Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Architekturreview für Serverless-Anwendungen (J...

Architekturreview für Serverless-Anwendungen (JAX)

Im Rahmen der Anwendungsentwicklung und auch beim späteren Betrieb kommt hin und wieder die Frage auf "mache ich das eigentlich richtig"? Insbesondere bei Serverless-Anwendungen kann man noch nicht auf langjährige Erfahrung vertrauen. Um festzustellen, ob Best Practices befolgt werden und ggf. Risiken in der Architektur bestehen, bietet sich ein Architekturreview an.

Dieser Vortrag nutzt das AWS Well-Architected Framework mit der Well-Architected Serverless Lens, um Architekturempfehlungen aufzuzeigen und mit dem AWS Well-Architected Tool das Anwendungsportfolio messen und kontinuierlich verbessern zu können. Im einzelnen werden die Themenbereiche Operational Excellence, Security, Reliability, Performance Efficiency und Cost Optimization behandelt.

https://aws.amazon.com/well-architected/
https://docs.aws.amazon.com/wellarchitected/latest/serverless-applications-lens/

Dennis Kieselhorst

May 04, 2021
Tweet

More Decks by Dennis Kieselhorst

Other Decks in Technology

Transcript

  1. © 2021, Amazon Web Services, Inc. or its Affiliates. Dennis

    Kieselhorst Sr. Solutions Architect Architekturreview für Serverless-Anwendungen
  2. © 2021, Amazon Web Services, Inc. or its Affiliates. When

    you look at the systems you are building, can you answer the question: “Are you Well-Architected?”
  3. © 2021, Amazon Web Services, Inc. or its Affiliates. Why

    does Well-Architected exist? Learn Measure Improve To drive better outcomes for customers who build and operate workloads in the cloud
  4. © 2021, Amazon Web Services, Inc. or its Affiliates. What

    is the AWS Well-Architected Framework? Design principles Questions Pillars
  5. © 2021, Amazon Web Services, Inc. or its Affiliates. Pillars

    of AWS Well-Architected Security Cost Optimization Operational Excellence Performance Efficiency Reliability
  6. © 2021, Amazon Web Services, Inc. or its Affiliates. You

    are not going to judge my work! It will make you slow! Here comes the audit! It blocked my project! Not an audit!
  7. © 2021, Amazon Web Services, Inc. or its Affiliates. The

    truth is … It is an objective, constructive conversation You will learn AWS best practices You can leverage it to make informed architectural decisions You will lower or mitigate risks You will build and deploy faster
  8. © 2021, Amazon Web Services, Inc. or its Affiliates. No

    server is easier to manage than "no server.” Werner Vogels—Amazon CTO
  9. © 2021, Amazon Web Services, Inc. or its Affiliates. Serverless

    removes the undifferentiated heavy lifting No infrastructure provisioning, no management Automatic scaling Pay for value Highly available and secure
  10. © 2021, Amazon Web Services, Inc. or its Affiliates. Serverless

    is there for you, at every layer Compute & access Storage Messaging & streaming
  11. © 2021, Amazon Web Services, Inc. or its Affiliates. Serverless

    is there for you, at every layer User & identity management Delivery at the edge Analytics
  12. © 2021, Amazon Web Services, Inc. or its Affiliates. Serverless

    is there for you, at every layer Provisioning & monitoring Development tools
  13. © 2021, Amazon Web Services, Inc. or its Affiliates. Serverless

    Application Lens - Whitepaper Defines all areas of Serverless Applications Defines common Serverless Use Cases Defines the Best Practices in regards to the Well Architected Pillars https://d1.awsstatic.com/whitepapers/architectu re/AWS-Serverless-Applications-Lens.pdf
  14. © 2021, Amazon Web Services, Inc. or its Affiliates. Well-Architected

    Tool https://aws.amazon.com/well-architected-tool/
  15. © 2021, Amazon Web Services, Inc. or its Affiliates. Now…

    some best practices by pillar Security Cost Optimization Operational Excellence Performance Efficiency Reliability
  16. © 2021, Amazon Web Services, Inc. or its Affiliates. Operational

    Excellence best practices Adopt a modern way to build applications infrastructure as code separate environments / accounts AWSTemplateFormatVersion: '2010-09-09’ Transform: AWS::Serverless-2016-10-31 Resources: GetProductsFunction: Type: AWS::Serverless::Function Properties: Handler: index.getProducts Runtime: nodejs10.x CodeUri: src/ Policies: - DynamoDBReadPolicy: TableName: !Ref ProductTable Events: GetResource: Type: Api Properties: Path: /products/{productId} Method: get ProductTable: Type: AWS::Serverless::SimpleTable Amazon CloudWatch Logs & metrics AWS X-Ray
  17. © 2021, Amazon Web Services, Inc. or its Affiliates. Operational

    Excellence best practices Adopt a modern way to build applications infrastructure as code separate environments / accounts Amazon CloudWatch Logs & metrics AWS X-Ray
  18. © 2021, Amazon Web Services, Inc. or its Affiliates. Operational

    Excellence best practices Observability is the way to govern the serverless application’s health • Monitor CloudWatch • Instrument X-Ray Amazon CloudWatch Logs and Metrics AWS X-Ray var AWSXRay = require(‘aws-xray-sdk-core‘); var AWS = AWSXRay.captureAWS(require(‘aws-sdk’)); S3Client = AWS.S3();
  19. © 2021, Amazon Web Services, Inc. or its Affiliates. Operational

    Excellence best practices Observability is the way to govern the serverless application’s health • Monitor CloudWatch • Instrument X-Ray Lambda PowerTools Lambda PowerTools for Java Lambda PowerTools for Python
  20. © 2021, Amazon Web Services, Inc. or its Affiliates. Security

    best practices Control access to your APIs and implement AppSec • Least privilege Cognito or a SAML / JWT identity provider SAM predefined IAM policies temporary credentials public or private API Gateway endpoints Amazon Cognito AWS Secrets Manager + = 💛 AWS WAF
  21. © 2021, Amazon Web Services, Inc. or its Affiliates. Reliability

    best practices Protect your resources and build resiliency into your serverless application throttling back-off and retries RDS Proxy long-running transactions AWS Step Functions async messaging • Decouple • Amazon SQS • Amazon SNS Amazon EventBridge to route events reliably Amazon API Gateway
  22. © 2021, Amazon Web Services, Inc. or its Affiliates. Performance

    Effiency best practices Optimize your serverless application performance services scaling behavior • Optimize application code. Yes! Do it again! on-demand capacity caching services integrations Lambda provisioned concurrency Lambda Power Tuning to tune power
  23. © 2021, Amazon Web Services, Inc. or its Affiliates. Wait,

    what’s Lambda Power Tuning? Visualize and fine-tune the memory / power configuration of Lambda functions CleanUpOnError Lambda Power Tuning
  24. © 2021, Amazon Web Services, Inc. or its Affiliates. Cost

    Optimization best practices Design your application to maximize value • Reduce your Lambda functions code asynchronous design patterns Embedded Metric Format for CloudWatch log-retention policies Lambda Power Tuning
  25. © 2021, Amazon Web Services, Inc. or its Affiliates. Some

    things to remember Make your functions single purpose, concise, short Code is debt; write fewer functions Understand and take advantage of the serverless concurrency model Share nothing; assume no hardware affinity Orchestrate with state machines, not application logic Use events to trigger transactions Leverage managed services when designing for failures and duplicates
  26. © 2021, Amazon Web Services, Inc. or its Affiliates. Review

    Process Identify a significant workload Prepare for review Review architecture Review results and improvement plan Create a plan to fix high risk issues
  27. © 2021, Amazon Web Services, Inc. or its Affiliates. Well-Architected

    Resources Whitepapers https://aws.amazon.com/well-architected/ • PDF and Kindle available • Framework • Per pillar (operational excellence, reliability, security, performance efficiency, cost optimization) • Lenses (Serverless, HPC, IoT, Machine Learning, Analytics, …) Training https://www.aws.training/Details/Curriculum?id=42037 • Framework • Pillars • Review Process • Tool
  28. © 2021, Amazon Web Services, Inc. or its Affiliates. Thank

    you! Dennis Kieselhorst, Sr. Solutions Architect [email protected]