aws black belt techシリーズ aws lambda

Download AWS Black Belt Techシリーズ AWS Lambda

Post on 16-Jul-2015

1.920 views

Category:

Technology

6 download

Embed Size (px)

TRANSCRIPT

  • AWS Lambda AWS Black Belt Tech Webinar 2015 ()2015.01.21

  • S3

    DynamoDB

  • OS

    24365

  • AWS Lambda

    Compute

    EC2OS

    ()

    201411Preview

  • AWS Lambda

  • Bring your own code

    Node.js

    /

    /tmpread/write

  • 100

  • S3

    AWS Lambda Amazon S3 Bucket

    1

    2

    3

  • DynamoDB

    AWS Lambda Amazon DynamoDB

    Table and Stream

  • S3CloudTrail

    AWS API

    AWS CloudTrail Logs

    AWS Lambda

    Bucket

  • /DynamoDB Lambda

    1. FB

    Cognito

    DynamoDBApp with AWS Mobile SDK

    2.

    4. DynamoDB

    3. Lambda function

    Lambda

  • Followers

    4. DynamoDB-

    1. FB

    6. Push-

    Cognito

    Mobile Analytics

    DynamoDB

    S3

    SNS7. Analytics

    3.

    2. S3

    5. SNS

    App with AWS Mobile

    SDK

  • Lambda

  • Lambda

    JavaScriptNode.js

    Zip Zip

    128MB 64MB CPU

    360

    LambdaIAM Role

    /tmpread/write

  • Node.jsAmazon Linux

    Amazon Linux

    Amazon LinuxAMIEC2http://docs.aws.amazon.com/lambda/latest/dg/lambda-introduction.html

  • OpenCV

    1. LambdaAMIEC2

    2. OSNode.js

    $ sudo yum update $ sudo yum install gcc44 gcc-c++ libgcc44 cmake python26-devel y $ wget http://nodejs.org/dist/v0.10.33/node-v0.10.33.tar.gz $ tar -zxvf node-v0.10.33.tar.gz $ cd node-v0.10.33 && ./configure && make $ sudo make install $ sudo easy_install pip $ pip install numpy

  • OpenCV

    3. $ wget http://downloads.sourceforge.net/project/opencvlibrary/opencv-unix/2.4.9/opencv-2.4.9.zip$ mkdir opencv_install$ mkdir opencv_example$ unzip opencv-2.4.9.zip d ./opencv_install/ && cd opencv_install

    4. $ cmake -D CMAKE_BUILD_TYPE=RELEASE -D BUILD_SHARED_LIBS=NO -D CMAKE_INSTALL_PREFIX=~/opencv opencv-2.4.9/

  • OpenCV

    5.

    6. npmnpm installPKG_CONFIG_PATHOpenCVOpenCV

    $ export PKG_CONFIG_PATH=$PKG_CONFIG_PATH:~/opencv/lib/pkgconfig/$ npm install prefix=~/opencv_example opencv

    $ make && make install

  • Node.js

  • Timeout

    Controlled termination 1context.done()

    Default termination context.done()

    Process exited before completing request

    process.exit()

    Process exited before completing request

  • Node.js

    /tmp

  • Lambdafreeze

  • AWS Lambda

  • Node.js AWS SDK ImageMagick

    S3DynamoDB

    /tmp

  • handler_nameLambda

    event JSON InvokeAsyncJSON

    context.done

    exports.handler_name = function(event, context) { console.log("value1 = " + event.key1); console.log("value2 = " + event.key2); ... context.done(null, "some message"); }

  • context.done()

    context.done()

    1 null nullCloudWatch

    2 /

  • console.log('Loading event');var aws = require('aws-sdk');var s3 = new aws.S3({apiVersion: '2006-03-01'});exports.handler = function(event, context) { console.log('Received event:'); console.log(JSON.stringify(event, null, ' ')); var bucket = event.Records[0].s3.bucket.name; var key = event.Records[0].s3.object.key; s3.getObject({Bucket:bucket, Key:key}, function(err,data) { if (err) { console.log('error getting object ' + key + ' from bucket ' + bucket + '. Make sure they exist and your bucket is in the same region as this function.'); context.done('error','error getting file'+err); } else { console.log('CONTENT TYPE:',data.ContentType); context.done(null,''); } } );};

  • Lambda

    IAM role

    Zip ZipSDKCLI Zip

    zip -r lambda-sample.zip .

    128MB1GB64MB 1603

  • AWS 3

    Amazon S3 Amazon Kinesis Amazon DynamoDB Stream(Preview)

    Push/Pull2

    JSON

  • Push

    Amazon S3 InvokeAsync 3

  • Pull

    Amazon DynamoDB Amazon Kinesis Lambda

  • S3 AWS LambdaS3

    S3

    Lambda

    DynamoDB DynamoDB

    StreamLambda

    Kinesis AWS SDKCLI

    Kinesis StreamLambda

  • Amazon DynamoDB Console (Preview)

    Amazon S3 Console

  • CLI

    $ aws lambda add-event-source \ --region us-east-1\ --function-name ProcessKinesisRecords \ --role invocation-role-arn \ --event-source kinesis-stream-arn \ --batch-size 100 \

  • S3{ "Records": [ -- "s3": { "s3SchemaVersion": "1.0", "configurationId": "testConfigRule", "bucket": { "name": "sourcebucket", "ownerIdentity": { "principalId": "A3NL1KOZZKExample" }, "arn": "arn:aws:s3:::mybucket" }, "object": { "key": "sourcebucket/HappyFace.jpg", "size": 1024, "eTag": "d41d8cd98f00b204e9800998ecf8427e" } } } ] }

  • Kinesis{ "Records": [ { "awsRegion": "us-east-1", "sequenceNumber": "196800000000000000000374", "partitionKey": "2efdb0ea22685b46993e42a67302a001", "eventSource": "aws:kinesis", "data": "SOME CUSTOM DATA 1" }, { "awsRegion": "us-east-1", "sequenceNumber": "196800000000000000000571", "partitionKey": "2efdb0ea22685b46993e42a67302a003", "eventSource": "aws:kinesis", "data": "{ \"key\": \"value\" }" } ] }

  • IAM

    Invocation RoleExecution Role2 Invocation Role

    Execution Role

    AWS

    IAM IAM

    PushPull

    LambdaAWS Lambda

  • Invocation Role

    Access PolicyTrust Policy

    Push Lambda Trust Policy

    Pull AWS LambdaPull Trust PolicyAWS Lambda

  • Invocation RolePushAccess Policy

    Amazon S3lambda:InvokeAsync

    { "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Resource": "*", "Action": [ "lambda:InvokeAsync" ] } ] }

  • Invocation RolePushTrust Policy

    Amazon S3sts:AssumeRole Amazon S3

    { "Version": "2012-10-17", "Statement": [ { "Sid": "", "Effect": "Allow", "Principal": { "Service": "s3.amazonaws.com" }, "Action": "sts:AssumeRole", "Condition": { "StringEquals":{ "sts:ExternalId": "arn:aws:s3:::bucket name" } } } ] }

  • Invocation RolePullAccess Policy

    Amazon Kinesis

    { "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Resource": "*", "Action": [ "kinesis:ReadStream"] } ] }

  • Invocation RolePullTrust Policy

    AWS Lambdasts:AssumeRole

    { "Version": "2012-10-17", "Statement": [ { "Sid": "", "Effect": "Allow", "Principal": { "Service": "lambda.amazonaws.com" }, "Action": "sts:AssumeRole" } ] }

  • ExecutionRole

    AWSIAM Access PolicyTrust Policy2

    LambdaIAMAWS

    Access Policy AWS Amazon CloudWatch Logs Amazon S3

    Trust Policy AWS Lambda

  • Execution RoleAccess Policy

    Amazon CloudWatch Logslogs:*

    { "Statement": [ { "Action": [ "logs:*" ], "Effect": "Allow", "Resource": "arn:aws:logs:*:*:*" } ] }

  • Execution RoleTrust Policy

    AWS Lambda

    { "Version": "2012-10-17", "Statement": [ { "Sid": "", "Effect": "Allow", "Principal": { "Service": "lambda.amazonaws.com" }, "Action": "sts:AssumeRole" } ] }

  • Lambda

    CloudWatchMetrics

  • exports.handler = function(event, context) { console.log('Received event:'); var bucket = event.Records[0].s3.bucket.name; var key = event.Records[0].s3.object.key; console.log(Bucket: +bucket); console.log(Key: +key);

    Amazon CloudWatch Logs

    Lambda

    /

    Max Memory Used Duration Billed Duration

    console.log

  • Lambda

    Execution rolesLambda

    Invocation roles

    S3DynamoDB

  • Lambda /tmp 512MB

    1024

    1024

    25/

    1 60

    zip 30MB

    zip 250MB

    InvokeAsyncJSON 128KB

  • () 100 $0.20/100(1$0.0000002)

    () 100ms 100ms

    Memory (MB)

    Price per 100ms ($)

    Free tier seconds per month

    128 0.000000208" 3,200,000

    192 0.000000313" 2,133,333

    256 0.000000417" 1,600,000

    320 0.000000521" 1,280,000

    384 0.000000625" 1,066,667

    448 0.000000729" 914,286

    512 0.000000834" 800,000

    576 0.000000938" 711,111

    640 0.000001042" 640,000

    704 0.000001146" 581,818

    768 0.00000125" 533,333

    832 0.000001354" 492,308

    896 0.000001459" 457,143

    960 0.000001563" 426,667

    1024 0.000001667" 400,000

  • https://aws.amazon.com/blogs/compute/

    http://docs.aws.amazon.com/lambda/latest/dg/

  • Run Code in the cloud!