Breaking up the monolith into modern applications

Breaking up the monolith into modern applications

AWS Summit, Milan, March 12th, 2019

Tips for decomposing your apps into serverless microservices.

7c9b8b368924556d8642bdaed3ded1f5?s=128

Danilo Poccia

March 12, 2019
Tweet

Transcript

  1. © 2019, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. S U M M I T Breaking up the monolith into modern applications Danilo Poccia Principal Evangelist, Serverless AWS @danilop
  2. © 2019, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. S U M M I T Best practices for modern application development • Enable experimentation • Componentize applications • Update applications and infrastructure quickly • Model and provision application resources • Simplify infrastructure management • Improve application performance • Secure the entire application lifecycle
  3. © 2019, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. S U M M I T Best practices for modern application development • Enable experimentation by creating a culture of ownership • Componentize applications using microservices • Update applications and infrastructure quickly by automating the release pipeline • Model and provision application resources using infrastructure as code • Simplify infrastructure management with serverless technologies • Improve application performance by increasing observability • Secure the entire application lifecycle by automating security
  4. © 2019, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. S U M M I T Best practices for modern application development • Enable experimentation by creating a culture of ownership • Componentize applications using microservices • Update applications and infrastructure quickly by automating the release pipeline • Model and provision application resources using infrastructure as code • Simplify infrastructure management with serverless technologies • Improve application performance by increasing observability • Secure the entire application lifecycle by automating security
  5. © 2019, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. S U M M I T Microservices
  6. © 2019, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. S U M M I T How Amazon SQS works Front End Back End Metadata Amazon DynamoDB Load Manager
  7. © 2019, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. S U M M I T Serverless
  8. © 2019, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. S U M M I T AWS operational responsibility models On-Premises Cloud Less More Compute Virtual Machine EC2 Elastic Beanstalk AWS Lambda Fargate Databases MySQL MySQL on EC2 RDS MySQL RDS Aurora Aurora Serverless DynamoDB Storage Storage S3 Messaging ESBs Amazon MQ Kinesis SQS / SNS Analytics Hadoop Hadoop on EC2 EMR Elasticsearch Service Athena
  9. © 2019, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. S U M M I T
  10. © 2019, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. S U M M I T How Amazon MQ works Amazon API Gateway DynamoDB Control Plane Data Plane AWS Lambda
  11. © 2019, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. S U M M I T Some AWS services that use containers …more…
  12. © 2019, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. S U M M I T Databases
  13. © 2019, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. S U M M I T Databases in modern applications RDBMS (RDS) NoSQL (DynamoDB)
  14. © 2019, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. S U M M I T Relational or not? NOT!
  15. © 2019, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. S U M M I T Databases in Modern Applications RDBMS (RDS) NoSQL (DynamoDB) Amazon Quantum Ledger Database
  16. © 2019, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. S U M M I T Amazon Quantum Ledger Database Summary Journal Transactions • Transactions are SQL-ish • Query the Summary with SQL • “Records” are ION (JSON superset) documents • Journal is a cryptographically chained immutable ledger • Journal is also a database table • It’s serverless!
  17. © 2019, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. S U M M I T Integration patterns
  18. © 2019, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. S U M M I T Integration options from AWS Amazon API Gateway Queues Simple Fully-managed Any volume Amazon SQS Pub/sub Simple Fully-managed Flexible Amazon SNS Orchestration Powerful Fully-managed Low code AWS Step Functions Connect Efficient Fully-managed Real-time Client-to-Service Messaging Orchestration
  19. © 2019, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. S U M M I T MICROSERVICE API API MICROSERVICE MICROSERVICE EVENT API MICROSERVICE EVENT API MICROSERVICE APPLICATION Mobile client Client IoT PERSISTENCE PERSISTENCE
  20. © 2019, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. S U M M I T Keep orchestration out of code Track status of data and execution Remove redundant code
  21. © 2019, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. S U M M I T Step Functions: Integrations Simplify building workloads such as order processing, report generation, and data analysis Write and maintain less code; add services in minutes More service integrations: AWS Step Functions Amazon Simple Notification Service Amazon Simple Queue Service Amazon SageMaker AWS Glue AWS Batch Amazon Elastic Container Service AWS Fargate
  22. © 2019, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. S U M M I T Simpler integration, less code With serverless polling With direct service integration Start End AWS Lambda functions Start End No Lambda functions
  23. © 2019, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. S U M M I T
  24. © 2019, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. S U M M I T Serverless applications Services (anything) Changes in data state Requests to endpoints Changes in resource state Event source Function Node.js Python Java C# Go Ruby Runtime API
  25. © 2019, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. S U M M I T Anatomy of a Lambda function Handler() function Function to be executed upon invocation Event object Data sent during Lambda function Invocation Context object Methods available to interact with runtime information (request ID, log group, more) import json def lambda_handler(event, context): # TODO implement return { 'statusCode': 200, 'body': json.dumps('Hello World!') }
  26. © 2019, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. S U M M I T Lambda Layers Lets functions easily share code: Upload layer once, reference within any function Promote separation of responsibilities, lets developers iterate faster on writing business logic Built in support for secure sharing by ecosystem
  27. © 2019, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. S U M M I T Using Lambda Layers • Put common components in a ZIP file and upload it as a Lambda Layer • Layers are immutable and can be versioned to manage updates • When a version is deleted or permissions to use it are revoked, functions that used it previously will continue to work, but you won’t be able to create new ones • You can reference up to five layers, one of which can optionally be a custom runtime Lambda Layers arn:aws:lambda:region:accountId:layer:shared-lib Lambda Layers arn:aws:lambda:region:accountId:layer:shared-lib:2 Lambda Layers arn:aws:lambda:region:accountId:layer:shared-lib:3
  28. © 2019, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. S U M M I T Lambda Runtime API Bring any Linux compatible language runtime Powered by new Runtime API - Codifies the runtime calling conventions and integration points At launch, custom runtimes powering Ruby support in AWS Lambda, more runtimes from partners (like Erlang) Custom runtimes distributed as “layers” Rule Stack
  29. © 2019, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. S U M M I T Runtime Bootstrap • The bootstrap executable act as a bridge between the Runtime HTTP API and the Function to be executed • Bootstrap needs to manage response/error handling, context creation and function execution • Information on the interface endpoint and the function handler are shared as environment variables /runtime API /invocation/next /init/error /ID/error /invocation/ID/response /invocation/ID/error bootstrap Process events/headers Clean up Initialize and Invoke function Response/Error handling Lambda Function
  30. Build PCI and HIPAA compliant serverless applications! Serverless platform services

    that can be used in both:
  31. © 2019, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. S U M M I T Start with a framework AWS Chalice AWS Amplify AWS SAM AWS: Third-party: Serverless Framework
  32. Meet SAM!

  33. © 2019, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. S U M M I T AWS Serverless Application Model (SAM) AWS CloudFormation extension optimized for serverless Special serverless resource types: Functions, APIs, SimpleTables, Layers, and Applications Supports anything AWS CloudFormation supports Open specification (Apache 2.0) https://aws.amazon.com/serverless/sam
  34. © 2019, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. S U M M I T SAM template AWSTemplateFormatVersion: '2010-09-09’ Transform: AWS::Serverless-2016-10-31 Resources: GetFunction: Type: AWS::Serverless::Function Properties: Handler: index.get Runtime: nodejs8.10 CodeUri: src/ Policies: - DynamoDBReadPolicy: TableName: !Ref MyTable Events: GetResource: Type: Api Properties: Path: /resource/{resourceId} Method: get MyTable: Type: AWS::Serverless::SimpleTable Just 20 lines to create: • Lambda function • IAM role • API Gateway • DynamoDB table O pen Source
  35. © 2019, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. S U M M I T AWS SAM Command Line Interface (AWS SAM CLI) CLI tool for local development, debugging, testing, deploying, and monitoring of serverless applications Supports API Gateway “proxy-style” and Lambda service API testing Response object and function logs available on your local machine Uses open source docker-lambda images to mimic Lambda’s execution environment such as timeout, memory limits, runtimes Can tail production logs from CloudWatch logs Can help you build in native dependencies https://aws.amazon.com/serverless/sam
  36. © 2019, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. S U M M I T SAM CLI sam init --name my-function --runtime python cd my-function/ sam build sam package --s3-bucket my-packages-bucket \ --output-template-file packaged.yaml sam deploy --template-file packaged.yaml \ --stack-name my-function-prod sam publish # To the AWS Serverless Application Repository
  37. © 2019, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. S U M M I T
  38. © 2019, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. S U M M I T With the AWS Serverless Application Repository: Developers can… • Discover and deploy ready-made apps and code samples • Combine applications in the app repository with their own via Nested Applications • Customize open-source apps to get started quickly • Share apps privately or publish apps for public use
  39. © 2019, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. S U M M I T TweetSource: Type: AWS::Serverless::Application Properties: Location: ApplicationId: arn:aws:serverlessrepo:... SemanticVersion: 2.0.0 Parameters: TweetProcessorFunctionName: !Ref MyFunction SearchText: '#serverless -filter:nativeretweets' Nested apps to simplify solving recurring problems Standard Component Custom Business Logic Polling schedule (CloudWatch Events rule) trigger TwitterProcessor SearchCheckpoint TwitterSearchPoller Twitter Search API
  40. © 2019, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. S U M M I T AWS SAM Template Capabilities • Can mix in other non-SAM CloudFormation resources in the same template • i.e. Amazon S3, Amazon Kinesis, AWS Step Functions • Supports use of Parameters, Mappings, Outputs, etc • Supports Intrinsic Functions • Can use ImportValue (exceptions for RestApiId, Policies, StageName attributes) • YAML or JSON
  41. © 2019, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. S U M M I T AWS Lambda Environment Variables • Key-value pairs that you can dynamically pass to your function • Available via standard environment variable APIs such as process.env for Node.js or os.environ for Python • Can optionally be encrypted via AWS Key Management Service (KMS) • Allows you to specify in IAM what roles have access to the keys to decrypt the information • Useful for creating environments per stage (i.e. dev, testing, production)
  42. © 2019, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. S U M M I T Amazon API Gateway Stage Variables Stage variables act like environment variables • Use stage variables to store configuration values • Stage variables are available in the $context object • Values are accessible from most fields in API Gateway • Lambda function ARN • HTTP endpoint • Custom authorizer function name • Parameter mappings
  43. AWS Lambda and Amazon API Gateway Variables + SAM Parameters:

    MyEnvironment: Type: String Default: testing AllowedValues: - test - staging - prod Description: Environment of this stack of resources Mappings: SpecialFeature1: test: status: on staging: status: on prod: status: off #Lambda MyFunction: Type: 'AWS::Serverless::Function' Properties: … Environment: Variables: ENVIRONMENT: !Ref: MyEnvironment Spec_Feature1: !FindInMap [SpecialFeature1, !Ref MyEnvironment, status] … #API Gateway MyApiGatewayApi: Type: AWS::Serverless::Api Properties: … Variables: ENVIRONMENT: !Ref: MyEnvironment
  44. Parameters: MyEnvironment: Type: String Default: testing AllowedValues: - testing -

    staging - prod Description: Environment of this stack of resources Mappings: SpecialFeature1: testing: status: on staging: status: on prod: status: off #Lambda MyFunction: Type: 'AWS::Serverless::Function' Properties: … Environment: Variables: ENVIRONMENT: !Ref: MyEnvironment Spec_Feature1: !FindInMap [SpecialFeature1, !Ref MyEnvironment, status] … #API Gateway MyApiGatewayApi: Type: AWS::Serverless::Api Properties: … Variables: ENVIRONMENT: !Ref: MyEnvironment AWS Lambda and Amazon API Gateway Variables + SAM
  45. © 2019, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. S U M M I T MyLambdaFunction: Type: AWS::Serverless::Function Properties: Handler: index.handler Runtime: nodejs6.10 AutoPublishAlias: !Ref ENVIRONMENT DeploymentPreference: Type: Linear10PercentEvery10Minutes Alarms: # A list of alarms that you want to monitor - !Ref AliasErrorMetricGreaterThanZeroAlarm - !Ref LatestVersionErrorMetricGreaterThanZeroAlarm Hooks: # Validation Lambda functions that are run before & after traffic shifting PreTraffic: !Ref PreTrafficLambdaFunction PostTraffic: !Ref PostTrafficLambdaFunction AWS SAM + Safe Deployments
  46. © 2019, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. S U M M I T AWS Lambda Alias Traffic Shifting & AWS SAM AutoPublishAlias By adding this property and specifying an alias name, AWS SAM will do the following: • Detect when new code is being deployed based on changes to the Lambda function's Amazon S3 URI. • Create and publish an updated version of that function with the latest code. • Create an alias with a name you provide (unless an alias already exists) and points to the updated version of the Lambda function. Deployment Preference Type Canary10Percent30Minutes Canary10Percent5Minutes Canary10Percent10Minutes Canary10Percent15Minutes Linear10PercentEvery10Minutes Linear10PercentEvery1Minute Linear10PercentEvery2Minutes Linear10PercentEvery3Minutes AllAtOnce In SAM:
  47. © 2019, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. S U M M I T Alarms: # A list of alarms that you want to monitor - !Ref AliasErrorMetricGreaterThanZeroAlarm - !Ref LatestVersionErrorMetricGreaterThanZeroAlarm Hooks: # Validation Lambda functions that are run before & after traffic shifting PreTraffic: !Ref PreTrafficLambdaFunction PostTraffic: !Ref PostTrafficLambdaFunction AWS Lambda Alias Traffic Shifting & AWS SAM Note: You can specify a maximum of 10 alarms In SAM:
  48. © 2019, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. S U M M I T Globals: Function: Runtime: nodejs6.10 CodeUri: s3://code-artifacts/pet_app1234.zip MemorySize: 1024 Timeout: 30 AutoPublishAlias: !Ref ENVIRONMENT getDogsFunction: Type: AWS::Serverless::Function Properties: Handler: getdogs.handler Events: GetDogs: Type: Api Properties: Path: /Dogs Method: ANY getCatsFunction: Type: AWS::Serverless::Function Properties: Handler: getCats.handler Events: GetCats: Type: Api Properties: Path: /Cats Method: ANY getBirdsFunction: Type: AWS::Serverless::Function Properties: Handler: getBirds.handler Timeout: 15 Events: GetBirds: Type: Api Properties: Path: /Birds Method: ANY AWS SAM Globals
  49. © 2019, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. S U M M I T Lambda permissions model Fine grained security controls for both execution and invocation: Execution policies: • Define what AWS resources/API calls can this function access via IAM • Used in streaming invocations • E.g. “Lambda function A can read from DynamoDB table users” Function policies: • Used for sync and async invocations • E.g. “Actions on bucket X can invoke Lambda function Z” • Resource policies allow for cross account configst access
  50. © 2019, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. S U M M I T AWS SAM Policy Templates MyQueueFunction: Type: AWS::Serverless::Function Properties: ... Policies: # Gives permissions to poll an SQS Queue - SQSPollerPolicy: queueName: !Ref MyQueue ... MyQueue: Type: AWS::SQS::Queue ...
  51. © 2019, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. S U M M I T SAM Policy Templates 45+ predefined policies All found here: https://bit.ly/2xWycnj
  52. © 2019, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. S U M M I T Best Practices
  53. © 2019, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. S U M M I T AWS SAM Best Practices • Use Parameters and Mappings when possible to build dynamic templates based on user inputs and pseudo parameters such as AWS::Region • Use the Globals section to simplify templates • Use Export & ImportValue to share resource information across stacks • Build out multiple environments, such as for Development, Test, Production and even DR using the same template, even across accounts SAM Template Source Control Dev Test Prod
  54. © 2019, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. S U M M I T AWS Cloud Development Kit (CDK) https://awslabs.github.io/aws-cdk AWS CDK Toolkit + AWS Construct Library + @aws-cdk/ aws-serverless D eveloper Preview
  55. S U M M I T © 2019, Amazon Web

    Services, Inc. or its affiliates. All rights reserved.
  56. Shaping new habits one nudge at a time How we

    built our business on AWS, without servers digitalattitude.com
  57. Who am I? Serverless Italy Meetup Simone Lusenti CTO @

    Digital Attitude twitter.com/Lanzone31
  58. Our job at Digital Attitude • Change management • Help

    people inside organizations shape new technology-related habits… • …to improve how new technologies are used
  59. Meet HI!, our virtual coach • Desktop app that intercepts

    specific user actions • Provides immediate contextual feedback or guidance in response
  60. HI!, Building Habits AWS Cloud Region Client Client Client Client

    Client
  61. HI! Infrastructure / as Code Infrastructure-as-Code 1. No need to

    access the AWS Console 2. Define infrastructure with JavaScript (or .NET, Java) AWS Cloud Development Toolkit (https://github.com/awslabs/aws-cdk) 3. Easy replicability to other regions/accounts
  62. HI! Infrastructure / Serverless benefits Pay per request, no idle

    pay: 1. Free and exact clones of the production accounts 2. Developers can perform integration testing before going to production 3. Keep stand-by replica accounts (e.g.: for Disaster Recovery)
  63. HI! Infrastructure / Serverless benefits No* capacity planning: 1. 0-clicks

    autoscaling of the whole infrastructure (storage and computing) 2. From 0 to 10.000 in a day with no effort 3. Thousands of interactions every day at 9AM
  64. HI! Infrastructure / Serverless benefits Event-driven model: 1. Response time

    stable to <200ms under any load 2. Real-time feedback microservice is fully isolated from administrative services, reporting, and analytics 3. Built-in fault tolerance
  65. HI! Infrastructure / Serverless benefits Business Continuity & Disaster Recovery:

    1. Amazon S3 Cross-region Replication 2. Amazon DynamoDB Point-in-time Recovery 3. Free stand-by replicas BC & DR metrics: 1. RPO: information that is lost in case of disaster: 1 second 2. RTO: time to fully restore operation: < 1 hour
  66. HI! Infrastructure / Serverless benefits Reliable Continuous Deployment 1. Fully

    automated release cycle 2. Git, AWS CodePipeline, AWS CodeBuild (Windows + Linux) 3. Nothing to provision, supports hundreds of parallel builds 4. (Fun: rollouts are approved using AWS IoT Buttons J)
  67. HI! Infrastructure / Why AWS • Only Cloud Provider that

    allows us to be 100% IaC and Serverless: • Domain Names • Content Distribution • Computing • Storage • Analytics & Business Dashboards • CI / CD
  68. HI! Infrastructure / Why AWS: FinDev

  69. • Exactly define the infrastructure cost for each user action!

    • Business value? More: https://www.slideshare.net/theburningmonk/serverless-is-more-findev-than-devops
  70. Digital Attitude on AWS / Summary 1. Infrastructure as Code:

    easy replicability, multiple accounts and regions 2. No pay for idle 3. No pre-provisioning and no* capacity planning 4. Define cost per user action
  71. Thank you! S U M M I T © 2019,

    Amazon Web Services, Inc. or its affiliates. All rights reserved. Danilo Poccia @danilop AWS Simone Lusenti @Lanzone31 digitalattitude.com