Containers or Serverless? Mike Gillespie Solutions Architect, AWS Solutions Architecture
A Typical Application with Microservices Client Webapp Webapp Webapp Greeting Greeting Greeting Name Name Name
Microservice Deployment Strategies on AWS Amazon EC2 ECS Lambda More Management Less Management
Containers 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Microservices and Containers Do one thing, really well Any app, any language Test and deploy same artifact Self-contained services Isolated execution environment Faster startup Scaling and upgrading
Trends we are seeing Kubernetes The new norm in container orchestration Cloud Native Freeing customers from old models Migrating Legacy Application Customers are seeking the agility and flexibility of containers Developer Focused DevTools helping to push adoption Operations Automation Using control loops and Immutable Infra to reduce time and inefficiencies
Running Containers EC2 Instance EC2 Instance EC2 Instance EC2 Instance EC2 Instance
Running Containers at Scale Scheduling and Orchestration Cluster Manager Placement Engine Availability Zone #1 Availability Zone #2 Availability Zone #3
Operating Containers at Scale Operating container clusters such as Kubernetes is not a trivial task AWS Provides a managed service that handles the operational challenges orchestrating container clusters. Autoscaling will add capacity AWS Fargate will provision the servers on your behalf managing the scaling, patching
Running Containers on AWS Using Managed Services
AWS CodePipeline CI/CD with Kubernetes 6 1 Developers continuously integrate changes into a main branch hosted within a repo Amazon ECR 2 Triggers an execution of the pipeline when a new version is found, builds a new image with build ID 3 5 3 Pushes the newly built image tagged with build ID to ECR repo 1 2 4 4 Invokes a Lambda function to trigger application deployment Developer AWS CodeCommit AWS CodeBuild AWS Lambda 5 Leverages Kubernetes Python SDK to update a deployment AWS CodePipeline 6 Fetches new container image and performs a rolling update of deployment
Serverless 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Serverless means No servers to provision or manage Scales with usage Never pay for idle Built-in High-Availability and Disaster Recovery
Lambda considerations and best practices Can your Lambda functions survive the cold? Instantiate AWS clients and database clients outside the scope of the handler to take advantage of container re-use. Schedule with CloudWatch Events for warmth ENIs for VPC support are attached during cold start Executes during cold start import sys import logging import rds_config import pymysql rds_host = "rds-instance" db_name = rds_config.db_name try: conn = pymysql.connect( except: logger.error("error: def handler(event, context): with conn.cursor() as cur: Executes with each invocation
Lambda Best Practices Minimize package size to necessities Separate the Lambda handler from core logic Use Environment Variables to modify operational behavior Self-contain dependencies in your function package Leverage Max Memory Used to right-size your functions Delete large unused functions (75GB limit)
Web application Amazon CloudFront Amazon S3 Amazon Cognito Browser Amazon API Gateway Dynamic content in AWS Lambda Data stored in Amazon DynamoDB
Serverless web app security Browser Static Content Amazon CloudFront OAI Geo-Restriction Signed Cookies Signed URLs DDOS Protection Amazon S3 Bucket Policies ACLs Amazon Cognito AuthZ Amazon API Gateway Throttling Caching Usage Plans ACM AWS Lambda IAM Amazon DynamoDB IAM
AWS Serverless Application Model (SAM) CloudFormation extension optimized for serverless New serverless resource types: functions, APIs, and tables Supports anything CloudFormation supports Open specification (Apache 2.0) https://github.com/awslabs/serverless-application-model
Useful Frameworks for Serverless Web Apps AWS Chalice Python Serverless Framework https://github.com/aws/chalice Familiar decorator-based API similar to Flask/Bottle Similar to third-party frameworks, Zappa or Claudia.js AWS Serverless Express Run Node.js Express apps https://github.com/awslabs/aws-serverless-express Java - HttpServlet, Spring, Spark and Jersey https://github.com/awslabs/aws-serverless-java-container
AWS Serverless Data Lake Amazon DynamoDB AWS Glue Catalog & Search Amazon ES Amazon Cognito Amazon API Gateway API/UI AWS IAM Amazon Kinesis Streams Amazon Kinesis Firehose Ingest AWS Direct Connect S3 Bucket(s) AWS Lambda Security & Auditing Amazon Athena Amazon QuickSight AWS Glue Analytics & Processing Amazon Redshift Spectrum AWS IAM Key Management Service AWS CloudTrail Amazon Macie
Image recognition and processing Amazon Cognito: User authentication Amazon S3: Image uploads Start state machine execution 1 2 Extract image meta-data Invoke Amazon Rekognition 3 Web App 4 AWS Step Functions: Workflow orchestration Amazon Rekognition: Object detection Amazon DynamoDB: Image meta-data & tags Store meta-data and tags 3 Generate image thumbnail https://github.com/awslabs/lambda-refarch-imagerecognition
How to Decide? 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Developers Love Because Serverless: No Servers to manage! HA & Scaling are built-in No Paying for Idle Multiple Programming Languages Fewer Options Less Noise Containers: Rich Ecosystem Platform Support Vendor Freedom Consistent Environment Laptop to Production Persistence Long Running
When Serverless is Better Greenfield Application Little technical inertia in the form of existing coding frameworks and logging and monitoring tools. REST APIs Large data volumes, NoSQL databases, & parallel processing Highly variable resource requirements with lots of idle time. Short execution time and stateless execution Already have an operational footprint in the cloud.
When Containers are Better Complex Dependencies / Custom Environments / Existing Containers Custom Security Solutions and Full Stack Operational Ownership Long Running Execution (> 5 min), GPUs & HPC Persistence in containers Consistent Utilization Platform / Datacenter Independence
Serverless Myths Serverless is just a synonym for AWS Lambda Serverless is less secure There are no servers Serverless is just for resizing images or other events. Serverless is a silver bullet You don t need to test for scalability
Containerization Myths You have full platform independence: Network connectivity, security, performance all require engineering Running containers requires an investment in deploying and operating compute Containers are just virtualization
Well done, Way to play both sides Serverless Applications and Containerization Complement one another! Data Lake on S3 is cost-effective and very versatile Running ML Training against S3 Data using containers CICD Pipelines for serverless apps can be done using containerized builds Process request with Lambda / API Gateway and publish to SQS Queue, process work in container.
Recommendations Embrace your platform. Don t reinvent the wheel. Development teams can be passionate about reusing code but spend countess hours writing platform code. Build expertise is both containers and serverless Know strengths / weaknesses of each architecture Start serverless and identify why serverless won t work Test early, test often, test automated.
Containers or and Serverless! Mike Gillespie Solutions Architect, AWS Solutions Architecture Thank You!