As regular conference speakers and attendees we appreciate the efforts from organizers to document the conference using photography. The only downside from this is that we often spend plenty of time clicking through many pages of pictures to find the ones which are relevant to us. So we did what all decent programmers do: automate this tedious task. In this talk we will show you how we leveraged the power of the cloud using Quarkus and GraalVM to build AWS lambdas running native images, the AWS CDK to deploy infrastructure using actual code for our infrastructure and AWS Rekognition to do the heavy lifting in image analysis. We will tell you about the cool parts of this tool and its cutting edge technologies, but will also be honest about the bleeding caused by that edge. Hopefully this talk makes it a bit less sharp...
11. SERVERLESS
ARCHITECTURE
ON AWS
API’s to:
- Manage events
- Trigger album imports
- Search based on photo
AWS Rekognition does the heavy lifting in facial analysis.
Only analysis results are stored, no pictures
12. COMPONENTS We chose lambda for
computation to ensure only costs
for usage.
LAMBDA
Photo’s are downloaded to S3 as
Rekognition needs this for indexing,
they are removed when indexing is
done.
Also used for large SQS messages.
S3
All events are communicated
using SQS queues to reduce
coupling.
SQS
We chose dynamo as datastore as
we have a very simple datamodel.
Dynamo appeared to be the
cheapest solution for this.
DYNAMODB
Serverless architecture on AWS
13. AMAZON REKOGNITION
Image analysis using
Image and video analysis based on deep learning technology from Amazon. Offers analysis functions such as: object
detection, facial recognition, facial analysis, unsafe content detection, celebrity recognition and detecting text in images.
14. USING REKOGNITION
The way we are
Each event gets its own collection.
COLLECTION PER EVENT
Each photo that is added to S3 triggers an import into a
specific collection.
IMAGE ADDED FROM S3 TRIGGER
Rekognition response object is stored into dynamodb
to be able to review the detected faces.
STORED FOR DEBUGGING
The original URL is added to the “image” in rekognition
using the external id field, this requires the URL to be hex
encoded.
URL AS EXTERNAL IMAGE ID
The SearchFacesByImage function is used to find the
matching photos, we call this using the image binary data
as payload.
SEARCHFACESBYIMAGE
16. GRAALVM GraalVM is a universal virtual
machine for running applications
VIRTUAL MACHINE
Native images compiled with
GraalVM ahead-of-time improve
the startup time and reduce the
memory footprint of JVM-based
applications.
NATIVE
Zero overhead interoperability
between programming
languages allows you to write
polyglot applications and select
the best language for your task.
POLYGLOT
GraalVM can be embedded in
both managed and native
applications. There are existing
integrations into OpenJDK,
Node.js and Oracle Database.
EMBEDDABLE
Run Programs Faster Anywhere
17. AOT vs JIT
GraalVM
STARTUP SPEED
Cold lambda startup time
reduced, lambda’s are
billed by running time.
LOW MEMORY FOOTPRINT
SMALL PACKAGING
REDUCED MAX LATENCY
PEAK THROUGHPUT
AOT
JIT
Lambda’s are priced by
memory size.
18. Jackson deserialization bit us hard
Reflection is also in your dependencies
Use the tracing agent to generate the
configurations
REFLECTION
The native image did not do HTTPS out of
the box.
Quarkus has a guide on this, basically you
provide your own copy of cacerts and
bundle libsunec
CRYPTO RESOURCES
Building is slow but required to detect
issues in the native image (reflection for
example)
First develop without AOT to establish
correctness of the code, than deal with
native image issues
DEVELOPMENT SPEED
CHALLENGES
GraalVM
19. QUARKUS
A Kubernetes Native Java stack tailored for
OpenJDK HotSpot and GraalVM, crafted from the
best of breed Java libraries and standards
Quarkus tailors your application
for GraalVM and HotSpot.
Amazingly fast boot time, and
incredibly low RSS memory.
CONTAINER FIRST
A cohesive platform for optimized
developer joy: Unified
configuration, Zero config, live
reload, Streamlined code, No
hassle native executable
generation
DEVELOPER JOY
Combine both the familiar
imperative code and the
non-blocking reactive style when
developing applications.
UNIFIES IMPERATIVE
AND REACTIVE
Quarkus brings a cohesive, fun to
use full-stack framework by
leveraging best of breed libraries
you love and use wired on a
standard backbone.
BEST OF BREED LIBRARIES
AND STANDARDS
20. Build native
images with
Maven profile
BUILD TOOLS FOR NATIVE IMAGES
quarkus-amazon-
lambda
plugin
LAMBDA USING NATIVE IMAGE
21. CHALLENGES
Quarkus
Quarkus is the new kid on the block so there are not that
many documentation resources available at this moment.
DOCUMENTATION
The quarkus-amazon-lambda library is used to run our
natively compiled lambda in its own runtime like it would be
run in the regular amazon lambda but subtle differences
might present itself such as Jackson case sensitivity
differences (fixed in a later release)
LAMBDA COMPATIBILITY
23. AWS Cloud
Development
KitDefine cloud infrastructure using familiar
programming languages
Apply your existing skills and tools to
the task of building cloud
infrastructure.
Provides high-level components that
preconfigure cloud resources with
proven defaults
EASIER CLOUD
ONBOARDING
The expressive power of programming
languages for defining infrastructure.
use your IDE to take advantage of
existing productivity tools and testing
frameworks
FASTER
DEVELOPMENT
PROCESS
Design your own reusable
components that meet your
requirements.
Like with any other software library,
you can easily share components.
CUSTOMIZABLE AND
SHAREABLE
Enables you to build your cloud
application without leaving your IDE.
You can write your runtime code and
define your AWS resources with the
same programming language.
No context switching
24. Using code completion, object references
and type safety in Java.
INFRA AS “PROPER” CODE
Use the CLI tools to see what infra changes
will be made.
DIFF VIEW
BENEFITS
AWS CDK
25. When we started the CDK was missing some
features for which we had to use
cloudformation.
Features were added in the next couple of
weeks.
MISSING FEATURES
Development on the CDK is going fast,
sometimes breaking backwards
compatibility.
Never cost us much time
BREAKING COMPATIBILITY
CHALLENGES
AWS CDK
30. 30
User consent
and option to
withdraw
At its crux, GDPR is all about
increasing transparency, control and
letting the user know how their data
will be used
31.
32.
33.
34.
35. CONSENT BY
PROJECT OWNER
SEARCH WITHIN
PROJECT
NAMES ARE NOT
CORRELATED
We assume the project
owner verified consent
Searching is done in
content of project only and
not shared
Names are not stored
and/or correlated with
images
IMAGES ARE NOT
STORED
Images and matches are
not stored
GDPR
COMPLIANT
THE EFFORT TO MAKE IT
37. 37
Making use of the fast growing
amount of surveillance cameras
CATCHING CRIMINALS
Find the last location of a lost
person
FINDING MISSING PERSONS
Dispense medication, monitor
pain levels
MEDICAL USE
Pay with your face
VALIDATING PURCHASE
Personalized advertisements
ADVERTISING
IMAGE
RECOGNITION
IS POWERFUL
38. 38
Accuracy, storage, big brother
FALSE POSITIVES
Not want to be found
PRIVACY
Provoke unnecessary health
concerns. Wrong diagnostics
HEALTH CONCERNS
Can not replace the face used for
identifying
IDENTITY FRAUD
No easy opt out.
KEEP SECRETS
IMAGE
RECOGNITION
IS DANGEROUS
39. 39
"Make sure you can
look in the mirror and
tell yourself you are
doing the right thing"
Sensei Hoofdakker
41. SESSIONS AT DEVOXX
QUARKUS & GRAALVM
MONDAY
WEDNESDAY
TUESDAY
THURSDAY
Quarkus Community BOF
Learn to build Cloud Native Java Applications with Quarkus
Battle Of The Microservice Frameworks: Micronaut versus Quarkus edition!
Quarkus why, how and what
Everything you need to know about GraalVM
GraalVM native images explained
Optimizing the Performance of Machine Learning in Enterprise Java SaaS with GraalVM, Python and CUDA
Secure your Quarkus Applications
Abstractions Without Regret with GraalVM
GraalVM native images explained
Running Spring Boot applications as GraalVM native images
Kubernetes Native Spring apps on Quarkus