Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Microservices with AWS Lambda and the Serverless Framework

894 views

Published on

An introduction to AWS Lambda and the Serverless Framework

Published in: Software
  • Be the first to comment

Microservices with AWS Lambda and the Serverless Framework

  1. 1. Serverless Microservices An introduction to AWS Lambda and the Serverless Framework © Rowell Belen 1
  2. 2. About Me Rowell Belen / Software Engineer @ Stedi » LinkedIn: https://linkedin.com/in/rowellbelen » Blog: https://www.rowellbelen.com » GitHub: https://github.com/bytekast » Twitter: @bytekast » Email: rowell.belen@bytekast.com © Rowell Belen 2
  3. 3. What is Serverless Computing? Serverless Computing is a cloud computing model that allows you to build and run applications and services without thinking about servers. The platform takes care of everything required to run and scale your code with high availability. © Rowell Belen 3
  4. 4. The Sweet Spot © Rowell Belen 4
  5. 5. But... but... aren't PaaS and Serverless the same? © Rowell Belen 5
  6. 6. What is the key difference between PaaS and Serverless? © Rowell Belen 6
  7. 7. SCALING!! © Rowell Belen 7
  8. 8. Unit of Scale » Data Center: Hardware (Physical Hosting Env Abstraction) » IaaS: Virtual Machines (Hardware Abstraction) » Paas: Application (VM Abstraction) » Serverless: Function (Runtime Abstraction) © Rowell Belen 8
  9. 9. Wait.. wait... What about containers? © Rowell Belen 9
  10. 10. What are the key differences between Containers and Serverless? © Rowell Belen 10
  11. 11. ORCHESTRATION & MANAGEMENT © Rowell Belen 11
  12. 12. and... SCALING!! © Rowell Belen 12
  13. 13. What is AWS Lambda? Amazon's Serverless compute platform for stateless code execution in response to events © Rowell Belen 13
  14. 14. Other Serverless Platform Providers » Microsoft Azure Functions » Iron.io » Google Cloud Functions » IBM Open Whisk » WebTask.io » PubNub BLOCKS © Rowell Belen 14
  15. 15. How Is AWS Lambda Used? » Stream Data Processing » REST Backend Services » One-off Processes » Background Workers » Event Responders © Rowell Belen 15
  16. 16. How are Lambda Functions Triggered? » Event-driven (SNS, S3, API-Gateway, Amazon Echo Skills, IoT, etc.) » Direct Invocation (CLI, SDK, etc.) » Scheduled Interval © Rowell Belen 16
  17. 17. Supported Languages » Node.js (Javascript) » Python » JVM ( Java, Scala, Groovy, Kotlin, Clojure, etc. ) » C# © Rowell Belen 17
  18. 18. Pricing Memory (MB) Free tier seconds per month Price per 100ms ($) 128 3,200,000 0.000000208 256 1,600,000 0.000000417 512 800,000 0.000000834 1024 400,000 0.000001667 1536 266,667 0.000002501 © Rowell Belen 18
  19. 19. Top Tier Pricing (1536 MB Memory) 1 Million Executions @ 1 sec/exec ≈ $18.34 © Rowell Belen 19
  20. 20. Benefits » Cost and Utilization » Fully Managed Infrastructure » Rapid Development » Streamlined AWS Integrations » Pay Per Use » Auto Scale » Built-in Versioning © Rowell Belen 20
  21. 21. Drawbacks » Limited Language Support » Not Suitable for Long-running Tasks » Local Development and Debugging Challenges » Limited Infrastructure Transparency / Less Control » Potential Vendor Lock-in » Cutting-edge quirks » Concurrent Execution Limit is Shared across entire AWS © Rowell Belen 21
  22. 22. Serverless @ © Rowell Belen 22
  23. 23. © Rowell Belen 23
  24. 24. Enough chit-chat, let's see some code! © Rowell Belen 24
  25. 25. Send Events/Metrics to Datadog class DatadogHandler { final rest = new RESTClient('https://app.datadoghq.com/') void handleRequest(Map input, Context context) { def jsonObj = snsJsonBody(input) // Extract Payload def type = jsonObj?.'alert_type' ? 'events' : 'series' def query = ['api_key': System.getenv('DATADOG_API_KEY')] rest.post( path: "api/v1/${type}", body: jsonObj, query: query ) } } © Rowell Belen 25
  26. 26. Custom JWT Token Authorizer class AuthorizerHandler { Map handleRequest(Map input, Context context) { // extract token and resource from input def token = input.authorizationToken?.minus('Bearer')?.trim() def resource = input.methodArn // authenticate def claims = verifyToken(token) // return policy createPolicy(claims, resource) } } © Rowell Belen 26
  27. 27. Verify Token (cont.) Map verifyToken(final String token) { def algorithm = Algorithm.HMAC256(System.getenv('AUTH0_CLIENT_SECRET')) def verifier = JWT.require(algorithm).build() def decodedJwt = verifier.verify(token) decodedJwt.getClaims() } © Rowell Belen 27
  28. 28. Create Security Policy with Claims (cont.) Map createPolicy(final Map claims, final String resource) { [ principalId : claims?.user_id, policyDocument: [ Version : '2012-10-17', Statement: [ Action : 'execute-api:Invoke', Effect : claims ? 'Allow' : 'Deny', Resource: resource ] ], context : claims ] } © Rowell Belen 28
  29. 29. How do I invoke a Lambda function programatically? © Rowell Belen 29
  30. 30. Direct Lambda Invocation - Define Interfaces interface DocumentAuditService { @LambdaFunction(invocationType = InvocationType.Event, functionName = 'document-audit') void audit(DocumentAudit documentAudit) } class DocumentAudit { String documentId String status } © Rowell Belen 30
  31. 31. Direct Lambda Invocation (cont...) - Use a Proxy void handle(Document document, Context context) { // Do something with the document... // Create proxy to DocumentAuditService def docService = LambdaInvokerFactory.builder() .lambdaClient(AWSLambdaClientBuilder.defaultClient()) .build(DocumentAuditService.class) // pass the interface // Call audit lambda function docService.audit( new DocumentAudit(documentId: UUID.randomUUID().toString(), status: 'TRANSMITTED')) } © Rowell Belen 31
  32. 32. What is the Serverless Framework? Development toolkit for building, managing and deploying Serverless applications and resources © Rowell Belen 32
  33. 33. Serverless Framework CLI npm install serverless -g mkdir my-api && cd my-api serverless create --template aws-groovy-gradle serverless deploy --stage dev serverless invoke --function my-function --log © Rowell Belen 33
  34. 34. Available Templates » aws-nodejs » aws-python » aws-groovy-gradle » aws-java-maven » aws-java-gradle » aws-scala-sbt © Rowell Belen 34
  35. 35. serverless.yml - Basic Function service: serverless-demo provider: runtime: java8 timeout: 300 memorySize: 1536 package: artifact: /build/dist/serverless-demo.zip functions: my-function: handler: com.bytekast.serverless.MyLambdaFunction::handler © Rowell Belen 35
  36. 36. serverless.yml - API Gateway functions: createUser: handler: com.bytekast.serverless.UserService::createUser events: - http: path: users/create method: post deleteUser: handler: com.bytekast.serverless.UserService::deleteUser events: - http: path: users/delete method: delete © Rowell Belen 36
  37. 37. serverless.yml - API Gateway (Custom Authorization) ... events: - http: path: users/create method: post cors: true authorizer: arn: arn:aws:lambda:us-east-1:1234567890123:function:authorizer identitySource: method.request.header.Authorization identityValidationExpression: Bearer .* © Rowell Belen 37
  38. 38. serverless.yml - SNS Topic Subscription functions: audit: handler: com.bytekast.serverless.AuditService::audit events: - sns: dev-audit-topic © Rowell Belen 38
  39. 39. serverless.yml - Scheduled Trigger functions: crawl: handler: com.bytekast.serverless.SearchService::crawl events: - schedule: rate(2 hours) - schedule: cron(0 12 * * ? *) © Rowell Belen 39
  40. 40. serverless.yml - IAM Role Permissions provider: ... iamRoleStatements: - Effect: "Allow" Action: - "sqs:*" Resource: arn:aws:sqs:us-east-1:1234567890123:dev-serverless-demo © Rowell Belen 40
  41. 41. serverless.yml - Create AWS Resources resources: Resources: InboundQueue: Type: "AWS::SQS::Queue" Properties: QueueName: ${self:provider.stage}-serverless-demo MessageRetentionPeriod: 1209600 VisibilityTimeout: 60 © Rowell Belen 41
  42. 42. DEMO Build Slack Command API using Serverless Framework + API Gateway + AWS Lambda https://github.com/bytekast/serverless-demo © Rowell Belen 42
  43. 43. What about Cloud Scale DevOps? © Rowell Belen 43
  44. 44. Infrastructure and Environment configurations need to be reproducible from a definition under source control © Rowell Belen 44
  45. 45. Solution: © Rowell Belen 45
  46. 46. Immutable Infrastructure? Immutable components are replaced for every deployment, rather than being updated in-place © Rowell Belen 46
  47. 47. Solution: Lambda Built-In Features » Containers are ephemeral entities that are easily created and destroyed » Preserved history and ability to roll back a bad deployment ( revert to previous version ) » Auto-managed horizontal scaling (Scale out / Scale In) » Automatic Load Balancing » Zero/Minimal Downtime during deployment © Rowell Belen 47
  48. 48. Environments should not be connected or otherwise intercommunicate © Rowell Belen 48
  49. 49. Solutions: » AWS Lambda supports running functions in different VPCs (dev, stage, prod) » Use separate AWS accounts per Environment © Rowell Belen 49
  50. 50. Promote immutable application artifacts from the lowest environment to the highest ( Deployment ) © Rowell Belen 50
  51. 51. Solutions: » Publish Versioned Build Artifacts to Repository » Continuous Integration » Continuous Delivery © Rowell Belen 51
  52. 52. Centralized Logging © Rowell Belen 52
  53. 53. Metrics » Better Dashboards » Custom Metrics and Events © Rowell Belen 53
  54. 54. Other Things to Consider » AWS functions are recycled about every 8 hours » Container instances idle for about 5 minutes are destroyed » Cold starts can cause delay in response times » 50 MB max deployment package size » 5 minute running time limit » 1000 default concurrent function executions across entire AWS account © Rowell Belen 54
  55. 55. Questions? © Rowell Belen 55

×