AWS Lambda 내부동작 파헤치기

Transcript

1. AWS Lambda ղࠗ ز੘ ౵೻஖ӝ ߊ಴੗ : ӣక਋

2. ߊ಴੗ ࣗѐ • AWS Solutions Architect (Classmethod, Inc) • 2020

   APN AWS Top Engineers (by AWS Japan) • 12x AWS Certified Engineer • જইೞח AWS ࢲ࠺झ : AWS AppSync / AWS Amplify / AWS Lambda https://dev.classmethod.jp/author/kim-taewoo/ ೠҴয & ੌࠄয ӝࣿ࠶۽Ӓ

3. ࠄ ࣁ࣌ীࢲ ੉ঠӝ ೡ ղਊ • ݒפ૑٘ ۨ߰ীࢲ ࠄ AWS

   Lambda • ௏٘ ۨ߰ীࢲ ࠄ AWS Lambda • ੋ೐ۄ ۨ߰ীࢲ ࠄ AWS Lambda • ߊ಴ղਊ ੿ܻ

4. ݒפ૑٘ ۨ߰ ীࢲ ࠄ AWS Lambda

5. AWS Lambda Managed Console

6. None
7. None
8. None

9. AWS Lambda Managed Console • ੉ ߆ীب Custom Runtime, Lambda

   Layer, Event Destinations ١ ݆ ਷ ӝמٜ੉ ੓਺. • ୭Ӕীח Lambda Extensions ө૑ ١੢! • Ӕؘ….. • ॶ ࣻ ੓ח ӝמ਷ ݆਷ؘ, ޥ૑ ݽܰѷ׮!!! ઁ؀۽ ঌҊ ॳҊ र׮!!!! • Ӓ۠ ٜ࠙ਸ ਤೠ ࣁ࣌ੑפ׮ :)

10. AWS Lambda Managed Console • ੉ ߆ীب Custom Runtime, Lambda

    Layer, Event Destinations ١ ݆ ਷ ӝמٜ੉ ੓਺. • ୭Ӕীח Lambda Extensions ө૑ ١੢! • Ӕؘ….. • ॶ ࣻ ੓ח ӝמ਷ ݆਷ؘ, ޥ૑ ݽܰѷ׮!!! ઁ؀۽ ঌҊ ॳҊ र׮!!!! • Ӓ۠ ٜ࠙ਸ ਤೠ ࣁ࣌ੑפ׮ :) ֎ ݏणפ׮ƃƃ য়ט਷ ݒפ૑٘ ۨ߰ীࢲ੄ Lambda ࠁ׮ח, Lambda ੄ ղࠗ ز੘ী ખ ؊ ୡ੼ਸ ݏ୾ ੉ঠӝೞ۰Ҋ ೤פ׮! ݒפ૑٘ ۨ߰ীࢲ੄ ૕ޙ਷ ࣁ࣌ղਊҗ ߹ѐ۽ ૕ޙ ೞ࣊ب જणפ׮ :)

11. ௏٘ ۨ߰ ীࢲ ࠄ AWS Lambda

12. AWS Lambda ೩ٜ۞ ೣࣻ

13. AWS Lambda ೩ٜ۞ ೣࣻ event ৬ context ী ؀೧ ೠߣତ

    ઁ؀۽ ҕࠗ೧ نद׮!

14. AWS Lambda - event • AWS Lambda о Invoke ؼ

    ٸ ׮ܲ ࢲ࠺झীࢲ ੉߮౟ (഑਷ ؘ੉ఠ) ܳ ੹׳߉ח׮. • ੉ ٸ, যڃ ࢲ࠺झ۽ࠗఠ Invoke غ঻ח૑ী ٮۄ event ੄ ҳઑо ׳ۄ૓ ׮! • event ח ԙ JSON ഋకо ইפ؊ۄب list, string, number ١੄ ੌ߈੸ੋ ఋੑٜ੉ۄب ҡଳ׮!

15. AWS Lambda - event

16. AWS Lambda - event

17. AWS Lambda - event • ࢎप, event ё୓੄ “੉ܴ” ਵ۽

    ੋ೧ Invoke ߑधী ؀೧ ഒز੉ ৢ ࣻ ੓׮. • Invoke ߑधীח ௼ѱ 2о૑ ߑध ( Event / RequestResponse ) ਵ۽ ա׍. • RequestResponse ߑध੄ ؀಴੸ੋ ৘ : API Gateway -> Lambda • RequestResponse ߑधਵ۽ invoke غ؊ۄب ؘ੉ఠח event ё୓ܳ ా೧ Lambda ೣࣻী ੹׳ؽ • ૕ޙ!! 
 Lambda о Event ߑधਵ۽ ഐ୹ػ ҃਋, प೯ Ѿҗ۽ ߈ജغח ؘ੉ఠо ੓ਵݶ ੉ ؘ ੉ఠח যڌѱ Invoke ܳ ਃ୒ೠ ௿ۄ੉঱౟ীѱ ׮द ੹׳ؼө?

18. AWS Lambda - context • AWS Lambda ੄ Runtime ੿ࠁܳ

    ೩ٜ۞ীѱ ઁҕೞӝ ਤ೧ ࢎਊ.
 
 
 
 
 
 
 
 
 


19. AWS Lambda - context • ۽Ӧ ١੄ ਊب۽ ࢎਊೡ ࣻ

    ੓ח ݫఋؘ੉ఠо ਖ਼ڱ ઁҕػ׮.
 (function_name / function_version / invoked_function_arn / memory_limit_in_mb / aws_request_id / log_group_name ١) • য়ۖزউ प೯غח AWS Lambda ೣࣻ੄ ҃਋, context ੄ get_remaining_time_in_millis() о ॶݽо ੓ਸ૑ب..?!

20. ੉۠Ѣ ঌইࢲ য٣׮ ॄݡযਃ? • п ࢲ࠺झٜ੉ ߊࢤदఃח Event ఋੑਸ

    ޷ܻ ੿੄೧فҊ, ਬ׫పझ౟ী ഝਊ ೞѢա ੉߮౟ ఋੑী ٮܲ ࠙ӝ୊ܻ, ഑਷ ؊ աইоࢲ AWS Lambda ܳ ؊ ਌ ੜ ഝਊೡ ࣻ ੓ח ա݅੄ ۄ੉࠳۞ܻ/೐ۨ੐ਕ௼ܳ ݅٘ח ؘীب ഝਊೡ ࣻ ੓׮! • ۽Ӧ ߂ X-Ray ١ਸ ాೠ ࠙࢑ ౟ۨ੉यਸ ਤ೧ࢲ যڃ ݫఋؘ੉ఠܳ թӝݶ જਸ૑, ژח ੷੢ػ ۽Ӓ ӝ۾ਸ যڌѱ Ѩ࢝ೞݶ જਸ૑ী ؀ೠ ൦౟ܳ ঳ਸ ࣻ ੓׮! • ޖ঺੉ٚ૑ ਋ࢶ਷ ੜ ঌҊ ੓যঠ ੸੺ೡ ٸী ੸੺൤ ഝਊೡ ࣻ ੓ח ߨ!

21. Ӓېࢲ ੷חਃ… (Ӓ੷ ࠄੋ ೐۽ં౟ ഘࠁ੉޲۽ ઱੄!!) • AWS AppSync

    ীࢲ ؘ੉ఠࣗझ۽ AWS Lambda ܳ ࢸ੿೮ਸٸ ߊࢤೞח event ҳઑܳ ౵ঈ೧ࢲ, औҊ ബҗ੸ਵ۽ GraphQL API ܳ ѐߊೡ ࣻ ੓ח ࢲߡܻ झ GraphQL ೐ۨ੐ਕ௼ • ই૒ шդইӝ ࣻળ • ഑द ҙब੓ਵन ٜ࠙਷ ೠߣ ॄࠁदҊ ೖ ٘ߔ ࠗఌ٘݀פ׮ :)

22. Ӓ ߆ীب… ## Global Scope • ೩ٜ۞ ೣࣻ ߄Ӵ੄ ৔৉਷

    ௒٘ झఋ౟द (init) ী݅ प ೯غח ࠗ࠙. • ೣࣻ ઙܐറীب Worker ֢٘о ઙܐغ૑ ঋח ੉ ࢚, ݫݽܻী թই੓਺. • ୡӝച(Initialization) ী ҙೠ కझ௼ܳ ੉ ৔৉ী ߓ஖ ೧ࢲ ੸੺൤ ഝਊೞݶ AWS Lambda ੄ ಌನݢझ ೱ ࢚ী ب਑੉ ؽ. • BUT, ൔ൤ ഝਊೞח RDB ழ֏࣌ী ഝਊೞח ҃਋ ױ੼ب ੓ਵפ ઱੄!

23. ੋ೐ۄ ۨ߰ ীࢲ ࠄ AWS Lambda

24. AWS Lambda Invoke • AWS Lambda ܳ ࢎਊೞݶ ੋ೐ۄ ѣ੿হ੉

    ࠺ૉפझ ۽૒ਸ ҳഅೞחؘ ૘઺ೡ ࣻ ੓যࢲ ࢤ࢑ࢿ੉ ֫ই૑Ҋ, উ੿੸ੋ ࢲ࠺झ ਍৔ਸ ೡ ࣻ ੓׮! • Ӕؘ, ੉ѱ যڌѱ оמೠѢ૑?! • AWS Lambda ೣࣻо Invoke غݶ, AWS ղࠗ੸ਵ۽ যڃ ੌ੉ ੌযաח Ѣ૑?!

25. AWS Lambda Invoke • ҾӘೞݶ ੌױ AWS ب௸ݢ౟ܳ!! https://docs.aws.amazon.com/lambda/latest/dg/API_Invoke.html

26. AWS Lambda Invoke • InvocationType ਷ ࣁо૑۽ ա׍ (Invoke द

    যڃ ߑधਵ۽ प೯ೡ૑ Ѿ ੿ оמ) • Event | RequestResponse | DryRun • Event ח Asynchronous ߑध, RequestResponse ח Synchronous ߑ ध, DryRun ਷ ౵ۄ޷ఠ ߂ ӂೠਸ Ѩࢎ೧ࢲ प೯ оמೠ૑ী ؀ೠ ୓௼݅ ਸ ࣻ೯ • ৈӝࢲ ԝԝ൤ ࠊঠೡ ղਊ! (ّ੢ীࢲ ҅ࣘ)

27. AWS Lambda Invoke Invocation Type ੉ Event ੉ݶ Lambda ೣࣻо

    ࢿҕ೮ח૑ ৈࠗܳ ঌ ࣻ হ׮!

28. AWS Lambda Invoke

29. AWS Lambda Invoke • For asynchronous invocation, Lambda adds events

    to a queue before sending them to your function. If your function does not have enough capacity to keep up with the queue, events may be lost. Occasionally, your function may receive the same event multiple times, even if no error occurs. To retain events that were not processed, configure your function with a dead-letter queue.

30. AWS Lambda Invoke • For asynchronous invocation, Lambda adds events

    to a queue before sending them to your function. If your function does not have enough capacity to keep up with the queue, events may be lost. Occasionally, your function may receive the same event multiple times, even if no error occurs. To retain events that were not processed, configure your function with a dead-letter queue. ٍীࢲ ࢸݺೞѷ૑݅, ੉Ѥ SQS

31. AWS Lambda Invoke • For asynchronous invocation, Lambda adds events

    to a queue before sending them to your function. If your function does not have enough capacity to keep up with the queue, events may be lost. Occasionally, your function may receive the same event multiple times, even if no error occurs. To retain events that were not processed, configure your function with a dead-letter queue. ٮۄࢲ, ߈٘द ࣻ೯غযঠೞח కझ௼ח ߹ب੄ Ҋёࣗਬ SQS ܳ ా೧ Invoke दெঠೣ

32. AWS Lambda Invoke • For asynchronous invocation, Lambda adds events

    to a queue before sending them to your function. If your function does not have enough capacity to keep up with the queue, events may be lost. Occasionally, your function may receive the same event multiple times, even if no error occurs. To retain events that were not processed, configure your function with a dead-letter queue. Event-Driven ߑधਵ۽ ز੘ೞח Lambda ೣࣻۄݶ ߈٘द Idempotency (ݵ١ࢿ) ܳ Ҋ۰ೞৈ ੘ࢿغযঠೠ׮

33. AWS Lambda Invoke • For asynchronous invocation, Lambda adds events

    to a queue before sending them to your function. If your function does not have enough capacity to keep up with the queue, events may be lost. Occasionally, your function may receive the same event multiple times, even if no error occurs. To retain events that were not processed, configure your function with a dead-letter queue. Asynchronous ߑधਵ۽ ഐ୹ػ Lambda ೣࣻо पಁೞח ҃ ਋, Dead Letter Queue ܳ ా೧ पಁ ঌܿਸ ߉ਸ ࣻ ੓׮

34. AWS Lambda Security Whitepaper • Event ߑधਵ۽ ഐ୹غח ҃਋
 :

    Amazon S3, Amazon SNS, EventBridge (CloudWatch Events) ١ • RequestResponse ߑधਵ۽ ഐ୹غח ҃਋
 : Amazon Kinesis, DynamoDB Streams, SQS, ALB, API Gateway

35. Invocation Type ী ٮܲ AWS Lambda ౟۞࠶ग౴ • ੉۠ Ѫٜਸ

    ঌݶ غݶ, ইې੄ ࢚ടীࢲ ޖ঺ਸ ഛੋ೧ঠೡ ૑ ౸ױೡ ࣻ ੓ Ҋ, झझ۽ ౟۞࠶ग౴ਸ ೡ ࣻ ੓ѱػ׮. • दաܻয়1) ؀۝੄ ؘ੉ఠܳ SQS ী ֍Ҋ Lambda ܳ Invoke दఃח दա ܻয়ীࢲ Lambda о पಁ೮׮. ؘ੉ఠח য٣۽ тө? Lambda ೣࣻח ӝ׮ܻҊ ੓ਵݶ ׮द ژ प೯ؼө? • दաܻয়2) ؀۝੄ ౵ੌਸ S3 ী স۽٘೧ࢲ Lambda ܳ Invoke दఃח द աܻয়ীࢲ Lambda о पಁ೮׮. ੉߮౟ח য٣۽ тө? Lambda ೣࣻח ӝ׮ܻҊ ੓ਵݶ ׮द ژ प೯ؼө?

36. Invocation Type ੉ Event ੌ ٸ ઱੄੼! • Invocation Type

    ੉ Event ੋ ҃਋, Invoke ੄ Ѿҗо HTTP STATUS 2XX о ߈ജؽ. • ૊, पઁ Lambda ੄ प೯Ѿҗ৬ ҙ۲হ੉ Invoke ೡ ੉߮౟ܳ ੜ ੹׳೮׮ ח ੄޷۽ 2XX ܳ ߈ജೞ৓ਵ޲۽ पઁ Lambda ௏٘о ੜ ز੘೮ח૑ ഛ ੋೡ ࣻ ੓ח ߑߨ੉ হ਺. • ੉۠ ҃਋ী ೙ਃೠ Ѫ੉ AWS Lambda ੄ Dead Letter Queue

37. AWS Lambda ইఃఫ୛৬ ҙ۲ػ ࣁ࣌ • AWS re:Invent 2018: [REPEAT

    1] A Serverless Journey: AWS Lambda Under the Hood (SRV409-R1) Synchronous Invocation ੄ ز੘ী ؀ೠ Өࣼೠ ࢸݺਸ ೧઱ח ࣁ࣌!

38. AWS Lambda ইఃఫ୛৬ ҙ۲ػ ࣁ࣌ • AWS re:Invent 2019: [REPEAT

    1] A serverless journey: AWS Lambda under the hood (SVS405-R1) Asynchronous Invocation ੄ ز੘ী ؀ೠ Өࣼೠ ࢸݺਸ ೧઱ח ࣁ࣌!

39. AWS Lambda ইఃఫ୛৬ ҙ۲ػ ࣁ࣌ • AWS Lambda ղࠗ ز੘

    ߑध ߂ ഝਊ ߑߨ ੗ࣁ൤ ࢓ಝࠁӝ- ӣੌഐ ࣛܖ࣌ૉ ইఃఫ౟ ݒפ੷(AWS) AWS Summit Seoul 2019 ীࢲ ӣੌഐ SA ש੄ Synchronous Invocation ী ؀ೠ ೠҴয ࣁ࣌

40. AWS Lambda Under The Hood AWS re:Invent 2019: [REPEAT 1]

    A serverless journey: AWS Lambda under the hood (SVS405-R1)

41. AWS Lambda Under The Hood • ۽٘ߖ۠य (Load Balancing) •

    झாੌ স & ׮਍ (Scaling Up and Down) • पಁ ׮ܖӝ (Handling Failures) • ৘ஏоמೠ ծ਷ ۨ੉ఢद (Predictable Low Latency) • द௸ܻ౭ܳ ਤೠ ജ҃ Ҋ݀ (Security Isolation) • ࢎਊܫ ҙܻ (Managing Utilization) • … (and many other things)

42. Synchronous Invoke AWS re:Invent 2019: [REPEAT 1] A serverless journey:

    AWS Lambda under the hood (SVS405-R1)

43. Synchronous Invoke • Front End Invoke - Orchestrate both synchronous

    and asynchronous Invokes • Counting Service - Provides a region wide view of customer concurrency to help enforce set limits • Worker Manger - Tracks container idle and busy state and schedules incoming invoke requests to available containers • Worker - Provisions a secure environment for customer code execution • Placement Service - Places sandboxes on workers to maximize packing density without impacting customer experience or cold-path latency

44. Synchronous Invoke AWS re:Invent 2018: [REPEAT 1] A Serverless Journey:

    AWS Lambda Under the Hood (SRV409-R1)

45. Synchronous Invoke AWS re:Invent 2018: [REPEAT 1] A Serverless Journey:

    AWS Lambda Under the Hood (SRV409-R1) Worker ਤী Firecracker о प೯ؽ = पઁ۽ ௏٘о ز੘ೞח ജ҃

46. Asynchronous Invoke AWS re:Invent 2019: [REPEAT 1] A serverless journey:

    AWS Lambda under the hood (SVS405-R1)

47. Asynchronous Invoke • Poller - Consumes events and ensures they

    are processed • State Manager/Stream Tracker - Handles scaling by managing Pollers and event or stream source resources • Leasing Service - Assigns Pollers to work on a specific event or streaming source

48. Asynchronous Invoke AWS re:Invent 2019: [REPEAT 1] A serverless journey:

    AWS Lambda under the hood (SVS405-R1)

49. Firecracker • AWS Lambda ੄ ղࠗ ਃࣗীࢲ Worker ח ਗې

    EC2 ੋझఢझ৓਺ • EC2 ੋझఢझח ੉޷ ߧਊ੸ੋ ݾ੸ਵ۽ о࢚ചغ঻Ҋ, ੉ٸޙী AWS Lambda ੄ ಌನݢझ ബਯࢿਸ ੷೧ೠ׮Ҋ ౸ױ • 2017֙ࠗఠ Firecracker ۄח ࢲߡܻझ ਕ௼۽٘ী ୭੸ചػ ୡ҃۝ചػ о࢚ ചӝࣿਸ AWS о ѐߊೞӝ द੘. • crosvm ࠳ے஖ীࢲ द੘೧ࢲ, PCI ա BIOS ৬ э੉ ࢲߡܻझ ਕ௼۽٘ܳ ҳഅ ೞחؘ ೙ਃহח ӝמٜਸ ल ઁѢ. • Ѿҗ੸ਵ۽ QEMU ௏٘ ۄੋࣻࠁ׮ 96% ੸਷ ۄੋࣻ۽ ҳഅؽ.

50. AWS Whitepaper - Security Overview of AWS Lambda

51. Firecracker • AWS Lambda ੄ प೯ജ҃ (execution environments) ਷ 2015֙ࠗఠ

    EC2 ੋझఢझ ਤীࢲ MicroVM ਸ ৢ۰֬Ҋ प೯दఃח ߑध੉঻਺ • ૊, AWS Lambda ࣗਬ੄ EC2 ੋझఢझ ਤী MicroVM ਸ ৢܻҊ, Ӓ ਤী ࠂࣻѐ੄ AWS Lambda प೯ജ҃ਸ ࣁ౴ೞח ߑध • ೞա੄ EC2 ੋझఢझ ਤী ࠂࣻѐ੄ MicroVM ਸ ৢܻҊ, п MicroVM ਤী ࠂࣻѐ੄ प೯ജ҃ਸ ࣁ౴ - MicroVM ਷ ׮ܲ Ҋёٜҗ ҕਬغ૑ ঋ਺ • അ੤ח Firecracker ӝ߈ਵ۽, EC2 Bare Metal Instance ਤী KVM ߂ Firecracker ܳ ৢܻҊ, Firecracker ਤী MicroVM ਸ ৢ۰فҊ AWS Lambda प೯ജ҃ਸ ࣁ౴ • ૊, Bare Metal ਤী ഐझ౟OS ߂ KVM ਸ ৢܻҊ, ੉ ਤী ࠂࣻѐ੄ Firecracker ܳ ڸ਍׮. • ೞա੄ Firecracker ೐۽ࣁझח ׮ܲ Ҋёٜҗ ҕਬغ૑ ঋ਺

52. ߊ಴ղਊ ੿ܻ

53. ߊ಴ղਊ ੿ܻ • AWS Lambda ੄ Invocation Type ਷ ௼ѱ

    2о૑ (DryRun ઁ৻) • যڃ Invocation Type ਵ۽ Invoke ೞջী ٮۄࢲ ࢤп೧ঠೞח ನੋ౟о ׳ۄ૓׮. • Lambda ೩ٜ۞੄ ౵ۄ޷ఠ۽ ઱য૑ח event ৬ context ী ؀ೠ ޙࢲח ೠߣତ਷ ੿ة೧ف੗. • ૒੽ AWS Lambda ೣࣻܳ ஶ౟܀ ೡ ࣻ ੓ח Ѫٜਸ և൤Ҋ र׮ݶ, SQS ١ਸ ా ೧ RequestResponse ߑध੄ Invoke ܳ ځৢܻ੗. • AWS re:Invent, AWS Summit, AWS Whitepaper ١੄ ন૕੄ ஶబஎܳ ੸ӓ੸ਵ ۽ ࣗ࠺ೞ੗.

54. Q & A THANKS FOR JOINING !