling Group
Auto Scaling Group
www.example.com
static.example.com
webservers
webservers
appservers
appservers
• Scales in minutes• Huge challenge for breaking
news, viral content, or attacks
• Reduced operational complexity
Web Apps Hosting / Reference Architecture
Availability Zone A Availability Zone B
Auto Scaling Group
Auto Scaling Group
www.example.com
static.example.com
webservers
webservers
appservers
appservers
• Scales in minutes• Huge challenge for breaking
news, viral content, or attacks
• Reduced operational complexity• Requires DevOps with experience
Web Apps Hosting / Reference Architecture
Availability Zone A Availability Zone B
Auto Scaling Group
Auto Scaling Group
www.example.com
static.example.com
webservers
webservers
appservers
appservers
• Scales in minutes• Huge challenge for breaking
news, viral content, or attacks
• Reduced operational complexity• Requires DevOps with experience
• Flexible choice of technology
Web Apps Hosting / Reference Architecture
Availability Zone A Availability Zone B
Auto Scaling Group
Auto Scaling Group
www.example.com
static.example.com
webservers
webservers
appservers
appservers
• Scales in minutes• Huge challenge for breaking
news, viral content, or attacks
• Reduced operational complexity• Requires DevOps with experience
• Flexible choice of technology• Requires devs with rich skill set
Web Apps Hosting / Reference Architecture
Availability Zone A Availability Zone B
Auto Scaling Group
Auto Scaling Group
www.example.com
static.example.com
webservers
webservers
appservers
appservers
• Scales in minutes• Huge challenge for breaking
news, viral content, or attacks
• Reduced operational complexity• Requires DevOps with experience
• Flexible choice of technology• Requires devs with rich skill set
• Cost-effective
Web Apps Hosting / Reference Architecture
Availability Zone A Availability Zone B
Auto Scaling Group
Auto Scaling Group
www.example.com
static.example.com
webservers
webservers
appservers
appservers
• Scales in minutes• Huge challenge for breaking
news, viral content, or attacks
• Reduced operational complexity• Requires DevOps with experience
• Flexible choice of technology• Requires devs with rich skill set
• Cost-effective• Over-provisioning and over-paying
Web Apps Hosting / Reference Architecture
Availability Zone A Availability Zone B
Auto Scaling Group
Auto Scaling Group
www.example.com
static.example.com
webservers
webservers
appservers
appservers
• Scales in minutes• Huge challenge for breaking
news, viral content, or attacks
• Reduced operational complexity• Requires DevOps with experience
• Flexible choice of technology• Requires devs with rich skill set
• Cost-effective• Over-provisioning and over-paying
AWS re:Invent 2014
Note: Credits and thanks are listed at the end of the presentation
AWS Summit NY 2015
Note: Credits and thanks are listed at the end of the presentation
Web Apps Hosting … Reinvented
Availability Zone A Availability Zone B
Auto Scaling Group
Auto Scaling Group
www.example.com
static.example.com
webservers
webservers
appservers
appservers
S3 bucket
CloudFrontdistributio
n
Web Tier
CognitoIdentity DB Tier
SQS DynamoDB
LambdaCloudFrontlogs
API Gateway
www.example.comstatic.example.com
App Tier
AWS Region RDS Aurora
Agenda• Web Apps Hosting on AWS
• Reference Architecture• Serverless Architecture• Demo: Set up Serverless Environment
• Microservices Architecture• AWS Lambda in Action• Tips and Tricks• Digital Enterprise End-to-end Platform• Demo: dam.deep.mg
• Q&A + Next Steps
Serverless Architecture vs. Reference
Availability Zone A Availability Zone B
Auto Scaling Group
Auto Scaling Group
www.example.com
static.example.com
webservers
webservers
appservers
appservers
S3 bucket
CloudFrontdistributio
n
Web Tier
CognitoIdentity DB Tier
SQS DynamoDB
LambdaCloudFrontlogs
API Gateway
www.example.comstatic.example.com
App Tier
AWS Region RDS Aurora
vs
Serverless Architecture – Web Tier
S3 bucket
CloudFrontdistribution
Web Tier
CognitoIdentity
CloudFrontlogs
www.example.comstatic.example.com
Availability Zone A Availability Zone B
Auto Scaling Group
www.example.com
static.example.com
webservers
webservers
Serverless Architecture – Web Tier
S3 bucket
CloudFrontdistribution
Web Tier
CognitoIdentity
CloudFrontlogs
www.example.comstatic.example.com
• Static Assets• Same as in reference architecture• css, js, docs, images, videos + html
• Dynamic Functionality• Use JS framework (e.g. Angular)• SEO-friendly (Custom Error
Response + HTML5 History API)
• Completely Serverless• Pre-scaled• Low-cost• Low-maintenance
Serverless Architecture – Web Tier
S3 bucket
CloudFrontdistribution
Web Tier
CognitoIdentity
CloudFrontlogs
www.example.comstatic.example.com
• Static Assets• Same as in reference architecture• css, js, docs, images, videos + html
• Dynamic Functionality• Use JS framework (e.g. Angular)• SEO-friendly (Custom Error
Response + HTML5 History API)
• Completely Serverless• Pre-scaled• Low-cost• Low-maintenance
Serverless Architecture – Web Tier
S3 bucket
CloudFrontdistribution
Web Tier
CognitoIdentity
CloudFrontlogs
www.example.comstatic.example.com
• Static Assets• Same as in reference architecture• css, js, docs, images, videos + html
• Dynamic Functionality• Use JS framework (e.g. Angular)• SEO-friendly (Custom Error
Response + HTML5 History API)
• Completely Serverless• Pre-scaled• Low-cost• Low-maintenance
Serverless Architecture – App Tier
CognitoIdentity
SQS
Lambda
API Gateway
App Tier
Availability Zone A Availability Zone B
Auto Scaling Group
appservers
appservers
CognitoIdentity
SQS
Lambda
API Gateway
App Tier • Accelerated Backend• Write node.js functions and load
into Lambda• Power up Lambda with RESTful
endpoints on API Gateway• Cache, throttle, meter, version, etc.
• Completely Serverless• Pre-scaled• Low-cost• Low-maintenance
Serverless Architecture – App Tier
• Accelerated Backend• Write node.js functions and load
into Lambda• Power up Lambda with RESTful
endpoints on API Gateway• Cache, throttle, meter, version, etc.
• Completely Serverless• Pre-scaled• Low-cost• Low-maintenance
Serverless Architecture – App Tier
CognitoIdentity
SQS
Lambda
API Gateway
App Tier
Availability Zone A Availability Zone B
Serverless Architecture – DB TierDB Tier
SQS DynamoDB
RDS Aurora
DB Tier
SQS DynamoDB
RDS Aurora
Serverless Architecture – DB Tier• First choice – DynamoDB + SQS
• Schema-free• Scale only reads and writes
• Completely Serverless• Pre-scaled• Low-cost• Low-maintenance
• Next choice – RDS Aurora• Relational• MySQL-like approach, but 5x better
Serverless Architecture – DB Tier• First choice – DynamoDB + SQS
• Schema-free• Scale only reads and writes
• Completely Serverless• Pre-scaled• Low-cost• Low-maintenance
• Next choice – RDS Aurora• Relational• MySQL-like approach, but 5x better
DB Tier
SQS DynamoDB
RDS Aurora
Serverless Architecture – DB Tier• First choice – DynamoDB + SQS
• Schema-free• Scale only reads and writes
• Completely Serverless• Pre-scaled• Low-cost• Low-maintenance
• Next choice – RDS Aurora• Relational• MySQL-like approach, but 5x better
DB Tier
SQS DynamoDB
RDS Aurora
Agenda• Web Apps Hosting on AWS
• Reference Architecture• Serverless Architecture• Demo: Set up Serverless Environment
• Microservices Architecture• AWS Lambda in Action• Tips and Tricks• Digital Enterprise End-to-end Platform• Demo: dam.deep.mg
• Q&A + Next Steps
Demo: Set up Serverless Environment1. Security - Create IAM roles2. Front-end - Create S3 bucket - Enable static website hosting - Add bucket policy - Create CloudFront distribution3. Back-end - Create Lambda function - Upload code into Lambda - Create API Gateway endpoint4. Database - Create DynamoDB table5. Code - Load code into S3 bucket - View via CloudFront (S3 as backup)
S3 bucket
CloudFrontdistribution
Web Tier
CognitoIdentity DB Tier
SQS DynamoDB
LambdaCloudFrontlogs
API Gateway
www.example.comstatic.example.com
App Tier
AWS RegionRDS Aurora
Lessons Learned
• Serverless approach is challengingly awesome
• Frontend is restricted to JS (and JS Frameworks)• Backend is restricted to JS and Java (for now)• SOA and APIs are required by design
Lessons Learned
• Serverless approach is challengingly awesome
• Frontend is restricted to JS (and JS Frameworks)• Backend is restricted to JS and Java (for now)• SOA and APIs are required by design
• Services must be as small as possible
• AWS Lambda constrains• Browser limitations (on mobile devices)
Lessons Learned
• Serverless approach is challengingly awesome
• Frontend is restricted to JS (and JS Frameworks)• Backend is restricted to JS and Java (for now)• SOA and APIs are required by design
• Services must be as small as possible => microservices
• AWS Lambda constrains• Browser limitations (on mobile devices)
Let’s Recap
Recap
Availability Zone A Availability Zone B
Auto Scaling Group
Auto Scaling Group
www.example.com
static.example.com
webservers
webservers
appservers
appservers
• Reference architecture for web application hosting on AWS
Recap• Reference architecture for web
application hosting on AWS
• Transformed to serverless architecture on AWS
S3 bucket
CloudFrontdistributio
n
Web Tier
CognitoIdentity DB Tier
SQS DynamoDB
LambdaCloudFrontlogs
API Gateway
www.example.comstatic.example.com
App Tier
AWS Region RDS Aurora
Agenda• Web Apps Hosting on AWS
• Reference Architecture• Serverless Architecture• Demo: Set up Serverless Environment
• Microservices Architecture• AWS Lambda in Action• Tips and Tricks• Digital Enterprise End-to-end Platform• Demo: dam.deep.mg
• Q&A + Next Steps
Microservices Architecture
Keynote GOTO Conference: Microservices by Martin Fowler - https://www.youtube.com/watch?v=wgdBVIX9ifA
State of the Art in Microservices - https://www.youtube.com/watch?v=nMTaS07i3jk
InterprocessComms inCloud: Pros,Cons ofMicroservicesArchitectures - https://www.youtube.com/watch?v=CriDUYtfrjs
Speeding Up Digital Platforms on AWS
Deploy in weeksLive for years
Deploy in minutesLive for weeks
Deploy in secondsLive for minutes/hours
Deploy in millisecondsLive for seconds
On-Premises Amazon EC2 Amazon ECS AWS Lambda
Agenda• Web Apps Hosting on AWS
• Reference Architecture• Serverless Architecture• Demo: Set up Serverless Environment
• Microservices Architecture• AWS Lambda in Action• Tips and Tricks• Digital Enterprise End-to-end Platform• Demo: dam.deep.mg
• Q&A + Next Steps
AWS Lambda in Action
AWS Lambda in Action
• AWS Lambda scaled with no effort for us
• 70M+ invocations / day• 10K+ concurrent invocations / second
Web Apps Hosting / Reference Architecture
Availability Zone A Availability Zone B
Auto Scaling Group
Auto Scaling Group
www.example.com
static.example.com
webservers
webservers
appservers
appservers
• Scales in minutes• Huge challenge for breaking
news, viral content, or attacks
• Reduced operational complexity• Requires DevOps with experience
• Flexible choice of technology• Requires devs with rich skill set
• Cost-effective• Over-provisioning and over-paying
AWS Lambda in Action
• AWS Lambda scaled with no effort for us
• 70M+ invocations / day• 10K+ concurrent invocations / second
• AWS Lambda made it really easy for us
• Comes pre-scaled and charges in 100ms blocks• No under- or over-provisioning (by design)• Developers love it (especially frontend JS folks)• DevOps still in play mode (learning to build ops code)
Agenda• Web Apps Hosting on AWS
• Reference Architecture• Serverless Architecture• Demo: Set up Serverless Environment
• Microservices Architecture• AWS Lambda in Action• Tips and Tricks• Digital Enterprise End-to-end Platform• Demo: dam.deep.mg
• Q&A + Next Steps
Tips and Tricks
• AWS Lambda is continuously evolving
• Set up alarms for all 4 Lambda metrics in Amazon CloudWatch• Avoid S3 throttling by integrating S3 => SNS => Lambda• Beware of potential infinite loops
Tips and Tricks
• AWS Lambda is continuously evolving
• Set up alarms for all 4 Lambda metrics in Amazon CloudWatch• Avoid S3 throttling by integrating S3 => SNS => Lambda• Beware of potential infinite loops
• Microservices are game changers
• The shorter TTL, the more secure it becomes• First, build a service or a feature• Next, break it down into microservices
Tips and Tricks – Example• Identifying UI and UX needs (frontend)
• Show plans and related data points• Manage credit cards securely• Download payment receipts
• Identifying REST API calls (backend)• Endpoint: /plans => 4 Lambdas for CRUD• Endpoint: /creditcards => 4 Lambdas for CRUD• Endpoint: /payments => 4 Lambdas for CRUD
• Identifying datasets to be stored (database)• Entity: Plans• Entity: CreditCards• Entity: Receipts
Tips and Tricks – Example• Identifying UI and UX needs (frontend)
• Show plans and related data points• Manage credit cards securely• Download payment receipts
• Identifying REST API calls (backend)• Endpoint: /plans => 4 Lambdas for CRUD• Endpoint: /creditcards => 4 Lambdas for CRUD• Endpoint: /payments => 4 Lambdas for CRUD
• Identifying datasets to be stored (database)• Entity: Plans• Entity: CreditCards• Entity: Receipts
Tips and Tricks – Example• Identifying UI and UX needs (frontend)
• Show plans and related data points• Manage credit cards securely• Download payment receipts
• Identifying REST API calls (backend)• Endpoint: /plans => 4 Lambdas for CRUD• Endpoint: /creditcards => 4 Lambdas for CRUD• Endpoint: /payments => 4 Lambdas for CRUD
• Identifying datasets to be stored (database)• Entity: Plans• Entity: CreditCards• Entity: Receipts
Agenda• Web Apps Hosting on AWS
• Reference Architecture• Serverless Architecture• Demo: Set up Serverless Environment
• Microservices Architecture• AWS Lambda in Action• Tips and Tricks• Digital Enterprise End-to-end Platform• Demo: dam.deep.mg
• Q&A + Next Steps
AWS Products and Services
Digital Enterprise End-to-end Platform
DEEP is using AWS Abstracted Services
DEEP is using Open Source Software
DEEP Framework
DEEP Framework – Open Sourced
https://github.com/MitocGroup/deep-framework
DEEP Microservices
DEEP Microservices – HelloWorld
https://github.com/MitocGroup/deep-microservices-helloworld
DEEP Management
Agenda• Web Apps Hosting on AWS
• Reference Architecture• Serverless Architecture• Demo: Set up Serverless Environment
• Microservices Architecture• AWS Lambda in Action• Tips and Tricks• Digital Enterprise End-to-end Platform• Demo: dam.deep.mg
• Q&A + Next Steps
Demo: dam.deep.mg
• Create new digital property• www.awsreinvent2015.com
• Publish code from origin• github.com/MitocGroup/aws
reinvent2015.com
• Open newly created website• www.awsreinvent2015.com
www.awsreinvent2015.com
Let’s Recap
Recap• Reference architecture for web
application hosting on AWS
• Transformed to serverless architecture on AWS
• AWS Lambda in action
Recap• Reference architecture for web
application hosting on AWS
• Transformed to serverless architecture on AWS
• AWS Lambda in action
• Tips and tricks with an example
Recap• Reference architecture for web
application hosting on AWS
• Transformed to serverless architecture on AWS
• AWS Lambda in action
• Tips and tricks with an example
• Digital Enterprise End-to-end Platform
Agenda• Web Apps Hosting on AWS
• Reference Architecture• Serverless Architecture• Demo: Set up Serverless Environment
• Microservices Architecture• AWS Lambda in Action• Tips and Tricks• Digital Enterprise End-to-end Platform• Demo: dam.deep.mg
• Q&A + Next Steps
Remember to complete your evaluations!
Credits and Thanks• Slide 3: Digital Platforms Challenges
• http://www.buzzfeed.com/daozers/what-its-like-to-work-on-buzzfeeds-tech-team-during-record-t#.axR6WG9Yr• http://www.dailydot.com/crime/new-york-magazine-ddos-bill-cosby-cover/• http://www.cio.in/topstory/flipkart%E2%80%99s-cto-explains-the-xiaome-launch-outage
• Slide 4: Digital Platforms Challenges• http://www.slideshare.net/Radware/radware-cmg2014-tammyevertsslowtimevsdowntime• http://www.statuscast.com/application-downtime-according-to-idc-gartner-and-others• https://press.kaspersky.com/files/2014/11/B2B-International-2014-Survey-DDoS-Summary-Report.pdf
• Slide 18: AWS re:Invent 2014• https://venturebeat.com/wp-content/uploads/2014/11/aws-reinvent-lambda.png
• Slide 19: AWS Summit NY 2015• https://d0.awsstatic.com/events/aws-hosted-events/2015/AWS-Global-Summit-Series/new-york/press-room/introducing-amazon-api-
gateway.jpg
• Slide 39: Microservices Architecture• https://www.youtube.com/watch?v=nMTaS07i3jk - State of the Art in Microservices by Adrian Cockcroft• https://www.youtube.com/watch?v=wgdBVIX9ifA - Microservices by Martin Fowler• https://www.youtube.com/watch?v=CriDUYtfrjs - Interprocess Comms in Cloud: Pros, Cons of Microservices Architectures by Sudhir
Tonse
DEEP Value Proposition
DEEP Value Proposition
Customer driven Low cost by default Simplified user experience Developer friendly
DEEP Value Proposition
Customer driven Low cost by default Simplified user experience Developer friendly
DEEP Value Proposition
Customer driven Low cost by default Simplified user experience Developer friendly
DEEP Value Proposition
Customer driven Low cost by default Simplified user experience Developer friendly
DEEP Value Proposition – Examples
CMS (aka Content Management System)
DAM (aka Digital Asset Management)
DMP (aka Data Management Platform)
for image management for video management
for microsite management for content management
for microsite management for data management
DEEP Value Proposition – Examples
CMS (aka Content Management System)
DAM (aka Digital Asset Management)
DMP (aka Data Management Platform)
for image management for video management
for microsite management for content management
for microsite management for data management
DEEP Value Proposition – Examples
CMS (aka Content Management System)
DAM (aka Digital Asset Management)
DMP (aka Data Management Platform)
for image management for video management
for microsite management for content management
for microsite management for data management
DEEP Microservices HelloWorld
DEEP Microservice HelloWorld# Install deepify, DEEP CLI$ npm install deepify –g# Using deepify, create DEEP Microservice HelloWorld$ deepify helloworld ~/Microservices/deep-hello-world# Run DEEP Microservice HelloWorld locally$ deepify server ~/Microservices/deep-hello-world -o# Deploy DEEP Microservice HelloWorld to AWS$ deepify deploy ~/Microservices/deep-hello-world
DEEP Microservice HelloWorld# Install deepify, DEEP CLI$ npm install deepify -g# Using deepify, create DEEP Microservice HelloWorld$ deepify helloworld ~/Microservices/deep-hello-world# Run DEEP Microservice HelloWorld locally$ deepify server ~/Microservices/deep-hello-world -o# Deploy DEEP Microservice HelloWorld to AWS$ deepify deploy ~/Microservices/deep-hello-world
DEEP Microservice HelloWorld# Install deepify, DEEP CLI$ npm install deepify -g# Using deepify, create DEEP Microservice HelloWorld$ deepify helloworld ~/Microservices/deep-hello-world# Run DEEP Microservice HelloWorld locally$ deepify server ~/Microservices/deep-hello-world –o# Deploy DEEP Microservice HelloWorld to AWS$ deepify deploy ~/Microservices/deep-hello-world
DEEP Microservice HelloWorld# Install deepify, DEEP CLI$ npm install deepify -g# Using deepify, create DEEP Microservice HelloWorld$ deepify helloworld ~/Microservices/deep-hello-world# Run DEEP Microservice HelloWorld locally$ deepify server ~/Microservices/deep-hello-world -o# Deploy DEEP Microservice HelloWorld to AWS$ deepify deploy ~/Microservices/deep-hello-world
DEEP Microservices Structure• Frontend /• Backend /• Models /
• [ModelName].json
• Docs /• index.md
• Tests /• deepkg.json• parameters.json
• Frontend /• bootstrap.js• index.html• images /• css /• js /
• Backend /• resources.json• src /
• [MicroserviceName] /– package.json– bootstrap.js– Handler.js