Riga DevDays 2017 - Efficient AWS Lambda

EFFICIENT AWS LAMBDA ANTONS KRANGA

@acankr

@acankr

‣ Full stack developer ~ 15years

‣ Cloud Architect

‣ DevOps evangelist

‣ Speaker

‣ Marathon runner

ANTONS KRANGA

@acankr

ECONOMICS OF APPLICATION VIRTULIZATION ON AWS

▸ 64% or cloud costs refers to EC2 Instances

▸ 53% workloads Small Instances

▸ 29% workloads Medium size

https://goo.gl/1pmqKD

@acankr

ECONOMICS OF APPLICATION VIRTULIZATION ON AWS

▸ 64% or cloud costs refers to EC2 Instances

▸ 53% workloads Small Instances

▸ 29% workloads Medium size

▸ 16.7% Small instance utilization

▸ 11.9% Medium instance utilization

https://goo.gl/1pmqKD

@acankr

COSTS SAVING STRATEGIES

▸ Use only what you need

▸ Choose right size for instances

▸ Use Reserved instances

@acankr

CHALLENGES OF RESERVED INSTANCES

▸ Use only what you need

▸ Choose right size for instances

▸ Use Reserved instances

▸ Expect project run for short time

▸ Undecided about project size

▸ Fear of commitment

@acankr

AGENDA

▸ Introduction to FaaS

▸ Good and Bad code

▸ Serverless Patterns

@acankr

WHAT IS SERVERLESS

Lambda

@acankr

WHAT IS SERVERLESS

Lambda

CodeCommit

SmartHome

AlexaSkill IoT

API Gateway

S3 Storage

CloudWatchEvent

Logs

Cognito

SNS

Kinesis

Messages

DynamoDB

Internet of Things

Streaming

Development and Ops

Security

Trigger

@acankr

WHAT IS SERVERLESS

Lambda

CodeCommit

SmartHome

AlexaSkill IoT

API Gateway

S3 Storage

CloudWatchEvent

Logs

SNS

Kinesis

Messages

DynamoDB

Internet of Things

Streaming

Development and Ops

Security

Trigger

Container

Application CodeCognito

@acankr

WHAT IS SERVERLESS

Lambda

CodeCommit

SmartHome

AlexaSkill IoT

API Gateway

S3 Storage

CloudWatchEvent

Logs

SNS

Kinesis

Messages

DynamoDB

Internet of Things

Streaming

Development and Ops

Security

Trigger Event AWS Service

Container

Application CodeCognito

@acankr

▸ Price: $0.208 - $2.501 per 1M executions

▸ RAM: 128MB - 1536MB

▸ vCPU Cores: 2

▸ Ephemeral Disk: 512MB

▸ Write Partition: /tmp/*

▸ Timeout: 300sec

▸ Body Payload: 6MB

]▸ Price: $0.023 per Hour (t2-small)

▸ RAM: 2GB

▸ vCPU Cores: 1

▸ Ephemeral Disk or EBS

▸ Timeout: no

Lambda EC2 (VM)

VS

@acankr

▸ NodeJS 4.6

▸ NodeJS 6.10

▸ Python 2.7

▸ Python 3.6

▸ Java 8

▸ C#

▸ EdgeJS 4.6

]

Language RuntimesCONFIGURATION MANAGEMENT

SECRET MANAGEMENT

SERVICE DISCOVERY

EXPOSURE AND AUTH

PRIVATE CLOUD ACCESS

APPLICATION DEVELOPMENT SERVICES

@acankr

▸ NodeJS 4.6

▸ NodeJS 6.10

▸ Python 2.7

▸ Python 3.6

▸ Java 8

▸ C#

▸ EdgeJS 4.6

Language Runtimes

MINIMALISTIC LAMBDA EXECUTION

First Execution Next Execution RAM Used

3.06ms 0.34ms 23MB

3.07-9.06ms 0.25 - 4.67ms 22MB

12.07 - 30.56ms 0.37 - 0.64ms 50MB

31.07ms 18MB0.29 - 9.96ms

0.17ms 0.18 - 0.38ms 20MB

@acankr

LAMBDA HANDLERS

BUILD.GRADLEapply plugin: 'java'version = '1.0.0'mainClassName='Main'

repositories { mavenCentral()}

dependencies { compile ( 'com.amazonaws:aws-lambda-java-core:1.1.0', 'com.amazonaws:aws-lambda-java-events:1.1.0' )}

MAIN.JAVApublic class Main implements RequestHandler<String, String> {

public String handleRequest(String input, Context context) {context.getLogger().log("My input is: " + input);return "Hello: " + input

}

}

INDEX.PYimport logginglog = logging.getLogger()log.setLevel(logging.INFO)

def handler(event, context): log.debug(event) return {'message': 'Hello from Lambda'}

INDEX.JS

exports.handler = (event, context, callback) => { console.log(event) callback(null, {'message': 'Hello from Lambda'});};

DEPLOY CODE

@acankr

LAMBDA

SERVICE

@acankr

CODE VERSIONS

LAMBDA

V1

SERVICE

@acankr

CODE VERSIONS

LAMBDA

V1

SERVICE ALIAS

LATEST

@acankr

CODE VERSIONS

LAMBDA

V1

V2

SERVICE ALIAS

LATEST

@acankr

CODE VERSIONS

LAMBDA

V1

V2

V3

SERVICE ALIAS

LATEST

@acankr

CODE VERSIONS

LAMBDA

V1

V2

V3

SERVICE ALIAS

LATEST

V4

@acankr

CODE VERSIONS

LAMBDA

V1

V2

V3

SERVICE ALIAS

STABLE

V4

LATEST

@acankr

CODE VERSIONS

LAMBDA

V1

V2

V3

SERVICE ALIAS

STABLE

V4

ENV

DEV

TEST

PROD

LATEST

@acankr

▸ CloudFormation and/or Terraform for initial deployment

▸ Setup Cloud Resources

▸ Inject dependencies via ENV VARS

▸ Encrypt Secrets with KMS

▸ CLI “update-function-code” for incremental deployment

EXPOSE LAMBDA

@acankr

API Gateway

Lambda

+

- API Management Tool

- Authorization + Custom Authorizer

- Defines: Environment Variables for Lambda

- Can be defined with Swagger and imported

- Code Supports Versioning

- Integrated with CloudWatch

- Lambda Containers are Cached for 5 minutes

- Can be deployed with “apex.run” tool

- User can write files in /tmp

@acankr

GETPOSTPUTDELETE

dataAPI Gateway Lambda

ajax event

USER

@acankr

GETPOSTPUTDELETE

dataAPI Gateway Lambda

ajax event

USER

AuthorizerLambda

IdentityService Provider

CHALLENGES

@acankr

▸ Challenge of first execution

▸ Lack of Remote Debug

▸ Heavily Rely on Unit Tests

▸ Expect Unpredictable Event Payload

@acankr

▸ You never know who is calling you

▸ Function events are coming in different format

▸ Use ‘jsonschema’ to validate

@acankr

API GATEWAY CHALLENGES▸ Use LAMBA_PROXY integration

▸ Always check incoming payload

▸ Body transferred as String

STATEFUL LAMBDA

@acankr

GETPOSTPUTDELETE

dataAPI Gateway

ajax event

USER

DB_URL

DB_PORT

DB_USER

Environment Variables

Lambda

VPC

KMS encrypted DB_PASSWORD

@acankr

GETPOSTPUTDELETE

dataAPI Gateway

ajax event

USER

DynamoDB Table

Environment Variables

Lambda DynamoDB

STEP FUNCTIONS

@acankr

▸ Model flows of Lambda Functions

▸ Conditional flows

▸ Design error handling

▸ Design conditional execution

▸ Output of previous function will be input of next

WEBSITE EXAMPLE

@acankr

GET

Static HTML

CSS/Media

Rich JavaScript Apps

S3 StorageCloudFront

GETPOSTPUTDELETE

Dynamic DataData from DatabaseData from External Service

dataAPI Gateway Lambda

ajax

http

eventUSER

DynamoDB

R53 Domain

example.com

HIPSTER PORTAL

HIPSTER PORTAL

"...USE GIT AS THE BASIS FOR A LIGHTWEIGHT CMS, WITH TEXT-BASED EDITING FORMATS. GIT

HAS POWERFUL FEATURES FOR TRACKING CHANGES AND EXPLORING ALTERNATIVES, WITH A

DISTRIBUTED STORAGE MODEL THAT IS FAST IN USE AND TOLERANT OF NETWORKING ISSUES."

ThoughtWorks Technology Radar https://www.thoughtworks.com/radar/techniques/git-based-cms-git-for-non-code

assess since May 2015

@acankr

Lambda

+ - Lambda doesn’t have GIT client.

- You can “statically link” git libraries with git2go library (libgit2)

- To read SSH key file with Lambda it must be stored in “/tmp” directory

- SSH private key must have 600 credentials

- SSH private key must be owned by user “sandbox”

Code Commit

- Git Repository Service

- Backed by S3 storage

- Price: $1 per user

- Only: us-west-1 region

@acankr@acankr

USER

GETS3 Storage

CloudFront

GETPOSTPUTDELETE

dataAPI Gateway Lambda

ajax

http

event

Lambda

push

EDITOR

event

document commit

PUT

Checkout documentRender or post-process Publish

CodeCommit

DynamoDB

STREAM

Invalidate Cache

Lambda

SERVERLESS CI

@acankr

CompilationLambda

push

DEV

event

document commit

Checkout Compile

CodeCommit

PUT

S3

GET

Checkout Compile

TestingLambda

if neededlong running tests

VMs

CREATE

DeploymentLambda

Lambda

SNS

ChatOps

TAKEAWAYS

@acankr

TAKEWAYS

▸ Optimize for what you use

▸ Split deployment code to: initial and incremental

▸ Lambdas are best for rare events (cluster events, chatbots etc)

▸ Lambdas bad for UI

@acankr

FRAMEWORKS

▸ All frameworks we checking are limiting

▸ CloudFormation and Terraform for initial deployment

▸ Serverless to support Lambda on NodeJS

▸ Chalice for Python runtime

@acankr

- AZURE FUNCTIONS

- Runtimes: - ASP .NET (1Core)- NodeJS- etc

- Deployment:- REST API- PowerShell

- GOOGLE CLOUD FUNCTIONS

- Runtimes:- NodeJS (only)

- Deployment:- gcloud

@acankr

Book: AWS Lambda in Action MEAP

Begin in 2016 February

Publication: March 2017

Author: Danilo Poccia

ISBN: 9781617293719

https://www.manning.com/books/aws-lambda-in-action

THANK YOU