Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
SERVERLESS DESIGN PATTERNS
Yan Cui
http://theburningmonk.com
@theburningmonk
2014
“Serverless”
Gojko Adzic
It is serverless the same way
WiFi is wireless.
http://bit.ly/2yQgwwb
Serverless means…
don’t pay for it if no-one uses it
don’t need to worry about scaling
don’t need to provision and manage ...
“Function-as-a-Service”
AWS Lambda
Azure Functions
Google Cloud Functions
Auth0 Webtask
Spotinst Functions Kubeless
IBM Cl...
AWS Lambda
AWS Lambda
API Gateway IOT SNS Kinesis CloudWatch
IaaS
Function
Application
Runtime
Container
OS
Virtualization
Hardware
CaaS
Function
Application
Runtime
Container
OS
Virt...
IaaS
Function
Application
Runtime
Container
OS
Virtualization
Hardware
CaaS
Function
Application
Runtime
Container
OS
Virt...
Serverless
FaaS
other
Databas
Storage
BI
SERVERLESS WILL FUNDAMENTALLY
CHANGE HOW WE BUILD BUSINESS
AROUND TECHNOLOGY AND HOW YOU
CODE.
Simon Wardley
more Scalable
(and scales faster!)
Cheaper
(don’t pay for idle servers)
Resilience
(built-in redundancy and multi-AZ)
idea production
choose language
+ framework
master language
+ framework
figure out
deployment
configure AMI
configure ELB
con...
idea production
choose language
+ framework
master language
+ framework
figure out
deployment
configure AMI
configure ELB
con...
idea production
greater Velocity from idea to product
minimise Undifferentiated
heavy-lifting
Less ops responsibility on
your shoulders
https://www.youtube.com/watch?v=pptsgV4bKv8
http://bit.ly/2Dpidje
events are an enabler for
COMPOSABILITY
AWS LAMBDA
is the...
PATTERNS
WARNING!!
A DESIGN PATTERN IS NOT...
A RECIPE FOR SUCCESS
Pattern
/pat(ə)n/
A pattern is the repeated or
regular way in which something
happens or is done.
UNDERSTAND YOUR PROBLEMS
AND CONSTRAINTS OVER
FOLLOWING A PATTERN.
me
http://bit.ly/2Goq5mY
I’m not trying to sell you a “magic” elixir!
there are no silver bullets
Pattern
/pat(ə)n/
A pattern is the repeated or
regular way in which something
happens or is done.
CRON
AWS LambdaCloudWatch Events
CloudWatch Events
OPS
AUTOMATION
AWS Lambda CloudWatch Logs
CloudWatch Logs
AWS Lambda CloudWatch Logs AWS Lambda
CloudWatch Logs
AWS Lambda CloudWatch Logs
CloudTrail
CloudWatch Events
AWS Lambda CloudWatch Logs
CloudWatch Events
CloudTrail
AWS Lambda
AWS Lambda CloudWatch Logs
CloudWatch Events
CloudTrail
AWS Lambda
AWS Lambda
AWS Lambda CloudWatch Logs
CloudWatch Events
CloudTrail
AWS Lambda
AWS Lambda
auto-update CloudWatch retention policy
auto-create alarms for new APIs
auto-create dashboards for new APIs
alert on suspi...
WEB APPS
CloudFront S3
Browser
API Gateway AWS Lambda DynamoDBRoute53
CloudFront S3
Browser
API Gateway AWS Lambda DynamoDBRoute53
CloudFront S3
Browser
Cognito
Federated
Identities
Sync
User Flows
Registration
Verify email/phone
Secure sign-in
Forgotten password
Change password
Sig...
Federated
Identities
Sync
Leading Practices
Secure password handling
with SRP protocol
Encrypt all data server-side
Passwo...
Cognito
Federated Identities
Cognito
User Pools
Facebook TwitterGoogle
…
identity providers
authenticate
Cognito
Federated Identities
Cognito
User Pools
Facebook TwitterGoogle
…
identity providers
authenticate token
Cognito
Federated Identities
Cognito
User Pools
Facebook TwitterGoogle
…
identity providers
authenticate token
token
validate
Cognito
Federated Identities
Cognito
User Pools
Facebook TwitterGoogle
…
identity providers
authenticate token
to...
validate
Cognito
Federated Identities
Cognito
User Pools
Facebook TwitterGoogle
…
identity providers
authenticate token
to...
validate
Cognito
Federated Identities
Cognito
User Pools
Facebook TwitterGoogle
…
identity providers
API Gateway S3 Dynamo...
what about Multi-Region support?
https://aws.amazon.com/dynamodb/global-tables
http://amzn.to/2Bwb5j6
API Gateway AWS Lambda
DynamoDB
Route53
CloudFront S3
Browser
API Gateway AWS Lambda
eu-west-1
us-east-1
http://bit.ly/2FGKsuA
DATA LAKES
S3 Buckets
S3 Buckets
IAM
S3 Buckets
KMSIAM
S3 Buckets
KMS MacieIAM
S3 BucketsKinesis Streams Kinesis Firehose
KMS MacieIAM
S3 BucketsKinesis Streams
AWS Lambda
KMS MacieIAM
Kinesis Firehose
S3 BucketsKinesis Streams
AWS Lambda
KMS MacieIAM
AWS Lambda
Kinesis Firehose
S3 BucketsKinesis Streams
AWS Lambda AWS Lambda
KMS MacieIAM
AWS Lambda
Kinesis Firehose
S3 BucketsKinesis Streams
AWS Lambda AWS Lambda
KMS MacieIAM
AWS Lambda
DynamoDB
ElasticSearch
Kinesis Firehose
S3 BucketsKinesis Streams
AWS Lambda AWS Lambda
KMS MacieIAM
AWS Lambda Google BigQuery
Kinesis Firehose
S3 BucketsKinesis Streams
AWS Lambda AWS Lambda
Athena QuickSight
KMS MacieIAM
AWS Lambda
Kinesis Firehose
S3 BucketsKinesis Streams
AWS Lambda AWS Lambda
Athena QuickSight
KMS MacieIAM
AWS Lambda
Kinesis Firehose
DECOUPLED
INVOCATION
Decoupled Invocation
How can a service handle normal
request loads, peak request loads,
and a continuous period of high
lo...
business logic requires expensive processing
API Gateway
max integration timeout is 29 seconds
http://amzn.to/2BwW5Bx
downstream systems not as scalable
decouple reply from the initial request
APIClient
POST /do_something
workerAPIClient
POST /do_something
202 /result_location
do work
workerAPIClient
POST /do_something
202 /result_location
GET /result_location
202 /result_location
do work
workerAPIClient
POST /do_something
202 /result_location
GET /result_location
202 /result_location
do work
work done
workerAPIClient
POST /do_something
202 /result_location
GET /result_location
202 /result_location
do work
work done
GET /r...
amortises spikes in load
allows fast response back to caller whilst
promises to finish work later
allows flexible retry strategies by removing the
urgency of having to reply to caller right away
DynamoDB
API Gateway
POST
task id created at result
xxx xxx <null>
xxx xxx <null>
… … …
task results
not ready
PutItem
DynamoDB
API Gateway
POST
task id created at result
xxx xxx <null>
xxx xxx <null>
… … …
task results
not ready
SQS
DynamoDB
API Gateway
202
task id created at result
xxx xxx <null>
xxx xxx <null>
… … …
task results
not ready
SQS
use “created at” timestamp to timeout
polling requests and avoid infinite retry
DynamoDBAPI Gateway
GET
task id created at result
xxx xxx <null>
xxx xxx <null>
… … …
task results
not ready
SQS
DynamoDBAPI Gateway
202
task id created at result
xxx xxx <null>
xxx xxx <null>
… … …
task results
not ready
SQS
DynamoDB
task id created at result
xxx { … }
xxx <null>
… …
task results
done
UpdateItem
xxx
xxx
…
SQS
DynamoDBAPI Gateway
GET
task id created at result
xxx xxx { … }
xxx xxx <null>
… … …
task results
done
DynamoDBAPI Gateway
200 { … }
also consider using Kinesis Streams or
DynamoDB Streams as queue
but SNS is a poor choice
(invocation-per-message means no amortisation)
PUB-SUB
msg broker
subscriber
subscriber
subscriber
subscriber
…
one message, many consumers
good for decoupling data processing
independent failures
partial failures are easier to manage
SNS, Kinesis Streams, DynamoDB Streams, etc…
SNS
2 retries then DLQ
SNS
2 retries then DLQ
invocation per msg
SNS
2 retries then DLQ
invocation per msg
might run into
throttling limits
consider impact on
downstream
SNS
suffers from temporal issues
msg/s
time
max throughput
erred and retried
msg/s
time
max throughput
erred and retried
msg/s
time
max throughput
downstream outage
Kinesis
retried until success
Kinesis
retried until success
invocation per shard
Kinesis
better handling of temporal issues
msg/s
time
processed
max throughput amortised
received
msg/s
time
max throughput
downstream outage
processed
received
DynamoDB
Streams
DynamoDB
Kinesis Streams or DynamoDB Streams?
what is your source of truth?
limited to events from one table
records describe DynamoDB events,
not events from your domain
auto-scales no. of shards
cannot extend data retention beyond 24 hours
charged based on no. of requests
($0.02 per 100,000 read request units)
1 msg/s for a month, 1KB per msg
$0.47
1 x 60s x 60m x 24hr x 30days
@ $0.014 per mil
+
24hrs x 30days
@ $0.015 per hr
$10...
1k msg/s for a month, 1KB per msg
1k x 60s x 60m x 24hr x 30days
@ $0.014 per mil
+
24hrs x 30days
@ $0.015 per hr
$47.088...
DON’T take these projections at face value!
SNS
no restriction on
destination target
SNS
no restriction on
destination target
need to handle partial
failures & retries
SNS
SAGA
pattern for managing failures where each
action has a compensating action for rollback
https://www.youtube.com/watch?v=xDuwrtwYHu8
Begin transaction
Start book hotel request
End book hotel request
Start book flight request
End book flight request
Start bo...
model actions and compensating
actions as Lambda functions
actions
compensating actions
state machine in AWS Step Functions as
the coordinator for the saga
AWS Step Functions
http://bit.ly/2uTJBE3
input
source code available here:
https://github.com/theburningmonk/lambda-saga-pattern
@theburningmonk
theburningmonk.com
github.com/theburningmonk
Serveless design patterns
Serveless design patterns
Serveless design patterns
Serveless design patterns
Serveless design patterns
Serveless design patterns
Serveless design patterns
Serveless design patterns
Serveless design patterns
Serveless design patterns
Serveless design patterns
Serveless design patterns
Serveless design patterns
Serveless design patterns
Serveless design patterns
Serveless design patterns
Serveless design patterns
Serveless design patterns
Serveless design patterns
Upcoming SlideShare
Loading in …5
×

Serveless design patterns

194 views

Published on

Serverless technologies like AWS Lambda has drastically simplified the task of building reactive systems - drop a file into S3 and a Lambda function would be triggered to process it, push an event into a Kinesis stream and magically it'll be processed by a Lambda function in real-time, you can even use Lambda to automate the process of auditing and securing your AWS account by automatically reacting to rule violations to your security policy.

Join us in this talk to see some architectural design patterns that have emerged with AWS Lambda, and learn how to pick the right event source based on the tradeoffs you want. Amongst the many patterns we'll explore, here are a few to whet your appetite : pub-sub, cron, push-pull, saga and decoupled invocation.

Published in: Technology
  • Be the first to comment

Serveless design patterns

  1. 1. SERVERLESS DESIGN PATTERNS
  2. 2. Yan Cui http://theburningmonk.com @theburningmonk
  3. 3. 2014
  4. 4. “Serverless”
  5. 5. Gojko Adzic It is serverless the same way WiFi is wireless. http://bit.ly/2yQgwwb
  6. 6. Serverless means… don’t pay for it if no-one uses it don’t need to worry about scaling don’t need to provision and manage servers
  7. 7. “Function-as-a-Service” AWS Lambda Azure Functions Google Cloud Functions Auth0 Webtask Spotinst Functions Kubeless IBM Cloud Functions
  8. 8. AWS Lambda
  9. 9. AWS Lambda API Gateway IOT SNS Kinesis CloudWatch
  10. 10. IaaS Function Application Runtime Container OS Virtualization Hardware CaaS Function Application Runtime Container OS Virtualization Hardware PaaS Function Application Runtime Container OS Virtualization Hardware FaaS Function Application Runtime Container OS Virtualization Hardware User User (scalable unit) Provider
  11. 11. IaaS Function Application Runtime Container OS Virtualization Hardware CaaS Function Application Runtime Container OS Virtualization Hardware PaaS Function Application Runtime Container OS Virtualization Hardware FaaS Function Application Runtime Container OS Virtualization Hardware User User (scalable unit) Provider
  12. 12. Serverless FaaS other Databas Storage BI
  13. 13. SERVERLESS WILL FUNDAMENTALLY CHANGE HOW WE BUILD BUSINESS AROUND TECHNOLOGY AND HOW YOU CODE. Simon Wardley
  14. 14. more Scalable (and scales faster!)
  15. 15. Cheaper (don’t pay for idle servers)
  16. 16. Resilience (built-in redundancy and multi-AZ)
  17. 17. idea production choose language + framework master language + framework figure out deployment configure AMI configure ELB configure autoscaling capacity planning over-provision for launch are we doing microservices? configure CI/CD
  18. 18. idea production choose language + framework master language + framework figure out deployment configure AMI configure ELB configure autoscaling capacity planning over-provision for launch are we doing microservices? configure CI/CD
  19. 19. idea production greater Velocity from idea to product
  20. 20. minimise Undifferentiated heavy-lifting
  21. 21. Less ops responsibility on your shoulders
  22. 22. https://www.youtube.com/watch?v=pptsgV4bKv8
  23. 23. http://bit.ly/2Dpidje
  24. 24. events are an enabler for COMPOSABILITY
  25. 25. AWS LAMBDA is the...
  26. 26. PATTERNS
  27. 27. WARNING!!
  28. 28. A DESIGN PATTERN IS NOT... A RECIPE FOR SUCCESS
  29. 29. Pattern /pat(ə)n/ A pattern is the repeated or regular way in which something happens or is done.
  30. 30. UNDERSTAND YOUR PROBLEMS AND CONSTRAINTS OVER FOLLOWING A PATTERN. me
  31. 31. http://bit.ly/2Goq5mY
  32. 32. I’m not trying to sell you a “magic” elixir!
  33. 33. there are no silver bullets
  34. 34. Pattern /pat(ə)n/ A pattern is the repeated or regular way in which something happens or is done.
  35. 35. CRON
  36. 36. AWS LambdaCloudWatch Events
  37. 37. CloudWatch Events
  38. 38. OPS AUTOMATION
  39. 39. AWS Lambda CloudWatch Logs
  40. 40. CloudWatch Logs
  41. 41. AWS Lambda CloudWatch Logs AWS Lambda
  42. 42. CloudWatch Logs
  43. 43. AWS Lambda CloudWatch Logs CloudTrail
  44. 44. CloudWatch Events
  45. 45. AWS Lambda CloudWatch Logs CloudWatch Events CloudTrail AWS Lambda
  46. 46. AWS Lambda CloudWatch Logs CloudWatch Events CloudTrail AWS Lambda AWS Lambda
  47. 47. AWS Lambda CloudWatch Logs CloudWatch Events CloudTrail AWS Lambda AWS Lambda
  48. 48. auto-update CloudWatch retention policy auto-create alarms for new APIs auto-create dashboards for new APIs alert on suspicious console logins alert on EC2 activities in unused regions …
  49. 49. WEB APPS
  50. 50. CloudFront S3 Browser
  51. 51. API Gateway AWS Lambda DynamoDBRoute53 CloudFront S3 Browser
  52. 52. API Gateway AWS Lambda DynamoDBRoute53 CloudFront S3 Browser Cognito
  53. 53. Federated Identities Sync User Flows Registration Verify email/phone Secure sign-in Forgotten password Change password Sign out Cognito User Pools
  54. 54. Federated Identities Sync Leading Practices Secure password handling with SRP protocol Encrypt all data server-side Password policies Token-based authentication MFA Support CAPTCHA Cognito User Pools
  55. 55. Cognito Federated Identities Cognito User Pools Facebook TwitterGoogle … identity providers authenticate
  56. 56. Cognito Federated Identities Cognito User Pools Facebook TwitterGoogle … identity providers authenticate token
  57. 57. Cognito Federated Identities Cognito User Pools Facebook TwitterGoogle … identity providers authenticate token token
  58. 58. validate Cognito Federated Identities Cognito User Pools Facebook TwitterGoogle … identity providers authenticate token token
  59. 59. validate Cognito Federated Identities Cognito User Pools Facebook TwitterGoogle … identity providers authenticate token token IAM credential
  60. 60. validate Cognito Federated Identities Cognito User Pools Facebook TwitterGoogle … identity providers API Gateway S3 DynamoDB SNSIOT Kinesis authenticate token token IAM credential IAM credential
  61. 61. what about Multi-Region support?
  62. 62. https://aws.amazon.com/dynamodb/global-tables
  63. 63. http://amzn.to/2Bwb5j6
  64. 64. API Gateway AWS Lambda DynamoDB Route53 CloudFront S3 Browser API Gateway AWS Lambda eu-west-1 us-east-1
  65. 65. http://bit.ly/2FGKsuA
  66. 66. DATA LAKES
  67. 67. S3 Buckets
  68. 68. S3 Buckets IAM
  69. 69. S3 Buckets KMSIAM
  70. 70. S3 Buckets KMS MacieIAM
  71. 71. S3 BucketsKinesis Streams Kinesis Firehose KMS MacieIAM
  72. 72. S3 BucketsKinesis Streams AWS Lambda KMS MacieIAM Kinesis Firehose
  73. 73. S3 BucketsKinesis Streams AWS Lambda KMS MacieIAM AWS Lambda Kinesis Firehose
  74. 74. S3 BucketsKinesis Streams AWS Lambda AWS Lambda KMS MacieIAM AWS Lambda Kinesis Firehose
  75. 75. S3 BucketsKinesis Streams AWS Lambda AWS Lambda KMS MacieIAM AWS Lambda DynamoDB ElasticSearch Kinesis Firehose
  76. 76. S3 BucketsKinesis Streams AWS Lambda AWS Lambda KMS MacieIAM AWS Lambda Google BigQuery Kinesis Firehose
  77. 77. S3 BucketsKinesis Streams AWS Lambda AWS Lambda Athena QuickSight KMS MacieIAM AWS Lambda Kinesis Firehose
  78. 78. S3 BucketsKinesis Streams AWS Lambda AWS Lambda Athena QuickSight KMS MacieIAM AWS Lambda Kinesis Firehose
  79. 79. DECOUPLED INVOCATION
  80. 80. Decoupled Invocation How can a service handle normal request loads, peak request loads, and a continuous period of high load without failing?
  81. 81. business logic requires expensive processing
  82. 82. API Gateway max integration timeout is 29 seconds http://amzn.to/2BwW5Bx
  83. 83. downstream systems not as scalable
  84. 84. decouple reply from the initial request
  85. 85. APIClient POST /do_something
  86. 86. workerAPIClient POST /do_something 202 /result_location do work
  87. 87. workerAPIClient POST /do_something 202 /result_location GET /result_location 202 /result_location do work
  88. 88. workerAPIClient POST /do_something 202 /result_location GET /result_location 202 /result_location do work work done
  89. 89. workerAPIClient POST /do_something 202 /result_location GET /result_location 202 /result_location do work work done GET /result_location 200 OK
  90. 90. amortises spikes in load
  91. 91. allows fast response back to caller whilst promises to finish work later
  92. 92. allows flexible retry strategies by removing the urgency of having to reply to caller right away
  93. 93. DynamoDB API Gateway POST task id created at result xxx xxx <null> xxx xxx <null> … … … task results not ready PutItem
  94. 94. DynamoDB API Gateway POST task id created at result xxx xxx <null> xxx xxx <null> … … … task results not ready SQS
  95. 95. DynamoDB API Gateway 202 task id created at result xxx xxx <null> xxx xxx <null> … … … task results not ready SQS
  96. 96. use “created at” timestamp to timeout polling requests and avoid infinite retry
  97. 97. DynamoDBAPI Gateway GET task id created at result xxx xxx <null> xxx xxx <null> … … … task results not ready SQS
  98. 98. DynamoDBAPI Gateway 202 task id created at result xxx xxx <null> xxx xxx <null> … … … task results not ready SQS
  99. 99. DynamoDB task id created at result xxx { … } xxx <null> … … task results done UpdateItem xxx xxx … SQS
  100. 100. DynamoDBAPI Gateway GET task id created at result xxx xxx { … } xxx xxx <null> … … … task results done
  101. 101. DynamoDBAPI Gateway 200 { … }
  102. 102. also consider using Kinesis Streams or DynamoDB Streams as queue
  103. 103. but SNS is a poor choice (invocation-per-message means no amortisation)
  104. 104. PUB-SUB
  105. 105. msg broker subscriber subscriber subscriber subscriber …
  106. 106. one message, many consumers
  107. 107. good for decoupling data processing
  108. 108. independent failures partial failures are easier to manage
  109. 109. SNS, Kinesis Streams, DynamoDB Streams, etc…
  110. 110. SNS
  111. 111. 2 retries then DLQ SNS
  112. 112. 2 retries then DLQ invocation per msg SNS
  113. 113. 2 retries then DLQ invocation per msg might run into throttling limits consider impact on downstream SNS
  114. 114. suffers from temporal issues
  115. 115. msg/s time max throughput erred and retried
  116. 116. msg/s time max throughput erred and retried
  117. 117. msg/s time max throughput downstream outage
  118. 118. Kinesis
  119. 119. retried until success Kinesis
  120. 120. retried until success invocation per shard Kinesis
  121. 121. better handling of temporal issues
  122. 122. msg/s time processed max throughput amortised received
  123. 123. msg/s time max throughput downstream outage processed received
  124. 124. DynamoDB Streams DynamoDB
  125. 125. Kinesis Streams or DynamoDB Streams?
  126. 126. what is your source of truth?
  127. 127. limited to events from one table
  128. 128. records describe DynamoDB events, not events from your domain
  129. 129. auto-scales no. of shards
  130. 130. cannot extend data retention beyond 24 hours
  131. 131. charged based on no. of requests ($0.02 per 100,000 read request units)
  132. 132. 1 msg/s for a month, 1KB per msg $0.47 1 x 60s x 60m x 24hr x 30days @ $0.014 per mil + 24hrs x 30days @ $0.015 per hr $10.836 1 x 60s x 60m x 24hr x 30days @ $0.5 per mil $1.296 DynamoDB StreamsSNSKinesis Streams 1 Write Capacity Unit @ $0.47 per unit
  133. 133. 1k msg/s for a month, 1KB per msg 1k x 60s x 60m x 24hr x 30days @ $0.014 per mil + 24hrs x 30days @ $0.015 per hr $47.088 1k x 60s x 60m x 24hr x 30days @ $0.5 per mil $1296.00 DynamoDB StreamsSNSKinesis Streams $470.00 1k Write Capacity Unit @ $0.47 per unit
  134. 134. DON’T take these projections at face value!
  135. 135. SNS
  136. 136. no restriction on destination target SNS
  137. 137. no restriction on destination target need to handle partial failures & retries SNS
  138. 138. SAGA
  139. 139. pattern for managing failures where each action has a compensating action for rollback
  140. 140. https://www.youtube.com/watch?v=xDuwrtwYHu8
  141. 141. Begin transaction Start book hotel request End book hotel request Start book flight request End book flight request Start book car rental request End book car rental request End transaction
  142. 142. model actions and compensating actions as Lambda functions
  143. 143. actions
  144. 144. compensating actions
  145. 145. state machine in AWS Step Functions as the coordinator for the saga
  146. 146. AWS Step Functions http://bit.ly/2uTJBE3
  147. 147. input
  148. 148. source code available here: https://github.com/theburningmonk/lambda-saga-pattern
  149. 149. @theburningmonk theburningmonk.com github.com/theburningmonk

×