Is Serverless getting Serverful?

Slide 1

Slide 1 text

Slide 2

Slide 2 text

© 2021, Amazon Web Services, Inc. or its Affiliates. All rights reserved. © 2021, Amazon Web Services, Inc. or its affiliates. All rights reserved. Kensuke Shimokawa Amazon Web Services Japan Snr. Serverless Specialist

Slide 3

Slide 3 text

Slide 4

Slide 4 text

Slide 5

Slide 5 text

© 2021, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Table • History of AWS Lambda • Shared responsibility model for AWS Lambda • Serverless Principle • With or Without • Without VPC • Without Custom Runtime • Without Provisioned Concurrency • Without EFS • With Agility

Slide 6

Slide 6 text

Slide 7

Slide 7 text

No content

Slide 8

Slide 8 text

No content

Slide 9

Slide 9 text

Slide 10

Slide 10 text

Slide 11

Slide 11 text

Slide 12

Slide 12 text

© 2021, Amazon Web Services, Inc. or its Affiliates. All rights reserved. 2014 Introducing AWS Lambda 2015 Available in Asia Pacific (Tokyo) 5 Minute Functions 2016 Access Resources within a VPC 2018 up to 15 minutes custom runtimes 2019 Provisioned Concurrency 2020 supports EFS supports container images 2021 Lambda Extensions supports Graviton2 history of

Slide 13

Slide 13 text

Slide 14

Slide 14 text

© 2021, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Shared responsibility model for AWS Lambda AWS Customer Customer Function Code and Libraries Resource Configuration Identity & Access Management Compute Execution Environment Runtime Language Networking Infrastructure Server Software Hardware Regions Availability Zones EC2 Hardware

Slide 15

Slide 15 text

© 2021, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Shared responsibility model for AWS Lambda AWS Customer Resource Configuration Identity & Access Management Compute Execution Environment Runtime Language Networking Infrastructure Server Software Hardware Regions Availability Zones EC2 Hardware Customer Function Code and Libraries AWS Lambda enables customers for agility without compromising on scale or reliability.

Slide 16

Slide 16 text

© 2021, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Runtime Language Customer Function Code and Libraries Shared responsibility model for AWS Lambda AWS Customer Resource Configuration Identity & Access Management Compute Execution Environment Server Software Hardware Regions Availability Zones EC2 Hardware With VPC, customers can choose at least 2 subnets for Lambda to run functions in high availability mode. Networking Infrastructure

Slide 17

Slide 17 text

© 2021, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Customer Function Code and Libraries Shared responsibility model for AWS Lambda AWS Customer Resource Configuration Identity & Access Management Compute Execution Environment Networking Infrastructure Server Software Hardware Regions Availability Zones EC2 Hardware Runtime Language With custom runtimes, customers have to manage runtime security patches.

Slide 18

Slide 18 text

© 2021, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Networking Infrastructure Runtime Language Customer Function Code and Libraries Shared responsibility model for AWS Lambda AWS Customer Resource Configuration Identity & Access Management Compute Server Software Hardware Regions Availability Zones EC2 Hardware With Lambda Extensions, Execution Environment customers have to use Extensions API to integrate into Lambda execution environment.

Slide 19

Slide 19 text

© 2021, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Networking Infrastructure Runtime Language Execution Environment Customer Function Code and Libraries Shared responsibility model for AWS Lambda AWS Customer Resource Configuration Identity & Access Management Server Software Hardware Regions Availability Zones EC2 Hardware With Provisioned Concurrency, customers can scale resources based on a specific CloudWatch metric or at a specific date and time. Compute

Slide 20

Slide 20 text

Slide 21

Slide 21 text

Slide 22

Slide 22 text

Slide 23

Slide 23 text

Slide 24

Slide 24 text

Slide 25

Slide 25 text

Slide 26

Slide 26 text

Slide 27

Slide 27 text

Slide 28

Slide 28 text

© 2021, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Why do we need to attach Lambda to VPC? We may need RDBMS to query with SQL. We may need Redis for your cache to reduce latency. We may need File System for using package software that requires file ops. We may need fixed IP address for the system firewall. We may need proprietary security software to comply with corporate regulations.

Slide 29

Slide 29 text

Slide 30

Slide 30 text

© 2021, Amazon Web Services, Inc. or its Affiliates. All rights reserved. frontend Amazon Kinesis Data Streams AWS Lambda AWS Lambda Amazon Aurora (Normalized table) User Amazon DynamoDB (Denormalized table) Command-Query Responsibility Segregation Pattern 1/2 VPC

Slide 31

Slide 31 text

© 2021, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Command-Query Responsibility Segregation Pattern 2/2 User Amazon DynamoDB Streams (Denormalized table) AWS Lambda Amazon Aurora (Normalized table) frontend VPC

Slide 32

Slide 32 text

Slide 33

Slide 33 text

© 2021, Amazon Web Services, Inc. or its Affiliates. All rights reserved. A security group acts as a virtual firewall that controls the traffic for one or more instances. AWS Identity and Access Management (IAM) provides fine-grained access control across all of AWS. With IAM, you can specify who can access which services and resources, and under which conditions. With IAM policies, you manage permissions to your workforce and systems to ensure least-privilege permissions. AWS Identity and Access Management (IAM)

Slide 34

Slide 34 text

© 2021, Amazon Web Services, Inc. or its Affiliates. All rights reserved. https://aws.amazon.com/blogs/security/zero-trust-architectures-an-aws-perspective/ Zero Trust is a conceptual model and an associated set of mechanisms that focus on providing security controls around digital assets that do not solely or fundamentally depend on traditional network controls or network perimeters.

Slide 35

Slide 35 text

Slide 36

Slide 36 text

© 2021, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Why do you want to bring unmanaged runtime? We may need faster runtime to perform better. We may need familiar runtime for developers. We may need the language to comply with corporate regulations.

Slide 37

Slide 37 text

Slide 38

Slide 38 text

© 2021, Amazon Web Services, Inc. or its Affiliates. All rights reserved. https://martinfowler.com/bliki/PolyglotPersistence.html If you think in the context of Microservices, Your Lambda can be polyglot.

Slide 39

Slide 39 text

Slide 40

Slide 40 text

© 2021, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Why do you provision concurrency? We may need faster scale to perform better. We may need to avoid coldstart for UX. We may need to provide synchronous system.

Slide 41

Slide 41 text

Slide 42

Slide 42 text

© 2021, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Microservices Microservices Microservices DB DB DB Queue REST REST Stream Browser Mobile REST REST Amazon API Gateway Cache css, js, html, image Static Contents CDN Cache WAF WAF Object Storage WebSocket Server push Use CDN, Server push, cache, rate limit, etc.

Slide 43

Slide 43 text

© 2021, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Can be asynchronous? Can be asynchronous? Can be asynchronous? Decision tree asynchronous asynchronous asynchronous synchronous (Ask yourself at least three times in your heart.)

Slide 44

Slide 44 text

Slide 45

Slide 45 text

© 2021, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Why do you need file system? We may need familiar access method to files. We may need to use proprietary software that requires file system. We may need to control cooperation between systems via files.

Slide 46

Slide 46 text

Slide 47

Slide 47 text

© 2021, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Event Driven 1. Upload files to Amazon S3 bucket 2. Asynchronous execution of Lambda functions 1. Event payload • Bucket name • Object key 3. Image analysis using Amazon Rekognition 4. Save the result of image analysis 1 2 Amazon Rekognition Amazon DynamoDB 3 4 file Upload Event Amazon S3 Lambda Function Image analysis, Data persistence

Slide 48

Slide 48 text

© 2021, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Can be event driven? Can be event driven? Can be event driven? Decision tree Object Storage Queue Stream File system (Ask yourself at least three times in your heart.)

Slide 49

Slide 49 text

Slide 50

Slide 50 text

© 2021, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Is Serverless getting Serverful? No, it is not. Just It can be used for Serverful way. Go for Serverless as possible as you can.

Slide 51

Slide 51 text

© 2021, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Key Takeaways Serverless enables customers for agility without compromising on scale or reliability. If you feel your system less agility, make your Serverless loosely coupled from others.

Slide 52

Slide 52 text

© 2021, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Get Started Today Features, Use Cases, Pricing https://aws.amazon.com/ Blogs, Videos, Training https://serverlessland.com/ Hands-on Workshops for Serverless https://aws.amazon.com/serverless-workshops/