Get Going with Serverless

Get Going with Serverless

Introduction to serverless in general and a walkthrough of a serverless application built from scratch using the Serverless Framework. A zero-to-sixty overview of the Serverless Framework that will empower you to quickly get going with deploying your own serverless applications.

E40e0d06ed05f17385dee72a56cfda48?s=128

Rupak Ganguly

October 24, 2017
Tweet

Transcript

  1. 5.

    Get Going with Serverless a walkthrough building serverless apps using

    the Serverless Framework • Introduction to serverless computing • What is the Serverless Framework? • Setting up the Serverless Framework • Deploying your first app with Lambda & API Gateway • Anatomy of a Serverless App We will look at:
  2. 10.

    zero administration • no servers to maintain • no OS

    upgrades, no patches • renewed role of devops teams • paradigm shift, no ssh • no control over infrastructure
  3. 11.

    pay-per-execution • no paying for idle • upfront cost savings

    • micro-billing, per 100 ms * • 1 million requests free tier * • $0.20 per million requests post free tier * * AWS Lambda pricing
  4. 12.

    microservices • promotes single responsibility principle based services • no

    more death stars, monolithic apps • varied language support • small, autonomous, polygot teams • agility, quick & frequent deployments
  5. 13.

    ecosystem • use provider services • use of third-party services

    • S3, Kinesis, SNS, SQS • DynamoDB, Firebase, GraphQL • Cognito, Auth0, Synk, PureSec • CloudWatch, X-Ray, IOPipe
  6. 14.

    auto-scaling • auto scaling Lambda • auto scaling DynamoDB •

    based on load, throughput consumption • no need for auto-scaling group policies • enables high-availability
  7. 15.

    event-driven • trigger & respond to events • http events

    (API Gateway) • webhook events • scheduled events • rich ecosystem of event sources
  8. 17.

    security • Scrutinize and research before attaching new input/event sources

    • Keep the functions’ permissions least privileged and maintain a least privileged build system • Amount of code that can access sensitive data be reduced, exceptions are handled and input is validated • Avoid embedding secrets and access keys in code • Do not store access keys or credentials in source code repositories • Throttle and define quotas on the amount of requests that go through • Keep data encrypted that is stored at rest • Scrutinize and keep tab on third party API services for vulnerabilities • Scan third party libraries for potential vulnerabilities and try to keep them up-to-date • Carefully examine granting permissions that allow creation, modification or removal of the resources guidelines & recommendations
  9. 18.

    serverless use cases • real-time/streaming, batch processing: kinesis -> lambda

    • REST APIs, Graph APIs: lambda -> API Gateway endpoint • event-driven workflows, scheduled tasks, data transforms • web, mobile & IoT backends • form processing • authentication • devops automation • chatbots • file manipulation • voice apps (Alexa) • ETL workloads • image resizing • video transcoding • security audits • dynamic websites • web hook listeners • CRON jobs • CI/CD pipelines • log analytics what are others building
  10. 19.

    serverless challenges • cold start latency, more with VPC •

    price at high volumes • developer experience • limitations • fear of vendor lock-in • application lifecycle management • metrics and monitoring • service discovery • team collaboration • standardization it’s not all rosy
  11. 21.

    the serverless framework • open-source cli, written in nodejs, used

    by many • provider agnostic, abstraction layer • serverless.yml: configuration file, maps handlers to functions to events • provider, functions, events, code and resource mgmt. • plugin system to extend and hook into life-cycle events the easiest way to serverless
  12. 23.

    easy workflow using the serverless framework write functions code package

    & deploy cloud provider of choice via serverless framework (cli)
  13. 26.

    installing $ npm install -g serverless installs the serverless framework

    package globally the serverless framework * NodeJS 6.10 or later needs to be installed $ serverless version $ serverless (displays the help screen with list of commands)
  14. 27.

    configuring $ serverless config credentials -p aws -k <your- aws-key>

    -s <your-aws-secret> where, -p, specifies ‘aws’ as the provider -k, specifies the AWS access key -s, specifies the AWS secret provider credentials
  15. 29.

    creating $ serverless create --template hello-world --path atl-hello—sls Serverless: Generating

    boilerplate... Serverless: Generating boilerplate in "/Users/rupakg/projects/usergroups/atl-hello-sls" _______ __ | _ .-----.----.--.--.-----.----| .-----.-----.-----. | |___| -__| _| | | -__| _| | -__|__ --|__ --| |____ |_____|__| \___/|_____|__| |__|_____|_____|_____| | | | The Serverless Application Framework | | serverless.com, v1.23.0 -------' Serverless: Successfully generated boilerplate for template: "hello-world" the hello world project
  16. 30.

    deploying the hello world app Serverless: Packaging service... Serverless: Excluding

    development dependencies... Serverless: Creating Stack... Serverless: Checking Stack create progress... ..... Serverless: Stack create finished... Serverless: Uploading CloudFormation file to S3... Serverless: Uploading artifacts... Serverless: Uploading service .zip file to S3 (404 B)... Serverless: Validating template... Serverless: Updating Stack... Serverless: Checking Stack update progress... ................................. Serverless: Stack update finished... Service Information service: atl-hello-sls stage: dev region: us-east-1 stack: atl-hello-sls-dev api keys: None endpoints: GET - https://js19nmdaa0.execute-api.us-east-1.amazonaws.com/dev/hello-world functions: helloWorld: atl-hello-sls-dev-helloWorld Serverless: Publish service to Serverless Platform... Service successfully published! Your service details are available at: https://platform.serverless.com/services/rupakg/atl-hello-sls $ sls deploy
  17. 32.

    listing the project files $ cd atl-hello-sls handler.js serverless.yml where,

    handler.js, contains the code for functions serverless.yml, contains the configuration
  18. 35.

    automagic deployment behind the scenes • package code into a

    zip file • create CloudFormation template from configuration for deployment • upload zip file and CloudFormation to S3 • validate CloudFormation template • create API Gateway endpoints and resources • finish deploying app and return app url
  19. 37.

    features $ serverless --help create deploy | deploy function deploy

    list | deploy list functions info invoke | invoke local remove | rollback | rollback function logs | metrics common cli commands
  20. 38.

    workflows $ sls create # write code $ sls deploy

    # update function code $ sls deploy function $ sls info $ sls deploy list functions $ sls logs $ sls metrics common scenarios # add new functions $ sls invoke local $ sls deploy function $ sls invoke $ sls deploy list $ sls rollback $ sls logs $ sls metrics $ sls remove * sls --help, to see all available commands
  21. 39.

    resources • Serverless Framework: https://github.com/serverless/serverless • Blog: https://serverless.com/blog • Serverless

    Guide: https://github.com/serverless/guide • Plugins: https://github.com/serverless/plugins • Examples: https://github.com/serverless/examples • Companion Post: https://serverless.com/blog/anatomy-of-a-serverless-app/ @goserverless serverless.com further reading
  22. 40.