Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Serverless Architectures on AWS in practice - OSCON 2018

Serverless Architectures on AWS in practice - OSCON 2018

From functions to containers to databases, serverless is a huge paradigm shift. The ability to only pay for what we use and not worry about underlying infrastructure is very tempting to developers and DevOps engineers, and the rate of innovation in this area has been very rapid across all major public cloud providers. Serverless architectures are the natural evolution of microservices design. While Lambda has become synonymous with serverless in AWS, there are several new and upcoming patterns that take serverless architectures to the next level.

Manish Pandit explains how to identify these patterns and put them to use. Using Marqeta’s efforts to move its payments infrastructure to the public cloud as an example, Manish explores the services that Marqeta considered, customized, hacked around, and successfully implemented as a part of this move.

Manish Pandit

July 19, 2018

More Decks by Manish Pandit

Other Decks in Technology


  1. If I had asked people what they wanted, they would

    have said: “faster horses” -Henry Ford
  2. Why? Scale technology to support the growing business Use public

    cloud capabilities so we can focus on product innovation
  3. Microservices You can have microservices without containers and serverless! Containers

    and Serverless are the most optimal way to package and deploy microservices.
  4. Serverless Function as a unit of deployment (FaaS) Pay for

    what you use, never for idle resources 100% abstraction from underlying resources
  5. Serverless Components 1. Functions themselves 2. Events that trigger these

    functions, or handlers Event driven programming - Functions are event handlers You only pay when the handler runs
  6. Lambda Pricing First 1M requests per month are free 400,000

    GB-seconds per month are free START RequestId: 6bd9cf60-7e2b-11e8-9f4a-ebdea81e794d Version: $LATEST END RequestId: 6bd9cf60-7e2b-11e8-9f4a-ebdea81e794d REPORT RequestId: 6bd9cf60-7e2b-11e8-9f4a-ebdea81e794d Duration: 646.26 ms Billed Duration: 700 ms Memory Size: 128 MB Max Memory Used: 31 MB
  7. Logging For Lambdas, Cloudwatch logs For ECS, filebeat agent on

    the host For Fargate, LogStashTcpSocketAppender
  8. Gotchas.. - Lambda Cold start on both Python and Java

    - Due to VPC and ENI - Be aware of the retries - Async invocation gets two retries - Sync invocation gets no retries - Apply the Principle of Least Privilege to the Lambda and ECS Roles - S3 triggers - source and destination buckets
  9. Tips - Declare connection pools outside of the handler’s scope

    - Write tests! - Test locally - the only error you should be expecting is IAM Permissions error. <role> is not authorized to perform: <operation> on resource: <resource> - Do not create Microliths - Set up billing alerts
  10. Tips - Pick the best tool for the job -

    Do not pick the tool and try to fit the job into it - Beware of the shiny object syndrome - Take measured risks - Production is (mostly) unforgiving
  11. “You’re free to choose, but you’re not free from the

    consequences of your choice” - Universal Paradox