lambda and serverless - devops north east jan 2017

AWS Lambda and Serverless

Look mam, nee servers!

Mike Shutlar, Expert Flamebaiterfor DevOps North East 2017-01-19

Lambda

What is AWS Lambda?

A compute service

No infrastructure resources...

● to provision

● to set up

● to manage

● to pay for 24/7 whether in use or not

Scales automatically

Only pay for what is used

What is AWS Lambda?

BYOC - Bring Your Own Code

Available runtimes:

● Node.js v4.3

● Python 2.7

● Java 8

● C# (.NET Core 1.0.1)

Behind the scenes: executes within Amazon Linux containers

Lambda Functions

Confusingly named

Stateless

● Store state in DynamoDB, S3, etc...

● Can cache in /tmp - unreliably

Will run if...

● Configured to act on events (e.g. S3 bucket writes)

● Directly invoked via the API

● Scheduled to

● Configured as an endpoint for API Gateway○ This allows its use in serverless

Lambda Functions

Can call primitive Linux utilities

Can create threads/processes

● These can be frozen

Package function in a zip

● Can include libraries

● Can include native libraries

● Can include native binaries

● Max 50 MB compressed/250 MB uncompressed

Lambda Function Configuration

Allocate memory

● 128 MB → 1536 MB

● Affects CPU resources allocated

Set timeout (up to 300 seconds)

Can VPC-enable with an ENI (so can access private resources)

Can set up dead letter queue (Lambda retries failures twice)

Environment vars, versioning, aliases

Lambda Function Execution

From cold:

1. New container is created

2. Lambda function code copied to it

3. Lambda function is initialised

4. Lambda function is executed

5. Container is frozen when function terminates/times out○ This also can be referred to as “warmed”/”hot” - yay, confusion!

Steps #1 -> #3 can take time, ~1 to 9 seconds

Python least delay from cold, Java longest

Lambda Function Execution

If warm container is used:

1. Container is thawed

2. Lambda function is executed

3. Container is frozen when function terminates/timeout

Step #1 takes < 100ms

Java has least delay when warm

Note: no guarantees that warm container will be used

Lambda in use

Lambda in use in production

Web form serverless backend

Virus scanning & resizing uploaded files

Simple automatic image thumbnailer

Connecting AWS alarms to internal monitoring

Dynamically calculating subnet CIDRs for CloudFormation stacks

Processing config changes & alerting on unsafe actions

...and more

Benefits of Lambda

Quick to create and deploy

Connective tissue for AWS resources

Reduce server maintenance

Potentially unlimited instant scalability

Smaller attack surface

Cheap! (Generous permanent free tier)

● 1m requests/month free, $0.0000002 per request after

● 400,000 GB-seconds compute/month free, $0.00001667 per GB-s after

Serverless

Voting Application

An example serverless application

https://github.com/infectedsoundsystem/lambda-refarch-webapp

Voting Application Components

AWS CloudFormation

To provision the AWS resources

Uses JSON/YAML templates

Allows to define infrastructure as code

Transforms AWS Serverless Application Model definitions

Amazon S3

Object storage

One bucket stores the Lambda code to deploy via CloudFormation

Another bucket stores the website HTML and assets

This bucket is configured for static website hosting

Amazon DynamoDB

NoSQL database PaaS with built-in HA/durability

Two tables, one for votes and one for vote aggregation

DynamoDB Streams enable reading and processing updates to the vote table

Amazon Cognito

Service that provides identity management and data sync

Primarily used for mobile applications

Used here to provide an identity pool to allow browser-side code to run as an

unauthenticated user that has IAM permissions to scan the DynamoDB vote

aggregation table directly

Amazon API Gateway

Allows to create publicly available REST APIs

Done by creating resources, and methods for these

These manage the requests and responses when invoking our Lambda function

One resource used here for voting via the website

Gives a public HTTPS endpoint for a Lambda function to be triggered via an

Ajax request containing the user’s vote

AWS Lambda

Four Lambda functions used here:

One to register votes received via the website

One that listens to a DynamoDB stream from the votes table, and aggregates the votes when

there are changes

One used as CloudFormation custom resource to create/configure our Cognito Identity Pool

One used as CFN custom resource to automatically configure static files with resource values

AWS Serverless Application Model

Used to define serverless applications on AWS

Based on CloudFormation

Defined in CFN templates and deployed as CFN stack

SAM objects simplify definition of common serverless resources

CloudFormation transformation expands these to normal CFN resource

definitions

https://github.com/awslabs/serverless-application-model

Putting it all together...

Demo

Demo

Please go to http://done.1f55.uk

Flame war!

Benefits of Serverless

Over traditional server architectures

Modularity and separation

Isolated deployments and failures

No ongoing server maintenance

Potentially unlimited instant scalability

Smaller attack surface

Cheap!

> 90%Running cost reduction when compared to a traditional HA server architecture.

(That’s before factoring in additional cost savings from reduced man-hours

incurred performing maintenance etc...)

Downsides & Hurdles

Compared to traditional server architectures

Not every web application will be suited for it

Occasional latency spike due to Lambda container creation (additional ~2-3 secs

average for Node.js runtime)

Requires initial learning curve to enable design and development of appropriate

application architectures

One last benefit...

All management of the application can be done in code.

Questions?

@mikeshutlar

linkedin.com/in/MikeShutlar

git.io/vMMm8

Thanks for voting!