How to build observability into Serverless (O'Reilly Velocity 2018)

1. How to build observability into Serverless Yan Cui @theburningmonk

2. Agenda ▪ What do I mean by observability? ▪ New challenges with serverless ▪ Logging ▪ Monitoring ▪ Tracing

3. After the talk ▪ Slides will be available on slideshare ▪ Find links to slides and video at https://theburningmonk.com/ oreillyvelocity2018

5. Abraham Wald

6. Abraham Wald

7. Abraham Wald

8. Abraham Wald Wald noted that the study only considered the aircraft that had survived their missions—the bombers that had been shot down were not present for the damage assessment. The holes in the returning aircraft, then, represented areas where a bomber could take damage and still return home safely.

9. Abraham Wald Wald noted that the study only considered the aircraft that had survived their missions—the bombers that had been shot down were not present for the damage assessment. The holes in the returning aircraft, then, represented areas where a bomber could take damage and still return home safely.

10. survivor bias in monitoring

11. survivor bias in monitoring Only focus on failure modes that we were able to successfully identify through investigation and postmortem in the past. The bullet holes that shot us down and we couldn’t identify stay invisible, and will continue to shoot us down.

12. What do I mean by “observability”?

13. Monitoring watching out for known failure modes in the system, e.g. network I/O, CPU, memory usage, …

14. Observability being able to debug the system, and gain insights into the system’s behaviour

15. In control theory, observability is a measure of how well internal states of a system can be inferred from knowledge of its external outputs. https://en.wikipedia.org/wiki/Observability

16. Known Success

17. Known SuccessKnown Errors

18. Known SuccessKnown Errors easy to monitor!

19. Known SuccessKnown Errors Known Unknowns

20. Known SuccessKnown Errors Known UnknownsUnknown Unknowns

21. Known SuccessKnown Errors Known UnknownsUnknown Unknowns invisible bullet holes

22. Known SuccessKnown Errors Known UnknownsUnknown Unknowns

23. Known SuccessKnown Errors Known UnknownsUnknown Unknowns only alert on this

24. Known SuccessKnown Errors Known UnknownsUnknown Unknowns alert on the absence of this!

25. Known SuccessKnown Errors Known UnknownsUnknown Unknowns what went wrong?

26. These are the four pillars of the Observability Engineering team’s charter: • Monitoring • Alerting/Visualization • Distributed systems tracing infrastructure • Log aggregation/analytics “ ” http://bit.ly/2DnjyuW- Observability Engineering at Twitter

27. microservices death stars circa 2015

28. mm… I wonder what’s going on here… microservices death stars circa 2015

33. I got this! microservices death stars circa 2015

36. About me ▪ Principal Engineer at DAZN ▪ AWS Serverless Hero ▪ Author of Production-Ready Serverless* by Manning ▪ Blogger** ▪ Speaker * https://bit.ly/production-ready-serverless ** https://theburningmonk.com

39. https://www.ft.com/content/07d375ee-6ee5-11e8-92d3-6c13e5c92914

40. https://www.theguardian.com/media/2018/may/14/streaming-service-dazn-netﬂix-sport-us-boxing-eddie-hearn

41. About DAZN ▪ Available in 7 countries - Austria, Switzerland, Germany, Japan, Canada, Italy and USA ▪ Available on 30+ platforms

42. About DAZN ▪~1,000,000 concurrent viewers at peak

43. follow @dazneng for updates about the engineering team We’re hiring! Visit engineering.dazn.com to learn more. WE’RE HIRING!

44. new challenges

45. NO ACCESS to underlying OS

46. NOWHERE to install agents/daemons

47. •nowhere to install agents/daemons new challenges

48. user request user request user request user request user request user request user request critical paths: minimise user-facing latency handler handler handler handler handler handler handler

49. user request user request user request user request user request user request user request critical paths: minimise user-facing latency StatsD handler handler handler handler handler handler handler rsyslog background processing: batched, asynchronous, low overhead

50. user request user request user request user request user request user request user request critical paths: minimise user-facing latency StatsD handler handler handler handler handler handler handler rsyslog background processing: batched, asynchronous, low overhead NO background processing except what platform provides

51. •no background processing •nowhere to install agents/daemons new challenges

52. EC2 concurrency used to be handled by your code

53. EC2 Lambda Lambda Lambda Lambda Lambda now, it’s handled by the AWS Lambda platform

54. EC2 logs & metrics used to be batched here

55. EC2 Lambda Lambda Lambda Lambda Lambda now, they are batched in each concurrent execution, at best…

58. HIGHER concurrency to log aggregation/telemetry system

59. •higher concurrency to telemetry system •nowhere to install agents/daemons •no background processing new challenges

60. Lambda cold start

61. Lambda data is batched between invocations

62. Lambda idle data is batched between invocations

63. Lambda idle garbage collectiondata is batched between invocations

64. Lambda idle garbage collectiondata is batched between invocations HIGH chance of data loss

65. •high chance of data loss (if batching) •nowhere to install agents/daemons •no background processing •higher concurrency to telemetry system new challenges

66. Lambda

67. my code send metrics

68. my code send metrics

69. my code send metrics internet internet press button something happens

71. http://bit.ly/2Dpidje

72. ? functions are often chained together via asynchronous invocations

73. ? SNS Kinesis CloudWatch Events CloudWatch LogsIoT DynamoDB S3 SES

74. ? SNS Kinesis CloudWatch Events CloudWatch LogsIoT DynamoDB S3 SES tracing ASYNCHRONOUS invocations through so many different event sources is difficult

75. •asynchronous invocations •nowhere to install agents/daemons •no background processing •higher concurrency to telemetry system •high chance of data loss (if batching) new challenges

76. These are the four pillars of the Observability Engineering team’s charter: • Monitoring • Alerting/Visualization • Distributed systems tracing infrastructure • Log aggregation/analytics “ ” http://bit.ly/2DnjyuW- Observability Engineering at Twitter

77. LOGGING

79. 2016-07-12T12:24:37.571Z 994f18f9-482b-11e6-8668-53e4eab441ae GOT is off air, what do I do now?

80. 2016-07-12T12:24:37.571Z 994f18f9-482b-11e6-8668-53e4eab441ae GOT is off air, what do I do now? UTC Timestamp Request Id your log message

82. one log group per function one log stream for each concurrent invocation

83. logs are not easily searchable in CloudWatch Logs me

84. CloudWatch Logs

86. CloudWatch Logs is an async event source for Lambda

87. Concurrent Executions Time regional max concurrency functions that are delivering business value

88. Concurrent Executions Time regional max concurrency functions that are delivering business value ship logs

89. either set concurrency limit on the log shipping function (and potentially lose logs due to throttling) or…

91. 1 shard = 1 concurrent execution i.e. control the no. of concurrent executions with no. of shards

92. …

93. CloudWatch Logs

99. CloudWatch Logs

100. use structured logging with JSON

101. https://stackify.com/what-is-structured-logging-and-why-developers-need-it/ https://blog.treasuredata.com/blog/2012/04/26/log-everything-as-json/

102. https://www.loggly.com/blog/8-handy-tips-consider-logging-json/

104. traditional loggers are too heavy for Lambda

108. CloudWatch Logs $0.50 per GB ingested $0.03 per GB archived per month

109. CloudWatch Logs $0.50 per GB ingested $0.03 per GB archived per month 1M invocation of a 128MB function = $0.000000208 * 1M + $0.20 = $0.408

110. DON’T leave debug logging ON in production

112. have to redeploy ALL the functions along the call path to collect all relevant debug logs

115. https://github.com/middyjs/middy

117. EC2 Lambda Lambda Lambda Lambda Lambda Concurrency is handled by the AWS Lambda platform

123. sampling decision has to be followed by an entire call chain

124. Initial Request ID User ID Session ID User-Agent Order ID …

125. nonintrusive

126. nonintrusive extensible

127. nonintrusive extensible consistent

128. nonintrusive extensible consistent works for streams

129. EC2 Lambda Lambda Lambda Lambda Lambda Concurrency is handled by the AWS Lambda platform

130. store correlation IDs in global variable

133. use middleware to auto-capture incoming correlation IDs

134. extract correlation IDs from invocation event, and store them in the correlation-ids module reset

136. logger to always include captured correlation IDs

137. HTTP and AWS SDK clients to auto-forward correlation IDs on

138. context.awsRequestId get-index

139. context.awsRequestId x-correlation-id get-index

140. { “headers”: { “x-correlation-id”: “…” }, … } get-index

141. { “body”: null, “resource”: “/restaurants”, “headers”: { “x-correlation-id”: “…” }, … } get-index get-restaurants

142. get-restaurants global.CONTEXT global.CONTEXT x-correlation-id = … x-correlation-xxx = … get-index headers[“User-Agent”] headers[“Debug-Log-Enabled”] headers[“User-Agent”] headers[“Debug-Log-Enabled”] headers[“x-correlation-id”] capture forward function event log.info(…)

145. nonintrusive extensible consistent works for streams

146. MONITORING

148. •no background processing •nowhere to install agents/daemons new challenges

149. my code send metrics internet internet press button something happens

150. those extra 10-20ms for sending custom metrics would compound when you have microservices and multiple APIs are called within one slice of user event

151. Amazon found every 100ms of latency cost them 1% in sales. http://bit.ly/2EXPfbA

152. console.log(“hydrating yubls from db…”); console.log(“fetching user info from user-api”); console.log(“MONITORING|1489795335|27.4|latency|user-api-latency”); console.log(“MONITORING|1489795335|8|count|yubls-served”); timestamp metric value metric type metric namemetrics logs

153. CloudWatch Logs AWS Lambda ELK stack logs m etrics CloudWatch

155. trade-off delay cost concurrency

156. trade-off delay cost concurrency no latency overhead

157. API Gateway send custom metrics asynchronously

158. SNS KinesisS3API Gateway … send custom metrics asynchronously send custom metrics as part of function invocation

161. TRACING

162. X-Ray

166. don’t span over async invocations good for identifying dependencies of a function, but not good enough for tracing the entire call chain as user request/data flows through the system via async event sources.

167. don’t span over non-AWS services

171. write structured logs

172. instrument your code

173. make it easy to do the right thing

174. API Gateway and Kinesis Authentication & authorisation (IAM, Cognito) Testing Running & Debugging functions locally Log aggregation Monitoring & Alerting X-Ray Correlation IDs CI/CD Performance and Cost optimisation Error Handling Configuration management VPC Security Leading practices (API Gateway, Kinesis, Lambda) Canary deployments http://bit.ly/prod-ready-serverless get 40% off with: ytcui

175. @theburningmonk theburningmonk.com github.com/theburningmonk API Gateway and Kinesis Authentication & authorisation (IAM, Cognito) Testing Running & Debugging functions locally Log aggregation Monitoring & Alerting X-Ray Correlation IDs CI/CD Performance and Cost optimisation Error Handling Configuration management VPC Security Leading practices (API Gateway, Kinesis, Lambda) Canary deployments http://bit.ly/prod-ready-serverless get 40% off with: ytcui

How to build observability into Serverless (O'Reilly Velocity 2018)

How to build observability into Serverless (O'Reilly Velocity 2018)

Recommended

More Related Content

What's hot

What's hot(20)

Similar to How to build observability into Serverless (O'Reilly Velocity 2018)

Similar to How to build observability into Serverless (O'Reilly Velocity 2018)(20)

More from Yan Cui

More from Yan Cui(20)

Recently uploaded

Recently uploaded(20)

How to build observability into Serverless (O'Reilly Velocity 2018)