devops days tel aviv - serverless architecture
TRANSCRIPT
SERVERLESS ARCHITECTURES
~ WHOAMI
▸ Full stack developer ~ 15years
▸ Cloud Architect
▸ DevOps evangelist
▸ Speaker
▸ Marathon runner
ANTONS KRANGA
@acankr
HOW DO WE WRITE APPS IN 2016
@acankr
@acankr
Chorr Microservice
@acankr
Chorr Microservice
runtime
@acankr
Chorr Microservice
container
package
runtime
@acankr
Chorr Microservice
cloud
container
package
runtime
deploy
@acankr
Chorr Microservice
runtime
cloud
container
package
deploy
VM
@acankr
Chorr Microservice
runtime
cloud
container
VM
package
deploy
RAM
# CPU
$$$ per hour
@acankr
Chorr Microservice
runtime
cloud
container
VM
package
deploy
RAM
# CPU
$$$ per hour
Scales in 9 minutes*
WHAT WE CAN DO DIFFERENT IN 2016?
@acankr
@acankr
cloud
@acankr
cloud
Container
@acankr
and runtime
cloud
Container with OS
@acankr
Chorr Microservice
and runtime
cloud
Container with OS
mount as volume
@acankr
Chorr Microservice
and runtime
cloud
Container with OS
mount as volume
JCVM Microservice
Schwarzz Microservice
…
@acankr
Chorr Microservice
and runtime
cloud
Container with OS
mount as volume
JCVM Microservice
Schwarzz Microservice
…
$$$ by 100 milliseconds
Scale in milliseconds
@acankr
Event
@acankr
Event
@acankr
IMPORTANT!!!
warm up time
Event
@acankr
Result
IMPORTANT!!!
warm up time
execution time
Event
@acankr
IMPORTANT!!!
warm up time
execution time
Constraints
Timeout in seconds
Max number or RAM
Event Result
LAMBDA
@acankr
- AWS Computing Service
- Designed to reflect async Actor Model
- Resilient and Scaleable
- 512 RAM
- Supports Runtimes- Java- Python- NodeJS- Go (implicitly)
- Max Timeout 5 mins
- Pricing: - 0.20$ per million requests.- Billable 100 milliseconds
@acankr
Lambda
API Gateway
EVENT SOURCE
Kinesis Data Streams
SNS Queue or Topic data
Lambda
other dataCONSUMER OR EVENT
CRON Job
LAMBDA DEPLOYMENT
@acankr
@acankr
LAMBDA
SERVICE
@acankr
CODE VERSIONS
LAMBDA
V1
SERVICE
@acankr
CODE VERSIONS
LAMBDA
V1
SERVICE ALIAS
LATEST
@acankr
CODE VERSIONS
LAMBDA
V1
V2
SERVICE ALIAS
LATEST
@acankr
CODE VERSIONS
LAMBDA
V1
V2
V3
SERVICE ALIAS
LATEST
@acankr
CODE VERSIONS
LAMBDA
V1
V2
V3
SERVICE ALIAS
LATEST
V4
@acankr
CODE VERSIONS
LAMBDA
V1
V2
V3
SERVICE ALIAS
STABLE
V4
LATEST
@acankr
CODE VERSIONS
LAMBDA
V1
V2
V3
SERVICE ALIAS
STABLE
V4
ENV
DEV
TEST
PROD
LATEST
EXPOSE LAMBDA
@acankr
@acankr
API Gateway
Lambda
+
- API Management Tool
- Authorization + Custom Authorizer
- Defines: Environment Variables for Lambda
- Can be defined with Swagger and imported
- Code Supports Versioning
- Integrated with CloudWatch
- Lambda Containers are Cached for 5 minutes
- Can be deployed with “apex.run” tool
- User can write files in /tmp
@acankr
GETPOSTPUTDELETE
dataAPI Gateway Lambda
ajax event
USER
@acankr
GETPOSTPUTDELETE
dataAPI Gateway Lambda
ajax event
USER
AuthorizerLambda
IdentityService Provider
@acankr
GETPOSTPUTDELETE
dataAPI Gateway Lambda
ajax event
USER
DB_URLDB_PORTDB_USER
Variables
AuthorizerLambda
IdentityService Provider
STAGEFUL BACKEND
@acankr
@acankr
GETPOSTPUTDELETE
dataAPI Gateway
ajax event
USER
DB_CONNECTION_STRING
Variables
dynamodb
@acankr
GETPOSTPUTDELETE
dataAPI Gateway
ajax event
USER
DB_URLDB_PORTDB_USER
Variables
Lambda
VPC
@acankr
GETPOSTPUTDELETE
dataAPI Gateway Lambda
ajax event
USER
DB_URLDB_PORTDB_USER
Variables
VPC
ACCESS POLICY
ec2:CreateNetworkInterfaceec2:AttachNetworkInterface
TODAYS MISSION
@acankr
@acankr
BUILD A SERVERLESS MAFIA GAME
WE HAVE GROUP OF PLAYERS THEY ALL HIDE THEIR IDENTITIES
YOU ARE THE DETECTIVE
@acankr
BUILD A SERVERLESS MAFIA GAME
MAFIA KNOWS THEIR IDENTITIES INNOCENT PEOPLE DON’T
@acankr
STAGES OF THE GAME
#1 NIGHT: MURDER
MAFIA AWAKENS MAFIA KILLS INNOCENT
#2 DAY: ACCUSATION
EVERYBODY AWAKENS PLAYERS ACCUSE EACH OTHER
MAFIA NEVER ACCUSES THEMSELVES INNOCENT ACCUSES EVERYBODY
#3 DAY: JUDGEMENT
DETECTIVE READS ALL ACCUSATIONS AND BRINGS ONE PLAYER TO THE JUDGEMENT
PLAYER UNVEILS HER IDENTITY AND LEAVES THE GAME
#4 GAME CONTINUES
@acankr
GAME DESIGN
User
01-new-game
API Gateway DynamoDB
02-game-state
03-night-murder
04-daily-accusation
05-user-judgement
GET
http
@acankr
DEPLOYMENT DESIGN
Makefile environment
game
Terraform Scripts
solutions
main.py game_controller.py
main.py
@acankr
DEPLOYMENT DESIGN
Makefile environment
game
Terraform Scripts
solutions
main.py game_controller.py
main.py
terraform.tfvars
@acankr
DEPLOYMENT DESIGN
Makefile environment
game
Terraform Scripts
solutions
main.py game_controller.py
main.py
terraform.tfvars
MAKEFILE
packageplanapplydestroy
all(default)
https://github.com/akranga/mafia-serverless
WORKSHOP MATERIALShttps://goo.gl/mQI6wi
LESSONS LEARNED
@acankr
DESIGN FOR 100MILLIS STEPS
@acankr
OPTIMIZE WARMUP TIME
@acankr
CACHE OUTSIDE OF HANDLER
@acankr
AVOID CALLING LAMBDA FROM LAMBDA
@acankr
GROUP HANDLER METHODS (SRP)
@acankr
THINK OF CONFIGURATION MANAGEMENT
@acankr
NO DEBUG IN LAMBDA ;(
@acankr
WRITE UNIT TESTS
@acankr
THEN DEPLOY TO TEST ENVIRONMENT
@acankr
THEN RUN INTEGRATION TESTS
@acankr
SERVERLESS BLUEPRINTS
@acankr
STATIC WEBSITE
@acankr
@acankr
- Highly Available Serverless Storage
- Scaleable and Elastic
- Replicated across 2 availability zones
- Supports HTTP requestsS3
@acankr
Static HTML
CSS/Media
Rich JavaScript AppsGET
http
S3 StorageCloudFrontUSER
@acankr
Static HTML
CSS/Media
Rich JavaScript Apps
R53 Domain
GET
http
example.com
S3 StorageCloudFrontUSER
@acankr
Static HTML
CSS/Media
Rich JavaScript Apps
COST MODEL: $0.03 GiB per Month
S3 HIGHLY AVAILABLE STORAGE
- Covered by AWS S3 SLA
- Durability: 99.999999999%
- Availability: 99.99%
SLOW WRITE OPERATIONS
R53 Domain
GET
http
example.com
S3 StorageCloudFrontUSER
DYNAMIC WEBSITE
@acankr
@acankr
GET
Static HTML
CSS/Media
Rich JavaScript AppsS3 StorageCloudFront
GETPOSTPUTDELETE
Dynamic DataData from DatabaseData from External Service
dataAPI Gateway Lambda
ajax
http
eventUSER
HIPSTER WEB PORTAL
@acankr
GOOD PORTAL NEEDS CMS
@acankr
"...USE GIT AS THE BASIS FOR A LIGHTWEIGHT CMS, WITH TEXT-BASED EDITING
FORMATS. GIT HAS POWERFUL FEATURES FOR TRACKING CHANGES AND
EXPLORING ALTERNATIVES, WITH A DISTRIBUTED STORAGE MODEL THAT IS FAST
IN USE AND TOLERANT OF NETWORKING ISSUES."
ThoughtWorks Technology Radar https://www.thoughtworks.com/radar/techniques/git-based-cms-git-for-non-code
assess since May 2015
BEST CMS
@acankr
CODECOMMIT
@acankr
- Git Repository Service
- Backed by S3 storage
- Price: $1 per user
- Only: us-west-1 region
CODECOMMIT
@acankr
Lambda
+
- Lambda doesn’t have GIT client.
- You can “statically link” git libraries with git2go library (libgit2)
- To read SSH key file with Lambda it must be stored in “/tmp” directory
- SSH private key must have 600 credentials
- SSH private key must be owned by user “sandbox”
@acankr
USER
GET
Static HTML
CSS/Media
Rich JavaScript AppsS3 StorageCloudFront
GETPOSTPUTDELETE
Dynamic DataData from DatabaseData from External Service
dataAPI Gateway Lambda
ajax
http
event
Lambda
push
EDITOR
event
document commit
PUT
Checkout documentRender or post-process Publish
CodeCommit
ALTERNATIVES
@acankr
@acankr
CompilationLambda
push
DEV
event
document commit
Checkout Compile
CodeCommit
PUT
S3
GET
Checkout Compile
TestingLambda
if needed long running tests
VMs
CREATE
DeploymentLambda
Lambda
SNS
ChatOps
ALTERNATIVES
@acankr
@acankr
- SERVICE FABRIC
- Runtimes: - ASP .NET (1Core)- NodeJS- etc
- Deployment:- REST API- PowerShell
- GOOGLE CLOUD FUNCTIONS (ALPHA)
- Runtimes: - NodeJS (only)
- Deployment:- gcloud
TAKEAWAYS
@acankr
@acankr
https://www.manning.com/books/aws-lambda-in-action
Book: AWS Lambda in Action MEAP
Begin in 2016 February
Publication: March 2017
Author: Danilo Poccia
ISBN: 9781617293719
PAY FOR ONLY WHAT YOU USE
@acankr