New Serverless World - Cloud Native Apps
-
Upload
haufe-lexware-gmbh-co-kg -
Category
Software
-
view
230 -
download
3
Transcript of New Serverless World - Cloud Native Apps
New Serverless World Cloud Native AppsMELANIA ANDRISAN
SOLUTION ARCHITECT AT HAUFE-GROUP
Serverless
You “play” with functions, You build a function, deploy it as a single unit
and the ”Cloud” takes care of everything else. That functions can handle events, save data in your storage or return the data from that storage.
Function
Event FasS User
… To Cloud Native AppsMonolith – Microservices – Serverless
From Servers to Serverless
Cloud providers offers
Serverless Framework & Amazon SAM
Challenges◦ Authorization
◦ Orchestration
◦ Security
◦ Logging and Monitoring
◦ SQL and NoSQL
Monolith
Source: http://www.goodtoknow.co.uk/family/baby-names
Microservice
Source: http://www.roypetitfils.com/understanding-normal-vs-abnormal-teenager-behavior/
Serverless
Source: http://www.glamour.com/story/how-to-be-a-great-manager
From Monolith to Serverless
You take care of everything
Checking if everything is ok
Handle all the overload
Hard to change and with a lot of effort
Deploy once run forever
MonolithIs self aware
You manage containers
Easy to change and maintain and scale
Needs orchestration
You need to take care of aggregation…
Deploy once run forever
MicroservicesIs independent
You take care of your stuff he takes care of his
Less Control comes with Less Responsibility
Easier to interact with
Deploy once run a couple of minutes
Serverless
Why Serverless?BECAUSE IN OUR DAYS REQUIREMENTS ARE CHANGING EVERY DAY AND WITH SO FINE GRANULARITY YOU HAVE THE FLEXIBIL ITY TO SUPPORT THIS FLOW OF REQUIREMENT WITHOUT A LOT OF INVESTMENT.
ServerlessKeeping micro-services stateless and immutable
Focus more on product then infrastructure
Less Control
Less Responsibility
Increased Automation
Continuous scaling
No pay for idle
3-tier Architecture
Web Site
API GatewayFunctions
Cloud LogicData Storage
Web Site Storage
Browser
Use… as Cloud Logic Layer
Google Cloud Functions
AWS Lambda Functions
Azure Cloud Functions
IBM OpenWhisk
Amazon Serverless Offer…
S3
API Gateway AWS Lambda Functions
Browser
DynamoDB
Costs…[1] COGNITO IS FREE FOR < 50K MAUS AND $0.00550/MAU ONWARDS.[2] LAMBDA IS FREE FOR < 1M REQUESTS AND 400000GB -SECS OF COMPUT E.[3] DYNAMODB GIVES 25GB OF FREE STORAGE.[4] S3 GIVES 1GB OF FREE TRANSFER.
Service Rate Cost
Cognito Free[1] $0.00
API Gateway $3.5/M reqs + $0.09/GB transfer $2.20
Lambda Free[2] $0.00
DynamoDB$0.0065/hr 10 write units, $0.0065/hr 50 read units[3] $2.80
S3$0.023/GB storage, $0.005/K PUT, $0.004/10K GET, $0.0025/M objects[4]
$0.24
CloudFront (CDN)$0.085/GB transfer + $0.01/10K reqs
$0.86
Route53 (DNS)$0.50 per hosted zone + $0.40/M queries
$0.50
Certificate Manager Free $0.00
Total $6.10
*1000 daily active users making 20 requests per day to our API and storing around 10MB of files on S3. 6.10$ Per Month.
Source: http://serverless-stack.com/chapters/why-create-serverless-apps.html
Microsoft Serverless Offer…
Browser
Azure Cloud Functions
Azure CDN
API Management Cosmos DB
Azure Blob Storage
Google Serverless Offer…
Browser
Google Cloud Functions
Cloud CDN Cloud Storage
Cloud Endpoints Google Cloud BigTable
Let’s put them all together…
Cloud Formation
Azure Resource Manager Template and Azure Function project
Google Deployment Manager
SAM(AWS Serverless Application Model)
How they work on AWS
JSON/YML
Template
Predefined scripts
Cloud Formation
API Gateway
Lambda Functions
Dynamo DB
Source Code
ChallengesDEV, AUTHENTICATION, SECURITY, LOGGING AND MONITORING, SQL AND NOSQL
DevelopmentYOU CAN DEVELOP LOCALLY USING SERVERLESS-OFFLINE AND DYNAMODB OFFLINE
Be a service CustomerDESIGN FOR FAILURE
PLAN TO BE THROTTLED
PLAN TO RETRY (429)
CACHE WHEN APPROPRIATE
https://www.youtube.com/watch?v=oRIYtOsAlzk
You can be a Service ProviderPUBLISH STANDARD METRICS
IMPLEMENTATION DETAILS ARE PRIVATE
MAKE BACKWARDS COMPATIBIL ITY
Cold Start …… AND STEP FUNCTIONS
Step Functions
Authentication & AuthorizationCOGNITO & IDENTITY AND ACCESS MANAGEMENT
SecuritySECURITY AT DIFFERENT LEVELS
SecurityFirewalls ( network firewalls, application firewalls)
Encryption with TLS (Transport Layer Security) across all services
DDoS (Distributed Denial of Service) Mitigation
Identity and Access Control ◦ IAM(Identity and Access Management)
◦ Multi-factor authentication
Penetration Testing
…
https://d0.awsstatic.com/whitepapers/Security/DDoS_White_Paper.pdf
MonitoringBUILT IN MONITORING OR OTHERS L IKE NEW RELIC
X-RAY
DEAD LET TER QUEUE
AWS CloudTail
LoggingUSER STANDARD LOGGING IN YOU APP (DATE -TIME, MODULE, ID, [ INFO, DEBUG, ERROR])
SQL vs. NoSQLSYNCHRONIZING UPDATES
DENORMALIZED DB
THINK IN TERMS OF QUERIES NOT IN TERMS OF OBJECTS
DB TransactionsB EG I N T R A N SAC T I ON .
P U T I T E M # 1 .
…
P U T I T E M # N .
CO M M I T T R A N SAC T I ON .
https://aws.amazon.com/blogs/aws/dynamodb-transaction-library/
…>25% from Proper MicroservicesArchitectureSecurity
Monitoring and Alerting
Continuous Deployment
Network and Traffic Configuration
Service and Resource Discovery
AWS
Azure
GoogleCloud
RecapDifferent mind set
Good citizenship
Build software with grown up solutions
Build Infrastructure as code using solutions like Serverless Framework
Focus on building extraordinary products not state of the art infrastructure
Many offers, many possibilities, you can even combine then
The non-functional challenges can be overcome with services
ResourcesServerless Architecture
AWS Lambda vs. Azure Cloud Functions
Immutable Infrastructure
Azure BlobStorage vs. Amazon S3
From Monolith to Microservices
Serverless Architectural Patterns