SlideShare a Scribd company logo
1 of 27
Download to read offline
How Serverless
Changes DevOps
Richard Donkin
@rdonkin
$ whoami
• DevOps engineer, working as contractor
• Serverless, Terraform, AWS
• Ansible, Docker, Linux, databases
• Startups and enterprises
• Currently engaged at Seccl Technology
• Fintech startup building innovative API-based platform
@rdonkin
linkedin.com/in/rdonkin
tempohq.net
• What is Serverless?
• What Changes for DevOps?
• DevOps != Server Management
• DevOps Areas for Serverless
• App Architectures
• Automation Tools
• Environments
• Monitoring and Observability
• Cold Start
• Security
Topics
Security
Scalability
High Availability
Serverless = make these
Someone Else's Problem
What is Serverless?
Platform
Like PaaS, only more so
Easier scaling and HA
Granular Pay As You Go
FaaSFunction as a service
Single Stateless Function
Auto Scaling & HA
Pay As You Go
Note: Self-hosted FaaS != serverless
BaaS
S3
DynamoDB
Aurora Serverless
Cognito
…
Backend as a service
(= Managed Service)
Auto Scaling - preferably
Auto HA
Pay As You Go
Cost of Supply closely tracks Demand
• Source: Subbu Allamaraju – Cloud Optimization Circus
Don't Pay For Idle
Less Ops
No Ops?
or
DevOps != Server Management
• Agile for Infrastructure (Patrick Debois)
• "Better software, faster and more safely" (Helen Beal)
DevOps Areas for Serverless
Configuration management
Deployment
• Cloud resource provisioning
• App deployment
Management
• Monitoring, alerting
• Observability, logging
• Application performance
• Application Cost Management
Developer Environments
CI/CD
High availability
• Multi-region
Security
• Access controls
• Authentication inc. MFA
• Secret management
• Intrusion detection/prevention
• Auditing
Dependency management
• Software supply chain
All delivered using Infrastructure as Code
When Not To Use Serverless
• Long-running functions
• Max 5 min on AWS
• CaaS alternatives: ECS, EKS, Fargate, AWS Batch
• Server alternatives: EC2, SQS
• Low-latency functions
• Lambda "cold start" on AWS – delays of 100ms to 10 sec
• Workload is flat, or very high compute
• Spiky workloads are better fit
• Consider TCO of equivalent solution inc. HA, scaling
• Existing apps
• Move slices into serverless (background processing and operations tasks)
DiffOps
Serverless App Architectures
Option API Functions Comment
Monolith POST /api backend Single function for app
Microservices POST /custs
Add customer
customers Function per resource
e.g. customer
GET /custs/:id
Get customer
ditto
Nanoservices POST /custs
Add customer
create-cust Function per endpoint
e.g. add customer
GET /custs/:id
Get customer
get-cust
Choice affects cold start, monitoring, separate deployment, …
Nanoservices model very common  100s – 1000s of cloud resources
Automation Tools
• Cloud Resource Provisioning
• Important resources
• IAM access controls
• Serverless "frameworks"
• Deploy functions
• Provision resources bound to functions
• Easy 'build, deploy, test' for developers
• Configuration management
• Parameter model + templating
• Developer laptops, Jenkins, ELK
• Pure templating tools also relevant
AWS SAM
Environments and Naming
• Stage environment
• All resources include stage env name
• Examples: devfrisby, staging, prod
• Serverless Framework – uses 'stage' in all resources
• Very quick and cheap to create and destroy
• Personal environment in cloud, limited isolation
• Core environment:
• AWS account
• Limit blast radius
• Supports various stage envs
• Examples: dev, test, prod
• IAM roles - assume-role from master account
• Define naming rules for everything
Monitoring, Logging, Observability
• No server or network monitoring needed!
• No servers to install agents on …
• May need 'middleware hook' on every function
• Monitor app health & performance
• IOPipe, Dashbird, Epsagon, Thundra, …
• Some direct, some via CloudWatch
• Logging – CloudWatch Logs, ELK/EFK
• Debugging
• Distributed tracing – AWS XRay
• Observability – Honeycomb
• Charity Majors talk
Monitoring = unit tests for ops
Observability = debugging tool for ops
Cold Start on AWS Lambda (1)
• Cold start delays on first run
• 100 ms for Node/Python "hello world"
• Several sec for Java/C# with low RAM
• Warm start – no extra delay
• Can cache data per function instance
• Reduce cold start time
• Allocate more memory/CPU
• Strip out unused code
• Reduce scope of functions
• Reduce cold start frequency
• Increase scope of functions
• Function warming (concurrent)
Cold Start on AWS Lambda (2)
• More cold start delays
• DBs: creating a connection (MySQL, MongoDB, etc)
– 100s of ms
• Can also overwhelm RDS with too many connections
• VPCs: creating ENI (approx. 7-10 sec latency)
• Possible solutions
• DB connection caching + pooling using Lambda:
• Cache connection in function's warmed state
• Lambda concurrency limit to avoid overwhelming RDS
• Avoid VPCs for interactive functions
• DBs with connectionless APIs – e.g. DynamoDB
Security and Secrets
• No servers to secure & patch!
• No servers to run security agents …
• May need 'middleware hook'
• Tools:
• AWS CloudTrail - auditing AWS operations
• CloudTracker - analyze CloudTrail -> least-privilege
IAM policies
• AWS Guard Duty - intrusion detection
• AWS Macie – check for sensitive info in S3
• AWS Config – check configs
• Puresec – learn app behavior and block attacks
• Secret management
• AWS Parameter Store or Secrets Manager
Someone Else's Problem
Don't Pay for Idle
DevOps is evolving
Thank You
Richard Donkin
@rdonkin
tempohq.net
BACKUP
"Backendless" web apps
Goal: no backend code – not even FaaS
• Frontend-centric
• Origin: mobile backend services - e.g. Firebase and Parse
• Smart frontend app + BaaS only
• Background processing may still use FaaS
• Much lower costs
• 400K users for $100/month – Mindmup app, Gojko Adzic
• Leverage client hardware
• Gojko Adzic talk: https://www.youtube.com/watch?v=Xi_WrinvTnM
• Forrest Brazeal blog post: https://read.acloud.guru/why-do-you-care-so-much-about-your-backend-when-your-customers-dont-
81f4e6433593
DevOps – Key Elements
• whole team collaborating
• deploy very frequently
• automate repeated work
• MTTR >> MTBF
• business-focused monitoring
• continuous learning and
improvement
Ops != Server Management
Operations is the constellation of your org's technical skills, practices,
and cultural values around designing, building, scaling and maintaining
systems.
-- Charity Majors, @mipsytipsy
Ops is the process of
delivering value to users

More Related Content

What's hot

AWS Lambda - Event Driven Event-driven Code in the Cloud
AWS Lambda - Event Driven Event-driven Code in the CloudAWS Lambda - Event Driven Event-driven Code in the Cloud
AWS Lambda - Event Driven Event-driven Code in the CloudAmazon Web Services
 
Lambda and serverless - DevOps North East Jan 2017
Lambda and serverless - DevOps North East Jan 2017Lambda and serverless - DevOps North East Jan 2017
Lambda and serverless - DevOps North East Jan 2017Mike Shutlar
 
Azure functions
Azure functionsAzure functions
Azure functionsvivek p s
 
Artificial Intelligence & Machine learning foundation topic in AWS
Artificial Intelligence & Machine learning foundation topic in AWS Artificial Intelligence & Machine learning foundation topic in AWS
Artificial Intelligence & Machine learning foundation topic in AWS Varun Manik
 
Serverless with Azure Functions
Serverless with Azure FunctionsServerless with Azure Functions
Serverless with Azure FunctionsAndreas Willich
 
The Rise of Serverless Architectures
The Rise of Serverless ArchitecturesThe Rise of Serverless Architectures
The Rise of Serverless ArchitecturesBenny Bauer
 
AWS Lambda: Event-driven Code in the Cloud
AWS Lambda: Event-driven Code in the CloudAWS Lambda: Event-driven Code in the Cloud
AWS Lambda: Event-driven Code in the CloudAmazon Web Services
 
Serverless design considerations for Cloud Native workloads
Serverless design considerations for Cloud Native workloadsServerless design considerations for Cloud Native workloads
Serverless design considerations for Cloud Native workloadsTensult
 
Serverless Framework Intro
Serverless Framework IntroServerless Framework Intro
Serverless Framework IntroNikolaus Graf
 
Serverless Framework (2018)
Serverless Framework (2018)Serverless Framework (2018)
Serverless Framework (2018)Rowell Belen
 
Using AWS Lambda for Infrastructure Automation and Beyond
Using AWS Lambda for Infrastructure Automation and BeyondUsing AWS Lambda for Infrastructure Automation and Beyond
Using AWS Lambda for Infrastructure Automation and BeyondSoftServe
 
Building CICD Pipelines for Serverless Applications - DevDay Austin 2017
Building CICD Pipelines for Serverless Applications - DevDay Austin 2017Building CICD Pipelines for Serverless Applications - DevDay Austin 2017
Building CICD Pipelines for Serverless Applications - DevDay Austin 2017Amazon Web Services
 
To Serverless And Beyond!
To Serverless And Beyond!To Serverless And Beyond!
To Serverless And Beyond!SheenBrisals
 
Workshop : Wild Rydes Takes Off - The Dawn of a New Unicorn
Workshop : Wild Rydes Takes Off - The Dawn of a New UnicornWorkshop : Wild Rydes Takes Off - The Dawn of a New Unicorn
Workshop : Wild Rydes Takes Off - The Dawn of a New UnicornAmazon Web Services
 
Building Serverless Web Applications - May 2017 AWS Online Tech Talks
Building Serverless Web Applications  - May 2017 AWS Online Tech TalksBuilding Serverless Web Applications  - May 2017 AWS Online Tech Talks
Building Serverless Web Applications - May 2017 AWS Online Tech TalksAmazon Web Services
 
AWS re:Invent 2016: Serverless Computing Patterns at Expedia (SVR306) )
AWS re:Invent 2016: Serverless Computing Patterns at Expedia (SVR306) )AWS re:Invent 2016: Serverless Computing Patterns at Expedia (SVR306) )
AWS re:Invent 2016: Serverless Computing Patterns at Expedia (SVR306) )Amazon Web Services
 
Azure Functions Real World Examples
Azure Functions Real World Examples Azure Functions Real World Examples
Azure Functions Real World Examples Yochay Kiriaty
 

What's hot (20)

AWS Lambda - Event Driven Event-driven Code in the Cloud
AWS Lambda - Event Driven Event-driven Code in the CloudAWS Lambda - Event Driven Event-driven Code in the Cloud
AWS Lambda - Event Driven Event-driven Code in the Cloud
 
Lambda and serverless - DevOps North East Jan 2017
Lambda and serverless - DevOps North East Jan 2017Lambda and serverless - DevOps North East Jan 2017
Lambda and serverless - DevOps North East Jan 2017
 
Azure functions
Azure functionsAzure functions
Azure functions
 
Artificial Intelligence & Machine learning foundation topic in AWS
Artificial Intelligence & Machine learning foundation topic in AWS Artificial Intelligence & Machine learning foundation topic in AWS
Artificial Intelligence & Machine learning foundation topic in AWS
 
Serverless with Azure Functions
Serverless with Azure FunctionsServerless with Azure Functions
Serverless with Azure Functions
 
The Rise of Serverless Architectures
The Rise of Serverless ArchitecturesThe Rise of Serverless Architectures
The Rise of Serverless Architectures
 
AWS Lambda: Event-driven Code in the Cloud
AWS Lambda: Event-driven Code in the CloudAWS Lambda: Event-driven Code in the Cloud
AWS Lambda: Event-driven Code in the Cloud
 
Serverless design considerations for Cloud Native workloads
Serverless design considerations for Cloud Native workloadsServerless design considerations for Cloud Native workloads
Serverless design considerations for Cloud Native workloads
 
Serverless Framework Intro
Serverless Framework IntroServerless Framework Intro
Serverless Framework Intro
 
DevOpsCon Cloud Workshop
DevOpsCon Cloud Workshop DevOpsCon Cloud Workshop
DevOpsCon Cloud Workshop
 
Serverless Framework (2018)
Serverless Framework (2018)Serverless Framework (2018)
Serverless Framework (2018)
 
Using AWS Lambda for Infrastructure Automation and Beyond
Using AWS Lambda for Infrastructure Automation and BeyondUsing AWS Lambda for Infrastructure Automation and Beyond
Using AWS Lambda for Infrastructure Automation and Beyond
 
Building CICD Pipelines for Serverless Applications - DevDay Austin 2017
Building CICD Pipelines for Serverless Applications - DevDay Austin 2017Building CICD Pipelines for Serverless Applications - DevDay Austin 2017
Building CICD Pipelines for Serverless Applications - DevDay Austin 2017
 
To Serverless And Beyond!
To Serverless And Beyond!To Serverless And Beyond!
To Serverless And Beyond!
 
Sas 2015 event_driven
Sas 2015 event_drivenSas 2015 event_driven
Sas 2015 event_driven
 
Workshop : Wild Rydes Takes Off - The Dawn of a New Unicorn
Workshop : Wild Rydes Takes Off - The Dawn of a New UnicornWorkshop : Wild Rydes Takes Off - The Dawn of a New Unicorn
Workshop : Wild Rydes Takes Off - The Dawn of a New Unicorn
 
Building Serverless Web Applications - May 2017 AWS Online Tech Talks
Building Serverless Web Applications  - May 2017 AWS Online Tech TalksBuilding Serverless Web Applications  - May 2017 AWS Online Tech Talks
Building Serverless Web Applications - May 2017 AWS Online Tech Talks
 
Serverless Architecture
Serverless ArchitectureServerless Architecture
Serverless Architecture
 
AWS re:Invent 2016: Serverless Computing Patterns at Expedia (SVR306) )
AWS re:Invent 2016: Serverless Computing Patterns at Expedia (SVR306) )AWS re:Invent 2016: Serverless Computing Patterns at Expedia (SVR306) )
AWS re:Invent 2016: Serverless Computing Patterns at Expedia (SVR306) )
 
Azure Functions Real World Examples
Azure Functions Real World Examples Azure Functions Real World Examples
Azure Functions Real World Examples
 

Similar to How Serverless Changes DevOps

Getting Started with AWS Lambda and the Serverless Cloud - AWS Summit Cape T...
 Getting Started with AWS Lambda and the Serverless Cloud - AWS Summit Cape T... Getting Started with AWS Lambda and the Serverless Cloud - AWS Summit Cape T...
Getting Started with AWS Lambda and the Serverless Cloud - AWS Summit Cape T...Amazon Web Services
 
AWS re:Invent 2016: The State of Serverless Computing (SVR311)
AWS re:Invent 2016: The State of Serverless Computing (SVR311)AWS re:Invent 2016: The State of Serverless Computing (SVR311)
AWS re:Invent 2016: The State of Serverless Computing (SVR311)Amazon Web Services
 
Serverless Architecture Patterns
Serverless Architecture PatternsServerless Architecture Patterns
Serverless Architecture PatternsAmazon Web Services
 
AWS re:Invent 2016: Accenture Cloud Platform Serverless Journey (ARC202)
AWS re:Invent 2016: Accenture Cloud Platform Serverless Journey (ARC202)AWS re:Invent 2016: Accenture Cloud Platform Serverless Journey (ARC202)
AWS re:Invent 2016: Accenture Cloud Platform Serverless Journey (ARC202)Amazon Web Services
 
AWS for Java Developers workshop
AWS for Java Developers workshopAWS for Java Developers workshop
AWS for Java Developers workshopRory Preddy
 
Raleigh DevDay 2017: Build a serverless web application in one day workshop
Raleigh DevDay 2017: Build a serverless web application in one day workshopRaleigh DevDay 2017: Build a serverless web application in one day workshop
Raleigh DevDay 2017: Build a serverless web application in one day workshopAmazon Web Services
 
Journey towards serverless infrastructure
Journey towards serverless infrastructureJourney towards serverless infrastructure
Journey towards serverless infrastructureVille Seppänen
 
AWS for the Java Developer
AWS for the Java DeveloperAWS for the Java Developer
AWS for the Java DeveloperRory Preddy
 
Getting Started with AWS Lambda and the Serverless Cloud
Getting Started with AWS Lambda and the Serverless CloudGetting Started with AWS Lambda and the Serverless Cloud
Getting Started with AWS Lambda and the Serverless CloudAmazon Web Services
 
SMC301 The State of Serverless Computing
SMC301 The State of Serverless ComputingSMC301 The State of Serverless Computing
SMC301 The State of Serverless ComputingAmazon Web Services
 
Serverless without Code (Lambda)
Serverless without Code (Lambda)Serverless without Code (Lambda)
Serverless without Code (Lambda)CloudHesive
 
Deep Dive on AWS Lambda - January 2017 AWS Online Tech Talks
Deep Dive on AWS Lambda - January 2017 AWS Online Tech TalksDeep Dive on AWS Lambda - January 2017 AWS Online Tech Talks
Deep Dive on AWS Lambda - January 2017 AWS Online Tech TalksAmazon Web Services
 
Stephen Liedig: Building Serverless Backends with AWS Lambda and API Gateway
Stephen Liedig: Building Serverless Backends with AWS Lambda and API GatewayStephen Liedig: Building Serverless Backends with AWS Lambda and API Gateway
Stephen Liedig: Building Serverless Backends with AWS Lambda and API GatewaySteve Androulakis
 
Building serverless backends - Tech talk 5 May 2017
Building serverless backends - Tech talk 5 May 2017Building serverless backends - Tech talk 5 May 2017
Building serverless backends - Tech talk 5 May 2017ARDC
 
muCon 2017 - 12 Factor Serverless Applications
muCon 2017 - 12 Factor Serverless ApplicationsmuCon 2017 - 12 Factor Serverless Applications
muCon 2017 - 12 Factor Serverless ApplicationsChris Munns
 
使用 AWS 無伺服器運算服務打造您的第一個語音助理
使用 AWS 無伺服器運算服務打造您的第一個語音助理使用 AWS 無伺服器運算服務打造您的第一個語音助理
使用 AWS 無伺服器運算服務打造您的第一個語音助理Amazon Web Services
 
Twelve Factor Serverless Applications
Twelve Factor Serverless ApplicationsTwelve Factor Serverless Applications
Twelve Factor Serverless ApplicationsAmazon Web Services
 
Getting Started with AWS Lambda and Serverless Computing
Getting Started with AWS Lambda and Serverless ComputingGetting Started with AWS Lambda and Serverless Computing
Getting Started with AWS Lambda and Serverless ComputingAmazon Web Services
 

Similar to How Serverless Changes DevOps (20)

Getting Started with AWS Lambda and the Serverless Cloud - AWS Summit Cape T...
 Getting Started with AWS Lambda and the Serverless Cloud - AWS Summit Cape T... Getting Started with AWS Lambda and the Serverless Cloud - AWS Summit Cape T...
Getting Started with AWS Lambda and the Serverless Cloud - AWS Summit Cape T...
 
AWS re:Invent 2016: The State of Serverless Computing (SVR311)
AWS re:Invent 2016: The State of Serverless Computing (SVR311)AWS re:Invent 2016: The State of Serverless Computing (SVR311)
AWS re:Invent 2016: The State of Serverless Computing (SVR311)
 
Serverless Architecture Patterns
Serverless Architecture PatternsServerless Architecture Patterns
Serverless Architecture Patterns
 
AWS re:Invent 2016: Accenture Cloud Platform Serverless Journey (ARC202)
AWS re:Invent 2016: Accenture Cloud Platform Serverless Journey (ARC202)AWS re:Invent 2016: Accenture Cloud Platform Serverless Journey (ARC202)
AWS re:Invent 2016: Accenture Cloud Platform Serverless Journey (ARC202)
 
AWS for Java Developers workshop
AWS for Java Developers workshopAWS for Java Developers workshop
AWS for Java Developers workshop
 
Raleigh DevDay 2017: Build a serverless web application in one day workshop
Raleigh DevDay 2017: Build a serverless web application in one day workshopRaleigh DevDay 2017: Build a serverless web application in one day workshop
Raleigh DevDay 2017: Build a serverless web application in one day workshop
 
Journey towards serverless infrastructure
Journey towards serverless infrastructureJourney towards serverless infrastructure
Journey towards serverless infrastructure
 
AWS for the Java Developer
AWS for the Java DeveloperAWS for the Java Developer
AWS for the Java Developer
 
Getting Started with AWS Lambda and the Serverless Cloud
Getting Started with AWS Lambda and the Serverless CloudGetting Started with AWS Lambda and the Serverless Cloud
Getting Started with AWS Lambda and the Serverless Cloud
 
SMC301 The State of Serverless Computing
SMC301 The State of Serverless ComputingSMC301 The State of Serverless Computing
SMC301 The State of Serverless Computing
 
Serverless without Code (Lambda)
Serverless without Code (Lambda)Serverless without Code (Lambda)
Serverless without Code (Lambda)
 
AWS Lambda and Serverless Cloud
AWS Lambda and Serverless CloudAWS Lambda and Serverless Cloud
AWS Lambda and Serverless Cloud
 
Deep Dive on AWS Lambda - January 2017 AWS Online Tech Talks
Deep Dive on AWS Lambda - January 2017 AWS Online Tech TalksDeep Dive on AWS Lambda - January 2017 AWS Online Tech Talks
Deep Dive on AWS Lambda - January 2017 AWS Online Tech Talks
 
Stephen Liedig: Building Serverless Backends with AWS Lambda and API Gateway
Stephen Liedig: Building Serverless Backends with AWS Lambda and API GatewayStephen Liedig: Building Serverless Backends with AWS Lambda and API Gateway
Stephen Liedig: Building Serverless Backends with AWS Lambda and API Gateway
 
Building serverless backends - Tech talk 5 May 2017
Building serverless backends - Tech talk 5 May 2017Building serverless backends - Tech talk 5 May 2017
Building serverless backends - Tech talk 5 May 2017
 
muCon 2017 - 12 Factor Serverless Applications
muCon 2017 - 12 Factor Serverless ApplicationsmuCon 2017 - 12 Factor Serverless Applications
muCon 2017 - 12 Factor Serverless Applications
 
使用 AWS 無伺服器運算服務打造您的第一個語音助理
使用 AWS 無伺服器運算服務打造您的第一個語音助理使用 AWS 無伺服器運算服務打造您的第一個語音助理
使用 AWS 無伺服器運算服務打造您的第一個語音助理
 
Twelve Factor Serverless Applications
Twelve Factor Serverless ApplicationsTwelve Factor Serverless Applications
Twelve Factor Serverless Applications
 
The Best of re:invent 2016
The Best of re:invent 2016The Best of re:invent 2016
The Best of re:invent 2016
 
Getting Started with AWS Lambda and Serverless Computing
Getting Started with AWS Lambda and Serverless ComputingGetting Started with AWS Lambda and Serverless Computing
Getting Started with AWS Lambda and Serverless Computing
 

More from Richard Donkin

When DevOps Meets Serverless
When DevOps Meets ServerlessWhen DevOps Meets Serverless
When DevOps Meets ServerlessRichard Donkin
 
Go Faster with Ansible (AWS meetup)
Go Faster with Ansible (AWS meetup)Go Faster with Ansible (AWS meetup)
Go Faster with Ansible (AWS meetup)Richard Donkin
 
Go Faster with Ansible (PHP meetup)
Go Faster with Ansible (PHP meetup)Go Faster with Ansible (PHP meetup)
Go Faster with Ansible (PHP meetup)Richard Donkin
 
Integrating Web Apps with Canvas - Salesforce1 World Tour
Integrating Web Apps with Canvas - Salesforce1 World TourIntegrating Web Apps with Canvas - Salesforce1 World Tour
Integrating Web Apps with Canvas - Salesforce1 World TourRichard Donkin
 
Minecraft in 500 lines with Pyglet - PyCon UK
Minecraft in 500 lines with Pyglet - PyCon UKMinecraft in 500 lines with Pyglet - PyCon UK
Minecraft in 500 lines with Pyglet - PyCon UKRichard Donkin
 
Minecraft in 500 lines of Python with Pyglet
Minecraft in 500 lines of Python with PygletMinecraft in 500 lines of Python with Pyglet
Minecraft in 500 lines of Python with PygletRichard Donkin
 

More from Richard Donkin (6)

When DevOps Meets Serverless
When DevOps Meets ServerlessWhen DevOps Meets Serverless
When DevOps Meets Serverless
 
Go Faster with Ansible (AWS meetup)
Go Faster with Ansible (AWS meetup)Go Faster with Ansible (AWS meetup)
Go Faster with Ansible (AWS meetup)
 
Go Faster with Ansible (PHP meetup)
Go Faster with Ansible (PHP meetup)Go Faster with Ansible (PHP meetup)
Go Faster with Ansible (PHP meetup)
 
Integrating Web Apps with Canvas - Salesforce1 World Tour
Integrating Web Apps with Canvas - Salesforce1 World TourIntegrating Web Apps with Canvas - Salesforce1 World Tour
Integrating Web Apps with Canvas - Salesforce1 World Tour
 
Minecraft in 500 lines with Pyglet - PyCon UK
Minecraft in 500 lines with Pyglet - PyCon UKMinecraft in 500 lines with Pyglet - PyCon UK
Minecraft in 500 lines with Pyglet - PyCon UK
 
Minecraft in 500 lines of Python with Pyglet
Minecraft in 500 lines of Python with PygletMinecraft in 500 lines of Python with Pyglet
Minecraft in 500 lines of Python with Pyglet
 

Recently uploaded

Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)
Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)
Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)Mark Simos
 
Women in Automation 2024: Career session - explore career paths in automation
Women in Automation 2024: Career session - explore career paths in automationWomen in Automation 2024: Career session - explore career paths in automation
Women in Automation 2024: Career session - explore career paths in automationDianaGray10
 
Which standard is best for your content?
Which standard is best for your content?Which standard is best for your content?
Which standard is best for your content?Rustici Software
 
Green paths: Learning from publishers’ sustainability journeys - Tech Forum 2024
Green paths: Learning from publishers’ sustainability journeys - Tech Forum 2024Green paths: Learning from publishers’ sustainability journeys - Tech Forum 2024
Green paths: Learning from publishers’ sustainability journeys - Tech Forum 2024BookNet Canada
 
A PowerPoint Presentation on Vikram Lander pptx
A PowerPoint Presentation on Vikram Lander pptxA PowerPoint Presentation on Vikram Lander pptx
A PowerPoint Presentation on Vikram Lander pptxatharvdev2010
 
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentEmixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentPim van der Noll
 
Top 10 Hubspot Development Companies in 2024
Top 10 Hubspot Development Companies in 2024Top 10 Hubspot Development Companies in 2024
Top 10 Hubspot Development Companies in 2024TopCSSGallery
 
React JS; all concepts. Contains React Features, JSX, functional & Class comp...
React JS; all concepts. Contains React Features, JSX, functional & Class comp...React JS; all concepts. Contains React Features, JSX, functional & Class comp...
React JS; all concepts. Contains React Features, JSX, functional & Class comp...Karmanjay Verma
 
Testing tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examplesTesting tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examplesKari Kakkonen
 
Arti Languages Pre Seed Pitchdeck 2024.pdf
Arti Languages Pre Seed Pitchdeck 2024.pdfArti Languages Pre Seed Pitchdeck 2024.pdf
Arti Languages Pre Seed Pitchdeck 2024.pdfwill854175
 
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotes
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotesMuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotes
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotesManik S Magar
 
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Mark Goldstein
 
Dynamical Context introduction word sensibility orientation
Dynamical Context introduction word sensibility orientationDynamical Context introduction word sensibility orientation
Dynamical Context introduction word sensibility orientationBuild Intuit
 
Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...Farhan Tariq
 
QCon London: Mastering long-running processes in modern architectures
QCon London: Mastering long-running processes in modern architecturesQCon London: Mastering long-running processes in modern architectures
QCon London: Mastering long-running processes in modern architecturesBernd Ruecker
 
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...Wes McKinney
 
Landscape Catalogue 2024 Australia-1.pdf
Landscape Catalogue 2024 Australia-1.pdfLandscape Catalogue 2024 Australia-1.pdf
Landscape Catalogue 2024 Australia-1.pdfAarwolf Industries LLC
 
Laying the Data Foundations for Artificial Intelligence!
Laying the Data Foundations for Artificial Intelligence!Laying the Data Foundations for Artificial Intelligence!
Laying the Data Foundations for Artificial Intelligence!Memoori
 
Bridging Between CAD & GIS: 6 Ways to Automate Your Data Integration
Bridging Between CAD & GIS:  6 Ways to Automate Your Data IntegrationBridging Between CAD & GIS:  6 Ways to Automate Your Data Integration
Bridging Between CAD & GIS: 6 Ways to Automate Your Data Integrationmarketing932765
 
Infrared simulation and processing on Nvidia platforms
Infrared simulation and processing on Nvidia platformsInfrared simulation and processing on Nvidia platforms
Infrared simulation and processing on Nvidia platformsYoss Cohen
 

Recently uploaded (20)

Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)
Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)
Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)
 
Women in Automation 2024: Career session - explore career paths in automation
Women in Automation 2024: Career session - explore career paths in automationWomen in Automation 2024: Career session - explore career paths in automation
Women in Automation 2024: Career session - explore career paths in automation
 
Which standard is best for your content?
Which standard is best for your content?Which standard is best for your content?
Which standard is best for your content?
 
Green paths: Learning from publishers’ sustainability journeys - Tech Forum 2024
Green paths: Learning from publishers’ sustainability journeys - Tech Forum 2024Green paths: Learning from publishers’ sustainability journeys - Tech Forum 2024
Green paths: Learning from publishers’ sustainability journeys - Tech Forum 2024
 
A PowerPoint Presentation on Vikram Lander pptx
A PowerPoint Presentation on Vikram Lander pptxA PowerPoint Presentation on Vikram Lander pptx
A PowerPoint Presentation on Vikram Lander pptx
 
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentEmixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
 
Top 10 Hubspot Development Companies in 2024
Top 10 Hubspot Development Companies in 2024Top 10 Hubspot Development Companies in 2024
Top 10 Hubspot Development Companies in 2024
 
React JS; all concepts. Contains React Features, JSX, functional & Class comp...
React JS; all concepts. Contains React Features, JSX, functional & Class comp...React JS; all concepts. Contains React Features, JSX, functional & Class comp...
React JS; all concepts. Contains React Features, JSX, functional & Class comp...
 
Testing tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examplesTesting tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examples
 
Arti Languages Pre Seed Pitchdeck 2024.pdf
Arti Languages Pre Seed Pitchdeck 2024.pdfArti Languages Pre Seed Pitchdeck 2024.pdf
Arti Languages Pre Seed Pitchdeck 2024.pdf
 
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotes
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotesMuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotes
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotes
 
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
 
Dynamical Context introduction word sensibility orientation
Dynamical Context introduction word sensibility orientationDynamical Context introduction word sensibility orientation
Dynamical Context introduction word sensibility orientation
 
Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...
 
QCon London: Mastering long-running processes in modern architectures
QCon London: Mastering long-running processes in modern architecturesQCon London: Mastering long-running processes in modern architectures
QCon London: Mastering long-running processes in modern architectures
 
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
 
Landscape Catalogue 2024 Australia-1.pdf
Landscape Catalogue 2024 Australia-1.pdfLandscape Catalogue 2024 Australia-1.pdf
Landscape Catalogue 2024 Australia-1.pdf
 
Laying the Data Foundations for Artificial Intelligence!
Laying the Data Foundations for Artificial Intelligence!Laying the Data Foundations for Artificial Intelligence!
Laying the Data Foundations for Artificial Intelligence!
 
Bridging Between CAD & GIS: 6 Ways to Automate Your Data Integration
Bridging Between CAD & GIS:  6 Ways to Automate Your Data IntegrationBridging Between CAD & GIS:  6 Ways to Automate Your Data Integration
Bridging Between CAD & GIS: 6 Ways to Automate Your Data Integration
 
Infrared simulation and processing on Nvidia platforms
Infrared simulation and processing on Nvidia platformsInfrared simulation and processing on Nvidia platforms
Infrared simulation and processing on Nvidia platforms
 

How Serverless Changes DevOps

  • 2. $ whoami • DevOps engineer, working as contractor • Serverless, Terraform, AWS • Ansible, Docker, Linux, databases • Startups and enterprises • Currently engaged at Seccl Technology • Fintech startup building innovative API-based platform @rdonkin linkedin.com/in/rdonkin tempohq.net
  • 3. • What is Serverless? • What Changes for DevOps? • DevOps != Server Management • DevOps Areas for Serverless • App Architectures • Automation Tools • Environments • Monitoring and Observability • Cold Start • Security Topics
  • 4. Security Scalability High Availability Serverless = make these Someone Else's Problem What is Serverless?
  • 5. Platform Like PaaS, only more so Easier scaling and HA Granular Pay As You Go
  • 6. FaaSFunction as a service Single Stateless Function Auto Scaling & HA Pay As You Go Note: Self-hosted FaaS != serverless
  • 7. BaaS S3 DynamoDB Aurora Serverless Cognito … Backend as a service (= Managed Service) Auto Scaling - preferably Auto HA Pay As You Go
  • 8. Cost of Supply closely tracks Demand • Source: Subbu Allamaraju – Cloud Optimization Circus
  • 11. DevOps != Server Management • Agile for Infrastructure (Patrick Debois) • "Better software, faster and more safely" (Helen Beal)
  • 12. DevOps Areas for Serverless Configuration management Deployment • Cloud resource provisioning • App deployment Management • Monitoring, alerting • Observability, logging • Application performance • Application Cost Management Developer Environments CI/CD High availability • Multi-region Security • Access controls • Authentication inc. MFA • Secret management • Intrusion detection/prevention • Auditing Dependency management • Software supply chain All delivered using Infrastructure as Code
  • 13. When Not To Use Serverless • Long-running functions • Max 5 min on AWS • CaaS alternatives: ECS, EKS, Fargate, AWS Batch • Server alternatives: EC2, SQS • Low-latency functions • Lambda "cold start" on AWS – delays of 100ms to 10 sec • Workload is flat, or very high compute • Spiky workloads are better fit • Consider TCO of equivalent solution inc. HA, scaling • Existing apps • Move slices into serverless (background processing and operations tasks)
  • 15. Serverless App Architectures Option API Functions Comment Monolith POST /api backend Single function for app Microservices POST /custs Add customer customers Function per resource e.g. customer GET /custs/:id Get customer ditto Nanoservices POST /custs Add customer create-cust Function per endpoint e.g. add customer GET /custs/:id Get customer get-cust Choice affects cold start, monitoring, separate deployment, … Nanoservices model very common  100s – 1000s of cloud resources
  • 16. Automation Tools • Cloud Resource Provisioning • Important resources • IAM access controls • Serverless "frameworks" • Deploy functions • Provision resources bound to functions • Easy 'build, deploy, test' for developers • Configuration management • Parameter model + templating • Developer laptops, Jenkins, ELK • Pure templating tools also relevant AWS SAM
  • 17. Environments and Naming • Stage environment • All resources include stage env name • Examples: devfrisby, staging, prod • Serverless Framework – uses 'stage' in all resources • Very quick and cheap to create and destroy • Personal environment in cloud, limited isolation • Core environment: • AWS account • Limit blast radius • Supports various stage envs • Examples: dev, test, prod • IAM roles - assume-role from master account • Define naming rules for everything
  • 18. Monitoring, Logging, Observability • No server or network monitoring needed! • No servers to install agents on … • May need 'middleware hook' on every function • Monitor app health & performance • IOPipe, Dashbird, Epsagon, Thundra, … • Some direct, some via CloudWatch • Logging – CloudWatch Logs, ELK/EFK • Debugging • Distributed tracing – AWS XRay • Observability – Honeycomb • Charity Majors talk Monitoring = unit tests for ops Observability = debugging tool for ops
  • 19. Cold Start on AWS Lambda (1) • Cold start delays on first run • 100 ms for Node/Python "hello world" • Several sec for Java/C# with low RAM • Warm start – no extra delay • Can cache data per function instance • Reduce cold start time • Allocate more memory/CPU • Strip out unused code • Reduce scope of functions • Reduce cold start frequency • Increase scope of functions • Function warming (concurrent)
  • 20. Cold Start on AWS Lambda (2) • More cold start delays • DBs: creating a connection (MySQL, MongoDB, etc) – 100s of ms • Can also overwhelm RDS with too many connections • VPCs: creating ENI (approx. 7-10 sec latency) • Possible solutions • DB connection caching + pooling using Lambda: • Cache connection in function's warmed state • Lambda concurrency limit to avoid overwhelming RDS • Avoid VPCs for interactive functions • DBs with connectionless APIs – e.g. DynamoDB
  • 21. Security and Secrets • No servers to secure & patch! • No servers to run security agents … • May need 'middleware hook' • Tools: • AWS CloudTrail - auditing AWS operations • CloudTracker - analyze CloudTrail -> least-privilege IAM policies • AWS Guard Duty - intrusion detection • AWS Macie – check for sensitive info in S3 • AWS Config – check configs • Puresec – learn app behavior and block attacks • Secret management • AWS Parameter Store or Secrets Manager
  • 22. Someone Else's Problem Don't Pay for Idle DevOps is evolving
  • 25. "Backendless" web apps Goal: no backend code – not even FaaS • Frontend-centric • Origin: mobile backend services - e.g. Firebase and Parse • Smart frontend app + BaaS only • Background processing may still use FaaS • Much lower costs • 400K users for $100/month – Mindmup app, Gojko Adzic • Leverage client hardware • Gojko Adzic talk: https://www.youtube.com/watch?v=Xi_WrinvTnM • Forrest Brazeal blog post: https://read.acloud.guru/why-do-you-care-so-much-about-your-backend-when-your-customers-dont- 81f4e6433593
  • 26. DevOps – Key Elements • whole team collaborating • deploy very frequently • automate repeated work • MTTR >> MTBF • business-focused monitoring • continuous learning and improvement
  • 27. Ops != Server Management Operations is the constellation of your org's technical skills, practices, and cultural values around designing, building, scaling and maintaining systems. -- Charity Majors, @mipsytipsy Ops is the process of delivering value to users

Editor's Notes

  1. DevOps engineer, working on serverless, container-based and server-centric projects. Talking about serverless and its impact on DevOps tools and techniques, based on a current fintech project.
  2. So what is serverless? Well, a vast amount of security, scalability and managing failover is someone else's problem – Amazon and others will take care of this with serverless, rather than giving you a virtual server to manage. This includes choosing the IaaS instance type, OS image, installing dependencies, creating filesystems, configuring databases, and ensuring security updates – all handled by the cloud provider.
  3. Serverless is like PaaS, only more so – you just deploy app code as stateless functions. The difference is auto scaling and high availability – the cloud provider runs as many servers as you need.
  4. FaaS = run single stateless function, as many copies as needed - no problem with Wall of Traffic - very good for spiky workloads Triggered by events such as an API Gateway request, or a file being uploaded to S3.
  5. The other part of serverless is BaaS = object storage, databases, authentication, … all run by the cloud provider so you don't have to.
  6. Most servers are mostly idle, like this guy. A key part of serverless is that you don't pay for idle time. Just pay as you go, for the compute and storage you use. As with a well-managed Kubernetes cluster, the servers run by Amazon or Microsoft "run hot" at 90% plus utilization, reducing the price you pay for functions. Ref: https://www.slideshare.net/NCore1/unite-2017-going-serverless-gertjan-vanthienen slide 2 - servers are 30% idle generally, and on AWS it's over 90%.
  7. So serverless has many benefits for scaling, security and so on. The question is: does this mean Less Ops or No Ops? There are a few Serverless people who say that "DevOps is the new legacy" due to serverless – this seems to be due to equating DevOps with server management.
  8. For a good review of what DevOps is, see https://puppet.com/blog/what-is-devops
  9. These are areas for a pure serverless environment, without any containers, servers, VPNs or VPCs (virtual networks). Configuration management – this particularly focuses on managing a tree of complex parameters, defining them in a structure that is DRY yet still allows local variations for specific projects or tasks (e.g. upgrading Node.js version in one dev environment before promoting to test environment.) These parameters are used by almost every part of the DevOps solution including tools such as Terraform, Ansible, Serverless Framework, etc. Cloud resource provisioning – some data-centric resources that aren't owned by a single serverless function should be owned by an infra provisioning process – e.g. databases, critical storage buckets, event stores, and message queues. This provides clear ownership and avoids accidental deletion if a function that owns the resource is deleted. Application Cost Management – given the PAYG model for serverless, it's possible to have big surprises in costs, depending on traffic volume and how the app is coded, but it's also possible to drill into a large amount of granular cost data to optimize this. Tooling in this area is still immature, and there is not even a good term for it. All of this should of course use infrastructure as code, for the normal reasons, and be usable in multi environments so that new DevOps code can be tested safely without impacting the main dev/test/prod environments.
  10. Convergence of CaaS and serverless is one way that long-running functions and lower-latency can be supported Background processing for apps, or ops tasks such as backups and disk space pruning, are often an easy way into serverless.
  11. I believe that DevOps is not disappearing, but evolving in response to some of the new challenges as you move into the serverless world, to make sure your app *keeps working* in production.
  12. With the nanoservices model, each serverless function is an independent unit, acting as a nanoservice, not just a microservice. That's great for scaling, but you now have more to monitor and configure than before.
  13. Serverless deployment frameworks are crucial to manage the large number of cloud resources if your serverless app is adopting the Nanoservices model, and arguably also if you use the Microservices model, due to proliferation of development environments (covered later). Pure templating tools such as j2cli (based on Jinja2) might also be relevant instead of configuration management (CM) tools, if you don't have a very large and complex set of parameters to manage. However, any use of servers will require a CM tool alongside cloud resource provisioning tools.
  14. Blast radius – Lambda concurrency limits, security breaches, etc have a limited impact if there is less in each AWS account, i.e. one per core environment. Hence we would use assume-role from a master AWS account, allowing a single set of AWS credentials to access the required target account (core environment). Why deploy to a stage env even when developing? Access to full range of BaaS services for integration testing during development (using S3, DBs, message queues, etc), without writing mocks Ensures that everyone deploys frequently,to cloud, which makes development closer to production – hence some key operability characteristics are more likely to be thought about earlier in software lifecycle (DevOps style)
  15. You still need to detect your app isn't working, or is too slow - so monitoring and logging remain crucial. Some people run a separate ELK stack with serverless on AWS, to provide richer searching and analysis than CloudWatch logs allow. The complexity of serverless architectures also drives the need for observability, which lets you drill down into really hard bugs in production, by capturing rich data that's easily analysed.
  16. With function warming, it's important that it's concurrent – if the traffic to a certain function requires N concurrent instances of the function, you must ensure that you invoke it (in warming mode) concurrently in a small enough window that you get N instances. Some discussions of function warming don't address this point. Function consolidation means putting otherwise separate requests into a single larger function so that it's more likely to be "naturally warm" – this can work, but can mean slower cold starts when they do occur.
  17. ENI = elastic network interface. Lambda functions can optionally be placed into a VPC to access its servers, or linked VPCs (on-premise servers, or DBaaS such as Amazon RDS or MongoDB Atlas) DB connection reaping – various approaches including https://www.jeremydaly.com/manage-rds-connections-aws-lambda/ or just use the connection caching approach on slide which will ensure no more than N connections with a function concurrency limit of N. need to consider what happens when AWS kills a warm function (after some hours) – this may leave an open DB connection in the DB server, so connection reaping may be required then.
  18. Serverless has real benefits for developers and the business – running those invisible servers is "someone else's problem", and you get a lot of security, scalability and high availability for free. "Don't Pay for Idle" is a key point, giving huge cost savings and letting you manage application costs at a granular level. Far from disappearing, DevOps is already evolving to meet the challenges of serverless.
  19. This has been a very quick tour of how Serverless is changing DevOps. Thank you!
  20. deploy very frequently (e.g. daily or faster) small batch sizes – make small changes to software automate repeated work automated testing automated deployment (servers, cloud resources and apps) whole team collaborating not just tools focus on time to repair more than time between failures rapid recovery business-focused monitoring monitor highest value first Continuous learning and improvement – rapid iteration and feedback to improve Devops mettrics