Is Serverless getting Serverful?

© 2021, Amazon Web Services, Inc. or its Affiliates. All
rights reserved. 2:00 am on Nov 21 Is Serverless getting Serverful? Snr. Serverless Specialist, Kensuke Shimokawa

rights reserved. It was someone's birthday a week ago, right?

rights reserved. But who?

rights reserved. Table • History of AWS Lambda • Shared responsibility model for AWS Lambda • Serverless Principle • With or Without • Without VPC • Without Custom Runtime • Without Provisioned Concurrency • Without EFS • With Agility

rights reserved. Now you don't have to think about servers!

rights reserved. But is that still true?

rights reserved. Let's look back on the history of AWS Lambda.

rights reserved. 2014 Introducing AWS Lambda 2015 Available in Asia Pacific (Tokyo) 5 Minute Functions 2016 Access Resources within a VPC 2018 up to 15 minutes custom runtimes 2019 Provisioned Concurrency 2020 supports EFS supports container images 2021 Lambda Extensions supports Graviton2 history of

rights reserved. Shared responsibility model for AWS Lambda AWS Customer Customer Function Code and Libraries Resource Configuration Identity & Access Management Compute Execution Environment Runtime Language Networking Infrastructure Server Software Hardware Regions Availability Zones EC2 Hardware

rights reserved. Shared responsibility model for AWS Lambda AWS Customer Resource Configuration Identity & Access Management Compute Execution Environment Runtime Language Networking Infrastructure Server Software Hardware Regions Availability Zones EC2 Hardware Customer Function Code and Libraries AWS Lambda enables customers for agility without compromising on scale or reliability.

rights reserved. Runtime Language Customer Function Code and Libraries Shared responsibility model for AWS Lambda AWS Customer Resource Configuration Identity & Access Management Compute Execution Environment Server Software Hardware Regions Availability Zones EC2 Hardware With VPC, customers can choose at least 2 subnets for Lambda to run functions in high availability mode. Networking Infrastructure

rights reserved. Customer Function Code and Libraries Shared responsibility model for AWS Lambda AWS Customer Resource Configuration Identity & Access Management Compute Execution Environment Networking Infrastructure Server Software Hardware Regions Availability Zones EC2 Hardware Runtime Language With custom runtimes, customers have to manage runtime security patches.

rights reserved. Networking Infrastructure Runtime Language Customer Function Code and Libraries Shared responsibility model for AWS Lambda AWS Customer Resource Configuration Identity & Access Management Compute Server Software Hardware Regions Availability Zones EC2 Hardware With Lambda Extensions, Execution Environment customers have to use Extensions API to integrate into Lambda execution environment.

rights reserved. Networking Infrastructure Runtime Language Execution Environment Customer Function Code and Libraries Shared responsibility model for AWS Lambda AWS Customer Resource Configuration Identity & Access Management Server Software Hardware Regions Availability Zones EC2 Hardware With Provisioned Concurrency, customers can scale resources based on a specific CloudWatch metric or at a specific date and time. Compute

rights reserved. You may have to think a little about servers.

rights reserved. Serverless enables customers for agility without compromising on scale or reliability.

rights reserved. Our Serverless Principles Greater agility Less overhead Better focus Increased scale More flexibility

rights reserved. Innovation Loop Experiment Listen Idea

rights reserved. We need agility for Innovation.

rights reserved. Let's go back to the principle.

rights reserved. Why do we need to attach Lambda to VPC? We may need RDBMS to query with SQL. We may need Redis for your cache to reduce latency. We may need File System for using package software that requires file ops. We may need fixed IP address for the system firewall. We may need proprietary security software to comply with corporate regulations.

rights reserved. Yes, you're right and you need VPC. Keep that radius small.

rights reserved. frontend Amazon Kinesis Data Streams AWS Lambda AWS Lambda Amazon Aurora (Normalized table) User Amazon DynamoDB (Denormalized table) Command-Query Responsibility Segregation Pattern 1/2 VPC

rights reserved. Command-Query Responsibility Segregation Pattern 2/2 User Amazon DynamoDB Streams (Denormalized table) AWS Lambda Amazon Aurora (Normalized table) frontend VPC

rights reserved. Do you really need to fix the IP address?

rights reserved. A security group acts as a virtual firewall that controls the traffic for one or more instances. AWS Identity and Access Management (IAM) provides fine-grained access control across all of AWS. With IAM, you can specify who can access which services and resources, and under which conditions. With IAM policies, you manage permissions to your workforce and systems to ensure least-privilege permissions. AWS Identity and Access Management (IAM)

rights reserved. https://aws.amazon.com/blogs/security/zero-trust-architectures-an-aws-perspective/ Zero Trust is a conceptual model and an associated set of mechanisms that focus on providing security controls around digital assets that do not solely or fundamentally depend on traditional network controls or network perimeters.

rights reserved. Why do you want to bring unmanaged runtime? We may need faster runtime to perform better. We may need familiar runtime for developers. We may need the language to comply with corporate regulations.

rights reserved. Yes, you're right and you need Custom Runtime. Keep that radius small.

rights reserved. https://martinfowler.com/bliki/PolyglotPersistence.html If you think in the context of Microservices, Your Lambda can be polyglot.

rights reserved. Why do you provision concurrency? We may need faster scale to perform better. We may need to avoid coldstart for UX. We may need to provide synchronous system.

rights reserved. Yes, you're right and you need to provision concurrency. Keep that radius small.

rights reserved. Microservices Microservices Microservices DB DB DB Queue REST REST Stream Browser Mobile REST REST Amazon API Gateway Cache css, js, html, image Static Contents CDN Cache WAF WAF Object Storage WebSocket Server push Use CDN, Server push, cache, rate limit, etc.

rights reserved. Can be asynchronous? Can be asynchronous? Can be asynchronous? Decision tree asynchronous asynchronous asynchronous synchronous (Ask yourself at least three times in your heart.)

rights reserved. Why do you need file system? We may need familiar access method to files. We may need to use proprietary software that requires file system. We may need to control cooperation between systems via files.

rights reserved. Yes, you're right and you need to control familiar file system. Keep that radius small.

rights reserved. Event Driven 1. Upload files to Amazon S3 bucket 2. Asynchronous execution of Lambda functions 1. Event payload • Bucket name • Object key 3. Image analysis using Amazon Rekognition 4. Save the result of image analysis 1 2 Amazon Rekognition Amazon DynamoDB 3 4 file Upload Event Amazon S3 Lambda Function Image analysis, Data persistence

rights reserved. Can be event driven? Can be event driven? Can be event driven? Decision tree Object Storage Queue Stream File system (Ask yourself at least three times in your heart.)

rights reserved. Is Serverless getting Serverful? No, it is not. Just It can be used for Serverful way. Go for Serverless as possible as you can.

rights reserved. Key Takeaways Serverless enables customers for agility without compromising on scale or reliability. If you feel your system less agility, make your Serverless loosely coupled from others.

rights reserved. Get Started Today Features, Use Cases, Pricing https://aws.amazon.com/ Blogs, Videos, Training https://serverlessland.com/ Hands-on Workshops for Serverless https://aws.amazon.com/serverless-workshops/

Is Serverless getting Serverful?

Is Serverless getting Serverful?

More Decks by kensh

Other Decks in Technology

Featured

Transcript