New Serverless World Cloud Native AppsMELANIA ANDRISAN

SOLUTION ARCHITECT AT HAUFE-GROUP

Serverless

You “play” with functions, You build a function, deploy it as a single unit

and the ”Cloud” takes care of everything else. That functions can handle events, save data in your storage or return the data from that storage.

Function

Event FasS User

… To Cloud Native AppsMonolith – Microservices – Serverless

From Servers to Serverless

Cloud providers offers

Serverless Framework & Amazon SAM

Challenges◦ Authorization

◦ Orchestration

◦ Security

◦ Logging and Monitoring

◦ SQL and NoSQL

Monolith

Source: http://www.goodtoknow.co.uk/family/baby-names

Microservice

Source: http://www.roypetitfils.com/understanding-normal-vs-abnormal-teenager-behavior/

Serverless

Source: http://www.glamour.com/story/how-to-be-a-great-manager

From Monolith to Serverless

You take care of everything

Checking if everything is ok

Handle all the overload

Hard to change and with a lot of effort

Deploy once run forever

MonolithIs self aware

You manage containers

Easy to change and maintain and scale

Needs orchestration

You need to take care of aggregation…

Deploy once run forever

MicroservicesIs independent

You take care of your stuff he takes care of his

Less Control comes with Less Responsibility

Easier to interact with

Deploy once run a couple of minutes

Serverless

Why Serverless?BECAUSE IN OUR DAYS REQUIREMENTS ARE CHANGING EVERY DAY AND WITH SO FINE GRANULARITY YOU HAVE THE FLEXIBIL ITY TO SUPPORT THIS FLOW OF REQUIREMENT WITHOUT A LOT OF INVESTMENT.

ServerlessKeeping micro-services stateless and immutable

Focus more on product then infrastructure

Less Control

Less Responsibility

Increased Automation

Continuous scaling

No pay for idle

3-tier Architecture

Web Site

API GatewayFunctions

Cloud LogicData Storage

Web Site Storage

Browser

Use… as Cloud Logic Layer

Google Cloud Functions

AWS Lambda Functions

Azure Cloud Functions

IBM OpenWhisk

Amazon Serverless Offer…

S3

API Gateway AWS Lambda Functions

Browser

DynamoDB

Costs…[1] COGNITO IS FREE FOR < 50K MAUS AND $0.00550/MAU ONWARDS.[2] LAMBDA IS FREE FOR < 1M REQUESTS AND 400000GB -SECS OF COMPUT E.[3] DYNAMODB GIVES 25GB OF FREE STORAGE.[4] S3 GIVES 1GB OF FREE TRANSFER.

Service Rate Cost

Cognito Free[1] $0.00

API Gateway $3.5/M reqs + $0.09/GB transfer $2.20

Lambda Free[2] $0.00

DynamoDB$0.0065/hr 10 write units, $0.0065/hr 50 read units[3] $2.80

S3$0.023/GB storage, $0.005/K PUT, $0.004/10K GET, $0.0025/M objects[4]

$0.24

CloudFront (CDN)$0.085/GB transfer + $0.01/10K reqs

$0.86

Route53 (DNS)$0.50 per hosted zone + $0.40/M queries

$0.50

Certificate Manager Free $0.00

Total $6.10

*1000 daily active users making 20 requests per day to our API and storing around 10MB of files on S3. 6.10$ Per Month.

Source: http://serverless-stack.com/chapters/why-create-serverless-apps.html

Microsoft Serverless Offer…

Browser

Azure Cloud Functions

Azure CDN

API Management Cosmos DB

Azure Blob Storage

Google Serverless Offer…

Browser

Google Cloud Functions

Cloud CDN Cloud Storage

Cloud Endpoints Google Cloud BigTable

Let’s put them all together…

Cloud Formation

Azure Resource Manager Template and Azure Function project

Google Deployment Manager

SAM(AWS Serverless Application Model)

How they work on AWS

JSON/YML

Template

Predefined scripts

Cloud Formation

API Gateway

Lambda Functions

Dynamo DB

Source Code

ChallengesDEV, AUTHENTICATION, SECURITY, LOGGING AND MONITORING, SQL AND NOSQL

DevelopmentYOU CAN DEVELOP LOCALLY USING SERVERLESS-OFFLINE AND DYNAMODB OFFLINE

Be a service CustomerDESIGN FOR FAILURE

PLAN TO BE THROTTLED

PLAN TO RETRY (429)

CACHE WHEN APPROPRIATE

https://www.youtube.com/watch?v=oRIYtOsAlzk

You can be a Service ProviderPUBLISH STANDARD METRICS

IMPLEMENTATION DETAILS ARE PRIVATE

MAKE BACKWARDS COMPATIBIL ITY

Cold Start …… AND STEP FUNCTIONS

Step Functions

Authentication & AuthorizationCOGNITO & IDENTITY AND ACCESS MANAGEMENT

SecuritySECURITY AT DIFFERENT LEVELS

SecurityFirewalls ( network firewalls, application firewalls)

Encryption with TLS (Transport Layer Security) across all services

DDoS (Distributed Denial of Service) Mitigation

Identity and Access Control ◦ IAM(Identity and Access Management)

◦ Multi-factor authentication

Penetration Testing

…

https://d0.awsstatic.com/whitepapers/Security/DDoS_White_Paper.pdf

MonitoringBUILT IN MONITORING OR OTHERS L IKE NEW RELIC

X-RAY

DEAD LET TER QUEUE

AWS CloudTail

LoggingUSER STANDARD LOGGING IN YOU APP (DATE -TIME, MODULE, ID, [ INFO, DEBUG, ERROR])

SQL vs. NoSQLSYNCHRONIZING UPDATES

DENORMALIZED DB

THINK IN TERMS OF QUERIES NOT IN TERMS OF OBJECTS

DB TransactionsB EG I N T R A N SAC T I ON .

P U T I T E M # 1 .

…

P U T I T E M # N .

CO M M I T T R A N SAC T I ON .

https://aws.amazon.com/blogs/aws/dynamodb-transaction-library/

…>25% from Proper MicroservicesArchitectureSecurity

Monitoring and Alerting

Continuous Deployment

Network and Traffic Configuration

Service and Resource Discovery

AWS

Azure

GoogleCloud

RecapDifferent mind set

Good citizenship

Build software with grown up solutions

Build Infrastructure as code using solutions like Serverless Framework

Focus on building extraordinary products not state of the art infrastructure

Many offers, many possibilities, you can even combine then

The non-functional challenges can be overcome with services

ResourcesServerless Architecture

AWS Lambda vs. Azure Cloud Functions

Immutable Infrastructure

Azure BlobStorage vs. Amazon S3

From Monolith to Microservices

Serverless Architectural Patterns