SERVICEFULL - GeekWire...management, Secret rotation, On-call schedule, Configuration management,...
Transcript of SERVICEFULL - GeekWire...management, Secret rotation, On-call schedule, Configuration management,...
![Page 1: SERVICEFULL - GeekWire...management, Secret rotation, On-call schedule, Configuration management, Workflow management, Alerts, Log aggregation, Unhandled failure aggregation, Operations](https://reader035.fdocuments.in/reader035/viewer/2022081611/5f02f6da7e708231d406e18d/html5/thumbnails/1.jpg)
SERVICEFULL Using Serverless to Build Servicefull Applications
Matt Weagle Director of Infrastructure
ShiftLeft, Inc.
![Page 2: SERVICEFULL - GeekWire...management, Secret rotation, On-call schedule, Configuration management, Workflow management, Alerts, Log aggregation, Unhandled failure aggregation, Operations](https://reader035.fdocuments.in/reader035/viewer/2022081611/5f02f6da7e708231d406e18d/html5/thumbnails/2.jpg)
![Page 3: SERVICEFULL - GeekWire...management, Secret rotation, On-call schedule, Configuration management, Workflow management, Alerts, Log aggregation, Unhandled failure aggregation, Operations](https://reader035.fdocuments.in/reader035/viewer/2022081611/5f02f6da7e708231d406e18d/html5/thumbnails/3.jpg)
![Page 4: SERVICEFULL - GeekWire...management, Secret rotation, On-call schedule, Configuration management, Workflow management, Alerts, Log aggregation, Unhandled failure aggregation, Operations](https://reader035.fdocuments.in/reader035/viewer/2022081611/5f02f6da7e708231d406e18d/html5/thumbnails/4.jpg)
![Page 5: SERVICEFULL - GeekWire...management, Secret rotation, On-call schedule, Configuration management, Workflow management, Alerts, Log aggregation, Unhandled failure aggregation, Operations](https://reader035.fdocuments.in/reader035/viewer/2022081611/5f02f6da7e708231d406e18d/html5/thumbnails/5.jpg)
TIME
![Page 6: SERVICEFULL - GeekWire...management, Secret rotation, On-call schedule, Configuration management, Workflow management, Alerts, Log aggregation, Unhandled failure aggregation, Operations](https://reader035.fdocuments.in/reader035/viewer/2022081611/5f02f6da7e708231d406e18d/html5/thumbnails/6.jpg)
![Page 7: SERVICEFULL - GeekWire...management, Secret rotation, On-call schedule, Configuration management, Workflow management, Alerts, Log aggregation, Unhandled failure aggregation, Operations](https://reader035.fdocuments.in/reader035/viewer/2022081611/5f02f6da7e708231d406e18d/html5/thumbnails/7.jpg)
Unknown Dependencies
Unplanned Work
Conflicting Priorities
Neglected Work
Time Thieves
![Page 8: SERVICEFULL - GeekWire...management, Secret rotation, On-call schedule, Configuration management, Workflow management, Alerts, Log aggregation, Unhandled failure aggregation, Operations](https://reader035.fdocuments.in/reader035/viewer/2022081611/5f02f6da7e708231d406e18d/html5/thumbnails/8.jpg)
Too Much WIP
![Page 9: SERVICEFULL - GeekWire...management, Secret rotation, On-call schedule, Configuration management, Workflow management, Alerts, Log aggregation, Unhandled failure aggregation, Operations](https://reader035.fdocuments.in/reader035/viewer/2022081611/5f02f6da7e708231d406e18d/html5/thumbnails/9.jpg)
![Page 10: SERVICEFULL - GeekWire...management, Secret rotation, On-call schedule, Configuration management, Workflow management, Alerts, Log aggregation, Unhandled failure aggregation, Operations](https://reader035.fdocuments.in/reader035/viewer/2022081611/5f02f6da7e708231d406e18d/html5/thumbnails/10.jpg)
10
Software Delivery Performance Metrics
deployfrequencylead/memean/metorestorechangefailpercentage
Deploy Frequency
Lead Time
Mean Time to Restore
Change/Fail Percentage
![Page 11: SERVICEFULL - GeekWire...management, Secret rotation, On-call schedule, Configuration management, Workflow management, Alerts, Log aggregation, Unhandled failure aggregation, Operations](https://reader035.fdocuments.in/reader035/viewer/2022081611/5f02f6da7e708231d406e18d/html5/thumbnails/11.jpg)
11
Characteristics of High Performing Teams
Loosely coupled systems
Experimentation & adjustment
WIP limits with shared visualization & feedback loops
Frequent deployments, short-lived branches
Security best handled by shifting left
![Page 12: SERVICEFULL - GeekWire...management, Secret rotation, On-call schedule, Configuration management, Workflow management, Alerts, Log aggregation, Unhandled failure aggregation, Operations](https://reader035.fdocuments.in/reader035/viewer/2022081611/5f02f6da7e708231d406e18d/html5/thumbnails/12.jpg)
12
Accelerate Forsgren, Humble, & Kim
“Software delivery performance predicts organizational performance and noncommercial performance.”
![Page 13: SERVICEFULL - GeekWire...management, Secret rotation, On-call schedule, Configuration management, Workflow management, Alerts, Log aggregation, Unhandled failure aggregation, Operations](https://reader035.fdocuments.in/reader035/viewer/2022081611/5f02f6da7e708231d406e18d/html5/thumbnails/13.jpg)
Microservices!
![Page 14: SERVICEFULL - GeekWire...management, Secret rotation, On-call schedule, Configuration management, Workflow management, Alerts, Log aggregation, Unhandled failure aggregation, Operations](https://reader035.fdocuments.in/reader035/viewer/2022081611/5f02f6da7e708231d406e18d/html5/thumbnails/14.jpg)
Service Boundaries
![Page 15: SERVICEFULL - GeekWire...management, Secret rotation, On-call schedule, Configuration management, Workflow management, Alerts, Log aggregation, Unhandled failure aggregation, Operations](https://reader035.fdocuments.in/reader035/viewer/2022081611/5f02f6da7e708231d406e18d/html5/thumbnails/15.jpg)
Even a small number of services requires an ongoing operational resource commitment that must scale sublinearly.
Minimum Expected Commitment
![Page 16: SERVICEFULL - GeekWire...management, Secret rotation, On-call schedule, Configuration management, Workflow management, Alerts, Log aggregation, Unhandled failure aggregation, Operations](https://reader035.fdocuments.in/reader035/viewer/2022081611/5f02f6da7e708231d406e18d/html5/thumbnails/16.jpg)
16
Concerns for a Single Service
ConcernsforaSingleService-SeanTreadway
Service name, Programming language(s), Programming paradigm(s), Architectural choices, Integration pattern(s), Transport protocols, Authentication, Authorization, Reporting, ETLs, Databases, Caching, Platform libraries, Service dependencies, CI pipeline dependencies, 3rd party library dependencies, 3rd party service dependencies, Security threat model, License audit, Compliance audit, Capacity plan, Provisioning plan, Cost reporting plan, Monitoring plan, Maintenance process, Backup and restore process, Secret management, Secret rotation, On-call schedule, Configuration management, Workflow management, Alerts, Log aggregation, Unhandled failure aggregation, Operations and incident response runbooks, API documentation, Source code repository, Humane service registry, Service discovery registry, Distributed tracing registry, Monitoring dashboard registry, Build artifact repository, CI pipeline(s): build, test, publish, Integration tests, Contract tests, Canary, Deploy, Post-deploy tests
![Page 17: SERVICEFULL - GeekWire...management, Secret rotation, On-call schedule, Configuration management, Workflow management, Alerts, Log aggregation, Unhandled failure aggregation, Operations](https://reader035.fdocuments.in/reader035/viewer/2022081611/5f02f6da7e708231d406e18d/html5/thumbnails/17.jpg)
FOCUS
![Page 18: SERVICEFULL - GeekWire...management, Secret rotation, On-call schedule, Configuration management, Workflow management, Alerts, Log aggregation, Unhandled failure aggregation, Operations](https://reader035.fdocuments.in/reader035/viewer/2022081611/5f02f6da7e708231d406e18d/html5/thumbnails/18.jpg)
18
Building Up
![Page 19: SERVICEFULL - GeekWire...management, Secret rotation, On-call schedule, Configuration management, Workflow management, Alerts, Log aggregation, Unhandled failure aggregation, Operations](https://reader035.fdocuments.in/reader035/viewer/2022081611/5f02f6da7e708231d406e18d/html5/thumbnails/19.jpg)
19
Cloud Materials
![Page 20: SERVICEFULL - GeekWire...management, Secret rotation, On-call schedule, Configuration management, Workflow management, Alerts, Log aggregation, Unhandled failure aggregation, Operations](https://reader035.fdocuments.in/reader035/viewer/2022081611/5f02f6da7e708231d406e18d/html5/thumbnails/20.jpg)
SERVICEFULL Serverless + Cloud Services
![Page 21: SERVICEFULL - GeekWire...management, Secret rotation, On-call schedule, Configuration management, Workflow management, Alerts, Log aggregation, Unhandled failure aggregation, Operations](https://reader035.fdocuments.in/reader035/viewer/2022081611/5f02f6da7e708231d406e18d/html5/thumbnails/21.jpg)
Serverless Development Tooling
![Page 22: SERVICEFULL - GeekWire...management, Secret rotation, On-call schedule, Configuration management, Workflow management, Alerts, Log aggregation, Unhandled failure aggregation, Operations](https://reader035.fdocuments.in/reader035/viewer/2022081611/5f02f6da7e708231d406e18d/html5/thumbnails/22.jpg)
https://gosparta.io/
![Page 23: SERVICEFULL - GeekWire...management, Secret rotation, On-call schedule, Configuration management, Workflow management, Alerts, Log aggregation, Unhandled failure aggregation, Operations](https://reader035.fdocuments.in/reader035/viewer/2022081611/5f02f6da7e708231d406e18d/html5/thumbnails/23.jpg)
CONFIG < CODE
![Page 24: SERVICEFULL - GeekWire...management, Secret rotation, On-call schedule, Configuration management, Workflow management, Alerts, Log aggregation, Unhandled failure aggregation, Operations](https://reader035.fdocuments.in/reader035/viewer/2022081611/5f02f6da7e708231d406e18d/html5/thumbnails/24.jpg)
X-Ray CloudWatch
Polly
SSM
Bucket
Website
Comprehend
Presigned S3 URL
Rekognition API Gateway
1
4
3
2
Architecture
![Page 25: SERVICEFULL - GeekWire...management, Secret rotation, On-call schedule, Configuration management, Workflow management, Alerts, Log aggregation, Unhandled failure aggregation, Operations](https://reader035.fdocuments.in/reader035/viewer/2022081611/5f02f6da7e708231d406e18d/html5/thumbnails/25.jpg)
Define Lambda Function func (gws *ServicefulService) s3GetPresignedURLLambda(ctx context.Context, apigRequest spartaEvents.APIGatewayRequest) (*presignedResponse, error) { objectPath := fmt.Sprintf("%s/%s",
gws.connections.S3KeyspaceUploads, lambdaContext.AwsRequestID)
putObjectInput := &s3.PutObjectInput{ Bucket: aws.String(s3Resource.ResourceRef), Key: aws.String(objectPath), } presignedReq, _ := s3svc.PutObjectRequest(putObjectInput) url, err := presignedReq.Presign(5 * time.Minute) if nil != err { return nil, err } return &presignedResponse{ PresignedURL: url, }, nil }
![Page 26: SERVICEFULL - GeekWire...management, Secret rotation, On-call schedule, Configuration management, Workflow management, Alerts, Log aggregation, Unhandled failure aggregation, Operations](https://reader035.fdocuments.in/reader035/viewer/2022081611/5f02f6da7e708231d406e18d/html5/thumbnails/26.jpg)
Define Lambda Options func (gws *ServicefulService) newS3PresignedPutItemLambda(api *sparta.API)
*sparta.LambdaAWSInfo { // Register lambdaFn := sparta.HandleAWSLambda("PresignedURLProvider", gws.s3GetPresignedURLLambda, sparta.IAMRoleDefinition{}) // IAM lambdaFn.RoleDefinition.Privileges = gws.bucketGetPutPrivileges() // X-Ray lambdaFn.Options.TracingConfig = &gocf.LambdaFunctionTracingConfig{ Mode: gocf.String("Active"), } // API Gateway apiMethod, apiMethodErr := apiGatewayResource.NewMethod("GET", http.StatusOK, http.StatusInternalServerError) … }
![Page 27: SERVICEFULL - GeekWire...management, Secret rotation, On-call schedule, Configuration management, Workflow management, Alerts, Log aggregation, Unhandled failure aggregation, Operations](https://reader035.fdocuments.in/reader035/viewer/2022081611/5f02f6da7e708231d406e18d/html5/thumbnails/27.jpg)
Define Lambda Triggers
// IAM Role privileges lambdaFn.RoleDefinition.Privileges =
gws.bucketGetPutPrivileges("polly:SynthesizeSpeech") // Event Triggers lambdaFn.Permissions = append(lambdaFn.Permissions, gws.s3NotificationPrefixBasedPermission(gws.connections.S3KeyPrefix))
![Page 28: SERVICEFULL - GeekWire...management, Secret rotation, On-call schedule, Configuration management, Workflow management, Alerts, Log aggregation, Unhandled failure aggregation, Operations](https://reader035.fdocuments.in/reader035/viewer/2022081611/5f02f6da7e708231d406e18d/html5/thumbnails/28.jpg)
Define Service
lambdaFunctions := service.New(connections, apiGateway) stackName := spartaCF.UserScopedStackName("SpartaGeekwire") sparta.MainEx(stackName, fmt.Sprintf("GeekWire service combines S3 with multiple AWS Services"), lambdaFunctions, apiGateway, s3Site, workflowHooks(connections, lambdaFunctions), false)
![Page 29: SERVICEFULL - GeekWire...management, Secret rotation, On-call schedule, Configuration management, Workflow management, Alerts, Log aggregation, Unhandled failure aggregation, Operations](https://reader035.fdocuments.in/reader035/viewer/2022081611/5f02f6da7e708231d406e18d/html5/thumbnails/29.jpg)
Provision go run main.go provision --s3Bucket MY_BUCKET
Inline ReactJS build
Deploy ~2 minutes
![Page 30: SERVICEFULL - GeekWire...management, Secret rotation, On-call schedule, Configuration management, Workflow management, Alerts, Log aggregation, Unhandled failure aggregation, Operations](https://reader035.fdocuments.in/reader035/viewer/2022081611/5f02f6da7e708231d406e18d/html5/thumbnails/30.jpg)
$ gocloc . ------------------------------------------------------------------------------- Language files blank comment code ------------------------------------------------------------------------------- HTML 2 5991 1707 58556 JSON 5 0 0 13196 JavaScript 9 320 557 813 Go 8 102 179 694 YAML 2 50 1 141 Markdown 15 23 0 66 Makefile 1 11 0 25 BASH 2 1 0 5 Sass 1 0 0 1 ------------------------------------------------------------------------------- TOTAL 45 6498 2444 73497 -------------------------------------------------------------------------------
h@ps://github.com/hha@o/gocloc
Statistics
![Page 31: SERVICEFULL - GeekWire...management, Secret rotation, On-call schedule, Configuration management, Workflow management, Alerts, Log aggregation, Unhandled failure aggregation, Operations](https://reader035.fdocuments.in/reader035/viewer/2022081611/5f02f6da7e708231d406e18d/html5/thumbnails/31.jpg)
Azure Machine Learning
Cosmos DB Cloud Functions
AWS Step Functions AWS Athena
Servicefull Landscape
![Page 32: SERVICEFULL - GeekWire...management, Secret rotation, On-call schedule, Configuration management, Workflow management, Alerts, Log aggregation, Unhandled failure aggregation, Operations](https://reader035.fdocuments.in/reader035/viewer/2022081611/5f02f6da7e708231d406e18d/html5/thumbnails/32.jpg)
Servicefull in Production
![Page 33: SERVICEFULL - GeekWire...management, Secret rotation, On-call schedule, Configuration management, Workflow management, Alerts, Log aggregation, Unhandled failure aggregation, Operations](https://reader035.fdocuments.in/reader035/viewer/2022081611/5f02f6da7e708231d406e18d/html5/thumbnails/33.jpg)
TAKEAWAYS
![Page 34: SERVICEFULL - GeekWire...management, Secret rotation, On-call schedule, Configuration management, Workflow management, Alerts, Log aggregation, Unhandled failure aggregation, Operations](https://reader035.fdocuments.in/reader035/viewer/2022081611/5f02f6da7e708231d406e18d/html5/thumbnails/34.jpg)
Loose coupling
Shifted operational responsibilities
Fine-grained access controls
More financial transparency
Incredibly rich landscape
Servicefull Merits
![Page 35: SERVICEFULL - GeekWire...management, Secret rotation, On-call schedule, Configuration management, Workflow management, Alerts, Log aggregation, Unhandled failure aggregation, Operations](https://reader035.fdocuments.in/reader035/viewer/2022081611/5f02f6da7e708231d406e18d/html5/thumbnails/35.jpg)
Come for the Resiliency
Stay for the Focus
Enjoy the View
![Page 36: SERVICEFULL - GeekWire...management, Secret rotation, On-call schedule, Configuration management, Workflow management, Alerts, Log aggregation, Unhandled failure aggregation, Operations](https://reader035.fdocuments.in/reader035/viewer/2022081611/5f02f6da7e708231d406e18d/html5/thumbnails/36.jpg)
36#WOCinTech
Build something Servicefull! Build something Awesome!
![Page 37: SERVICEFULL - GeekWire...management, Secret rotation, On-call schedule, Configuration management, Workflow management, Alerts, Log aggregation, Unhandled failure aggregation, Operations](https://reader035.fdocuments.in/reader035/viewer/2022081611/5f02f6da7e708231d406e18d/html5/thumbnails/37.jpg)
SERVICEFULL Using Serverless to Build Servicefull Applications
Matt Weagle Director of Infrastructure
ShiftLeft, Inc.
![Page 38: SERVICEFULL - GeekWire...management, Secret rotation, On-call schedule, Configuration management, Workflow management, Alerts, Log aggregation, Unhandled failure aggregation, Operations](https://reader035.fdocuments.in/reader035/viewer/2022081611/5f02f6da7e708231d406e18d/html5/thumbnails/38.jpg)
Get In Touch @mweagle �
https://www.linkedin.com/in/mweagle/ �
�Serverless Forum Slack, Gophers Slack
Matt Weagle
![Page 39: SERVICEFULL - GeekWire...management, Secret rotation, On-call schedule, Configuration management, Workflow management, Alerts, Log aggregation, Unhandled failure aggregation, Operations](https://reader035.fdocuments.in/reader035/viewer/2022081611/5f02f6da7e708231d406e18d/html5/thumbnails/39.jpg)
Discussion