Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

GPSTEC314-GPS From Monolithic to Serverless - Why and How to Move

345 views

Published on

Is your customer worried about scaling their monolithic application for an upcoming major event and has a tight timeline? Maybe it's time you recommend moving their application to a microservices architecture. In this session, we explore how to convert a monolithic application to a microservices model by using AWS serverless services such as AWS Lambda, Amazon API Gateway, and Amazon DynamoDB. We step through the common architectural changes in moving to a microservices structure, and we discuss how to manage your application at scale. We also demonstrate a web application built using AWS serverless services.

  • Be the first to comment

GPSTEC314-GPS From Monolithic to Serverless - Why and How to Move

  1. 1. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. AWS re:INVENT G P S : F r o m M o n o l i t h i c t o S e r v e r l e s s — W h y a n d H o w t o M o v e I a n S c o f i e l d | P a r t n e r S o l u t i o n s A r c h i t e c t P a r a s B h u v a | P a r t n e r S o l u t i o n s A r c h i t e c t G P S T E C 3 1 4 N o v e m b e r 2 8 , 2 0 1 7
  2. 2. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. What is serverless? • No provisioning • Zero administration • High availability Fully managed • Focus on the code that matters • Innovate rapidly • Reduce time to market Developer productivity • Automatically • Scale up and scale down Continuous scaling
  3. 3. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Monolithic application
  4. 4. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Can’t fit a monolith inside Lambda Webserver Data Access Service App service Visualization Service Lambda function
  5. 5. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Monolithic versus microservices vs
  6. 6. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Original monolithic application Load Balancer Browser Database Webserver Data Access Service • On premises • Tightly coupled application components • Load balancer • Relational database App Service Visualization Service
  7. 7. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Hard to scale Can’t handle component failures Slow deployment process Limited options Limitations
  8. 8. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. How do we get there?
  9. 9. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Transformation steps Discover Design Develop Deploy Refine
  10. 10. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. 1. Identify components Visualization Service Webserver Data Access Service App Service Database 2. Outline requirements Amazon S3 Amazon DynamoDB AWS Lambda Amazon API Gateway 3. Map to AWS resources • State? • Compute? • API? • Storage? • Security? • Managed? • Estimated scale? • Others Where do we start? Discover
  11. 11. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Rough architecture—design Data stored in Amazon DynamoDB Dynamic content in AWS Lambda Amazon API Gateway Browser Amazon CloudFront Amazon S3
  12. 12. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. How do I secure it? Amazon API Gateway AWS Lambda Amazon S3 Amazon CloudFront Browser Amazon DynamoDB
  13. 13. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Define our initial security posture Amazon API Gateway AWS Lambda Amazon DynamoDB Amazon S3 Amazon CloudFront • Bucket Policies • ACLs • OAI • Geo-Restriction • Signed Cookies • Signed URLs • DDOS IAM AuthZ IAM • Throttling • Caching • Usage Plans Browser
  14. 14. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Monitoring your resources Amazon API Gateway AWS Lambda Amazon S3 Amazon CloudFront Browser Amazon DynamoDB
  15. 15. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Monitoring your resources Amazon API Gateway AWS Lambda Amazon S3 Amazon CloudFront Browser Amazon DynamoDB • Access Logs in S3 Bucket • CloudWatch Metrics • Access Logs in S3 Bucket AWS CloudTrail Amazon CloudWatch • Custom CloudWatch Metrics & Alarms • Audit Log of All AWS API Calls • Latency • Count • Cache Hit/Miss • 4XX/5XX Errors • Invocations • Invocation Errors • Duration • Throttled Invocations • Throttled Reqs • Returned Bytes • Latency
  16. 16. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Frameworks—develop/deploy 1. AWS Serverless Application Model (SAM) 2. Serverless 3. Zappa 4. Chalice 5. Others
  17. 17. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. AWS Serverless Application Model (SAM) AWS CloudFormation brings: • Infrastructure as code • Easy to provision and manage a collection of related AWS resources • Input .yaml file and output provisioned AWS resources • Optimized for infrastructure AWS SAM: • CloudFormation extension optimized for serverless • New serverless resources: functions, APIs, and tables • Supports anything CloudFormation supports • Open specification (Apache 2.0)
  18. 18. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. AWS SAM: Less complexity, more power AWSTemplateFormatVersion: '2010 -09-09' Resources: GetHtmlFunctionGetHtmlPermissionProd: Type: AWS::Lambda::Permission Properties: Action: lambda:invokeFunction Principal: apigateway.amazonaws.com FunctionName: Ref: GetHtmlFunction SourceArn: Fn::Sub: arn:aws:execute -api:${AWS::Region}:${AWS::AccountId}:${ServerlessRestApi}/Prod/ANY/* ServerlessRestApiProdStage: Type: AWS::ApiGateway::Stage Properties: DeploymentId: Ref: ServerlessRestApiDeployment RestApiId: Ref: ServerlessRestApi StageName: Prod ListTable: Type: AWS::DynamoDB::Table Properties: ProvisionedThroughput: WriteCapacityUnits: 5 ReadCapacityUnits: 5 AttributeDefinitions: - AttributeName: id AttributeType: S KeySchema: - KeyType: HASH AttributeName: id GetHtmlFunction: Type: AWS::Lambda::Function Properties: Handler: index.gethtml Code: S3Bucket: flourish -demo-bucket S3Key: todo_list.zip Role: Fn::GetAtt: - GetHtmlFunctionRole - Arn Runtime: nodejs4.3 GetHtmlFunctionRole: Type: AWS::IAM::Role Properties: ManagedPolicyArns: - arn:aws:iam::aws:policy/AmazonDynamoDBReadOnlyAccess - arn:aws:iam::aws:policy/service -role/AWSLambdaBasicExecutionRole AssumeRolePolicyDocument: Version: '2012 -10-17' Statement: - Action: - sts:AssumeRole Effect: Allow Principal: Service: - lambda.amazonaws.com ServerlessRestApiDeployment: Type: AWS::ApiGateway::Deployment Properties: RestApiId: Ref: ServerlessRestApi Description: 'RestApi deployment id: 127e3fb91142ab1ddc5f5446adb094442581a90d' StageName: Stage GetHtmlFunctionGetHtmlPermissionTest: Type: AWS::Lambda::Permission Properties: Action: lambda:invokeFunction Principal: apigateway.amazonaws.com FunctionName: Ref: GetHtmlFunction SourceArn: Fn::Sub: arn:aws:execute -api:${AWS::Region}:${AWS::AccountId}:${ServerlessRestApi}/*/ANY/* ServerlessRestApi: Type: AWS::ApiGateway::RestApi Properties: Body: info: version: '1.0' title: Ref: AWS::StackName paths: "/{proxy+}": x-amazon-apigateway-any-method: x-amazon-apigateway-integration: httpMethod: ANY type: aws_proxy uri: Fn::Sub: arn:aws:apigateway:${AWS::Region}:lambda:path/2015 -03- 31/functions/${GetHtmlFunction.Arn}/invocations responses: {} swagger: '2.0' CF template example—API triggering Lambda AWSTemplateFormatVersion: '2010-09-09’ Transform: AWS::Serverless-2016-10-31 Resources: GetHtmlFunction: Type: AWS::Serverless::Function Properties: CodeUri: s3://flourish-demo-bucket/todo_list.zip Handler: index.gethtml Runtime: nodejs4.3 Policies: AmazonDynamoDBReadOnlyAccess Events: GetHtml: Type: Api Properties: Path: /{proxy+} Method: ANY ListTable: Type: AWS::Serverless::SimpleTable AWS SAM example—API triggering Lambda
  19. 19. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Serverless app lifecycle management AWS Serverless Application Model (SAM) AWS Lambda Amazon API Gateway AWS CloudFormation Amazon S3 Amazon DynamoDB Package & Deploy Code/Packages/ Swagger Serverless Template Serverless Template w/CodeUri package deploy CI/CD Tools
  20. 20. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Demo + deep dive
  21. 21. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Please go here to vote—democlub.xyz
  22. 22. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Voting application—high level architecture Data stored in Amazon DynamoDB Dynamic content in AWS Lambda Amazon API Gateway Browser Amazon S3
  23. 23. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Browser AuthZ Amazon DynamoDB Amazon API Gateway • Throttling • Caching • Usage Plans AWS Lambda IAM IAM Amazon S3Amazon CloudFront • Bucket Policies • ACLs • OAI • Geo-Restriction • Signed Cookies • Signed URLs • DDOS Amazon Cognito Amazon Route 53 Detailed architecture AWS Lambda Amazon DynamoDB Streams IAM IAM Aggregation
  24. 24. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Resources Learning path (step by step guide)—https://aws.amazon.com/getting- started/serverless-web-app/ Serverless page—https://aws.amazon.com/serverless/ Serverless architecture best practices (on YouTube)—https://youtu.be/b7UMoc1iUYw Serverless Application Model (SAM) deep dive—https://youtu.be/e3lreqpWN0A AWS Lambda deep dive—https://youtu.be/dB4zJk_fqrU Developer Tooling—https://aws.amazon.com/serverless/developer-tools/
  25. 25. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Thank you!

×