Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Serverless Architectural Patterns & Best Practices

163 views

Published on

This ServerlessTO meetup covered various Serverless design patterns and best practices for building apps using the full #AWS #Serverless stack - not just Lambda. Event recording (including 25min long Q&A!) is at https://youtu.be/gsILTMXPUeU

Published in: Software
  • Be the first to comment

  • Be the first to like this

Serverless Architectural Patterns & Best Practices

  1. 1. Mike Apted @mikeapted Startup Solutions Architect AWS Canada Serverless Architectural Patterns & Best Practices Serverless Toronto Meetup September 12th, 2019
  2. 2. Goal !!!!!!!!!!!!!!!!!!!
  3. 3. Homework
  4. 4. Serverless? No servers to provision or manage Scales with usage Never pay for idle Availability and fault tolerance built in #serverlessTO @mikeapted
  5. 5. Serverless? #serverlessTO @mikeapted
  6. 6. Operational responsibility models On-Premises Cloud Less More Compute Virtual Machine EC2 Elastic Beanstalk LambdaFargate Databases MySQL MySQL on EC2 RDS MySQL RDS Aurora Aurora Serverless DynamoDB Storage Storage S3 Messaging ESBs Amazon MQ Kinesis SQS / SNS Analytics Hadoop Hadoop on EC2 EMR Elasticsearch Service Athena #serverlessTO @mikeapted
  7. 7. Operational responsibility models On-Premises Cloud Less More Compute Virtual Machine EC2 Elastic Beanstalk LambdaFargate Databases MySQL MySQL on EC2 RDS MySQL RDS Aurora Aurora Serverless DynamoDB Storage Storage S3 Messaging ESBs Amazon MQ Kinesis SQS / SNS Analytics Hadoop Hadoop on EC2 EMR Elasticsearch Service Athena #serverlessTO @mikeapted
  8. 8. Serverless is an opera-onal model AWS Lambda AWS Fargate Amazon API Gateway Amazon SNS Amazon SQS AWS Step Functions COMPUTE DATA STORES INTEGRATION Amazon Aurora Serverless Amazon S3 Amazon DynamoDB AWS AppSync #serverlessTO @mikeapted
  9. 9. Architecture Pa,erns
  10. 10. Web application Internet/ other services in network Amazon API Gateway AWS Lambda Amazon DynamoDB AWS Cloud #serverlessTO @mikeapted
  11. 11. Web applica*on Internet/ other services in network Amazon API Gateway AWS Lambda Amazon Aurora Serverless AWS Cloud #serverlessTO @mikeapted
  12. 12. Microservices Internet/ other services in network Amazon API Gateway AWS Lambda Amazon DynamoDB AWS Cloud #serverlessTO @mikeapted Amazon Aurora Serverless
  13. 13. Microservice patterns: Lambda API 1. Lambda directly invoked via invoke API SDK clients API provided by the Lambda service Used by all other services that invoke Lambda across all models Supports sync and async Can pass any event payload structure you want Client included in every SDK Synchronous / Asynchronous Lambda function #serverlessTO @mikeapted
  14. 14. Lambda Execu,on Model Synchronous (push) Asynchronous (event) Stream (poll-based) Amazon DynamoDB Amazon SNS /order Amazon S3 reqs Amazon Kinesis Data Streams changes AWS Lambda service function Amazon API Gateway Lambda function Lambda function
  15. 15. Microservice pa,erns: Amazon SNS + Lambda 2. Lambda function(s) invoked Amazon SNS topic 1. Data published to a topic Data Simple, flexible, fully managed publish/subscribe messaging and mobile push notification service for high throughput, highly reliable message delivery Messages are published to a topic Topics can have multiple subscribers (fanout) Messages can be filtered and only sent to certain subscribers Asynchronous Lambda function Lambda function #serverlessTO @mikeapted
  16. 16. Microservice patterns: Amazon SQS + Lambda 1. Message inserted into a queue Message Amazon SQS3. SQS removes message from queue on successful response from function 2. Lambda function invoked Simple, flexible, fully managed message queuing service for reliably and continuously exchanging any volume of messages from anywhere Processed in batches At-least-once delivery Visibility timeout allows for handling of failures during processing Asynchronous Lambda function #serverlessTO @mikeapted
  17. 17. Streaming Data: Transformation Record producers AWS Lambda AWS Cloud Amazon Kinesis Data Firehose Amazon S3 Amazon Redshift Amazon Elasticsearch #serverlessTO @mikeapted
  18. 18. Streaming Data: Enrichment Record producers AWS Lambda Amazon DynamoDB AWS Cloud Amazon Kinesis Data Firehose Amazon S3 Amazon Redshift Amazon Elasticsearch #serverlessTO @mikeapted
  19. 19. Streaming Data: Fan Out Record producers AWS Cloud Amazon Kinesis Data Streams AWS Lambda #serverlessTO @mikeapted
  20. 20. Streaming Data: Real Time Analy2cs Record producers AWS Cloud Amazon Kinesis Data Streams Amazon Kinesis Data Analytics AWS Lambda #serverlessTO @mikeapted
  21. 21. Data Lakes: Batch Processing (MapReduce) Amazon S3 AWS Lambda Amazon DynamoDB AWS Cloud #serverlessTO @mikeapted
  22. 22. Orchestra)on: Step Func)ons Serverless workflow management with zero administration • Makes it easy to coordinate the components of distributed applications and microservices using visual workflows • Automatically triggers and tracks each step and retries when there are errors, so your application executes in order and as expected • Logs the state of each step, so when things do go wrong, you can diagnose and debug problems quickly #serverlessTO @mikeapted
  23. 23. Orchestra)on: Step Func)ons With serverless polling With direct service integrationStart End AWS Lambda functions Start End No Lambda functions #serverlessTO @mikeapted
  24. 24. Best Prac*ces
  25. 25. DevOps: Tes*ng • Decouple business logic from your Lambda handler • Write unit tests as you normally would • Leverage tools like “aws-sdk-mock” • Leverage a framework for easier local testing • i.e. SAM Local • For integration tests leverage real services
  26. 26. DevOps: Deployments + Frameworks • Build pipelines from source control to production • Consider one pipeline per service • Leverage capabilities that are built into frameworks like: • traffic shifting between Lambda aliases • canary or blue/green deployments • error monitoring • automatic rollbacks,
  27. 27. DevOps: Share Code w/ Lambda Layers Lets functions easily share code: Upload layer once, reference within any function Layer can be anything: dependencies, training data, configuration files, etc Promote separation of responsibilities, lets developers iterate faster on writing business logic Built in support for secure sharing by ecosystem #serverlessTO @mikeapted
  28. 28. Observability: X-Ray • Lambda instruments incoming requests for all supported languages • Lambda runs the X-Ray daemon on all languages with an SDK var AWSXRay = require(‘aws-xray-sdk-core‘); AWSXRay.middleware.setSamplingRules(‘sampling- rules.json’); var AWS = AWSXRay.captureAWS(require(‘aws-sdk’)); S3Client = AWS.S3(); #serverlessTO @mikeapted
  29. 29. Observability: X-Ray #serverlessTO @mikeapted
  30. 30. Observability: X-Ray #serverlessTO @mikeapted
  31. 31. Observability: Metrics • 6 Built in metrics for Lambda • Invocation Count, Invocation duration, Invocation errors, Throttled Invocation, Iterator Age, DLQ Errors • Can call “put-metric-data” from your function code for custom metrics • 7 Built in metrics for API-Gateway • API Calls Count, Latency, 4XXs, 5XXs, Integration Latency, Cache Hit Count, Cache Miss Count • Error and Cache metrics now support averages and percen,les #serverlessTO @mikeapted
  32. 32. Observability: Logs • API Gateway Logging • 2 Levels of logging, ERROR and INFO • Optionally log method request/body content • Set globally in stage, or override per method • Lambda Logging • Logging directly from your code with your language’s equivalent of console.log() • Basic request information included • Log Pivots • Build metrics based on log filters • Jump to logs that generated metrics • Export logs to AWS ElastiCache or S3 • Explore with Kibana or Athena/QuickSight #serverlessTO @mikeapted
  33. 33. Observability: DLQ “By default, a failed Lambda function invoked asynchronously is retried twice, and then the event is discarded.” https://docs.aws.amazon.com/lambda/latest/dg/dlq.html • Turn this on! (for async use-cases) • Monitor it via an SQS Queue length metric/alarm • If you use SNS, send the messages to something durable and/or a trusted endpoint for processing • If and when things fail DLQ can save your invocation event information ☠ ✉ Q #serverlessTO @mikeapted
  34. 34. Performance: Function Lifecycle Bootstrap the runtime Start your code Full cold start Partial cold start Warm start Download your code Start new Execution environment AWS optimization Your optimization #serverlessTO @mikeapted
  35. 35. Anatomy of a Lambda functionImport sdk Import http-lib Import ham-sandwich Pre-handler-secret-getter() Pre-handler-db-connect() Function myhandler(event, context) { <Event handling logic> { result = SubfunctionA() }else { result = SubfunctionB() return result; } Function Pre-handler-secret-getter() { } Function Pre-handler-db-connect(){ } Function subFunctionA(thing){ ## logic here } Function subFunctionB(thing){ ## logic here }
  36. 36. Anatomy of a Lambda functionImport sdk Import http-lib Import ham-sandwich Pre-handler-secret-getter() Pre-handler-db-connect() Function myhandler(event, context) { <Event handling logic> { result = SubfunctionA() }else { result = SubfunctionB() return result; } Function Pre-handler-secret-getter() { } Function Pre-handler-db-connect(){ } Function subFunctionA(thing){ ## logic here } Function subFunctionB(thing){ ## logic here } Dependencies, configuration information, common helper functions Common helper functions Business logic sub-functions Your handler
  37. 37. Performance: Cold Starts / VPC to VPC NAT Faster Scaling Lower Latency Easier To Use
  38. 38. Performance: Resource Alloca1on Lambda exposes only a memory control, with the % of CPU core and network capacity allocated to a function proportionally #serverlessTO @mikeapted
  39. 39. Performance: Resource Alloca1on #serverlessTO @mikeapted
  40. 40. Performance: Mul/threading • <1.8GB is still single core • CPU bound workloads won’t see gains – processes share same resources • >1.8GB is multi core • CPU bound workloads will gains, but need to multi thread • I/O bound workloads WILL likely see gains • e.g. parallel calculations to return #serverlessTO @mikeapted
  41. 41. Security: Configura1on • Key-value pairs that you can dynamically pass to your function • Available via standard environment variable APIs such as process.env for Node.js or os.environ for Python • Can optionally be encrypted via AWS Key Management Service (KMS) • Allows you to specify in IAM what roles have access to the keys to decrypt the information • Useful for creating environments per stage (i.e. dev, testing, production) #serverlessTO @mikeapted
  42. 42. Security: Secrets AWS Parameter Store Centralized store to manage your configuration data • Supports hierarchies • Plain-text or encrypted with KMS • Can send notifications of changes to Amazon SNS/ AWS Lambda • Can be secured with IAM • Calls recorded in CloudTrail • Can be tagged • Integrated with AWS Secrets Manager • Available via API/SDK Useful for: centralized environment variables, secrets control, feature flags from __future__ import print_function import json import boto3 ssm = boto3.client('ssm', 'us-east-1') def get_parameters(): response = ssm.get_parameters( Names=['LambdaSecureString'],WithDec ryption=True ) for parameter in response['Parameters']: return parameter['Value'] def lambda_handler(event, context): value = get_parameters() print("value1 = " + value) return value # Echo back the first key value
  43. 43. Security: Permissions Function policies: • “Actions on bucket X can invoke Lambda function Z" • Resource policies allow for cross account access Execution role: • “Lambda function A can read from DynamoDB table users” • Define what AWS resources/API calls can this function access via IAM Event source ServicesFunction #serverlessTO @mikeapted
  44. 44. aws.amazon.com/serverless #serverlessTO @mikeapted
  45. 45. serverless-stack.com #serverlessTO @mikeapted
  46. 46. Mike Apted @mikeapted “No server is easier to manage than no server.” - Werner Vogels, Amazon CTO

×