Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Get Going with Serverless

Get Going with Serverless

Introduction to serverless in general and a walkthrough of a serverless application built from scratch using the Serverless Framework. A zero-to-sixty overview of the Serverless Framework that will empower you to quickly get going with deploying your own serverless applications.

Rupak Ganguly

October 24, 2017

More Decks by Rupak Ganguly

Other Decks in Programming


  1. Get Going with Serverless a walkthrough building serverless apps using

    the Serverless Framework • Introduction to serverless computing • What is the Serverless Framework? • Setting up the Serverless Framework • Deploying your first app with Lambda & API Gateway • Anatomy of a Serverless App We will look at:
  2. zero administration • no servers to maintain • no OS

    upgrades, no patches • renewed role of devops teams • paradigm shift, no ssh • no control over infrastructure
  3. pay-per-execution • no paying for idle • upfront cost savings

    • micro-billing, per 100 ms * • 1 million requests free tier * • $0.20 per million requests post free tier * * AWS Lambda pricing
  4. microservices • promotes single responsibility principle based services • no

    more death stars, monolithic apps • varied language support • small, autonomous, polygot teams • agility, quick & frequent deployments
  5. ecosystem • use provider services • use of third-party services

    • S3, Kinesis, SNS, SQS • DynamoDB, Firebase, GraphQL • Cognito, Auth0, Synk, PureSec • CloudWatch, X-Ray, IOPipe
  6. auto-scaling • auto scaling Lambda • auto scaling DynamoDB •

    based on load, throughput consumption • no need for auto-scaling group policies • enables high-availability
  7. event-driven • trigger & respond to events • http events

    (API Gateway) • webhook events • scheduled events • rich ecosystem of event sources
  8. security • Scrutinize and research before attaching new input/event sources

    • Keep the functions’ permissions least privileged and maintain a least privileged build system • Amount of code that can access sensitive data be reduced, exceptions are handled and input is validated • Avoid embedding secrets and access keys in code • Do not store access keys or credentials in source code repositories • Throttle and define quotas on the amount of requests that go through • Keep data encrypted that is stored at rest • Scrutinize and keep tab on third party API services for vulnerabilities • Scan third party libraries for potential vulnerabilities and try to keep them up-to-date • Carefully examine granting permissions that allow creation, modification or removal of the resources guidelines & recommendations
  9. serverless use cases • real-time/streaming, batch processing: kinesis -> lambda

    • REST APIs, Graph APIs: lambda -> API Gateway endpoint • event-driven workflows, scheduled tasks, data transforms • web, mobile & IoT backends • form processing • authentication • devops automation • chatbots • file manipulation • voice apps (Alexa) • ETL workloads • image resizing • video transcoding • security audits • dynamic websites • web hook listeners • CRON jobs • CI/CD pipelines • log analytics what are others building
  10. serverless challenges • cold start latency, more with VPC •

    price at high volumes • developer experience • limitations • fear of vendor lock-in • application lifecycle management • metrics and monitoring • service discovery • team collaboration • standardization it’s not all rosy
  11. the serverless framework • open-source cli, written in nodejs, used

    by many • provider agnostic, abstraction layer • serverless.yml: configuration file, maps handlers to functions to events • provider, functions, events, code and resource mgmt. • plugin system to extend and hook into life-cycle events the easiest way to serverless
  12. easy workflow using the serverless framework write functions code package

    & deploy cloud provider of choice via serverless framework (cli)
  13. installing $ npm install -g serverless installs the serverless framework

    package globally the serverless framework * NodeJS 6.10 or later needs to be installed $ serverless version $ serverless (displays the help screen with list of commands)
  14. configuring $ serverless config credentials -p aws -k <your- aws-key>

    -s <your-aws-secret> where, -p, specifies ‘aws’ as the provider -k, specifies the AWS access key -s, specifies the AWS secret provider credentials
  15. creating $ serverless create --template hello-world --path atl-hello—sls Serverless: Generating

    boilerplate... Serverless: Generating boilerplate in "/Users/rupakg/projects/usergroups/atl-hello-sls" _______ __ | _ .-----.----.--.--.-----.----| .-----.-----.-----. | |___| -__| _| | | -__| _| | -__|__ --|__ --| |____ |_____|__| \___/|_____|__| |__|_____|_____|_____| | | | The Serverless Application Framework | | serverless.com, v1.23.0 -------' Serverless: Successfully generated boilerplate for template: "hello-world" the hello world project
  16. deploying the hello world app Serverless: Packaging service... Serverless: Excluding

    development dependencies... Serverless: Creating Stack... Serverless: Checking Stack create progress... ..... Serverless: Stack create finished... Serverless: Uploading CloudFormation file to S3... Serverless: Uploading artifacts... Serverless: Uploading service .zip file to S3 (404 B)... Serverless: Validating template... Serverless: Updating Stack... Serverless: Checking Stack update progress... ................................. Serverless: Stack update finished... Service Information service: atl-hello-sls stage: dev region: us-east-1 stack: atl-hello-sls-dev api keys: None endpoints: GET - https://js19nmdaa0.execute-api.us-east-1.amazonaws.com/dev/hello-world functions: helloWorld: atl-hello-sls-dev-helloWorld Serverless: Publish service to Serverless Platform... Service successfully published! Your service details are available at: https://platform.serverless.com/services/rupakg/atl-hello-sls $ sls deploy
  17. listing the project files $ cd atl-hello-sls handler.js serverless.yml where,

    handler.js, contains the code for functions serverless.yml, contains the configuration
  18. automagic deployment behind the scenes • package code into a

    zip file • create CloudFormation template from configuration for deployment • upload zip file and CloudFormation to S3 • validate CloudFormation template • create API Gateway endpoints and resources • finish deploying app and return app url
  19. features $ serverless --help create deploy | deploy function deploy

    list | deploy list functions info invoke | invoke local remove | rollback | rollback function logs | metrics common cli commands
  20. workflows $ sls create # write code $ sls deploy

    # update function code $ sls deploy function $ sls info $ sls deploy list functions $ sls logs $ sls metrics common scenarios # add new functions $ sls invoke local $ sls deploy function $ sls invoke $ sls deploy list $ sls rollback $ sls logs $ sls metrics $ sls remove * sls --help, to see all available commands
  21. resources • Serverless Framework: https://github.com/serverless/serverless • Blog: https://serverless.com/blog • Serverless

    Guide: https://github.com/serverless/guide • Plugins: https://github.com/serverless/plugins • Examples: https://github.com/serverless/examples • Companion Post: https://serverless.com/blog/anatomy-of-a-serverless-app/ @goserverless serverless.com further reading