progscon 2017: serverless architectures - rafal gancarz

87
SERVERLESS ARCHITECTURES

Upload: opencredo

Post on 16-Mar-2018

237 views

Category:

Science


1 download

TRANSCRIPT

Page 1: Progscon 2017: Serverless Architectures - Rafal Gancarz

SERVERLESS ARCHITECTURES

Page 2: Progscon 2017: Serverless Architectures - Rafal Gancarz

@RafalGancarz

Every Developer

WOULDN’T BE GREAT IF I COULD JUST RUN MY CODE SOMEWHERE?

Page 3: Progscon 2017: Serverless Architectures - Rafal Gancarz

Rafal GancarzLead Consultant @ OpenCredo

@RafalGancarz

Page 4: Progscon 2017: Serverless Architectures - Rafal Gancarz

(CC) Ray Sadler

BUILDING BLOCKS

Page 5: Progscon 2017: Serverless Architectures - Rafal Gancarz

@RafalGancarz

AWS Lambda

Java, C#, NodeJS, Python

sync & async invocation

1 million invocations and 400k GB-s free per month

$0.20 per 1 million requests and ~$6.65 for 400k GB-s thereafter

Page 6: Progscon 2017: Serverless Architectures - Rafal Gancarz

@RafalGancarz

Execution modelevent + context

callback (err, data) (NodeJS)

return value (Java, Python, C#)

Page 7: Progscon 2017: Serverless Architectures - Rafal Gancarz

@RafalGancarz

Hello World (NodeJS)console.log(‘Loading function’)

exports.handler = (event, context, callback) => { // console.log(JSON.stringify(event)); // your logic goes here callback(null, 'Hello from Lambda’); // callback(new Error(‘something went wrong’)); };

Page 8: Progscon 2017: Serverless Architectures - Rafal Gancarz

@RafalGancarz

Hello World (Python)from __future__ import print_function

import json

print('Loading function')

def lambda_handler(event, context): print("Received event: " + json.dumps(event, indent=2))

// your logic goes here

return “Hello from Lambda” #raise Exception('Something went wrong')

Page 9: Progscon 2017: Serverless Architectures - Rafal Gancarz

@RafalGancarz

AWS S3

durable, available* and scalable

functions as content processors

5 GB of storage and 15 GB of data transfer out to Internet each month for free

$0.03 per TB/month and $0.09 per GB data transfer out to Internet

* vast majority of the time

Page 10: Progscon 2017: Serverless Architectures - Rafal Gancarz

@RafalGancarz

Image resizer

S3 object

S3 bucket Lambda function

upload

notification

put

Page 11: Progscon 2017: Serverless Architectures - Rafal Gancarz

@RafalGancarz

AWS API Gateway

security, caching, throttling

functions as API implementations

1 million requests free per month

$3.50 per 1 million requests and $0.09/GB (for the first 10 TB, then cheaper)

Page 12: Progscon 2017: Serverless Architectures - Rafal Gancarz

@RafalGancarz

NPM Registry

API handler

API Gateway

publisherupload

NPM package tarball

Page 13: Progscon 2017: Serverless Architectures - Rafal Gancarz

@RafalGancarz

AWS DynamoDB

document and key-value

function as triggered procedures

25 GB of storage and 25 units of read capacity each month for free (~200k requests per month)

$0.25 per GB/month and $0.0065 per hour for 10 units of write capacity (36k writes/hour) or 50 units of read capacity (180k reads/hour)

Page 14: Progscon 2017: Serverless Architectures - Rafal Gancarz

@RafalGancarz

CRUD API

API handler

API Gateway

DynamoDB table

record processor

DynamoDB table

trigge

r

Page 15: Progscon 2017: Serverless Architectures - Rafal Gancarz

@RafalGancarz

AWS SNS

pub-sub, push notifications

functions as destinations

1m publishes, 1m mobile push notifications, 1k emails, 100k HTTP notifications and 1 GB of data transfer out each month for free

$0.50 per 1m publishes, $0.60 per 1m HTTP notifications and $0.09 per GB data transfer out to the Internet

Page 16: Progscon 2017: Serverless Architectures - Rafal Gancarz

@RafalGancarz

Async tasks

API handler

API Gateway

DynamoDB table

SNS topic

task executor

Page 17: Progscon 2017: Serverless Architectures - Rafal Gancarz

@RafalGancarz

AWS Kinesis Streams

pub-sub, persistent

functions as consumers

no free tier

$0.015 per shard/hour, $0.014 per 1m PUT payload units (25KB) + extended retention charges

data transfer is free

Page 18: Progscon 2017: Serverless Architectures - Rafal Gancarz

@RafalGancarz

AWS SQS

point to point messaging, persistent

poll based API, functions need to consume messages explicitly

1m requests (API actions or messages) each month for free

$0.40 per 1m requests (standard) or $0.50 per 1m requests (FIFO)

Page 19: Progscon 2017: Serverless Architectures - Rafal Gancarz

@RafalGancarz

Persistent consumers

API handler

API Gateway

SNS topic

SQS queue

Page 20: Progscon 2017: Serverless Architectures - Rafal Gancarz

@RafalGancarz

Serverless Ecosystem (AWS)

SES

LEX

Cloud Front

Route53

KMS

Cognito

Step Functions

SecurityDelivery

Mes

sagi

ng

Glacier

RDS

RedshiftElasti Cache

Athena

EMRES

Storage & Analytics

Artificial Intelligence

PollyRekognition

Operations

IoTAlexa Skills

Internet of Things

Oth

er

Cloud Trail

Batch

ECS

EC2

Legend: no servers in sight servers visible servers visible (VPC)

Page 21: Progscon 2017: Serverless Architectures - Rafal Gancarz

(CC) perceptions

ARCHITECTURE PATTERNS

Page 22: Progscon 2017: Serverless Architectures - Rafal Gancarz

@RafalGancarz

Beware of the Monolith

Page 23: Progscon 2017: Serverless Architectures - Rafal Gancarz

@RafalGancarz

Serverless Components

A B C

D

Page 24: Progscon 2017: Serverless Architectures - Rafal Gancarz

@RafalGancarz

Sync integrationA B

HTTPS (IAM/?)

HTTPS (IAM)

Page 25: Progscon 2017: Serverless Architectures - Rafal Gancarz

@RafalGancarz

Async integrationA B

Page 26: Progscon 2017: Serverless Architectures - Rafal Gancarz

@RafalGancarz

Async notificationsA B

Page 27: Progscon 2017: Serverless Architectures - Rafal Gancarz

(CC) etherlore

CONTINUOUS DELIVERY

DEPLOYMENT

Page 28: Progscon 2017: Serverless Architectures - Rafal Gancarz

@RafalGancarz

Infrastructure provisioningA

AWS CloudFormation

(SAM)

Hashicorp Terraform

(S3 remote state)

Page 29: Progscon 2017: Serverless Architectures - Rafal Gancarz

@RafalGancarz

Build/deployment pipeline

1 checkout

build (compile/transpile + execute unit tests)

deploy to DEVELOPMENT environment + execute component/API tests

deploy to TESTING environment + execute end to end tests

deploy to STAGING environment + execute smoke tests

deploy to PRODUCTION environment + execute smoke tests

2

3

4

5

6

Page 30: Progscon 2017: Serverless Architectures - Rafal Gancarz

@RafalGancarz

Infrastructure provisioningCI/CD orchestrator

A

B

CDEVELOPMENT

A

B

CTESTING

A

B

CSTAGING

A

B

CPRODUCTION

Page 31: Progscon 2017: Serverless Architectures - Rafal Gancarz

@RafalGancarz

Code deploymentsES 2015

+rollupjs.org babeljs.io

apex.run

Page 32: Progscon 2017: Serverless Architectures - Rafal Gancarz

@RafalGancarz

Testing

Unit testing (local/CI)

Acceptance testing (test environment)

Smoke testing (post deployment)

testing pyramid

Component testing (dev environment)

Page 33: Progscon 2017: Serverless Architectures - Rafal Gancarz

@RafalGancarz

Testing

+ +

Unit testing (local + CI)

+

Acceptance/functional testing (AWS)

+

Smoke testing (AWS)

+

(mochajs.org) (chaijs.com) (sinonjs.org) (proxyquire)

Page 34: Progscon 2017: Serverless Architectures - Rafal Gancarz

(CC) haru__q

SECURITY

Page 35: Progscon 2017: Serverless Architectures - Rafal Gancarz

@RafalGancarz

Security in depth

A B

team

CI/CD

IAM

IAM STS

IAM

IAM / API KEY / STS / CUSTOM

Page 36: Progscon 2017: Serverless Architectures - Rafal Gancarz

@RafalGancarz

Secret storage

API handler

API Gateway

secret

KMS

ciphertext

plaintext

key

generate key

Page 37: Progscon 2017: Serverless Architectures - Rafal Gancarz

(CC) Grégoire Lannoy

MONITORING

Page 38: Progscon 2017: Serverless Architectures - Rafal Gancarz

@RafalGancarz

AWS CloudWatch

scalable, managed

real-time monitoring

metrics, logs, alarms, events

Page 39: Progscon 2017: Serverless Architectures - Rafal Gancarz

(CC) Jérôme S

METRICS

Page 40: Progscon 2017: Serverless Architectures - Rafal Gancarz

@RafalGancarz

CloudWatch Metrics

retention: 1m (15 days), 5m (63 days), 1h (15 months)

basic monitoring (1m/5m) is free

10 metrics and 1 million API requests for free each month

$0.30 per metric/month for the first 10k metrics ($0.02 for metrics over 1M)

$0.01 for 1000 API requests

Page 41: Progscon 2017: Serverless Architectures - Rafal Gancarz

ALERTING(CC) Martin Abegglen

Page 42: Progscon 2017: Serverless Architectures - Rafal Gancarz

@RafalGancarz

CloudWatch Alarms

watches metrics over time

can trigger a function via SNS

10 alarms per month for free

$0.10 per alarm per month

Page 43: Progscon 2017: Serverless Architectures - Rafal Gancarz

@RafalGancarz

Serverless Alerting

function

CW alarm

SNS topic

email

SMS

channel

CW metric

condition

Page 44: Progscon 2017: Serverless Architectures - Rafal Gancarz

LOGGING

(CC) Mari Smith

Page 45: Progscon 2017: Serverless Architectures - Rafal Gancarz

@RafalGancarz

CloudWatch Logs

ingests and stores application logs

configurable retention period

5 GB data ingestion and 5 GB archived storage per month for free

$0.5985 per GB ingested per month

$0.0315 per GB archived per month

Page 46: Progscon 2017: Serverless Architectures - Rafal Gancarz

@RafalGancarz

Log Collection

CloudWatch log group

Lambda service

stdout

Lambda function

stderr

Page 47: Progscon 2017: Serverless Architectures - Rafal Gancarz

@RafalGancarz

Log Filtering

CloudWatch log group

CloudWatch metric

CloudWatch alarm

filter condition

Page 48: Progscon 2017: Serverless Architectures - Rafal Gancarz

@RafalGancarz

Log Browsing

log group Elastic Search

function

JSON

Kibana

Bunyan

Page 49: Progscon 2017: Serverless Architectures - Rafal Gancarz

EVENTS

(CC) JD Hancock

Page 50: Progscon 2017: Serverless Architectures - Rafal Gancarz

@RafalGancarz

CloudWatch Events

stores & streams application events

$1 per 1 million custom events

Page 51: Progscon 2017: Serverless Architectures - Rafal Gancarz

@RafalGancarz

DynamoDB dynamic capacity

function

SDK

event

metrics

table

Page 52: Progscon 2017: Serverless Architectures - Rafal Gancarz

HEALTH CHECKS

(CC) Rosmarie Voegtli

Page 53: Progscon 2017: Serverless Architectures - Rafal Gancarz

@RafalGancarz

Route53 Health Checks

monitors HTTP(S) endpoints

50 AWS endpoint checks per month for free

$0.50 per health check per month

$1 per feature (HTTPS, string matching, fast interval, latency) per month

Page 54: Progscon 2017: Serverless Architectures - Rafal Gancarz

@RafalGancarz

Health Checks

health check

metric alarm

api function table

Page 55: Progscon 2017: Serverless Architectures - Rafal Gancarz

TRACING

(CC) Ozzy Delaney

Page 56: Progscon 2017: Serverless Architectures - Rafal Gancarz

@RafalGancarz

AWS X-Ray

collects transaction traces

support for Lambda in preview

100k traces recorded and 1 million traces retrieved/scanned free per month

$5 per 1 million traces recorded and $0.50 per 1 million traces retrieved/scanned per month

Page 57: Progscon 2017: Serverless Architectures - Rafal Gancarz

AUDITING

(CC) The Steve

Page 58: Progscon 2017: Serverless Architectures - Rafal Gancarz

@RafalGancarz

AWS CloudTrail

audits all console, API, SDK activity

first copy of management event free

additional copies $2 per 100k events

$0.10 per 100k data events

Page 59: Progscon 2017: Serverless Architectures - Rafal Gancarz

@RafalGancarz

WHAT IS SERVERLESS?

Page 60: Progscon 2017: Serverless Architectures - Rafal Gancarz

(CC) theaucitron

Page 61: Progscon 2017: Serverless Architectures - Rafal Gancarz

@RafalGancarz

Cloud-native

Page 62: Progscon 2017: Serverless Architectures - Rafal Gancarz

@RafalGancarz

Platform as a Service (PaaS)

Page 63: Progscon 2017: Serverless Architectures - Rafal Gancarz

@RafalGancarz

Event-driven

Page 64: Progscon 2017: Serverless Architectures - Rafal Gancarz

@RafalGancarz

Managed runtime

Page 65: Progscon 2017: Serverless Architectures - Rafal Gancarz

@RafalGancarz

Serverless ≠ FaaS

Faas

Serverless

FaaS = Function as a Service

Page 66: Progscon 2017: Serverless Architectures - Rafal Gancarz

@RafalGancarz

WHY SERVERLESS?

Page 67: Progscon 2017: Serverless Architectures - Rafal Gancarz

(CC) snapp3r

Page 68: Progscon 2017: Serverless Architectures - Rafal Gancarz

@RafalGancarz

Availability

Page 69: Progscon 2017: Serverless Architectures - Rafal Gancarz

@RafalGancarz

Scalability

Page 70: Progscon 2017: Serverless Architectures - Rafal Gancarz

@RafalGancarz

Economy

Page 71: Progscon 2017: Serverless Architectures - Rafal Gancarz

@RafalGancarz

Time to market

Page 72: Progscon 2017: Serverless Architectures - Rafal Gancarz

@RafalGancarz

Security

Page 73: Progscon 2017: Serverless Architectures - Rafal Gancarz

@RafalGancarz

Operability

Page 74: Progscon 2017: Serverless Architectures - Rafal Gancarz

@RafalGancarz

Culture

Page 75: Progscon 2017: Serverless Architectures - Rafal Gancarz

CHALLENGES(CC) mangpages

Page 76: Progscon 2017: Serverless Architectures - Rafal Gancarz

@RafalGancarz

Infancy

Page 77: Progscon 2017: Serverless Architectures - Rafal Gancarz

@RafalGancarz

Rapid Evolution

Page 78: Progscon 2017: Serverless Architectures - Rafal Gancarz

@RafalGancarz

Provider Lock-in

Page 79: Progscon 2017: Serverless Architectures - Rafal Gancarz

@RafalGancarz

Capacity management (DynamoDB, Kinesis Streams)

Page 80: Progscon 2017: Serverless Architectures - Rafal Gancarz

@RafalGancarz

Frameworks

Page 81: Progscon 2017: Serverless Architectures - Rafal Gancarz

@RafalGancarz

Tooling

Page 82: Progscon 2017: Serverless Architectures - Rafal Gancarz

THE FUTURE

(CC) matt northam

Page 83: Progscon 2017: Serverless Architectures - Rafal Gancarz

@RafalGancarz

Maturity

Page 84: Progscon 2017: Serverless Architectures - Rafal Gancarz

@RafalGancarz

Services & Tools

Page 85: Progscon 2017: Serverless Architectures - Rafal Gancarz

@RafalGancarz

Patterns

Page 86: Progscon 2017: Serverless Architectures - Rafal Gancarz

@RafalGancarz

Business Agility

Page 87: Progscon 2017: Serverless Architectures - Rafal Gancarz

(CC) Alan Turkus

THANK YOU! QUESTIONS?

@RafalGancarz