Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Architecture reviews for serverless applications

Dennis Kieselhorst
October 12, 2021
Technology
0
29

Architecture reviews for serverless applications

When building an application and also later during operations the question "Am I doing it right?" arises occasionally. Especially for serverless applications no one can yet rely on many years of experience. An architecture review is a good way to determine whether best practices are being followed and whether there are any risks in the architecture.

This talk uses the AWS Well-Architected Framework with the Well-Architected Serverless Lens to show architecture recommendations based on the five pillars Operational Excellence, Security, Reliability, Performance Efficiency and Cost Optimization. A demo of the AWS Well-Architected Tool will reveal how to measure and continuously improve the application portfolio.

Dennis Kieselhorst

October 12, 2021
Tweet

More Decks by Dennis Kieselhorst

See All by Dennis Kieselhorst
From Serverful to Serverless Java (JFokus 2024)
deki
0
40
Performance-Tweaks für Java-Serverless-Anwendungen (IT-Tage)
deki
0
32
Getting started with Event-Driven Architectures in 2023 (Øredev)
deki
0
9
Effectively running Java applications on AWS - Deep Dive at Devoxx Belgium 2023
deki
0
38
Einstieg in ereignisgesteuerte Architekturen in 2023
deki
0
12
Performance-Tweaks für Java-Serverless-Anwendungen (Java Forum Nord 2023)
deki
0
64
Log4j lessons learned - Vorbereitung auf den nächsten Zero-Day
deki
0
13
Modernize APIs to run serverless using Apache CXF
deki
0
87
A proactive approach to zero-days: Lessons learned from Log4j (Swiss Cloud Day 2022)
deki
0
16

Other Decks in Technology

See All in Technology
Data and AI Governance: Existing Challenges and Emerging Trends
scotthsieh825
0
150
PHP"オレ"カンファレンスの告知
ysknsid25
0
350
エンタープライズ環境下での Active Directory の運用 TIPS
tamaiyutaro
1
1.5k
カオナビの利用実績をアウトカムへつなげる旅 / example-of-data-management-startup-in-kaonavi
kaonavi
0
120
Databricksを活用してDELISH KITCHENのレシピレコメンドを開発した話
furu8
0
250
普段有償でサポート業務をしているCSAが技術知見を無料で公開する理由
07jp27
1
630
「手動オペレーションに定評がある」と言われた私が心がけていること / phpcon_odawara2024
blue_goheimochi
2
320
DevOpsDays History and my DevOps story
kawaguti
PRO
8
1.5k
最近たまに見かけるTiDBってなんだ? - Findy
pingcap0315
2
560
Autonomous Database Cloud 技術詳細 / adb-s_technical_detail_jp
oracle4engineer
PRO
14
35k
0→1開発における技術選定において一番大切なこと
bicstone
1
320
Apple Vision Pro trial session
akkeylab
0
120

Featured

See All Featured
How to Create Impact in a Changing Tech Landscape [PerfNow 2023]
tammyeverts
13
1.5k
A better future with KSS
kneath
231
16k
ReactJS: Keep Simple. Everything can be a component!
pedronauck
658
120k
BBQ
matthewcrist
80
8.7k
Dealing with People You Can't Stand - Big Design 2015
cassininazir
356
22k
Side Projects
sachag
451
41k
[RailsConf 2023 Opening Keynote] The Magic of Rails
eileencodes
9
8.3k
Building Flexible Design Systems
yeseniaperezcruz
318
37k
Into the Great Unknown - MozCon
thekraken
10
980
WebSockets: Embracing the real-time Web
robhawkes
59
7k
Typedesign – Prime Four
hannesfritz
36
2k
Making Projects Easy
brettharned
108
5.5k

Transcript

  1. © 2021, Amazon Web Services, Inc. or its Affiliates. Dennis

    Kieselhorst Sr. Solutions Architect Architecture reviews for serverless applications

  2. © 2021, Amazon Web Services, Inc. or its Affiliates. When

    you look at the systems you are building, can you answer the question: “Are you Well-Architected?”

  3. © 2021, Amazon Web Services, Inc. or its Affiliates. Why

    does Well-Architected exist? Learn Measure Improve To drive better outcomes for customers who build and operate workloads in the cloud

  4. © 2021, Amazon Web Services, Inc. or its Affiliates. What

    is the AWS Well-Architected Framework? Design principles Questions Pillars

  5. © 2021, Amazon Web Services, Inc. or its Affiliates. Pillars

    of AWS Well-Architected Security Cost Optimization Operational Excellence Performance Efficiency Reliability

  6. © 2021, Amazon Web Services, Inc. or its Affiliates. You

    are not going to judge my work! It will make you slow! Here comes the audit! It blocked my project! Not an audit!

  7. © 2021, Amazon Web Services, Inc. or its Affiliates. The

    truth is … It is an objective, constructive conversation You will learn AWS best practices You can leverage it to make informed architectural decisions You will lower or mitigate risks You will build and deploy faster

  8. © 2021, Amazon Web Services, Inc. or its Affiliates. Serverless

  9. © 2021, Amazon Web Services, Inc. or its Affiliates. Serverless

    removes the undifferentiated heavy lifting No infrastructure provisioning, no management Automatic scaling Pay for value Highly available and secure

  10. © 2021, Amazon Web Services, Inc. or its Affiliates. Serverless

    is there for you, at every layer Compute & access Storage Messaging & streaming

  11. © 2021, Amazon Web Services, Inc. or its Affiliates. Serverless

    is there for you, at every layer User & identity management Delivery at the edge Analytics

  12. © 2021, Amazon Web Services, Inc. or its Affiliates. Serverless

    is there for you, at every layer Provisioning & monitoring Development tools

  13. © 2021, Amazon Web Services, Inc. or its Affiliates. Serverless

    Application Lens - Whitepaper Defines all areas of Serverless Applications Defines common Serverless Use Cases Defines the Best Practices in regards to the Well Architected Pillars https://d1.awsstatic.com/whitepapers/architectu re/AWS-Serverless-Applications-Lens.pdf

  14. © 2021, Amazon Web Services, Inc. or its Affiliates. Well-Architected

    Tool https://aws.amazon.com/well-architected-tool/

  15. © 2021, Amazon Web Services, Inc. or its Affiliates. Now…

    some best practices by pillar Security Cost Optimization Operational Excellence Performance Efficiency Reliability

  16. © 2021, Amazon Web Services, Inc. or its Affiliates. Operational

    Excellence best practices Adopt a modern way to build applications infrastructure as code separate environments / accounts AWSTemplateFormatVersion: '2010-09-09’ Transform: AWS::Serverless-2016-10-31 Resources: GetProductsFunction: Type: AWS::Serverless::Function Properties: Handler: index.getProducts Runtime: nodejs10.x CodeUri: src/ Policies: - DynamoDBReadPolicy: TableName: !Ref ProductTable Events: GetResource: Type: Api Properties: Path: /products/{productId} Method: get ProductTable: Type: AWS::Serverless::SimpleTable Amazon CloudWatch Logs & metrics AWS X-Ray

  17. © 2021, Amazon Web Services, Inc. or its Affiliates. Operational

    Excellence best practices Adopt a modern way to build applications infrastructure as code separate environments / accounts Amazon CloudWatch Logs & metrics AWS X-Ray

  18. © 2021, Amazon Web Services, Inc. or its Affiliates. Operational

    Excellence best practices Observability is the way to govern the serverless application’s health • Monitor CloudWatch • Instrument X-Ray Amazon CloudWatch Logs and Metrics AWS X-Ray var AWSXRay = require(‘aws-xray-sdk-core‘); var AWS = AWSXRay.captureAWS(require(‘aws-sdk’)); S3Client = AWS.S3();

  19. © 2021, Amazon Web Services, Inc. or its Affiliates. Operational

    Excellence best practices Observability is the way to govern the serverless application’s health • Monitor CloudWatch • Instrument X-Ray Lambda PowerTools Lambda PowerTools for Java Lambda PowerTools for Python

  20. © 2021, Amazon Web Services, Inc. or its Affiliates. Security

    best practices Control access to your APIs and implement AppSec • Least privilege Cognito or a SAML / JWT identity provider SAM predefined IAM policies temporary credentials public or private API Gateway endpoints Amazon Cognito AWS Secrets Manager + = 💛 AWS WAF

  21. © 2021, Amazon Web Services, Inc. or its Affiliates. Reliability

    best practices Protect your resources and build resiliency into your serverless application throttling back-off and retries RDS Proxy long-running transactions AWS Step Functions async messaging • Decouple • Amazon SQS • Amazon SNS Amazon EventBridge to route events reliably Amazon API Gateway

  22. © 2021, Amazon Web Services, Inc. or its Affiliates. Performance

    Effiency best practices Optimize your serverless application performance services scaling behavior • Optimize application code. Yes! Do it again! on-demand capacity caching services integrations Lambda provisioned concurrency Lambda Power Tuning to tune power

  23. © 2021, Amazon Web Services, Inc. or its Affiliates. Wait,

    what’s Lambda Power Tuning? Visualize and fine-tune the memory / power configuration of Lambda functions CleanUpOnError Lambda Power Tuning

  24. © 2021, Amazon Web Services, Inc. or its Affiliates. Cost

    Optimization best practices Design your application to maximize value • Reduce your Lambda functions code asynchronous design patterns Embedded Metric Format for CloudWatch log-retention policies Lambda Power Tuning

  25. © 2021, Amazon Web Services, Inc. or its Affiliates. Some

    things to remember Make your functions single purpose, concise, short Code is debt; write fewer functions Understand and take advantage of the serverless concurrency model Share nothing; assume no hardware affinity Orchestrate with state machines, not application logic Use events to trigger transactions Leverage managed services when designing for failures and duplicates

  26. © 2021, Amazon Web Services, Inc. or its Affiliates. Review

    Process Identify a significant workload Prepare for review Review architecture Review results and improvement plan Create a plan to fix high risk issues

  27. © 2021, Amazon Web Services, Inc. or its Affiliates. Q&A

  28. © 2021, Amazon Web Services, Inc. or its Affiliates. Well-Architected

    Resources Whitepapers https://aws.amazon.com/well-architected/ • PDF and Kindle available • Framework • Per pillar (operational excellence, reliability, security, performance efficiency, cost optimization) • Lenses (Serverless, HPC, IoT, Machine Learning, Analytics, …) Training https://www.aws.training/Details/Curriculum?id=42037 • Framework • Pillars • Review Process • Tool

  29. © 2021, Amazon Web Services, Inc. or its Affiliates. Thank

    you! Dennis Kieselhorst, Sr. Solutions Architect [email protected]