Top conf serverlezz

AWS LAMBDA ANTONS KRANGA

@acankr

@acankr

‣ Eng. Director @ Agile Stacks

‣ Cloud and DevOps automation startup

‣ Full stack developer ~ 15years

‣ Cloud Architect

‣ DevOps evangelist

‣ Speaker

‣ Marathon runner

ANTONS KRANGA

@acankr

I want a cloud native app

@acankr

I want it HA

@acankr

I want rapid scalability

@acankr

I want to pay around 5$/mo

@acankr

Sounds fantastic!

@acankr

How do I do that?

@acankr

Any drawbacks?

@acankr

AGENDA

▸ Evolution of Cloud Native Applications

▸ Function as a Service

▸ Serverless Blueprints

▸ Lessons Learned

▸ Takeaways

@acankr

1. VM CENTRIC APPS

2. CONTAINER CENTRIC

3. SERVERLESS

EVOLUTION OF CLOUD NATIVE APPS

@acankr

ECONOMICS OF VMS

@acankr

UTILIZATION COSTS

@acankr

ECONOMICS OF APPLICATION VIRTULIZATION ON AWS

▸ 64% or cloud costs refers to EC2 Instances

▸ 53% workloads Small Instances

▸ 29% workloads Medium size

https://goo.gl/1pmqKD

@acankr

ECONOMICS OF APPLICATION VIRTULIZATION ON AWS

▸ 64% or cloud costs refers to EC2 Instances

▸ 53% workloads Small Instances

▸ 29% workloads Medium size

▸ 16.7% Small instance utilization

▸ 11.9% Medium instance utilization

https://goo.gl/1pmqKD

@acankr

COSTS SAVING STRATEGIES

▸ Use only what you need

▸ Choose right size for instances

▸ Use Reserved instances

@acankr

CHALLENGES OF RESERVED INSTANCES

▸ Use only what you need

▸ Choose right size for instances

▸ Use Reserved instances

▸ Expect project run for short time

▸ Undecided about project size

▸ Fear of commitment

@acankr

CONTAINERS TO THE RESCUE

@acankr

Chorr Microservice

@acankr

Chorr Microservice

runtime

@acankr

Chorr Microservice

container

package

runtime

@acankr

Chorr Microservice

cloud

container

package

runtime

deploy

@acankr

Chorr Microservice

runtime

cloud

container

package

deploy

VM

@acankr

Chorr Microservice

runtime

cloud

container

VM

package

deploy

RAM

# CPU

$$$ per hour

@acankr

Chorr Microservice

runtime

cloud

container

VM

package

deploy

RAM

# CPU

$$$ per hour

Scales in 9 minutes*

@acankr

Containers comes with operational overhead

CHALLENGES OF CONTAINERS

@acankr

Scale up is easy, Scale down is a challenge


@acankr

Persistent services are the challenge


@acankr

AGENDA




▸ Lessons Learned

▸ Takeaways

@acankr

SERVERLESS COMPUTING?

@acankr

WHAT IS SERVERLESS

Lambda

@acankr

WHAT IS SERVERLESS

LambdaTrigger

@acankr

WHAT IS SERVERLESS

Lambda

CodeCommit

SmartHome

AlexaSkill IoT

API Gateway

S3 Storage

CloudWatchEvent

Logs

SNS

Kinesis

Messages

DynamoDB

Internet of Things

Streaming

Development and Ops

Security

Trigger

Cognito

@acankr

WHAT IS SERVERLESS

Lambda

CodeCommit

SmartHome

AlexaSkill IoT

API Gateway

S3 Storage

CloudWatchEvent

Logs

SNS

Kinesis

Messages

DynamoDB

Internet of Things

Streaming

Development and Ops

Security

Trigger

Container

Application CodeCognito

@acankr

WHAT IS SERVERLESS

Lambda

CodeCommit

SmartHome

AlexaSkill IoT

API Gateway

S3 Storage

CloudWatchEvent

Logs

SNS

Kinesis

Messages

DynamoDB

Internet of Things

Streaming

Development and Ops

Security

Trigger Event AWS Service

Container

Application CodeCognito

@acankr

Scales in few milliseconds

ADVANTAGES OF AWS LAMBDA

@acankr

Pricing model: 0.2$ per 1M of executions


@acankr

Easy deployment


@acankr

Low maintenance costs


@acankr

Implements Actor model => good for async calls


@acankr

Have timeout limit for 5 minutes (cannot change)

DISADVANTAGES OF AWS LAMBDA

@acankr

Provides 2 cores vCPU (cannot change)


@acankr

Stateless (you can only write to /tmp)


@acankr

Problem of initial startup time (caches for few mins)


@acankr

Doesn’t fit to sync calls with user interactions


@acankr

LAMBDA CONTAINER

▸ Price: $0.208 - $2.501 per 1M executions

▸ RAM: 128MB - 1536MB

▸ vCPU Cores: 2

▸ Ephemeral Disk: 512MB

▸ Write Partition: /tmp/*

▸ Timeout: 300sec

▸ Body Payload: 6MB

]▸ Price: $0.023 per Hour (t2-small)

▸ RAM: 2GB

▸ vCPU Cores: 1

▸ Ephemeral Disk or EBS

▸ Timeout: no

Lambda EC2 (VM)

VS

@acankr

WHAT IS LAMBDA?

BUILD.GRADLEapply plugin: 'java'version = '1.0.0'mainClassName='Main'

repositories { mavenCentral()}

dependencies { compile ( 'com.amazonaws:aws-lambda-java-core:1.1.0', 'com.amazonaws:aws-lambda-java-events:1.1.0' )}

MAIN.JAVApublic class Main implements RequestHandler<String, String> {

public String handleRequest(String input, Context context) {context.getLogger().log("My input is: " + input);return "Hello: " + input

}

}

INDEX.PYimport logginglog = logging.getLogger()log.setLevel(logging.INFO)

def handler(event, context): log.debug(event) return {'message': 'Hello from Lambda'}

INDEX.JS

exports.handler = (event, context, callback) => { console.log(event) callback(null, {'message': 'Hello from Lambda'});};

@acankr

▸ NodeJS 4.6

▸ NodeJS 6.10

▸ Python 2.7

▸ Python 3.6

▸ Java 8

▸ C#

▸ EdgeJS 4.6

Language Runtimes First Execution Next Execution RAM Used

3.06ms 0.34ms 23MB

3.07-9.06ms 0.25 - 4.67ms 22MB

12.07 - 30.56ms 0.37 - 0.64ms 50MB

31.07ms 18MB0.29 - 9.96ms

0.17ms 0.18 - 0.38ms 20MB

MINIMALISTIC LAMBDA EXECUTION

@acankr

MINIMALISTIC LAMBDA EXECUTION

▸ NodeJS 4.6

▸ NodeJS 6.10

▸ Python 2.7

▸ Python 3.6

▸ Java 8

▸ C#

▸ EdgeJS 4.6

Language RuntimesCONFIGURATION MANAGEMENT

SECRET MANAGEMENT

SERVICE DISCOVERY

EXPOSURE AND AUTH

PRIVATE CLOUD ACCESS

@acankr

DEPLOYMENT

@acankr

LAMBDA

SERVICE

@acankr

CODE VERSIONS

LAMBDA

V1

SERVICE

@acankr

CODE VERSIONS

LAMBDA

V1

SERVICE ALIAS

LATEST

@acankr

CODE VERSIONS

LAMBDA

V1

V2

SERVICE ALIAS

LATEST

@acankr

CODE VERSIONS

LAMBDA

V1

V2

V3

SERVICE ALIAS

LATEST

@acankr

CODE VERSIONS

LAMBDA

V1

V2

V3

SERVICE ALIAS

LATEST

V4

@acankr

CODE VERSIONS

LAMBDA

V1

V2

V3

SERVICE ALIAS

STABLE

V4

LATEST

@acankr

CODE VERSIONS

LAMBDA

V1

V2

V3

SERVICE ALIAS

STABLE

V4

ENV

DEV

TEST

PROD

LATEST

@acankr

▸ CloudFormation and/or Terraform for initial deployment

▸ Setup Cloud Resources

▸ Inject dependencies via ENV VARS

▸ Encrypt Secrets with KMS

▸ CLI “update-function-code” for incremental deployment

@acankr

EXPOSE LAMBDA

@acankr

AGENDA




▸ Lessons Learned

▸ Takeaways

@acankr

API Gateway

Lambda

+

- API Management Tool

- Authorization + Custom Authorizer

- Defines: Environment Variables for Lambda

- Can be defined with Swagger and imported

- Code Supports Versioning

- Integrated with CloudWatch

- Lambda Containers are Cached for 5 minutes

- Can be deployed with “apex.run” tool

- User can write files in /tmp

@acankr

GETPOSTPUTDELETE

dataAPI Gateway Lambda

ajax event

USER

@acankr

GETPOSTPUTDELETE


ajax event

USER

AuthorizerLambda

IdentityService Provider

@acankr

STATEFUL LAMBDA

@acankr

GETPOSTPUTDELETE

dataAPI Gateway

ajax event

USER

DynamoDB Table

Environment Variables

Lambda DynamoDB

@acankr

GETPOSTPUTDELETE

dataAPI Gateway

ajax event

USER

DB_URL

DB_PORT

DB_USER

Environment Variables

Lambda

VPC

KMS encrypted DB_PASSWORD

@acankr

STEP FUNCTIONS

@acankr

▸ Model flows of Lambda Functions

▸ Conditional flows

▸ Design error handling

▸ Design conditional execution

▸ Output of previous function will be input of next

@acankr

WEBSITE EXAMPLE

@acankr

GET

Static HTML

CSS/Media

Rich JavaScript Apps

S3 StorageCloudFront

GETPOSTPUTDELETE

Dynamic DataData from DatabaseData from External Service


ajax

http

eventUSER

DynamoDB

R53 Domain

example.com

@acankr

HIPSTER PORTAL

@acankr

HIPSTER PORTAL

"...USE GIT AS THE BASIS FOR A LIGHTWEIGHT CMS, WITH TEXT-BASED EDITING FORMATS. GIT

HAS POWERFUL FEATURES FOR TRACKING CHANGES AND EXPLORING ALTERNATIVES, WITH A

DISTRIBUTED STORAGE MODEL THAT IS FAST IN USE AND TOLERANT OF NETWORKING ISSUES."

ThoughtWorks Technology Radar https://www.thoughtworks.com/radar/techniques/git-based-cms-git-for-non-code

assess since May 2015

https://www.thoughtworks.com/radar/techniques/git-based-cms-git-for-non-code

@acankr

Lambda

+ - Lambda doesn’t have GIT client.

- You can “statically link” git libraries with git2go library (libgit2)

- To read SSH key file with Lambda it must be stored in “/tmp” directory

- SSH private key must have 600 credentials

- SSH private key must be owned by user “sandbox”

Code Commit

- Git Repository Service

- Backed by S3 storage

- Price: $1 per user

- Only: us-west-1 region

@acankr@acankr

USER

GETS3 Storage

CloudFront

GETPOSTPUTDELETE


ajax

http

event

Lambda

push

EDITOR

event

document commit

PUT

Checkout documentRender or post-process Publish

CodeCommit

DynamoDB

STREAM

Invalidate Cache

Lambda

@acankr

SERVERLESS CI

@acankr

CompilationLambda

push

DEV

event

document commit

Checkout Compile

CodeCommit

PUT

S3

GET

Checkout Compile

TestingLambda

if neededlong running tests

VMs

CREATE

DeploymentLambda

Lambda

SNS

ChatOps

@acankr

AGENDA




▸ Lessons Learned

▸ Takeaways

@acankr

We tried number of frameworks for different runtimes

LESSONS LEARNED

@acankr

Most mature: serverless and apex

LESSONS LEARNED

@acankr

Quite mature: serverless (node) and apex

LESSONS LEARNED

@acankr

Interesting: chalice (python)

LESSONS LEARNED

@acankr

All frameworks failed to aws-sdk

LESSONS LEARNED

@acankr

All cloud deployment frameworks failed except aws-cli and terraform

LESSONS LEARNED

@acankr

Different event sources sends you different messages

LESSONS LEARNED

@acankr

json-schema is a way to validate who is calling you

LESSONS LEARNED

@acankr

AWS loves to encode json as string inside of another json

LESSONS LEARNED

@acankr

Optimize for latency (not for CPU)

LESSONS LEARNED

@acankr

Lambda is amazing at handling Cloud events

LESSONS LEARNED

@acankr

Minimize API calls (introduces latency and cost)

LESSONS LEARNED

@acankr

Avoid call lambda from another lambda (use local exec)

LESSONS LEARNED

@acankr

Unit tests are hard and no remote debug

LESSONS LEARNED

@acankr

Use LAMBDA_PROXY integration wiht APIG

LESSONS LEARNED

@acankr

AGENDA




▸ Lessons Learned

▸ Takeaways

@acankr

▸ Optimize for what you use

▸ Split deployment code to: initial and incremental

▸ Lambdas are best for rare events (cluster events, chatbots etc)

▸ Lambdas bad for UI

TAKEWAYS

@acankr

▸ All frameworks were

▸ Use CloudFormation and Terraform for initial deployment

▸ Serverless to support Lambda on NodeJS

▸ Chalice for Python runtime

TAKEAWAYS

@acankr

- AZURE FUNCTIONS

- Runtimes: - ASP .NET (1Core)- NodeJS- etc

- Deployment:- REST API- PowerShell

- GOOGLE CLOUD FUNCTIONS

- Runtimes:- NodeJS (only)

- Deployment:- gcloud

@acankr

GOOD BOOK

Book: AWS Lambda in Action MEAP

Begin in 2016 February

Publication: March 2017

Author: Danilo Poccia

ISBN: 9781617293719

https://www.manning.com/books/aws-lambda-in-action

@acankr

THANK YOU

https://github.com/akranga/topconf-serverless

Top conf serverlezz

Software

Transcript of Top conf serverlezz