IAN MASSINGHAM

CHIEF EVANGELIST (EMEA)

AMAZON WEB SERVICES

AWS LAMBDA

@IANMMMMAWS LAMBDA

BUILDING BLOCKS FORINTERNET-SCALE APPS

AMAZON S3

STORAGE

AWS LAMBDA

FUNCTIONS

AMAZON DYNAMODB

DATA STORE

SIMPLICITY SCALABILITY LOW COST RELIABILITY LOW LATENCY

ALL SHARE THE SAME COMMON CHARACTERISTICS

AWS LAMBDA: INTERNET-SCALE COMPUTE PLATFORM

DEPLOY YOUR CODE IN SECONDS

SUB-SECOND METERING

NO SERVERS TO PROCURE, PROVISION OR MANAGE

MOBILE CHAT APP

AD DATA ANALYTICS AND ROUTING

MOBILE APP ANALYTICS

IMAGE CONTENT FILTERING

REAL-TIME VIDEO AD BIDDING

NEWS CONTENT PROCESSING

GENE SEQUENCE SEARCH

CLOUD TELEPHONY

DATA PROCESSING

WEB APPLICATIONS

WEB APPLICATIONSTHREAT INTELLIGENCE AND ANALYTICS

NEWS CONTENT PROCESSING

GAME METRICS ANALYTICS

SERVERLESS WEB APPLICATIONS

HTML IN S3

JAVASCRIPT

COGNITO

API GATEWAY DYNAMODB

SEARCH

RECOMMEND

CREATE/UPDATE

1. SERVERLESS WEB APPLICATIONS

Demo

@parallax

1. User visits

HTTPSGET /

S3 with CloudFront

2. CSS & JS

HTTPSGET*.js*.css

S3 with CloudFront

index.html

3. Lang detect

API Gateway w/Lambda

HTTPSGET/users/country

HTTPSPOST/users/update

4. User fills details

API Gateway w/Lambda

Inserted into DynamoDB

PAGE LIFECYCLE

5.

6.

7. 8.

5. FB Login

Hits Facebook Hosted Endpointvia Facebook Javascript SDK

6. YouTube

YouTube iframe

7. Start recording

API Gateway w/Lambda

Responds with S3 upload token

Uploads directly to S3 bucket over HTTPS using token

8. Upload recording

PAGE LIFECYCLE

HTTPSGET api.facebook.com

HTTPSGETyoutube.com

{“email”: “xyz”,“profile_id”: 123}

HTTPSGET/recordings/token

HTTPSPOSTbucket.s3.amazon/UID/recording-X.mp3

10. 11.

12. 13.

9. Submit details

API Gateway w/Lambda

10. Artwork gen

HTTPSPOST/users/generate_artwork

API Gateway w/Lambda.Create image, put on S3, return S3 image URL

11. Artwork display

CloudFront w/ S3

HTTPSGET/domain.com/UID.png

AddThis.js is populated with the share texts, and includes the S3 URL

HTTPGETaddthis.com/file.js

HTTPSPOST/users/update

{ url: “domain.com/UID.png” }

12. Social share 13. Social share

HTTPSGEThttps://twitter.com/intent/tweet?text=XYZ

Directly hits the social media service

PAGE LIFECYCLE

N-TIER MODEL

SERVERLESS MODEL

NODE.JS WEB APP

SERVER-SENT EVENT STREAMING RESPONSE

QUERY

S3

LAMBDA CASCADE FUNCTION N

LAMBDA CASCADE FUNCTION 0 LAMBDA

COUNTING FUNCTION 0

USER

LAMBDA COUNTING

FUNCTION 0

LAMBDA COUNTING

FUNCTION 0

LAMBDA COUNTING

FUNCTION 0

2. SERVERLESS DATA PROCESSING

WEB UI CASCADE PROCESS

3. INTERNET OF THINGS

AWS IoT

DEVICE SDK Set of client libraries to

connect, authenticate and exchange messages

DEVICE GATEWAY Communicate with devices via

MQTT and HTTP

AUTHENTICATION AUTHORIZATION

Secure with mutual authentication and encryption

RULES ENGINE Transform messages

based on rules and route to AWS Services

AWS Services - - - - -

3rd Party Services

DEVICE SHADOW Persistent thing state during

intermittent connections

APPLICATIONS

AWS IoT API

DEVICE REGISTRY Identity and Management of

your things

IOT BUTTON & LAMBDA DEMO

CLOUDWATCHEVENTS

LIFECYCLE HOOKS

CONFIG RULES

SCHEDULEDJOBS

ECOSYSTEM

4. CONNECTIVE TISSUE FOR AWS ENVIRONMENTS

AMAZON S3

STORAGE

AWS LAMBDA

FUNCTIONS

AMAZON DYNAMODB

DATA STORE

APIS EMAIL MESSAGING

NOTIFICATION MONITORING ENCRYPTION

SERVICES NOT SERVERS

THANK YOU@IANMMMM

re:Invent 2015• Python • Scheduled functions • Longer running times (5 min.) • Versioning

AWS Lambda: Recent Launches

2016• Higher code storage limits (from

5 GB to 75 GB) • VPC • New region: Frankfurt • Node.js 4.3.2 • Swagger API import • 1-minute schedules New!

Function Schedules: The how-to guide

✓ How can I keep a function warm (no cold starts)? Schedule it!

✓ How can I poll a queue (like SQS)? Schedule a function to read the queue.

✓ How can I get more timers? Have one scheduled function async invoke other functions.

✓ How can I get granularity finer than 1 minute? Run a background timer in your scheduled function.

Function Versioning: The how-to guide

✓ How can I get mutable configuration info? Read it (e.g. from DynamoDB) during function initialization. Wrap your config in a function and call it from your published code.

✓ How do I “roll back” in AWS Lambda? Using aliases, just switch what the alias points to. (As a collection, add API Gateway stages or CloudFormation.)

✓ How do I do blue/green deployments? AWS Lambda handles fleet deployments, but if you want to shape traffic, put a second “traffic cop” function in front.

✓ How can I lock a client/device onto an old version? Point them directly to that version’s ARN.

AWS Lambda VPC basics

• All Lambda functions run in a VPC, all the time • You never need to “turn on” security – it’s always on

• You can also grant Lambda functions access to resources in your own VPC • How: Add VPC subnet IDs and security group IDs to the function config • Typical uses: RDB, ElastiCache, private EC2 endpoints • Allows access to peered VPCs, VPN endpoints, and private S3 endpoints

• Functions configured for VPC access lose internet access… • unless you have managed NAT or a NAT instance in the VPC • …Even if you have “Auto-assign Public IP” enabled • …Even if you have an internet gateway set up in your VPC • …Even if your security group allows all outbound traffic

AWS Lambda VPC feature: Best practices

✓ VPC is optional – don’t turn in on unless you need it. ✓ The ENIs used by Lambda’s VPC feature count against

your quota. Ensure you have enough to match your peak concurrency levels (we’ll consolidate where we can). DO NOT delete or rename these ENIs! ☺

✓ Ensure your subnets have enough IPs for those ENIs. ✓ Specify at least one subnet in each Availability Zone

Otherwise, Lambda will obey, but can’t be as fault-tolerant.

Serverless web app architecture

1. Amazon S3 for serving static content 2. AWS Lambda for dynamic content 3. Amazon API Gateway for https access 4. Amazon DynamoDB for NoSQL data storage

Dynamic content in AWS Lambda

Data stored in Amazon

DynamoDB

API GatewayStatic content in Amazon S3

The serverless compute manifesto

Functions are the unit of deployment and scaling. No machines, VMs, or containers visible in the programming model. Permanent storage lives elsewhere. Scales per request. Users cannot over- or under-provision capacity. Never pay for idle (no cold servers/containers or their costs). Implicitly fault-tolerant because functions can run anywhere. BYOC – Bring your own code. Metrics and logging are a universal right.