Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

SRV418 Deep Dive on Accelerating Content, APIs, and Applications with Amazon CloudFront and Lambda@Edge


Published on

Attend this session to dive deeper into AWS's content delivery service, Amazon CloudFront. Learn how you can use CloudFront to accelerate the delivery of your APIs or applications, including content that cannot be cached, to global clients. We'll also walk you through how you can use Lambda@Edge, which gives you the ability to execute custom code inline with your CloudFront events to customize applications. With Lambda@Edge, you can now generate custom responses right at the edge, allowing you to leverage CloudFront to reduce end-to-end latency and more efficiently filter traffic to your back-end origin servers. We'll walk you through Lambda@Edge use cases and walk through a demo to show how this works.

Published in: Technology
  • Be the first to comment

SRV418 Deep Dive on Accelerating Content, APIs, and Applications with Amazon CloudFront and Lambda@Edge

  1. 1. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Alec Peterson, GM Amazon CloudFront July 27, 2017 Deep Dive on Accelerating Content, APIs, and Applications with Amazon CloudFront and Lambda@Edge
  2. 2. What to expect from this session • Amazon CloudFront and AWS Lambda • Lambda@Edge • Getting started with Lambda@Edge
  3. 3. AWS Core Services Compute Storage Database Edge Edge Services: A core infrastructure component Users can access application resources directly Customer Application Edge services include CloudFront, Route 53, AWS WAF, AWS Shield, AWS Elemental
  4. 4. AWS Core Services Edge Services: A core infrastructure component Users can access application resources through the Edge to secure, scale, and optimize applications Compute Storage Database Edge Customer Application AND/OR
  5. 5. Edge: AWS global network of points of presence (POPs) on the backbone of the Internet – Amazon CloudFront
  6. 6. 79 Edge locations 11 regional Edge caches 48 cities 21 countries 5 continents 79 Edge locations + 11 regional Edge caches
  7. 7. CloudFront: Global content delivery network  Accelerate your application and APIs  Include static content such as images and video  Massively scalable  Highly secure  Self-service  Priced to minimize cost
  8. 8. Dynamic Static Video User input SSL/TLS CloudFront delivers ALL types of content
  9. 9. Without having to change your backend… ALB/ELB Dynamic content Amazon EC2 Static content Amazon S3 Custom origin OR OR Custom origin Amazon CloudFront *.jpg *.php
  10. 10. AWS Lambda: Serverless Computing
  11. 11. Traditional programming model • A persistent process that processes events • Handles message queue and network connections • Code includes ‘event handling’ AND logic to process the event • Developer manages server infrastructure for application • Developer owns forecasting demand and scaling • Revolves around an event source • E.g., CloudFront request or Amazon S3 PUT • Your code is only the event handling code itself • No servers to manage • Scaling is all managed by AWS Serverless programming model
  12. 12. AWS Lambda: Serverless computing Run code without servers. Pay only for the compute time you consume. Be happy. Triggered by events or called from APIs: • PUT to an Amazon S3 bucket • Updates to Amazon DynamoDB table • Call to an Amazon API Gateway endpoint • Mobile app backend call • CloudFront requests • And many more… Makes it easy to: • Perform real-time data processing • Build scalable backend services • Glue and choreograph systems
  13. 13. Benefits of AWS Lambda Continuous scaling No servers to manage Never pay for idle – no cold servers (only happy accountants)
  14. 14. Lambda programming model – sync vs. async • Synchronous • Execution is serialized with the requesting event • End viewer can depend on function execution – the result of the execution may be used to influence the requesting event • All existing Lambda@Edge events are synchronous • Asynchronous • Execution is parallelized with the requesting event • The result of the Lambda execution may not be used to influence the requesting event • E.g., batch processing of logs and responding to an Amazon S3 object PUT
  15. 15. AWS Lambda@Edge: Serverless Edge Computing
  16. 16. Introducing Lambda@Edge • Lambda@Edge is an extension of AWS Lambda that allows you to run Node.js code at global AWS locations • Bring your own code to the Edge and customize your content very close to your users, improving end-user experience Continuous scaling No servers to manage Never pay for idle – no cold servers Globally distributed
  17. 17. CloudFront triggers for Lambda@Edge functions
  18. 18. CloudFront triggers for Lambda@Edge functions CloudFront cache End user Origin server Viewer request Origin request Origin responseViewer response
  19. 19. Lambda@Edge events • All Lambda@Edge invocations are synchronous • Request events • URI and header modifications can change the object being requested • Viewer request can change the object being requested from the CloudFront cache and the origin • Origin request can change the object or path pattern being requested from the origin • Response events • Origin response can modify what is cached and generate cacheable responses to be returned to the viewer • Viewer response can change what is returned to the viewer CloudFront cache End user Origin server Viewer request Origin request Origin responseViewer response
  20. 20. Write once, run everywhere AWS Location AWS Location AWS Location AWS Location Origin server AWS Location
  21. 21. Lambda@Edge functionality • Read and write access to headers, URIs, and cookies across all triggers • Ability to generate custom responses from scratch • Access to make network calls to external resources on origin-facing hooks
  22. 22. Lambda@Edge event structure { "Records": [ { "cf": { "config": { "distributionId": "EDFDVBD6EXAMPLE" }, "request": { "clientIp": "2001:0db8:85a3:0:0:8a2e:0370:7334", "method": "GET", "uri": "/picture.jpg", "headers": { "host": [ { "key": "Host", "value": "" } ], "user-agent": [ { "key": "User-Agent", "value": "curl/7.51.0" } ] } } ] } Request and distribution information Event data – headers, clientIP, user agent
  23. 23. Lambda@Edge function structure 'use strict'; exports.handler = (event, context, callback) => { const request = event.Records[0].cf.request; // No-op callback(null, request); return; }
  24. 24. So, what can I do with Lambda@Edge?
  25. 25. Highly personalized websites • Redirect viewers to the optimal experience based on their location, language preferences, and device type
  26. 26. Highly personalized websites – how? • Trigger: Viewer request • Inputs • Requested URL • Device type (i.e., User-Agent) • Existing session data • Output • Generate a response directly from Lambda@Edge, specifically a redirect to the most relevant experience (e.g. , cropped images and mobile sites for mobile users)
  27. 27. Pretty URLs • Rewrite the URL end user's request to serve content without exposing your team’s internal directory structure and organization • Provide customized experiences without compromising consistency in what your viewers see
  28. 28. Pretty URLs – how? • Trigger: Origin request • Inputs • URL requested • Outputs • Rewrite the requested URL, which will be passed to the origin • The response will be cached based on what the customer requested to serve subsequent requests (i.e., the pretty URL)
  29. 29. Authorization at the Edge • Inspect cookies or custom headers to authenticate clients right at the edge • Enforce paywalls at the Edge to gate access to premium content to only authenticated viewers
  30. 30. Authorization at the Edge – how? • Trigger: Viewer request • Prerequisites • The customer must have previously authenticated against your authoritative service, resulting in some sort of authorization credential. Typically this is a cookie. • Inputs • URL • Authorization credential (cookie) • Outputs • Allow the request to succeed if the request is authorized. If not, either return a 403 response or redirect to an authentication page
  31. 31. A/B testing • ‘Flip a coin’ to select a version of content displayed to each user on an asset level • Set cookies to ensure that users continue to see the right versions of content
  32. 32. A/B testing – how? • Trigger: Viewer request • Inputs • URL • Cookies • Outputs • If the A/B testing cookie is set, rewrite the requested URI to be the correct content version • If it is not set, flip a coin and set the cookie accordingly.
  33. 33. Limited access to content • Enforce timed access to content at the edge • Make a call to an external authentication server to confirm if a user’s session is still valid • Forward valid requests to the origin, and serve redirects to new users to login pages
  34. 34. Limited content access – How? • Trigger: Origin request • Inputs • URL/cookies • Access to external user-tracking database • Outputs • If a customer requests content for specific URLs or with specific cookies, make a request to the external server to confirm session validity. • Based on response from external server, serve content, or redirect to a login page.
  35. 35. Response generation at the Edge Generate an HTTP response to end user requests arriving at AWS locations: • Generate customized error pages and static websites directly from Edge locations • Combine content drawn from multiple external resources to dynamically build websites at the Edge
  36. 36. Response generation – how? • Viewer or origin request event • Inputs • URI • Headers • Outputs • Custom response based on URI and headers
  37. 37. Let’s see it in action Demo Time!
  38. 38. Lambda@Edge: Getting Started
  39. 39. Lambda@Edge pricing Just as with Lambda today, Lambda@Edge is priced on two dimensions: • $0.60 / million function executions • $0.0225 per hour of execution duration (128 MB per function, metered at 50ms granularity) For example - 10 million executions, 50ms each time • Total charges = Compute charges (10M * 0.05 sec * ($0.0225 / 3600) = $3.13) + Request charges (10M * $0.6/M = $6.00) = $3.13 + $6.00 = $9.13 per month
  40. 40. Recap – using Lambda@Edge Bring your own code • Self-service through the Lambda console Familiar programming model • Standard Node.js-6.10 Write once, run everywhere • Automatically deployed to the AWS network of 79 Edge locations • Requests are routed to the locations closest to your end users across the world Functionalities: - Modify response header - CloudFront response generation - CloudFront HTTP redirect - A/B testing Benefits: - Simple remote call at origin-facing hooks - Cacheable static content generation - Content generation with remote calls
  41. 41. Lambda@Edge – let’s get started • Sign up:
  42. 42. Thank you!
  43. 43. Remember to complete your evaluations!