ServerlessDays Meetup - Building Global Services with Serverless

Transcript

1. © 2019, Amazon Web Services, Inc. or its affiliates. All

   rights reserved. Building Global Services with Serverless Marek Kuczynski Senior Specialist Serverless Solutions Architect Amazon Web Services marekq

2. © 2019, Amazon Web Services, Inc. or its affiliates. All

   rights reserved. In this session… • Reasons to build a global, serverless service • Handing data replication and deployments between regions • Using the edge network and caching • Rewriting requests in flight using Lambda @ Edge • Q&A

3. © 2019, Amazon Web Services, Inc. or its affiliates. All

   rights reserved. Fast, responsive websites generate more business https://www.gigaspaces.com/blog/amazon-found-every-100ms-of-latency-cost-them-1-in-sales/

4. It’s important to decrease latency for end-users ~50m s ~350ms

5. Accelerate using the CloudFront CDN

6. © 2018, Amazon Web Services, Inc. or its Affiliates. All

   rights reserved. Delivery acceleration (1/2) SYN SYN-ACK GET /index.jsp 20ms SYN GET /index.jsp 80ms 200 OK CloudFront Edge location SYN-ACK 200 OK Non CloudFront user 200ms Origin SYN SYN-ACK GET /index.jsp 200 OK CloudFront 1st user 180ms on cache miss 100ms

7. © 2018, Amazon Web Services, Inc. or its Affiliates. All

   rights reserved. Delivery acceleration (2/2) 20ms 80ms CloudFront Edge location Origin GET /index.jsp 200 OK SYN SYN-ACK SYN-ACK GET /index.jsp 200 OK GET /index.jsp 200 OK CloudFront 2nd user 120ms on cache miss 2x acceleration CloudFront 3rd user 40ms on cache hit 5x acceleration

8. © 2019, Amazon Web Services, Inc. or its affiliates. All

   rights reserved. Test performance from your location; S3 transfer acceleration https://s3-accelerate-speedtest.s3-accelerate.amazonaws.com/en/accelerate-speed-comparsion.html

9. © 2019, Amazon Web Services, Inc. or its affiliates. All

   rights reserved. Serverless components are highly available Region Availability zone a Availability zone b Availability zone c Serverless Services

10. © 2019, Amazon Web Services, Inc. or its Affiliates. All

    rights reserved. Amazon Confidential and Trademark AWS Availability Zones AZ AZ AZ AZ Transit Transit Datacenter Datacenter Datacenter AWS Region AWS Availability Zone (AZ)

11. © 2019, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. A pattern for multi region architectures Region Availability zone a Availability zone b Availability zone c Application Region Availability zone a Availability zone b Availability zone c Application Application Application Application Application

12. © 2019, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. Improve availability and disaster recovery Applications in US West Applications in US East Users from San Francisco Users from New York Service 1 Service 2 Service 3 Service 4 Service 1 Service 2 Service 3 Service 4

13. © 2019, Amazon Web Services, Inc. or its affiliates. All

    rights reserved.

14. © 2019, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. Event based architectures SERVICES (ANYTHING) Changes in data state Requests to endpoints Changes in resource state EVENT SOURCE FUNCTION Node.js Python Java C# Go Ruby PowerShell Bring your own runtime

15. AWS Serverless Spectrum On-Premises Cloud Less More Compute Virtual Machine

    Amazon EC2 AWS Elastic Beanstalk AWS Lambda Fargate Databases MySQL MySQL on EC2 Amazon RDS MySQL Amazon Aurora Amazon Aurora Serverless Amazon DynamoDB Storage Storage Amazon S3 Messaging ESBs Amazon MQ Amazon Kinesis Amazon SNS / SQS Analytics Hadoop Hadoop on EC2 Amazon EMR Amazon Elasticsearch Service Amazon Athena ECS EKS

16. © 2019, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. A serverless web application Data stored in Amazon DynamoDB Dynamic content in AWS Lambda Amazon API Gateway Browser Amazon CloudFront Amazon S3

17. Demo - building a global messaging system https://github.com/marekq/global-serverless-chat

18. © 2019, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. Automating the deployment

19. Deploy your application using SAM CloudFormation extension optimized for serverless

    New serverless resource types: functions, APIs, and tables Supports anything CloudFormation supports Open specification (Apache 2.0) https://github.com/awslabs/serverless-application-model

20. SAM template AWSTemplateFormatVersion: '2010-09-09’ Transform: AWS::Serverless-2016-10-31 Resources: GetHtmlFunction: Type: AWS::Serverless::Function

    Properties: CodeUri: ./lambda Handler: index.handler Runtime: python3.7 Policies: AmazonDynamoDBReadOnlyAccess Events: GetHtml: Type: Api Properties: Path: /{proxy+} Method: ANY ListTable: Type: AWS::Serverless::SimpleTable Tells CloudFormation this is a SAM template it needs to “transform” Creates a Lambda function with the referenced managed IAM policy, runtime, code at the referenced zip location, and handler as defined. Also creates an API Gateway and takes care of all mapping/permissions necessary Creates a DynamoDB table with 5 Read & Write units

21. Marek GitHub Package repo https://github.com/ marekq/global- serverless-chat AWS CodePipeline Orchestrates

    all steps AWS CodeBuild To build, test and package the Lambda resources AWS CloudFormation To deploy infrastructure AWS infrastructure Lambda, API Gateway, DynamoDB, etc. Amazon S3 to store built Lambda artifacts

22. © 2019, Amazon Web Services, Inc. or its affiliates. All

    rights reserved.

23. © 2019, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. Build high performance, globally distributed applications Low latency reads & writes to locally available tables Disaster proof with multi-region redundancy Easy to set up and no application rewrites required Globally dispersed users Replica (N. America) Replica (Europe) Replica (Asia) Global App Global Table Amazon DynamoDB Global Tables Fully managed, multi-master, multi-region database

24. © 2019, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. Setting up DynamoDB replication

25. © 2019, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. Amazon S3 cross-region replication Bucket with objects Bucket with objects

26. © 2019, Amazon Web Services, Inc. or its affiliates. All

    rights reserved.

27. © 2019, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. Global routing with Route 53

28. © 2019, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. Route53: Traffic Policy

29. © 2019, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. Health checks with Route 53

30. © 2019, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. Deploying API Gateways across regions AWS eu-west-1 API Gateway Internet AWS us-east-1 API Gateway Amazon Route 53 Lambda function Amazon DynamoDB Lambda function Amazon DynamoDB Global Tables

31. © 2019, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. Use the Application Load Balancer with Lambda Enables easier transition from existing compute stacks using the Application Load Balancer Mix and match compute options to build your backends Robust load balancer controls (health checks, programmable rules engine, traffic shaping) Amazon ALB Amazon EC2 AWS Fargate AWS Lambda

32. © 2019, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. AWS Global Accelerator

33. © 2019, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. Global Accelerator routing

34. © 2019, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. Two static, anycast IP addresses available https://global.marek.host/

35. © 2019, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. Set traffic dials to your destinations across regions

36. © 2019, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. Global Accelerator Application Load Balancer Lambda Function DynamoDB Global Table Route 53 Latency Routing API Gateway Regional API Lambda Function DynamoDB Global Table Route 53 vs API Gateway for multi region connectivity

37. © 2019, Amazon Web Services, Inc. or its affiliates. All

    rights reserved.

38. Amazon CloudFront AWS Lambda Lambda@Edge Lambda@Edge

39. © 2018, Amazon Web Services, Inc. or its Affiliates. All

    rights reserved. Write once, run Lambda functions globally N Virginia AWS location AWS location AWS location AWS location AWS location AWS location

40. © 2018, Amazon Web Services, Inc. or its Affiliates. All

    rights reserved. Lambda@Edge Origin AWS location AWS location AWS location AWS location AWS location AWS location Compute Storage Database

41. Using Lambda@Edge for routing traffic AWS eu-west-1 API Gateway Internet

    AWS us-east-1 API Gateway Amazon Route 53 Lambda function Amazon DynamoDB Lambda function Amazon DynamoDB Global Tables Lambda@Edge Amazon CloudFront

42. Lambda@Edge use cases and blueprints • Content customization • Based

    on user attributes, device properties • Visitor session validation • User-agent validation—add an Access-Control- Allow-Header • Validate access token to confirm authentication • URL customization • Re-write URLs, pretty URLs • A/B testing and cookie-based sticky sessions • “Flip a coin” to select a version of content displayed to each user • Security • Security header insertions (HSTS, X-Content- Type-Options, and more) • Bot handling

43. How is Lambda@Edge different from Lambda? • Nodejs 8.10, Nodejs

    10.x and Python 3.7 are supported runtimes. • The maximum function runtime can be 5 seconds for viewer requests and 30 seconds for origin requests. • You cannot access resources in your VPC. • Updating a Lambda@Edge function takes a few minutes. https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/cloudfront-limits.html#limits-lambda-at-edge

44. © 2018, Amazon Web Services, Inc. or its Affiliates. All

    rights reserved. CloudFront triggers CloudFront cache Users Viewer request Viewer response Origin response Origin Origin request

45. © 2018, Amazon Web Services, Inc. or its Affiliates. All

    rights reserved. CloudFront cache Viewer request events CloudFront cache User agents Viewer request HTTP origins Viewer response Origin response Origin request Viewer response Origin response Origin request Viewer request

46. © 2018, Amazon Web Services, Inc. or its Affiliates. All

    rights reserved. Viewer request events Executed on every request before the CloudFront cache is checked Modify cache key (URL, cookies, headers, query string) Perform authentication and authorization checks Make external network calls Generate responses that will not be cached

47. © 2018, Amazon Web Services, Inc. or its Affiliates. All

    rights reserved. Origin request: Route on user agent User agents Desktop Mobile Bots and crawlers CloudFront distribution www.example.com Origin request event Mobile optimized app Client-rendered app Server-rendered app Cloudfront-Is-Mobile-Viewer? Cloudfront-Is-Desktop-Viewer? Cloudfront-Is-Tablet-Viewer? User-Agent?

48. © 2018, Amazon Web Services, Inc. or its Affiliates. All

    rights reserved. Origin request: Generate redirect User agent CloudFront distribution www.example.com HTTP redirect www.example.com/de Origin request event Cloudfront-Viewer-Country? Accept-Language?

49. © 2018, Amazon Web Services, Inc. or its Affiliates. All

    rights reserved. Short demo

50. © 2018, Amazon Web Services, Inc. or its Affiliates. All

    rights reserved. Pretty URLs for user/API experience https://tiles.example.com/zoom/x/y.jpg S3 bucket tiles-v1.s3.amazonaws.com Legacy service old-tile-service.example.net Elastic Load Balancing tile-service-123456.us-east-1 .amazonaws.com

51. © 2018, Amazon Web Services, Inc. or its Affiliates. All

    rights reserved. Origin request: Pretty URLs https://tiles.example.com/zoom/x/y.jpg https://tiles-origin.s3.amazonaws.com/f5fdc6f658a49284b.jpg Origin request event originPath = sha256(requestPath) CloudFront cache Cache key: tiles.example.com/zoom/x/y.jpg Cached response

52. © 2018, Amazon Web Services, Inc. or its Affiliates. All

    rights reserved. Transparent global expansion Region A customers Region A deployment Region B customers Region B deployment https://saas.example.com

53. © 2018, Amazon Web Services, Inc. or its Affiliates. All

    rights reserved. Origin request: Origin selection id user 1 alex 2 bob 3 joe 4 jane User database 200 OK Application User agent POST /login user=jane&pass=*** home-region na eu ap eu Set-Cookie: home-region=eu

54. © 2018, Amazon Web Services, Inc. or its Affiliates. All

    rights reserved. CloudFront cache Origin response events CloudFront cache User agents Viewer request HTTP origins Viewer response Origin response Origin request Viewer response Origin request Viewer request Origin response

55. © 2018, Amazon Web Services, Inc. or its Affiliates. All

    rights reserved. Origin response: Image processing User agent CloudFront distribution www.example.com Origin response event PUT S3 bucket images-origin.s3.amazonaws.com Viewer request event

56. Thank you! © 2019, Amazon Web Services, Inc. or its

    affiliates. All rights reserved. Marek Kuczynski Senior Specialist Serverless Solutions Architect Amazon Web Services marekq