1. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Pahud Hsieh( )
Senior Solutions Architect, AWS
08.23, 2018
Effective Cloud Native Design
with PHP on AWS
AWS PHP

2. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
About me
Pahud Hsieh
@pahudnet
1999 My 1st project with PHP3
2000-2002 .COM, Linux and OSS
2002-2004 Linux admin in STB industry
2004-2006 PChome Portal
2006-2014 Shanghai/China and Mobile industry
2014-2016 IoT - All-In AWS Serverless and Containers
2016-NOW AWS Solutions Architect

3. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Looking back the 20 years
Simplified
Abstract away
Focus on high level

4. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Agenda
• Containerize your PHP workload
• Container Orchestration
• Abstract away the hosts - Serverless Containers
• Abstract away the authentication and authorization – OpenResty
• Abstract away the reverse proxy – Amazon API Gateway
• Abstract all the infra – reactive and event-driven app with Lambda

5. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Container

6. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
First things first…
What are containers and why are customers using them?

7. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
What are containers?
A container is an atomic, self-contained package of software that
includes everything it needs to run (code, runtime, libraries,
packages, etc.).
A popular, widely-used container platform is Docker. More on
that here: https://www.docker.com

8. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.

9. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Why are containers so popular?
Portable
Lightweight
Standardized
Easy to deploy
Along with containers, comes the “monolith to microservices” story:
containers and microservices go hand in hand (more on that in a
second)

10. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Docker with PHP7 and Apache
docker run -d -p 80:80 --name my-apache-php-app -v
"$PWD":/var/www/html php:7.2-apache

11. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Docker with PHP7-fpm and Nginx
$ docker-compose up
https://github.com/mikechernev/dockerised-php

12. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Docker with PHP7 with Caddy
docker run -d -p 2015:2015 --name php abiosoft/caddy:php

13. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Why Docker is so fast?
Server
Guest OS
Bins/Libs Bins/Libs
App2App1

14. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Running one container is easy

15. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Managing many containers is hard
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS

16. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Enter container orchestration tools

17. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
What are container orchestration tools?
Framework for managing, scaling, deploying containers.

18. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
So what’s the container landscape look like
on AWS?

19. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
What does the landscape look like all together?
Amazon ECS Amazon EKS Fargate mode for ECS Fargate mode
for EKS
(available 2018)

20. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Amazon ECS
Easiest way to deploy and
manage containers
Integration with entire AWS platform
ALB, Auto Scaling, Batch, Elastic Beanstalk,
CloudFormation, CloudTrail, CloudWatch Events,
CloudWatch Logs, CloudWatch Metrics, ECR, EC2 Spot,
IAM, NLB, Parameter Store, and VPC
Scales to support clusters of any size
Service integrations (like ALB and NLB) are at
container level
1
2
3

21. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
What we did with ECS in 2017
Container access to
environmental metadata
Network Load Balancer support
Console support for
SpotFleet
Override parameters for
RunTask and StartTask APIs
Task Elastic Network
Interface
Application Load Balancer Support
HIPAA eligibility
Console UX improvements
CLI V1.0
Container instance draining
Windows containers
Cron and Cloudwatch Event
Task scheduling
Support for Docker Privileged
Mode Lifecycle Policies for container images
Beijing Region
Support for Device and Init
flags
Add attributes during boot
Seoul Region
Linux capabilities

22. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Amazon EKS
Managed Kubernetes on AWS
Highly available Automated
version upgrades
Integration with
other AWS
services
Etcd
Master
Managed
Kubernetes
control plane
CloudTrail, CloudWatch,
ELB, IAM, VPC,
PrivateLink

23. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
AWS Fargate
Launch quickly
Scale easily
No infrastructure
Resource based pricing
Containers on demand
Manage everything at
container level

24. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
What does Fargate mean?
No worrying about scaling, service mesh, underlying infrastructure,
cluster resources, capacity, setup.
Just give it a task definition or pod (in 2018), set some resource
limits, and away you go.

25. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Fargate CLI

26. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.

27. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.

28. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.

29. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Demo with PHP and Fargate CLI

30. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
OpenResty with PHP

31. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.

32. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Redis

33. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Redis

34. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Abstract away the Reverse Proxy
Amazon API Gateway

35. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Amazon API Gateway
• Fully managed API endpoint service
• Lambda function integration
• AWS Service Integration
• HTTP Proxy Integration
• VPC Link Integration
• API Key, Authentication and Authorization
• Quota, Usage Plan and Throttling

36. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
API Gateway
App requests
over HTTPS
CRUD
operations

37. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
API Gateway Invocation Flow
Internet
API
Gateway
AWS Lambda
AWS
API Gateway
cache
Any public HTTP(S)
endpoints
Amazon
CloudWatch
Monitoring
ELB

38. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Reactive and event-driven design
with
AWS Lambda

39. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
AWS compute offerings
VM Task Function
Service EC2 ECS Lambda
H/W OS Runtime
Unit of scale
Level of
abstraction

40. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Servers
Which users should have
access to my servers?
How
should
m
y app
withstand
a
server failing?
How will the application
handle server hardware failure?
How many servers
should I budget for?
How many users create
too much load for my servers?
How can I increase
utilization of my servers?
How can I control
access from my servers?
W
hat size
server is
right for m
y perform
ance?
When should I decide to
scale out my servers?
When should I decide to
scale up my servers?
How will I keep my server
OS patched?
Which OS should my
servers run?
Should I tune OS settings
to optimize my application?
What size servers are
right for my budget?
How can I tell if a
server has been
compromised?
Which packages should
be baked into my server images?
How will new code be
deployed to my servers?
How should I implement dynamic
configuration changes on my servers
How much remaining
capacity do my servers have?
(AAHHHHHHHHH!!)

41. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Operations and management Scaling
Provisioning and utilization Availability and fault tolerance
Owning servers means dealing with ...

42. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
AWS Lambda: Run code in response to events
FUNCTION SERVICES (ANYTHING)
Changes in
data state
Requests to
endpoints
Changes in
resource state
Node
Python
Java
C#
Golang
More languages coming soon
EVENT SOURCE

43. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
No servers to provision
or manage
Scales with usage
Never pay for idle Availability and fault
tolerance built in
Benefits of Lambda and serverless compute

44. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Amazon S3 Amazon
DynamoDB
Amazon
Kinesis
AWS
CloudFormation
AWS CloudTrail Amazon
CloudWatch
Amazon
Cognito
Amazon SNSAmazon
SES
Cron events
DATA STORES ENDPOINTS
CONFIGURATION REPOSITORIES EVENT/MESSAGE SERVICES
Example event sources that trigger AWS Lambda
… and a few more with more on the way!
AWS
CodeCommit
Amazon
API Gateway
Amazon
Alexa
AWS IoT AWS Step
Functions

45. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Serverless IoT with AWS Lambda at iRobot

46. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
AWS
Lambda
Amazon
CloudFront
Amazon
S3
Amazon
DynamoDB
Amazon
Redshift
Amazon
Route 53 Amazon VPC
Amazon
CloudWatch
AWS
CloudFormation
AWS
CloudTrail
AWS
Config AWS IAMAWS KMSAWS WAF
Amazon Cognito Amazon
SNS
Amazon API
Gateway
Amazon
SQS
Amazon
Elasticsearch Service
Amazon
Kinesis
Amazon
QuickSight
AWS IoT
How iRobot leverages AWS

47. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Serverless is distributed by nature
Component graph
becomes call graph
Distributed systems
thinking is required from
the start
Event-based architecture

48. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Key Take-aways

49. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Write as less code as you can

50. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Abstract away everything
beneath your business logic and
Innovations

51. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
The world is reactive; make your
application even-driven and cloud
native

52. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Be a builder, not a coder

53. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Stay Calm and Build On !
Twitter: pahudnet
Thank You
Pahud Hsieh
Senior Solutions Architect, Taiwan
hunhsieh@amazon.com