Serverless Challenges - Speaker Deck

Slide 1

Slide 1 text

Serverless Challenges Unique Challenges with Unique Value Proposition Ebru Cucen • Contino

Slide 2

Slide 2 text

@ebrucucen 2 Agenda 01 | Why Serverless? 02 | Application Challenges 03 | Security Challenges 04 | Networking Challenges

Slide 3

Slide 3 text

@ebrucucen 3 Key Takeaways ● Serverless provides the highest level of abstraction to enable focus on business value ● As we shift away from non-differentiating infrastructure, old and new challenges at application level still need to be tackled ● Azure is on the market offering some interesting features in the serverless space in comparison to AWS

Slide 4

Slide 4 text

@ebrucucen VEGAN PROUD WIFE PROUD MUM 4 CLOUD CONSULTANT @ebrucucen DEVELOPER AT HEART

Slide 5

Slide 5 text

Why Serverless?

Slide 6

Slide 6 text

@ebrucucen 6 Serverless Offering Simon Wardley “Serverless enables us, for the ﬁrst time, to put a clear price tag on an application ﬂow, allowing unprecedented visibility and accuracy when designing the supply chain of our businesses.”

Slide 7

Slide 7 text

@ebrucucen 7 https://martinfowler.com/articles/serverless.html Serverless Offering 01 Abstraction of infrastructure management 02 Pay-as-you-go 03 Auto-scale

Slide 8

Slide 8 text

@ebrucucen Focus on Your Application and Business Value 8 Data Center Networking Storage Servers Virtualisation Runtime Containers Applications Enterprise IT Functions Data Center Networking Storage Servers Virtualisation Runtime Containers Applications IaaS Functions Data Center Networking Storage Servers Virtualisation Runtime Containers Applications CaaS Functions Data Center Networking Storage Servers Virtualisation Runtime Containers Applications PaaS Functions Data Center Networking Storage Servers Virtualisation Runtime Containers Applications Serverless Functions Customer Vendor

Slide 9

Slide 9 text

Serverless Is Much More than Functions 9

Slide 10

Slide 10 text

@ebrucucen 10 Migrating More… Always-on option? But I heard it is expensive …

Slide 11

Slide 11 text

@ebrucucen 11 Migrating More… Always-on option? But I heard it is expensive …

Slide 12

Slide 12 text

@ebrucucen 1 concurrent exec for 1GB Resource Consumption: ● 2.2m GBs/month ● £950.4 Execution: ● 1.6m GBs ● £8.64/month Migrating More: Year Plan (WestEurope) 12 £959 https://www.slideshare.net/TimWagner/serverlessconf-2018-keynote-debunking-serverless-myths Standard_B2s: (2CPU/4GBRAM) £313/annual Linux VM £939

Slide 13

Slide 13 text

@ebrucucen 13 Is It Even? ● High-Available: x more VMs ● Load Balancer ● Queue Storage ● Management Costs

Slide 14

Slide 14 text

@ebrucucen 1 concurrent exec for 1GB Resource Consumption: ● 2.2m GBs/month ● £950.4 Execution: ● 1.6m GBs ● £8.64/month VM: £626 (2 Standard_B2s) LB: £240/year £866x3 = WINNER 14 £959 £2.598

Slide 15

Slide 15 text

Demo

Slide 16

Slide 16 text

Demo Gods: https://asciinema.org/a/bOH5uknb92QTLqHSDFtDxjMee

Slide 17

Slide 17 text

Application Challenges

Slide 18

Slide 18 text

Migration Patterns -> Strangler, Abstraction by Branch Application Level Challenges 18 Language Trade Offs -> Runtime, Triggers A B Debugging -> Logging, Monitoring, Tracing C Caching, Versioning -> API Manager D

Slide 19

Slide 19 text

Language Options ● NET Core (Linux/Windows) ● Node.JS (Linux/Windows) ● Java (Windows) ● Powershell Core (Windows) ● Python (Linux) 19

Slide 20

Slide 20 text

@ebrucucen Triggers Input: ● Http ● Timer ● Azure Storage ● Azure Cosmos DB ● Azure Service Bus ● Azure Event Grid ● Azure Event Hub ● Azure IoT Hub 20 Output: ● Http ● Azure Storage ● Excel ● Azure Service Bus ● Azure Event Hub ● SendGrid ● Twilio ● Outlook Mail

Slide 21

Slide 21 text

Migration Patterns -> Strangler, Abstraction by Branch Application Level Challenges 21 Language Trade Offs -> Runtime, Triggers A B Debugging -> Logging, Monitoring, Tracing C Caching, Versioning -> API Manager D

Slide 22

Slide 22 text

@ebrucucen Postcode Lookup Service Migration 22 Microservice Verify Phone Register Customer Postcode Lookup

Slide 23

Slide 23 text

@ebrucucen Postcode Lookup Service Migration 23 Which Pattern First? Verify Phone Register Customer Postcode Lookup How to decouple/ migrate?

Slide 24

Slide 24 text

@ebrucucen Strangler Pattern 24 1. Identify Existing Call Postcode Lookup API

Slide 25

Slide 25 text

@ebrucucen Strangler Pattern 25 1. Identify Existing Call Postcode Lookup API 2. Move Existing Call Postcode Lookup API Refactor Before / after? New language ?

Slide 26

Slide 26 text

@ebrucucen 1. Identify Existing Call Postcode Lookup API Strangler Pattern 2. Move Existing Call Postcode Lookup API Redirected Call Lookup Function 3. Redirect Postcode Lookup API 26 Refactor Before / after? New language ? Leave/ Remove ?

Slide 27

Slide 27 text

@ebrucucen Postcode Lookup Service Migration 27 How to Connect? Verify Phone Register Customer Postcode Lookup Postcode Lookup

Slide 28

Slide 28 text

@ebrucucen 28 Branch by Abstraction Pattern User Registration Abstraction User Registration Implements

Slide 29

Slide 29 text

@ebrucucen 29 Branch by Abstraction Pattern User Registration Abstraction User Registration Phone Veriﬁcation Postcode Lookup Implements

Slide 30

Slide 30 text

@ebrucucen 30 Branch by Abstraction Pattern User Registration Abstraction User Registration Phone Veriﬁcation Postcode Lookup Implements

Slide 31

Slide 31 text

@ebrucucen 31 Branch by Abstraction Pattern User Registration Abstraction User Registration Implements Phone Veriﬁcation Postcode Lookup

Slide 32

Slide 32 text

@ebrucucen User Registration Abstraction User Registration Phone Verification Postcode Lookup Implements 32 Branch by Abstraction Pattern User Registration Abstraction User Registration Implements Phone Verification Postcode Lookup User Registration Abstraction User Registration Phone Verification Postcode Lookup Implements

Slide 33

Slide 33 text

@ebrucucen 33 Postcode Lookup User Registration User Registration Abstraction New User Registration Service Phone Veriﬁcation Postcode Lookup Implements Serverless Promise: #autoscales So do I need to think about autoscaling of overall system?

Slide 34

Slide 34 text

Serverless Design Patterns Address Lookup Address Veriﬁcation Register User 34 Chaining

Slide 35

Slide 35 text

@ebrucucen Serverless Design Patterns 35 Onboard User Register User State Machine Email Veriﬁcation Phone Veriﬁcation Address Lookup

Slide 36

Slide 36 text

@ebrucucen 36 Azure Durable Functions Email Verification Phone Verification Address Verification Orchestrator Activity Functions Orchestrator Client WebApp

Slide 37

Slide 37 text

Migration Patterns -> Strangler, Abstraction by Branch Application Level Challenges 37 Language Trade Offs -> Runtime, Triggers A B Debugging -> Logging, Monitoring, Tracing C Caching, Versioning -> API Manager D

Slide 38

Slide 38 text

@ebrucucen 38 Starter Function

Slide 39

Slide 39 text

@ebrucucen 39 Orchestration Function

Slide 40

Slide 40 text

@ebrucucen 40 Activity Function

Slide 41

Slide 41 text

@ebrucucen Application Level Challenges 41 Language Options -> Runtime, Triggers Migration Patterns -> Strangler, Abstraction by Branch, Chaining, State Machine/Durable Functions Debugging -> Logging, Monitoring, Tracing Caching, Versioning -> API Manager A B C D

Slide 42

Slide 42 text

@ebrucucen Observability and Tracing ● Debugging locally ● Portal Kudo ● Bash/shell into ● Process Explorer ● Live metrics 42

Slide 43

Slide 43 text

@ebrucucen Local Development 43

Slide 44

Slide 44 text

@ebrucucen Portal Logs 44

Slide 45

Slide 45 text

@ebrucucen Portal Kudo 45

Slide 46

Slide 46 text

@ebrucucen Process Explorer 46

Slide 47

Slide 47 text

@ebrucucen Application Map 47

Slide 48

Slide 48 text

Live Metrics 48

Slide 49

Slide 49 text

Dashboard 49

Slide 50

Slide 50 text

Language Trade Offs -> Runtime, Triggers Application Level Challenges 50 Migration Patterns -> Strangler, Abstraction by Branch A B Debugging -> Logging, Monitoring, Tracing C Caching, Versioning -> API Manager D

Slide 51

Slide 51 text

Serverless + API Manager = Epic Awesomeness 51

Slide 52

Slide 52 text

Shared Concerns: Security 52

Slide 53

Slide 53 text

How API Manager solves 53

Slide 54

Slide 54 text

Security Challenges

Slide 55

Slide 55 text

● Standards/Policies ● Cloud Security Posture ● Input sanitisation ● Token validation for each function Drawbacks 55

Slide 56

Slide 56 text

Secure Http Endpoint: ● Use API Management for auth ● Use Authorization Keys Func Level ● Integrate into Identity ● Consider Rate throttling ● Enable Cost Alerts Security - Top 5 recommendations 56

Slide 57

Slide 57 text

Networking Challenges

Slide 58

Slide 58 text

I need a Private Address! 58

Slide 59

Slide 59 text

I need on Prem Connection! 59

Slide 60

Slide 60 text

Uniﬁed APIs (each side) 60

Slide 61

Slide 61 text

API Manager 61

Slide 62

Slide 62 text

Network ● Castle and moat approach* ● Point-to-Point to integrations/Route Table ● Communicate to back to on-prem? ● Life before and after Private Links 62 https://www-microsoft-com.cdn.ampproject.org/c/s/www.microsoft.com/en-us/microsoft-365/blog/2019/09/18/why-banks-adopt-modern-cybersecurity-zero- trust-model/amp/

Slide 63

Slide 63 text

@ebrucucen 63 Key Takeaways ● Serverless provides the highest level of abstraction to enable focus on business value ● As we shift away from non-differentiating infrastructure, old and new challenges at application level still need to be tackled ● Azure is on the market offering some interesting features in the serverless space in comparison to AWS

Slide 64

Slide 64 text

Reference 64

Slide 65

Slide 65 text

@ebrucucen References Serverless https://martinfowler.com/articles/serverless.html Serverless Myths: https://www.slideshare.net/TimWagner/serverlessconf-2018-keynote-debunking-serverless-myths Burning Monk Links: http://blog.binaris.com/your-guide-to-migrating-existing-microservices-to-serverless/ https://blog.binaris.com/how-to-go-all-in-with-serverless-adoption/ (All) https://medium.com/theburningmonk-com/all-my-posts-on-serverless-aws-lambda-43c17a147f91 65

Slide 66

Slide 66 text

@ebrucucen Books... 66

Slide 67

Slide 67 text

Atlanta atlanta@contino.io Questions contino.io continohq contino London london@contino.io New York newyork@contino.io Melbourne melbourne@contino.io Sydney sydney@contino.io

Slide 68

Slide 68 text

Atlanta atlanta@contino.io Thank you contino.io continohq contino London london@contino.io New York newyork@contino.io Melbourne melbourne@contino.io Sydney sydney@contino.io