This document summarizes a presentation given by Dr. Tim Wagner, General Manager of AWS Lambda and Amazon API Gateway, at the AWS New York Summit on August 11, 2016 about getting started with serverless computing using AWS Lambda and Amazon API Gateway. The presentation introduced serverless computing and how it abstracts infrastructure management, discussed AWS Lambda and Amazon API Gateway services and how to choose between them. It also provided examples of serverless use cases including data processing, backend services, and app ecosystems. Tips for VPC configuration, function scheduling, and stage variables in API Gateway were also shared.
3. What is serverless computing?
• VMs
• Machine as the unit of scale
• Abstracts the hardware
• Containers
• Application as the unit of scale
• Abstracts the OS
• Serverless
• Functions as the unit of scale
• Abstracts the language runtime
Amazon ECS
Amazon EC2
AWS Lambda
4. How do I choose?
• VMs
• “I want to configure machines,
storage, networking, and my OS”
• Containers
• “I want to run servers, configure
applications, and control scaling”
• Serverless
• “Run my code when it’s needed”
ECS
EC2
Lambda
5. Microservices
AWS Lambda + Amazon API Gateway is the
easiest way to create microservices
• Event handlers one function per event type
• Serverless backends one function per API / path
• Data processing one function per data type
6. Agenda
Overview of AWS Lambda and Amazon API Gateway
New and recent launches
Serverless use cases and best practices
7. AWS Lambda: Serverless computing
Run code without servers. Pay only for the compute time you consume.
Triggered by events or called from APIs:
• PUT to an Amazon S3 bucket
• Updates to Amazon DynamoDB table
• Call to an Amazon API Gateway endpoint
• Mobile app back-end call
• And many more…
Makes it easy to:
• Perform real-time data processing
• Build scalable back-end services
• Glue and choreograph systems
9. AWS Lambda Programming Model
Bring your own code
• Node.js, Java, Python
• Bring your own libraries
(even native ones)
Simple resource model
• Select power rating from
128 MB to 1.5 GB
• CPU and network allocated
proportionately
• Reports actual usage
Programming model
• AWS SDK built in (Python
and Node.js)
• Lambda is the “webserver”
• Use processes, threads,
/tmp, sockets normally
Stateless
• Persist data using Amazon
DynamoDB, S3, or Amazon
ElastiCache
• No affinity to infrastructure
(can’t “log in to the box”)
10. Using AWS Lambda
Authoring functions
• Author directly using the
console WYSIWYG editor
• Package code as a .zip and
upload to Lambda or S3
• Plugins for Eclipse and
Visual Studio
• Command line tools
Monitoring and logging
• Built-in metrics for requests,
errors, latency, and throttles
• Built-in logs in Amazon
CloudWatch Logs
Flexible authorization
• Securely grant access to
resources, including VPCs
• Fine-grained control over
who can call your functions
Flexible use
• Call or send events
• Integrated with other AWS
services
• Build whole serverless
ecosystems
11. AWS Lambda Pricing
• Buy compute time in
100 ms increments
• Low request charge
• No hourly, daily, or
monthly minimums
• No per-device fees
Never pay for idle!
Free Tier
1 million requests and 400,000 GBs of
compute every month, every customer
12. Imagine your business with
no cold servers.
No underutilized hardware.
No containers waiting for
work.
…and no one being paid to
worry about problems that
no longer exist.
• Buy compute time in
100 ms increments
• Low request charge
• No hourly, daily, or
monthly minimums
• No per-device fees
Never pay for idle!
13. Amazon API Gateway: Serverless APIs
Internet
Mobile
apps
Websites
Partner
Services
AWS Lambda
functions
API
Gateway
response
cache
Endpoints on
Amazon EC2
Any publicly
accessible
endpoint
Amazon
CloudWatch
Amazon
CloudFront
API
Gateway
14. Benefits of Amazon API Gateway
Create a unified API
front end for
multiple
microservices
DDoS protection
and throttling for
back-end systems
Authenticate and
authorize requests
16. Auth option #1: SigV4 / IAM
Internet
Mobile
apps
Partner
Services
AWS Lambda
functions
Endpoints on
Amazon EC2
Amazon
CloudFront
API
Gateway
Amazon
Cognito
AWS Identity & Access Management
(IAM)
IAM user / role
acquisition
SigV4 credentials
17. Auth option #2: Custom Lambda authorizer
Internet
Mobile
apps
Websites
Partner
Services
AWS Lambda
functions
Policy
cache
Endpoints on
Amazon EC2
Any publicly
accessible
endpoint
Amazon
CloudFront
API
Gateway
Lambda custom
Auth function
OAuth
provider
403
18. Auth option #3: Amazon Cognito User Pools
Internet
Mobile
apps
Partner
Services
AWS Lambda
functions
Endpoints on
Amazon EC2
Amazon
CloudFront
API
Gateway
Amazon
Cognito
Websites
User login
Built-in auth
check
OIDC token
OIDC token
Any publicly
accessible
endpoint
21. Launch: Amazon API Gateway usage plans
New API Management features:
• Define groups of consumers (partners, apps)
• Set throttles and quotas for each group
• Track each group’s usage
Helps you:
• Manage and monetize your APIs
• Apply business policies across your consumers
22. Throttle
Usage plans: Throttle specific consumers
Internet
Mobile
apps
Websites
Partner
Services
AWS Lambda
functions
API
Gateway
response
cache
Endpoints on
Amazon EC2
Any publicly
accessible
endpoint
Amazon
CloudWatch
Amazon
CloudFront
API
Gateway
23. Usage Plans: Throttling
• Prevents one customer from consuming all your
backend system’s capacity
• Let’s you decide how to allocate capacity among your
API consumers. Sample plan:
• Professional plan users: 10 TPS
• Premium plan users: 100 TPS
• Enterprise plan users: 500 TPS
24. Set daily
quota
Usage plans: Enforce per-consumer quotas
Internet
Mobile
apps
Websites
Partner
Services
AWS Lambda
functions
API
Gateway
response
cache
Endpoints on
Amazon EC2
Any publicly
accessible
endpoint
Amazon
CloudWatch
Amazon
CloudFront
API
Gateway
25. Usage Plans: Quotas
• Allows you to define and enforce usage limits by API
consumer (or groups of consumers)
• Sample plan:
• Professional plan: up to 100 calls / day
• Premium plan: up to 1000 calls / day
• Enterprise plan: no limit on calls
26. Track usage
Usage plans: Track API usage
Internet
Mobile
apps
Websites
Partner
Services
AWS Lambda
functions
API
Gateway
response
cache
Endpoints on
Amazon EC2
Any publicly
accessible
endpoint
Amazon
CloudWatch
Amazon
CloudFront
API
Gateway
27. Usage Plans: Usage reporting
• Allows you to export usage reports by consumer (per
API key)
• Facilitates billing, analytics, and monitoring
31. Use case: Serverless data processing
Example: Amazon S3 bucket triggers
Amazon S3 bucket events
Original object
Compressed object
1
2
3
AWS Lambda
32. Use case: Serverless web apps
1. Amazon S3 for serving static content
2. AWS Lambda for dynamic content
3. Amazon API Gateway for https access
4. Amazon DynamoDB for NoSQL data storage
Dynamic content
in AWS Lambda
Data stored in
Amazon
DynamoDB
API Gateway
Static content in
Amazon S3
Browser
33. Serverless Python Web Framework
Easy way to create serverless web apps in Python
Flask-like, easy command routing
CLI deployment and setup for both APIs and functions
Intelligent policy generator
34. Use case: Serverless mobile and IoT apps
1. Pick one:
a. Mobile apps: AWS Mobile SDK + Amazon Cognito (authorization)
b. IoT devices: AWS IoT
2. AWS Lambda’s “Mobile Backend” blueprint
3. Amazon DynamoDB for data storage
AWS Lambda
Amazon
DynamoDB
35. Use case: Serverless app ecosystems
Alexa, tell Slack to
send, “I’m giving the
demo now.”
Message retrieval through scheduled
polling
Kevin says,
“Break a leg!”
Message upload
(via Slack API)
Team
(channel users)
Slack
38. AWS Lambda VPC: Best practices
VPC is optional – don’t turn in on unless you need it.
Functions configured for VPC access lose internet access…
• Unless you have managed NAT or a NAT instance in the VPC
The ENIs used by Lambda’s VPC feature count against your quota.
Ensure you have enough to match your peak concurrency levels
(we’ll consolidate where we can).
DO NOT delete or rename these ENIs!
Ensure your subnets have enough IPs for those ENIs.
Specify at least one subnet in each Availability Zone
Otherwise, Lambda will obey, but can’t be as fault-tolerant.
39. Function Scheduling: Tips
How can I keep a function warm (no cold starts)?
Schedule [multiple copies of] it.
How can I poll a queue (like Amazon SQS)?
Schedule a function to read the queue.
How can I get more timers?
Have one scheduled function async invoke other functions.
How can I get granularity finer than 1 minute?
Run a background timer in your scheduled function.
40. Stage Variables in API Gateway: Basics
• Stage variables act like environment variables
• Use stage variables to store configuration values
• Stage variables are available in the $context object
• Values are accessible from most fields in API Gateway
• Lambda function ARN
• HTTP endpoint
• Custom authorizer function name
• Parameter mappings
41. Stage variables: Best practices
Using Stage Variables in API Gateway together with
Lambda function aliases:
MyLambdaFunction
1
2
3 = prod
4
5
6 = beta
7
8 = dev
MyAPI
Stage variable = lambdaAlias
Prod
lambdaAlias = prod
Beta
lambdaAlias = beta
Dev
lambdaAlias = dev
46. Serverless app model
Project Flourish provides an
application model for
serverless apps.
• Organize related functions
• Retain ability to deploy and
manage them individually
48. AWS Serverless Chatbot Competition
• Create a bot for Slack that runs on AWS
Lambda and Amazon API Gateway
• Sponsored by AWS and Slack
• Win tickets to AWS re:Invent and more
• Winners receive mentions in the
Serverless Keynote during re:Invent
• Submissions due by September 29
• Get started: awschatbot.devpost.com