Diese Präsentation wurde erfolgreich gemeldet.
Die SlideShare-Präsentation wird heruntergeladen. ×

Serverless Computing: build and run applications without thinking about servers

Anzeige
Anzeige
Anzeige
Anzeige
Anzeige
Anzeige
Anzeige
Anzeige
Anzeige
Anzeige
Anzeige
Anzeige

Hier ansehen

1 von 47 Anzeige

Weitere Verwandte Inhalte

Diashows für Sie (20)

Ähnlich wie Serverless Computing: build and run applications without thinking about servers (20)

Anzeige

Weitere von Amazon Web Services (20)

Serverless Computing: build and run applications without thinking about servers

  1. 1. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Serverless Computing Build and run applications without thinking about servers Diego Natali AWS Solutions Architect
  2. 2. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Agenda • Introduction to Lambda • Introduction to API Gateway • Introduction to SAM • What’s new • Demo • Deployment • Best Practices
  3. 3. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Serverless means … No server or container management Flexible scaling No idle capacity $ High availability
  4. 4. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. SaaS and serverless: a natural fit
  5. 5. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Serverless Applications Services (anything) Changes in data state Requests to endpoints Changes in resource state Event source Lambda function Node.js Python Java C# (.NET Core & Core 2.0) Go Ruby Powershell BYR – Bring your own Runtime
  6. 6. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. AWS Lambda AWS Fargate Amazon API Gateway Amazon SNS Amazon SQS AWS Step Functions COMPUTE DATA STORES INTEGRATION Amazon Aurora Serverless Amazon S3 Amazon DynamoDB AWS AppSync
  7. 7. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Serverless stack
  8. 8. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Deep Dive/Components
  9. 9. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Using AWS Lambda Bring your own code • Node.js, Java, Python, C#, Go, … • Bring your own libraries (even native ones) Simple resource model • Select power rating from 128 MB to 3 GB • CPU and network allocated proportionately Flexible use • Synchronous or asynchronous • Integrated with other AWS services Flexible authorization • Securely grant access to resources and VPCs • Fine-grained control for invoking your functions
  10. 10. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Using AWS Lambda Authoring functions • WYSIWYG editor or upload packaged .zip • AWS Cloud9 IDE • Third-party plugins (Eclipse, Visual Studio) Monitoring and logging • Metrics for requests, errors, and throttles • Built-in logs to Amazon CloudWatch Logs • Distributed tracing with AWS X-RayProgramming model • Use processes, threads, /tmp, sockets normally • AWS SDK built in (Python and Node.js) Stateless • Persist data using external storage • No affinity or access to underlying infrastructure
  11. 11. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Lambda Execution Model Synchronous (push) Asynchronous (event) Stream-based Amazon API Gateway AWS Lambda function Amazon DynamoDBAmazon SNS /order AWS Lambda function Amazon S3 reqs Amazon Kinesis changes AWS Lambda service function
  12. 12. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. AWS Lambda Concurrency control • Lambda: Concurrency metric • Lambda: Per-function concurrency throttles
  13. 13. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Amazon API Gateway Create a unified API frontend for multiple microservices Authenticate and authorize requests to a backend DDoS protection and throttling for your backend Throttle, meter, and monetize API usage by third-party developers
  14. 14. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. API Gateway overview Mobile Apps Websites Services Amazon API Gateway API Gateway Cache Public Endpoints on Amazon EC2 Amazon CloudWatch Monitoring All publicly accessible endpoints Lambda Functions Endpoints in VPC Applications & Services in VPC Any other AWS service Fully-managed CloudFront Distribution Edge-OptimizedRegionalPrivate Customer-managed CloudFront Distribution Applications & Services in the same AWS Region AWS Direct Connect On-premises HTTPS
  15. 15. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Choose the right API Endpoint type • Edge optimized: Designed to help you reduce client latency from anywhere on the Internet • Regional: Designed to reduce latency when calls are made from the same region as the API • Private: Designed to expose APIs only inside your VPC
  16. 16. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Go faster with Caching! Enable Caching: Configurable 0.5 GB – 237 GB
  17. 17. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Go faster with Caching! • Remember! Caching is for GET methods
  18. 18. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Control Connections to your API • Usage Plans: Throttle or monetize your APIs • Apply RPS limits • Apply Quotas by API, Stage, or Method API Key level throttling—configurable in usage plan Method level throttling—configurable in stage settings Account level throttling—limits can be increased Easily check per key Usage!
  19. 19. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Protect your APIs • Resource Policies: • Apply global security for the entire API • IAM Authorization: • Provides AuthN & AuthZ via IAM credentials • Lambda Authorizer: • Perform any type of Auth required. ie. Basic, Oauth, etc • Cognito Authorizer: • Integrate with Cognito User Pools
  20. 20. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. CloudWatch Metrics • API Calls Count • Latency • 4XXs, 5XXs • Integration Latency • Cache Hit Count • Cache Miss Count API Gateway Metrics Free at the Stage level Enable Detailed Metrics!
  21. 21. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Amazon API Gateway features: • Host multiple versions and stages of APIs • Create and distribute API Keys to developers • Leverage AWS Sigv4 to authorize access to APIs • Throttle and monitor requests to protect the backend • Leverage AWS Lambda • Manage cache to store API responses • Reduce latency and DDoS protection through CloudFront • SDK Generation for iOS, Android, and JavaScript • Swagger support • Request / Response data transformation and API mocking
  22. 22. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Federation Amazon Cognito overview Web and Mobile Apps Amazon Cognito Developers focus on what is special about their app Amazon Cognito handles auth and identity Managed User Directory Hosted UI AWS Credentials Standard Tokens
  23. 23. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Amazon Cognito: Identity management scenarios Business to Consumer Business to Business Business to Employee IoT Scenarios Enterprise DirectoryEnterprise Directory SAML Enterprise Directory SAML AWS IoT
  24. 24. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. AWS integrated authorization Amazon API Gateway AWS Application Load Balancer AWS Credentials (Any AWS service) Amazon Cognito Tokens Amazon Cognito Tokens Amazon Cognito Tokens Amazon Cognito API GW Amazon Cognito Amazon Cognito DynamoDB, Amazon S3, etc. ALB
  25. 25. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Amazon Cognito User Pools Custom Identity Providers AWS IAM authorization Lambda Authorizers API Gateway: three types of authorization Amazon Cognito Identity Pools Cognito Authorizers
  26. 26. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Auth Option #1: Amazon Cognito User Pools Authorizer Internet Mobile apps Partner Services AWS Lambda functions Endpoints on Amazon EC2 API Gateway Amazon Cognito Websites User login Built-in auth check OIDC token OIDC token Any publicly accessible endpoint
  27. 27. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. AWS Step Functions Easily coordinate multiple Lambda functions using visual workflows Visualize in the console Define in JSON Monitor executions
  28. 28. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Benefits of Step Functions Orchestration Change and add steps without writing code to evolve applications and innovate faster Coordinate and visualize Lambda functions as a series of steps to quickly create serverless apps Automatically trigger and track each step at scale and handle errors with built-in retry and fallback Productivity AgilityResilience
  29. 29. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. AWS Serverless Application Model (SAM) • Simplified template driven deployment model for serverless applications • Supported serverless resource types: functions, APIs, and tables • Supports anything AWS CloudFormation supports • Open specification (Apache 2.0) https://github.com/awslabs/serverless-application-model
  30. 30. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. SAM Template Tells AWS CloudFormation this is a SAM template it needs to transform Creates a Lambda function with the referenced managed IAM policy, runtime, code at the referenced zip location, and handler as defined. Also creates an API Gateway and takes care of all mapping/permissions necessary Creates a DynamoDB table with five read & write units AWSTemplateFormatVersion: '2010-09-09’ Transform: AWS::Serverless-2016-10-31 Resources: GetHtmlFunction: Type: AWS::Serverless::Function Properties: CodeUri: s3://sam-demo-bucket/todo_list.zip Handler: index.gethtml Runtime: nodejs4.3 Policies: AmazonDynamoDBReadOnlyAccess Events: GetHtml: Type: Api Properties: Path: /{proxy+} Method: ANY ListTable: Type: AWS::Serverless::SimpleTable
  31. 31. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. AWS SAM Local AWS CLI tool for local testing of serverless apps Works with lambda functions and “proxy-style” APIs Response object and function logs available on your local machine Uses open-source docker-lambda images to mimic lambda’s execution environment: • Emulates timeout, memory limits, runtimes https://github.com/awslabs/aws-sam-local
  32. 32. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. AWS Serverless Application Repository • Search and browse ready-made apps and samples • Customize open-source apps to get started quickly • Share apps privately or publically • Monetize APIs using the AWS Marketplace • All apps powered by AWS SAM
  33. 33. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Demo
  34. 34. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Frontend Serverless Architecture client Internet Amazon CloudFront Amazon S3
  35. 35. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Backend Serverless Architecture Internet Mobile Apps Websites Services AWS Amazon CloudFront Amazon SES Amazon DynamoDB Amazon API Gateway WebSocket API Amazon CloudWatch Monitoring
  36. 36. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Backend Serverless Architecture Internet Mobile Apps Websites Services AWS Amazon CloudFront Amazon SES Amazon DynamoDB Amazon CloudWatch Monitoring Amazon API Gateway WebSocket API
  37. 37. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Serverless DevOps / Deployment Components
  38. 38. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. How do we deploy a new version of our code? version NEW version OLD ?
  39. 39. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Automated CI/CD process Git push your changes from Cloud9 when ready to share… Set up an AWS CodePipeline to build automatically on updates Local Testing Source Build Test Deploy Monitoring AWS SAM
  40. 40. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. AWS CodeStar Start developing on AWS in minutes – 4 steps! Work across your team, securely Manage software delivery easily Choose from a variety of project templates Quickly develop, build, and deploy applications on AWS
  41. 41. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Serverless Deployment Patterns All at once All traffic goes from version OLD to NEW at once. Canaries/Linear A small % of production traffic is sent to version NEW, the remainder to version OLD. After some period of waiting for validation, traffic is shifted incrementally (with further validation) or fully to version NEW. Blue/Green Version NEW is deployed and tested against before taking production traffic. After validated all traffic goes from version OLD to NEW at once.
  42. 42. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Serverless Deployment Patterns Consideration Matrix Consumer impact Rollback Event Model Factors Deployment Speed All at once All at once Redeploy older version Any event model at low concurrency rate Immediate Blue/Green All at once with some level of production environment testing beforehand Revert traffic to OLD Better for async and sync event models at medium concurrency workloads Minutes to hours of validation and then immediate to customers Canaries/ Linear 1-10% typical initial traffic shift, then phased increases or all at once Revert traffic to OLD Better for high concurrency workloads Minutes to hours
  43. 43. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. NEW: Can deploy AWS Lambda!! Uses AWS SAM to deploy serverless applications Supports Lambda Alias Traffic Shifting enabling canaries and blue|green deployments Can rollback based on CloudWatch Metrics/Alarms Pre/Post-Traffic Triggers can integrate with other services (or even call Lambda functions) AWS CodeDeploy + Lambda
  44. 44. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. CodeDeploy comes with a number of added capabilities: • Custom deployment configurations. Examples: • “Canary 5% for 1 hour” • “Linear 20% every 1 hour” • Notification events via SNS on success/failure/rollback • Console with visibility on deploy status, history, and rollbacks. AWS CodeDeploy + Lambda NEW!
  45. 45. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. SAM Globals + Safe Deployments Globals: Function: Runtime: nodejs4.3 AutoPublishAlias: !Ref ENVIRONMENT MyLambdaFunction: Type: AWS::Serverless::Function Properties: Handler: index.handler DeploymentPreference: Type: Linear10PercentEvery10Minutes Alarms: # A list of alarms that you want to monitor - !Ref AliasErrorMetricGreaterThanZeroAlarm - !Ref LatestVersionErrorMetricGreaterThanZeroAlarm Hooks: # Validation Lambda functions that are run before & after traffic shifting PreTraffic: !Ref PreTrafficLambdaFunction PostTraffic: !Ref PostTrafficLambdaFunction
  46. 46. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Lambda Alias Traffic Shifting & AWS SAM Alarms: # A list of alarms that you want to monitor - !Ref AliasErrorMetricGreaterThanZeroAlarm - !Ref LatestVersionErrorMetricGreaterThanZeroAlarm Hooks: # Validation Lambda functions that are run before & after traffic shifting PreTraffic: !Ref PreTrafficLambdaFunction PostTraffic: !Ref PostTrafficLambdaFunction In SAM: Note: You can specify a maximum of 10 alarms
  47. 47. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Amazon API Gateway Canary Support Use canary release deployments to gradually roll out new APIs in Amazon API Gateway: • configure percent of traffic to go to a new stage deployment • can test stage settings and variables • API gateway will create additional Amazon CloudWatch Logs group and CloudWatch metrics for the requests handled by the canary deployment API • To rollback: delete the deployment or set percent of traffic to 0

×