Serverless Architectural Patterns

© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Adrian Hornsby, Cloud Architecture Evangelist
Serverless Architectural Patterns
@adhorn

Session objectives
1. Understand Serverless Key Concepts.
2. Understand Event Processing Architecture.
3. Understand Operation Automation Architecture.
4. Understand Web Application Architecture.
5. Understand Data Processing Architecture.
1. Kinesis-based apps.
2. IoT-based apps.

© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Serverless Key Concepts

No servers to provision
or manage
Scales with usage
Never pay for idle Availability and fault
tolerance built in
Serverless means…

Spectrum of AWS offerings
AWS
Lambda
Amazon
Kinesis
Amazon
S3
Amazon API
Gateway
Amazon
SQS
Amazon
DynamoDB
AWS IoT
Amazon
EMR
Amazon
ElastiCache
Amazon
RDS
Amazon
Redshift
Amazon ES
Managed Serverless
Amazon EC2
Microsoft SQL
Server
“On EC2”
Amazon
Cognito
Amazon
CloudWatch

Regional services
AZ1 AZ2 AZ3
Service XYZ

Anatomy of a Lambda function
Handler() function
Function to be executed
upon invocation
Event object
Data sent during
Lambda Function
Invocation
Context object
Methods available to
interact with runtime
information (request ID,
log group, etc.)
def handler(event, context):
return {
"message": ”Hello World!",
"event": event
}

Lambda execution model
Synchronous (push) Asynchronous (event) Stream-based
Amazon
API Gateway
AWS Lambda
function
Amazon
DynamoDB
Amazon
SNS
/api/hello
AWS Lambda
function
Amazon
S3
reqs
Amazon
Kinesis
changes
AWS Lambda
service
function

Lambda Best Practices
• Minimize package size to necessities
• Separate the Lambda handler from core logic
• Use Environment Variables to modify operational
behavior
• Self-contain dependencies in your function package
• Leverage “Max Memory Used” to right-size your
functions
• Delete large unused functions (75GB limit)

AWS X-Ray Integration with Serverless
• Lambda instruments incoming requests for
all supported languages
• Lambda runs the X-Ray daemon on all
languages with an SDK
var AWSXRay = require(‘aws-xray-sdk-core‘);
AWSXRay.middleware.setSamplingRules(‘sampling-rules.json’);
var AWS = AWSXRay.captureAWS(require(‘aws-sdk’));
S3Client = AWS.S3();

X-Ray Trace Example

Chalice
awslabs/aws-serverless-express
awslabs/aws-serverless-java-container
Serverless Frameworks

Event Processing Architecture

Event driven
A B CEvent A on B triggers C
Invocation
Lambda functions
Action

Event-driven platform
S3 event
notifications
DynamoDB
Streams
Kinesis
events
Cognito
events
SNS
events
Custom
events
CloudTrail
events
LambdaDynamoDB
Kinesis S3
Any custom
Invoked in response to events
- Changes in data
- Changes in state
Redshift
SNS
Access any service,
including your own
Such as…
Lambda functions
CloudWatch
events

Event-driven actions
Lambda:
Resize Images
Users upload photos
S3:
Source Bucket
S3:
Destination Bucket
Triggered on
PUTs

Source data
Source data
Source data
Source data
S3 Data Staging
Layer
/data/source-raw
S3 Data Staging
Layer
/data/source-validated
Lambda: Input
Validation and
Conversion layer
Lambda: Input
Tracking layer
State Management
Store
Event-driven controls

AWS Step Functions:
Orchestrate a Serverless processing
workflow using AWS Lambda

Operation Automation Architecture

https://github.com/awslabs/lambda-refarch-imagerecognition

Automation characteristics
• Periodic jobs
• Event triggered workflows
• Enforce security policies
• Audit and notification
• Respond to alarms
• Extend AWS functionality
… All while being Highly Available, Scalable and Auditable

Auto tagging resources as they start
AWS Lambda:
Update Tag
Amazon CloudWatch Events:
Rule Triggered
Amazon EC2 Instance
State Changes
Amazon DynamoDB:
EC2 Instance Properties
Tag: N/A
Amazon EC2 Instance
State Changes
Tag:
Owner=userName
PrincipalID=aws:userid
• AMI
• Instances
• Snapshot
• Volume

CapitalOne Cloud Custodian
AWS Lambda:
Policy & Compliance Rules
Rules Triggered
AWS CloudTrail:
Events
Amazon SNS:
Alert Notifications
Amazon CloudWatch Logs:
Logs
Read more here: http://www.capitalone.io/cloud-custodian/docs/index.html

Scheduled backup operation
AWS Lambda:
Backup Rules
Scheduled Trigger
Amazon Redshift Cluster XYZ Snapshot

Scheduled AI jobs
Amazon
S3
AWS
Lambda
CloudWatch:
Time-based events
Amazon
Polly
https://github.com/adhorn/pollycast

AWS Ops Automator
CloudWatch:
Time-based events
Lambda:
Event handler
Lambda:
Task executors
SNS:
Error & warning notifications
Resources in multiple AWS
Regions and Accounts
EC2 Instances
Tags
OpsAutomatorTaskList CreateSnapshot
DynamoDB:
Task configuration & tracking
CloudWatch:
Logs
Redshift Clusters
https://aws.amazon.com/answers/infrastructure-management/ops-automator/

Autodesk - Tailor
Serverless AWS Account Provisioning and Management Service:
• Automates AWS Account creation,
• Configures IAM, CloudTrail, AWS Config, Direct Connect, and VPC
• Enforces corporate standards
• Audit for compliance
Provisions new Accounts in 10 minutes vs 10 hours in earlier manual process
Open source and extensible: https://github.com/alanwill/aws-tailor

Web Application Architecture

Web application
Data stored in
Amazon
DynamoDB
Dynamic content
in AWS Lambda
Amazon API
Gateway
Browser
Amazon
CloudFront
Amazon
S3
Amazon
Cognito

Bustle Achieves 84% Cost Savings with
AWS Lambda
Bustle is a news, entertainment, lifestyle, and fashion
website targeted towards women.
With AWS Lambda, we
eliminate the need to worry
about operations
Tyler Love
CTO, Bustle
”
“ • Bustle had trouble scaling and
maintaining high availability for its
website without heavy management
• Moved to serverless architecture using
AWS Lambda and Amazon API
Gateway
• Experienced approximately 84% in cost
savings
• Engineers are now focused on
innovation

Amazon API
Gateway AWS
Lambda
Amazon
DynamoDB
Amazon
S3
Amazon
CloudFront
• Bucket Policies
• ACLs
• OAI
• Geo-Restriction
• Signed Cookies
• Signed URLs
• DDOS Protection
IAM
AuthZ
IAM
• Throttling
• Caching
• Usage Plans
• ACM
Browser
Amazon Cognito
Serverless web app security

Custom Authorizer
Lambda function
Client
Lambda
function
AmazonAPI
Gateway
Amazon
DynamoDB
AWS Identity &
Access Management
SAML
Two types:
• TOKEN - authorization token
passed in a header
• REQUEST – all headers, query
strings, paths, stage variables or
context variables.
Custom Authorizers

us-west-2
us-east-1
Client
Amazon
Route 53
Regional
API
Endpoint
Regional
API
Endpoint
Custom
Domain
Name
Custom
Domain
Name
API Gateway
API Gateway
Lambda
Lambda
Multi-Region with API Gateway

Data Processing Architecture
Kinesis-based apps

Processing real-time, streaming data
• Durable
• Continuous
• Fast
• Correct
• Reactive
• Reliable
What are the key requirements?
Ingest Transform Analyze React Persist

Amazon S3
Amazon S3- Foundations for Data Processing
Ingest Transform Analyze React Persist

Standard
Active data Archive dataInfrequently accessed data
Standard - Infrequent Access Amazon Glacier
Choice of storage classes on S3

S3 Standard
• Big data analysis
• Content distribution
• Static website
hosting
Standard - IA
• Backup & archive
• Disaster recovery
• File sync & share
• Long-retained data
Amazon Glacier
• Long term archives
• Digital preservation
• Magnetic tape
replacement
Active data Archive dataInfrequently accessed data
Choice of storage classes on S3

Amazon Kinesis makes it easy to work with real-
time streaming data
Amazon Kinesis
Streams
• For Technical Developers
• Collect and stream data
for ordered, replay-able,
real-time processing
Amazon Kinesis
Firehose
• For all developers, data
scientists
• Easily load massive
volumes of streaming data
into Amazon S3, Redshift,
ElasticSearch
Amazon Kinesis
Analytics
• For all developers, data
scientists
• Easily analyze data
streams using standard
SQL queries

Producers Consumers
Shard 1
Shard 2
Shard n
Shard 3
…
…
Write: 1MB Read: 2MB
** A shard is a group of data records in a stream
Amazon Kinesis

Producers Amazon S3
Amazon ES
Amazon Redshift
Amazon Kinesis Firehose

Real-time analytics
Amazon
Kinesis
Stream
Amazon
Kinesis
Analytics
Amazon
Cognito
Amazon
Kinesis
Stream
Amazon
DynamoDB
Amazon
Lambda
Amazon S3
JavaScript
SDK

Real-time Analytics Demo
http://quad.adhorn.me

Data Input
Source JSON Data
• Once per second, using JavaScript SDK:
• Unique Cognito ID (anonymous user)
• OS
• Quadrant
• Data sent to Kinesis Stream
Amazon
Kinesis
Stream
Amazon
Cognito
Amazon
S3
JavaScript
SDK
{
"recordTime": 1486505943.204,
"cognitoId": "us-east-1:3626e211-d2a3-447b-8231-e1f4e0486f44",
"os": "Android",
"quadrant": "A”,
…
}

How is raw data mapped to a schema?
Amazon Kinesis stream Amazon KinesisAnalytics
cognitoID os quadrant
<guid1> Android A
<guid2> iOS B
Source Data for Kinesis Analytics
{
"recordTime": 1486505943.204,
"cognitoId": "us-east-1:<guid>",
"os": "Android",
"quadrant": "A"
}

How is streaming data accessed with SQL?
STREAM
• Analogous to a TABLE
• Represents continuous data flow
CREATE OR REPLACE STREAM DISTINCT_USER_STREAM(
COGNITO_ID VARCHAR(64),
DEVICE VARCHAR(32),
OS VARCHAR(32),
QUADRANT char(1),
DT TIMESTAMP);

How is streaming data accessed with SQL?
PUMP
• Continuous INSERT query
• Inserts data from one in-application stream to another
CREATE OR REPLACE PUMP "DISTINCT_USER_PUMP" AS
INSERT INTO "DISTINCT_USER_STREAM"
SELECT STREAM DISTINCT
"cognitoId",
...

How do we get distinct user records?
Use PUMP to insert distinct records into in-app STREAM
CREATE OR REPLACE PUMP "DISTINCT_USER_PUMP" AS
INSERT INTO "DISTINCT_USER_STREAM"
SELECT STREAM DISTINCT
"cognitoId",
"device",
"os",
"quadrant",
FLOOR(s.ROWTIME TO SECOND)
FROM "SOURCE_SQL_STREAM_001" s;
DISTINCT_USERS_STREAM
•COGNITO_ID
•OS
•QUADRANT
•DT
SOURCE_STREAM
•cognitoID
•os
•quadrant

How do we aggregate per second?
• Tumbling window, group by time period
CREATE OR REPLACE PUMP "OUTPUT_PUMP" AS
INSERT INTO "DESTINATION_SQL_STREAM"
SELECT STREAM
COUNT(dus.COGNITO_ID) AS UNIQUE_USER_COUNT,
COUNT((CASE WHEN dus.OS = 'Android' THEN COGNITO_ID ELSE null END)) AS ANDROID_COUNT,
COUNT((CASE WHEN dus.OS = 'iOS' THEN COGNITO_ID ELSE null END)) AS IOS_COUNT,
COUNT((CASE WHEN dus.OS = 'Windows Phone' THEN COGNITO_ID ELSE null END)) AS WINDOWS_PHONE_COUNT,
COUNT((CASE WHEN dus.OS = 'other' THEN COGNITO_ID ELSE null END)) AS OTHER_OS_COUNT,
COUNT((CASE WHEN dus.QUADRANT = 'A' THEN COGNITO_ID ELSE null END)) AS QUADRANT_A_COUNT,
COUNT((CASE WHEN dus.QUADRANT = 'B' THEN COGNITO_ID ELSE null END)) AS QUADRANT_B_COUNT,
COUNT((CASE WHEN dus.QUADRANT = 'C' THEN COGNITO_ID ELSE null END)) AS QUADRANT_C_COUNT,
COUNT((CASE WHEN dus.QUADRANT = 'D' THEN COGNITO_ID ELSE null END)) AS QUADRANT_D_COUNT,
ROWTIME
FROM "DISTINCT_USER_STREAM" dus
GROUP BY
FLOOR(dus.ROWTIME TO SECOND);

Comparing Types of Windows
• Output created at the end of the window
• The output of the window will be single event based on the aggregate
function used
Tumbling window
Aggregate per time interval
Sliding window
Windows constantly re-evaluated

Output to Kinesis Stream
MENTION_COUNT_STREAM
•UNIQUE_USER_COUNT
•ANDROID_COUNT
•… Amazon
Kinesis Stream
{
"unique_user_count": 96,
"android_count": 50,
"ios_count": 46,
"android_count": 50,
"quadrant_a_count": 80,
"quadrant_b_count ": 10,
"quadrant_c_count ": 3,
"quadrant_d_count ": 3
}
1 record, every second

Persist aggregated data in DynamoDB
Kinesis Stream Lambda DynamoDB
event.Records.forEach((record) => {
const payload = new Buffer(record.kinesis.data, 'base64').toString('ascii');
var docClient = new AWS.DynamoDB.DocumentClient();
var table = "user-quadrant-data";
var data = JSON.parse(payload);
var params = {
TableName: table,
Item:{
"dataType": "quadrantRollup",
"windowtime": (new Date(data.WINDOW_TIME)).getTime(),
"userCount": data.UNIQUE_USER_COUNT,
"quadrantA": data.QUADRANT_A_COUNT,
"quadrantB": data.QUADRANT_B_COUNT, ...
}
};
docClient.put(params, function(err, data) { ...
Lambda event source mapping

Processing a Kinesis Streams with AWS Lambda
Shard 1 Shard 2 Shard 3 Shard 4 Shard n
Kinesis Stream
. . .
. . .
• Single instance of Lambda function per shard
• Polls shard once per second
• Lambda function instances created and removed automatically as stream is scaled
Gets Records
1x per sec
10k records

Kinesis Firehose Amazon S3 Amazon Athena AWS QuickSight
Users browse content
Logs Analytics
https://github.com/adhorn/logtoes

Data Processing Architecture
IoT-based apps

Sensor data collection
IoT
rules
IoT
actions
MQTT
Amazon S3:
Raw records
Amazon Kinesis Firehose:
Delivery stream
Amazon S3:
Batched records
Amazon Kinesis Streams:
Real-time stream
AWS IoT:
Data collection
IoT Sensors
Real-time analytics
applications

AWS
Lambda
Notifications:
Amazon SNS
DynamoDB
AWS IoTSensors Control System
Anomaly Detection Using AWS Lambda

AWS IoT IoT
shadow
Amazon
Cognito
MQTT over WebSockets
AWS
LambdaAlexa
Amazon
S3
Interactive Serverless applications

http://bit.ly/adhornlightbulb
Interactive Serverless applications

Further Reading
Optimizing Enterprise Economics with Serverless Architectures
https://d0.awsstatic.com/whitepapers/optimizing-enterprise-economics-serverless-architectures.pdf
Serverless Architectures with AWS Lambda
https://d1.awsstatic.com/whitepapers/serverless-architectures-with-aws-lambda.pdf
Serverless Applications Lens - AWS Well-Architected Framework
https://d1.awsstatic.com/whitepapers/architecture/AWS-Serverless-Applications-Lens.pdf
Streaming Data Solutions on AWS with Amazon Kinesis
https://d1.awsstatic.com/whitepapers/whitepaper-streaming-data-solutions-on-aws-with-amazon-kinesis.pdf
AWS Serverless Multi-Tier Architectures
https://d1.awsstatic.com/whitepapers/AWS_Serverless_Multi-Tier_Archiectures.pdf

More info:
https://aws.amazon.com/serverless/

Thanks you!

Serverless Architectural Patterns

More Related Content

Similar to Serverless Architectural Patterns

More from Adrian Hornsby

Recently uploaded

Serverless Architectural Patterns

Editor's Notes