Tweet
Tweet

Slide 1

Slide 1 text

© 2021, Amazon Web Services, Inc. or its Affiliates. Dennis Kieselhorst Sr. Solutions Architect Architecture reviews for serverless applications

Slide 2

Slide 2 text

© 2021, Amazon Web Services, Inc. or its Affiliates. When you look at the systems you are building, can you answer the question: “Are you Well-Architected?”

Slide 3

Slide 3 text

© 2021, Amazon Web Services, Inc. or its Affiliates. Why does Well-Architected exist? Learn Measure Improve To drive better outcomes for customers who build and operate workloads in the cloud

Slide 4

Slide 4 text

© 2021, Amazon Web Services, Inc. or its Affiliates. What is the AWS Well-Architected Framework? Design principles Questions Pillars

Slide 5

Slide 5 text

© 2021, Amazon Web Services, Inc. or its Affiliates. Pillars of AWS Well-Architected Security Cost Optimization Operational Excellence Performance Efficiency Reliability

Slide 6

Slide 6 text

© 2021, Amazon Web Services, Inc. or its Affiliates. You are not going to judge my work! It will make you slow! Here comes the audit! It blocked my project! Not an audit!

Slide 7

Slide 7 text

© 2021, Amazon Web Services, Inc. or its Affiliates. The truth is … It is an objective, constructive conversation You will learn AWS best practices You can leverage it to make informed architectural decisions You will lower or mitigate risks You will build and deploy faster

Slide 8

Slide 8 text

© 2021, Amazon Web Services, Inc. or its Affiliates. Serverless

Slide 9

Slide 9 text

© 2021, Amazon Web Services, Inc. or its Affiliates. Serverless removes the undifferentiated heavy lifting No infrastructure provisioning, no management Automatic scaling Pay for value Highly available and secure

Slide 10

Slide 10 text

© 2021, Amazon Web Services, Inc. or its Affiliates. Serverless is there for you, at every layer Compute & access Storage Messaging & streaming

Slide 11

Slide 11 text

© 2021, Amazon Web Services, Inc. or its Affiliates. Serverless is there for you, at every layer User & identity management Delivery at the edge Analytics

Slide 12

Slide 12 text

© 2021, Amazon Web Services, Inc. or its Affiliates. Serverless is there for you, at every layer Provisioning & monitoring Development tools

Slide 13

Slide 13 text

© 2021, Amazon Web Services, Inc. or its Affiliates. Serverless Application Lens - Whitepaper Defines all areas of Serverless Applications Defines common Serverless Use Cases Defines the Best Practices in regards to the Well Architected Pillars https://d1.awsstatic.com/whitepapers/architectu re/AWS-Serverless-Applications-Lens.pdf

Slide 14

Slide 14 text

© 2021, Amazon Web Services, Inc. or its Affiliates. Well-Architected Tool https://aws.amazon.com/well-architected-tool/

Slide 15

Slide 15 text

© 2021, Amazon Web Services, Inc. or its Affiliates. Now… some best practices by pillar Security Cost Optimization Operational Excellence Performance Efficiency Reliability

Slide 16

Slide 16 text

© 2021, Amazon Web Services, Inc. or its Affiliates. Operational Excellence best practices Adopt a modern way to build applications infrastructure as code separate environments / accounts AWSTemplateFormatVersion: '2010-09-09’ Transform: AWS::Serverless-2016-10-31 Resources: GetProductsFunction: Type: AWS::Serverless::Function Properties: Handler: index.getProducts Runtime: nodejs10.x CodeUri: src/ Policies: - DynamoDBReadPolicy: TableName: !Ref ProductTable Events: GetResource: Type: Api Properties: Path: /products/{productId} Method: get ProductTable: Type: AWS::Serverless::SimpleTable Amazon CloudWatch Logs & metrics AWS X-Ray

Slide 17

Slide 17 text

© 2021, Amazon Web Services, Inc. or its Affiliates. Operational Excellence best practices Adopt a modern way to build applications infrastructure as code separate environments / accounts Amazon CloudWatch Logs & metrics AWS X-Ray

Slide 18

Slide 18 text

© 2021, Amazon Web Services, Inc. or its Affiliates. Operational Excellence best practices Observability is the way to govern the serverless application’s health • Monitor CloudWatch • Instrument X-Ray Amazon CloudWatch Logs and Metrics AWS X-Ray var AWSXRay = require(‘aws-xray-sdk-core‘); var AWS = AWSXRay.captureAWS(require(‘aws-sdk’)); S3Client = AWS.S3();

Slide 19

Slide 19 text

© 2021, Amazon Web Services, Inc. or its Affiliates. Operational Excellence best practices Observability is the way to govern the serverless application’s health • Monitor CloudWatch • Instrument X-Ray Lambda PowerTools Lambda PowerTools for Java Lambda PowerTools for Python

Slide 20

Slide 20 text

© 2021, Amazon Web Services, Inc. or its Affiliates. Security best practices Control access to your APIs and implement AppSec • Least privilege Cognito or a SAML / JWT identity provider SAM predefined IAM policies temporary credentials public or private API Gateway endpoints Amazon Cognito AWS Secrets Manager + = 💛 AWS WAF

Slide 21

Slide 21 text

© 2021, Amazon Web Services, Inc. or its Affiliates. Reliability best practices Protect your resources and build resiliency into your serverless application throttling back-off and retries RDS Proxy long-running transactions AWS Step Functions async messaging • Decouple • Amazon SQS • Amazon SNS Amazon EventBridge to route events reliably Amazon API Gateway

Slide 22

Slide 22 text

© 2021, Amazon Web Services, Inc. or its Affiliates. Performance Effiency best practices Optimize your serverless application performance services scaling behavior • Optimize application code. Yes! Do it again! on-demand capacity caching services integrations Lambda provisioned concurrency Lambda Power Tuning to tune power

Slide 23

Slide 23 text

© 2021, Amazon Web Services, Inc. or its Affiliates. Wait, what’s Lambda Power Tuning? Visualize and fine-tune the memory / power configuration of Lambda functions CleanUpOnError Lambda Power Tuning

Slide 24

Slide 24 text

© 2021, Amazon Web Services, Inc. or its Affiliates. Cost Optimization best practices Design your application to maximize value • Reduce your Lambda functions code asynchronous design patterns Embedded Metric Format for CloudWatch log-retention policies Lambda Power Tuning

Slide 25

Slide 25 text

© 2021, Amazon Web Services, Inc. or its Affiliates. Some things to remember Make your functions single purpose, concise, short Code is debt; write fewer functions Understand and take advantage of the serverless concurrency model Share nothing; assume no hardware affinity Orchestrate with state machines, not application logic Use events to trigger transactions Leverage managed services when designing for failures and duplicates

Slide 26

Slide 26 text

© 2021, Amazon Web Services, Inc. or its Affiliates. Review Process Identify a significant workload Prepare for review Review architecture Review results and improvement plan Create a plan to fix high risk issues

Slide 27

Slide 27 text

© 2021, Amazon Web Services, Inc. or its Affiliates. Q&A

Slide 28

Slide 28 text

© 2021, Amazon Web Services, Inc. or its Affiliates. Well-Architected Resources Whitepapers https://aws.amazon.com/well-architected/ • PDF and Kindle available • Framework • Per pillar (operational excellence, reliability, security, performance efficiency, cost optimization) • Lenses (Serverless, HPC, IoT, Machine Learning, Analytics, …) Training https://www.aws.training/Details/Curriculum?id=42037 • Framework • Pillars • Review Process • Tool

Slide 29

Slide 29 text

© 2021, Amazon Web Services, Inc. or its Affiliates. Thank you! Dennis Kieselhorst, Sr. Solutions Architect dkieselh@amazon.de