Slide 1

Slide 1 text

© 2019, Amazon Web Services, Inc. or its Affiliates. Danilo Poccia Principal Evangelist, Serverless @danilop danilop Evolutionary Serverless Architectures with Safe Deployments

Slide 2

Slide 2 text

© 2019, Amazon Web Services, Inc. or its Affiliates. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.

Slide 3

Slide 3 text

© 2019, Amazon Web Services, Inc. or its Affiliates. Photo by Oskars Sylwan on Unsplash Focus on what you want to build, not the nuts & bolts required by the implementation of the solution

Slide 4

Slide 4 text

© 2019, Amazon Web Services, Inc. or its Affiliates. Development Equilibrium Unique Features to Build Comfort Zone of Known Issues

Slide 5

Slide 5 text

© 2019, Amazon Web Services, Inc. or its Affiliates. PhotoVogue Case Study “IT is no longer holding back the business. In fact, it’s helping us grow faster” — Marco Viganò, Digital CTO, Condé Nast Italia

Slide 6

Slide 6 text

© 2019, Amazon Web Services, Inc. or its Affiliates. Photo by Samuele Errico Piccarini on Unsplash

Slide 7

Slide 7 text

© 2019, Amazon Web Services, Inc. or its Affiliates. Gain Speed & Control Project Product

Slide 8

Slide 8 text

© 2019, Amazon Web Services, Inc. or its Affiliates. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. v1 v2 v3 Customer needs Project Product

Slide 9

Slide 9 text

© 2019, Amazon Web Services, Inc. or its Affiliates. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Project Product Reach milestone Customer value Lifecycle costs Cost to reach milestone Backward looking Forward looking

Slide 10

Slide 10 text

© 2019, Amazon Web Services, Inc. or its Affiliates. Features Defects Risks Debts Business Customers Security & Compliance Builders Avoid Overutilization Product

Slide 11

Slide 11 text

© 2019, Amazon Web Services, Inc. or its Affiliates. “An evolutionary architecture designs for incremental change in an architecture as a first principle.” — Rebecca Parsons, CTO, Neal Ford, Meme Wrangler, ThoughtWorks

Slide 12

Slide 12 text

© 2019, Amazon Web Services, Inc. or its Affiliates. “Incremental change should be your first requirement.” — Me

Slide 13

Slide 13 text

© 2019, Amazon Web Services, Inc. or its Affiliates. Product Target

Slide 14

Slide 14 text

© 2019, Amazon Web Services, Inc. or its Affiliates. Product New Features Refactoring Improve Security Improve Scalability Target ? ? This is an Optimization Problem…

Slide 15

Slide 15 text

© 2019, Amazon Web Services, Inc. or its Affiliates. Best Solution (Unknown) This is an Optimization Problem… Possible Solutions

Slide 16

Slide 16 text

© 2019, Amazon Web Services, Inc. or its Affiliates. Best Solution (Unknown) How to Explore the Space of All Possible Solutions? Possible Solutions

Slide 17

Slide 17 text

© 2019, Amazon Web Services, Inc. or its Affiliates. Evolutionary Algorithms Best Solution (Unknown) Candidate Solutions Possible Solutions

Slide 18

Slide 18 text

© 2019, Amazon Web Services, Inc. or its Affiliates. Evolutionary Algorithms Best Solution (Unknown) Candidate Solutions Fitness Function Possible Solutions

Slide 19

Slide 19 text

© 2019, Amazon Web Services, Inc. or its Affiliates. Evolutionary Algorithms Best Solution (Unknown) Candidate Solutions Fitness Function Possible Solutions

Slide 20

Slide 20 text

© 2019, Amazon Web Services, Inc. or its Affiliates. Evolutionary Algorithms Best Solution (Unknown) Fitness Function Candidate Solutions Possible Solutions

Slide 21

Slide 21 text

© 2019, Amazon Web Services, Inc. or its Affiliates. Evolutionary Algorithms Candidate Solutions Best Solution (Unknown) Fitness Function Generation Selection Possible Solutions

Slide 22

Slide 22 text

© 2019, Amazon Web Services, Inc. or its Affiliates. Photo by Eliecer Gallegos on Unsplash

Slide 23

Slide 23 text

© 2019, Amazon Web Services, Inc. or its Affiliates. + Source Code Metrics + Tests Coverage + Performance Metrics + Encryption Checks + Credential Rotation Checks + …

Slide 24

Slide 24 text

© 2019, Amazon Web Services, Inc. or its Affiliates. + Source Code Metrics + Tests Coverage + Performance Metrics + Encryption Checks + Credential Rotation Checks + … = My Fitness Function

Slide 25

Slide 25 text

© 2019, Amazon Web Services, Inc. or its Affiliates. Fitness Function Best Solution (Unknown) Should I go here? Current Architecture Or there? How good the current architecture is? How much would improve if … Functional Requirement Non-Functional Requirement

Slide 26

Slide 26 text

© 2019, Amazon Web Services, Inc. or its Affiliates. Fitness Function fitness time Improved Scalability Encryption In Transit Increased Availability Encryption At Rest First Release v1 v2 v3 v4 v5

Slide 27

Slide 27 text

© 2019, Amazon Web Services, Inc. or its Affiliates. Photo by G. Crescoli on Unsplash

Slide 28

Slide 28 text

© 2019, Amazon Web Services, Inc. or its Affiliates. …in Machine Learning: the Objective Function Objective Function Loss Regularization How predictive the model is on the data How complex the model is (to avoid overfitting) Objective is to minimize = +

Slide 29

Slide 29 text

© 2019, Amazon Web Services, Inc. or its Affiliates. Fitness Function & Complexity Fitness Function Fitness Regularization How good the architecture is How complex the architecture is Change sign to maximize = -

Slide 30

Slide 30 text

© 2019, Amazon Web Services, Inc. or its Affiliates. Serverless Architectures Code Template Infrastructure as Code

Slide 31

Slide 31 text

© 2019, Amazon Web Services, Inc. or its Affiliates. AWS Serverless Application Model (SAM) AWSTemplateFormatVersion: '2010-09-09’ Transform: AWS::Serverless-2016-10-31 Resources: GetFunction: Type: AWS::Serverless::Function Properties: Handler: index.get Runtime: nodejs8.10 CodeUri: src/ Policies: - DynamoDBReadPolicy: TableName: !Ref MyTable Events: GetResource: Type: Api Properties: Path: /resource/{resourceId} Method: get MyTable: Type: AWS::Serverless::SimpleTable Just 20 lines to create: • Lambda function • IAM role • API Gateway • DynamoDB table O pen Source

Slide 32

Slide 32 text

© 2019, Amazon Web Services, Inc. or its Affiliates. SAM CLI pip install --user aws-sam-cli sam init --name my-app --runtime python cd my-app/ sam local ... # generate-event/invoke/start-api/start-lambda sam validate # The SAM template sam build # Depending on the runtime sam package --s3-bucket my-packages-bucket \ --output-template-file packaged.yaml sam deploy --template-file packaged.yaml \ --stack-name my-stack-prod sam logs -n MyFunction --stack-name my-stack-prod -t # Tail sam publish # To the Serverless Application Repository O pen Source CodePipeline Use CloudFormation deployment actions with any SAM application Jenkins Use SAM CLI plugin

Slide 33

Slide 33 text

© 2019, Amazon Web Services, Inc. or its Affiliates. Serverless Architectures Code Stack Package Deploy Template Feedback

Slide 34

Slide 34 text

© 2019, Amazon Web Services, Inc. or its Affiliates. Serverless Architectures Stack Deploy

Slide 35

Slide 35 text

© 2019, Amazon Web Services, Inc. or its Affiliates. Serverless Architectures Stack Deploy

Slide 36

Slide 36 text

© 2019, Amazon Web Services, Inc. or its Affiliates. Serverless Architectures – Safe Deployments All At Once Canary Deployment Linear Deployment Hooks Alarms PreTraffic Function PostTraffic Function Stack Deploy

Slide 37

Slide 37 text

© 2019, Amazon Web Services, Inc. or its Affiliates. Hooks Hooks Serverless Architectures – Safe Deployments PreTraffic Function PostTraffic Function

Slide 38

Slide 38 text

© 2019, Amazon Web Services, Inc. or its Affiliates. Hooks Computing Fitness with PreTraffic & PostTraffic Functions Update Product Dashboard PreTraffic Function PostTraffic Function Publish Fitness as Metric Analyze Architecture

Slide 39

Slide 39 text

© 2019, Amazon Web Services, Inc. or its Affiliates. Computing Fitness with PreTraffic & PostTraffic Functions Hooks List Stack Resources Check Non-Functional Requirements Config Rules Source Code Metrics Performance Metrics PreTraffic Function PostTraffic Function

Slide 40

Slide 40 text

© 2019, Amazon Web Services, Inc. or its Affiliates. Checking All Resources in a CloudFormation Stack Check Non-Functional Requirements ü check encryption at rest for all S3 buckets ü check versioning for all S3 buckets ü check encryption at rest for all DynamoDB tables ü check permissions for all S3 buckets ü check that S3 buckets accept HTTPS requests only ü check auto scaling / on-demand for all DynamoDB tables

Slide 41

Slide 41 text

© 2019, Amazon Web Services, Inc. or its Affiliates. Using AWS Config to Evaluate Rules Config Rules ü s3-bucket-logging-enabled ü s3-bucket-replication-enabled ü s3-bucket-versioning-enabled ü s3-bucket-public-write-prohibited ü s3-bucket-public-read-prohibited ü s3-bucket-ssl-requests-only ü s3-bucket-server-side-encryption-enabled ü dynamodb-autoscaling-enabled ü dynamodb-throughput-limit-check ü lambda-function-public-access-prohibited ü lambda-function-settings-check

Slide 42

Slide 42 text

© 2019, Amazon Web Services, Inc. or its Affiliates. fitness time Improved Scalability Encryption In Transit Increased Availability Encryption At Rest First Release v1 v2 v3 v4 v5 Product Dashboard Back End Latency Concurrent Users Sales Per Minute Your Top Business Metric Fitness Function Catalog Searches Per Minute

Slide 43

Slide 43 text

© 2019, Amazon Web Services, Inc. or its Affiliates. Safe deployments in SAM Resources: GetFunction: Type: AWS::Serverless::Function Properties: AutoPublishAlias: live DeploymentPreference: Type: Canary10Percent5Minutes Alarms: - !Ref ApiErrorsAlarm - !Ref ApiLatencyAlarm Hooks: PreTraffic: !Ref PreTrafficLambdaFunction PostTraffic: !Ref PreTrafficLambdaFunction Canary10Percent30Minutes Canary10Percent5Minutes Canary10Percent10Minutes Canary10Percent15Minutes Linear10PercentEvery10Minutes Linear10PercentEvery1Minute Linear10PercentEvery2Minutes Linear10PercentEvery3Minutes AllAtOnce Compute Fitness

Slide 44

Slide 44 text

© 2019, Amazon Web Services, Inc. or its Affiliates. Photo by Kea Mowat on Unsplash Speed & Control

Slide 45

Slide 45 text

© 2019, Amazon Web Services, Inc. or its Affiliates. Demo

Slide 46

Slide 46 text

© 2019, Amazon Web Services, Inc. or its Affiliates. https://github.com/danilop/evolutionary-serverless-architectures-with-safe-deployments

Slide 47

Slide 47 text

© 2019, Amazon Web Services, Inc. or its Affiliates. © 2019, Amazon Web Services, Inc. or its Affiliates. Thank you! @danilop danilop