Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Evolutionary Serverless Architectures with Safe Deployments

Danilo Poccia
October 19, 2018
Programming
9
330

Evolutionary Serverless Architectures with Safe Deployments

ServerlessDays, Milan, October 19th, 2018

The term "architecture" applied to software can bring the idea of static, difficult to change, solutions. Unfortunately, that is often the result of a software implementation.

An evolutionary architecture designs for incremental change in an architecture as a first principle, looking at software development over time as an optimization task, using a "fitness function" to estimate the efficiency of a software release.

In this session, we’ll show how to automate a CI/CD pipeline to compute a fitness function during deployment, using a pre-traffic hook Lambda function dynamically analyzing the configuration of the resources implemented via AWS Serverless Application Model (SAM) templates.

Danilo Poccia

October 19, 2018
Tweet

More Decks by Danilo Poccia

See All by Danilo Poccia
From complexity to observability using OpenTelemetry
danilop
1
290
re:Invent 2021 re:Cap – Part II
danilop
0
280
Using container images with serverless functions... and containers!
danilop
0
360
What Can You Do with Serverless – In 2021
danilop
1
940
How LEGO.com accelerates innovation with serverless
danilop
1
660
Analyzing data at any scale with AWS Lambda
danilop
0
590
What Can You Do with Serverless – In 2021
danilop
1
1.1k
Sowing the Seeds of Software Development: What Can You Do with Serverless – In 2021!
danilop
0
460
Using Machine Learning From Your Databases
danilop
0
220

Other Decks in Programming

See All in Programming
Implementing "++" operator, stepping into parse.y
coe401_
3
4.7k
Kotlin 2.0을 통해 알아보는 코틀린의 미래
dalinaum
1
1.4k
Goのジェネリクスを活用する
syumai
2
1.1k
読みやすいコードの書き方 第 1 回 / Code readability: Session 1 (ver. 2, Ja)
munetoshi
1
460
OpenSearchを使って ごちクルの検索画面を爆速にする
konpay
0
140
LlamaIndex で Text-to-SQL 100 本ノック!
os1ma
2
680
Design Doc の書き方 / How to Write a Design Doc (Ja ver.)
munetoshi
20
6.5k
Building Ruby Native Extension using Ruby
katsyoshi
0
730
Multiverse Ruby
shioyama
1
2.4k
ランニングコストやっべぇぞ!ECS/FargateでECRへのアクセスについて
honma12345
0
710
From 1 to 201 Lambda functions in production: Evolving a serverless startup architecture
slobodan
0
160
良い開発生産性を目指せば採用もうまくいく
rinchsan
0
320

Featured

See All Featured
Mobile First: as difficult as doing things right
swwweet
213
8k
Design by the Numbers
sachag
272
18k
Optimising Largest Contentful Paint
csswizardry
2
770
Java REST API Framework Comparison - PWX 2021
mraible
PRO
16
5.8k
WebSockets: Embracing the real-time Web
robhawkes
58
6.2k
RailsConf & Balkan Ruby 2019: The Past, Present, and Future of Rails at GitHub
eileencodes
123
29k
Designing Experiences People Love
moore
130
22k
Building Applications with DynamoDB
mza
86
5.1k
How STYLIGHT went responsive
nonsquared
89
4.3k
Git: the NoSQL Database
bkeepers
PRO
419
60k
Design and Strategy: How to Deal with People Who Don’t "Get" Design
morganepeng
110
17k
XXLCSS - How to scale CSS and keep your sanity
sugarenia
236
1.1M

Transcript

  1. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential and Trademark
    © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential and Trademark
    Danilo Poccia, Principal Evangelist, Serverless
    Evolutionary Serverless Architectures
    with Safe Deployments
    @danilop
    danilop
    October 18th, 2018

    View Slide

  2. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential and Trademark
    Photo by Oskars Sylwan on Unsplash
    Focus on what you want to build,
    not the nuts & bolts required
    by the implementation of the solution

    View Slide

  3. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential and Trademark
    Development Equilibrium
    Unique Features
    to Build
    Comfort Zone
    of Known Issues

    View Slide

  4. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential and Trademark
    PhotoVogue Case Study
    “IT is no longer holding back the business.
    In fact, it’s helping us grow faster”
    — Marco Viganò, Digital CTO, Condé Nast Italia

    View Slide

  5. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential and Trademark
    Photo by Samuele Errico Piccarini on Unsplash

    View Slide

  6. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential and Trademark
    Gain Speed & Control
    Project Product

    View Slide

  7. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential and Trademark
    “An evolutionary architecture designs
    for incremental change in an architecture
    as a first principle.”
    — Rebecca Parsons, CTO,
    Neal Ford, Meme Wrangler,
    ThoughtWorks

    View Slide

  8. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential and Trademark
    “Incremental change is your first requirement.”
    — Me

    View Slide

  9. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential and Trademark
    Product Target

    View Slide

  10. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential and Trademark
    Product
    New Features
    Refactoring
    Improve Security
    Improve Scalability
    Target
    ?
    ?
    This is an Optimization Problem…

    View Slide

  11. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential and Trademark
    Best Solution
    (Unknown)
    This is an Optimization Problem…

    View Slide

  12. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential and Trademark
    Best Solution
    (Unknown)
    How to Explore the Space of All Possible Solutions?

    View Slide

  13. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential and Trademark
    Evolutionary Algorithms
    Best Solution
    (Unknown)
    Candidate
    Solutions

    View Slide

  14. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential and Trademark
    Evolutionary Algorithms
    Best Solution
    (Unknown)
    Candidate
    Solutions
    Fitness
    Function

    View Slide

  15. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential and Trademark
    Evolutionary Algorithms
    Best Solution
    (Unknown)
    Candidate
    Solutions
    Fitness
    Function

    View Slide

  16. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential and Trademark
    Evolutionary Algorithms
    Best Solution
    (Unknown)
    Fitness
    Function
    Candidate
    Solutions

    View Slide

  17. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential and Trademark
    Evolutionary Algorithms
    Candidate
    Solutions
    Best Solution
    (Unknown)
    Fitness
    Function
    Generation
    Selection

    View Slide

  18. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential and Trademark
    Photo by Eliecer Gallegos on Unsplash
    It’s not easy to explore
    all possible software architectures…
    …but we can measure them!

    View Slide

  19. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential and Trademark
    + Source Code Metrics
    + Tests Coverage
    + Performance Metrics
    + Encryption Checks
    + Credential Rotation Checks
    + …

    View Slide

  20. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential and Trademark
    + Source Code Metrics
    + Tests Coverage
    + Performance Metrics
    + Encryption Checks
    + Credential Rotation Checks
    + …
    = Fitness Function

    View Slide

  21. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential and Trademark
    Fitness Function
    Best Solution
    (Unknown)
    Should I go here?
    Current
    Architecture
    Or there?
    How good the current
    architecture is?
    How much would
    improve if …
    Functional
    Requirement
    Non-Functional
    Requirement

    View Slide

  22. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential and Trademark
    Fitness Function
    fitness
    time
    Improved
    Scalability
    Encryption
    In Transit
    Increased
    Availability
    Encryption
    At Rest
    First
    Release
    v1 v2 v3 v4 v5

    View Slide

  23. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential and Trademark
    Photo by G. Crescoli on Unsplash
    Mmmmm…
    Something similar?

    View Slide

  24. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential and Trademark
    Objective Function (Machine Learning)
    Objective
    Function
    Loss Regularization
    How predictive
    the model is
    on the data
    How complex
    the model is
    (to avoid overfitting)
    Objective
    is to minimize
    = +

    View Slide

  25. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential and Trademark
    Fitness Function & Complexity
    Fitness
    Function
    Fitness Regularization
    How good
    the architecture is
    How complex
    the architecture is
    Change sign
    to maximize
    = +

    View Slide

  26. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential and Trademark
    Serverless Architectures
    Code
    Stack
    Package Deploy
    Template
    Feedback

    View Slide

  27. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential and Trademark
    Serverless Architectures
    Stack
    Deploy

    View Slide

  28. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential and Trademark
    Serverless Architectures
    Deploy Stack

    View Slide

  29. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential and Trademark
    Serverless Architectures
    All At Once
    Canary Deployment
    Linear Deployment
    Deploy
    Hooks
    Alarms
    PreTraffic Function
    PostTraffic Function
    Stack

    View Slide

  30. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential and Trademark
    Hooks
    Hooks
    Serverless Architectures
    PreTraffic Function
    PostTraffic Function

    View Slide

  31. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential and Trademark
    PreTraffic & PostTraffic Functions
    Hooks
    List Stack Resources
    Check Non-Functional Requirements
    Config Rules
    Source Code Metrics
    Performance Metrics
    PreTraffic Function
    PostTraffic Function

    View Slide

  32. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential and Trademark
    PreTraffic & PostTraffic Functions
    ü check that encryption at rest is enabled on all S3 buckets
    ü check that versioning is enabled on all S3 buckets
    ü check that encryption at rest is enabled on all DynamoDB tables
    ü check that public write and/or read is prohibited for all S3 buckets
    ü check that S3 buckets accept HTTPS requests only
    ü check that auto scaling is enabled for all DynamoDB tables
    Check Non-Functional Requirements

    View Slide

  33. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential and Trademark
    PreTraffic & PostTraffic Functions
    ü s3-bucket-logging-enabled
    ü s3-bucket-replication-enabled
    ü s3-bucket-versioning-enabled
    ü s3-bucket-public-write-prohibited
    ü s3-bucket-public-read-prohibited
    ü s3-bucket-ssl-requests-only
    ü s3-bucket-server-side-encryption-enabled
    ü dynamodb-autoscaling-enabled
    ü dynamodb-throughput-limit-check
    ü lambda-function-public-access-prohibited
    ü lambda-function-settings-check
    Config Rules

    View Slide

  34. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential and Trademark
    Hooks
    PreTraffic & PostTraffic Functions
    Update Product Dashboard
    PreTraffic Function
    PostTraffic Function
    Publish Custom Metric
    Analyze Architecture

    View Slide

  35. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential and Trademark
    Product Dashboard
    fitness
    time
    Improved
    Scalability
    Encryption
    In Transit
    Increased
    Availability
    Encryption
    At Rest
    First
    Release
    v1 v2 v3 v4 v5
    Back End
    Latency
    Concurrent
    Users
    Sales
    Per Minute
    Catalog Searches
    Per Minute
    Your Top
    Business Metric
    Fitness
    Function

    View Slide

  36. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential and Trademark
    Photo by Kea Mowat on Unsplash

    View Slide

  37. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential and Trademark
    Demo

    View Slide

  38. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential and Trademark
    https://github.com/danilop/evolutionary-serverless-architectures-with-safe-deployments

    View Slide

  39. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential and Trademark
    © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential and Trademark
    Thank you!
    @danilop
    danilop

    View Slide