Breaking up the monolith into modern applications

© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
S U M M I T
Breaking up the monolith
into modern applications
Danilo Poccia
Principal Evangelist, Serverless
AWS
@danilop

View Slide

S U M M I T
Best practices for modern application development
• Enable experimentation
• Componentize applications
• Update applications and infrastructure quickly
• Model and provision application resources
• Simplify infrastructure management
• Improve application performance
• Secure the entire application lifecycle

View Slide

S U M M I T
Best practices for modern application development
• Enable experimentation by creating a culture of ownership
• Componentize applications using microservices
• Update applications and infrastructure quickly by automating the release pipeline
• Model and provision application resources using infrastructure as code
• Simplify infrastructure management with serverless technologies
• Improve application performance by increasing observability
• Secure the entire application lifecycle by automating security

View Slide

S U M M I T
Microservices

View Slide

S U M M I T
How Amazon SQS works
Front End
Back End
Metadata
Amazon
DynamoDB
Load
Manager

View Slide

S U M M I T
Serverless

View Slide

S U M M I T
AWS operational responsibility models
On-Premises Cloud
Less More
Compute Virtual Machine
EC2 Elastic Beanstalk AWS Lambda
Fargate
Databases MySQL MySQL on EC2
RDS MySQL RDS Aurora Aurora Serverless DynamoDB
Storage Storage
S3
Messaging ESBs
Amazon MQ Kinesis SQS / SNS
Analytics
Hadoop Hadoop on EC2 EMR Elasticsearch Service Athena

View Slide

S U M M I T

View Slide

S U M M I T
How Amazon MQ works
Amazon
API Gateway
DynamoDB
Control Plane
Data Plane
AWS Lambda

View Slide

S U M M I T
Some AWS services that use containers
…more…

View Slide

S U M M I T
Databases

View Slide

S U M M I T
Databases in modern applications
RDBMS
(RDS)
NoSQL
(DynamoDB)

View Slide

S U M M I T
Relational or not?
NOT!

View Slide

S U M M I T
Databases in Modern Applications
RDBMS
(RDS)
NoSQL
(DynamoDB)
Amazon Quantum
Ledger Database

View Slide

S U M M I T
Amazon Quantum Ledger Database
Summary
Journal
Transactions
• Transactions are SQL-ish
• Query the Summary with SQL
• “Records” are ION (JSON superset) documents
• Journal is a cryptographically chained immutable ledger
• Journal is also a database table
• It’s serverless!

View Slide

S U M M I T
Integration patterns

View Slide

S U M M I T
Integration options from AWS
Amazon
API Gateway
Queues
Simple
Fully-managed
Any volume
Amazon
SQS
Pub/sub
Simple
Fully-managed
Flexible
Amazon
SNS
Orchestration
Powerful
Fully-managed
Low code
AWS
Step Functions
Connect
Efficient
Fully-managed
Real-time
Client-to-Service Messaging Orchestration

View Slide

S U M M I T
MICROSERVICE
API
API
MICROSERVICE
MICROSERVICE
EVENT
API
MICROSERVICE
EVENT
API
MICROSERVICE
APPLICATION
Mobile client
Client
IoT
PERSISTENCE PERSISTENCE

View Slide

S U M M I T
Keep orchestration out of code
Track status of data
and execution
Remove
redundant code

View Slide

S U M M I T
Step Functions: Integrations
Simplify building workloads such as order processing,
report generation, and data analysis
Write and maintain less code; add services in minutes
More service integrations:
AWS Step
Functions
Amazon Simple
Notification
Service
Amazon Simple
Queue Service
Amazon
SageMaker
AWS Glue AWS Batch Amazon Elastic
Container Service
AWS Fargate

View Slide

S U M M I T
Simpler integration, less code
With serverless polling With direct service integration
Start
End
AWS
Lambda
functions
Start
End
No
Lambda
functions

View Slide

S U M M I T

View Slide

S U M M I T
Serverless applications
Services (anything)
Changes in
data state
Requests to
endpoints
Changes in
resource state
Event source Function
Node.js
Python
Java
C#
Go
Ruby
Runtime API

View Slide

S U M M I T
Anatomy of a Lambda function
Handler() function
Function to be executed
upon invocation
Event object
Data sent during Lambda
function Invocation
Context object
Methods available to
interact with runtime
information (request ID,
log group, more)
import json
def lambda_handler(event, context):
# TODO implement
return {
'statusCode': 200,
'body': json.dumps('Hello World!')
}

View Slide

S U M M I T
Lambda Layers
Lets functions easily share code: Upload layer
once, reference within any function
Promote separation of responsibilities, lets
developers iterate faster on writing business logic
Built in support for secure sharing by ecosystem

View Slide

S U M M I T
Using Lambda Layers
• Put common components in a ZIP file and
upload it as a Lambda Layer
• Layers are immutable and can be versioned
to manage updates
• When a version is deleted or permissions to
use it are revoked, functions that used it
previously will continue to work, but you
won’t be able to create new ones
• You can reference up to five layers, one of
which can optionally be a custom runtime
Lambda
Layers
arn:aws:lambda:region:accountId:layer:shared-lib
Lambda
Layers
arn:aws:lambda:region:accountId:layer:shared-lib:2
Lambda
Layers
arn:aws:lambda:region:accountId:layer:shared-lib:3

View Slide

S U M M I T
Lambda Runtime API
Bring any Linux compatible language runtime
Powered by new Runtime API - Codifies the
runtime calling conventions and integration points
At launch, custom runtimes powering Ruby
support in AWS Lambda, more runtimes from
partners (like Erlang)
Custom runtimes distributed as “layers”
Rule
Stack

View Slide

S U M M I T
Runtime Bootstrap
• The bootstrap executable act as a bridge
between the Runtime HTTP API and the
Function to be executed
• Bootstrap needs to manage response/error
handling, context creation and function
execution
• Information on the interface endpoint and the
function handler are shared as environment
variables
/runtime API
/invocation/next
/init/error /ID/error
/invocation/ID/response
/invocation/ID/error
bootstrap
Process events/headers
Clean up
Initialize and Invoke function
Response/Error handling
Lambda
Function

View Slide

Build PCI and HIPAA compliant serverless applications!
Serverless platform services that can be used in both:

View Slide

S U M M I T
Start with a framework
AWS
Chalice
AWS Amplify
AWS
SAM
AWS: Third-party:
Serverless
Framework

View Slide

Meet
SAM!

View Slide

S U M M I T
AWS Serverless Application Model (SAM)
AWS CloudFormation extension optimized for
serverless
Special serverless resource types: Functions, APIs,
SimpleTables, Layers, and Applications
Supports anything AWS CloudFormation supports
Open specification (Apache 2.0)
https://aws.amazon.com/serverless/sam

View Slide

S U M M I T
SAM template
AWSTemplateFormatVersion: '2010-09-09’
Transform: AWS::Serverless-2016-10-31
Resources:
GetFunction:
Type: AWS::Serverless::Function
Properties:
Handler: index.get
Runtime: nodejs8.10
CodeUri: src/
Policies:
- DynamoDBReadPolicy:
TableName: !Ref MyTable
Events:
GetResource:
Type: Api
Properties:
Path: /resource/{resourceId}
Method: get
MyTable:
Type: AWS::Serverless::SimpleTable
Just 20 lines to create:
• Lambda function
• IAM role
• API Gateway
• DynamoDB table
O
pen
Source

View Slide

S U M M I T
AWS SAM Command Line Interface (AWS SAM CLI)
CLI tool for local development, debugging, testing,
deploying, and monitoring of serverless applications
Supports API Gateway “proxy-style” and Lambda service API
testing
Response object and function logs available on your local
machine
Uses open source docker-lambda images to mimic
Lambda’s execution environment such as timeout, memory
limits, runtimes
Can tail production logs from CloudWatch logs
Can help you build in native dependencies
https://aws.amazon.com/serverless/sam

View Slide

S U M M I T
SAM CLI
sam init --name my-function --runtime python
cd my-function/
sam build
sam package --s3-bucket my-packages-bucket \
--output-template-file packaged.yaml
sam deploy --template-file packaged.yaml \
--stack-name my-function-prod
sam publish # To the AWS Serverless Application Repository

View Slide

S U M M I T

View Slide

S U M M I T
With the AWS Serverless Application Repository:
Developers can…
• Discover and deploy ready-made apps and
code samples
• Combine applications in the app repository
with their own via Nested Applications
• Customize open-source apps to get started
quickly
• Share apps privately or publish apps
for public use

View Slide

S U M M I T
TweetSource:
Type: AWS::Serverless::Application
Properties:
Location:
ApplicationId: arn:aws:serverlessrepo:...
SemanticVersion: 2.0.0
Parameters:
TweetProcessorFunctionName: !Ref MyFunction
SearchText: '#serverless -filter:nativeretweets'
Nested apps to simplify solving recurring problems
Standard
Component
Custom
Business
Logic
Polling schedule
(CloudWatch
Events rule)
trigger
TwitterProcessor
SearchCheckpoint
TwitterSearchPoller
Twitter
Search API

View Slide

S U M M I T
AWS SAM Template Capabilities
• Can mix in other non-SAM CloudFormation
resources in the same template
• i.e. Amazon S3, Amazon Kinesis, AWS Step Functions
• Supports use of Parameters, Mappings,
Outputs, etc
• Supports Intrinsic Functions
• Can use ImportValue
(exceptions for RestApiId, Policies, StageName attributes)
• YAML or JSON

View Slide

S U M M I T
AWS Lambda Environment Variables
• Key-value pairs that you can dynamically pass to
your function
• Available via standard environment variable APIs
such as process.env for Node.js or os.environ for
Python
• Can optionally be encrypted via AWS Key
Management Service (KMS)
• Allows you to specify in IAM what roles have access to
the keys to decrypt the information
• Useful for creating environments per stage (i.e.
dev, testing, production)

View Slide

S U M M I T
Amazon API Gateway Stage Variables
Stage variables act like environment variables
• Use stage variables to store configuration values
• Stage variables are available in the $context object
• Values are accessible from most fields in API
Gateway
• Lambda function ARN
• HTTP endpoint
• Custom authorizer function name
• Parameter mappings

View Slide

AWS Lambda and Amazon API Gateway Variables + SAM
Parameters:
MyEnvironment:
Type: String
Default: testing
AllowedValues:
- test
- staging
- prod
Description: Environment of this stack of
resources
Mappings:
SpecialFeature1:
test:
status: on
staging:
status: on
prod:
status: off
#Lambda
MyFunction:
Type: 'AWS::Serverless::Function'
Properties:
…
Environment:
Variables:
ENVIRONMENT: !Ref: MyEnvironment
Spec_Feature1: !FindInMap [SpecialFeature1,
!Ref MyEnvironment, status]
…
#API Gateway
MyApiGatewayApi:
Type: AWS::Serverless::Api
Properties:
…
Variables:

View Slide

Parameters:
MyEnvironment:
Type: String
Default: testing
AllowedValues:
- testing
- staging
- prod
Description: Environment of this stack of
resources
Mappings:
SpecialFeature1:
testing:
status: on
staging:
status: on
prod:
status: off
#Lambda
MyFunction:
Type: 'AWS::Serverless::Function'
Properties:
…
Environment:
Variables:
Spec_Feature1: !FindInMap [SpecialFeature1,
!Ref MyEnvironment, status]
…
#API Gateway
MyApiGatewayApi:
Type: AWS::Serverless::Api
Properties:
…
Variables:
AWS Lambda and Amazon API Gateway Variables + SAM

View Slide

S U M M I T
MyLambdaFunction:
Properties:
Handler: index.handler
Runtime: nodejs6.10
AutoPublishAlias: !Ref ENVIRONMENT
DeploymentPreference:
Type: Linear10PercentEvery10Minutes
Alarms:
# A list of alarms that you want to monitor
- !Ref AliasErrorMetricGreaterThanZeroAlarm
- !Ref LatestVersionErrorMetricGreaterThanZeroAlarm
Hooks:
# Validation Lambda functions that are run before & after traffic shifting
PreTraffic: !Ref PreTrafficLambdaFunction
PostTraffic: !Ref PostTrafficLambdaFunction
AWS SAM + Safe Deployments

View Slide

S U M M I T
AWS Lambda Alias Traffic Shifting & AWS SAM
AutoPublishAlias
By adding this property and specifying an
alias name, AWS SAM will do the
following:
• Detect when new code is being
deployed based on changes to the
Lambda function's Amazon S3 URI.
• Create and publish an updated version
of that function with the latest code.
• Create an alias with a name you
provide (unless an alias already exists)
and points to the updated version of
the Lambda function.
Deployment Preference Type
Canary10Percent30Minutes
Linear10PercentEvery10Minutes
Linear10PercentEvery1Minute
AllAtOnce
In SAM:

View Slide

S U M M I T
Alarms: # A list of alarms that you want to monitor
- !Ref AliasErrorMetricGreaterThanZeroAlarm
- !Ref LatestVersionErrorMetricGreaterThanZeroAlarm
Hooks: # Validation Lambda functions that are run before & after
traffic shifting
PreTraffic: !Ref PreTrafficLambdaFunction
PostTraffic: !Ref PostTrafficLambdaFunction
AWS Lambda Alias Traffic Shifting & AWS SAM
Note: You can specify a maximum of 10
alarms
In SAM:

View Slide

S U M M I T
Globals:
Function:
Runtime: nodejs6.10
CodeUri: s3://code-artifacts/pet_app1234.zip
MemorySize: 1024
Timeout: 30
AutoPublishAlias: !Ref ENVIRONMENT
getDogsFunction:
Properties:
Handler: getdogs.handler
Events:
GetDogs:
Type: Api
Properties:
Path: /Dogs
Method: ANY
getCatsFunction:
Properties:
Handler: getCats.handler
Events:
GetCats:
Type: Api
Properties:
Path: /Cats
Method: ANY
getBirdsFunction:
Properties:
Handler: getBirds.handler
Timeout: 15
Events:
GetBirds:
Type: Api
Properties:
Path: /Birds
Method: ANY
AWS SAM Globals

View Slide

S U M M I T
Lambda permissions model
Fine grained security controls for both
execution and invocation:
Execution policies:
• Define what AWS resources/API calls can this
function access via IAM
• Used in streaming invocations
• E.g. “Lambda function A can read from
DynamoDB table users”
Function policies:
• Used for sync and async invocations
• E.g. “Actions on bucket X can invoke Lambda
function Z”
• Resource policies allow for cross account
configst access

View Slide

S U M M I T
AWS SAM Policy Templates
MyQueueFunction:
Properties:
...
Policies:
# Gives permissions to poll an SQS Queue
- SQSPollerPolicy:
queueName: !Ref MyQueue
...
MyQueue:
Type: AWS::SQS::Queue
...

View Slide

S U M M I T
SAM Policy Templates
45+ predefined
policies
All found here:
https://bit.ly/2xWycnj

View Slide

S U M M I T
Best
Practices

View Slide

S U M M I T
AWS SAM Best Practices
• Use Parameters and Mappings when possible
to build dynamic templates based on user
inputs and pseudo parameters such as
AWS::Region
• Use the Globals section to simplify templates
• Use Export & ImportValue to share resource
information across stacks
• Build out multiple environments, such as for
Development, Test, Production and even DR
using the same template, even across
accounts
SAM Template
Source
Control
Dev
Test
Prod

View Slide

S U M M I T
AWS Cloud Development Kit (CDK)
https://awslabs.github.io/aws-cdk
AWS CDK Toolkit
+
AWS Construct Library
+
@aws-cdk/
aws-serverless
D
eveloper
Preview

View Slide

Shaping new habits
one nudge at a time
How we built our business on AWS, without servers
digitalattitude.com

View Slide

Who am I?
Serverless Italy Meetup
Simone Lusenti
CTO @ Digital Attitude
twitter.com/Lanzone31

View Slide

Our job at Digital Attitude
• Change management
• Help people inside organizations
shape new technology-related
habits…
• …to improve how new technologies
are used

View Slide

Meet HI!, our virtual coach
• Desktop app that intercepts specific user
actions
• Provides immediate contextual feedback
or guidance in response

View Slide

HI!, Building Habits
AWS Cloud
Region
Client Client
Client
Client
Client

View Slide

HI! Infrastructure / as Code
Infrastructure-as-Code
1. No need to access the AWS Console
2. Define infrastructure with JavaScript (or .NET, Java)
AWS Cloud Development Toolkit (https://github.com/awslabs/aws-cdk)
3. Easy replicability to other regions/accounts

View Slide

HI! Infrastructure / Serverless benefits
Pay per request, no idle pay:
1. Free and exact clones of the production accounts
2. Developers can perform integration testing before going to production
3. Keep stand-by replica accounts (e.g.: for Disaster Recovery)

View Slide

No* capacity planning:
1. 0-clicks autoscaling of the whole infrastructure (storage and computing)
2. From 0 to 10.000 in a day with no effort
3. Thousands of interactions every day at 9AM

View Slide

Event-driven model:
1. Response time stable to <200ms under any load
2. Real-time feedback microservice is fully isolated from administrative
services, reporting, and analytics
3. Built-in fault tolerance

View Slide

Business Continuity & Disaster Recovery:
1. Amazon S3 Cross-region Replication
2. Amazon DynamoDB Point-in-time Recovery
3. Free stand-by replicas
BC & DR metrics:
1. RPO: information that is lost in case of disaster: 1 second
2. RTO: time to fully restore operation: < 1 hour

View Slide

Reliable Continuous Deployment
1. Fully automated release cycle
2. Git, AWS CodePipeline, AWS CodeBuild (Windows + Linux)
3. Nothing to provision, supports hundreds of parallel builds
4. (Fun: rollouts are approved using AWS IoT Buttons J)

View Slide

HI! Infrastructure / Why AWS
• Only Cloud Provider that allows us to be 100% IaC and Serverless:
• Domain Names
• Content Distribution
• Computing
• Storage
• Analytics & Business Dashboards
• CI / CD

View Slide

HI! Infrastructure / Why AWS: FinDev

View Slide

• Exactly define the infrastructure cost
for each user action!
• Business value?
More: https://www.slideshare.net/theburningmonk/serverless-is-more-findev-than-devops

View Slide

Digital Attitude on AWS / Summary
1. Infrastructure as Code: easy replicability, multiple
accounts and regions
2. No pay for idle
3. No pre-provisioning and no* capacity planning
4. Define cost per user action

View Slide

Breaking up the monolith into modern applications

Breaking up the monolith into modern applications

Danilo Poccia

More Decks by Danilo Poccia

Other Decks in Programming

Featured

Transcript