getting started with serverless and container architectures
TRANSCRIPT
AWS Cloud Kata for Start-Ups and Developers
Hong
Kong
Getting Started with Serverless
and Container Architectures
Dickson Yue
Solutions Architect AWS
AWS Cloud Kata for Start-Ups and Developers
Operational complexity - ldquoI want to run some code in the cloudrdquo
bull hellipbut ops are complicated and I donrsquot have an ops guy
Undifferentiated instances - ldquoI want flexibility to use the code I likerdquo
bull hellipbut OS and runtime configuration Donrsquot really care
Capacity management concerns - ldquoMy business scales with users and requestsrdquo
bull hellipbut I donrsquot want a planning exercise to reserve and provision capacity
Low utilization but high scale - ldquoI want infinite scalerdquo
bull hellipbut I only want to pay for calls I actually make
Run some code
in the cloud
AWS Cloud Kata for Start-Ups and Developers
What compute options do we have
bull VMsbull Machine as the unit of scale
bull Abstracts the hardware
bull Containersbull Application as the unit of scale
bull Abstracts the OS
bull Serverlessbull Functions as the unit of scale
bull Abstracts the language runtime
ECS
EC2
AWS Lambda
AWS Cloud Kata for Start-Ups and Developers
How do I choose
bull VMs
bull ldquoI want to configure machines
storage networking and my OSrdquo
bull Containers
bull ldquoI want to run servers configure
applications and control scalingrdquo
bull Serverless
bull ldquoRun my code when itrsquos neededrdquo
ECS
EC2
AWS Lambda
AWS Cloud Kata for Start-Ups and Developers
Conatiner
AWS Cloud Kata for Start-Ups and Developers
Self managed EC2
Elastic Beanstalk
Elastic container service (ECS)
Deployment options
AWS Cloud Kata for Start-Ups and Developers
Server
Guest OS
BinsLibs BinsLibs
App2App1
Managing One Host is Straightforward
AWS Cloud Kata for Start-Ups and Developers
Managing a Fleet is Hard
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
AZ 1 AZ 2
AZ 3
AWS Cloud Kata for Start-Ups and Developers
What is EC2 Container Service
AWS Cloud Kata for Start-Ups and Developers
Cluster Management Made Easy
No cluster software to install and manage
Manages cluster state
Manages containers
Control and monitoring
Scale from one to tens of thousands of
containers
AWS Cloud Kata for Start-Ups and Developers
Cluster Management Resource
Management
Docker
Task
EC2 Instance
Container
Docker
Task
EC2 Instance
Container
Task
Container
Docker
EC2 Instance
Task
Container
AZ 1 AZ 2
AWS Cloud Kata for Start-Ups and Developers
Cluster Management Scheduling
Docker
Task
EC2 Instance
Container
Docker
Task
EC2 Instance
Container
Task
Container
Docker
EC2 Instance
Task
Container
AZ 1 AZ 2
AWS Cloud Kata for Start-Ups and Developers
Amazon ECS Resource Management
Docker
Task
Container Instance
Container
Task
Container
Docker
Task
Container Instance
Container
Task
Container
Docker
Task
Container Instance
Container
Task
Container
AZ 1 AZ 2
Cluster Management Engine
AWS Cloud Kata for Start-Ups and Developers
Security
Isolation boundaries through EC2
instances
VPC only
Security Group and IAM roles support
AWS Cloud Kata for Start-Ups and Developers
Performance at Scale
Building block for distributed applications
Coordinates and automates container deployment
Launch thousands of containers in seconds
AWS Cloud Kata for Start-Ups and Developers
Designed for use with other AWS
services
Elastic Load Balancing
Amazon Elastic Block Store
Amazon Virtual Private Cloud
AWS Identity and Access Management
AWS CloudTrail
AWS Cloud Kata for Start-Ups and Developers
Key Components
Clusters
Containers
Task Definitions
Service
AWS Cloud Kata for Start-Ups and Developers
Typical User Workflow
I have a Docker
image and I want to
run the image on a
cluster
AWS Cloud Kata for Start-Ups and Developers
Typical User Workflow
Push Image(s)
Amazon ECR
Docker Hub
Or
AWS Cloud Kata for Start-Ups and Developers
Typical User Workflow
Create Task Definition Amazon ECS
Task Definition
- Image
- CPU memory
- Port mapping
- CMD
AWS Cloud Kata for Start-Ups and Developers
Typical User Workflow
Run Instances EC2
Use custom AMI with
Docker support and
ECS Agent Instances
will register with
default cluster
AWS Cloud Kata for Start-Ups and Developers
Typical User Workflow
Describe Cluster Amazon ECS
Get information about
cluster state and
available resources
AWS Cloud Kata for Start-Ups and Developers
Typical User Workflow
Run Task
or
Create Service
Amazon ECS
Using the task definition
created above
AWS Cloud Kata for Start-Ups and Developers
Typical User Workflow
Amazon ECSDescribe Cluster
Get information about
cluster state and
running containers
AWS Cloud Kata for Start-Ups and Developers
DEMO
AWS Cloud Kata for Start-Ups and Developers
Command
aws elb create-load-balancer --cli-input-json fileelb-ecsjson
aws ecs create-cluster --cluster-name ecs-demo
aws autoscaling create-launch-configuration --cli-input-json filelaunch-configjson --user-data fileuserdatatxt
aws autoscaling create-auto-scaling-group --cli-input-json fileauto-scaling-groupjson
aws ecs list-container-instances --cluster ecs-demo
docker build -t dicksonyuekata-demov5
docker run -d -p 80808080 dicksonyuekata-demov5
docker push
aws ecs register-task-definition --cli-input-json fileecs-taskjson
aws ecs update-service --cluster ecs-demo --service vote-app-service --desired-count 2 --task-definition kata-demo-task5
AWS Cloud Kata for Start-Ups and Developers
Task
family vote-app-task
containerDefinitions [
name rdquokata-demo-container
image dicksonyuekata-demov2
cpu 10
memory 500
portMappings [
containerPort 8080
hostPort 8080
]
essential true
command [
npm start
]
]
AWS Cloud Kata for Start-Ups and Developers
Service
cluster ecs-demo
serviceName vote-app-service
taskDefinition vote-app-task
loadBalancers [
loadBalancerName ecs-demo-ecs-elb
containerName rdquokata-demo-container
containerPort 8080
]
desiredCount 1
role ecsServiceRolerdquo
AWS Cloud Kata for Start-Ups and Developers
Serverless
AWS Cloud Kata for Start-Ups and Developers
2) Continuous Scaling 1) No Servers to Manage
AWS Lambda automatically scales your application by running code in response to each trigger Your code runs in parallel and processes each trigger individually scaling
precisely with the size of the workload
3) Subsecond Metering
With AWS Lambda you are charged for every 100ms your code executes and the number of times your code is triggered You dont pay anything when your code
isnt running
AWS Lambda automatically runs your code without requiring you to provision or
manage servers Just write the code and upload it to Lambda
Benefits of AWS Lambda
AWS Cloud Kata for Start-Ups and Developers
How Lambda works
S3 event
notifications
DynamoDB
StreamsKinesis
events
Cognito
eventsSNS
events
Custom
events
CloudTrail
events LambdaDynamoDB
Kinesis S3
Any custom
Redshift
SNS
Any AWS
AWS Cloud Kata for Start-Ups and Developers
AWS Lambda API Gateway and AWS IoT
regions
Available regions
Singapore
Sydney
AWS Cloud Kata for Start-Ups and Developers
Lambda usage scenarios
AWS Cloud Kata for Start-Ups and Developers
Use case Data processing
Example Amazon S3 bucket triggers
Amazon S3 bucket events
Original objectCompressed object
1
2
3
AWS Lambda
AWS Cloud Kata for Start-Ups and Developers
Use case Dynamic data ingestion
ldquoI want to apply custom logic to process content being uploaded to my data storerdquo
bull PDF watermarking
bull Image thumbnailing and transcoding
bull Document metadata Indexing
bull Log aggregation and filtering
bull RSS feed processing
bull Media content validation
AWS Cloud Kata for Start-Ups and Developers
Use case Realtime data stream processing Amazon Kinesis
ldquoI want to apply custom logic to process logs being uploaded through my Kinesis streamrdquo
bull Client activity tracking
bull metrics generation
bull data cleansing
bull Log filtering
bull indexing and searching
bull Log routing
AWS Cloud Kata for Start-Ups and Developers
Use case mobile backend1 AWS Mobile SDK + Amazon Cognito for mobile app
Or AWS IoT for devices
2 AWS Lambda runs the code
3 Amazon API Gateway (if you want your own endpoint)
4 Amazon DynamoDB holds the data
AWS LambdaAmazon
DynamoDB
AWS Cloud Kata for Start-Ups and Developers
Use case Serverless web apps
1 Amazon S3 for serving static content
2 AWS Lambda for dynamic content
3 Amazon API Gateway for https access
4 Amazon DynamoDB for NoSQL data storage
Dynamic content
in AWS Lambda
Data stored in
Amazon
DynamoDB
API GatewayStatic content in
Amazon S3
AWS Cloud Kata for Start-Ups and Developers
Use case Alexa apps + Slack = serverless bots
Alexa tell Slack to
send ldquoIrsquom giving the
demo nowrdquo
Message retrieval through scheduled
polling
Kevin says
ldquoBreak a legrdquo
Message upload
(via Slack API)
Team
(channel users)
Slack
AWS Cloud Kata for Start-Ups and Developers
Additional scenarios
Cognito
CloudFormationLambda
Lambda
SNS Lambda
LambdaDynamoDB
AWS Cloud Kata for Start-Ups and Developers
DEMO
AWS Cloud Kata for Start-Ups and Developers
1 Image uploading service
2 Image processing service
Face wall service
Dashboard service
3 Data feed services
Input
Image
S3
S3
Output
Image
Metadata DB
App Metric
Lambda
Camera uploads photos with AWS SDK to S3
S3 triggers Lambda event
Lambda function detects faces outputs cropped
images to S3 and stores metadata in DynamoDB
Web application pulls data from face wall and
dashboard services through API gateway which
triggers Lambda function
$$ charged by
Exec time per 100ms
Storage per GB
Number of requests
ReadWrite throughput
AWS Cloud Kata for Start-Ups and Developers
Recent launches and
best practices
AWS Cloud Kata for Start-Ups and Developers
reInvent 2015
bull Python
bull Scheduled functions
bull Longer running times (5 min)
bull Versioning
Recent launches
Since reInventbull Higher code storage limits (from 5 GB to
75 GB)
bull Custom VPC
bull 1-minute schedules
bull New regional launch
bull Nodejs 432
bull 1-click CORs setup
bull Stage variables
bull Custom (Lambda) authorizers
bull Builtin Swagger importexport
bull AWS CloudFormation support for API Gateway and versions
AWS Cloud Kata for Start-Ups and Developers
Function schedules The how-to guide
How can I keep a function warm (no cold starts)
Schedule it
How can I poll a queue (like SQS)
Schedule a function to read the queue
How can I get more timers
Have one scheduled function async invoke other functions
How can I get granularity finer than 1 minute
Run a background timer in your scheduled function
AWS Cloud Kata for Start-Ups and Developers
Function versioning The how-to guide
How can I get mutable configuration info
Read it (eg from DynamoDB) during function initialization
Wrap your config in a function and call it from your published code
How do I ldquoroll backrdquo in AWS Lambda
Using aliases just switch what the alias points to
(As a collection add API Gateway andor CloudFormation)
How do I do bluegreen deployments
AWS Lambda handles fleet deployments but if you want to shape
traffic put a second ldquotraffic coprdquo function in front
How can I lock a clientdevice onto an old version
Point them directly to that versionrsquos ARN
AWS Cloud Kata for Start-Ups and Developers
AWS Lambda VPC basics
All Lambda functions run in a VPC all the time
You never need to ldquoturn onrdquo security ndash itrsquos always on
You can also grant Lambda functions access to resources in your own VPC
How Add VPC subnet IDs and security group IDs to the function config
Typical uses RDB ElastiCache private EC2 endpoints
Allows access to peered VPCs VPN endpoints and private S3 endpoints
Functions configured for VPC access lose internet accesshellip
unless you have managed NAT or a NAT instance in the VPC
hellipEven if you have ldquoAuto-assign Public IPrdquo enabled
hellipEven if you have an internet gateway set up in your VPC
hellipEven if your security group allows all outbound traffic
AWS Cloud Kata for Start-Ups and Developers
AWS Lambda VPC Best practices
VPC is optional ndash donrsquot turn in on unless you need it
The ENIs used by Lambdarsquos VPC feature count against your quota
Ensure you have enough to match your peak concurrency levels (wersquoll consolidate where we can)
DO NOT delete or rename these ENIs
Ensure your subnets have enough IPs for those ENIs
Specify at least one subnet in each Availability ZoneOtherwise Lambda will obey but canrsquot be as fault-tolerant
AWS Cloud Kata for Start-Ups and Developers
Container
ECS
Cluster
Task amp Service
AWS CLI or ECS CLI
Summary
Serverless
Lambda
Use cases
Best practices
New feature
AWS Cloud Kata for Start-Ups and Developers
Hong
Kong
Thank you
AWS Cloud Kata for Start-Ups and Developers
Operational complexity - ldquoI want to run some code in the cloudrdquo
bull hellipbut ops are complicated and I donrsquot have an ops guy
Undifferentiated instances - ldquoI want flexibility to use the code I likerdquo
bull hellipbut OS and runtime configuration Donrsquot really care
Capacity management concerns - ldquoMy business scales with users and requestsrdquo
bull hellipbut I donrsquot want a planning exercise to reserve and provision capacity
Low utilization but high scale - ldquoI want infinite scalerdquo
bull hellipbut I only want to pay for calls I actually make
Run some code
in the cloud
AWS Cloud Kata for Start-Ups and Developers
What compute options do we have
bull VMsbull Machine as the unit of scale
bull Abstracts the hardware
bull Containersbull Application as the unit of scale
bull Abstracts the OS
bull Serverlessbull Functions as the unit of scale
bull Abstracts the language runtime
ECS
EC2
AWS Lambda
AWS Cloud Kata for Start-Ups and Developers
How do I choose
bull VMs
bull ldquoI want to configure machines
storage networking and my OSrdquo
bull Containers
bull ldquoI want to run servers configure
applications and control scalingrdquo
bull Serverless
bull ldquoRun my code when itrsquos neededrdquo
ECS
EC2
AWS Lambda
AWS Cloud Kata for Start-Ups and Developers
Conatiner
AWS Cloud Kata for Start-Ups and Developers
Self managed EC2
Elastic Beanstalk
Elastic container service (ECS)
Deployment options
AWS Cloud Kata for Start-Ups and Developers
Server
Guest OS
BinsLibs BinsLibs
App2App1
Managing One Host is Straightforward
AWS Cloud Kata for Start-Ups and Developers
Managing a Fleet is Hard
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
AZ 1 AZ 2
AZ 3
AWS Cloud Kata for Start-Ups and Developers
What is EC2 Container Service
AWS Cloud Kata for Start-Ups and Developers
Cluster Management Made Easy
No cluster software to install and manage
Manages cluster state
Manages containers
Control and monitoring
Scale from one to tens of thousands of
containers
AWS Cloud Kata for Start-Ups and Developers
Cluster Management Resource
Management
Docker
Task
EC2 Instance
Container
Docker
Task
EC2 Instance
Container
Task
Container
Docker
EC2 Instance
Task
Container
AZ 1 AZ 2
AWS Cloud Kata for Start-Ups and Developers
Cluster Management Scheduling
Docker
Task
EC2 Instance
Container
Docker
Task
EC2 Instance
Container
Task
Container
Docker
EC2 Instance
Task
Container
AZ 1 AZ 2
AWS Cloud Kata for Start-Ups and Developers
Amazon ECS Resource Management
Docker
Task
Container Instance
Container
Task
Container
Docker
Task
Container Instance
Container
Task
Container
Docker
Task
Container Instance
Container
Task
Container
AZ 1 AZ 2
Cluster Management Engine
AWS Cloud Kata for Start-Ups and Developers
Security
Isolation boundaries through EC2
instances
VPC only
Security Group and IAM roles support
AWS Cloud Kata for Start-Ups and Developers
Performance at Scale
Building block for distributed applications
Coordinates and automates container deployment
Launch thousands of containers in seconds
AWS Cloud Kata for Start-Ups and Developers
Designed for use with other AWS
services
Elastic Load Balancing
Amazon Elastic Block Store
Amazon Virtual Private Cloud
AWS Identity and Access Management
AWS CloudTrail
AWS Cloud Kata for Start-Ups and Developers
Key Components
Clusters
Containers
Task Definitions
Service
AWS Cloud Kata for Start-Ups and Developers
Typical User Workflow
I have a Docker
image and I want to
run the image on a
cluster
AWS Cloud Kata for Start-Ups and Developers
Typical User Workflow
Push Image(s)
Amazon ECR
Docker Hub
Or
AWS Cloud Kata for Start-Ups and Developers
Typical User Workflow
Create Task Definition Amazon ECS
Task Definition
- Image
- CPU memory
- Port mapping
- CMD
AWS Cloud Kata for Start-Ups and Developers
Typical User Workflow
Run Instances EC2
Use custom AMI with
Docker support and
ECS Agent Instances
will register with
default cluster
AWS Cloud Kata for Start-Ups and Developers
Typical User Workflow
Describe Cluster Amazon ECS
Get information about
cluster state and
available resources
AWS Cloud Kata for Start-Ups and Developers
Typical User Workflow
Run Task
or
Create Service
Amazon ECS
Using the task definition
created above
AWS Cloud Kata for Start-Ups and Developers
Typical User Workflow
Amazon ECSDescribe Cluster
Get information about
cluster state and
running containers
AWS Cloud Kata for Start-Ups and Developers
DEMO
AWS Cloud Kata for Start-Ups and Developers
Command
aws elb create-load-balancer --cli-input-json fileelb-ecsjson
aws ecs create-cluster --cluster-name ecs-demo
aws autoscaling create-launch-configuration --cli-input-json filelaunch-configjson --user-data fileuserdatatxt
aws autoscaling create-auto-scaling-group --cli-input-json fileauto-scaling-groupjson
aws ecs list-container-instances --cluster ecs-demo
docker build -t dicksonyuekata-demov5
docker run -d -p 80808080 dicksonyuekata-demov5
docker push
aws ecs register-task-definition --cli-input-json fileecs-taskjson
aws ecs update-service --cluster ecs-demo --service vote-app-service --desired-count 2 --task-definition kata-demo-task5
AWS Cloud Kata for Start-Ups and Developers
Task
family vote-app-task
containerDefinitions [
name rdquokata-demo-container
image dicksonyuekata-demov2
cpu 10
memory 500
portMappings [
containerPort 8080
hostPort 8080
]
essential true
command [
npm start
]
]
AWS Cloud Kata for Start-Ups and Developers
Service
cluster ecs-demo
serviceName vote-app-service
taskDefinition vote-app-task
loadBalancers [
loadBalancerName ecs-demo-ecs-elb
containerName rdquokata-demo-container
containerPort 8080
]
desiredCount 1
role ecsServiceRolerdquo
AWS Cloud Kata for Start-Ups and Developers
Serverless
AWS Cloud Kata for Start-Ups and Developers
2) Continuous Scaling 1) No Servers to Manage
AWS Lambda automatically scales your application by running code in response to each trigger Your code runs in parallel and processes each trigger individually scaling
precisely with the size of the workload
3) Subsecond Metering
With AWS Lambda you are charged for every 100ms your code executes and the number of times your code is triggered You dont pay anything when your code
isnt running
AWS Lambda automatically runs your code without requiring you to provision or
manage servers Just write the code and upload it to Lambda
Benefits of AWS Lambda
AWS Cloud Kata for Start-Ups and Developers
How Lambda works
S3 event
notifications
DynamoDB
StreamsKinesis
events
Cognito
eventsSNS
events
Custom
events
CloudTrail
events LambdaDynamoDB
Kinesis S3
Any custom
Redshift
SNS
Any AWS
AWS Cloud Kata for Start-Ups and Developers
AWS Lambda API Gateway and AWS IoT
regions
Available regions
Singapore
Sydney
AWS Cloud Kata for Start-Ups and Developers
Lambda usage scenarios
AWS Cloud Kata for Start-Ups and Developers
Use case Data processing
Example Amazon S3 bucket triggers
Amazon S3 bucket events
Original objectCompressed object
1
2
3
AWS Lambda
AWS Cloud Kata for Start-Ups and Developers
Use case Dynamic data ingestion
ldquoI want to apply custom logic to process content being uploaded to my data storerdquo
bull PDF watermarking
bull Image thumbnailing and transcoding
bull Document metadata Indexing
bull Log aggregation and filtering
bull RSS feed processing
bull Media content validation
AWS Cloud Kata for Start-Ups and Developers
Use case Realtime data stream processing Amazon Kinesis
ldquoI want to apply custom logic to process logs being uploaded through my Kinesis streamrdquo
bull Client activity tracking
bull metrics generation
bull data cleansing
bull Log filtering
bull indexing and searching
bull Log routing
AWS Cloud Kata for Start-Ups and Developers
Use case mobile backend1 AWS Mobile SDK + Amazon Cognito for mobile app
Or AWS IoT for devices
2 AWS Lambda runs the code
3 Amazon API Gateway (if you want your own endpoint)
4 Amazon DynamoDB holds the data
AWS LambdaAmazon
DynamoDB
AWS Cloud Kata for Start-Ups and Developers
Use case Serverless web apps
1 Amazon S3 for serving static content
2 AWS Lambda for dynamic content
3 Amazon API Gateway for https access
4 Amazon DynamoDB for NoSQL data storage
Dynamic content
in AWS Lambda
Data stored in
Amazon
DynamoDB
API GatewayStatic content in
Amazon S3
AWS Cloud Kata for Start-Ups and Developers
Use case Alexa apps + Slack = serverless bots
Alexa tell Slack to
send ldquoIrsquom giving the
demo nowrdquo
Message retrieval through scheduled
polling
Kevin says
ldquoBreak a legrdquo
Message upload
(via Slack API)
Team
(channel users)
Slack
AWS Cloud Kata for Start-Ups and Developers
Additional scenarios
Cognito
CloudFormationLambda
Lambda
SNS Lambda
LambdaDynamoDB
AWS Cloud Kata for Start-Ups and Developers
DEMO
AWS Cloud Kata for Start-Ups and Developers
1 Image uploading service
2 Image processing service
Face wall service
Dashboard service
3 Data feed services
Input
Image
S3
S3
Output
Image
Metadata DB
App Metric
Lambda
Camera uploads photos with AWS SDK to S3
S3 triggers Lambda event
Lambda function detects faces outputs cropped
images to S3 and stores metadata in DynamoDB
Web application pulls data from face wall and
dashboard services through API gateway which
triggers Lambda function
$$ charged by
Exec time per 100ms
Storage per GB
Number of requests
ReadWrite throughput
AWS Cloud Kata for Start-Ups and Developers
Recent launches and
best practices
AWS Cloud Kata for Start-Ups and Developers
reInvent 2015
bull Python
bull Scheduled functions
bull Longer running times (5 min)
bull Versioning
Recent launches
Since reInventbull Higher code storage limits (from 5 GB to
75 GB)
bull Custom VPC
bull 1-minute schedules
bull New regional launch
bull Nodejs 432
bull 1-click CORs setup
bull Stage variables
bull Custom (Lambda) authorizers
bull Builtin Swagger importexport
bull AWS CloudFormation support for API Gateway and versions
AWS Cloud Kata for Start-Ups and Developers
Function schedules The how-to guide
How can I keep a function warm (no cold starts)
Schedule it
How can I poll a queue (like SQS)
Schedule a function to read the queue
How can I get more timers
Have one scheduled function async invoke other functions
How can I get granularity finer than 1 minute
Run a background timer in your scheduled function
AWS Cloud Kata for Start-Ups and Developers
Function versioning The how-to guide
How can I get mutable configuration info
Read it (eg from DynamoDB) during function initialization
Wrap your config in a function and call it from your published code
How do I ldquoroll backrdquo in AWS Lambda
Using aliases just switch what the alias points to
(As a collection add API Gateway andor CloudFormation)
How do I do bluegreen deployments
AWS Lambda handles fleet deployments but if you want to shape
traffic put a second ldquotraffic coprdquo function in front
How can I lock a clientdevice onto an old version
Point them directly to that versionrsquos ARN
AWS Cloud Kata for Start-Ups and Developers
AWS Lambda VPC basics
All Lambda functions run in a VPC all the time
You never need to ldquoturn onrdquo security ndash itrsquos always on
You can also grant Lambda functions access to resources in your own VPC
How Add VPC subnet IDs and security group IDs to the function config
Typical uses RDB ElastiCache private EC2 endpoints
Allows access to peered VPCs VPN endpoints and private S3 endpoints
Functions configured for VPC access lose internet accesshellip
unless you have managed NAT or a NAT instance in the VPC
hellipEven if you have ldquoAuto-assign Public IPrdquo enabled
hellipEven if you have an internet gateway set up in your VPC
hellipEven if your security group allows all outbound traffic
AWS Cloud Kata for Start-Ups and Developers
AWS Lambda VPC Best practices
VPC is optional ndash donrsquot turn in on unless you need it
The ENIs used by Lambdarsquos VPC feature count against your quota
Ensure you have enough to match your peak concurrency levels (wersquoll consolidate where we can)
DO NOT delete or rename these ENIs
Ensure your subnets have enough IPs for those ENIs
Specify at least one subnet in each Availability ZoneOtherwise Lambda will obey but canrsquot be as fault-tolerant
AWS Cloud Kata for Start-Ups and Developers
Container
ECS
Cluster
Task amp Service
AWS CLI or ECS CLI
Summary
Serverless
Lambda
Use cases
Best practices
New feature
AWS Cloud Kata for Start-Ups and Developers
Hong
Kong
Thank you
AWS Cloud Kata for Start-Ups and Developers
What compute options do we have
bull VMsbull Machine as the unit of scale
bull Abstracts the hardware
bull Containersbull Application as the unit of scale
bull Abstracts the OS
bull Serverlessbull Functions as the unit of scale
bull Abstracts the language runtime
ECS
EC2
AWS Lambda
AWS Cloud Kata for Start-Ups and Developers
How do I choose
bull VMs
bull ldquoI want to configure machines
storage networking and my OSrdquo
bull Containers
bull ldquoI want to run servers configure
applications and control scalingrdquo
bull Serverless
bull ldquoRun my code when itrsquos neededrdquo
ECS
EC2
AWS Lambda
AWS Cloud Kata for Start-Ups and Developers
Conatiner
AWS Cloud Kata for Start-Ups and Developers
Self managed EC2
Elastic Beanstalk
Elastic container service (ECS)
Deployment options
AWS Cloud Kata for Start-Ups and Developers
Server
Guest OS
BinsLibs BinsLibs
App2App1
Managing One Host is Straightforward
AWS Cloud Kata for Start-Ups and Developers
Managing a Fleet is Hard
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
AZ 1 AZ 2
AZ 3
AWS Cloud Kata for Start-Ups and Developers
What is EC2 Container Service
AWS Cloud Kata for Start-Ups and Developers
Cluster Management Made Easy
No cluster software to install and manage
Manages cluster state
Manages containers
Control and monitoring
Scale from one to tens of thousands of
containers
AWS Cloud Kata for Start-Ups and Developers
Cluster Management Resource
Management
Docker
Task
EC2 Instance
Container
Docker
Task
EC2 Instance
Container
Task
Container
Docker
EC2 Instance
Task
Container
AZ 1 AZ 2
AWS Cloud Kata for Start-Ups and Developers
Cluster Management Scheduling
Docker
Task
EC2 Instance
Container
Docker
Task
EC2 Instance
Container
Task
Container
Docker
EC2 Instance
Task
Container
AZ 1 AZ 2
AWS Cloud Kata for Start-Ups and Developers
Amazon ECS Resource Management
Docker
Task
Container Instance
Container
Task
Container
Docker
Task
Container Instance
Container
Task
Container
Docker
Task
Container Instance
Container
Task
Container
AZ 1 AZ 2
Cluster Management Engine
AWS Cloud Kata for Start-Ups and Developers
Security
Isolation boundaries through EC2
instances
VPC only
Security Group and IAM roles support
AWS Cloud Kata for Start-Ups and Developers
Performance at Scale
Building block for distributed applications
Coordinates and automates container deployment
Launch thousands of containers in seconds
AWS Cloud Kata for Start-Ups and Developers
Designed for use with other AWS
services
Elastic Load Balancing
Amazon Elastic Block Store
Amazon Virtual Private Cloud
AWS Identity and Access Management
AWS CloudTrail
AWS Cloud Kata for Start-Ups and Developers
Key Components
Clusters
Containers
Task Definitions
Service
AWS Cloud Kata for Start-Ups and Developers
Typical User Workflow
I have a Docker
image and I want to
run the image on a
cluster
AWS Cloud Kata for Start-Ups and Developers
Typical User Workflow
Push Image(s)
Amazon ECR
Docker Hub
Or
AWS Cloud Kata for Start-Ups and Developers
Typical User Workflow
Create Task Definition Amazon ECS
Task Definition
- Image
- CPU memory
- Port mapping
- CMD
AWS Cloud Kata for Start-Ups and Developers
Typical User Workflow
Run Instances EC2
Use custom AMI with
Docker support and
ECS Agent Instances
will register with
default cluster
AWS Cloud Kata for Start-Ups and Developers
Typical User Workflow
Describe Cluster Amazon ECS
Get information about
cluster state and
available resources
AWS Cloud Kata for Start-Ups and Developers
Typical User Workflow
Run Task
or
Create Service
Amazon ECS
Using the task definition
created above
AWS Cloud Kata for Start-Ups and Developers
Typical User Workflow
Amazon ECSDescribe Cluster
Get information about
cluster state and
running containers
AWS Cloud Kata for Start-Ups and Developers
DEMO
AWS Cloud Kata for Start-Ups and Developers
Command
aws elb create-load-balancer --cli-input-json fileelb-ecsjson
aws ecs create-cluster --cluster-name ecs-demo
aws autoscaling create-launch-configuration --cli-input-json filelaunch-configjson --user-data fileuserdatatxt
aws autoscaling create-auto-scaling-group --cli-input-json fileauto-scaling-groupjson
aws ecs list-container-instances --cluster ecs-demo
docker build -t dicksonyuekata-demov5
docker run -d -p 80808080 dicksonyuekata-demov5
docker push
aws ecs register-task-definition --cli-input-json fileecs-taskjson
aws ecs update-service --cluster ecs-demo --service vote-app-service --desired-count 2 --task-definition kata-demo-task5
AWS Cloud Kata for Start-Ups and Developers
Task
family vote-app-task
containerDefinitions [
name rdquokata-demo-container
image dicksonyuekata-demov2
cpu 10
memory 500
portMappings [
containerPort 8080
hostPort 8080
]
essential true
command [
npm start
]
]
AWS Cloud Kata for Start-Ups and Developers
Service
cluster ecs-demo
serviceName vote-app-service
taskDefinition vote-app-task
loadBalancers [
loadBalancerName ecs-demo-ecs-elb
containerName rdquokata-demo-container
containerPort 8080
]
desiredCount 1
role ecsServiceRolerdquo
AWS Cloud Kata for Start-Ups and Developers
Serverless
AWS Cloud Kata for Start-Ups and Developers
2) Continuous Scaling 1) No Servers to Manage
AWS Lambda automatically scales your application by running code in response to each trigger Your code runs in parallel and processes each trigger individually scaling
precisely with the size of the workload
3) Subsecond Metering
With AWS Lambda you are charged for every 100ms your code executes and the number of times your code is triggered You dont pay anything when your code
isnt running
AWS Lambda automatically runs your code without requiring you to provision or
manage servers Just write the code and upload it to Lambda
Benefits of AWS Lambda
AWS Cloud Kata for Start-Ups and Developers
How Lambda works
S3 event
notifications
DynamoDB
StreamsKinesis
events
Cognito
eventsSNS
events
Custom
events
CloudTrail
events LambdaDynamoDB
Kinesis S3
Any custom
Redshift
SNS
Any AWS
AWS Cloud Kata for Start-Ups and Developers
AWS Lambda API Gateway and AWS IoT
regions
Available regions
Singapore
Sydney
AWS Cloud Kata for Start-Ups and Developers
Lambda usage scenarios
AWS Cloud Kata for Start-Ups and Developers
Use case Data processing
Example Amazon S3 bucket triggers
Amazon S3 bucket events
Original objectCompressed object
1
2
3
AWS Lambda
AWS Cloud Kata for Start-Ups and Developers
Use case Dynamic data ingestion
ldquoI want to apply custom logic to process content being uploaded to my data storerdquo
bull PDF watermarking
bull Image thumbnailing and transcoding
bull Document metadata Indexing
bull Log aggregation and filtering
bull RSS feed processing
bull Media content validation
AWS Cloud Kata for Start-Ups and Developers
Use case Realtime data stream processing Amazon Kinesis
ldquoI want to apply custom logic to process logs being uploaded through my Kinesis streamrdquo
bull Client activity tracking
bull metrics generation
bull data cleansing
bull Log filtering
bull indexing and searching
bull Log routing
AWS Cloud Kata for Start-Ups and Developers
Use case mobile backend1 AWS Mobile SDK + Amazon Cognito for mobile app
Or AWS IoT for devices
2 AWS Lambda runs the code
3 Amazon API Gateway (if you want your own endpoint)
4 Amazon DynamoDB holds the data
AWS LambdaAmazon
DynamoDB
AWS Cloud Kata for Start-Ups and Developers
Use case Serverless web apps
1 Amazon S3 for serving static content
2 AWS Lambda for dynamic content
3 Amazon API Gateway for https access
4 Amazon DynamoDB for NoSQL data storage
Dynamic content
in AWS Lambda
Data stored in
Amazon
DynamoDB
API GatewayStatic content in
Amazon S3
AWS Cloud Kata for Start-Ups and Developers
Use case Alexa apps + Slack = serverless bots
Alexa tell Slack to
send ldquoIrsquom giving the
demo nowrdquo
Message retrieval through scheduled
polling
Kevin says
ldquoBreak a legrdquo
Message upload
(via Slack API)
Team
(channel users)
Slack
AWS Cloud Kata for Start-Ups and Developers
Additional scenarios
Cognito
CloudFormationLambda
Lambda
SNS Lambda
LambdaDynamoDB
AWS Cloud Kata for Start-Ups and Developers
DEMO
AWS Cloud Kata for Start-Ups and Developers
1 Image uploading service
2 Image processing service
Face wall service
Dashboard service
3 Data feed services
Input
Image
S3
S3
Output
Image
Metadata DB
App Metric
Lambda
Camera uploads photos with AWS SDK to S3
S3 triggers Lambda event
Lambda function detects faces outputs cropped
images to S3 and stores metadata in DynamoDB
Web application pulls data from face wall and
dashboard services through API gateway which
triggers Lambda function
$$ charged by
Exec time per 100ms
Storage per GB
Number of requests
ReadWrite throughput
AWS Cloud Kata for Start-Ups and Developers
Recent launches and
best practices
AWS Cloud Kata for Start-Ups and Developers
reInvent 2015
bull Python
bull Scheduled functions
bull Longer running times (5 min)
bull Versioning
Recent launches
Since reInventbull Higher code storage limits (from 5 GB to
75 GB)
bull Custom VPC
bull 1-minute schedules
bull New regional launch
bull Nodejs 432
bull 1-click CORs setup
bull Stage variables
bull Custom (Lambda) authorizers
bull Builtin Swagger importexport
bull AWS CloudFormation support for API Gateway and versions
AWS Cloud Kata for Start-Ups and Developers
Function schedules The how-to guide
How can I keep a function warm (no cold starts)
Schedule it
How can I poll a queue (like SQS)
Schedule a function to read the queue
How can I get more timers
Have one scheduled function async invoke other functions
How can I get granularity finer than 1 minute
Run a background timer in your scheduled function
AWS Cloud Kata for Start-Ups and Developers
Function versioning The how-to guide
How can I get mutable configuration info
Read it (eg from DynamoDB) during function initialization
Wrap your config in a function and call it from your published code
How do I ldquoroll backrdquo in AWS Lambda
Using aliases just switch what the alias points to
(As a collection add API Gateway andor CloudFormation)
How do I do bluegreen deployments
AWS Lambda handles fleet deployments but if you want to shape
traffic put a second ldquotraffic coprdquo function in front
How can I lock a clientdevice onto an old version
Point them directly to that versionrsquos ARN
AWS Cloud Kata for Start-Ups and Developers
AWS Lambda VPC basics
All Lambda functions run in a VPC all the time
You never need to ldquoturn onrdquo security ndash itrsquos always on
You can also grant Lambda functions access to resources in your own VPC
How Add VPC subnet IDs and security group IDs to the function config
Typical uses RDB ElastiCache private EC2 endpoints
Allows access to peered VPCs VPN endpoints and private S3 endpoints
Functions configured for VPC access lose internet accesshellip
unless you have managed NAT or a NAT instance in the VPC
hellipEven if you have ldquoAuto-assign Public IPrdquo enabled
hellipEven if you have an internet gateway set up in your VPC
hellipEven if your security group allows all outbound traffic
AWS Cloud Kata for Start-Ups and Developers
AWS Lambda VPC Best practices
VPC is optional ndash donrsquot turn in on unless you need it
The ENIs used by Lambdarsquos VPC feature count against your quota
Ensure you have enough to match your peak concurrency levels (wersquoll consolidate where we can)
DO NOT delete or rename these ENIs
Ensure your subnets have enough IPs for those ENIs
Specify at least one subnet in each Availability ZoneOtherwise Lambda will obey but canrsquot be as fault-tolerant
AWS Cloud Kata for Start-Ups and Developers
Container
ECS
Cluster
Task amp Service
AWS CLI or ECS CLI
Summary
Serverless
Lambda
Use cases
Best practices
New feature
AWS Cloud Kata for Start-Ups and Developers
Hong
Kong
Thank you
AWS Cloud Kata for Start-Ups and Developers
How do I choose
bull VMs
bull ldquoI want to configure machines
storage networking and my OSrdquo
bull Containers
bull ldquoI want to run servers configure
applications and control scalingrdquo
bull Serverless
bull ldquoRun my code when itrsquos neededrdquo
ECS
EC2
AWS Lambda
AWS Cloud Kata for Start-Ups and Developers
Conatiner
AWS Cloud Kata for Start-Ups and Developers
Self managed EC2
Elastic Beanstalk
Elastic container service (ECS)
Deployment options
AWS Cloud Kata for Start-Ups and Developers
Server
Guest OS
BinsLibs BinsLibs
App2App1
Managing One Host is Straightforward
AWS Cloud Kata for Start-Ups and Developers
Managing a Fleet is Hard
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
AZ 1 AZ 2
AZ 3
AWS Cloud Kata for Start-Ups and Developers
What is EC2 Container Service
AWS Cloud Kata for Start-Ups and Developers
Cluster Management Made Easy
No cluster software to install and manage
Manages cluster state
Manages containers
Control and monitoring
Scale from one to tens of thousands of
containers
AWS Cloud Kata for Start-Ups and Developers
Cluster Management Resource
Management
Docker
Task
EC2 Instance
Container
Docker
Task
EC2 Instance
Container
Task
Container
Docker
EC2 Instance
Task
Container
AZ 1 AZ 2
AWS Cloud Kata for Start-Ups and Developers
Cluster Management Scheduling
Docker
Task
EC2 Instance
Container
Docker
Task
EC2 Instance
Container
Task
Container
Docker
EC2 Instance
Task
Container
AZ 1 AZ 2
AWS Cloud Kata for Start-Ups and Developers
Amazon ECS Resource Management
Docker
Task
Container Instance
Container
Task
Container
Docker
Task
Container Instance
Container
Task
Container
Docker
Task
Container Instance
Container
Task
Container
AZ 1 AZ 2
Cluster Management Engine
AWS Cloud Kata for Start-Ups and Developers
Security
Isolation boundaries through EC2
instances
VPC only
Security Group and IAM roles support
AWS Cloud Kata for Start-Ups and Developers
Performance at Scale
Building block for distributed applications
Coordinates and automates container deployment
Launch thousands of containers in seconds
AWS Cloud Kata for Start-Ups and Developers
Designed for use with other AWS
services
Elastic Load Balancing
Amazon Elastic Block Store
Amazon Virtual Private Cloud
AWS Identity and Access Management
AWS CloudTrail
AWS Cloud Kata for Start-Ups and Developers
Key Components
Clusters
Containers
Task Definitions
Service
AWS Cloud Kata for Start-Ups and Developers
Typical User Workflow
I have a Docker
image and I want to
run the image on a
cluster
AWS Cloud Kata for Start-Ups and Developers
Typical User Workflow
Push Image(s)
Amazon ECR
Docker Hub
Or
AWS Cloud Kata for Start-Ups and Developers
Typical User Workflow
Create Task Definition Amazon ECS
Task Definition
- Image
- CPU memory
- Port mapping
- CMD
AWS Cloud Kata for Start-Ups and Developers
Typical User Workflow
Run Instances EC2
Use custom AMI with
Docker support and
ECS Agent Instances
will register with
default cluster
AWS Cloud Kata for Start-Ups and Developers
Typical User Workflow
Describe Cluster Amazon ECS
Get information about
cluster state and
available resources
AWS Cloud Kata for Start-Ups and Developers
Typical User Workflow
Run Task
or
Create Service
Amazon ECS
Using the task definition
created above
AWS Cloud Kata for Start-Ups and Developers
Typical User Workflow
Amazon ECSDescribe Cluster
Get information about
cluster state and
running containers
AWS Cloud Kata for Start-Ups and Developers
DEMO
AWS Cloud Kata for Start-Ups and Developers
Command
aws elb create-load-balancer --cli-input-json fileelb-ecsjson
aws ecs create-cluster --cluster-name ecs-demo
aws autoscaling create-launch-configuration --cli-input-json filelaunch-configjson --user-data fileuserdatatxt
aws autoscaling create-auto-scaling-group --cli-input-json fileauto-scaling-groupjson
aws ecs list-container-instances --cluster ecs-demo
docker build -t dicksonyuekata-demov5
docker run -d -p 80808080 dicksonyuekata-demov5
docker push
aws ecs register-task-definition --cli-input-json fileecs-taskjson
aws ecs update-service --cluster ecs-demo --service vote-app-service --desired-count 2 --task-definition kata-demo-task5
AWS Cloud Kata for Start-Ups and Developers
Task
family vote-app-task
containerDefinitions [
name rdquokata-demo-container
image dicksonyuekata-demov2
cpu 10
memory 500
portMappings [
containerPort 8080
hostPort 8080
]
essential true
command [
npm start
]
]
AWS Cloud Kata for Start-Ups and Developers
Service
cluster ecs-demo
serviceName vote-app-service
taskDefinition vote-app-task
loadBalancers [
loadBalancerName ecs-demo-ecs-elb
containerName rdquokata-demo-container
containerPort 8080
]
desiredCount 1
role ecsServiceRolerdquo
AWS Cloud Kata for Start-Ups and Developers
Serverless
AWS Cloud Kata for Start-Ups and Developers
2) Continuous Scaling 1) No Servers to Manage
AWS Lambda automatically scales your application by running code in response to each trigger Your code runs in parallel and processes each trigger individually scaling
precisely with the size of the workload
3) Subsecond Metering
With AWS Lambda you are charged for every 100ms your code executes and the number of times your code is triggered You dont pay anything when your code
isnt running
AWS Lambda automatically runs your code without requiring you to provision or
manage servers Just write the code and upload it to Lambda
Benefits of AWS Lambda
AWS Cloud Kata for Start-Ups and Developers
How Lambda works
S3 event
notifications
DynamoDB
StreamsKinesis
events
Cognito
eventsSNS
events
Custom
events
CloudTrail
events LambdaDynamoDB
Kinesis S3
Any custom
Redshift
SNS
Any AWS
AWS Cloud Kata for Start-Ups and Developers
AWS Lambda API Gateway and AWS IoT
regions
Available regions
Singapore
Sydney
AWS Cloud Kata for Start-Ups and Developers
Lambda usage scenarios
AWS Cloud Kata for Start-Ups and Developers
Use case Data processing
Example Amazon S3 bucket triggers
Amazon S3 bucket events
Original objectCompressed object
1
2
3
AWS Lambda
AWS Cloud Kata for Start-Ups and Developers
Use case Dynamic data ingestion
ldquoI want to apply custom logic to process content being uploaded to my data storerdquo
bull PDF watermarking
bull Image thumbnailing and transcoding
bull Document metadata Indexing
bull Log aggregation and filtering
bull RSS feed processing
bull Media content validation
AWS Cloud Kata for Start-Ups and Developers
Use case Realtime data stream processing Amazon Kinesis
ldquoI want to apply custom logic to process logs being uploaded through my Kinesis streamrdquo
bull Client activity tracking
bull metrics generation
bull data cleansing
bull Log filtering
bull indexing and searching
bull Log routing
AWS Cloud Kata for Start-Ups and Developers
Use case mobile backend1 AWS Mobile SDK + Amazon Cognito for mobile app
Or AWS IoT for devices
2 AWS Lambda runs the code
3 Amazon API Gateway (if you want your own endpoint)
4 Amazon DynamoDB holds the data
AWS LambdaAmazon
DynamoDB
AWS Cloud Kata for Start-Ups and Developers
Use case Serverless web apps
1 Amazon S3 for serving static content
2 AWS Lambda for dynamic content
3 Amazon API Gateway for https access
4 Amazon DynamoDB for NoSQL data storage
Dynamic content
in AWS Lambda
Data stored in
Amazon
DynamoDB
API GatewayStatic content in
Amazon S3
AWS Cloud Kata for Start-Ups and Developers
Use case Alexa apps + Slack = serverless bots
Alexa tell Slack to
send ldquoIrsquom giving the
demo nowrdquo
Message retrieval through scheduled
polling
Kevin says
ldquoBreak a legrdquo
Message upload
(via Slack API)
Team
(channel users)
Slack
AWS Cloud Kata for Start-Ups and Developers
Additional scenarios
Cognito
CloudFormationLambda
Lambda
SNS Lambda
LambdaDynamoDB
AWS Cloud Kata for Start-Ups and Developers
DEMO
AWS Cloud Kata for Start-Ups and Developers
1 Image uploading service
2 Image processing service
Face wall service
Dashboard service
3 Data feed services
Input
Image
S3
S3
Output
Image
Metadata DB
App Metric
Lambda
Camera uploads photos with AWS SDK to S3
S3 triggers Lambda event
Lambda function detects faces outputs cropped
images to S3 and stores metadata in DynamoDB
Web application pulls data from face wall and
dashboard services through API gateway which
triggers Lambda function
$$ charged by
Exec time per 100ms
Storage per GB
Number of requests
ReadWrite throughput
AWS Cloud Kata for Start-Ups and Developers
Recent launches and
best practices
AWS Cloud Kata for Start-Ups and Developers
reInvent 2015
bull Python
bull Scheduled functions
bull Longer running times (5 min)
bull Versioning
Recent launches
Since reInventbull Higher code storage limits (from 5 GB to
75 GB)
bull Custom VPC
bull 1-minute schedules
bull New regional launch
bull Nodejs 432
bull 1-click CORs setup
bull Stage variables
bull Custom (Lambda) authorizers
bull Builtin Swagger importexport
bull AWS CloudFormation support for API Gateway and versions
AWS Cloud Kata for Start-Ups and Developers
Function schedules The how-to guide
How can I keep a function warm (no cold starts)
Schedule it
How can I poll a queue (like SQS)
Schedule a function to read the queue
How can I get more timers
Have one scheduled function async invoke other functions
How can I get granularity finer than 1 minute
Run a background timer in your scheduled function
AWS Cloud Kata for Start-Ups and Developers
Function versioning The how-to guide
How can I get mutable configuration info
Read it (eg from DynamoDB) during function initialization
Wrap your config in a function and call it from your published code
How do I ldquoroll backrdquo in AWS Lambda
Using aliases just switch what the alias points to
(As a collection add API Gateway andor CloudFormation)
How do I do bluegreen deployments
AWS Lambda handles fleet deployments but if you want to shape
traffic put a second ldquotraffic coprdquo function in front
How can I lock a clientdevice onto an old version
Point them directly to that versionrsquos ARN
AWS Cloud Kata for Start-Ups and Developers
AWS Lambda VPC basics
All Lambda functions run in a VPC all the time
You never need to ldquoturn onrdquo security ndash itrsquos always on
You can also grant Lambda functions access to resources in your own VPC
How Add VPC subnet IDs and security group IDs to the function config
Typical uses RDB ElastiCache private EC2 endpoints
Allows access to peered VPCs VPN endpoints and private S3 endpoints
Functions configured for VPC access lose internet accesshellip
unless you have managed NAT or a NAT instance in the VPC
hellipEven if you have ldquoAuto-assign Public IPrdquo enabled
hellipEven if you have an internet gateway set up in your VPC
hellipEven if your security group allows all outbound traffic
AWS Cloud Kata for Start-Ups and Developers
AWS Lambda VPC Best practices
VPC is optional ndash donrsquot turn in on unless you need it
The ENIs used by Lambdarsquos VPC feature count against your quota
Ensure you have enough to match your peak concurrency levels (wersquoll consolidate where we can)
DO NOT delete or rename these ENIs
Ensure your subnets have enough IPs for those ENIs
Specify at least one subnet in each Availability ZoneOtherwise Lambda will obey but canrsquot be as fault-tolerant
AWS Cloud Kata for Start-Ups and Developers
Container
ECS
Cluster
Task amp Service
AWS CLI or ECS CLI
Summary
Serverless
Lambda
Use cases
Best practices
New feature
AWS Cloud Kata for Start-Ups and Developers
Hong
Kong
Thank you
AWS Cloud Kata for Start-Ups and Developers
Conatiner
AWS Cloud Kata for Start-Ups and Developers
Self managed EC2
Elastic Beanstalk
Elastic container service (ECS)
Deployment options
AWS Cloud Kata for Start-Ups and Developers
Server
Guest OS
BinsLibs BinsLibs
App2App1
Managing One Host is Straightforward
AWS Cloud Kata for Start-Ups and Developers
Managing a Fleet is Hard
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
AZ 1 AZ 2
AZ 3
AWS Cloud Kata for Start-Ups and Developers
What is EC2 Container Service
AWS Cloud Kata for Start-Ups and Developers
Cluster Management Made Easy
No cluster software to install and manage
Manages cluster state
Manages containers
Control and monitoring
Scale from one to tens of thousands of
containers
AWS Cloud Kata for Start-Ups and Developers
Cluster Management Resource
Management
Docker
Task
EC2 Instance
Container
Docker
Task
EC2 Instance
Container
Task
Container
Docker
EC2 Instance
Task
Container
AZ 1 AZ 2
AWS Cloud Kata for Start-Ups and Developers
Cluster Management Scheduling
Docker
Task
EC2 Instance
Container
Docker
Task
EC2 Instance
Container
Task
Container
Docker
EC2 Instance
Task
Container
AZ 1 AZ 2
AWS Cloud Kata for Start-Ups and Developers
Amazon ECS Resource Management
Docker
Task
Container Instance
Container
Task
Container
Docker
Task
Container Instance
Container
Task
Container
Docker
Task
Container Instance
Container
Task
Container
AZ 1 AZ 2
Cluster Management Engine
AWS Cloud Kata for Start-Ups and Developers
Security
Isolation boundaries through EC2
instances
VPC only
Security Group and IAM roles support
AWS Cloud Kata for Start-Ups and Developers
Performance at Scale
Building block for distributed applications
Coordinates and automates container deployment
Launch thousands of containers in seconds
AWS Cloud Kata for Start-Ups and Developers
Designed for use with other AWS
services
Elastic Load Balancing
Amazon Elastic Block Store
Amazon Virtual Private Cloud
AWS Identity and Access Management
AWS CloudTrail
AWS Cloud Kata for Start-Ups and Developers
Key Components
Clusters
Containers
Task Definitions
Service
AWS Cloud Kata for Start-Ups and Developers
Typical User Workflow
I have a Docker
image and I want to
run the image on a
cluster
AWS Cloud Kata for Start-Ups and Developers
Typical User Workflow
Push Image(s)
Amazon ECR
Docker Hub
Or
AWS Cloud Kata for Start-Ups and Developers
Typical User Workflow
Create Task Definition Amazon ECS
Task Definition
- Image
- CPU memory
- Port mapping
- CMD
AWS Cloud Kata for Start-Ups and Developers
Typical User Workflow
Run Instances EC2
Use custom AMI with
Docker support and
ECS Agent Instances
will register with
default cluster
AWS Cloud Kata for Start-Ups and Developers
Typical User Workflow
Describe Cluster Amazon ECS
Get information about
cluster state and
available resources
AWS Cloud Kata for Start-Ups and Developers
Typical User Workflow
Run Task
or
Create Service
Amazon ECS
Using the task definition
created above
AWS Cloud Kata for Start-Ups and Developers
Typical User Workflow
Amazon ECSDescribe Cluster
Get information about
cluster state and
running containers
AWS Cloud Kata for Start-Ups and Developers
DEMO
AWS Cloud Kata for Start-Ups and Developers
Command
aws elb create-load-balancer --cli-input-json fileelb-ecsjson
aws ecs create-cluster --cluster-name ecs-demo
aws autoscaling create-launch-configuration --cli-input-json filelaunch-configjson --user-data fileuserdatatxt
aws autoscaling create-auto-scaling-group --cli-input-json fileauto-scaling-groupjson
aws ecs list-container-instances --cluster ecs-demo
docker build -t dicksonyuekata-demov5
docker run -d -p 80808080 dicksonyuekata-demov5
docker push
aws ecs register-task-definition --cli-input-json fileecs-taskjson
aws ecs update-service --cluster ecs-demo --service vote-app-service --desired-count 2 --task-definition kata-demo-task5
AWS Cloud Kata for Start-Ups and Developers
Task
family vote-app-task
containerDefinitions [
name rdquokata-demo-container
image dicksonyuekata-demov2
cpu 10
memory 500
portMappings [
containerPort 8080
hostPort 8080
]
essential true
command [
npm start
]
]
AWS Cloud Kata for Start-Ups and Developers
Service
cluster ecs-demo
serviceName vote-app-service
taskDefinition vote-app-task
loadBalancers [
loadBalancerName ecs-demo-ecs-elb
containerName rdquokata-demo-container
containerPort 8080
]
desiredCount 1
role ecsServiceRolerdquo
AWS Cloud Kata for Start-Ups and Developers
Serverless
AWS Cloud Kata for Start-Ups and Developers
2) Continuous Scaling 1) No Servers to Manage
AWS Lambda automatically scales your application by running code in response to each trigger Your code runs in parallel and processes each trigger individually scaling
precisely with the size of the workload
3) Subsecond Metering
With AWS Lambda you are charged for every 100ms your code executes and the number of times your code is triggered You dont pay anything when your code
isnt running
AWS Lambda automatically runs your code without requiring you to provision or
manage servers Just write the code and upload it to Lambda
Benefits of AWS Lambda
AWS Cloud Kata for Start-Ups and Developers
How Lambda works
S3 event
notifications
DynamoDB
StreamsKinesis
events
Cognito
eventsSNS
events
Custom
events
CloudTrail
events LambdaDynamoDB
Kinesis S3
Any custom
Redshift
SNS
Any AWS
AWS Cloud Kata for Start-Ups and Developers
AWS Lambda API Gateway and AWS IoT
regions
Available regions
Singapore
Sydney
AWS Cloud Kata for Start-Ups and Developers
Lambda usage scenarios
AWS Cloud Kata for Start-Ups and Developers
Use case Data processing
Example Amazon S3 bucket triggers
Amazon S3 bucket events
Original objectCompressed object
1
2
3
AWS Lambda
AWS Cloud Kata for Start-Ups and Developers
Use case Dynamic data ingestion
ldquoI want to apply custom logic to process content being uploaded to my data storerdquo
bull PDF watermarking
bull Image thumbnailing and transcoding
bull Document metadata Indexing
bull Log aggregation and filtering
bull RSS feed processing
bull Media content validation
AWS Cloud Kata for Start-Ups and Developers
Use case Realtime data stream processing Amazon Kinesis
ldquoI want to apply custom logic to process logs being uploaded through my Kinesis streamrdquo
bull Client activity tracking
bull metrics generation
bull data cleansing
bull Log filtering
bull indexing and searching
bull Log routing
AWS Cloud Kata for Start-Ups and Developers
Use case mobile backend1 AWS Mobile SDK + Amazon Cognito for mobile app
Or AWS IoT for devices
2 AWS Lambda runs the code
3 Amazon API Gateway (if you want your own endpoint)
4 Amazon DynamoDB holds the data
AWS LambdaAmazon
DynamoDB
AWS Cloud Kata for Start-Ups and Developers
Use case Serverless web apps
1 Amazon S3 for serving static content
2 AWS Lambda for dynamic content
3 Amazon API Gateway for https access
4 Amazon DynamoDB for NoSQL data storage
Dynamic content
in AWS Lambda
Data stored in
Amazon
DynamoDB
API GatewayStatic content in
Amazon S3
AWS Cloud Kata for Start-Ups and Developers
Use case Alexa apps + Slack = serverless bots
Alexa tell Slack to
send ldquoIrsquom giving the
demo nowrdquo
Message retrieval through scheduled
polling
Kevin says
ldquoBreak a legrdquo
Message upload
(via Slack API)
Team
(channel users)
Slack
AWS Cloud Kata for Start-Ups and Developers
Additional scenarios
Cognito
CloudFormationLambda
Lambda
SNS Lambda
LambdaDynamoDB
AWS Cloud Kata for Start-Ups and Developers
DEMO
AWS Cloud Kata for Start-Ups and Developers
1 Image uploading service
2 Image processing service
Face wall service
Dashboard service
3 Data feed services
Input
Image
S3
S3
Output
Image
Metadata DB
App Metric
Lambda
Camera uploads photos with AWS SDK to S3
S3 triggers Lambda event
Lambda function detects faces outputs cropped
images to S3 and stores metadata in DynamoDB
Web application pulls data from face wall and
dashboard services through API gateway which
triggers Lambda function
$$ charged by
Exec time per 100ms
Storage per GB
Number of requests
ReadWrite throughput
AWS Cloud Kata for Start-Ups and Developers
Recent launches and
best practices
AWS Cloud Kata for Start-Ups and Developers
reInvent 2015
bull Python
bull Scheduled functions
bull Longer running times (5 min)
bull Versioning
Recent launches
Since reInventbull Higher code storage limits (from 5 GB to
75 GB)
bull Custom VPC
bull 1-minute schedules
bull New regional launch
bull Nodejs 432
bull 1-click CORs setup
bull Stage variables
bull Custom (Lambda) authorizers
bull Builtin Swagger importexport
bull AWS CloudFormation support for API Gateway and versions
AWS Cloud Kata for Start-Ups and Developers
Function schedules The how-to guide
How can I keep a function warm (no cold starts)
Schedule it
How can I poll a queue (like SQS)
Schedule a function to read the queue
How can I get more timers
Have one scheduled function async invoke other functions
How can I get granularity finer than 1 minute
Run a background timer in your scheduled function
AWS Cloud Kata for Start-Ups and Developers
Function versioning The how-to guide
How can I get mutable configuration info
Read it (eg from DynamoDB) during function initialization
Wrap your config in a function and call it from your published code
How do I ldquoroll backrdquo in AWS Lambda
Using aliases just switch what the alias points to
(As a collection add API Gateway andor CloudFormation)
How do I do bluegreen deployments
AWS Lambda handles fleet deployments but if you want to shape
traffic put a second ldquotraffic coprdquo function in front
How can I lock a clientdevice onto an old version
Point them directly to that versionrsquos ARN
AWS Cloud Kata for Start-Ups and Developers
AWS Lambda VPC basics
All Lambda functions run in a VPC all the time
You never need to ldquoturn onrdquo security ndash itrsquos always on
You can also grant Lambda functions access to resources in your own VPC
How Add VPC subnet IDs and security group IDs to the function config
Typical uses RDB ElastiCache private EC2 endpoints
Allows access to peered VPCs VPN endpoints and private S3 endpoints
Functions configured for VPC access lose internet accesshellip
unless you have managed NAT or a NAT instance in the VPC
hellipEven if you have ldquoAuto-assign Public IPrdquo enabled
hellipEven if you have an internet gateway set up in your VPC
hellipEven if your security group allows all outbound traffic
AWS Cloud Kata for Start-Ups and Developers
AWS Lambda VPC Best practices
VPC is optional ndash donrsquot turn in on unless you need it
The ENIs used by Lambdarsquos VPC feature count against your quota
Ensure you have enough to match your peak concurrency levels (wersquoll consolidate where we can)
DO NOT delete or rename these ENIs
Ensure your subnets have enough IPs for those ENIs
Specify at least one subnet in each Availability ZoneOtherwise Lambda will obey but canrsquot be as fault-tolerant
AWS Cloud Kata for Start-Ups and Developers
Container
ECS
Cluster
Task amp Service
AWS CLI or ECS CLI
Summary
Serverless
Lambda
Use cases
Best practices
New feature
AWS Cloud Kata for Start-Ups and Developers
Hong
Kong
Thank you
AWS Cloud Kata for Start-Ups and Developers
Self managed EC2
Elastic Beanstalk
Elastic container service (ECS)
Deployment options
AWS Cloud Kata for Start-Ups and Developers
Server
Guest OS
BinsLibs BinsLibs
App2App1
Managing One Host is Straightforward
AWS Cloud Kata for Start-Ups and Developers
Managing a Fleet is Hard
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
AZ 1 AZ 2
AZ 3
AWS Cloud Kata for Start-Ups and Developers
What is EC2 Container Service
AWS Cloud Kata for Start-Ups and Developers
Cluster Management Made Easy
No cluster software to install and manage
Manages cluster state
Manages containers
Control and monitoring
Scale from one to tens of thousands of
containers
AWS Cloud Kata for Start-Ups and Developers
Cluster Management Resource
Management
Docker
Task
EC2 Instance
Container
Docker
Task
EC2 Instance
Container
Task
Container
Docker
EC2 Instance
Task
Container
AZ 1 AZ 2
AWS Cloud Kata for Start-Ups and Developers
Cluster Management Scheduling
Docker
Task
EC2 Instance
Container
Docker
Task
EC2 Instance
Container
Task
Container
Docker
EC2 Instance
Task
Container
AZ 1 AZ 2
AWS Cloud Kata for Start-Ups and Developers
Amazon ECS Resource Management
Docker
Task
Container Instance
Container
Task
Container
Docker
Task
Container Instance
Container
Task
Container
Docker
Task
Container Instance
Container
Task
Container
AZ 1 AZ 2
Cluster Management Engine
AWS Cloud Kata for Start-Ups and Developers
Security
Isolation boundaries through EC2
instances
VPC only
Security Group and IAM roles support
AWS Cloud Kata for Start-Ups and Developers
Performance at Scale
Building block for distributed applications
Coordinates and automates container deployment
Launch thousands of containers in seconds
AWS Cloud Kata for Start-Ups and Developers
Designed for use with other AWS
services
Elastic Load Balancing
Amazon Elastic Block Store
Amazon Virtual Private Cloud
AWS Identity and Access Management
AWS CloudTrail
AWS Cloud Kata for Start-Ups and Developers
Key Components
Clusters
Containers
Task Definitions
Service
AWS Cloud Kata for Start-Ups and Developers
Typical User Workflow
I have a Docker
image and I want to
run the image on a
cluster
AWS Cloud Kata for Start-Ups and Developers
Typical User Workflow
Push Image(s)
Amazon ECR
Docker Hub
Or
AWS Cloud Kata for Start-Ups and Developers
Typical User Workflow
Create Task Definition Amazon ECS
Task Definition
- Image
- CPU memory
- Port mapping
- CMD
AWS Cloud Kata for Start-Ups and Developers
Typical User Workflow
Run Instances EC2
Use custom AMI with
Docker support and
ECS Agent Instances
will register with
default cluster
AWS Cloud Kata for Start-Ups and Developers
Typical User Workflow
Describe Cluster Amazon ECS
Get information about
cluster state and
available resources
AWS Cloud Kata for Start-Ups and Developers
Typical User Workflow
Run Task
or
Create Service
Amazon ECS
Using the task definition
created above
AWS Cloud Kata for Start-Ups and Developers
Typical User Workflow
Amazon ECSDescribe Cluster
Get information about
cluster state and
running containers
AWS Cloud Kata for Start-Ups and Developers
DEMO
AWS Cloud Kata for Start-Ups and Developers
Command
aws elb create-load-balancer --cli-input-json fileelb-ecsjson
aws ecs create-cluster --cluster-name ecs-demo
aws autoscaling create-launch-configuration --cli-input-json filelaunch-configjson --user-data fileuserdatatxt
aws autoscaling create-auto-scaling-group --cli-input-json fileauto-scaling-groupjson
aws ecs list-container-instances --cluster ecs-demo
docker build -t dicksonyuekata-demov5
docker run -d -p 80808080 dicksonyuekata-demov5
docker push
aws ecs register-task-definition --cli-input-json fileecs-taskjson
aws ecs update-service --cluster ecs-demo --service vote-app-service --desired-count 2 --task-definition kata-demo-task5
AWS Cloud Kata for Start-Ups and Developers
Task
family vote-app-task
containerDefinitions [
name rdquokata-demo-container
image dicksonyuekata-demov2
cpu 10
memory 500
portMappings [
containerPort 8080
hostPort 8080
]
essential true
command [
npm start
]
]
AWS Cloud Kata for Start-Ups and Developers
Service
cluster ecs-demo
serviceName vote-app-service
taskDefinition vote-app-task
loadBalancers [
loadBalancerName ecs-demo-ecs-elb
containerName rdquokata-demo-container
containerPort 8080
]
desiredCount 1
role ecsServiceRolerdquo
AWS Cloud Kata for Start-Ups and Developers
Serverless
AWS Cloud Kata for Start-Ups and Developers
2) Continuous Scaling 1) No Servers to Manage
AWS Lambda automatically scales your application by running code in response to each trigger Your code runs in parallel and processes each trigger individually scaling
precisely with the size of the workload
3) Subsecond Metering
With AWS Lambda you are charged for every 100ms your code executes and the number of times your code is triggered You dont pay anything when your code
isnt running
AWS Lambda automatically runs your code without requiring you to provision or
manage servers Just write the code and upload it to Lambda
Benefits of AWS Lambda
AWS Cloud Kata for Start-Ups and Developers
How Lambda works
S3 event
notifications
DynamoDB
StreamsKinesis
events
Cognito
eventsSNS
events
Custom
events
CloudTrail
events LambdaDynamoDB
Kinesis S3
Any custom
Redshift
SNS
Any AWS
AWS Cloud Kata for Start-Ups and Developers
AWS Lambda API Gateway and AWS IoT
regions
Available regions
Singapore
Sydney
AWS Cloud Kata for Start-Ups and Developers
Lambda usage scenarios
AWS Cloud Kata for Start-Ups and Developers
Use case Data processing
Example Amazon S3 bucket triggers
Amazon S3 bucket events
Original objectCompressed object
1
2
3
AWS Lambda
AWS Cloud Kata for Start-Ups and Developers
Use case Dynamic data ingestion
ldquoI want to apply custom logic to process content being uploaded to my data storerdquo
bull PDF watermarking
bull Image thumbnailing and transcoding
bull Document metadata Indexing
bull Log aggregation and filtering
bull RSS feed processing
bull Media content validation
AWS Cloud Kata for Start-Ups and Developers
Use case Realtime data stream processing Amazon Kinesis
ldquoI want to apply custom logic to process logs being uploaded through my Kinesis streamrdquo
bull Client activity tracking
bull metrics generation
bull data cleansing
bull Log filtering
bull indexing and searching
bull Log routing
AWS Cloud Kata for Start-Ups and Developers
Use case mobile backend1 AWS Mobile SDK + Amazon Cognito for mobile app
Or AWS IoT for devices
2 AWS Lambda runs the code
3 Amazon API Gateway (if you want your own endpoint)
4 Amazon DynamoDB holds the data
AWS LambdaAmazon
DynamoDB
AWS Cloud Kata for Start-Ups and Developers
Use case Serverless web apps
1 Amazon S3 for serving static content
2 AWS Lambda for dynamic content
3 Amazon API Gateway for https access
4 Amazon DynamoDB for NoSQL data storage
Dynamic content
in AWS Lambda
Data stored in
Amazon
DynamoDB
API GatewayStatic content in
Amazon S3
AWS Cloud Kata for Start-Ups and Developers
Use case Alexa apps + Slack = serverless bots
Alexa tell Slack to
send ldquoIrsquom giving the
demo nowrdquo
Message retrieval through scheduled
polling
Kevin says
ldquoBreak a legrdquo
Message upload
(via Slack API)
Team
(channel users)
Slack
AWS Cloud Kata for Start-Ups and Developers
Additional scenarios
Cognito
CloudFormationLambda
Lambda
SNS Lambda
LambdaDynamoDB
AWS Cloud Kata for Start-Ups and Developers
DEMO
AWS Cloud Kata for Start-Ups and Developers
1 Image uploading service
2 Image processing service
Face wall service
Dashboard service
3 Data feed services
Input
Image
S3
S3
Output
Image
Metadata DB
App Metric
Lambda
Camera uploads photos with AWS SDK to S3
S3 triggers Lambda event
Lambda function detects faces outputs cropped
images to S3 and stores metadata in DynamoDB
Web application pulls data from face wall and
dashboard services through API gateway which
triggers Lambda function
$$ charged by
Exec time per 100ms
Storage per GB
Number of requests
ReadWrite throughput
AWS Cloud Kata for Start-Ups and Developers
Recent launches and
best practices
AWS Cloud Kata for Start-Ups and Developers
reInvent 2015
bull Python
bull Scheduled functions
bull Longer running times (5 min)
bull Versioning
Recent launches
Since reInventbull Higher code storage limits (from 5 GB to
75 GB)
bull Custom VPC
bull 1-minute schedules
bull New regional launch
bull Nodejs 432
bull 1-click CORs setup
bull Stage variables
bull Custom (Lambda) authorizers
bull Builtin Swagger importexport
bull AWS CloudFormation support for API Gateway and versions
AWS Cloud Kata for Start-Ups and Developers
Function schedules The how-to guide
How can I keep a function warm (no cold starts)
Schedule it
How can I poll a queue (like SQS)
Schedule a function to read the queue
How can I get more timers
Have one scheduled function async invoke other functions
How can I get granularity finer than 1 minute
Run a background timer in your scheduled function
AWS Cloud Kata for Start-Ups and Developers
Function versioning The how-to guide
How can I get mutable configuration info
Read it (eg from DynamoDB) during function initialization
Wrap your config in a function and call it from your published code
How do I ldquoroll backrdquo in AWS Lambda
Using aliases just switch what the alias points to
(As a collection add API Gateway andor CloudFormation)
How do I do bluegreen deployments
AWS Lambda handles fleet deployments but if you want to shape
traffic put a second ldquotraffic coprdquo function in front
How can I lock a clientdevice onto an old version
Point them directly to that versionrsquos ARN
AWS Cloud Kata for Start-Ups and Developers
AWS Lambda VPC basics
All Lambda functions run in a VPC all the time
You never need to ldquoturn onrdquo security ndash itrsquos always on
You can also grant Lambda functions access to resources in your own VPC
How Add VPC subnet IDs and security group IDs to the function config
Typical uses RDB ElastiCache private EC2 endpoints
Allows access to peered VPCs VPN endpoints and private S3 endpoints
Functions configured for VPC access lose internet accesshellip
unless you have managed NAT or a NAT instance in the VPC
hellipEven if you have ldquoAuto-assign Public IPrdquo enabled
hellipEven if you have an internet gateway set up in your VPC
hellipEven if your security group allows all outbound traffic
AWS Cloud Kata for Start-Ups and Developers
AWS Lambda VPC Best practices
VPC is optional ndash donrsquot turn in on unless you need it
The ENIs used by Lambdarsquos VPC feature count against your quota
Ensure you have enough to match your peak concurrency levels (wersquoll consolidate where we can)
DO NOT delete or rename these ENIs
Ensure your subnets have enough IPs for those ENIs
Specify at least one subnet in each Availability ZoneOtherwise Lambda will obey but canrsquot be as fault-tolerant
AWS Cloud Kata for Start-Ups and Developers
Container
ECS
Cluster
Task amp Service
AWS CLI or ECS CLI
Summary
Serverless
Lambda
Use cases
Best practices
New feature
AWS Cloud Kata for Start-Ups and Developers
Hong
Kong
Thank you
AWS Cloud Kata for Start-Ups and Developers
Server
Guest OS
BinsLibs BinsLibs
App2App1
Managing One Host is Straightforward
AWS Cloud Kata for Start-Ups and Developers
Managing a Fleet is Hard
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
AZ 1 AZ 2
AZ 3
AWS Cloud Kata for Start-Ups and Developers
What is EC2 Container Service
AWS Cloud Kata for Start-Ups and Developers
Cluster Management Made Easy
No cluster software to install and manage
Manages cluster state
Manages containers
Control and monitoring
Scale from one to tens of thousands of
containers
AWS Cloud Kata for Start-Ups and Developers
Cluster Management Resource
Management
Docker
Task
EC2 Instance
Container
Docker
Task
EC2 Instance
Container
Task
Container
Docker
EC2 Instance
Task
Container
AZ 1 AZ 2
AWS Cloud Kata for Start-Ups and Developers
Cluster Management Scheduling
Docker
Task
EC2 Instance
Container
Docker
Task
EC2 Instance
Container
Task
Container
Docker
EC2 Instance
Task
Container
AZ 1 AZ 2
AWS Cloud Kata for Start-Ups and Developers
Amazon ECS Resource Management
Docker
Task
Container Instance
Container
Task
Container
Docker
Task
Container Instance
Container
Task
Container
Docker
Task
Container Instance
Container
Task
Container
AZ 1 AZ 2
Cluster Management Engine
AWS Cloud Kata for Start-Ups and Developers
Security
Isolation boundaries through EC2
instances
VPC only
Security Group and IAM roles support
AWS Cloud Kata for Start-Ups and Developers
Performance at Scale
Building block for distributed applications
Coordinates and automates container deployment
Launch thousands of containers in seconds
AWS Cloud Kata for Start-Ups and Developers
Designed for use with other AWS
services
Elastic Load Balancing
Amazon Elastic Block Store
Amazon Virtual Private Cloud
AWS Identity and Access Management
AWS CloudTrail
AWS Cloud Kata for Start-Ups and Developers
Key Components
Clusters
Containers
Task Definitions
Service
AWS Cloud Kata for Start-Ups and Developers
Typical User Workflow
I have a Docker
image and I want to
run the image on a
cluster
AWS Cloud Kata for Start-Ups and Developers
Typical User Workflow
Push Image(s)
Amazon ECR
Docker Hub
Or
AWS Cloud Kata for Start-Ups and Developers
Typical User Workflow
Create Task Definition Amazon ECS
Task Definition
- Image
- CPU memory
- Port mapping
- CMD
AWS Cloud Kata for Start-Ups and Developers
Typical User Workflow
Run Instances EC2
Use custom AMI with
Docker support and
ECS Agent Instances
will register with
default cluster
AWS Cloud Kata for Start-Ups and Developers
Typical User Workflow
Describe Cluster Amazon ECS
Get information about
cluster state and
available resources
AWS Cloud Kata for Start-Ups and Developers
Typical User Workflow
Run Task
or
Create Service
Amazon ECS
Using the task definition
created above
AWS Cloud Kata for Start-Ups and Developers
Typical User Workflow
Amazon ECSDescribe Cluster
Get information about
cluster state and
running containers
AWS Cloud Kata for Start-Ups and Developers
DEMO
AWS Cloud Kata for Start-Ups and Developers
Command
aws elb create-load-balancer --cli-input-json fileelb-ecsjson
aws ecs create-cluster --cluster-name ecs-demo
aws autoscaling create-launch-configuration --cli-input-json filelaunch-configjson --user-data fileuserdatatxt
aws autoscaling create-auto-scaling-group --cli-input-json fileauto-scaling-groupjson
aws ecs list-container-instances --cluster ecs-demo
docker build -t dicksonyuekata-demov5
docker run -d -p 80808080 dicksonyuekata-demov5
docker push
aws ecs register-task-definition --cli-input-json fileecs-taskjson
aws ecs update-service --cluster ecs-demo --service vote-app-service --desired-count 2 --task-definition kata-demo-task5
AWS Cloud Kata for Start-Ups and Developers
Task
family vote-app-task
containerDefinitions [
name rdquokata-demo-container
image dicksonyuekata-demov2
cpu 10
memory 500
portMappings [
containerPort 8080
hostPort 8080
]
essential true
command [
npm start
]
]
AWS Cloud Kata for Start-Ups and Developers
Service
cluster ecs-demo
serviceName vote-app-service
taskDefinition vote-app-task
loadBalancers [
loadBalancerName ecs-demo-ecs-elb
containerName rdquokata-demo-container
containerPort 8080
]
desiredCount 1
role ecsServiceRolerdquo
AWS Cloud Kata for Start-Ups and Developers
Serverless
AWS Cloud Kata for Start-Ups and Developers
2) Continuous Scaling 1) No Servers to Manage
AWS Lambda automatically scales your application by running code in response to each trigger Your code runs in parallel and processes each trigger individually scaling
precisely with the size of the workload
3) Subsecond Metering
With AWS Lambda you are charged for every 100ms your code executes and the number of times your code is triggered You dont pay anything when your code
isnt running
AWS Lambda automatically runs your code without requiring you to provision or
manage servers Just write the code and upload it to Lambda
Benefits of AWS Lambda
AWS Cloud Kata for Start-Ups and Developers
How Lambda works
S3 event
notifications
DynamoDB
StreamsKinesis
events
Cognito
eventsSNS
events
Custom
events
CloudTrail
events LambdaDynamoDB
Kinesis S3
Any custom
Redshift
SNS
Any AWS
AWS Cloud Kata for Start-Ups and Developers
AWS Lambda API Gateway and AWS IoT
regions
Available regions
Singapore
Sydney
AWS Cloud Kata for Start-Ups and Developers
Lambda usage scenarios
AWS Cloud Kata for Start-Ups and Developers
Use case Data processing
Example Amazon S3 bucket triggers
Amazon S3 bucket events
Original objectCompressed object
1
2
3
AWS Lambda
AWS Cloud Kata for Start-Ups and Developers
Use case Dynamic data ingestion
ldquoI want to apply custom logic to process content being uploaded to my data storerdquo
bull PDF watermarking
bull Image thumbnailing and transcoding
bull Document metadata Indexing
bull Log aggregation and filtering
bull RSS feed processing
bull Media content validation
AWS Cloud Kata for Start-Ups and Developers
Use case Realtime data stream processing Amazon Kinesis
ldquoI want to apply custom logic to process logs being uploaded through my Kinesis streamrdquo
bull Client activity tracking
bull metrics generation
bull data cleansing
bull Log filtering
bull indexing and searching
bull Log routing
AWS Cloud Kata for Start-Ups and Developers
Use case mobile backend1 AWS Mobile SDK + Amazon Cognito for mobile app
Or AWS IoT for devices
2 AWS Lambda runs the code
3 Amazon API Gateway (if you want your own endpoint)
4 Amazon DynamoDB holds the data
AWS LambdaAmazon
DynamoDB
AWS Cloud Kata for Start-Ups and Developers
Use case Serverless web apps
1 Amazon S3 for serving static content
2 AWS Lambda for dynamic content
3 Amazon API Gateway for https access
4 Amazon DynamoDB for NoSQL data storage
Dynamic content
in AWS Lambda
Data stored in
Amazon
DynamoDB
API GatewayStatic content in
Amazon S3
AWS Cloud Kata for Start-Ups and Developers
Use case Alexa apps + Slack = serverless bots
Alexa tell Slack to
send ldquoIrsquom giving the
demo nowrdquo
Message retrieval through scheduled
polling
Kevin says
ldquoBreak a legrdquo
Message upload
(via Slack API)
Team
(channel users)
Slack
AWS Cloud Kata for Start-Ups and Developers
Additional scenarios
Cognito
CloudFormationLambda
Lambda
SNS Lambda
LambdaDynamoDB
AWS Cloud Kata for Start-Ups and Developers
DEMO
AWS Cloud Kata for Start-Ups and Developers
1 Image uploading service
2 Image processing service
Face wall service
Dashboard service
3 Data feed services
Input
Image
S3
S3
Output
Image
Metadata DB
App Metric
Lambda
Camera uploads photos with AWS SDK to S3
S3 triggers Lambda event
Lambda function detects faces outputs cropped
images to S3 and stores metadata in DynamoDB
Web application pulls data from face wall and
dashboard services through API gateway which
triggers Lambda function
$$ charged by
Exec time per 100ms
Storage per GB
Number of requests
ReadWrite throughput
AWS Cloud Kata for Start-Ups and Developers
Recent launches and
best practices
AWS Cloud Kata for Start-Ups and Developers
reInvent 2015
bull Python
bull Scheduled functions
bull Longer running times (5 min)
bull Versioning
Recent launches
Since reInventbull Higher code storage limits (from 5 GB to
75 GB)
bull Custom VPC
bull 1-minute schedules
bull New regional launch
bull Nodejs 432
bull 1-click CORs setup
bull Stage variables
bull Custom (Lambda) authorizers
bull Builtin Swagger importexport
bull AWS CloudFormation support for API Gateway and versions
AWS Cloud Kata for Start-Ups and Developers
Function schedules The how-to guide
How can I keep a function warm (no cold starts)
Schedule it
How can I poll a queue (like SQS)
Schedule a function to read the queue
How can I get more timers
Have one scheduled function async invoke other functions
How can I get granularity finer than 1 minute
Run a background timer in your scheduled function
AWS Cloud Kata for Start-Ups and Developers
Function versioning The how-to guide
How can I get mutable configuration info
Read it (eg from DynamoDB) during function initialization
Wrap your config in a function and call it from your published code
How do I ldquoroll backrdquo in AWS Lambda
Using aliases just switch what the alias points to
(As a collection add API Gateway andor CloudFormation)
How do I do bluegreen deployments
AWS Lambda handles fleet deployments but if you want to shape
traffic put a second ldquotraffic coprdquo function in front
How can I lock a clientdevice onto an old version
Point them directly to that versionrsquos ARN
AWS Cloud Kata for Start-Ups and Developers
AWS Lambda VPC basics
All Lambda functions run in a VPC all the time
You never need to ldquoturn onrdquo security ndash itrsquos always on
You can also grant Lambda functions access to resources in your own VPC
How Add VPC subnet IDs and security group IDs to the function config
Typical uses RDB ElastiCache private EC2 endpoints
Allows access to peered VPCs VPN endpoints and private S3 endpoints
Functions configured for VPC access lose internet accesshellip
unless you have managed NAT or a NAT instance in the VPC
hellipEven if you have ldquoAuto-assign Public IPrdquo enabled
hellipEven if you have an internet gateway set up in your VPC
hellipEven if your security group allows all outbound traffic
AWS Cloud Kata for Start-Ups and Developers
AWS Lambda VPC Best practices
VPC is optional ndash donrsquot turn in on unless you need it
The ENIs used by Lambdarsquos VPC feature count against your quota
Ensure you have enough to match your peak concurrency levels (wersquoll consolidate where we can)
DO NOT delete or rename these ENIs
Ensure your subnets have enough IPs for those ENIs
Specify at least one subnet in each Availability ZoneOtherwise Lambda will obey but canrsquot be as fault-tolerant
AWS Cloud Kata for Start-Ups and Developers
Container
ECS
Cluster
Task amp Service
AWS CLI or ECS CLI
Summary
Serverless
Lambda
Use cases
Best practices
New feature
AWS Cloud Kata for Start-Ups and Developers
Hong
Kong
Thank you
AWS Cloud Kata for Start-Ups and Developers
Managing a Fleet is Hard
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
Server
Guest OS
AZ 1 AZ 2
AZ 3
AWS Cloud Kata for Start-Ups and Developers
What is EC2 Container Service
AWS Cloud Kata for Start-Ups and Developers
Cluster Management Made Easy
No cluster software to install and manage
Manages cluster state
Manages containers
Control and monitoring
Scale from one to tens of thousands of
containers
AWS Cloud Kata for Start-Ups and Developers
Cluster Management Resource
Management
Docker
Task
EC2 Instance
Container
Docker
Task
EC2 Instance
Container
Task
Container
Docker
EC2 Instance
Task
Container
AZ 1 AZ 2
AWS Cloud Kata for Start-Ups and Developers
Cluster Management Scheduling
Docker
Task
EC2 Instance
Container
Docker
Task
EC2 Instance
Container
Task
Container
Docker
EC2 Instance
Task
Container
AZ 1 AZ 2
AWS Cloud Kata for Start-Ups and Developers
Amazon ECS Resource Management
Docker
Task
Container Instance
Container
Task
Container
Docker
Task
Container Instance
Container
Task
Container
Docker
Task
Container Instance
Container
Task
Container
AZ 1 AZ 2
Cluster Management Engine
AWS Cloud Kata for Start-Ups and Developers
Security
Isolation boundaries through EC2
instances
VPC only
Security Group and IAM roles support
AWS Cloud Kata for Start-Ups and Developers
Performance at Scale
Building block for distributed applications
Coordinates and automates container deployment
Launch thousands of containers in seconds
AWS Cloud Kata for Start-Ups and Developers
Designed for use with other AWS
services
Elastic Load Balancing
Amazon Elastic Block Store
Amazon Virtual Private Cloud
AWS Identity and Access Management
AWS CloudTrail
AWS Cloud Kata for Start-Ups and Developers
Key Components
Clusters
Containers
Task Definitions
Service
AWS Cloud Kata for Start-Ups and Developers
Typical User Workflow
I have a Docker
image and I want to
run the image on a
cluster
AWS Cloud Kata for Start-Ups and Developers
Typical User Workflow
Push Image(s)
Amazon ECR
Docker Hub
Or
AWS Cloud Kata for Start-Ups and Developers
Typical User Workflow
Create Task Definition Amazon ECS
Task Definition
- Image
- CPU memory
- Port mapping
- CMD
AWS Cloud Kata for Start-Ups and Developers
Typical User Workflow
Run Instances EC2
Use custom AMI with
Docker support and
ECS Agent Instances
will register with
default cluster
AWS Cloud Kata for Start-Ups and Developers
Typical User Workflow
Describe Cluster Amazon ECS
Get information about
cluster state and
available resources
AWS Cloud Kata for Start-Ups and Developers
Typical User Workflow
Run Task
or
Create Service
Amazon ECS
Using the task definition
created above
AWS Cloud Kata for Start-Ups and Developers
Typical User Workflow
Amazon ECSDescribe Cluster
Get information about
cluster state and
running containers
AWS Cloud Kata for Start-Ups and Developers
DEMO
AWS Cloud Kata for Start-Ups and Developers
Command
aws elb create-load-balancer --cli-input-json fileelb-ecsjson
aws ecs create-cluster --cluster-name ecs-demo
aws autoscaling create-launch-configuration --cli-input-json filelaunch-configjson --user-data fileuserdatatxt
aws autoscaling create-auto-scaling-group --cli-input-json fileauto-scaling-groupjson
aws ecs list-container-instances --cluster ecs-demo
docker build -t dicksonyuekata-demov5
docker run -d -p 80808080 dicksonyuekata-demov5
docker push
aws ecs register-task-definition --cli-input-json fileecs-taskjson
aws ecs update-service --cluster ecs-demo --service vote-app-service --desired-count 2 --task-definition kata-demo-task5
AWS Cloud Kata for Start-Ups and Developers
Task
family vote-app-task
containerDefinitions [
name rdquokata-demo-container
image dicksonyuekata-demov2
cpu 10
memory 500
portMappings [
containerPort 8080
hostPort 8080
]
essential true
command [
npm start
]
]
AWS Cloud Kata for Start-Ups and Developers
Service
cluster ecs-demo
serviceName vote-app-service
taskDefinition vote-app-task
loadBalancers [
loadBalancerName ecs-demo-ecs-elb
containerName rdquokata-demo-container
containerPort 8080
]
desiredCount 1
role ecsServiceRolerdquo
AWS Cloud Kata for Start-Ups and Developers
Serverless
AWS Cloud Kata for Start-Ups and Developers
2) Continuous Scaling 1) No Servers to Manage
AWS Lambda automatically scales your application by running code in response to each trigger Your code runs in parallel and processes each trigger individually scaling
precisely with the size of the workload
3) Subsecond Metering
With AWS Lambda you are charged for every 100ms your code executes and the number of times your code is triggered You dont pay anything when your code
isnt running
AWS Lambda automatically runs your code without requiring you to provision or
manage servers Just write the code and upload it to Lambda
Benefits of AWS Lambda
AWS Cloud Kata for Start-Ups and Developers
How Lambda works
S3 event
notifications
DynamoDB
StreamsKinesis
events
Cognito
eventsSNS
events
Custom
events
CloudTrail
events LambdaDynamoDB
Kinesis S3
Any custom
Redshift
SNS
Any AWS
AWS Cloud Kata for Start-Ups and Developers
AWS Lambda API Gateway and AWS IoT
regions
Available regions
Singapore
Sydney
AWS Cloud Kata for Start-Ups and Developers
Lambda usage scenarios
AWS Cloud Kata for Start-Ups and Developers
Use case Data processing
Example Amazon S3 bucket triggers
Amazon S3 bucket events
Original objectCompressed object
1
2
3
AWS Lambda
AWS Cloud Kata for Start-Ups and Developers
Use case Dynamic data ingestion
ldquoI want to apply custom logic to process content being uploaded to my data storerdquo
bull PDF watermarking
bull Image thumbnailing and transcoding
bull Document metadata Indexing
bull Log aggregation and filtering
bull RSS feed processing
bull Media content validation
AWS Cloud Kata for Start-Ups and Developers
Use case Realtime data stream processing Amazon Kinesis
ldquoI want to apply custom logic to process logs being uploaded through my Kinesis streamrdquo
bull Client activity tracking
bull metrics generation
bull data cleansing
bull Log filtering
bull indexing and searching
bull Log routing
AWS Cloud Kata for Start-Ups and Developers
Use case mobile backend1 AWS Mobile SDK + Amazon Cognito for mobile app
Or AWS IoT for devices
2 AWS Lambda runs the code
3 Amazon API Gateway (if you want your own endpoint)
4 Amazon DynamoDB holds the data
AWS LambdaAmazon
DynamoDB
AWS Cloud Kata for Start-Ups and Developers
Use case Serverless web apps
1 Amazon S3 for serving static content
2 AWS Lambda for dynamic content
3 Amazon API Gateway for https access
4 Amazon DynamoDB for NoSQL data storage
Dynamic content
in AWS Lambda
Data stored in
Amazon
DynamoDB
API GatewayStatic content in
Amazon S3
AWS Cloud Kata for Start-Ups and Developers
Use case Alexa apps + Slack = serverless bots
Alexa tell Slack to
send ldquoIrsquom giving the
demo nowrdquo
Message retrieval through scheduled
polling
Kevin says
ldquoBreak a legrdquo
Message upload
(via Slack API)
Team
(channel users)
Slack
AWS Cloud Kata for Start-Ups and Developers
Additional scenarios
Cognito
CloudFormationLambda
Lambda
SNS Lambda
LambdaDynamoDB
AWS Cloud Kata for Start-Ups and Developers
DEMO
AWS Cloud Kata for Start-Ups and Developers
1 Image uploading service
2 Image processing service
Face wall service
Dashboard service
3 Data feed services
Input
Image
S3
S3
Output
Image
Metadata DB
App Metric
Lambda
Camera uploads photos with AWS SDK to S3
S3 triggers Lambda event
Lambda function detects faces outputs cropped
images to S3 and stores metadata in DynamoDB
Web application pulls data from face wall and
dashboard services through API gateway which
triggers Lambda function
$$ charged by
Exec time per 100ms
Storage per GB
Number of requests
ReadWrite throughput
AWS Cloud Kata for Start-Ups and Developers
Recent launches and
best practices
AWS Cloud Kata for Start-Ups and Developers
reInvent 2015
bull Python
bull Scheduled functions
bull Longer running times (5 min)
bull Versioning
Recent launches
Since reInventbull Higher code storage limits (from 5 GB to
75 GB)
bull Custom VPC
bull 1-minute schedules
bull New regional launch
bull Nodejs 432
bull 1-click CORs setup
bull Stage variables
bull Custom (Lambda) authorizers
bull Builtin Swagger importexport
bull AWS CloudFormation support for API Gateway and versions
AWS Cloud Kata for Start-Ups and Developers
Function schedules The how-to guide
How can I keep a function warm (no cold starts)
Schedule it
How can I poll a queue (like SQS)
Schedule a function to read the queue
How can I get more timers
Have one scheduled function async invoke other functions
How can I get granularity finer than 1 minute
Run a background timer in your scheduled function
AWS Cloud Kata for Start-Ups and Developers
Function versioning The how-to guide
How can I get mutable configuration info
Read it (eg from DynamoDB) during function initialization
Wrap your config in a function and call it from your published code
How do I ldquoroll backrdquo in AWS Lambda
Using aliases just switch what the alias points to
(As a collection add API Gateway andor CloudFormation)
How do I do bluegreen deployments
AWS Lambda handles fleet deployments but if you want to shape
traffic put a second ldquotraffic coprdquo function in front
How can I lock a clientdevice onto an old version
Point them directly to that versionrsquos ARN
AWS Cloud Kata for Start-Ups and Developers
AWS Lambda VPC basics
All Lambda functions run in a VPC all the time
You never need to ldquoturn onrdquo security ndash itrsquos always on
You can also grant Lambda functions access to resources in your own VPC
How Add VPC subnet IDs and security group IDs to the function config
Typical uses RDB ElastiCache private EC2 endpoints
Allows access to peered VPCs VPN endpoints and private S3 endpoints
Functions configured for VPC access lose internet accesshellip
unless you have managed NAT or a NAT instance in the VPC
hellipEven if you have ldquoAuto-assign Public IPrdquo enabled
hellipEven if you have an internet gateway set up in your VPC
hellipEven if your security group allows all outbound traffic
AWS Cloud Kata for Start-Ups and Developers
AWS Lambda VPC Best practices
VPC is optional ndash donrsquot turn in on unless you need it
The ENIs used by Lambdarsquos VPC feature count against your quota
Ensure you have enough to match your peak concurrency levels (wersquoll consolidate where we can)
DO NOT delete or rename these ENIs
Ensure your subnets have enough IPs for those ENIs
Specify at least one subnet in each Availability ZoneOtherwise Lambda will obey but canrsquot be as fault-tolerant
AWS Cloud Kata for Start-Ups and Developers
Container
ECS
Cluster
Task amp Service
AWS CLI or ECS CLI
Summary
Serverless
Lambda
Use cases
Best practices
New feature
AWS Cloud Kata for Start-Ups and Developers
Hong
Kong
Thank you
AWS Cloud Kata for Start-Ups and Developers
What is EC2 Container Service
AWS Cloud Kata for Start-Ups and Developers
Cluster Management Made Easy
No cluster software to install and manage
Manages cluster state
Manages containers
Control and monitoring
Scale from one to tens of thousands of
containers
AWS Cloud Kata for Start-Ups and Developers
Cluster Management Resource
Management
Docker
Task
EC2 Instance
Container
Docker
Task
EC2 Instance
Container
Task
Container
Docker
EC2 Instance
Task
Container
AZ 1 AZ 2
AWS Cloud Kata for Start-Ups and Developers
Cluster Management Scheduling
Docker
Task
EC2 Instance
Container
Docker
Task
EC2 Instance
Container
Task
Container
Docker
EC2 Instance
Task
Container
AZ 1 AZ 2
AWS Cloud Kata for Start-Ups and Developers
Amazon ECS Resource Management
Docker
Task
Container Instance
Container
Task
Container
Docker
Task
Container Instance
Container
Task
Container
Docker
Task
Container Instance
Container
Task
Container
AZ 1 AZ 2
Cluster Management Engine
AWS Cloud Kata for Start-Ups and Developers
Security
Isolation boundaries through EC2
instances
VPC only
Security Group and IAM roles support
AWS Cloud Kata for Start-Ups and Developers
Performance at Scale
Building block for distributed applications
Coordinates and automates container deployment
Launch thousands of containers in seconds
AWS Cloud Kata for Start-Ups and Developers
Designed for use with other AWS
services
Elastic Load Balancing
Amazon Elastic Block Store
Amazon Virtual Private Cloud
AWS Identity and Access Management
AWS CloudTrail
AWS Cloud Kata for Start-Ups and Developers
Key Components
Clusters
Containers
Task Definitions
Service
AWS Cloud Kata for Start-Ups and Developers
Typical User Workflow
I have a Docker
image and I want to
run the image on a
cluster
AWS Cloud Kata for Start-Ups and Developers
Typical User Workflow
Push Image(s)
Amazon ECR
Docker Hub
Or
AWS Cloud Kata for Start-Ups and Developers
Typical User Workflow
Create Task Definition Amazon ECS
Task Definition
- Image
- CPU memory
- Port mapping
- CMD
AWS Cloud Kata for Start-Ups and Developers
Typical User Workflow
Run Instances EC2
Use custom AMI with
Docker support and
ECS Agent Instances
will register with
default cluster
AWS Cloud Kata for Start-Ups and Developers
Typical User Workflow
Describe Cluster Amazon ECS
Get information about
cluster state and
available resources
AWS Cloud Kata for Start-Ups and Developers
Typical User Workflow
Run Task
or
Create Service
Amazon ECS
Using the task definition
created above
AWS Cloud Kata for Start-Ups and Developers
Typical User Workflow
Amazon ECSDescribe Cluster
Get information about
cluster state and
running containers
AWS Cloud Kata for Start-Ups and Developers
DEMO
AWS Cloud Kata for Start-Ups and Developers
Command
aws elb create-load-balancer --cli-input-json fileelb-ecsjson
aws ecs create-cluster --cluster-name ecs-demo
aws autoscaling create-launch-configuration --cli-input-json filelaunch-configjson --user-data fileuserdatatxt
aws autoscaling create-auto-scaling-group --cli-input-json fileauto-scaling-groupjson
aws ecs list-container-instances --cluster ecs-demo
docker build -t dicksonyuekata-demov5
docker run -d -p 80808080 dicksonyuekata-demov5
docker push
aws ecs register-task-definition --cli-input-json fileecs-taskjson
aws ecs update-service --cluster ecs-demo --service vote-app-service --desired-count 2 --task-definition kata-demo-task5
AWS Cloud Kata for Start-Ups and Developers
Task
family vote-app-task
containerDefinitions [
name rdquokata-demo-container
image dicksonyuekata-demov2
cpu 10
memory 500
portMappings [
containerPort 8080
hostPort 8080
]
essential true
command [
npm start
]
]
AWS Cloud Kata for Start-Ups and Developers
Service
cluster ecs-demo
serviceName vote-app-service
taskDefinition vote-app-task
loadBalancers [
loadBalancerName ecs-demo-ecs-elb
containerName rdquokata-demo-container
containerPort 8080
]
desiredCount 1
role ecsServiceRolerdquo
AWS Cloud Kata for Start-Ups and Developers
Serverless
AWS Cloud Kata for Start-Ups and Developers
2) Continuous Scaling 1) No Servers to Manage
AWS Lambda automatically scales your application by running code in response to each trigger Your code runs in parallel and processes each trigger individually scaling
precisely with the size of the workload
3) Subsecond Metering
With AWS Lambda you are charged for every 100ms your code executes and the number of times your code is triggered You dont pay anything when your code
isnt running
AWS Lambda automatically runs your code without requiring you to provision or
manage servers Just write the code and upload it to Lambda
Benefits of AWS Lambda
AWS Cloud Kata for Start-Ups and Developers
How Lambda works
S3 event
notifications
DynamoDB
StreamsKinesis
events
Cognito
eventsSNS
events
Custom
events
CloudTrail
events LambdaDynamoDB
Kinesis S3
Any custom
Redshift
SNS
Any AWS
AWS Cloud Kata for Start-Ups and Developers
AWS Lambda API Gateway and AWS IoT
regions
Available regions
Singapore
Sydney
AWS Cloud Kata for Start-Ups and Developers
Lambda usage scenarios
AWS Cloud Kata for Start-Ups and Developers
Use case Data processing
Example Amazon S3 bucket triggers
Amazon S3 bucket events
Original objectCompressed object
1
2
3
AWS Lambda
AWS Cloud Kata for Start-Ups and Developers
Use case Dynamic data ingestion
ldquoI want to apply custom logic to process content being uploaded to my data storerdquo
bull PDF watermarking
bull Image thumbnailing and transcoding
bull Document metadata Indexing
bull Log aggregation and filtering
bull RSS feed processing
bull Media content validation
AWS Cloud Kata for Start-Ups and Developers
Use case Realtime data stream processing Amazon Kinesis
ldquoI want to apply custom logic to process logs being uploaded through my Kinesis streamrdquo
bull Client activity tracking
bull metrics generation
bull data cleansing
bull Log filtering
bull indexing and searching
bull Log routing
AWS Cloud Kata for Start-Ups and Developers
Use case mobile backend1 AWS Mobile SDK + Amazon Cognito for mobile app
Or AWS IoT for devices
2 AWS Lambda runs the code
3 Amazon API Gateway (if you want your own endpoint)
4 Amazon DynamoDB holds the data
AWS LambdaAmazon
DynamoDB
AWS Cloud Kata for Start-Ups and Developers
Use case Serverless web apps
1 Amazon S3 for serving static content
2 AWS Lambda for dynamic content
3 Amazon API Gateway for https access
4 Amazon DynamoDB for NoSQL data storage
Dynamic content
in AWS Lambda
Data stored in
Amazon
DynamoDB
API GatewayStatic content in
Amazon S3
AWS Cloud Kata for Start-Ups and Developers
Use case Alexa apps + Slack = serverless bots
Alexa tell Slack to
send ldquoIrsquom giving the
demo nowrdquo
Message retrieval through scheduled
polling
Kevin says
ldquoBreak a legrdquo
Message upload
(via Slack API)
Team
(channel users)
Slack
AWS Cloud Kata for Start-Ups and Developers
Additional scenarios
Cognito
CloudFormationLambda
Lambda
SNS Lambda
LambdaDynamoDB
AWS Cloud Kata for Start-Ups and Developers
DEMO
AWS Cloud Kata for Start-Ups and Developers
1 Image uploading service
2 Image processing service
Face wall service
Dashboard service
3 Data feed services
Input
Image
S3
S3
Output
Image
Metadata DB
App Metric
Lambda
Camera uploads photos with AWS SDK to S3
S3 triggers Lambda event
Lambda function detects faces outputs cropped
images to S3 and stores metadata in DynamoDB
Web application pulls data from face wall and
dashboard services through API gateway which
triggers Lambda function
$$ charged by
Exec time per 100ms
Storage per GB
Number of requests
ReadWrite throughput
AWS Cloud Kata for Start-Ups and Developers
Recent launches and
best practices
AWS Cloud Kata for Start-Ups and Developers
reInvent 2015
bull Python
bull Scheduled functions
bull Longer running times (5 min)
bull Versioning
Recent launches
Since reInventbull Higher code storage limits (from 5 GB to
75 GB)
bull Custom VPC
bull 1-minute schedules
bull New regional launch
bull Nodejs 432
bull 1-click CORs setup
bull Stage variables
bull Custom (Lambda) authorizers
bull Builtin Swagger importexport
bull AWS CloudFormation support for API Gateway and versions
AWS Cloud Kata for Start-Ups and Developers
Function schedules The how-to guide
How can I keep a function warm (no cold starts)
Schedule it
How can I poll a queue (like SQS)
Schedule a function to read the queue
How can I get more timers
Have one scheduled function async invoke other functions
How can I get granularity finer than 1 minute
Run a background timer in your scheduled function
AWS Cloud Kata for Start-Ups and Developers
Function versioning The how-to guide
How can I get mutable configuration info
Read it (eg from DynamoDB) during function initialization
Wrap your config in a function and call it from your published code
How do I ldquoroll backrdquo in AWS Lambda
Using aliases just switch what the alias points to
(As a collection add API Gateway andor CloudFormation)
How do I do bluegreen deployments
AWS Lambda handles fleet deployments but if you want to shape
traffic put a second ldquotraffic coprdquo function in front
How can I lock a clientdevice onto an old version
Point them directly to that versionrsquos ARN
AWS Cloud Kata for Start-Ups and Developers
AWS Lambda VPC basics
All Lambda functions run in a VPC all the time
You never need to ldquoturn onrdquo security ndash itrsquos always on
You can also grant Lambda functions access to resources in your own VPC
How Add VPC subnet IDs and security group IDs to the function config
Typical uses RDB ElastiCache private EC2 endpoints
Allows access to peered VPCs VPN endpoints and private S3 endpoints
Functions configured for VPC access lose internet accesshellip
unless you have managed NAT or a NAT instance in the VPC
hellipEven if you have ldquoAuto-assign Public IPrdquo enabled
hellipEven if you have an internet gateway set up in your VPC
hellipEven if your security group allows all outbound traffic
AWS Cloud Kata for Start-Ups and Developers
AWS Lambda VPC Best practices
VPC is optional ndash donrsquot turn in on unless you need it
The ENIs used by Lambdarsquos VPC feature count against your quota
Ensure you have enough to match your peak concurrency levels (wersquoll consolidate where we can)
DO NOT delete or rename these ENIs
Ensure your subnets have enough IPs for those ENIs
Specify at least one subnet in each Availability ZoneOtherwise Lambda will obey but canrsquot be as fault-tolerant
AWS Cloud Kata for Start-Ups and Developers
Container
ECS
Cluster
Task amp Service
AWS CLI or ECS CLI
Summary
Serverless
Lambda
Use cases
Best practices
New feature
AWS Cloud Kata for Start-Ups and Developers
Hong
Kong
Thank you
AWS Cloud Kata for Start-Ups and Developers
Cluster Management Made Easy
No cluster software to install and manage
Manages cluster state
Manages containers
Control and monitoring
Scale from one to tens of thousands of
containers
AWS Cloud Kata for Start-Ups and Developers
Cluster Management Resource
Management
Docker
Task
EC2 Instance
Container
Docker
Task
EC2 Instance
Container
Task
Container
Docker
EC2 Instance
Task
Container
AZ 1 AZ 2
AWS Cloud Kata for Start-Ups and Developers
Cluster Management Scheduling
Docker
Task
EC2 Instance
Container
Docker
Task
EC2 Instance
Container
Task
Container
Docker
EC2 Instance
Task
Container
AZ 1 AZ 2
AWS Cloud Kata for Start-Ups and Developers
Amazon ECS Resource Management
Docker
Task
Container Instance
Container
Task
Container
Docker
Task
Container Instance
Container
Task
Container
Docker
Task
Container Instance
Container
Task
Container
AZ 1 AZ 2
Cluster Management Engine
AWS Cloud Kata for Start-Ups and Developers
Security
Isolation boundaries through EC2
instances
VPC only
Security Group and IAM roles support
AWS Cloud Kata for Start-Ups and Developers
Performance at Scale
Building block for distributed applications
Coordinates and automates container deployment
Launch thousands of containers in seconds
AWS Cloud Kata for Start-Ups and Developers
Designed for use with other AWS
services
Elastic Load Balancing
Amazon Elastic Block Store
Amazon Virtual Private Cloud
AWS Identity and Access Management
AWS CloudTrail
AWS Cloud Kata for Start-Ups and Developers
Key Components
Clusters
Containers
Task Definitions
Service
AWS Cloud Kata for Start-Ups and Developers
Typical User Workflow
I have a Docker
image and I want to
run the image on a
cluster
AWS Cloud Kata for Start-Ups and Developers
Typical User Workflow
Push Image(s)
Amazon ECR
Docker Hub
Or
AWS Cloud Kata for Start-Ups and Developers
Typical User Workflow
Create Task Definition Amazon ECS
Task Definition
- Image
- CPU memory
- Port mapping
- CMD
AWS Cloud Kata for Start-Ups and Developers
Typical User Workflow
Run Instances EC2
Use custom AMI with
Docker support and
ECS Agent Instances
will register with
default cluster
AWS Cloud Kata for Start-Ups and Developers
Typical User Workflow
Describe Cluster Amazon ECS
Get information about
cluster state and
available resources
AWS Cloud Kata for Start-Ups and Developers
Typical User Workflow
Run Task
or
Create Service
Amazon ECS
Using the task definition
created above
AWS Cloud Kata for Start-Ups and Developers
Typical User Workflow
Amazon ECSDescribe Cluster
Get information about
cluster state and
running containers
AWS Cloud Kata for Start-Ups and Developers
DEMO
AWS Cloud Kata for Start-Ups and Developers
Command
aws elb create-load-balancer --cli-input-json fileelb-ecsjson
aws ecs create-cluster --cluster-name ecs-demo
aws autoscaling create-launch-configuration --cli-input-json filelaunch-configjson --user-data fileuserdatatxt
aws autoscaling create-auto-scaling-group --cli-input-json fileauto-scaling-groupjson
aws ecs list-container-instances --cluster ecs-demo
docker build -t dicksonyuekata-demov5
docker run -d -p 80808080 dicksonyuekata-demov5
docker push
aws ecs register-task-definition --cli-input-json fileecs-taskjson
aws ecs update-service --cluster ecs-demo --service vote-app-service --desired-count 2 --task-definition kata-demo-task5
AWS Cloud Kata for Start-Ups and Developers
Task
family vote-app-task
containerDefinitions [
name rdquokata-demo-container
image dicksonyuekata-demov2
cpu 10
memory 500
portMappings [
containerPort 8080
hostPort 8080
]
essential true
command [
npm start
]
]
AWS Cloud Kata for Start-Ups and Developers
Service
cluster ecs-demo
serviceName vote-app-service
taskDefinition vote-app-task
loadBalancers [
loadBalancerName ecs-demo-ecs-elb
containerName rdquokata-demo-container
containerPort 8080
]
desiredCount 1
role ecsServiceRolerdquo
AWS Cloud Kata for Start-Ups and Developers
Serverless
AWS Cloud Kata for Start-Ups and Developers
2) Continuous Scaling 1) No Servers to Manage
AWS Lambda automatically scales your application by running code in response to each trigger Your code runs in parallel and processes each trigger individually scaling
precisely with the size of the workload
3) Subsecond Metering
With AWS Lambda you are charged for every 100ms your code executes and the number of times your code is triggered You dont pay anything when your code
isnt running
AWS Lambda automatically runs your code without requiring you to provision or
manage servers Just write the code and upload it to Lambda
Benefits of AWS Lambda
AWS Cloud Kata for Start-Ups and Developers
How Lambda works
S3 event
notifications
DynamoDB
StreamsKinesis
events
Cognito
eventsSNS
events
Custom
events
CloudTrail
events LambdaDynamoDB
Kinesis S3
Any custom
Redshift
SNS
Any AWS
AWS Cloud Kata for Start-Ups and Developers
AWS Lambda API Gateway and AWS IoT
regions
Available regions
Singapore
Sydney
AWS Cloud Kata for Start-Ups and Developers
Lambda usage scenarios
AWS Cloud Kata for Start-Ups and Developers
Use case Data processing
Example Amazon S3 bucket triggers
Amazon S3 bucket events
Original objectCompressed object
1
2
3
AWS Lambda
AWS Cloud Kata for Start-Ups and Developers
Use case Dynamic data ingestion
ldquoI want to apply custom logic to process content being uploaded to my data storerdquo
bull PDF watermarking
bull Image thumbnailing and transcoding
bull Document metadata Indexing
bull Log aggregation and filtering
bull RSS feed processing
bull Media content validation
AWS Cloud Kata for Start-Ups and Developers
Use case Realtime data stream processing Amazon Kinesis
ldquoI want to apply custom logic to process logs being uploaded through my Kinesis streamrdquo
bull Client activity tracking
bull metrics generation
bull data cleansing
bull Log filtering
bull indexing and searching
bull Log routing
AWS Cloud Kata for Start-Ups and Developers
Use case mobile backend1 AWS Mobile SDK + Amazon Cognito for mobile app
Or AWS IoT for devices
2 AWS Lambda runs the code
3 Amazon API Gateway (if you want your own endpoint)
4 Amazon DynamoDB holds the data
AWS LambdaAmazon
DynamoDB
AWS Cloud Kata for Start-Ups and Developers
Use case Serverless web apps
1 Amazon S3 for serving static content
2 AWS Lambda for dynamic content
3 Amazon API Gateway for https access
4 Amazon DynamoDB for NoSQL data storage
Dynamic content
in AWS Lambda
Data stored in
Amazon
DynamoDB
API GatewayStatic content in
Amazon S3
AWS Cloud Kata for Start-Ups and Developers
Use case Alexa apps + Slack = serverless bots
Alexa tell Slack to
send ldquoIrsquom giving the
demo nowrdquo
Message retrieval through scheduled
polling
Kevin says
ldquoBreak a legrdquo
Message upload
(via Slack API)
Team
(channel users)
Slack
AWS Cloud Kata for Start-Ups and Developers
Additional scenarios
Cognito
CloudFormationLambda
Lambda
SNS Lambda
LambdaDynamoDB
AWS Cloud Kata for Start-Ups and Developers
DEMO
AWS Cloud Kata for Start-Ups and Developers
1 Image uploading service
2 Image processing service
Face wall service
Dashboard service
3 Data feed services
Input
Image
S3
S3
Output
Image
Metadata DB
App Metric
Lambda
Camera uploads photos with AWS SDK to S3
S3 triggers Lambda event
Lambda function detects faces outputs cropped
images to S3 and stores metadata in DynamoDB
Web application pulls data from face wall and
dashboard services through API gateway which
triggers Lambda function
$$ charged by
Exec time per 100ms
Storage per GB
Number of requests
ReadWrite throughput
AWS Cloud Kata for Start-Ups and Developers
Recent launches and
best practices
AWS Cloud Kata for Start-Ups and Developers
reInvent 2015
bull Python
bull Scheduled functions
bull Longer running times (5 min)
bull Versioning
Recent launches
Since reInventbull Higher code storage limits (from 5 GB to
75 GB)
bull Custom VPC
bull 1-minute schedules
bull New regional launch
bull Nodejs 432
bull 1-click CORs setup
bull Stage variables
bull Custom (Lambda) authorizers
bull Builtin Swagger importexport
bull AWS CloudFormation support for API Gateway and versions
AWS Cloud Kata for Start-Ups and Developers
Function schedules The how-to guide
How can I keep a function warm (no cold starts)
Schedule it
How can I poll a queue (like SQS)
Schedule a function to read the queue
How can I get more timers
Have one scheduled function async invoke other functions
How can I get granularity finer than 1 minute
Run a background timer in your scheduled function
AWS Cloud Kata for Start-Ups and Developers
Function versioning The how-to guide
How can I get mutable configuration info
Read it (eg from DynamoDB) during function initialization
Wrap your config in a function and call it from your published code
How do I ldquoroll backrdquo in AWS Lambda
Using aliases just switch what the alias points to
(As a collection add API Gateway andor CloudFormation)
How do I do bluegreen deployments
AWS Lambda handles fleet deployments but if you want to shape
traffic put a second ldquotraffic coprdquo function in front
How can I lock a clientdevice onto an old version
Point them directly to that versionrsquos ARN
AWS Cloud Kata for Start-Ups and Developers
AWS Lambda VPC basics
All Lambda functions run in a VPC all the time
You never need to ldquoturn onrdquo security ndash itrsquos always on
You can also grant Lambda functions access to resources in your own VPC
How Add VPC subnet IDs and security group IDs to the function config
Typical uses RDB ElastiCache private EC2 endpoints
Allows access to peered VPCs VPN endpoints and private S3 endpoints
Functions configured for VPC access lose internet accesshellip
unless you have managed NAT or a NAT instance in the VPC
hellipEven if you have ldquoAuto-assign Public IPrdquo enabled
hellipEven if you have an internet gateway set up in your VPC
hellipEven if your security group allows all outbound traffic
AWS Cloud Kata for Start-Ups and Developers
AWS Lambda VPC Best practices
VPC is optional ndash donrsquot turn in on unless you need it
The ENIs used by Lambdarsquos VPC feature count against your quota
Ensure you have enough to match your peak concurrency levels (wersquoll consolidate where we can)
DO NOT delete or rename these ENIs
Ensure your subnets have enough IPs for those ENIs
Specify at least one subnet in each Availability ZoneOtherwise Lambda will obey but canrsquot be as fault-tolerant
AWS Cloud Kata for Start-Ups and Developers
Container
ECS
Cluster
Task amp Service
AWS CLI or ECS CLI
Summary
Serverless
Lambda
Use cases
Best practices
New feature
AWS Cloud Kata for Start-Ups and Developers
Hong
Kong
Thank you
AWS Cloud Kata for Start-Ups and Developers
Cluster Management Resource
Management
Docker
Task
EC2 Instance
Container
Docker
Task
EC2 Instance
Container
Task
Container
Docker
EC2 Instance
Task
Container
AZ 1 AZ 2
AWS Cloud Kata for Start-Ups and Developers
Cluster Management Scheduling
Docker
Task
EC2 Instance
Container
Docker
Task
EC2 Instance
Container
Task
Container
Docker
EC2 Instance
Task
Container
AZ 1 AZ 2
AWS Cloud Kata for Start-Ups and Developers
Amazon ECS Resource Management
Docker
Task
Container Instance
Container
Task
Container
Docker
Task
Container Instance
Container
Task
Container
Docker
Task
Container Instance
Container
Task
Container
AZ 1 AZ 2
Cluster Management Engine
AWS Cloud Kata for Start-Ups and Developers
Security
Isolation boundaries through EC2
instances
VPC only
Security Group and IAM roles support
AWS Cloud Kata for Start-Ups and Developers
Performance at Scale
Building block for distributed applications
Coordinates and automates container deployment
Launch thousands of containers in seconds
AWS Cloud Kata for Start-Ups and Developers
Designed for use with other AWS
services
Elastic Load Balancing
Amazon Elastic Block Store
Amazon Virtual Private Cloud
AWS Identity and Access Management
AWS CloudTrail
AWS Cloud Kata for Start-Ups and Developers
Key Components
Clusters
Containers
Task Definitions
Service
AWS Cloud Kata for Start-Ups and Developers
Typical User Workflow
I have a Docker
image and I want to
run the image on a
cluster
AWS Cloud Kata for Start-Ups and Developers
Typical User Workflow
Push Image(s)
Amazon ECR
Docker Hub
Or
AWS Cloud Kata for Start-Ups and Developers
Typical User Workflow
Create Task Definition Amazon ECS
Task Definition
- Image
- CPU memory
- Port mapping
- CMD
AWS Cloud Kata for Start-Ups and Developers
Typical User Workflow
Run Instances EC2
Use custom AMI with
Docker support and
ECS Agent Instances
will register with
default cluster
AWS Cloud Kata for Start-Ups and Developers
Typical User Workflow
Describe Cluster Amazon ECS
Get information about
cluster state and
available resources
AWS Cloud Kata for Start-Ups and Developers
Typical User Workflow
Run Task
or
Create Service
Amazon ECS
Using the task definition
created above
AWS Cloud Kata for Start-Ups and Developers
Typical User Workflow
Amazon ECSDescribe Cluster
Get information about
cluster state and
running containers
AWS Cloud Kata for Start-Ups and Developers
DEMO
AWS Cloud Kata for Start-Ups and Developers
Command
aws elb create-load-balancer --cli-input-json fileelb-ecsjson
aws ecs create-cluster --cluster-name ecs-demo
aws autoscaling create-launch-configuration --cli-input-json filelaunch-configjson --user-data fileuserdatatxt
aws autoscaling create-auto-scaling-group --cli-input-json fileauto-scaling-groupjson
aws ecs list-container-instances --cluster ecs-demo
docker build -t dicksonyuekata-demov5
docker run -d -p 80808080 dicksonyuekata-demov5
docker push
aws ecs register-task-definition --cli-input-json fileecs-taskjson
aws ecs update-service --cluster ecs-demo --service vote-app-service --desired-count 2 --task-definition kata-demo-task5
AWS Cloud Kata for Start-Ups and Developers
Task
family vote-app-task
containerDefinitions [
name rdquokata-demo-container
image dicksonyuekata-demov2
cpu 10
memory 500
portMappings [
containerPort 8080
hostPort 8080
]
essential true
command [
npm start
]
]
AWS Cloud Kata for Start-Ups and Developers
Service
cluster ecs-demo
serviceName vote-app-service
taskDefinition vote-app-task
loadBalancers [
loadBalancerName ecs-demo-ecs-elb
containerName rdquokata-demo-container
containerPort 8080
]
desiredCount 1
role ecsServiceRolerdquo
AWS Cloud Kata for Start-Ups and Developers
Serverless
AWS Cloud Kata for Start-Ups and Developers
2) Continuous Scaling 1) No Servers to Manage
AWS Lambda automatically scales your application by running code in response to each trigger Your code runs in parallel and processes each trigger individually scaling
precisely with the size of the workload
3) Subsecond Metering
With AWS Lambda you are charged for every 100ms your code executes and the number of times your code is triggered You dont pay anything when your code
isnt running
AWS Lambda automatically runs your code without requiring you to provision or
manage servers Just write the code and upload it to Lambda
Benefits of AWS Lambda
AWS Cloud Kata for Start-Ups and Developers
How Lambda works
S3 event
notifications
DynamoDB
StreamsKinesis
events
Cognito
eventsSNS
events
Custom
events
CloudTrail
events LambdaDynamoDB
Kinesis S3
Any custom
Redshift
SNS
Any AWS
AWS Cloud Kata for Start-Ups and Developers
AWS Lambda API Gateway and AWS IoT
regions
Available regions
Singapore
Sydney
AWS Cloud Kata for Start-Ups and Developers
Lambda usage scenarios
AWS Cloud Kata for Start-Ups and Developers
Use case Data processing
Example Amazon S3 bucket triggers
Amazon S3 bucket events
Original objectCompressed object
1
2
3
AWS Lambda
AWS Cloud Kata for Start-Ups and Developers
Use case Dynamic data ingestion
ldquoI want to apply custom logic to process content being uploaded to my data storerdquo
bull PDF watermarking
bull Image thumbnailing and transcoding
bull Document metadata Indexing
bull Log aggregation and filtering
bull RSS feed processing
bull Media content validation
AWS Cloud Kata for Start-Ups and Developers
Use case Realtime data stream processing Amazon Kinesis
ldquoI want to apply custom logic to process logs being uploaded through my Kinesis streamrdquo
bull Client activity tracking
bull metrics generation
bull data cleansing
bull Log filtering
bull indexing and searching
bull Log routing
AWS Cloud Kata for Start-Ups and Developers
Use case mobile backend1 AWS Mobile SDK + Amazon Cognito for mobile app
Or AWS IoT for devices
2 AWS Lambda runs the code
3 Amazon API Gateway (if you want your own endpoint)
4 Amazon DynamoDB holds the data
AWS LambdaAmazon
DynamoDB
AWS Cloud Kata for Start-Ups and Developers
Use case Serverless web apps
1 Amazon S3 for serving static content
2 AWS Lambda for dynamic content
3 Amazon API Gateway for https access
4 Amazon DynamoDB for NoSQL data storage
Dynamic content
in AWS Lambda
Data stored in
Amazon
DynamoDB
API GatewayStatic content in
Amazon S3
AWS Cloud Kata for Start-Ups and Developers
Use case Alexa apps + Slack = serverless bots
Alexa tell Slack to
send ldquoIrsquom giving the
demo nowrdquo
Message retrieval through scheduled
polling
Kevin says
ldquoBreak a legrdquo
Message upload
(via Slack API)
Team
(channel users)
Slack
AWS Cloud Kata for Start-Ups and Developers
Additional scenarios
Cognito
CloudFormationLambda
Lambda
SNS Lambda
LambdaDynamoDB
AWS Cloud Kata for Start-Ups and Developers
DEMO
AWS Cloud Kata for Start-Ups and Developers
1 Image uploading service
2 Image processing service
Face wall service
Dashboard service
3 Data feed services
Input
Image
S3
S3
Output
Image
Metadata DB
App Metric
Lambda
Camera uploads photos with AWS SDK to S3
S3 triggers Lambda event
Lambda function detects faces outputs cropped
images to S3 and stores metadata in DynamoDB
Web application pulls data from face wall and
dashboard services through API gateway which
triggers Lambda function
$$ charged by
Exec time per 100ms
Storage per GB
Number of requests
ReadWrite throughput
AWS Cloud Kata for Start-Ups and Developers
Recent launches and
best practices
AWS Cloud Kata for Start-Ups and Developers
reInvent 2015
bull Python
bull Scheduled functions
bull Longer running times (5 min)
bull Versioning
Recent launches
Since reInventbull Higher code storage limits (from 5 GB to
75 GB)
bull Custom VPC
bull 1-minute schedules
bull New regional launch
bull Nodejs 432
bull 1-click CORs setup
bull Stage variables
bull Custom (Lambda) authorizers
bull Builtin Swagger importexport
bull AWS CloudFormation support for API Gateway and versions
AWS Cloud Kata for Start-Ups and Developers
Function schedules The how-to guide
How can I keep a function warm (no cold starts)
Schedule it
How can I poll a queue (like SQS)
Schedule a function to read the queue
How can I get more timers
Have one scheduled function async invoke other functions
How can I get granularity finer than 1 minute
Run a background timer in your scheduled function
AWS Cloud Kata for Start-Ups and Developers
Function versioning The how-to guide
How can I get mutable configuration info
Read it (eg from DynamoDB) during function initialization
Wrap your config in a function and call it from your published code
How do I ldquoroll backrdquo in AWS Lambda
Using aliases just switch what the alias points to
(As a collection add API Gateway andor CloudFormation)
How do I do bluegreen deployments
AWS Lambda handles fleet deployments but if you want to shape
traffic put a second ldquotraffic coprdquo function in front
How can I lock a clientdevice onto an old version
Point them directly to that versionrsquos ARN
AWS Cloud Kata for Start-Ups and Developers
AWS Lambda VPC basics
All Lambda functions run in a VPC all the time
You never need to ldquoturn onrdquo security ndash itrsquos always on
You can also grant Lambda functions access to resources in your own VPC
How Add VPC subnet IDs and security group IDs to the function config
Typical uses RDB ElastiCache private EC2 endpoints
Allows access to peered VPCs VPN endpoints and private S3 endpoints
Functions configured for VPC access lose internet accesshellip
unless you have managed NAT or a NAT instance in the VPC
hellipEven if you have ldquoAuto-assign Public IPrdquo enabled
hellipEven if you have an internet gateway set up in your VPC
hellipEven if your security group allows all outbound traffic
AWS Cloud Kata for Start-Ups and Developers
AWS Lambda VPC Best practices
VPC is optional ndash donrsquot turn in on unless you need it
The ENIs used by Lambdarsquos VPC feature count against your quota
Ensure you have enough to match your peak concurrency levels (wersquoll consolidate where we can)
DO NOT delete or rename these ENIs
Ensure your subnets have enough IPs for those ENIs
Specify at least one subnet in each Availability ZoneOtherwise Lambda will obey but canrsquot be as fault-tolerant
AWS Cloud Kata for Start-Ups and Developers
Container
ECS
Cluster
Task amp Service
AWS CLI or ECS CLI
Summary
Serverless
Lambda
Use cases
Best practices
New feature
AWS Cloud Kata for Start-Ups and Developers
Hong
Kong
Thank you
AWS Cloud Kata for Start-Ups and Developers
Cluster Management Scheduling
Docker
Task
EC2 Instance
Container
Docker
Task
EC2 Instance
Container
Task
Container
Docker
EC2 Instance
Task
Container
AZ 1 AZ 2
AWS Cloud Kata for Start-Ups and Developers
Amazon ECS Resource Management
Docker
Task
Container Instance
Container
Task
Container
Docker
Task
Container Instance
Container
Task
Container
Docker
Task
Container Instance
Container
Task
Container
AZ 1 AZ 2
Cluster Management Engine
AWS Cloud Kata for Start-Ups and Developers
Security
Isolation boundaries through EC2
instances
VPC only
Security Group and IAM roles support
AWS Cloud Kata for Start-Ups and Developers
Performance at Scale
Building block for distributed applications
Coordinates and automates container deployment
Launch thousands of containers in seconds
AWS Cloud Kata for Start-Ups and Developers
Designed for use with other AWS
services
Elastic Load Balancing
Amazon Elastic Block Store
Amazon Virtual Private Cloud
AWS Identity and Access Management
AWS CloudTrail
AWS Cloud Kata for Start-Ups and Developers
Key Components
Clusters
Containers
Task Definitions
Service
AWS Cloud Kata for Start-Ups and Developers
Typical User Workflow
I have a Docker
image and I want to
run the image on a
cluster
AWS Cloud Kata for Start-Ups and Developers
Typical User Workflow
Push Image(s)
Amazon ECR
Docker Hub
Or
AWS Cloud Kata for Start-Ups and Developers
Typical User Workflow
Create Task Definition Amazon ECS
Task Definition
- Image
- CPU memory
- Port mapping
- CMD
AWS Cloud Kata for Start-Ups and Developers
Typical User Workflow
Run Instances EC2
Use custom AMI with
Docker support and
ECS Agent Instances
will register with
default cluster
AWS Cloud Kata for Start-Ups and Developers
Typical User Workflow
Describe Cluster Amazon ECS
Get information about
cluster state and
available resources
AWS Cloud Kata for Start-Ups and Developers
Typical User Workflow
Run Task
or
Create Service
Amazon ECS
Using the task definition
created above
AWS Cloud Kata for Start-Ups and Developers
Typical User Workflow
Amazon ECSDescribe Cluster
Get information about
cluster state and
running containers
AWS Cloud Kata for Start-Ups and Developers
DEMO
AWS Cloud Kata for Start-Ups and Developers
Command
aws elb create-load-balancer --cli-input-json fileelb-ecsjson
aws ecs create-cluster --cluster-name ecs-demo
aws autoscaling create-launch-configuration --cli-input-json filelaunch-configjson --user-data fileuserdatatxt
aws autoscaling create-auto-scaling-group --cli-input-json fileauto-scaling-groupjson
aws ecs list-container-instances --cluster ecs-demo
docker build -t dicksonyuekata-demov5
docker run -d -p 80808080 dicksonyuekata-demov5
docker push
aws ecs register-task-definition --cli-input-json fileecs-taskjson
aws ecs update-service --cluster ecs-demo --service vote-app-service --desired-count 2 --task-definition kata-demo-task5
AWS Cloud Kata for Start-Ups and Developers
Task
family vote-app-task
containerDefinitions [
name rdquokata-demo-container
image dicksonyuekata-demov2
cpu 10
memory 500
portMappings [
containerPort 8080
hostPort 8080
]
essential true
command [
npm start
]
]
AWS Cloud Kata for Start-Ups and Developers
Service
cluster ecs-demo
serviceName vote-app-service
taskDefinition vote-app-task
loadBalancers [
loadBalancerName ecs-demo-ecs-elb
containerName rdquokata-demo-container
containerPort 8080
]
desiredCount 1
role ecsServiceRolerdquo
AWS Cloud Kata for Start-Ups and Developers
Serverless
AWS Cloud Kata for Start-Ups and Developers
2) Continuous Scaling 1) No Servers to Manage
AWS Lambda automatically scales your application by running code in response to each trigger Your code runs in parallel and processes each trigger individually scaling
precisely with the size of the workload
3) Subsecond Metering
With AWS Lambda you are charged for every 100ms your code executes and the number of times your code is triggered You dont pay anything when your code
isnt running
AWS Lambda automatically runs your code without requiring you to provision or
manage servers Just write the code and upload it to Lambda
Benefits of AWS Lambda
AWS Cloud Kata for Start-Ups and Developers
How Lambda works
S3 event
notifications
DynamoDB
StreamsKinesis
events
Cognito
eventsSNS
events
Custom
events
CloudTrail
events LambdaDynamoDB
Kinesis S3
Any custom
Redshift
SNS
Any AWS
AWS Cloud Kata for Start-Ups and Developers
AWS Lambda API Gateway and AWS IoT
regions
Available regions
Singapore
Sydney
AWS Cloud Kata for Start-Ups and Developers
Lambda usage scenarios
AWS Cloud Kata for Start-Ups and Developers
Use case Data processing
Example Amazon S3 bucket triggers
Amazon S3 bucket events
Original objectCompressed object
1
2
3
AWS Lambda
AWS Cloud Kata for Start-Ups and Developers
Use case Dynamic data ingestion
ldquoI want to apply custom logic to process content being uploaded to my data storerdquo
bull PDF watermarking
bull Image thumbnailing and transcoding
bull Document metadata Indexing
bull Log aggregation and filtering
bull RSS feed processing
bull Media content validation
AWS Cloud Kata for Start-Ups and Developers
Use case Realtime data stream processing Amazon Kinesis
ldquoI want to apply custom logic to process logs being uploaded through my Kinesis streamrdquo
bull Client activity tracking
bull metrics generation
bull data cleansing
bull Log filtering
bull indexing and searching
bull Log routing
AWS Cloud Kata for Start-Ups and Developers
Use case mobile backend1 AWS Mobile SDK + Amazon Cognito for mobile app
Or AWS IoT for devices
2 AWS Lambda runs the code
3 Amazon API Gateway (if you want your own endpoint)
4 Amazon DynamoDB holds the data
AWS LambdaAmazon
DynamoDB
AWS Cloud Kata for Start-Ups and Developers
Use case Serverless web apps
1 Amazon S3 for serving static content
2 AWS Lambda for dynamic content
3 Amazon API Gateway for https access
4 Amazon DynamoDB for NoSQL data storage
Dynamic content
in AWS Lambda
Data stored in
Amazon
DynamoDB
API GatewayStatic content in
Amazon S3
AWS Cloud Kata for Start-Ups and Developers
Use case Alexa apps + Slack = serverless bots
Alexa tell Slack to
send ldquoIrsquom giving the
demo nowrdquo
Message retrieval through scheduled
polling
Kevin says
ldquoBreak a legrdquo
Message upload
(via Slack API)
Team
(channel users)
Slack
AWS Cloud Kata for Start-Ups and Developers
Additional scenarios
Cognito
CloudFormationLambda
Lambda
SNS Lambda
LambdaDynamoDB
AWS Cloud Kata for Start-Ups and Developers
DEMO
AWS Cloud Kata for Start-Ups and Developers
1 Image uploading service
2 Image processing service
Face wall service
Dashboard service
3 Data feed services
Input
Image
S3
S3
Output
Image
Metadata DB
App Metric
Lambda
Camera uploads photos with AWS SDK to S3
S3 triggers Lambda event
Lambda function detects faces outputs cropped
images to S3 and stores metadata in DynamoDB
Web application pulls data from face wall and
dashboard services through API gateway which
triggers Lambda function
$$ charged by
Exec time per 100ms
Storage per GB
Number of requests
ReadWrite throughput
AWS Cloud Kata for Start-Ups and Developers
Recent launches and
best practices
AWS Cloud Kata for Start-Ups and Developers
reInvent 2015
bull Python
bull Scheduled functions
bull Longer running times (5 min)
bull Versioning
Recent launches
Since reInventbull Higher code storage limits (from 5 GB to
75 GB)
bull Custom VPC
bull 1-minute schedules
bull New regional launch
bull Nodejs 432
bull 1-click CORs setup
bull Stage variables
bull Custom (Lambda) authorizers
bull Builtin Swagger importexport
bull AWS CloudFormation support for API Gateway and versions
AWS Cloud Kata for Start-Ups and Developers
Function schedules The how-to guide
How can I keep a function warm (no cold starts)
Schedule it
How can I poll a queue (like SQS)
Schedule a function to read the queue
How can I get more timers
Have one scheduled function async invoke other functions
How can I get granularity finer than 1 minute
Run a background timer in your scheduled function
AWS Cloud Kata for Start-Ups and Developers
Function versioning The how-to guide
How can I get mutable configuration info
Read it (eg from DynamoDB) during function initialization
Wrap your config in a function and call it from your published code
How do I ldquoroll backrdquo in AWS Lambda
Using aliases just switch what the alias points to
(As a collection add API Gateway andor CloudFormation)
How do I do bluegreen deployments
AWS Lambda handles fleet deployments but if you want to shape
traffic put a second ldquotraffic coprdquo function in front
How can I lock a clientdevice onto an old version
Point them directly to that versionrsquos ARN
AWS Cloud Kata for Start-Ups and Developers
AWS Lambda VPC basics
All Lambda functions run in a VPC all the time
You never need to ldquoturn onrdquo security ndash itrsquos always on
You can also grant Lambda functions access to resources in your own VPC
How Add VPC subnet IDs and security group IDs to the function config
Typical uses RDB ElastiCache private EC2 endpoints
Allows access to peered VPCs VPN endpoints and private S3 endpoints
Functions configured for VPC access lose internet accesshellip
unless you have managed NAT or a NAT instance in the VPC
hellipEven if you have ldquoAuto-assign Public IPrdquo enabled
hellipEven if you have an internet gateway set up in your VPC
hellipEven if your security group allows all outbound traffic
AWS Cloud Kata for Start-Ups and Developers
AWS Lambda VPC Best practices
VPC is optional ndash donrsquot turn in on unless you need it
The ENIs used by Lambdarsquos VPC feature count against your quota
Ensure you have enough to match your peak concurrency levels (wersquoll consolidate where we can)
DO NOT delete or rename these ENIs
Ensure your subnets have enough IPs for those ENIs
Specify at least one subnet in each Availability ZoneOtherwise Lambda will obey but canrsquot be as fault-tolerant
AWS Cloud Kata for Start-Ups and Developers
Container
ECS
Cluster
Task amp Service
AWS CLI or ECS CLI
Summary
Serverless
Lambda
Use cases
Best practices
New feature
AWS Cloud Kata for Start-Ups and Developers
Hong
Kong
Thank you
AWS Cloud Kata for Start-Ups and Developers
Amazon ECS Resource Management
Docker
Task
Container Instance
Container
Task
Container
Docker
Task
Container Instance
Container
Task
Container
Docker
Task
Container Instance
Container
Task
Container
AZ 1 AZ 2
Cluster Management Engine
AWS Cloud Kata for Start-Ups and Developers
Security
Isolation boundaries through EC2
instances
VPC only
Security Group and IAM roles support
AWS Cloud Kata for Start-Ups and Developers
Performance at Scale
Building block for distributed applications
Coordinates and automates container deployment
Launch thousands of containers in seconds
AWS Cloud Kata for Start-Ups and Developers
Designed for use with other AWS
services
Elastic Load Balancing
Amazon Elastic Block Store
Amazon Virtual Private Cloud
AWS Identity and Access Management
AWS CloudTrail
AWS Cloud Kata for Start-Ups and Developers
Key Components
Clusters
Containers
Task Definitions
Service
AWS Cloud Kata for Start-Ups and Developers
Typical User Workflow
I have a Docker
image and I want to
run the image on a
cluster
AWS Cloud Kata for Start-Ups and Developers
Typical User Workflow
Push Image(s)
Amazon ECR
Docker Hub
Or
AWS Cloud Kata for Start-Ups and Developers
Typical User Workflow
Create Task Definition Amazon ECS
Task Definition
- Image
- CPU memory
- Port mapping
- CMD
AWS Cloud Kata for Start-Ups and Developers
Typical User Workflow
Run Instances EC2
Use custom AMI with
Docker support and
ECS Agent Instances
will register with
default cluster
AWS Cloud Kata for Start-Ups and Developers
Typical User Workflow
Describe Cluster Amazon ECS
Get information about
cluster state and
available resources
AWS Cloud Kata for Start-Ups and Developers
Typical User Workflow
Run Task
or
Create Service
Amazon ECS
Using the task definition
created above
AWS Cloud Kata for Start-Ups and Developers
Typical User Workflow
Amazon ECSDescribe Cluster
Get information about
cluster state and
running containers
AWS Cloud Kata for Start-Ups and Developers
DEMO
AWS Cloud Kata for Start-Ups and Developers
Command
aws elb create-load-balancer --cli-input-json fileelb-ecsjson
aws ecs create-cluster --cluster-name ecs-demo
aws autoscaling create-launch-configuration --cli-input-json filelaunch-configjson --user-data fileuserdatatxt
aws autoscaling create-auto-scaling-group --cli-input-json fileauto-scaling-groupjson
aws ecs list-container-instances --cluster ecs-demo
docker build -t dicksonyuekata-demov5
docker run -d -p 80808080 dicksonyuekata-demov5
docker push
aws ecs register-task-definition --cli-input-json fileecs-taskjson
aws ecs update-service --cluster ecs-demo --service vote-app-service --desired-count 2 --task-definition kata-demo-task5
AWS Cloud Kata for Start-Ups and Developers
Task
family vote-app-task
containerDefinitions [
name rdquokata-demo-container
image dicksonyuekata-demov2
cpu 10
memory 500
portMappings [
containerPort 8080
hostPort 8080
]
essential true
command [
npm start
]
]
AWS Cloud Kata for Start-Ups and Developers
Service
cluster ecs-demo
serviceName vote-app-service
taskDefinition vote-app-task
loadBalancers [
loadBalancerName ecs-demo-ecs-elb
containerName rdquokata-demo-container
containerPort 8080
]
desiredCount 1
role ecsServiceRolerdquo
AWS Cloud Kata for Start-Ups and Developers
Serverless
AWS Cloud Kata for Start-Ups and Developers
2) Continuous Scaling 1) No Servers to Manage
AWS Lambda automatically scales your application by running code in response to each trigger Your code runs in parallel and processes each trigger individually scaling
precisely with the size of the workload
3) Subsecond Metering
With AWS Lambda you are charged for every 100ms your code executes and the number of times your code is triggered You dont pay anything when your code
isnt running
AWS Lambda automatically runs your code without requiring you to provision or
manage servers Just write the code and upload it to Lambda
Benefits of AWS Lambda
AWS Cloud Kata for Start-Ups and Developers
How Lambda works
S3 event
notifications
DynamoDB
StreamsKinesis
events
Cognito
eventsSNS
events
Custom
events
CloudTrail
events LambdaDynamoDB
Kinesis S3
Any custom
Redshift
SNS
Any AWS
AWS Cloud Kata for Start-Ups and Developers
AWS Lambda API Gateway and AWS IoT
regions
Available regions
Singapore
Sydney
AWS Cloud Kata for Start-Ups and Developers
Lambda usage scenarios
AWS Cloud Kata for Start-Ups and Developers
Use case Data processing
Example Amazon S3 bucket triggers
Amazon S3 bucket events
Original objectCompressed object
1
2
3
AWS Lambda
AWS Cloud Kata for Start-Ups and Developers
Use case Dynamic data ingestion
ldquoI want to apply custom logic to process content being uploaded to my data storerdquo
bull PDF watermarking
bull Image thumbnailing and transcoding
bull Document metadata Indexing
bull Log aggregation and filtering
bull RSS feed processing
bull Media content validation
AWS Cloud Kata for Start-Ups and Developers
Use case Realtime data stream processing Amazon Kinesis
ldquoI want to apply custom logic to process logs being uploaded through my Kinesis streamrdquo
bull Client activity tracking
bull metrics generation
bull data cleansing
bull Log filtering
bull indexing and searching
bull Log routing
AWS Cloud Kata for Start-Ups and Developers
Use case mobile backend1 AWS Mobile SDK + Amazon Cognito for mobile app
Or AWS IoT for devices
2 AWS Lambda runs the code
3 Amazon API Gateway (if you want your own endpoint)
4 Amazon DynamoDB holds the data
AWS LambdaAmazon
DynamoDB
AWS Cloud Kata for Start-Ups and Developers
Use case Serverless web apps
1 Amazon S3 for serving static content
2 AWS Lambda for dynamic content
3 Amazon API Gateway for https access
4 Amazon DynamoDB for NoSQL data storage
Dynamic content
in AWS Lambda
Data stored in
Amazon
DynamoDB
API GatewayStatic content in
Amazon S3
AWS Cloud Kata for Start-Ups and Developers
Use case Alexa apps + Slack = serverless bots
Alexa tell Slack to
send ldquoIrsquom giving the
demo nowrdquo
Message retrieval through scheduled
polling
Kevin says
ldquoBreak a legrdquo
Message upload
(via Slack API)
Team
(channel users)
Slack
AWS Cloud Kata for Start-Ups and Developers
Additional scenarios
Cognito
CloudFormationLambda
Lambda
SNS Lambda
LambdaDynamoDB
AWS Cloud Kata for Start-Ups and Developers
DEMO
AWS Cloud Kata for Start-Ups and Developers
1 Image uploading service
2 Image processing service
Face wall service
Dashboard service
3 Data feed services
Input
Image
S3
S3
Output
Image
Metadata DB
App Metric
Lambda
Camera uploads photos with AWS SDK to S3
S3 triggers Lambda event
Lambda function detects faces outputs cropped
images to S3 and stores metadata in DynamoDB
Web application pulls data from face wall and
dashboard services through API gateway which
triggers Lambda function
$$ charged by
Exec time per 100ms
Storage per GB
Number of requests
ReadWrite throughput
AWS Cloud Kata for Start-Ups and Developers
Recent launches and
best practices
AWS Cloud Kata for Start-Ups and Developers
reInvent 2015
bull Python
bull Scheduled functions
bull Longer running times (5 min)
bull Versioning
Recent launches
Since reInventbull Higher code storage limits (from 5 GB to
75 GB)
bull Custom VPC
bull 1-minute schedules
bull New regional launch
bull Nodejs 432
bull 1-click CORs setup
bull Stage variables
bull Custom (Lambda) authorizers
bull Builtin Swagger importexport
bull AWS CloudFormation support for API Gateway and versions
AWS Cloud Kata for Start-Ups and Developers
Function schedules The how-to guide
How can I keep a function warm (no cold starts)
Schedule it
How can I poll a queue (like SQS)
Schedule a function to read the queue
How can I get more timers
Have one scheduled function async invoke other functions
How can I get granularity finer than 1 minute
Run a background timer in your scheduled function
AWS Cloud Kata for Start-Ups and Developers
Function versioning The how-to guide
How can I get mutable configuration info
Read it (eg from DynamoDB) during function initialization
Wrap your config in a function and call it from your published code
How do I ldquoroll backrdquo in AWS Lambda
Using aliases just switch what the alias points to
(As a collection add API Gateway andor CloudFormation)
How do I do bluegreen deployments
AWS Lambda handles fleet deployments but if you want to shape
traffic put a second ldquotraffic coprdquo function in front
How can I lock a clientdevice onto an old version
Point them directly to that versionrsquos ARN
AWS Cloud Kata for Start-Ups and Developers
AWS Lambda VPC basics
All Lambda functions run in a VPC all the time
You never need to ldquoturn onrdquo security ndash itrsquos always on
You can also grant Lambda functions access to resources in your own VPC
How Add VPC subnet IDs and security group IDs to the function config
Typical uses RDB ElastiCache private EC2 endpoints
Allows access to peered VPCs VPN endpoints and private S3 endpoints
Functions configured for VPC access lose internet accesshellip
unless you have managed NAT or a NAT instance in the VPC
hellipEven if you have ldquoAuto-assign Public IPrdquo enabled
hellipEven if you have an internet gateway set up in your VPC
hellipEven if your security group allows all outbound traffic
AWS Cloud Kata for Start-Ups and Developers
AWS Lambda VPC Best practices
VPC is optional ndash donrsquot turn in on unless you need it
The ENIs used by Lambdarsquos VPC feature count against your quota
Ensure you have enough to match your peak concurrency levels (wersquoll consolidate where we can)
DO NOT delete or rename these ENIs
Ensure your subnets have enough IPs for those ENIs
Specify at least one subnet in each Availability ZoneOtherwise Lambda will obey but canrsquot be as fault-tolerant
AWS Cloud Kata for Start-Ups and Developers
Container
ECS
Cluster
Task amp Service
AWS CLI or ECS CLI
Summary
Serverless
Lambda
Use cases
Best practices
New feature
AWS Cloud Kata for Start-Ups and Developers
Hong
Kong
Thank you
AWS Cloud Kata for Start-Ups and Developers
Security
Isolation boundaries through EC2
instances
VPC only
Security Group and IAM roles support
AWS Cloud Kata for Start-Ups and Developers
Performance at Scale
Building block for distributed applications
Coordinates and automates container deployment
Launch thousands of containers in seconds
AWS Cloud Kata for Start-Ups and Developers
Designed for use with other AWS
services
Elastic Load Balancing
Amazon Elastic Block Store
Amazon Virtual Private Cloud
AWS Identity and Access Management
AWS CloudTrail
AWS Cloud Kata for Start-Ups and Developers
Key Components
Clusters
Containers
Task Definitions
Service
AWS Cloud Kata for Start-Ups and Developers
Typical User Workflow
I have a Docker
image and I want to
run the image on a
cluster
AWS Cloud Kata for Start-Ups and Developers
Typical User Workflow
Push Image(s)
Amazon ECR
Docker Hub
Or
AWS Cloud Kata for Start-Ups and Developers
Typical User Workflow
Create Task Definition Amazon ECS
Task Definition
- Image
- CPU memory
- Port mapping
- CMD
AWS Cloud Kata for Start-Ups and Developers
Typical User Workflow
Run Instances EC2
Use custom AMI with
Docker support and
ECS Agent Instances
will register with
default cluster
AWS Cloud Kata for Start-Ups and Developers
Typical User Workflow
Describe Cluster Amazon ECS
Get information about
cluster state and
available resources
AWS Cloud Kata for Start-Ups and Developers
Typical User Workflow
Run Task
or
Create Service
Amazon ECS
Using the task definition
created above
AWS Cloud Kata for Start-Ups and Developers
Typical User Workflow
Amazon ECSDescribe Cluster
Get information about
cluster state and
running containers
AWS Cloud Kata for Start-Ups and Developers
DEMO
AWS Cloud Kata for Start-Ups and Developers
Command
aws elb create-load-balancer --cli-input-json fileelb-ecsjson
aws ecs create-cluster --cluster-name ecs-demo
aws autoscaling create-launch-configuration --cli-input-json filelaunch-configjson --user-data fileuserdatatxt
aws autoscaling create-auto-scaling-group --cli-input-json fileauto-scaling-groupjson
aws ecs list-container-instances --cluster ecs-demo
docker build -t dicksonyuekata-demov5
docker run -d -p 80808080 dicksonyuekata-demov5
docker push
aws ecs register-task-definition --cli-input-json fileecs-taskjson
aws ecs update-service --cluster ecs-demo --service vote-app-service --desired-count 2 --task-definition kata-demo-task5
AWS Cloud Kata for Start-Ups and Developers
Task
family vote-app-task
containerDefinitions [
name rdquokata-demo-container
image dicksonyuekata-demov2
cpu 10
memory 500
portMappings [
containerPort 8080
hostPort 8080
]
essential true
command [
npm start
]
]
AWS Cloud Kata for Start-Ups and Developers
Service
cluster ecs-demo
serviceName vote-app-service
taskDefinition vote-app-task
loadBalancers [
loadBalancerName ecs-demo-ecs-elb
containerName rdquokata-demo-container
containerPort 8080
]
desiredCount 1
role ecsServiceRolerdquo
AWS Cloud Kata for Start-Ups and Developers
Serverless
AWS Cloud Kata for Start-Ups and Developers
2) Continuous Scaling 1) No Servers to Manage
AWS Lambda automatically scales your application by running code in response to each trigger Your code runs in parallel and processes each trigger individually scaling
precisely with the size of the workload
3) Subsecond Metering
With AWS Lambda you are charged for every 100ms your code executes and the number of times your code is triggered You dont pay anything when your code
isnt running
AWS Lambda automatically runs your code without requiring you to provision or
manage servers Just write the code and upload it to Lambda
Benefits of AWS Lambda
AWS Cloud Kata for Start-Ups and Developers
How Lambda works
S3 event
notifications
DynamoDB
StreamsKinesis
events
Cognito
eventsSNS
events
Custom
events
CloudTrail
events LambdaDynamoDB
Kinesis S3
Any custom
Redshift
SNS
Any AWS
AWS Cloud Kata for Start-Ups and Developers
AWS Lambda API Gateway and AWS IoT
regions
Available regions
Singapore
Sydney
AWS Cloud Kata for Start-Ups and Developers
Lambda usage scenarios
AWS Cloud Kata for Start-Ups and Developers
Use case Data processing
Example Amazon S3 bucket triggers
Amazon S3 bucket events
Original objectCompressed object
1
2
3
AWS Lambda
AWS Cloud Kata for Start-Ups and Developers
Use case Dynamic data ingestion
ldquoI want to apply custom logic to process content being uploaded to my data storerdquo
bull PDF watermarking
bull Image thumbnailing and transcoding
bull Document metadata Indexing
bull Log aggregation and filtering
bull RSS feed processing
bull Media content validation
AWS Cloud Kata for Start-Ups and Developers
Use case Realtime data stream processing Amazon Kinesis
ldquoI want to apply custom logic to process logs being uploaded through my Kinesis streamrdquo
bull Client activity tracking
bull metrics generation
bull data cleansing
bull Log filtering
bull indexing and searching
bull Log routing
AWS Cloud Kata for Start-Ups and Developers
Use case mobile backend1 AWS Mobile SDK + Amazon Cognito for mobile app
Or AWS IoT for devices
2 AWS Lambda runs the code
3 Amazon API Gateway (if you want your own endpoint)
4 Amazon DynamoDB holds the data
AWS LambdaAmazon
DynamoDB
AWS Cloud Kata for Start-Ups and Developers
Use case Serverless web apps
1 Amazon S3 for serving static content
2 AWS Lambda for dynamic content
3 Amazon API Gateway for https access
4 Amazon DynamoDB for NoSQL data storage
Dynamic content
in AWS Lambda
Data stored in
Amazon
DynamoDB
API GatewayStatic content in
Amazon S3
AWS Cloud Kata for Start-Ups and Developers
Use case Alexa apps + Slack = serverless bots
Alexa tell Slack to
send ldquoIrsquom giving the
demo nowrdquo
Message retrieval through scheduled
polling
Kevin says
ldquoBreak a legrdquo
Message upload
(via Slack API)
Team
(channel users)
Slack
AWS Cloud Kata for Start-Ups and Developers
Additional scenarios
Cognito
CloudFormationLambda
Lambda
SNS Lambda
LambdaDynamoDB
AWS Cloud Kata for Start-Ups and Developers
DEMO
AWS Cloud Kata for Start-Ups and Developers
1 Image uploading service
2 Image processing service
Face wall service
Dashboard service
3 Data feed services
Input
Image
S3
S3
Output
Image
Metadata DB
App Metric
Lambda
Camera uploads photos with AWS SDK to S3
S3 triggers Lambda event
Lambda function detects faces outputs cropped
images to S3 and stores metadata in DynamoDB
Web application pulls data from face wall and
dashboard services through API gateway which
triggers Lambda function
$$ charged by
Exec time per 100ms
Storage per GB
Number of requests
ReadWrite throughput
AWS Cloud Kata for Start-Ups and Developers
Recent launches and
best practices
AWS Cloud Kata for Start-Ups and Developers
reInvent 2015
bull Python
bull Scheduled functions
bull Longer running times (5 min)
bull Versioning
Recent launches
Since reInventbull Higher code storage limits (from 5 GB to
75 GB)
bull Custom VPC
bull 1-minute schedules
bull New regional launch
bull Nodejs 432
bull 1-click CORs setup
bull Stage variables
bull Custom (Lambda) authorizers
bull Builtin Swagger importexport
bull AWS CloudFormation support for API Gateway and versions
AWS Cloud Kata for Start-Ups and Developers
Function schedules The how-to guide
How can I keep a function warm (no cold starts)
Schedule it
How can I poll a queue (like SQS)
Schedule a function to read the queue
How can I get more timers
Have one scheduled function async invoke other functions
How can I get granularity finer than 1 minute
Run a background timer in your scheduled function
AWS Cloud Kata for Start-Ups and Developers
Function versioning The how-to guide
How can I get mutable configuration info
Read it (eg from DynamoDB) during function initialization
Wrap your config in a function and call it from your published code
How do I ldquoroll backrdquo in AWS Lambda
Using aliases just switch what the alias points to
(As a collection add API Gateway andor CloudFormation)
How do I do bluegreen deployments
AWS Lambda handles fleet deployments but if you want to shape
traffic put a second ldquotraffic coprdquo function in front
How can I lock a clientdevice onto an old version
Point them directly to that versionrsquos ARN
AWS Cloud Kata for Start-Ups and Developers
AWS Lambda VPC basics
All Lambda functions run in a VPC all the time
You never need to ldquoturn onrdquo security ndash itrsquos always on
You can also grant Lambda functions access to resources in your own VPC
How Add VPC subnet IDs and security group IDs to the function config
Typical uses RDB ElastiCache private EC2 endpoints
Allows access to peered VPCs VPN endpoints and private S3 endpoints
Functions configured for VPC access lose internet accesshellip
unless you have managed NAT or a NAT instance in the VPC
hellipEven if you have ldquoAuto-assign Public IPrdquo enabled
hellipEven if you have an internet gateway set up in your VPC
hellipEven if your security group allows all outbound traffic
AWS Cloud Kata for Start-Ups and Developers
AWS Lambda VPC Best practices
VPC is optional ndash donrsquot turn in on unless you need it
The ENIs used by Lambdarsquos VPC feature count against your quota
Ensure you have enough to match your peak concurrency levels (wersquoll consolidate where we can)
DO NOT delete or rename these ENIs
Ensure your subnets have enough IPs for those ENIs
Specify at least one subnet in each Availability ZoneOtherwise Lambda will obey but canrsquot be as fault-tolerant
AWS Cloud Kata for Start-Ups and Developers
Container
ECS
Cluster
Task amp Service
AWS CLI or ECS CLI
Summary
Serverless
Lambda
Use cases
Best practices
New feature
AWS Cloud Kata for Start-Ups and Developers
Hong
Kong
Thank you
AWS Cloud Kata for Start-Ups and Developers
Performance at Scale
Building block for distributed applications
Coordinates and automates container deployment
Launch thousands of containers in seconds
AWS Cloud Kata for Start-Ups and Developers
Designed for use with other AWS
services
Elastic Load Balancing
Amazon Elastic Block Store
Amazon Virtual Private Cloud
AWS Identity and Access Management
AWS CloudTrail
AWS Cloud Kata for Start-Ups and Developers
Key Components
Clusters
Containers
Task Definitions
Service
AWS Cloud Kata for Start-Ups and Developers
Typical User Workflow
I have a Docker
image and I want to
run the image on a
cluster
AWS Cloud Kata for Start-Ups and Developers
Typical User Workflow
Push Image(s)
Amazon ECR
Docker Hub
Or
AWS Cloud Kata for Start-Ups and Developers
Typical User Workflow
Create Task Definition Amazon ECS
Task Definition
- Image
- CPU memory
- Port mapping
- CMD
AWS Cloud Kata for Start-Ups and Developers
Typical User Workflow
Run Instances EC2
Use custom AMI with
Docker support and
ECS Agent Instances
will register with
default cluster
AWS Cloud Kata for Start-Ups and Developers
Typical User Workflow
Describe Cluster Amazon ECS
Get information about
cluster state and
available resources
AWS Cloud Kata for Start-Ups and Developers
Typical User Workflow
Run Task
or
Create Service
Amazon ECS
Using the task definition
created above
AWS Cloud Kata for Start-Ups and Developers
Typical User Workflow
Amazon ECSDescribe Cluster
Get information about
cluster state and
running containers
AWS Cloud Kata for Start-Ups and Developers
DEMO
AWS Cloud Kata for Start-Ups and Developers
Command
aws elb create-load-balancer --cli-input-json fileelb-ecsjson
aws ecs create-cluster --cluster-name ecs-demo
aws autoscaling create-launch-configuration --cli-input-json filelaunch-configjson --user-data fileuserdatatxt
aws autoscaling create-auto-scaling-group --cli-input-json fileauto-scaling-groupjson
aws ecs list-container-instances --cluster ecs-demo
docker build -t dicksonyuekata-demov5
docker run -d -p 80808080 dicksonyuekata-demov5
docker push
aws ecs register-task-definition --cli-input-json fileecs-taskjson
aws ecs update-service --cluster ecs-demo --service vote-app-service --desired-count 2 --task-definition kata-demo-task5
AWS Cloud Kata for Start-Ups and Developers
Task
family vote-app-task
containerDefinitions [
name rdquokata-demo-container
image dicksonyuekata-demov2
cpu 10
memory 500
portMappings [
containerPort 8080
hostPort 8080
]
essential true
command [
npm start
]
]
AWS Cloud Kata for Start-Ups and Developers
Service
cluster ecs-demo
serviceName vote-app-service
taskDefinition vote-app-task
loadBalancers [
loadBalancerName ecs-demo-ecs-elb
containerName rdquokata-demo-container
containerPort 8080
]
desiredCount 1
role ecsServiceRolerdquo
AWS Cloud Kata for Start-Ups and Developers
Serverless
AWS Cloud Kata for Start-Ups and Developers
2) Continuous Scaling 1) No Servers to Manage
AWS Lambda automatically scales your application by running code in response to each trigger Your code runs in parallel and processes each trigger individually scaling
precisely with the size of the workload
3) Subsecond Metering
With AWS Lambda you are charged for every 100ms your code executes and the number of times your code is triggered You dont pay anything when your code
isnt running
AWS Lambda automatically runs your code without requiring you to provision or
manage servers Just write the code and upload it to Lambda
Benefits of AWS Lambda
AWS Cloud Kata for Start-Ups and Developers
How Lambda works
S3 event
notifications
DynamoDB
StreamsKinesis
events
Cognito
eventsSNS
events
Custom
events
CloudTrail
events LambdaDynamoDB
Kinesis S3
Any custom
Redshift
SNS
Any AWS
AWS Cloud Kata for Start-Ups and Developers
AWS Lambda API Gateway and AWS IoT
regions
Available regions
Singapore
Sydney
AWS Cloud Kata for Start-Ups and Developers
Lambda usage scenarios
AWS Cloud Kata for Start-Ups and Developers
Use case Data processing
Example Amazon S3 bucket triggers
Amazon S3 bucket events
Original objectCompressed object
1
2
3
AWS Lambda
AWS Cloud Kata for Start-Ups and Developers
Use case Dynamic data ingestion
ldquoI want to apply custom logic to process content being uploaded to my data storerdquo
bull PDF watermarking
bull Image thumbnailing and transcoding
bull Document metadata Indexing
bull Log aggregation and filtering
bull RSS feed processing
bull Media content validation
AWS Cloud Kata for Start-Ups and Developers
Use case Realtime data stream processing Amazon Kinesis
ldquoI want to apply custom logic to process logs being uploaded through my Kinesis streamrdquo
bull Client activity tracking
bull metrics generation
bull data cleansing
bull Log filtering
bull indexing and searching
bull Log routing
AWS Cloud Kata for Start-Ups and Developers
Use case mobile backend1 AWS Mobile SDK + Amazon Cognito for mobile app
Or AWS IoT for devices
2 AWS Lambda runs the code
3 Amazon API Gateway (if you want your own endpoint)
4 Amazon DynamoDB holds the data
AWS LambdaAmazon
DynamoDB
AWS Cloud Kata for Start-Ups and Developers
Use case Serverless web apps
1 Amazon S3 for serving static content
2 AWS Lambda for dynamic content
3 Amazon API Gateway for https access
4 Amazon DynamoDB for NoSQL data storage
Dynamic content
in AWS Lambda
Data stored in
Amazon
DynamoDB
API GatewayStatic content in
Amazon S3
AWS Cloud Kata for Start-Ups and Developers
Use case Alexa apps + Slack = serverless bots
Alexa tell Slack to
send ldquoIrsquom giving the
demo nowrdquo
Message retrieval through scheduled
polling
Kevin says
ldquoBreak a legrdquo
Message upload
(via Slack API)
Team
(channel users)
Slack
AWS Cloud Kata for Start-Ups and Developers
Additional scenarios
Cognito
CloudFormationLambda
Lambda
SNS Lambda
LambdaDynamoDB
AWS Cloud Kata for Start-Ups and Developers
DEMO
AWS Cloud Kata for Start-Ups and Developers
1 Image uploading service
2 Image processing service
Face wall service
Dashboard service
3 Data feed services
Input
Image
S3
S3
Output
Image
Metadata DB
App Metric
Lambda
Camera uploads photos with AWS SDK to S3
S3 triggers Lambda event
Lambda function detects faces outputs cropped
images to S3 and stores metadata in DynamoDB
Web application pulls data from face wall and
dashboard services through API gateway which
triggers Lambda function
$$ charged by
Exec time per 100ms
Storage per GB
Number of requests
ReadWrite throughput
AWS Cloud Kata for Start-Ups and Developers
Recent launches and
best practices
AWS Cloud Kata for Start-Ups and Developers
reInvent 2015
bull Python
bull Scheduled functions
bull Longer running times (5 min)
bull Versioning
Recent launches
Since reInventbull Higher code storage limits (from 5 GB to
75 GB)
bull Custom VPC
bull 1-minute schedules
bull New regional launch
bull Nodejs 432
bull 1-click CORs setup
bull Stage variables
bull Custom (Lambda) authorizers
bull Builtin Swagger importexport
bull AWS CloudFormation support for API Gateway and versions
AWS Cloud Kata for Start-Ups and Developers
Function schedules The how-to guide
How can I keep a function warm (no cold starts)
Schedule it
How can I poll a queue (like SQS)
Schedule a function to read the queue
How can I get more timers
Have one scheduled function async invoke other functions
How can I get granularity finer than 1 minute
Run a background timer in your scheduled function
AWS Cloud Kata for Start-Ups and Developers
Function versioning The how-to guide
How can I get mutable configuration info
Read it (eg from DynamoDB) during function initialization
Wrap your config in a function and call it from your published code
How do I ldquoroll backrdquo in AWS Lambda
Using aliases just switch what the alias points to
(As a collection add API Gateway andor CloudFormation)
How do I do bluegreen deployments
AWS Lambda handles fleet deployments but if you want to shape
traffic put a second ldquotraffic coprdquo function in front
How can I lock a clientdevice onto an old version
Point them directly to that versionrsquos ARN
AWS Cloud Kata for Start-Ups and Developers
AWS Lambda VPC basics
All Lambda functions run in a VPC all the time
You never need to ldquoturn onrdquo security ndash itrsquos always on
You can also grant Lambda functions access to resources in your own VPC
How Add VPC subnet IDs and security group IDs to the function config
Typical uses RDB ElastiCache private EC2 endpoints
Allows access to peered VPCs VPN endpoints and private S3 endpoints
Functions configured for VPC access lose internet accesshellip
unless you have managed NAT or a NAT instance in the VPC
hellipEven if you have ldquoAuto-assign Public IPrdquo enabled
hellipEven if you have an internet gateway set up in your VPC
hellipEven if your security group allows all outbound traffic
AWS Cloud Kata for Start-Ups and Developers
AWS Lambda VPC Best practices
VPC is optional ndash donrsquot turn in on unless you need it
The ENIs used by Lambdarsquos VPC feature count against your quota
Ensure you have enough to match your peak concurrency levels (wersquoll consolidate where we can)
DO NOT delete or rename these ENIs
Ensure your subnets have enough IPs for those ENIs
Specify at least one subnet in each Availability ZoneOtherwise Lambda will obey but canrsquot be as fault-tolerant
AWS Cloud Kata for Start-Ups and Developers
Container
ECS
Cluster
Task amp Service
AWS CLI or ECS CLI
Summary
Serverless
Lambda
Use cases
Best practices
New feature
AWS Cloud Kata for Start-Ups and Developers
Hong
Kong
Thank you
AWS Cloud Kata for Start-Ups and Developers
Designed for use with other AWS
services
Elastic Load Balancing
Amazon Elastic Block Store
Amazon Virtual Private Cloud
AWS Identity and Access Management
AWS CloudTrail
AWS Cloud Kata for Start-Ups and Developers
Key Components
Clusters
Containers
Task Definitions
Service
AWS Cloud Kata for Start-Ups and Developers
Typical User Workflow
I have a Docker
image and I want to
run the image on a
cluster
AWS Cloud Kata for Start-Ups and Developers
Typical User Workflow
Push Image(s)
Amazon ECR
Docker Hub
Or
AWS Cloud Kata for Start-Ups and Developers
Typical User Workflow
Create Task Definition Amazon ECS
Task Definition
- Image
- CPU memory
- Port mapping
- CMD
AWS Cloud Kata for Start-Ups and Developers
Typical User Workflow
Run Instances EC2
Use custom AMI with
Docker support and
ECS Agent Instances
will register with
default cluster
AWS Cloud Kata for Start-Ups and Developers
Typical User Workflow
Describe Cluster Amazon ECS
Get information about
cluster state and
available resources
AWS Cloud Kata for Start-Ups and Developers
Typical User Workflow
Run Task
or
Create Service
Amazon ECS
Using the task definition
created above
AWS Cloud Kata for Start-Ups and Developers
Typical User Workflow
Amazon ECSDescribe Cluster
Get information about
cluster state and
running containers
AWS Cloud Kata for Start-Ups and Developers
DEMO
AWS Cloud Kata for Start-Ups and Developers
Command
aws elb create-load-balancer --cli-input-json fileelb-ecsjson
aws ecs create-cluster --cluster-name ecs-demo
aws autoscaling create-launch-configuration --cli-input-json filelaunch-configjson --user-data fileuserdatatxt
aws autoscaling create-auto-scaling-group --cli-input-json fileauto-scaling-groupjson
aws ecs list-container-instances --cluster ecs-demo
docker build -t dicksonyuekata-demov5
docker run -d -p 80808080 dicksonyuekata-demov5
docker push
aws ecs register-task-definition --cli-input-json fileecs-taskjson
aws ecs update-service --cluster ecs-demo --service vote-app-service --desired-count 2 --task-definition kata-demo-task5
AWS Cloud Kata for Start-Ups and Developers
Task
family vote-app-task
containerDefinitions [
name rdquokata-demo-container
image dicksonyuekata-demov2
cpu 10
memory 500
portMappings [
containerPort 8080
hostPort 8080
]
essential true
command [
npm start
]
]
AWS Cloud Kata for Start-Ups and Developers
Service
cluster ecs-demo
serviceName vote-app-service
taskDefinition vote-app-task
loadBalancers [
loadBalancerName ecs-demo-ecs-elb
containerName rdquokata-demo-container
containerPort 8080
]
desiredCount 1
role ecsServiceRolerdquo
AWS Cloud Kata for Start-Ups and Developers
Serverless
AWS Cloud Kata for Start-Ups and Developers
2) Continuous Scaling 1) No Servers to Manage
AWS Lambda automatically scales your application by running code in response to each trigger Your code runs in parallel and processes each trigger individually scaling
precisely with the size of the workload
3) Subsecond Metering
With AWS Lambda you are charged for every 100ms your code executes and the number of times your code is triggered You dont pay anything when your code
isnt running
AWS Lambda automatically runs your code without requiring you to provision or
manage servers Just write the code and upload it to Lambda
Benefits of AWS Lambda
AWS Cloud Kata for Start-Ups and Developers
How Lambda works
S3 event
notifications
DynamoDB
StreamsKinesis
events
Cognito
eventsSNS
events
Custom
events
CloudTrail
events LambdaDynamoDB
Kinesis S3
Any custom
Redshift
SNS
Any AWS
AWS Cloud Kata for Start-Ups and Developers
AWS Lambda API Gateway and AWS IoT
regions
Available regions
Singapore
Sydney
AWS Cloud Kata for Start-Ups and Developers
Lambda usage scenarios
AWS Cloud Kata for Start-Ups and Developers
Use case Data processing
Example Amazon S3 bucket triggers
Amazon S3 bucket events
Original objectCompressed object
1
2
3
AWS Lambda
AWS Cloud Kata for Start-Ups and Developers
Use case Dynamic data ingestion
ldquoI want to apply custom logic to process content being uploaded to my data storerdquo
bull PDF watermarking
bull Image thumbnailing and transcoding
bull Document metadata Indexing
bull Log aggregation and filtering
bull RSS feed processing
bull Media content validation
AWS Cloud Kata for Start-Ups and Developers
Use case Realtime data stream processing Amazon Kinesis
ldquoI want to apply custom logic to process logs being uploaded through my Kinesis streamrdquo
bull Client activity tracking
bull metrics generation
bull data cleansing
bull Log filtering
bull indexing and searching
bull Log routing
AWS Cloud Kata for Start-Ups and Developers
Use case mobile backend1 AWS Mobile SDK + Amazon Cognito for mobile app
Or AWS IoT for devices
2 AWS Lambda runs the code
3 Amazon API Gateway (if you want your own endpoint)
4 Amazon DynamoDB holds the data
AWS LambdaAmazon
DynamoDB
AWS Cloud Kata for Start-Ups and Developers
Use case Serverless web apps
1 Amazon S3 for serving static content
2 AWS Lambda for dynamic content
3 Amazon API Gateway for https access
4 Amazon DynamoDB for NoSQL data storage
Dynamic content
in AWS Lambda
Data stored in
Amazon
DynamoDB
API GatewayStatic content in
Amazon S3
AWS Cloud Kata for Start-Ups and Developers
Use case Alexa apps + Slack = serverless bots
Alexa tell Slack to
send ldquoIrsquom giving the
demo nowrdquo
Message retrieval through scheduled
polling
Kevin says
ldquoBreak a legrdquo
Message upload
(via Slack API)
Team
(channel users)
Slack
AWS Cloud Kata for Start-Ups and Developers
Additional scenarios
Cognito
CloudFormationLambda
Lambda
SNS Lambda
LambdaDynamoDB
AWS Cloud Kata for Start-Ups and Developers
DEMO
AWS Cloud Kata for Start-Ups and Developers
1 Image uploading service
2 Image processing service
Face wall service
Dashboard service
3 Data feed services
Input
Image
S3
S3
Output
Image
Metadata DB
App Metric
Lambda
Camera uploads photos with AWS SDK to S3
S3 triggers Lambda event
Lambda function detects faces outputs cropped
images to S3 and stores metadata in DynamoDB
Web application pulls data from face wall and
dashboard services through API gateway which
triggers Lambda function
$$ charged by
Exec time per 100ms
Storage per GB
Number of requests
ReadWrite throughput
AWS Cloud Kata for Start-Ups and Developers
Recent launches and
best practices
AWS Cloud Kata for Start-Ups and Developers
reInvent 2015
bull Python
bull Scheduled functions
bull Longer running times (5 min)
bull Versioning
Recent launches
Since reInventbull Higher code storage limits (from 5 GB to
75 GB)
bull Custom VPC
bull 1-minute schedules
bull New regional launch
bull Nodejs 432
bull 1-click CORs setup
bull Stage variables
bull Custom (Lambda) authorizers
bull Builtin Swagger importexport
bull AWS CloudFormation support for API Gateway and versions
AWS Cloud Kata for Start-Ups and Developers
Function schedules The how-to guide
How can I keep a function warm (no cold starts)
Schedule it
How can I poll a queue (like SQS)
Schedule a function to read the queue
How can I get more timers
Have one scheduled function async invoke other functions
How can I get granularity finer than 1 minute
Run a background timer in your scheduled function
AWS Cloud Kata for Start-Ups and Developers
Function versioning The how-to guide
How can I get mutable configuration info
Read it (eg from DynamoDB) during function initialization
Wrap your config in a function and call it from your published code
How do I ldquoroll backrdquo in AWS Lambda
Using aliases just switch what the alias points to
(As a collection add API Gateway andor CloudFormation)
How do I do bluegreen deployments
AWS Lambda handles fleet deployments but if you want to shape
traffic put a second ldquotraffic coprdquo function in front
How can I lock a clientdevice onto an old version
Point them directly to that versionrsquos ARN
AWS Cloud Kata for Start-Ups and Developers
AWS Lambda VPC basics
All Lambda functions run in a VPC all the time
You never need to ldquoturn onrdquo security ndash itrsquos always on
You can also grant Lambda functions access to resources in your own VPC
How Add VPC subnet IDs and security group IDs to the function config
Typical uses RDB ElastiCache private EC2 endpoints
Allows access to peered VPCs VPN endpoints and private S3 endpoints
Functions configured for VPC access lose internet accesshellip
unless you have managed NAT or a NAT instance in the VPC
hellipEven if you have ldquoAuto-assign Public IPrdquo enabled
hellipEven if you have an internet gateway set up in your VPC
hellipEven if your security group allows all outbound traffic
AWS Cloud Kata for Start-Ups and Developers
AWS Lambda VPC Best practices
VPC is optional ndash donrsquot turn in on unless you need it
The ENIs used by Lambdarsquos VPC feature count against your quota
Ensure you have enough to match your peak concurrency levels (wersquoll consolidate where we can)
DO NOT delete or rename these ENIs
Ensure your subnets have enough IPs for those ENIs
Specify at least one subnet in each Availability ZoneOtherwise Lambda will obey but canrsquot be as fault-tolerant
AWS Cloud Kata for Start-Ups and Developers
Container
ECS
Cluster
Task amp Service
AWS CLI or ECS CLI
Summary
Serverless
Lambda
Use cases
Best practices
New feature
AWS Cloud Kata for Start-Ups and Developers
Hong
Kong
Thank you
AWS Cloud Kata for Start-Ups and Developers
Key Components
Clusters
Containers
Task Definitions
Service
AWS Cloud Kata for Start-Ups and Developers
Typical User Workflow
I have a Docker
image and I want to
run the image on a
cluster
AWS Cloud Kata for Start-Ups and Developers
Typical User Workflow
Push Image(s)
Amazon ECR
Docker Hub
Or
AWS Cloud Kata for Start-Ups and Developers
Typical User Workflow
Create Task Definition Amazon ECS
Task Definition
- Image
- CPU memory
- Port mapping
- CMD
AWS Cloud Kata for Start-Ups and Developers
Typical User Workflow
Run Instances EC2
Use custom AMI with
Docker support and
ECS Agent Instances
will register with
default cluster
AWS Cloud Kata for Start-Ups and Developers
Typical User Workflow
Describe Cluster Amazon ECS
Get information about
cluster state and
available resources
AWS Cloud Kata for Start-Ups and Developers
Typical User Workflow
Run Task
or
Create Service
Amazon ECS
Using the task definition
created above
AWS Cloud Kata for Start-Ups and Developers
Typical User Workflow
Amazon ECSDescribe Cluster
Get information about
cluster state and
running containers
AWS Cloud Kata for Start-Ups and Developers
DEMO
AWS Cloud Kata for Start-Ups and Developers
Command
aws elb create-load-balancer --cli-input-json fileelb-ecsjson
aws ecs create-cluster --cluster-name ecs-demo
aws autoscaling create-launch-configuration --cli-input-json filelaunch-configjson --user-data fileuserdatatxt
aws autoscaling create-auto-scaling-group --cli-input-json fileauto-scaling-groupjson
aws ecs list-container-instances --cluster ecs-demo
docker build -t dicksonyuekata-demov5
docker run -d -p 80808080 dicksonyuekata-demov5
docker push
aws ecs register-task-definition --cli-input-json fileecs-taskjson
aws ecs update-service --cluster ecs-demo --service vote-app-service --desired-count 2 --task-definition kata-demo-task5
AWS Cloud Kata for Start-Ups and Developers
Task
family vote-app-task
containerDefinitions [
name rdquokata-demo-container
image dicksonyuekata-demov2
cpu 10
memory 500
portMappings [
containerPort 8080
hostPort 8080
]
essential true
command [
npm start
]
]
AWS Cloud Kata for Start-Ups and Developers
Service
cluster ecs-demo
serviceName vote-app-service
taskDefinition vote-app-task
loadBalancers [
loadBalancerName ecs-demo-ecs-elb
containerName rdquokata-demo-container
containerPort 8080
]
desiredCount 1
role ecsServiceRolerdquo
AWS Cloud Kata for Start-Ups and Developers
Serverless
AWS Cloud Kata for Start-Ups and Developers
2) Continuous Scaling 1) No Servers to Manage
AWS Lambda automatically scales your application by running code in response to each trigger Your code runs in parallel and processes each trigger individually scaling
precisely with the size of the workload
3) Subsecond Metering
With AWS Lambda you are charged for every 100ms your code executes and the number of times your code is triggered You dont pay anything when your code
isnt running
AWS Lambda automatically runs your code without requiring you to provision or
manage servers Just write the code and upload it to Lambda
Benefits of AWS Lambda
AWS Cloud Kata for Start-Ups and Developers
How Lambda works
S3 event
notifications
DynamoDB
StreamsKinesis
events
Cognito
eventsSNS
events
Custom
events
CloudTrail
events LambdaDynamoDB
Kinesis S3
Any custom
Redshift
SNS
Any AWS
AWS Cloud Kata for Start-Ups and Developers
AWS Lambda API Gateway and AWS IoT
regions
Available regions
Singapore
Sydney
AWS Cloud Kata for Start-Ups and Developers
Lambda usage scenarios
AWS Cloud Kata for Start-Ups and Developers
Use case Data processing
Example Amazon S3 bucket triggers
Amazon S3 bucket events
Original objectCompressed object
1
2
3
AWS Lambda
AWS Cloud Kata for Start-Ups and Developers
Use case Dynamic data ingestion
ldquoI want to apply custom logic to process content being uploaded to my data storerdquo
bull PDF watermarking
bull Image thumbnailing and transcoding
bull Document metadata Indexing
bull Log aggregation and filtering
bull RSS feed processing
bull Media content validation
AWS Cloud Kata for Start-Ups and Developers
Use case Realtime data stream processing Amazon Kinesis
ldquoI want to apply custom logic to process logs being uploaded through my Kinesis streamrdquo
bull Client activity tracking
bull metrics generation
bull data cleansing
bull Log filtering
bull indexing and searching
bull Log routing
AWS Cloud Kata for Start-Ups and Developers
Use case mobile backend1 AWS Mobile SDK + Amazon Cognito for mobile app
Or AWS IoT for devices
2 AWS Lambda runs the code
3 Amazon API Gateway (if you want your own endpoint)
4 Amazon DynamoDB holds the data
AWS LambdaAmazon
DynamoDB
AWS Cloud Kata for Start-Ups and Developers
Use case Serverless web apps
1 Amazon S3 for serving static content
2 AWS Lambda for dynamic content
3 Amazon API Gateway for https access
4 Amazon DynamoDB for NoSQL data storage
Dynamic content
in AWS Lambda
Data stored in
Amazon
DynamoDB
API GatewayStatic content in
Amazon S3
AWS Cloud Kata for Start-Ups and Developers
Use case Alexa apps + Slack = serverless bots
Alexa tell Slack to
send ldquoIrsquom giving the
demo nowrdquo
Message retrieval through scheduled
polling
Kevin says
ldquoBreak a legrdquo
Message upload
(via Slack API)
Team
(channel users)
Slack
AWS Cloud Kata for Start-Ups and Developers
Additional scenarios
Cognito
CloudFormationLambda
Lambda
SNS Lambda
LambdaDynamoDB
AWS Cloud Kata for Start-Ups and Developers
DEMO
AWS Cloud Kata for Start-Ups and Developers
1 Image uploading service
2 Image processing service
Face wall service
Dashboard service
3 Data feed services
Input
Image
S3
S3
Output
Image
Metadata DB
App Metric
Lambda
Camera uploads photos with AWS SDK to S3
S3 triggers Lambda event
Lambda function detects faces outputs cropped
images to S3 and stores metadata in DynamoDB
Web application pulls data from face wall and
dashboard services through API gateway which
triggers Lambda function
$$ charged by
Exec time per 100ms
Storage per GB
Number of requests
ReadWrite throughput
AWS Cloud Kata for Start-Ups and Developers
Recent launches and
best practices
AWS Cloud Kata for Start-Ups and Developers
reInvent 2015
bull Python
bull Scheduled functions
bull Longer running times (5 min)
bull Versioning
Recent launches
Since reInventbull Higher code storage limits (from 5 GB to
75 GB)
bull Custom VPC
bull 1-minute schedules
bull New regional launch
bull Nodejs 432
bull 1-click CORs setup
bull Stage variables
bull Custom (Lambda) authorizers
bull Builtin Swagger importexport
bull AWS CloudFormation support for API Gateway and versions
AWS Cloud Kata for Start-Ups and Developers
Function schedules The how-to guide
How can I keep a function warm (no cold starts)
Schedule it
How can I poll a queue (like SQS)
Schedule a function to read the queue
How can I get more timers
Have one scheduled function async invoke other functions
How can I get granularity finer than 1 minute
Run a background timer in your scheduled function
AWS Cloud Kata for Start-Ups and Developers
Function versioning The how-to guide
How can I get mutable configuration info
Read it (eg from DynamoDB) during function initialization
Wrap your config in a function and call it from your published code
How do I ldquoroll backrdquo in AWS Lambda
Using aliases just switch what the alias points to
(As a collection add API Gateway andor CloudFormation)
How do I do bluegreen deployments
AWS Lambda handles fleet deployments but if you want to shape
traffic put a second ldquotraffic coprdquo function in front
How can I lock a clientdevice onto an old version
Point them directly to that versionrsquos ARN
AWS Cloud Kata for Start-Ups and Developers
AWS Lambda VPC basics
All Lambda functions run in a VPC all the time
You never need to ldquoturn onrdquo security ndash itrsquos always on
You can also grant Lambda functions access to resources in your own VPC
How Add VPC subnet IDs and security group IDs to the function config
Typical uses RDB ElastiCache private EC2 endpoints
Allows access to peered VPCs VPN endpoints and private S3 endpoints
Functions configured for VPC access lose internet accesshellip
unless you have managed NAT or a NAT instance in the VPC
hellipEven if you have ldquoAuto-assign Public IPrdquo enabled
hellipEven if you have an internet gateway set up in your VPC
hellipEven if your security group allows all outbound traffic
AWS Cloud Kata for Start-Ups and Developers
AWS Lambda VPC Best practices
VPC is optional ndash donrsquot turn in on unless you need it
The ENIs used by Lambdarsquos VPC feature count against your quota
Ensure you have enough to match your peak concurrency levels (wersquoll consolidate where we can)
DO NOT delete or rename these ENIs
Ensure your subnets have enough IPs for those ENIs
Specify at least one subnet in each Availability ZoneOtherwise Lambda will obey but canrsquot be as fault-tolerant
AWS Cloud Kata for Start-Ups and Developers
Container
ECS
Cluster
Task amp Service
AWS CLI or ECS CLI
Summary
Serverless
Lambda
Use cases
Best practices
New feature
AWS Cloud Kata for Start-Ups and Developers
Hong
Kong
Thank you
AWS Cloud Kata for Start-Ups and Developers
Typical User Workflow
I have a Docker
image and I want to
run the image on a
cluster
AWS Cloud Kata for Start-Ups and Developers
Typical User Workflow
Push Image(s)
Amazon ECR
Docker Hub
Or
AWS Cloud Kata for Start-Ups and Developers
Typical User Workflow
Create Task Definition Amazon ECS
Task Definition
- Image
- CPU memory
- Port mapping
- CMD
AWS Cloud Kata for Start-Ups and Developers
Typical User Workflow
Run Instances EC2
Use custom AMI with
Docker support and
ECS Agent Instances
will register with
default cluster
AWS Cloud Kata for Start-Ups and Developers
Typical User Workflow
Describe Cluster Amazon ECS
Get information about
cluster state and
available resources
AWS Cloud Kata for Start-Ups and Developers
Typical User Workflow
Run Task
or
Create Service
Amazon ECS
Using the task definition
created above
AWS Cloud Kata for Start-Ups and Developers
Typical User Workflow
Amazon ECSDescribe Cluster
Get information about
cluster state and
running containers
AWS Cloud Kata for Start-Ups and Developers
DEMO
AWS Cloud Kata for Start-Ups and Developers
Command
aws elb create-load-balancer --cli-input-json fileelb-ecsjson
aws ecs create-cluster --cluster-name ecs-demo
aws autoscaling create-launch-configuration --cli-input-json filelaunch-configjson --user-data fileuserdatatxt
aws autoscaling create-auto-scaling-group --cli-input-json fileauto-scaling-groupjson
aws ecs list-container-instances --cluster ecs-demo
docker build -t dicksonyuekata-demov5
docker run -d -p 80808080 dicksonyuekata-demov5
docker push
aws ecs register-task-definition --cli-input-json fileecs-taskjson
aws ecs update-service --cluster ecs-demo --service vote-app-service --desired-count 2 --task-definition kata-demo-task5
AWS Cloud Kata for Start-Ups and Developers
Task
family vote-app-task
containerDefinitions [
name rdquokata-demo-container
image dicksonyuekata-demov2
cpu 10
memory 500
portMappings [
containerPort 8080
hostPort 8080
]
essential true
command [
npm start
]
]
AWS Cloud Kata for Start-Ups and Developers
Service
cluster ecs-demo
serviceName vote-app-service
taskDefinition vote-app-task
loadBalancers [
loadBalancerName ecs-demo-ecs-elb
containerName rdquokata-demo-container
containerPort 8080
]
desiredCount 1
role ecsServiceRolerdquo
AWS Cloud Kata for Start-Ups and Developers
Serverless
AWS Cloud Kata for Start-Ups and Developers
2) Continuous Scaling 1) No Servers to Manage
AWS Lambda automatically scales your application by running code in response to each trigger Your code runs in parallel and processes each trigger individually scaling
precisely with the size of the workload
3) Subsecond Metering
With AWS Lambda you are charged for every 100ms your code executes and the number of times your code is triggered You dont pay anything when your code
isnt running
AWS Lambda automatically runs your code without requiring you to provision or
manage servers Just write the code and upload it to Lambda
Benefits of AWS Lambda
AWS Cloud Kata for Start-Ups and Developers
How Lambda works
S3 event
notifications
DynamoDB
StreamsKinesis
events
Cognito
eventsSNS
events
Custom
events
CloudTrail
events LambdaDynamoDB
Kinesis S3
Any custom
Redshift
SNS
Any AWS
AWS Cloud Kata for Start-Ups and Developers
AWS Lambda API Gateway and AWS IoT
regions
Available regions
Singapore
Sydney
AWS Cloud Kata for Start-Ups and Developers
Lambda usage scenarios
AWS Cloud Kata for Start-Ups and Developers
Use case Data processing
Example Amazon S3 bucket triggers
Amazon S3 bucket events
Original objectCompressed object
1
2
3
AWS Lambda
AWS Cloud Kata for Start-Ups and Developers
Use case Dynamic data ingestion
ldquoI want to apply custom logic to process content being uploaded to my data storerdquo
bull PDF watermarking
bull Image thumbnailing and transcoding
bull Document metadata Indexing
bull Log aggregation and filtering
bull RSS feed processing
bull Media content validation
AWS Cloud Kata for Start-Ups and Developers
Use case Realtime data stream processing Amazon Kinesis
ldquoI want to apply custom logic to process logs being uploaded through my Kinesis streamrdquo
bull Client activity tracking
bull metrics generation
bull data cleansing
bull Log filtering
bull indexing and searching
bull Log routing
AWS Cloud Kata for Start-Ups and Developers
Use case mobile backend1 AWS Mobile SDK + Amazon Cognito for mobile app
Or AWS IoT for devices
2 AWS Lambda runs the code
3 Amazon API Gateway (if you want your own endpoint)
4 Amazon DynamoDB holds the data
AWS LambdaAmazon
DynamoDB
AWS Cloud Kata for Start-Ups and Developers
Use case Serverless web apps
1 Amazon S3 for serving static content
2 AWS Lambda for dynamic content
3 Amazon API Gateway for https access
4 Amazon DynamoDB for NoSQL data storage
Dynamic content
in AWS Lambda
Data stored in
Amazon
DynamoDB
API GatewayStatic content in
Amazon S3
AWS Cloud Kata for Start-Ups and Developers
Use case Alexa apps + Slack = serverless bots
Alexa tell Slack to
send ldquoIrsquom giving the
demo nowrdquo
Message retrieval through scheduled
polling
Kevin says
ldquoBreak a legrdquo
Message upload
(via Slack API)
Team
(channel users)
Slack
AWS Cloud Kata for Start-Ups and Developers
Additional scenarios
Cognito
CloudFormationLambda
Lambda
SNS Lambda
LambdaDynamoDB
AWS Cloud Kata for Start-Ups and Developers
DEMO
AWS Cloud Kata for Start-Ups and Developers
1 Image uploading service
2 Image processing service
Face wall service
Dashboard service
3 Data feed services
Input
Image
S3
S3
Output
Image
Metadata DB
App Metric
Lambda
Camera uploads photos with AWS SDK to S3
S3 triggers Lambda event
Lambda function detects faces outputs cropped
images to S3 and stores metadata in DynamoDB
Web application pulls data from face wall and
dashboard services through API gateway which
triggers Lambda function
$$ charged by
Exec time per 100ms
Storage per GB
Number of requests
ReadWrite throughput
AWS Cloud Kata for Start-Ups and Developers
Recent launches and
best practices
AWS Cloud Kata for Start-Ups and Developers
reInvent 2015
bull Python
bull Scheduled functions
bull Longer running times (5 min)
bull Versioning
Recent launches
Since reInventbull Higher code storage limits (from 5 GB to
75 GB)
bull Custom VPC
bull 1-minute schedules
bull New regional launch
bull Nodejs 432
bull 1-click CORs setup
bull Stage variables
bull Custom (Lambda) authorizers
bull Builtin Swagger importexport
bull AWS CloudFormation support for API Gateway and versions
AWS Cloud Kata for Start-Ups and Developers
Function schedules The how-to guide
How can I keep a function warm (no cold starts)
Schedule it
How can I poll a queue (like SQS)
Schedule a function to read the queue
How can I get more timers
Have one scheduled function async invoke other functions
How can I get granularity finer than 1 minute
Run a background timer in your scheduled function
AWS Cloud Kata for Start-Ups and Developers
Function versioning The how-to guide
How can I get mutable configuration info
Read it (eg from DynamoDB) during function initialization
Wrap your config in a function and call it from your published code
How do I ldquoroll backrdquo in AWS Lambda
Using aliases just switch what the alias points to
(As a collection add API Gateway andor CloudFormation)
How do I do bluegreen deployments
AWS Lambda handles fleet deployments but if you want to shape
traffic put a second ldquotraffic coprdquo function in front
How can I lock a clientdevice onto an old version
Point them directly to that versionrsquos ARN
AWS Cloud Kata for Start-Ups and Developers
AWS Lambda VPC basics
All Lambda functions run in a VPC all the time
You never need to ldquoturn onrdquo security ndash itrsquos always on
You can also grant Lambda functions access to resources in your own VPC
How Add VPC subnet IDs and security group IDs to the function config
Typical uses RDB ElastiCache private EC2 endpoints
Allows access to peered VPCs VPN endpoints and private S3 endpoints
Functions configured for VPC access lose internet accesshellip
unless you have managed NAT or a NAT instance in the VPC
hellipEven if you have ldquoAuto-assign Public IPrdquo enabled
hellipEven if you have an internet gateway set up in your VPC
hellipEven if your security group allows all outbound traffic
AWS Cloud Kata for Start-Ups and Developers
AWS Lambda VPC Best practices
VPC is optional ndash donrsquot turn in on unless you need it
The ENIs used by Lambdarsquos VPC feature count against your quota
Ensure you have enough to match your peak concurrency levels (wersquoll consolidate where we can)
DO NOT delete or rename these ENIs
Ensure your subnets have enough IPs for those ENIs
Specify at least one subnet in each Availability ZoneOtherwise Lambda will obey but canrsquot be as fault-tolerant
AWS Cloud Kata for Start-Ups and Developers
Container
ECS
Cluster
Task amp Service
AWS CLI or ECS CLI
Summary
Serverless
Lambda
Use cases
Best practices
New feature
AWS Cloud Kata for Start-Ups and Developers
Hong
Kong
Thank you
AWS Cloud Kata for Start-Ups and Developers
Typical User Workflow
Push Image(s)
Amazon ECR
Docker Hub
Or
AWS Cloud Kata for Start-Ups and Developers
Typical User Workflow
Create Task Definition Amazon ECS
Task Definition
- Image
- CPU memory
- Port mapping
- CMD
AWS Cloud Kata for Start-Ups and Developers
Typical User Workflow
Run Instances EC2
Use custom AMI with
Docker support and
ECS Agent Instances
will register with
default cluster
AWS Cloud Kata for Start-Ups and Developers
Typical User Workflow
Describe Cluster Amazon ECS
Get information about
cluster state and
available resources
AWS Cloud Kata for Start-Ups and Developers
Typical User Workflow
Run Task
or
Create Service
Amazon ECS
Using the task definition
created above
AWS Cloud Kata for Start-Ups and Developers
Typical User Workflow
Amazon ECSDescribe Cluster
Get information about
cluster state and
running containers
AWS Cloud Kata for Start-Ups and Developers
DEMO
AWS Cloud Kata for Start-Ups and Developers
Command
aws elb create-load-balancer --cli-input-json fileelb-ecsjson
aws ecs create-cluster --cluster-name ecs-demo
aws autoscaling create-launch-configuration --cli-input-json filelaunch-configjson --user-data fileuserdatatxt
aws autoscaling create-auto-scaling-group --cli-input-json fileauto-scaling-groupjson
aws ecs list-container-instances --cluster ecs-demo
docker build -t dicksonyuekata-demov5
docker run -d -p 80808080 dicksonyuekata-demov5
docker push
aws ecs register-task-definition --cli-input-json fileecs-taskjson
aws ecs update-service --cluster ecs-demo --service vote-app-service --desired-count 2 --task-definition kata-demo-task5
AWS Cloud Kata for Start-Ups and Developers
Task
family vote-app-task
containerDefinitions [
name rdquokata-demo-container
image dicksonyuekata-demov2
cpu 10
memory 500
portMappings [
containerPort 8080
hostPort 8080
]
essential true
command [
npm start
]
]
AWS Cloud Kata for Start-Ups and Developers
Service
cluster ecs-demo
serviceName vote-app-service
taskDefinition vote-app-task
loadBalancers [
loadBalancerName ecs-demo-ecs-elb
containerName rdquokata-demo-container
containerPort 8080
]
desiredCount 1
role ecsServiceRolerdquo
AWS Cloud Kata for Start-Ups and Developers
Serverless
AWS Cloud Kata for Start-Ups and Developers
2) Continuous Scaling 1) No Servers to Manage
AWS Lambda automatically scales your application by running code in response to each trigger Your code runs in parallel and processes each trigger individually scaling
precisely with the size of the workload
3) Subsecond Metering
With AWS Lambda you are charged for every 100ms your code executes and the number of times your code is triggered You dont pay anything when your code
isnt running
AWS Lambda automatically runs your code without requiring you to provision or
manage servers Just write the code and upload it to Lambda
Benefits of AWS Lambda
AWS Cloud Kata for Start-Ups and Developers
How Lambda works
S3 event
notifications
DynamoDB
StreamsKinesis
events
Cognito
eventsSNS
events
Custom
events
CloudTrail
events LambdaDynamoDB
Kinesis S3
Any custom
Redshift
SNS
Any AWS
AWS Cloud Kata for Start-Ups and Developers
AWS Lambda API Gateway and AWS IoT
regions
Available regions
Singapore
Sydney
AWS Cloud Kata for Start-Ups and Developers
Lambda usage scenarios
AWS Cloud Kata for Start-Ups and Developers
Use case Data processing
Example Amazon S3 bucket triggers
Amazon S3 bucket events
Original objectCompressed object
1
2
3
AWS Lambda
AWS Cloud Kata for Start-Ups and Developers
Use case Dynamic data ingestion
ldquoI want to apply custom logic to process content being uploaded to my data storerdquo
bull PDF watermarking
bull Image thumbnailing and transcoding
bull Document metadata Indexing
bull Log aggregation and filtering
bull RSS feed processing
bull Media content validation
AWS Cloud Kata for Start-Ups and Developers
Use case Realtime data stream processing Amazon Kinesis
ldquoI want to apply custom logic to process logs being uploaded through my Kinesis streamrdquo
bull Client activity tracking
bull metrics generation
bull data cleansing
bull Log filtering
bull indexing and searching
bull Log routing
AWS Cloud Kata for Start-Ups and Developers
Use case mobile backend1 AWS Mobile SDK + Amazon Cognito for mobile app
Or AWS IoT for devices
2 AWS Lambda runs the code
3 Amazon API Gateway (if you want your own endpoint)
4 Amazon DynamoDB holds the data
AWS LambdaAmazon
DynamoDB
AWS Cloud Kata for Start-Ups and Developers
Use case Serverless web apps
1 Amazon S3 for serving static content
2 AWS Lambda for dynamic content
3 Amazon API Gateway for https access
4 Amazon DynamoDB for NoSQL data storage
Dynamic content
in AWS Lambda
Data stored in
Amazon
DynamoDB
API GatewayStatic content in
Amazon S3
AWS Cloud Kata for Start-Ups and Developers
Use case Alexa apps + Slack = serverless bots
Alexa tell Slack to
send ldquoIrsquom giving the
demo nowrdquo
Message retrieval through scheduled
polling
Kevin says
ldquoBreak a legrdquo
Message upload
(via Slack API)
Team
(channel users)
Slack
AWS Cloud Kata for Start-Ups and Developers
Additional scenarios
Cognito
CloudFormationLambda
Lambda
SNS Lambda
LambdaDynamoDB
AWS Cloud Kata for Start-Ups and Developers
DEMO
AWS Cloud Kata for Start-Ups and Developers
1 Image uploading service
2 Image processing service
Face wall service
Dashboard service
3 Data feed services
Input
Image
S3
S3
Output
Image
Metadata DB
App Metric
Lambda
Camera uploads photos with AWS SDK to S3
S3 triggers Lambda event
Lambda function detects faces outputs cropped
images to S3 and stores metadata in DynamoDB
Web application pulls data from face wall and
dashboard services through API gateway which
triggers Lambda function
$$ charged by
Exec time per 100ms
Storage per GB
Number of requests
ReadWrite throughput
AWS Cloud Kata for Start-Ups and Developers
Recent launches and
best practices
AWS Cloud Kata for Start-Ups and Developers
reInvent 2015
bull Python
bull Scheduled functions
bull Longer running times (5 min)
bull Versioning
Recent launches
Since reInventbull Higher code storage limits (from 5 GB to
75 GB)
bull Custom VPC
bull 1-minute schedules
bull New regional launch
bull Nodejs 432
bull 1-click CORs setup
bull Stage variables
bull Custom (Lambda) authorizers
bull Builtin Swagger importexport
bull AWS CloudFormation support for API Gateway and versions
AWS Cloud Kata for Start-Ups and Developers
Function schedules The how-to guide
How can I keep a function warm (no cold starts)
Schedule it
How can I poll a queue (like SQS)
Schedule a function to read the queue
How can I get more timers
Have one scheduled function async invoke other functions
How can I get granularity finer than 1 minute
Run a background timer in your scheduled function
AWS Cloud Kata for Start-Ups and Developers
Function versioning The how-to guide
How can I get mutable configuration info
Read it (eg from DynamoDB) during function initialization
Wrap your config in a function and call it from your published code
How do I ldquoroll backrdquo in AWS Lambda
Using aliases just switch what the alias points to
(As a collection add API Gateway andor CloudFormation)
How do I do bluegreen deployments
AWS Lambda handles fleet deployments but if you want to shape
traffic put a second ldquotraffic coprdquo function in front
How can I lock a clientdevice onto an old version
Point them directly to that versionrsquos ARN
AWS Cloud Kata for Start-Ups and Developers
AWS Lambda VPC basics
All Lambda functions run in a VPC all the time
You never need to ldquoturn onrdquo security ndash itrsquos always on
You can also grant Lambda functions access to resources in your own VPC
How Add VPC subnet IDs and security group IDs to the function config
Typical uses RDB ElastiCache private EC2 endpoints
Allows access to peered VPCs VPN endpoints and private S3 endpoints
Functions configured for VPC access lose internet accesshellip
unless you have managed NAT or a NAT instance in the VPC
hellipEven if you have ldquoAuto-assign Public IPrdquo enabled
hellipEven if you have an internet gateway set up in your VPC
hellipEven if your security group allows all outbound traffic
AWS Cloud Kata for Start-Ups and Developers
AWS Lambda VPC Best practices
VPC is optional ndash donrsquot turn in on unless you need it
The ENIs used by Lambdarsquos VPC feature count against your quota
Ensure you have enough to match your peak concurrency levels (wersquoll consolidate where we can)
DO NOT delete or rename these ENIs
Ensure your subnets have enough IPs for those ENIs
Specify at least one subnet in each Availability ZoneOtherwise Lambda will obey but canrsquot be as fault-tolerant
AWS Cloud Kata for Start-Ups and Developers
Container
ECS
Cluster
Task amp Service
AWS CLI or ECS CLI
Summary
Serverless
Lambda
Use cases
Best practices
New feature
AWS Cloud Kata for Start-Ups and Developers
Hong
Kong
Thank you
AWS Cloud Kata for Start-Ups and Developers
Typical User Workflow
Create Task Definition Amazon ECS
Task Definition
- Image
- CPU memory
- Port mapping
- CMD
AWS Cloud Kata for Start-Ups and Developers
Typical User Workflow
Run Instances EC2
Use custom AMI with
Docker support and
ECS Agent Instances
will register with
default cluster
AWS Cloud Kata for Start-Ups and Developers
Typical User Workflow
Describe Cluster Amazon ECS
Get information about
cluster state and
available resources
AWS Cloud Kata for Start-Ups and Developers
Typical User Workflow
Run Task
or
Create Service
Amazon ECS
Using the task definition
created above
AWS Cloud Kata for Start-Ups and Developers
Typical User Workflow
Amazon ECSDescribe Cluster
Get information about
cluster state and
running containers
AWS Cloud Kata for Start-Ups and Developers
DEMO
AWS Cloud Kata for Start-Ups and Developers
Command
aws elb create-load-balancer --cli-input-json fileelb-ecsjson
aws ecs create-cluster --cluster-name ecs-demo
aws autoscaling create-launch-configuration --cli-input-json filelaunch-configjson --user-data fileuserdatatxt
aws autoscaling create-auto-scaling-group --cli-input-json fileauto-scaling-groupjson
aws ecs list-container-instances --cluster ecs-demo
docker build -t dicksonyuekata-demov5
docker run -d -p 80808080 dicksonyuekata-demov5
docker push
aws ecs register-task-definition --cli-input-json fileecs-taskjson
aws ecs update-service --cluster ecs-demo --service vote-app-service --desired-count 2 --task-definition kata-demo-task5
AWS Cloud Kata for Start-Ups and Developers
Task
family vote-app-task
containerDefinitions [
name rdquokata-demo-container
image dicksonyuekata-demov2
cpu 10
memory 500
portMappings [
containerPort 8080
hostPort 8080
]
essential true
command [
npm start
]
]
AWS Cloud Kata for Start-Ups and Developers
Service
cluster ecs-demo
serviceName vote-app-service
taskDefinition vote-app-task
loadBalancers [
loadBalancerName ecs-demo-ecs-elb
containerName rdquokata-demo-container
containerPort 8080
]
desiredCount 1
role ecsServiceRolerdquo
AWS Cloud Kata for Start-Ups and Developers
Serverless
AWS Cloud Kata for Start-Ups and Developers
2) Continuous Scaling 1) No Servers to Manage
AWS Lambda automatically scales your application by running code in response to each trigger Your code runs in parallel and processes each trigger individually scaling
precisely with the size of the workload
3) Subsecond Metering
With AWS Lambda you are charged for every 100ms your code executes and the number of times your code is triggered You dont pay anything when your code
isnt running
AWS Lambda automatically runs your code without requiring you to provision or
manage servers Just write the code and upload it to Lambda
Benefits of AWS Lambda
AWS Cloud Kata for Start-Ups and Developers
How Lambda works
S3 event
notifications
DynamoDB
StreamsKinesis
events
Cognito
eventsSNS
events
Custom
events
CloudTrail
events LambdaDynamoDB
Kinesis S3
Any custom
Redshift
SNS
Any AWS
AWS Cloud Kata for Start-Ups and Developers
AWS Lambda API Gateway and AWS IoT
regions
Available regions
Singapore
Sydney
AWS Cloud Kata for Start-Ups and Developers
Lambda usage scenarios
AWS Cloud Kata for Start-Ups and Developers
Use case Data processing
Example Amazon S3 bucket triggers
Amazon S3 bucket events
Original objectCompressed object
1
2
3
AWS Lambda
AWS Cloud Kata for Start-Ups and Developers
Use case Dynamic data ingestion
ldquoI want to apply custom logic to process content being uploaded to my data storerdquo
bull PDF watermarking
bull Image thumbnailing and transcoding
bull Document metadata Indexing
bull Log aggregation and filtering
bull RSS feed processing
bull Media content validation
AWS Cloud Kata for Start-Ups and Developers
Use case Realtime data stream processing Amazon Kinesis
ldquoI want to apply custom logic to process logs being uploaded through my Kinesis streamrdquo
bull Client activity tracking
bull metrics generation
bull data cleansing
bull Log filtering
bull indexing and searching
bull Log routing
AWS Cloud Kata for Start-Ups and Developers
Use case mobile backend1 AWS Mobile SDK + Amazon Cognito for mobile app
Or AWS IoT for devices
2 AWS Lambda runs the code
3 Amazon API Gateway (if you want your own endpoint)
4 Amazon DynamoDB holds the data
AWS LambdaAmazon
DynamoDB
AWS Cloud Kata for Start-Ups and Developers
Use case Serverless web apps
1 Amazon S3 for serving static content
2 AWS Lambda for dynamic content
3 Amazon API Gateway for https access
4 Amazon DynamoDB for NoSQL data storage
Dynamic content
in AWS Lambda
Data stored in
Amazon
DynamoDB
API GatewayStatic content in
Amazon S3
AWS Cloud Kata for Start-Ups and Developers
Use case Alexa apps + Slack = serverless bots
Alexa tell Slack to
send ldquoIrsquom giving the
demo nowrdquo
Message retrieval through scheduled
polling
Kevin says
ldquoBreak a legrdquo
Message upload
(via Slack API)
Team
(channel users)
Slack
AWS Cloud Kata for Start-Ups and Developers
Additional scenarios
Cognito
CloudFormationLambda
Lambda
SNS Lambda
LambdaDynamoDB
AWS Cloud Kata for Start-Ups and Developers
DEMO
AWS Cloud Kata for Start-Ups and Developers
1 Image uploading service
2 Image processing service
Face wall service
Dashboard service
3 Data feed services
Input
Image
S3
S3
Output
Image
Metadata DB
App Metric
Lambda
Camera uploads photos with AWS SDK to S3
S3 triggers Lambda event
Lambda function detects faces outputs cropped
images to S3 and stores metadata in DynamoDB
Web application pulls data from face wall and
dashboard services through API gateway which
triggers Lambda function
$$ charged by
Exec time per 100ms
Storage per GB
Number of requests
ReadWrite throughput
AWS Cloud Kata for Start-Ups and Developers
Recent launches and
best practices
AWS Cloud Kata for Start-Ups and Developers
reInvent 2015
bull Python
bull Scheduled functions
bull Longer running times (5 min)
bull Versioning
Recent launches
Since reInventbull Higher code storage limits (from 5 GB to
75 GB)
bull Custom VPC
bull 1-minute schedules
bull New regional launch
bull Nodejs 432
bull 1-click CORs setup
bull Stage variables
bull Custom (Lambda) authorizers
bull Builtin Swagger importexport
bull AWS CloudFormation support for API Gateway and versions
AWS Cloud Kata for Start-Ups and Developers
Function schedules The how-to guide
How can I keep a function warm (no cold starts)
Schedule it
How can I poll a queue (like SQS)
Schedule a function to read the queue
How can I get more timers
Have one scheduled function async invoke other functions
How can I get granularity finer than 1 minute
Run a background timer in your scheduled function
AWS Cloud Kata for Start-Ups and Developers
Function versioning The how-to guide
How can I get mutable configuration info
Read it (eg from DynamoDB) during function initialization
Wrap your config in a function and call it from your published code
How do I ldquoroll backrdquo in AWS Lambda
Using aliases just switch what the alias points to
(As a collection add API Gateway andor CloudFormation)
How do I do bluegreen deployments
AWS Lambda handles fleet deployments but if you want to shape
traffic put a second ldquotraffic coprdquo function in front
How can I lock a clientdevice onto an old version
Point them directly to that versionrsquos ARN
AWS Cloud Kata for Start-Ups and Developers
AWS Lambda VPC basics
All Lambda functions run in a VPC all the time
You never need to ldquoturn onrdquo security ndash itrsquos always on
You can also grant Lambda functions access to resources in your own VPC
How Add VPC subnet IDs and security group IDs to the function config
Typical uses RDB ElastiCache private EC2 endpoints
Allows access to peered VPCs VPN endpoints and private S3 endpoints
Functions configured for VPC access lose internet accesshellip
unless you have managed NAT or a NAT instance in the VPC
hellipEven if you have ldquoAuto-assign Public IPrdquo enabled
hellipEven if you have an internet gateway set up in your VPC
hellipEven if your security group allows all outbound traffic
AWS Cloud Kata for Start-Ups and Developers
AWS Lambda VPC Best practices
VPC is optional ndash donrsquot turn in on unless you need it
The ENIs used by Lambdarsquos VPC feature count against your quota
Ensure you have enough to match your peak concurrency levels (wersquoll consolidate where we can)
DO NOT delete or rename these ENIs
Ensure your subnets have enough IPs for those ENIs
Specify at least one subnet in each Availability ZoneOtherwise Lambda will obey but canrsquot be as fault-tolerant
AWS Cloud Kata for Start-Ups and Developers
Container
ECS
Cluster
Task amp Service
AWS CLI or ECS CLI
Summary
Serverless
Lambda
Use cases
Best practices
New feature
AWS Cloud Kata for Start-Ups and Developers
Hong
Kong
Thank you
AWS Cloud Kata for Start-Ups and Developers
Typical User Workflow
Run Instances EC2
Use custom AMI with
Docker support and
ECS Agent Instances
will register with
default cluster
AWS Cloud Kata for Start-Ups and Developers
Typical User Workflow
Describe Cluster Amazon ECS
Get information about
cluster state and
available resources
AWS Cloud Kata for Start-Ups and Developers
Typical User Workflow
Run Task
or
Create Service
Amazon ECS
Using the task definition
created above
AWS Cloud Kata for Start-Ups and Developers
Typical User Workflow
Amazon ECSDescribe Cluster
Get information about
cluster state and
running containers
AWS Cloud Kata for Start-Ups and Developers
DEMO
AWS Cloud Kata for Start-Ups and Developers
Command
aws elb create-load-balancer --cli-input-json fileelb-ecsjson
aws ecs create-cluster --cluster-name ecs-demo
aws autoscaling create-launch-configuration --cli-input-json filelaunch-configjson --user-data fileuserdatatxt
aws autoscaling create-auto-scaling-group --cli-input-json fileauto-scaling-groupjson
aws ecs list-container-instances --cluster ecs-demo
docker build -t dicksonyuekata-demov5
docker run -d -p 80808080 dicksonyuekata-demov5
docker push
aws ecs register-task-definition --cli-input-json fileecs-taskjson
aws ecs update-service --cluster ecs-demo --service vote-app-service --desired-count 2 --task-definition kata-demo-task5
AWS Cloud Kata for Start-Ups and Developers
Task
family vote-app-task
containerDefinitions [
name rdquokata-demo-container
image dicksonyuekata-demov2
cpu 10
memory 500
portMappings [
containerPort 8080
hostPort 8080
]
essential true
command [
npm start
]
]
AWS Cloud Kata for Start-Ups and Developers
Service
cluster ecs-demo
serviceName vote-app-service
taskDefinition vote-app-task
loadBalancers [
loadBalancerName ecs-demo-ecs-elb
containerName rdquokata-demo-container
containerPort 8080
]
desiredCount 1
role ecsServiceRolerdquo
AWS Cloud Kata for Start-Ups and Developers
Serverless
AWS Cloud Kata for Start-Ups and Developers
2) Continuous Scaling 1) No Servers to Manage
AWS Lambda automatically scales your application by running code in response to each trigger Your code runs in parallel and processes each trigger individually scaling
precisely with the size of the workload
3) Subsecond Metering
With AWS Lambda you are charged for every 100ms your code executes and the number of times your code is triggered You dont pay anything when your code
isnt running
AWS Lambda automatically runs your code without requiring you to provision or
manage servers Just write the code and upload it to Lambda
Benefits of AWS Lambda
AWS Cloud Kata for Start-Ups and Developers
How Lambda works
S3 event
notifications
DynamoDB
StreamsKinesis
events
Cognito
eventsSNS
events
Custom
events
CloudTrail
events LambdaDynamoDB
Kinesis S3
Any custom
Redshift
SNS
Any AWS
AWS Cloud Kata for Start-Ups and Developers
AWS Lambda API Gateway and AWS IoT
regions
Available regions
Singapore
Sydney
AWS Cloud Kata for Start-Ups and Developers
Lambda usage scenarios
AWS Cloud Kata for Start-Ups and Developers
Use case Data processing
Example Amazon S3 bucket triggers
Amazon S3 bucket events
Original objectCompressed object
1
2
3
AWS Lambda
AWS Cloud Kata for Start-Ups and Developers
Use case Dynamic data ingestion
ldquoI want to apply custom logic to process content being uploaded to my data storerdquo
bull PDF watermarking
bull Image thumbnailing and transcoding
bull Document metadata Indexing
bull Log aggregation and filtering
bull RSS feed processing
bull Media content validation
AWS Cloud Kata for Start-Ups and Developers
Use case Realtime data stream processing Amazon Kinesis
ldquoI want to apply custom logic to process logs being uploaded through my Kinesis streamrdquo
bull Client activity tracking
bull metrics generation
bull data cleansing
bull Log filtering
bull indexing and searching
bull Log routing
AWS Cloud Kata for Start-Ups and Developers
Use case mobile backend1 AWS Mobile SDK + Amazon Cognito for mobile app
Or AWS IoT for devices
2 AWS Lambda runs the code
3 Amazon API Gateway (if you want your own endpoint)
4 Amazon DynamoDB holds the data
AWS LambdaAmazon
DynamoDB
AWS Cloud Kata for Start-Ups and Developers
Use case Serverless web apps
1 Amazon S3 for serving static content
2 AWS Lambda for dynamic content
3 Amazon API Gateway for https access
4 Amazon DynamoDB for NoSQL data storage
Dynamic content
in AWS Lambda
Data stored in
Amazon
DynamoDB
API GatewayStatic content in
Amazon S3
AWS Cloud Kata for Start-Ups and Developers
Use case Alexa apps + Slack = serverless bots
Alexa tell Slack to
send ldquoIrsquom giving the
demo nowrdquo
Message retrieval through scheduled
polling
Kevin says
ldquoBreak a legrdquo
Message upload
(via Slack API)
Team
(channel users)
Slack
AWS Cloud Kata for Start-Ups and Developers
Additional scenarios
Cognito
CloudFormationLambda
Lambda
SNS Lambda
LambdaDynamoDB
AWS Cloud Kata for Start-Ups and Developers
DEMO
AWS Cloud Kata for Start-Ups and Developers
1 Image uploading service
2 Image processing service
Face wall service
Dashboard service
3 Data feed services
Input
Image
S3
S3
Output
Image
Metadata DB
App Metric
Lambda
Camera uploads photos with AWS SDK to S3
S3 triggers Lambda event
Lambda function detects faces outputs cropped
images to S3 and stores metadata in DynamoDB
Web application pulls data from face wall and
dashboard services through API gateway which
triggers Lambda function
$$ charged by
Exec time per 100ms
Storage per GB
Number of requests
ReadWrite throughput
AWS Cloud Kata for Start-Ups and Developers
Recent launches and
best practices
AWS Cloud Kata for Start-Ups and Developers
reInvent 2015
bull Python
bull Scheduled functions
bull Longer running times (5 min)
bull Versioning
Recent launches
Since reInventbull Higher code storage limits (from 5 GB to
75 GB)
bull Custom VPC
bull 1-minute schedules
bull New regional launch
bull Nodejs 432
bull 1-click CORs setup
bull Stage variables
bull Custom (Lambda) authorizers
bull Builtin Swagger importexport
bull AWS CloudFormation support for API Gateway and versions
AWS Cloud Kata for Start-Ups and Developers
Function schedules The how-to guide
How can I keep a function warm (no cold starts)
Schedule it
How can I poll a queue (like SQS)
Schedule a function to read the queue
How can I get more timers
Have one scheduled function async invoke other functions
How can I get granularity finer than 1 minute
Run a background timer in your scheduled function
AWS Cloud Kata for Start-Ups and Developers
Function versioning The how-to guide
How can I get mutable configuration info
Read it (eg from DynamoDB) during function initialization
Wrap your config in a function and call it from your published code
How do I ldquoroll backrdquo in AWS Lambda
Using aliases just switch what the alias points to
(As a collection add API Gateway andor CloudFormation)
How do I do bluegreen deployments
AWS Lambda handles fleet deployments but if you want to shape
traffic put a second ldquotraffic coprdquo function in front
How can I lock a clientdevice onto an old version
Point them directly to that versionrsquos ARN
AWS Cloud Kata for Start-Ups and Developers
AWS Lambda VPC basics
All Lambda functions run in a VPC all the time
You never need to ldquoturn onrdquo security ndash itrsquos always on
You can also grant Lambda functions access to resources in your own VPC
How Add VPC subnet IDs and security group IDs to the function config
Typical uses RDB ElastiCache private EC2 endpoints
Allows access to peered VPCs VPN endpoints and private S3 endpoints
Functions configured for VPC access lose internet accesshellip
unless you have managed NAT or a NAT instance in the VPC
hellipEven if you have ldquoAuto-assign Public IPrdquo enabled
hellipEven if you have an internet gateway set up in your VPC
hellipEven if your security group allows all outbound traffic
AWS Cloud Kata for Start-Ups and Developers
AWS Lambda VPC Best practices
VPC is optional ndash donrsquot turn in on unless you need it
The ENIs used by Lambdarsquos VPC feature count against your quota
Ensure you have enough to match your peak concurrency levels (wersquoll consolidate where we can)
DO NOT delete or rename these ENIs
Ensure your subnets have enough IPs for those ENIs
Specify at least one subnet in each Availability ZoneOtherwise Lambda will obey but canrsquot be as fault-tolerant
AWS Cloud Kata for Start-Ups and Developers
Container
ECS
Cluster
Task amp Service
AWS CLI or ECS CLI
Summary
Serverless
Lambda
Use cases
Best practices
New feature
AWS Cloud Kata for Start-Ups and Developers
Hong
Kong
Thank you
AWS Cloud Kata for Start-Ups and Developers
Typical User Workflow
Describe Cluster Amazon ECS
Get information about
cluster state and
available resources
AWS Cloud Kata for Start-Ups and Developers
Typical User Workflow
Run Task
or
Create Service
Amazon ECS
Using the task definition
created above
AWS Cloud Kata for Start-Ups and Developers
Typical User Workflow
Amazon ECSDescribe Cluster
Get information about
cluster state and
running containers
AWS Cloud Kata for Start-Ups and Developers
DEMO
AWS Cloud Kata for Start-Ups and Developers
Command
aws elb create-load-balancer --cli-input-json fileelb-ecsjson
aws ecs create-cluster --cluster-name ecs-demo
aws autoscaling create-launch-configuration --cli-input-json filelaunch-configjson --user-data fileuserdatatxt
aws autoscaling create-auto-scaling-group --cli-input-json fileauto-scaling-groupjson
aws ecs list-container-instances --cluster ecs-demo
docker build -t dicksonyuekata-demov5
docker run -d -p 80808080 dicksonyuekata-demov5
docker push
aws ecs register-task-definition --cli-input-json fileecs-taskjson
aws ecs update-service --cluster ecs-demo --service vote-app-service --desired-count 2 --task-definition kata-demo-task5
AWS Cloud Kata for Start-Ups and Developers
Task
family vote-app-task
containerDefinitions [
name rdquokata-demo-container
image dicksonyuekata-demov2
cpu 10
memory 500
portMappings [
containerPort 8080
hostPort 8080
]
essential true
command [
npm start
]
]
AWS Cloud Kata for Start-Ups and Developers
Service
cluster ecs-demo
serviceName vote-app-service
taskDefinition vote-app-task
loadBalancers [
loadBalancerName ecs-demo-ecs-elb
containerName rdquokata-demo-container
containerPort 8080
]
desiredCount 1
role ecsServiceRolerdquo
AWS Cloud Kata for Start-Ups and Developers
Serverless
AWS Cloud Kata for Start-Ups and Developers
2) Continuous Scaling 1) No Servers to Manage
AWS Lambda automatically scales your application by running code in response to each trigger Your code runs in parallel and processes each trigger individually scaling
precisely with the size of the workload
3) Subsecond Metering
With AWS Lambda you are charged for every 100ms your code executes and the number of times your code is triggered You dont pay anything when your code
isnt running
AWS Lambda automatically runs your code without requiring you to provision or
manage servers Just write the code and upload it to Lambda
Benefits of AWS Lambda
AWS Cloud Kata for Start-Ups and Developers
How Lambda works
S3 event
notifications
DynamoDB
StreamsKinesis
events
Cognito
eventsSNS
events
Custom
events
CloudTrail
events LambdaDynamoDB
Kinesis S3
Any custom
Redshift
SNS
Any AWS
AWS Cloud Kata for Start-Ups and Developers
AWS Lambda API Gateway and AWS IoT
regions
Available regions
Singapore
Sydney
AWS Cloud Kata for Start-Ups and Developers
Lambda usage scenarios
AWS Cloud Kata for Start-Ups and Developers
Use case Data processing
Example Amazon S3 bucket triggers
Amazon S3 bucket events
Original objectCompressed object
1
2
3
AWS Lambda
AWS Cloud Kata for Start-Ups and Developers
Use case Dynamic data ingestion
ldquoI want to apply custom logic to process content being uploaded to my data storerdquo
bull PDF watermarking
bull Image thumbnailing and transcoding
bull Document metadata Indexing
bull Log aggregation and filtering
bull RSS feed processing
bull Media content validation
AWS Cloud Kata for Start-Ups and Developers
Use case Realtime data stream processing Amazon Kinesis
ldquoI want to apply custom logic to process logs being uploaded through my Kinesis streamrdquo
bull Client activity tracking
bull metrics generation
bull data cleansing
bull Log filtering
bull indexing and searching
bull Log routing
AWS Cloud Kata for Start-Ups and Developers
Use case mobile backend1 AWS Mobile SDK + Amazon Cognito for mobile app
Or AWS IoT for devices
2 AWS Lambda runs the code
3 Amazon API Gateway (if you want your own endpoint)
4 Amazon DynamoDB holds the data
AWS LambdaAmazon
DynamoDB
AWS Cloud Kata for Start-Ups and Developers
Use case Serverless web apps
1 Amazon S3 for serving static content
2 AWS Lambda for dynamic content
3 Amazon API Gateway for https access
4 Amazon DynamoDB for NoSQL data storage
Dynamic content
in AWS Lambda
Data stored in
Amazon
DynamoDB
API GatewayStatic content in
Amazon S3
AWS Cloud Kata for Start-Ups and Developers
Use case Alexa apps + Slack = serverless bots
Alexa tell Slack to
send ldquoIrsquom giving the
demo nowrdquo
Message retrieval through scheduled
polling
Kevin says
ldquoBreak a legrdquo
Message upload
(via Slack API)
Team
(channel users)
Slack
AWS Cloud Kata for Start-Ups and Developers
Additional scenarios
Cognito
CloudFormationLambda
Lambda
SNS Lambda
LambdaDynamoDB
AWS Cloud Kata for Start-Ups and Developers
DEMO
AWS Cloud Kata for Start-Ups and Developers
1 Image uploading service
2 Image processing service
Face wall service
Dashboard service
3 Data feed services
Input
Image
S3
S3
Output
Image
Metadata DB
App Metric
Lambda
Camera uploads photos with AWS SDK to S3
S3 triggers Lambda event
Lambda function detects faces outputs cropped
images to S3 and stores metadata in DynamoDB
Web application pulls data from face wall and
dashboard services through API gateway which
triggers Lambda function
$$ charged by
Exec time per 100ms
Storage per GB
Number of requests
ReadWrite throughput
AWS Cloud Kata for Start-Ups and Developers
Recent launches and
best practices
AWS Cloud Kata for Start-Ups and Developers
reInvent 2015
bull Python
bull Scheduled functions
bull Longer running times (5 min)
bull Versioning
Recent launches
Since reInventbull Higher code storage limits (from 5 GB to
75 GB)
bull Custom VPC
bull 1-minute schedules
bull New regional launch
bull Nodejs 432
bull 1-click CORs setup
bull Stage variables
bull Custom (Lambda) authorizers
bull Builtin Swagger importexport
bull AWS CloudFormation support for API Gateway and versions
AWS Cloud Kata for Start-Ups and Developers
Function schedules The how-to guide
How can I keep a function warm (no cold starts)
Schedule it
How can I poll a queue (like SQS)
Schedule a function to read the queue
How can I get more timers
Have one scheduled function async invoke other functions
How can I get granularity finer than 1 minute
Run a background timer in your scheduled function
AWS Cloud Kata for Start-Ups and Developers
Function versioning The how-to guide
How can I get mutable configuration info
Read it (eg from DynamoDB) during function initialization
Wrap your config in a function and call it from your published code
How do I ldquoroll backrdquo in AWS Lambda
Using aliases just switch what the alias points to
(As a collection add API Gateway andor CloudFormation)
How do I do bluegreen deployments
AWS Lambda handles fleet deployments but if you want to shape
traffic put a second ldquotraffic coprdquo function in front
How can I lock a clientdevice onto an old version
Point them directly to that versionrsquos ARN
AWS Cloud Kata for Start-Ups and Developers
AWS Lambda VPC basics
All Lambda functions run in a VPC all the time
You never need to ldquoturn onrdquo security ndash itrsquos always on
You can also grant Lambda functions access to resources in your own VPC
How Add VPC subnet IDs and security group IDs to the function config
Typical uses RDB ElastiCache private EC2 endpoints
Allows access to peered VPCs VPN endpoints and private S3 endpoints
Functions configured for VPC access lose internet accesshellip
unless you have managed NAT or a NAT instance in the VPC
hellipEven if you have ldquoAuto-assign Public IPrdquo enabled
hellipEven if you have an internet gateway set up in your VPC
hellipEven if your security group allows all outbound traffic
AWS Cloud Kata for Start-Ups and Developers
AWS Lambda VPC Best practices
VPC is optional ndash donrsquot turn in on unless you need it
The ENIs used by Lambdarsquos VPC feature count against your quota
Ensure you have enough to match your peak concurrency levels (wersquoll consolidate where we can)
DO NOT delete or rename these ENIs
Ensure your subnets have enough IPs for those ENIs
Specify at least one subnet in each Availability ZoneOtherwise Lambda will obey but canrsquot be as fault-tolerant
AWS Cloud Kata for Start-Ups and Developers
Container
ECS
Cluster
Task amp Service
AWS CLI or ECS CLI
Summary
Serverless
Lambda
Use cases
Best practices
New feature
AWS Cloud Kata for Start-Ups and Developers
Hong
Kong
Thank you
AWS Cloud Kata for Start-Ups and Developers
Typical User Workflow
Run Task
or
Create Service
Amazon ECS
Using the task definition
created above
AWS Cloud Kata for Start-Ups and Developers
Typical User Workflow
Amazon ECSDescribe Cluster
Get information about
cluster state and
running containers
AWS Cloud Kata for Start-Ups and Developers
DEMO
AWS Cloud Kata for Start-Ups and Developers
Command
aws elb create-load-balancer --cli-input-json fileelb-ecsjson
aws ecs create-cluster --cluster-name ecs-demo
aws autoscaling create-launch-configuration --cli-input-json filelaunch-configjson --user-data fileuserdatatxt
aws autoscaling create-auto-scaling-group --cli-input-json fileauto-scaling-groupjson
aws ecs list-container-instances --cluster ecs-demo
docker build -t dicksonyuekata-demov5
docker run -d -p 80808080 dicksonyuekata-demov5
docker push
aws ecs register-task-definition --cli-input-json fileecs-taskjson
aws ecs update-service --cluster ecs-demo --service vote-app-service --desired-count 2 --task-definition kata-demo-task5
AWS Cloud Kata for Start-Ups and Developers
Task
family vote-app-task
containerDefinitions [
name rdquokata-demo-container
image dicksonyuekata-demov2
cpu 10
memory 500
portMappings [
containerPort 8080
hostPort 8080
]
essential true
command [
npm start
]
]
AWS Cloud Kata for Start-Ups and Developers
Service
cluster ecs-demo
serviceName vote-app-service
taskDefinition vote-app-task
loadBalancers [
loadBalancerName ecs-demo-ecs-elb
containerName rdquokata-demo-container
containerPort 8080
]
desiredCount 1
role ecsServiceRolerdquo
AWS Cloud Kata for Start-Ups and Developers
Serverless
AWS Cloud Kata for Start-Ups and Developers
2) Continuous Scaling 1) No Servers to Manage
AWS Lambda automatically scales your application by running code in response to each trigger Your code runs in parallel and processes each trigger individually scaling
precisely with the size of the workload
3) Subsecond Metering
With AWS Lambda you are charged for every 100ms your code executes and the number of times your code is triggered You dont pay anything when your code
isnt running
AWS Lambda automatically runs your code without requiring you to provision or
manage servers Just write the code and upload it to Lambda
Benefits of AWS Lambda
AWS Cloud Kata for Start-Ups and Developers
How Lambda works
S3 event
notifications
DynamoDB
StreamsKinesis
events
Cognito
eventsSNS
events
Custom
events
CloudTrail
events LambdaDynamoDB
Kinesis S3
Any custom
Redshift
SNS
Any AWS
AWS Cloud Kata for Start-Ups and Developers
AWS Lambda API Gateway and AWS IoT
regions
Available regions
Singapore
Sydney
AWS Cloud Kata for Start-Ups and Developers
Lambda usage scenarios
AWS Cloud Kata for Start-Ups and Developers
Use case Data processing
Example Amazon S3 bucket triggers
Amazon S3 bucket events
Original objectCompressed object
1
2
3
AWS Lambda
AWS Cloud Kata for Start-Ups and Developers
Use case Dynamic data ingestion
ldquoI want to apply custom logic to process content being uploaded to my data storerdquo
bull PDF watermarking
bull Image thumbnailing and transcoding
bull Document metadata Indexing
bull Log aggregation and filtering
bull RSS feed processing
bull Media content validation
AWS Cloud Kata for Start-Ups and Developers
Use case Realtime data stream processing Amazon Kinesis
ldquoI want to apply custom logic to process logs being uploaded through my Kinesis streamrdquo
bull Client activity tracking
bull metrics generation
bull data cleansing
bull Log filtering
bull indexing and searching
bull Log routing
AWS Cloud Kata for Start-Ups and Developers
Use case mobile backend1 AWS Mobile SDK + Amazon Cognito for mobile app
Or AWS IoT for devices
2 AWS Lambda runs the code
3 Amazon API Gateway (if you want your own endpoint)
4 Amazon DynamoDB holds the data
AWS LambdaAmazon
DynamoDB
AWS Cloud Kata for Start-Ups and Developers
Use case Serverless web apps
1 Amazon S3 for serving static content
2 AWS Lambda for dynamic content
3 Amazon API Gateway for https access
4 Amazon DynamoDB for NoSQL data storage
Dynamic content
in AWS Lambda
Data stored in
Amazon
DynamoDB
API GatewayStatic content in
Amazon S3
AWS Cloud Kata for Start-Ups and Developers
Use case Alexa apps + Slack = serverless bots
Alexa tell Slack to
send ldquoIrsquom giving the
demo nowrdquo
Message retrieval through scheduled
polling
Kevin says
ldquoBreak a legrdquo
Message upload
(via Slack API)
Team
(channel users)
Slack
AWS Cloud Kata for Start-Ups and Developers
Additional scenarios
Cognito
CloudFormationLambda
Lambda
SNS Lambda
LambdaDynamoDB
AWS Cloud Kata for Start-Ups and Developers
DEMO
AWS Cloud Kata for Start-Ups and Developers
1 Image uploading service
2 Image processing service
Face wall service
Dashboard service
3 Data feed services
Input
Image
S3
S3
Output
Image
Metadata DB
App Metric
Lambda
Camera uploads photos with AWS SDK to S3
S3 triggers Lambda event
Lambda function detects faces outputs cropped
images to S3 and stores metadata in DynamoDB
Web application pulls data from face wall and
dashboard services through API gateway which
triggers Lambda function
$$ charged by
Exec time per 100ms
Storage per GB
Number of requests
ReadWrite throughput
AWS Cloud Kata for Start-Ups and Developers
Recent launches and
best practices
AWS Cloud Kata for Start-Ups and Developers
reInvent 2015
bull Python
bull Scheduled functions
bull Longer running times (5 min)
bull Versioning
Recent launches
Since reInventbull Higher code storage limits (from 5 GB to
75 GB)
bull Custom VPC
bull 1-minute schedules
bull New regional launch
bull Nodejs 432
bull 1-click CORs setup
bull Stage variables
bull Custom (Lambda) authorizers
bull Builtin Swagger importexport
bull AWS CloudFormation support for API Gateway and versions
AWS Cloud Kata for Start-Ups and Developers
Function schedules The how-to guide
How can I keep a function warm (no cold starts)
Schedule it
How can I poll a queue (like SQS)
Schedule a function to read the queue
How can I get more timers
Have one scheduled function async invoke other functions
How can I get granularity finer than 1 minute
Run a background timer in your scheduled function
AWS Cloud Kata for Start-Ups and Developers
Function versioning The how-to guide
How can I get mutable configuration info
Read it (eg from DynamoDB) during function initialization
Wrap your config in a function and call it from your published code
How do I ldquoroll backrdquo in AWS Lambda
Using aliases just switch what the alias points to
(As a collection add API Gateway andor CloudFormation)
How do I do bluegreen deployments
AWS Lambda handles fleet deployments but if you want to shape
traffic put a second ldquotraffic coprdquo function in front
How can I lock a clientdevice onto an old version
Point them directly to that versionrsquos ARN
AWS Cloud Kata for Start-Ups and Developers
AWS Lambda VPC basics
All Lambda functions run in a VPC all the time
You never need to ldquoturn onrdquo security ndash itrsquos always on
You can also grant Lambda functions access to resources in your own VPC
How Add VPC subnet IDs and security group IDs to the function config
Typical uses RDB ElastiCache private EC2 endpoints
Allows access to peered VPCs VPN endpoints and private S3 endpoints
Functions configured for VPC access lose internet accesshellip
unless you have managed NAT or a NAT instance in the VPC
hellipEven if you have ldquoAuto-assign Public IPrdquo enabled
hellipEven if you have an internet gateway set up in your VPC
hellipEven if your security group allows all outbound traffic
AWS Cloud Kata for Start-Ups and Developers
AWS Lambda VPC Best practices
VPC is optional ndash donrsquot turn in on unless you need it
The ENIs used by Lambdarsquos VPC feature count against your quota
Ensure you have enough to match your peak concurrency levels (wersquoll consolidate where we can)
DO NOT delete or rename these ENIs
Ensure your subnets have enough IPs for those ENIs
Specify at least one subnet in each Availability ZoneOtherwise Lambda will obey but canrsquot be as fault-tolerant
AWS Cloud Kata for Start-Ups and Developers
Container
ECS
Cluster
Task amp Service
AWS CLI or ECS CLI
Summary
Serverless
Lambda
Use cases
Best practices
New feature
AWS Cloud Kata for Start-Ups and Developers
Hong
Kong
Thank you
AWS Cloud Kata for Start-Ups and Developers
Typical User Workflow
Amazon ECSDescribe Cluster
Get information about
cluster state and
running containers
AWS Cloud Kata for Start-Ups and Developers
DEMO
AWS Cloud Kata for Start-Ups and Developers
Command
aws elb create-load-balancer --cli-input-json fileelb-ecsjson
aws ecs create-cluster --cluster-name ecs-demo
aws autoscaling create-launch-configuration --cli-input-json filelaunch-configjson --user-data fileuserdatatxt
aws autoscaling create-auto-scaling-group --cli-input-json fileauto-scaling-groupjson
aws ecs list-container-instances --cluster ecs-demo
docker build -t dicksonyuekata-demov5
docker run -d -p 80808080 dicksonyuekata-demov5
docker push
aws ecs register-task-definition --cli-input-json fileecs-taskjson
aws ecs update-service --cluster ecs-demo --service vote-app-service --desired-count 2 --task-definition kata-demo-task5
AWS Cloud Kata for Start-Ups and Developers
Task
family vote-app-task
containerDefinitions [
name rdquokata-demo-container
image dicksonyuekata-demov2
cpu 10
memory 500
portMappings [
containerPort 8080
hostPort 8080
]
essential true
command [
npm start
]
]
AWS Cloud Kata for Start-Ups and Developers
Service
cluster ecs-demo
serviceName vote-app-service
taskDefinition vote-app-task
loadBalancers [
loadBalancerName ecs-demo-ecs-elb
containerName rdquokata-demo-container
containerPort 8080
]
desiredCount 1
role ecsServiceRolerdquo
AWS Cloud Kata for Start-Ups and Developers
Serverless
AWS Cloud Kata for Start-Ups and Developers
2) Continuous Scaling 1) No Servers to Manage
AWS Lambda automatically scales your application by running code in response to each trigger Your code runs in parallel and processes each trigger individually scaling
precisely with the size of the workload
3) Subsecond Metering
With AWS Lambda you are charged for every 100ms your code executes and the number of times your code is triggered You dont pay anything when your code
isnt running
AWS Lambda automatically runs your code without requiring you to provision or
manage servers Just write the code and upload it to Lambda
Benefits of AWS Lambda
AWS Cloud Kata for Start-Ups and Developers
How Lambda works
S3 event
notifications
DynamoDB
StreamsKinesis
events
Cognito
eventsSNS
events
Custom
events
CloudTrail
events LambdaDynamoDB
Kinesis S3
Any custom
Redshift
SNS
Any AWS
AWS Cloud Kata for Start-Ups and Developers
AWS Lambda API Gateway and AWS IoT
regions
Available regions
Singapore
Sydney
AWS Cloud Kata for Start-Ups and Developers
Lambda usage scenarios
AWS Cloud Kata for Start-Ups and Developers
Use case Data processing
Example Amazon S3 bucket triggers
Amazon S3 bucket events
Original objectCompressed object
1
2
3
AWS Lambda
AWS Cloud Kata for Start-Ups and Developers
Use case Dynamic data ingestion
ldquoI want to apply custom logic to process content being uploaded to my data storerdquo
bull PDF watermarking
bull Image thumbnailing and transcoding
bull Document metadata Indexing
bull Log aggregation and filtering
bull RSS feed processing
bull Media content validation
AWS Cloud Kata for Start-Ups and Developers
Use case Realtime data stream processing Amazon Kinesis
ldquoI want to apply custom logic to process logs being uploaded through my Kinesis streamrdquo
bull Client activity tracking
bull metrics generation
bull data cleansing
bull Log filtering
bull indexing and searching
bull Log routing
AWS Cloud Kata for Start-Ups and Developers
Use case mobile backend1 AWS Mobile SDK + Amazon Cognito for mobile app
Or AWS IoT for devices
2 AWS Lambda runs the code
3 Amazon API Gateway (if you want your own endpoint)
4 Amazon DynamoDB holds the data
AWS LambdaAmazon
DynamoDB
AWS Cloud Kata for Start-Ups and Developers
Use case Serverless web apps
1 Amazon S3 for serving static content
2 AWS Lambda for dynamic content
3 Amazon API Gateway for https access
4 Amazon DynamoDB for NoSQL data storage
Dynamic content
in AWS Lambda
Data stored in
Amazon
DynamoDB
API GatewayStatic content in
Amazon S3
AWS Cloud Kata for Start-Ups and Developers
Use case Alexa apps + Slack = serverless bots
Alexa tell Slack to
send ldquoIrsquom giving the
demo nowrdquo
Message retrieval through scheduled
polling
Kevin says
ldquoBreak a legrdquo
Message upload
(via Slack API)
Team
(channel users)
Slack
AWS Cloud Kata for Start-Ups and Developers
Additional scenarios
Cognito
CloudFormationLambda
Lambda
SNS Lambda
LambdaDynamoDB
AWS Cloud Kata for Start-Ups and Developers
DEMO
AWS Cloud Kata for Start-Ups and Developers
1 Image uploading service
2 Image processing service
Face wall service
Dashboard service
3 Data feed services
Input
Image
S3
S3
Output
Image
Metadata DB
App Metric
Lambda
Camera uploads photos with AWS SDK to S3
S3 triggers Lambda event
Lambda function detects faces outputs cropped
images to S3 and stores metadata in DynamoDB
Web application pulls data from face wall and
dashboard services through API gateway which
triggers Lambda function
$$ charged by
Exec time per 100ms
Storage per GB
Number of requests
ReadWrite throughput
AWS Cloud Kata for Start-Ups and Developers
Recent launches and
best practices
AWS Cloud Kata for Start-Ups and Developers
reInvent 2015
bull Python
bull Scheduled functions
bull Longer running times (5 min)
bull Versioning
Recent launches
Since reInventbull Higher code storage limits (from 5 GB to
75 GB)
bull Custom VPC
bull 1-minute schedules
bull New regional launch
bull Nodejs 432
bull 1-click CORs setup
bull Stage variables
bull Custom (Lambda) authorizers
bull Builtin Swagger importexport
bull AWS CloudFormation support for API Gateway and versions
AWS Cloud Kata for Start-Ups and Developers
Function schedules The how-to guide
How can I keep a function warm (no cold starts)
Schedule it
How can I poll a queue (like SQS)
Schedule a function to read the queue
How can I get more timers
Have one scheduled function async invoke other functions
How can I get granularity finer than 1 minute
Run a background timer in your scheduled function
AWS Cloud Kata for Start-Ups and Developers
Function versioning The how-to guide
How can I get mutable configuration info
Read it (eg from DynamoDB) during function initialization
Wrap your config in a function and call it from your published code
How do I ldquoroll backrdquo in AWS Lambda
Using aliases just switch what the alias points to
(As a collection add API Gateway andor CloudFormation)
How do I do bluegreen deployments
AWS Lambda handles fleet deployments but if you want to shape
traffic put a second ldquotraffic coprdquo function in front
How can I lock a clientdevice onto an old version
Point them directly to that versionrsquos ARN
AWS Cloud Kata for Start-Ups and Developers
AWS Lambda VPC basics
All Lambda functions run in a VPC all the time
You never need to ldquoturn onrdquo security ndash itrsquos always on
You can also grant Lambda functions access to resources in your own VPC
How Add VPC subnet IDs and security group IDs to the function config
Typical uses RDB ElastiCache private EC2 endpoints
Allows access to peered VPCs VPN endpoints and private S3 endpoints
Functions configured for VPC access lose internet accesshellip
unless you have managed NAT or a NAT instance in the VPC
hellipEven if you have ldquoAuto-assign Public IPrdquo enabled
hellipEven if you have an internet gateway set up in your VPC
hellipEven if your security group allows all outbound traffic
AWS Cloud Kata for Start-Ups and Developers
AWS Lambda VPC Best practices
VPC is optional ndash donrsquot turn in on unless you need it
The ENIs used by Lambdarsquos VPC feature count against your quota
Ensure you have enough to match your peak concurrency levels (wersquoll consolidate where we can)
DO NOT delete or rename these ENIs
Ensure your subnets have enough IPs for those ENIs
Specify at least one subnet in each Availability ZoneOtherwise Lambda will obey but canrsquot be as fault-tolerant
AWS Cloud Kata for Start-Ups and Developers
Container
ECS
Cluster
Task amp Service
AWS CLI or ECS CLI
Summary
Serverless
Lambda
Use cases
Best practices
New feature
AWS Cloud Kata for Start-Ups and Developers
Hong
Kong
Thank you
AWS Cloud Kata for Start-Ups and Developers
DEMO
AWS Cloud Kata for Start-Ups and Developers
Command
aws elb create-load-balancer --cli-input-json fileelb-ecsjson
aws ecs create-cluster --cluster-name ecs-demo
aws autoscaling create-launch-configuration --cli-input-json filelaunch-configjson --user-data fileuserdatatxt
aws autoscaling create-auto-scaling-group --cli-input-json fileauto-scaling-groupjson
aws ecs list-container-instances --cluster ecs-demo
docker build -t dicksonyuekata-demov5
docker run -d -p 80808080 dicksonyuekata-demov5
docker push
aws ecs register-task-definition --cli-input-json fileecs-taskjson
aws ecs update-service --cluster ecs-demo --service vote-app-service --desired-count 2 --task-definition kata-demo-task5
AWS Cloud Kata for Start-Ups and Developers
Task
family vote-app-task
containerDefinitions [
name rdquokata-demo-container
image dicksonyuekata-demov2
cpu 10
memory 500
portMappings [
containerPort 8080
hostPort 8080
]
essential true
command [
npm start
]
]
AWS Cloud Kata for Start-Ups and Developers
Service
cluster ecs-demo
serviceName vote-app-service
taskDefinition vote-app-task
loadBalancers [
loadBalancerName ecs-demo-ecs-elb
containerName rdquokata-demo-container
containerPort 8080
]
desiredCount 1
role ecsServiceRolerdquo
AWS Cloud Kata for Start-Ups and Developers
Serverless
AWS Cloud Kata for Start-Ups and Developers
2) Continuous Scaling 1) No Servers to Manage
AWS Lambda automatically scales your application by running code in response to each trigger Your code runs in parallel and processes each trigger individually scaling
precisely with the size of the workload
3) Subsecond Metering
With AWS Lambda you are charged for every 100ms your code executes and the number of times your code is triggered You dont pay anything when your code
isnt running
AWS Lambda automatically runs your code without requiring you to provision or
manage servers Just write the code and upload it to Lambda
Benefits of AWS Lambda
AWS Cloud Kata for Start-Ups and Developers
How Lambda works
S3 event
notifications
DynamoDB
StreamsKinesis
events
Cognito
eventsSNS
events
Custom
events
CloudTrail
events LambdaDynamoDB
Kinesis S3
Any custom
Redshift
SNS
Any AWS
AWS Cloud Kata for Start-Ups and Developers
AWS Lambda API Gateway and AWS IoT
regions
Available regions
Singapore
Sydney
AWS Cloud Kata for Start-Ups and Developers
Lambda usage scenarios
AWS Cloud Kata for Start-Ups and Developers
Use case Data processing
Example Amazon S3 bucket triggers
Amazon S3 bucket events
Original objectCompressed object
1
2
3
AWS Lambda
AWS Cloud Kata for Start-Ups and Developers
Use case Dynamic data ingestion
ldquoI want to apply custom logic to process content being uploaded to my data storerdquo
bull PDF watermarking
bull Image thumbnailing and transcoding
bull Document metadata Indexing
bull Log aggregation and filtering
bull RSS feed processing
bull Media content validation
AWS Cloud Kata for Start-Ups and Developers
Use case Realtime data stream processing Amazon Kinesis
ldquoI want to apply custom logic to process logs being uploaded through my Kinesis streamrdquo
bull Client activity tracking
bull metrics generation
bull data cleansing
bull Log filtering
bull indexing and searching
bull Log routing
AWS Cloud Kata for Start-Ups and Developers
Use case mobile backend1 AWS Mobile SDK + Amazon Cognito for mobile app
Or AWS IoT for devices
2 AWS Lambda runs the code
3 Amazon API Gateway (if you want your own endpoint)
4 Amazon DynamoDB holds the data
AWS LambdaAmazon
DynamoDB
AWS Cloud Kata for Start-Ups and Developers
Use case Serverless web apps
1 Amazon S3 for serving static content
2 AWS Lambda for dynamic content
3 Amazon API Gateway for https access
4 Amazon DynamoDB for NoSQL data storage
Dynamic content
in AWS Lambda
Data stored in
Amazon
DynamoDB
API GatewayStatic content in
Amazon S3
AWS Cloud Kata for Start-Ups and Developers
Use case Alexa apps + Slack = serverless bots
Alexa tell Slack to
send ldquoIrsquom giving the
demo nowrdquo
Message retrieval through scheduled
polling
Kevin says
ldquoBreak a legrdquo
Message upload
(via Slack API)
Team
(channel users)
Slack
AWS Cloud Kata for Start-Ups and Developers
Additional scenarios
Cognito
CloudFormationLambda
Lambda
SNS Lambda
LambdaDynamoDB
AWS Cloud Kata for Start-Ups and Developers
DEMO
AWS Cloud Kata for Start-Ups and Developers
1 Image uploading service
2 Image processing service
Face wall service
Dashboard service
3 Data feed services
Input
Image
S3
S3
Output
Image
Metadata DB
App Metric
Lambda
Camera uploads photos with AWS SDK to S3
S3 triggers Lambda event
Lambda function detects faces outputs cropped
images to S3 and stores metadata in DynamoDB
Web application pulls data from face wall and
dashboard services through API gateway which
triggers Lambda function
$$ charged by
Exec time per 100ms
Storage per GB
Number of requests
ReadWrite throughput
AWS Cloud Kata for Start-Ups and Developers
Recent launches and
best practices
AWS Cloud Kata for Start-Ups and Developers
reInvent 2015
bull Python
bull Scheduled functions
bull Longer running times (5 min)
bull Versioning
Recent launches
Since reInventbull Higher code storage limits (from 5 GB to
75 GB)
bull Custom VPC
bull 1-minute schedules
bull New regional launch
bull Nodejs 432
bull 1-click CORs setup
bull Stage variables
bull Custom (Lambda) authorizers
bull Builtin Swagger importexport
bull AWS CloudFormation support for API Gateway and versions
AWS Cloud Kata for Start-Ups and Developers
Function schedules The how-to guide
How can I keep a function warm (no cold starts)
Schedule it
How can I poll a queue (like SQS)
Schedule a function to read the queue
How can I get more timers
Have one scheduled function async invoke other functions
How can I get granularity finer than 1 minute
Run a background timer in your scheduled function
AWS Cloud Kata for Start-Ups and Developers
Function versioning The how-to guide
How can I get mutable configuration info
Read it (eg from DynamoDB) during function initialization
Wrap your config in a function and call it from your published code
How do I ldquoroll backrdquo in AWS Lambda
Using aliases just switch what the alias points to
(As a collection add API Gateway andor CloudFormation)
How do I do bluegreen deployments
AWS Lambda handles fleet deployments but if you want to shape
traffic put a second ldquotraffic coprdquo function in front
How can I lock a clientdevice onto an old version
Point them directly to that versionrsquos ARN
AWS Cloud Kata for Start-Ups and Developers
AWS Lambda VPC basics
All Lambda functions run in a VPC all the time
You never need to ldquoturn onrdquo security ndash itrsquos always on
You can also grant Lambda functions access to resources in your own VPC
How Add VPC subnet IDs and security group IDs to the function config
Typical uses RDB ElastiCache private EC2 endpoints
Allows access to peered VPCs VPN endpoints and private S3 endpoints
Functions configured for VPC access lose internet accesshellip
unless you have managed NAT or a NAT instance in the VPC
hellipEven if you have ldquoAuto-assign Public IPrdquo enabled
hellipEven if you have an internet gateway set up in your VPC
hellipEven if your security group allows all outbound traffic
AWS Cloud Kata for Start-Ups and Developers
AWS Lambda VPC Best practices
VPC is optional ndash donrsquot turn in on unless you need it
The ENIs used by Lambdarsquos VPC feature count against your quota
Ensure you have enough to match your peak concurrency levels (wersquoll consolidate where we can)
DO NOT delete or rename these ENIs
Ensure your subnets have enough IPs for those ENIs
Specify at least one subnet in each Availability ZoneOtherwise Lambda will obey but canrsquot be as fault-tolerant
AWS Cloud Kata for Start-Ups and Developers
Container
ECS
Cluster
Task amp Service
AWS CLI or ECS CLI
Summary
Serverless
Lambda
Use cases
Best practices
New feature
AWS Cloud Kata for Start-Ups and Developers
Hong
Kong
Thank you
AWS Cloud Kata for Start-Ups and Developers
Command
aws elb create-load-balancer --cli-input-json fileelb-ecsjson
aws ecs create-cluster --cluster-name ecs-demo
aws autoscaling create-launch-configuration --cli-input-json filelaunch-configjson --user-data fileuserdatatxt
aws autoscaling create-auto-scaling-group --cli-input-json fileauto-scaling-groupjson
aws ecs list-container-instances --cluster ecs-demo
docker build -t dicksonyuekata-demov5
docker run -d -p 80808080 dicksonyuekata-demov5
docker push
aws ecs register-task-definition --cli-input-json fileecs-taskjson
aws ecs update-service --cluster ecs-demo --service vote-app-service --desired-count 2 --task-definition kata-demo-task5
AWS Cloud Kata for Start-Ups and Developers
Task
family vote-app-task
containerDefinitions [
name rdquokata-demo-container
image dicksonyuekata-demov2
cpu 10
memory 500
portMappings [
containerPort 8080
hostPort 8080
]
essential true
command [
npm start
]
]
AWS Cloud Kata for Start-Ups and Developers
Service
cluster ecs-demo
serviceName vote-app-service
taskDefinition vote-app-task
loadBalancers [
loadBalancerName ecs-demo-ecs-elb
containerName rdquokata-demo-container
containerPort 8080
]
desiredCount 1
role ecsServiceRolerdquo
AWS Cloud Kata for Start-Ups and Developers
Serverless
AWS Cloud Kata for Start-Ups and Developers
2) Continuous Scaling 1) No Servers to Manage
AWS Lambda automatically scales your application by running code in response to each trigger Your code runs in parallel and processes each trigger individually scaling
precisely with the size of the workload
3) Subsecond Metering
With AWS Lambda you are charged for every 100ms your code executes and the number of times your code is triggered You dont pay anything when your code
isnt running
AWS Lambda automatically runs your code without requiring you to provision or
manage servers Just write the code and upload it to Lambda
Benefits of AWS Lambda
AWS Cloud Kata for Start-Ups and Developers
How Lambda works
S3 event
notifications
DynamoDB
StreamsKinesis
events
Cognito
eventsSNS
events
Custom
events
CloudTrail
events LambdaDynamoDB
Kinesis S3
Any custom
Redshift
SNS
Any AWS
AWS Cloud Kata for Start-Ups and Developers
AWS Lambda API Gateway and AWS IoT
regions
Available regions
Singapore
Sydney
AWS Cloud Kata for Start-Ups and Developers
Lambda usage scenarios
AWS Cloud Kata for Start-Ups and Developers
Use case Data processing
Example Amazon S3 bucket triggers
Amazon S3 bucket events
Original objectCompressed object
1
2
3
AWS Lambda
AWS Cloud Kata for Start-Ups and Developers
Use case Dynamic data ingestion
ldquoI want to apply custom logic to process content being uploaded to my data storerdquo
bull PDF watermarking
bull Image thumbnailing and transcoding
bull Document metadata Indexing
bull Log aggregation and filtering
bull RSS feed processing
bull Media content validation
AWS Cloud Kata for Start-Ups and Developers
Use case Realtime data stream processing Amazon Kinesis
ldquoI want to apply custom logic to process logs being uploaded through my Kinesis streamrdquo
bull Client activity tracking
bull metrics generation
bull data cleansing
bull Log filtering
bull indexing and searching
bull Log routing
AWS Cloud Kata for Start-Ups and Developers
Use case mobile backend1 AWS Mobile SDK + Amazon Cognito for mobile app
Or AWS IoT for devices
2 AWS Lambda runs the code
3 Amazon API Gateway (if you want your own endpoint)
4 Amazon DynamoDB holds the data
AWS LambdaAmazon
DynamoDB
AWS Cloud Kata for Start-Ups and Developers
Use case Serverless web apps
1 Amazon S3 for serving static content
2 AWS Lambda for dynamic content
3 Amazon API Gateway for https access
4 Amazon DynamoDB for NoSQL data storage
Dynamic content
in AWS Lambda
Data stored in
Amazon
DynamoDB
API GatewayStatic content in
Amazon S3
AWS Cloud Kata for Start-Ups and Developers
Use case Alexa apps + Slack = serverless bots
Alexa tell Slack to
send ldquoIrsquom giving the
demo nowrdquo
Message retrieval through scheduled
polling
Kevin says
ldquoBreak a legrdquo
Message upload
(via Slack API)
Team
(channel users)
Slack
AWS Cloud Kata for Start-Ups and Developers
Additional scenarios
Cognito
CloudFormationLambda
Lambda
SNS Lambda
LambdaDynamoDB
AWS Cloud Kata for Start-Ups and Developers
DEMO
AWS Cloud Kata for Start-Ups and Developers
1 Image uploading service
2 Image processing service
Face wall service
Dashboard service
3 Data feed services
Input
Image
S3
S3
Output
Image
Metadata DB
App Metric
Lambda
Camera uploads photos with AWS SDK to S3
S3 triggers Lambda event
Lambda function detects faces outputs cropped
images to S3 and stores metadata in DynamoDB
Web application pulls data from face wall and
dashboard services through API gateway which
triggers Lambda function
$$ charged by
Exec time per 100ms
Storage per GB
Number of requests
ReadWrite throughput
AWS Cloud Kata for Start-Ups and Developers
Recent launches and
best practices
AWS Cloud Kata for Start-Ups and Developers
reInvent 2015
bull Python
bull Scheduled functions
bull Longer running times (5 min)
bull Versioning
Recent launches
Since reInventbull Higher code storage limits (from 5 GB to
75 GB)
bull Custom VPC
bull 1-minute schedules
bull New regional launch
bull Nodejs 432
bull 1-click CORs setup
bull Stage variables
bull Custom (Lambda) authorizers
bull Builtin Swagger importexport
bull AWS CloudFormation support for API Gateway and versions
AWS Cloud Kata for Start-Ups and Developers
Function schedules The how-to guide
How can I keep a function warm (no cold starts)
Schedule it
How can I poll a queue (like SQS)
Schedule a function to read the queue
How can I get more timers
Have one scheduled function async invoke other functions
How can I get granularity finer than 1 minute
Run a background timer in your scheduled function
AWS Cloud Kata for Start-Ups and Developers
Function versioning The how-to guide
How can I get mutable configuration info
Read it (eg from DynamoDB) during function initialization
Wrap your config in a function and call it from your published code
How do I ldquoroll backrdquo in AWS Lambda
Using aliases just switch what the alias points to
(As a collection add API Gateway andor CloudFormation)
How do I do bluegreen deployments
AWS Lambda handles fleet deployments but if you want to shape
traffic put a second ldquotraffic coprdquo function in front
How can I lock a clientdevice onto an old version
Point them directly to that versionrsquos ARN
AWS Cloud Kata for Start-Ups and Developers
AWS Lambda VPC basics
All Lambda functions run in a VPC all the time
You never need to ldquoturn onrdquo security ndash itrsquos always on
You can also grant Lambda functions access to resources in your own VPC
How Add VPC subnet IDs and security group IDs to the function config
Typical uses RDB ElastiCache private EC2 endpoints
Allows access to peered VPCs VPN endpoints and private S3 endpoints
Functions configured for VPC access lose internet accesshellip
unless you have managed NAT or a NAT instance in the VPC
hellipEven if you have ldquoAuto-assign Public IPrdquo enabled
hellipEven if you have an internet gateway set up in your VPC
hellipEven if your security group allows all outbound traffic
AWS Cloud Kata for Start-Ups and Developers
AWS Lambda VPC Best practices
VPC is optional ndash donrsquot turn in on unless you need it
The ENIs used by Lambdarsquos VPC feature count against your quota
Ensure you have enough to match your peak concurrency levels (wersquoll consolidate where we can)
DO NOT delete or rename these ENIs
Ensure your subnets have enough IPs for those ENIs
Specify at least one subnet in each Availability ZoneOtherwise Lambda will obey but canrsquot be as fault-tolerant
AWS Cloud Kata for Start-Ups and Developers
Container
ECS
Cluster
Task amp Service
AWS CLI or ECS CLI
Summary
Serverless
Lambda
Use cases
Best practices
New feature
AWS Cloud Kata for Start-Ups and Developers
Hong
Kong
Thank you
AWS Cloud Kata for Start-Ups and Developers
Task
family vote-app-task
containerDefinitions [
name rdquokata-demo-container
image dicksonyuekata-demov2
cpu 10
memory 500
portMappings [
containerPort 8080
hostPort 8080
]
essential true
command [
npm start
]
]
AWS Cloud Kata for Start-Ups and Developers
Service
cluster ecs-demo
serviceName vote-app-service
taskDefinition vote-app-task
loadBalancers [
loadBalancerName ecs-demo-ecs-elb
containerName rdquokata-demo-container
containerPort 8080
]
desiredCount 1
role ecsServiceRolerdquo
AWS Cloud Kata for Start-Ups and Developers
Serverless
AWS Cloud Kata for Start-Ups and Developers
2) Continuous Scaling 1) No Servers to Manage
AWS Lambda automatically scales your application by running code in response to each trigger Your code runs in parallel and processes each trigger individually scaling
precisely with the size of the workload
3) Subsecond Metering
With AWS Lambda you are charged for every 100ms your code executes and the number of times your code is triggered You dont pay anything when your code
isnt running
AWS Lambda automatically runs your code without requiring you to provision or
manage servers Just write the code and upload it to Lambda
Benefits of AWS Lambda
AWS Cloud Kata for Start-Ups and Developers
How Lambda works
S3 event
notifications
DynamoDB
StreamsKinesis
events
Cognito
eventsSNS
events
Custom
events
CloudTrail
events LambdaDynamoDB
Kinesis S3
Any custom
Redshift
SNS
Any AWS
AWS Cloud Kata for Start-Ups and Developers
AWS Lambda API Gateway and AWS IoT
regions
Available regions
Singapore
Sydney
AWS Cloud Kata for Start-Ups and Developers
Lambda usage scenarios
AWS Cloud Kata for Start-Ups and Developers
Use case Data processing
Example Amazon S3 bucket triggers
Amazon S3 bucket events
Original objectCompressed object
1
2
3
AWS Lambda
AWS Cloud Kata for Start-Ups and Developers
Use case Dynamic data ingestion
ldquoI want to apply custom logic to process content being uploaded to my data storerdquo
bull PDF watermarking
bull Image thumbnailing and transcoding
bull Document metadata Indexing
bull Log aggregation and filtering
bull RSS feed processing
bull Media content validation
AWS Cloud Kata for Start-Ups and Developers
Use case Realtime data stream processing Amazon Kinesis
ldquoI want to apply custom logic to process logs being uploaded through my Kinesis streamrdquo
bull Client activity tracking
bull metrics generation
bull data cleansing
bull Log filtering
bull indexing and searching
bull Log routing
AWS Cloud Kata for Start-Ups and Developers
Use case mobile backend1 AWS Mobile SDK + Amazon Cognito for mobile app
Or AWS IoT for devices
2 AWS Lambda runs the code
3 Amazon API Gateway (if you want your own endpoint)
4 Amazon DynamoDB holds the data
AWS LambdaAmazon
DynamoDB
AWS Cloud Kata for Start-Ups and Developers
Use case Serverless web apps
1 Amazon S3 for serving static content
2 AWS Lambda for dynamic content
3 Amazon API Gateway for https access
4 Amazon DynamoDB for NoSQL data storage
Dynamic content
in AWS Lambda
Data stored in
Amazon
DynamoDB
API GatewayStatic content in
Amazon S3
AWS Cloud Kata for Start-Ups and Developers
Use case Alexa apps + Slack = serverless bots
Alexa tell Slack to
send ldquoIrsquom giving the
demo nowrdquo
Message retrieval through scheduled
polling
Kevin says
ldquoBreak a legrdquo
Message upload
(via Slack API)
Team
(channel users)
Slack
AWS Cloud Kata for Start-Ups and Developers
Additional scenarios
Cognito
CloudFormationLambda
Lambda
SNS Lambda
LambdaDynamoDB
AWS Cloud Kata for Start-Ups and Developers
DEMO
AWS Cloud Kata for Start-Ups and Developers
1 Image uploading service
2 Image processing service
Face wall service
Dashboard service
3 Data feed services
Input
Image
S3
S3
Output
Image
Metadata DB
App Metric
Lambda
Camera uploads photos with AWS SDK to S3
S3 triggers Lambda event
Lambda function detects faces outputs cropped
images to S3 and stores metadata in DynamoDB
Web application pulls data from face wall and
dashboard services through API gateway which
triggers Lambda function
$$ charged by
Exec time per 100ms
Storage per GB
Number of requests
ReadWrite throughput
AWS Cloud Kata for Start-Ups and Developers
Recent launches and
best practices
AWS Cloud Kata for Start-Ups and Developers
reInvent 2015
bull Python
bull Scheduled functions
bull Longer running times (5 min)
bull Versioning
Recent launches
Since reInventbull Higher code storage limits (from 5 GB to
75 GB)
bull Custom VPC
bull 1-minute schedules
bull New regional launch
bull Nodejs 432
bull 1-click CORs setup
bull Stage variables
bull Custom (Lambda) authorizers
bull Builtin Swagger importexport
bull AWS CloudFormation support for API Gateway and versions
AWS Cloud Kata for Start-Ups and Developers
Function schedules The how-to guide
How can I keep a function warm (no cold starts)
Schedule it
How can I poll a queue (like SQS)
Schedule a function to read the queue
How can I get more timers
Have one scheduled function async invoke other functions
How can I get granularity finer than 1 minute
Run a background timer in your scheduled function
AWS Cloud Kata for Start-Ups and Developers
Function versioning The how-to guide
How can I get mutable configuration info
Read it (eg from DynamoDB) during function initialization
Wrap your config in a function and call it from your published code
How do I ldquoroll backrdquo in AWS Lambda
Using aliases just switch what the alias points to
(As a collection add API Gateway andor CloudFormation)
How do I do bluegreen deployments
AWS Lambda handles fleet deployments but if you want to shape
traffic put a second ldquotraffic coprdquo function in front
How can I lock a clientdevice onto an old version
Point them directly to that versionrsquos ARN
AWS Cloud Kata for Start-Ups and Developers
AWS Lambda VPC basics
All Lambda functions run in a VPC all the time
You never need to ldquoturn onrdquo security ndash itrsquos always on
You can also grant Lambda functions access to resources in your own VPC
How Add VPC subnet IDs and security group IDs to the function config
Typical uses RDB ElastiCache private EC2 endpoints
Allows access to peered VPCs VPN endpoints and private S3 endpoints
Functions configured for VPC access lose internet accesshellip
unless you have managed NAT or a NAT instance in the VPC
hellipEven if you have ldquoAuto-assign Public IPrdquo enabled
hellipEven if you have an internet gateway set up in your VPC
hellipEven if your security group allows all outbound traffic
AWS Cloud Kata for Start-Ups and Developers
AWS Lambda VPC Best practices
VPC is optional ndash donrsquot turn in on unless you need it
The ENIs used by Lambdarsquos VPC feature count against your quota
Ensure you have enough to match your peak concurrency levels (wersquoll consolidate where we can)
DO NOT delete or rename these ENIs
Ensure your subnets have enough IPs for those ENIs
Specify at least one subnet in each Availability ZoneOtherwise Lambda will obey but canrsquot be as fault-tolerant
AWS Cloud Kata for Start-Ups and Developers
Container
ECS
Cluster
Task amp Service
AWS CLI or ECS CLI
Summary
Serverless
Lambda
Use cases
Best practices
New feature
AWS Cloud Kata for Start-Ups and Developers
Hong
Kong
Thank you
AWS Cloud Kata for Start-Ups and Developers
Service
cluster ecs-demo
serviceName vote-app-service
taskDefinition vote-app-task
loadBalancers [
loadBalancerName ecs-demo-ecs-elb
containerName rdquokata-demo-container
containerPort 8080
]
desiredCount 1
role ecsServiceRolerdquo
AWS Cloud Kata for Start-Ups and Developers
Serverless
AWS Cloud Kata for Start-Ups and Developers
2) Continuous Scaling 1) No Servers to Manage
AWS Lambda automatically scales your application by running code in response to each trigger Your code runs in parallel and processes each trigger individually scaling
precisely with the size of the workload
3) Subsecond Metering
With AWS Lambda you are charged for every 100ms your code executes and the number of times your code is triggered You dont pay anything when your code
isnt running
AWS Lambda automatically runs your code without requiring you to provision or
manage servers Just write the code and upload it to Lambda
Benefits of AWS Lambda
AWS Cloud Kata for Start-Ups and Developers
How Lambda works
S3 event
notifications
DynamoDB
StreamsKinesis
events
Cognito
eventsSNS
events
Custom
events
CloudTrail
events LambdaDynamoDB
Kinesis S3
Any custom
Redshift
SNS
Any AWS
AWS Cloud Kata for Start-Ups and Developers
AWS Lambda API Gateway and AWS IoT
regions
Available regions
Singapore
Sydney
AWS Cloud Kata for Start-Ups and Developers
Lambda usage scenarios
AWS Cloud Kata for Start-Ups and Developers
Use case Data processing
Example Amazon S3 bucket triggers
Amazon S3 bucket events
Original objectCompressed object
1
2
3
AWS Lambda
AWS Cloud Kata for Start-Ups and Developers
Use case Dynamic data ingestion
ldquoI want to apply custom logic to process content being uploaded to my data storerdquo
bull PDF watermarking
bull Image thumbnailing and transcoding
bull Document metadata Indexing
bull Log aggregation and filtering
bull RSS feed processing
bull Media content validation
AWS Cloud Kata for Start-Ups and Developers
Use case Realtime data stream processing Amazon Kinesis
ldquoI want to apply custom logic to process logs being uploaded through my Kinesis streamrdquo
bull Client activity tracking
bull metrics generation
bull data cleansing
bull Log filtering
bull indexing and searching
bull Log routing
AWS Cloud Kata for Start-Ups and Developers
Use case mobile backend1 AWS Mobile SDK + Amazon Cognito for mobile app
Or AWS IoT for devices
2 AWS Lambda runs the code
3 Amazon API Gateway (if you want your own endpoint)
4 Amazon DynamoDB holds the data
AWS LambdaAmazon
DynamoDB
AWS Cloud Kata for Start-Ups and Developers
Use case Serverless web apps
1 Amazon S3 for serving static content
2 AWS Lambda for dynamic content
3 Amazon API Gateway for https access
4 Amazon DynamoDB for NoSQL data storage
Dynamic content
in AWS Lambda
Data stored in
Amazon
DynamoDB
API GatewayStatic content in
Amazon S3
AWS Cloud Kata for Start-Ups and Developers
Use case Alexa apps + Slack = serverless bots
Alexa tell Slack to
send ldquoIrsquom giving the
demo nowrdquo
Message retrieval through scheduled
polling
Kevin says
ldquoBreak a legrdquo
Message upload
(via Slack API)
Team
(channel users)
Slack
AWS Cloud Kata for Start-Ups and Developers
Additional scenarios
Cognito
CloudFormationLambda
Lambda
SNS Lambda
LambdaDynamoDB
AWS Cloud Kata for Start-Ups and Developers
DEMO
AWS Cloud Kata for Start-Ups and Developers
1 Image uploading service
2 Image processing service
Face wall service
Dashboard service
3 Data feed services
Input
Image
S3
S3
Output
Image
Metadata DB
App Metric
Lambda
Camera uploads photos with AWS SDK to S3
S3 triggers Lambda event
Lambda function detects faces outputs cropped
images to S3 and stores metadata in DynamoDB
Web application pulls data from face wall and
dashboard services through API gateway which
triggers Lambda function
$$ charged by
Exec time per 100ms
Storage per GB
Number of requests
ReadWrite throughput
AWS Cloud Kata for Start-Ups and Developers
Recent launches and
best practices
AWS Cloud Kata for Start-Ups and Developers
reInvent 2015
bull Python
bull Scheduled functions
bull Longer running times (5 min)
bull Versioning
Recent launches
Since reInventbull Higher code storage limits (from 5 GB to
75 GB)
bull Custom VPC
bull 1-minute schedules
bull New regional launch
bull Nodejs 432
bull 1-click CORs setup
bull Stage variables
bull Custom (Lambda) authorizers
bull Builtin Swagger importexport
bull AWS CloudFormation support for API Gateway and versions
AWS Cloud Kata for Start-Ups and Developers
Function schedules The how-to guide
How can I keep a function warm (no cold starts)
Schedule it
How can I poll a queue (like SQS)
Schedule a function to read the queue
How can I get more timers
Have one scheduled function async invoke other functions
How can I get granularity finer than 1 minute
Run a background timer in your scheduled function
AWS Cloud Kata for Start-Ups and Developers
Function versioning The how-to guide
How can I get mutable configuration info
Read it (eg from DynamoDB) during function initialization
Wrap your config in a function and call it from your published code
How do I ldquoroll backrdquo in AWS Lambda
Using aliases just switch what the alias points to
(As a collection add API Gateway andor CloudFormation)
How do I do bluegreen deployments
AWS Lambda handles fleet deployments but if you want to shape
traffic put a second ldquotraffic coprdquo function in front
How can I lock a clientdevice onto an old version
Point them directly to that versionrsquos ARN
AWS Cloud Kata for Start-Ups and Developers
AWS Lambda VPC basics
All Lambda functions run in a VPC all the time
You never need to ldquoturn onrdquo security ndash itrsquos always on
You can also grant Lambda functions access to resources in your own VPC
How Add VPC subnet IDs and security group IDs to the function config
Typical uses RDB ElastiCache private EC2 endpoints
Allows access to peered VPCs VPN endpoints and private S3 endpoints
Functions configured for VPC access lose internet accesshellip
unless you have managed NAT or a NAT instance in the VPC
hellipEven if you have ldquoAuto-assign Public IPrdquo enabled
hellipEven if you have an internet gateway set up in your VPC
hellipEven if your security group allows all outbound traffic
AWS Cloud Kata for Start-Ups and Developers
AWS Lambda VPC Best practices
VPC is optional ndash donrsquot turn in on unless you need it
The ENIs used by Lambdarsquos VPC feature count against your quota
Ensure you have enough to match your peak concurrency levels (wersquoll consolidate where we can)
DO NOT delete or rename these ENIs
Ensure your subnets have enough IPs for those ENIs
Specify at least one subnet in each Availability ZoneOtherwise Lambda will obey but canrsquot be as fault-tolerant
AWS Cloud Kata for Start-Ups and Developers
Container
ECS
Cluster
Task amp Service
AWS CLI or ECS CLI
Summary
Serverless
Lambda
Use cases
Best practices
New feature
AWS Cloud Kata for Start-Ups and Developers
Hong
Kong
Thank you
AWS Cloud Kata for Start-Ups and Developers
Serverless
AWS Cloud Kata for Start-Ups and Developers
2) Continuous Scaling 1) No Servers to Manage
AWS Lambda automatically scales your application by running code in response to each trigger Your code runs in parallel and processes each trigger individually scaling
precisely with the size of the workload
3) Subsecond Metering
With AWS Lambda you are charged for every 100ms your code executes and the number of times your code is triggered You dont pay anything when your code
isnt running
AWS Lambda automatically runs your code without requiring you to provision or
manage servers Just write the code and upload it to Lambda
Benefits of AWS Lambda
AWS Cloud Kata for Start-Ups and Developers
How Lambda works
S3 event
notifications
DynamoDB
StreamsKinesis
events
Cognito
eventsSNS
events
Custom
events
CloudTrail
events LambdaDynamoDB
Kinesis S3
Any custom
Redshift
SNS
Any AWS
AWS Cloud Kata for Start-Ups and Developers
AWS Lambda API Gateway and AWS IoT
regions
Available regions
Singapore
Sydney
AWS Cloud Kata for Start-Ups and Developers
Lambda usage scenarios
AWS Cloud Kata for Start-Ups and Developers
Use case Data processing
Example Amazon S3 bucket triggers
Amazon S3 bucket events
Original objectCompressed object
1
2
3
AWS Lambda
AWS Cloud Kata for Start-Ups and Developers
Use case Dynamic data ingestion
ldquoI want to apply custom logic to process content being uploaded to my data storerdquo
bull PDF watermarking
bull Image thumbnailing and transcoding
bull Document metadata Indexing
bull Log aggregation and filtering
bull RSS feed processing
bull Media content validation
AWS Cloud Kata for Start-Ups and Developers
Use case Realtime data stream processing Amazon Kinesis
ldquoI want to apply custom logic to process logs being uploaded through my Kinesis streamrdquo
bull Client activity tracking
bull metrics generation
bull data cleansing
bull Log filtering
bull indexing and searching
bull Log routing
AWS Cloud Kata for Start-Ups and Developers
Use case mobile backend1 AWS Mobile SDK + Amazon Cognito for mobile app
Or AWS IoT for devices
2 AWS Lambda runs the code
3 Amazon API Gateway (if you want your own endpoint)
4 Amazon DynamoDB holds the data
AWS LambdaAmazon
DynamoDB
AWS Cloud Kata for Start-Ups and Developers
Use case Serverless web apps
1 Amazon S3 for serving static content
2 AWS Lambda for dynamic content
3 Amazon API Gateway for https access
4 Amazon DynamoDB for NoSQL data storage
Dynamic content
in AWS Lambda
Data stored in
Amazon
DynamoDB
API GatewayStatic content in
Amazon S3
AWS Cloud Kata for Start-Ups and Developers
Use case Alexa apps + Slack = serverless bots
Alexa tell Slack to
send ldquoIrsquom giving the
demo nowrdquo
Message retrieval through scheduled
polling
Kevin says
ldquoBreak a legrdquo
Message upload
(via Slack API)
Team
(channel users)
Slack
AWS Cloud Kata for Start-Ups and Developers
Additional scenarios
Cognito
CloudFormationLambda
Lambda
SNS Lambda
LambdaDynamoDB
AWS Cloud Kata for Start-Ups and Developers
DEMO
AWS Cloud Kata for Start-Ups and Developers
1 Image uploading service
2 Image processing service
Face wall service
Dashboard service
3 Data feed services
Input
Image
S3
S3
Output
Image
Metadata DB
App Metric
Lambda
Camera uploads photos with AWS SDK to S3
S3 triggers Lambda event
Lambda function detects faces outputs cropped
images to S3 and stores metadata in DynamoDB
Web application pulls data from face wall and
dashboard services through API gateway which
triggers Lambda function
$$ charged by
Exec time per 100ms
Storage per GB
Number of requests
ReadWrite throughput
AWS Cloud Kata for Start-Ups and Developers
Recent launches and
best practices
AWS Cloud Kata for Start-Ups and Developers
reInvent 2015
bull Python
bull Scheduled functions
bull Longer running times (5 min)
bull Versioning
Recent launches
Since reInventbull Higher code storage limits (from 5 GB to
75 GB)
bull Custom VPC
bull 1-minute schedules
bull New regional launch
bull Nodejs 432
bull 1-click CORs setup
bull Stage variables
bull Custom (Lambda) authorizers
bull Builtin Swagger importexport
bull AWS CloudFormation support for API Gateway and versions
AWS Cloud Kata for Start-Ups and Developers
Function schedules The how-to guide
How can I keep a function warm (no cold starts)
Schedule it
How can I poll a queue (like SQS)
Schedule a function to read the queue
How can I get more timers
Have one scheduled function async invoke other functions
How can I get granularity finer than 1 minute
Run a background timer in your scheduled function
AWS Cloud Kata for Start-Ups and Developers
Function versioning The how-to guide
How can I get mutable configuration info
Read it (eg from DynamoDB) during function initialization
Wrap your config in a function and call it from your published code
How do I ldquoroll backrdquo in AWS Lambda
Using aliases just switch what the alias points to
(As a collection add API Gateway andor CloudFormation)
How do I do bluegreen deployments
AWS Lambda handles fleet deployments but if you want to shape
traffic put a second ldquotraffic coprdquo function in front
How can I lock a clientdevice onto an old version
Point them directly to that versionrsquos ARN
AWS Cloud Kata for Start-Ups and Developers
AWS Lambda VPC basics
All Lambda functions run in a VPC all the time
You never need to ldquoturn onrdquo security ndash itrsquos always on
You can also grant Lambda functions access to resources in your own VPC
How Add VPC subnet IDs and security group IDs to the function config
Typical uses RDB ElastiCache private EC2 endpoints
Allows access to peered VPCs VPN endpoints and private S3 endpoints
Functions configured for VPC access lose internet accesshellip
unless you have managed NAT or a NAT instance in the VPC
hellipEven if you have ldquoAuto-assign Public IPrdquo enabled
hellipEven if you have an internet gateway set up in your VPC
hellipEven if your security group allows all outbound traffic
AWS Cloud Kata for Start-Ups and Developers
AWS Lambda VPC Best practices
VPC is optional ndash donrsquot turn in on unless you need it
The ENIs used by Lambdarsquos VPC feature count against your quota
Ensure you have enough to match your peak concurrency levels (wersquoll consolidate where we can)
DO NOT delete or rename these ENIs
Ensure your subnets have enough IPs for those ENIs
Specify at least one subnet in each Availability ZoneOtherwise Lambda will obey but canrsquot be as fault-tolerant
AWS Cloud Kata for Start-Ups and Developers
Container
ECS
Cluster
Task amp Service
AWS CLI or ECS CLI
Summary
Serverless
Lambda
Use cases
Best practices
New feature
AWS Cloud Kata for Start-Ups and Developers
Hong
Kong
Thank you
AWS Cloud Kata for Start-Ups and Developers
2) Continuous Scaling 1) No Servers to Manage
AWS Lambda automatically scales your application by running code in response to each trigger Your code runs in parallel and processes each trigger individually scaling
precisely with the size of the workload
3) Subsecond Metering
With AWS Lambda you are charged for every 100ms your code executes and the number of times your code is triggered You dont pay anything when your code
isnt running
AWS Lambda automatically runs your code without requiring you to provision or
manage servers Just write the code and upload it to Lambda
Benefits of AWS Lambda
AWS Cloud Kata for Start-Ups and Developers
How Lambda works
S3 event
notifications
DynamoDB
StreamsKinesis
events
Cognito
eventsSNS
events
Custom
events
CloudTrail
events LambdaDynamoDB
Kinesis S3
Any custom
Redshift
SNS
Any AWS
AWS Cloud Kata for Start-Ups and Developers
AWS Lambda API Gateway and AWS IoT
regions
Available regions
Singapore
Sydney
AWS Cloud Kata for Start-Ups and Developers
Lambda usage scenarios
AWS Cloud Kata for Start-Ups and Developers
Use case Data processing
Example Amazon S3 bucket triggers
Amazon S3 bucket events
Original objectCompressed object
1
2
3
AWS Lambda
AWS Cloud Kata for Start-Ups and Developers
Use case Dynamic data ingestion
ldquoI want to apply custom logic to process content being uploaded to my data storerdquo
bull PDF watermarking
bull Image thumbnailing and transcoding
bull Document metadata Indexing
bull Log aggregation and filtering
bull RSS feed processing
bull Media content validation
AWS Cloud Kata for Start-Ups and Developers
Use case Realtime data stream processing Amazon Kinesis
ldquoI want to apply custom logic to process logs being uploaded through my Kinesis streamrdquo
bull Client activity tracking
bull metrics generation
bull data cleansing
bull Log filtering
bull indexing and searching
bull Log routing
AWS Cloud Kata for Start-Ups and Developers
Use case mobile backend1 AWS Mobile SDK + Amazon Cognito for mobile app
Or AWS IoT for devices
2 AWS Lambda runs the code
3 Amazon API Gateway (if you want your own endpoint)
4 Amazon DynamoDB holds the data
AWS LambdaAmazon
DynamoDB
AWS Cloud Kata for Start-Ups and Developers
Use case Serverless web apps
1 Amazon S3 for serving static content
2 AWS Lambda for dynamic content
3 Amazon API Gateway for https access
4 Amazon DynamoDB for NoSQL data storage
Dynamic content
in AWS Lambda
Data stored in
Amazon
DynamoDB
API GatewayStatic content in
Amazon S3
AWS Cloud Kata for Start-Ups and Developers
Use case Alexa apps + Slack = serverless bots
Alexa tell Slack to
send ldquoIrsquom giving the
demo nowrdquo
Message retrieval through scheduled
polling
Kevin says
ldquoBreak a legrdquo
Message upload
(via Slack API)
Team
(channel users)
Slack
AWS Cloud Kata for Start-Ups and Developers
Additional scenarios
Cognito
CloudFormationLambda
Lambda
SNS Lambda
LambdaDynamoDB
AWS Cloud Kata for Start-Ups and Developers
DEMO
AWS Cloud Kata for Start-Ups and Developers
1 Image uploading service
2 Image processing service
Face wall service
Dashboard service
3 Data feed services
Input
Image
S3
S3
Output
Image
Metadata DB
App Metric
Lambda
Camera uploads photos with AWS SDK to S3
S3 triggers Lambda event
Lambda function detects faces outputs cropped
images to S3 and stores metadata in DynamoDB
Web application pulls data from face wall and
dashboard services through API gateway which
triggers Lambda function
$$ charged by
Exec time per 100ms
Storage per GB
Number of requests
ReadWrite throughput
AWS Cloud Kata for Start-Ups and Developers
Recent launches and
best practices
AWS Cloud Kata for Start-Ups and Developers
reInvent 2015
bull Python
bull Scheduled functions
bull Longer running times (5 min)
bull Versioning
Recent launches
Since reInventbull Higher code storage limits (from 5 GB to
75 GB)
bull Custom VPC
bull 1-minute schedules
bull New regional launch
bull Nodejs 432
bull 1-click CORs setup
bull Stage variables
bull Custom (Lambda) authorizers
bull Builtin Swagger importexport
bull AWS CloudFormation support for API Gateway and versions
AWS Cloud Kata for Start-Ups and Developers
Function schedules The how-to guide
How can I keep a function warm (no cold starts)
Schedule it
How can I poll a queue (like SQS)
Schedule a function to read the queue
How can I get more timers
Have one scheduled function async invoke other functions
How can I get granularity finer than 1 minute
Run a background timer in your scheduled function
AWS Cloud Kata for Start-Ups and Developers
Function versioning The how-to guide
How can I get mutable configuration info
Read it (eg from DynamoDB) during function initialization
Wrap your config in a function and call it from your published code
How do I ldquoroll backrdquo in AWS Lambda
Using aliases just switch what the alias points to
(As a collection add API Gateway andor CloudFormation)
How do I do bluegreen deployments
AWS Lambda handles fleet deployments but if you want to shape
traffic put a second ldquotraffic coprdquo function in front
How can I lock a clientdevice onto an old version
Point them directly to that versionrsquos ARN
AWS Cloud Kata for Start-Ups and Developers
AWS Lambda VPC basics
All Lambda functions run in a VPC all the time
You never need to ldquoturn onrdquo security ndash itrsquos always on
You can also grant Lambda functions access to resources in your own VPC
How Add VPC subnet IDs and security group IDs to the function config
Typical uses RDB ElastiCache private EC2 endpoints
Allows access to peered VPCs VPN endpoints and private S3 endpoints
Functions configured for VPC access lose internet accesshellip
unless you have managed NAT or a NAT instance in the VPC
hellipEven if you have ldquoAuto-assign Public IPrdquo enabled
hellipEven if you have an internet gateway set up in your VPC
hellipEven if your security group allows all outbound traffic
AWS Cloud Kata for Start-Ups and Developers
AWS Lambda VPC Best practices
VPC is optional ndash donrsquot turn in on unless you need it
The ENIs used by Lambdarsquos VPC feature count against your quota
Ensure you have enough to match your peak concurrency levels (wersquoll consolidate where we can)
DO NOT delete or rename these ENIs
Ensure your subnets have enough IPs for those ENIs
Specify at least one subnet in each Availability ZoneOtherwise Lambda will obey but canrsquot be as fault-tolerant
AWS Cloud Kata for Start-Ups and Developers
Container
ECS
Cluster
Task amp Service
AWS CLI or ECS CLI
Summary
Serverless
Lambda
Use cases
Best practices
New feature
AWS Cloud Kata for Start-Ups and Developers
Hong
Kong
Thank you
AWS Cloud Kata for Start-Ups and Developers
How Lambda works
S3 event
notifications
DynamoDB
StreamsKinesis
events
Cognito
eventsSNS
events
Custom
events
CloudTrail
events LambdaDynamoDB
Kinesis S3
Any custom
Redshift
SNS
Any AWS
AWS Cloud Kata for Start-Ups and Developers
AWS Lambda API Gateway and AWS IoT
regions
Available regions
Singapore
Sydney
AWS Cloud Kata for Start-Ups and Developers
Lambda usage scenarios
AWS Cloud Kata for Start-Ups and Developers
Use case Data processing
Example Amazon S3 bucket triggers
Amazon S3 bucket events
Original objectCompressed object
1
2
3
AWS Lambda
AWS Cloud Kata for Start-Ups and Developers
Use case Dynamic data ingestion
ldquoI want to apply custom logic to process content being uploaded to my data storerdquo
bull PDF watermarking
bull Image thumbnailing and transcoding
bull Document metadata Indexing
bull Log aggregation and filtering
bull RSS feed processing
bull Media content validation
AWS Cloud Kata for Start-Ups and Developers
Use case Realtime data stream processing Amazon Kinesis
ldquoI want to apply custom logic to process logs being uploaded through my Kinesis streamrdquo
bull Client activity tracking
bull metrics generation
bull data cleansing
bull Log filtering
bull indexing and searching
bull Log routing
AWS Cloud Kata for Start-Ups and Developers
Use case mobile backend1 AWS Mobile SDK + Amazon Cognito for mobile app
Or AWS IoT for devices
2 AWS Lambda runs the code
3 Amazon API Gateway (if you want your own endpoint)
4 Amazon DynamoDB holds the data
AWS LambdaAmazon
DynamoDB
AWS Cloud Kata for Start-Ups and Developers
Use case Serverless web apps
1 Amazon S3 for serving static content
2 AWS Lambda for dynamic content
3 Amazon API Gateway for https access
4 Amazon DynamoDB for NoSQL data storage
Dynamic content
in AWS Lambda
Data stored in
Amazon
DynamoDB
API GatewayStatic content in
Amazon S3
AWS Cloud Kata for Start-Ups and Developers
Use case Alexa apps + Slack = serverless bots
Alexa tell Slack to
send ldquoIrsquom giving the
demo nowrdquo
Message retrieval through scheduled
polling
Kevin says
ldquoBreak a legrdquo
Message upload
(via Slack API)
Team
(channel users)
Slack
AWS Cloud Kata for Start-Ups and Developers
Additional scenarios
Cognito
CloudFormationLambda
Lambda
SNS Lambda
LambdaDynamoDB
AWS Cloud Kata for Start-Ups and Developers
DEMO
AWS Cloud Kata for Start-Ups and Developers
1 Image uploading service
2 Image processing service
Face wall service
Dashboard service
3 Data feed services
Input
Image
S3
S3
Output
Image
Metadata DB
App Metric
Lambda
Camera uploads photos with AWS SDK to S3
S3 triggers Lambda event
Lambda function detects faces outputs cropped
images to S3 and stores metadata in DynamoDB
Web application pulls data from face wall and
dashboard services through API gateway which
triggers Lambda function
$$ charged by
Exec time per 100ms
Storage per GB
Number of requests
ReadWrite throughput
AWS Cloud Kata for Start-Ups and Developers
Recent launches and
best practices
AWS Cloud Kata for Start-Ups and Developers
reInvent 2015
bull Python
bull Scheduled functions
bull Longer running times (5 min)
bull Versioning
Recent launches
Since reInventbull Higher code storage limits (from 5 GB to
75 GB)
bull Custom VPC
bull 1-minute schedules
bull New regional launch
bull Nodejs 432
bull 1-click CORs setup
bull Stage variables
bull Custom (Lambda) authorizers
bull Builtin Swagger importexport
bull AWS CloudFormation support for API Gateway and versions
AWS Cloud Kata for Start-Ups and Developers
Function schedules The how-to guide
How can I keep a function warm (no cold starts)
Schedule it
How can I poll a queue (like SQS)
Schedule a function to read the queue
How can I get more timers
Have one scheduled function async invoke other functions
How can I get granularity finer than 1 minute
Run a background timer in your scheduled function
AWS Cloud Kata for Start-Ups and Developers
Function versioning The how-to guide
How can I get mutable configuration info
Read it (eg from DynamoDB) during function initialization
Wrap your config in a function and call it from your published code
How do I ldquoroll backrdquo in AWS Lambda
Using aliases just switch what the alias points to
(As a collection add API Gateway andor CloudFormation)
How do I do bluegreen deployments
AWS Lambda handles fleet deployments but if you want to shape
traffic put a second ldquotraffic coprdquo function in front
How can I lock a clientdevice onto an old version
Point them directly to that versionrsquos ARN
AWS Cloud Kata for Start-Ups and Developers
AWS Lambda VPC basics
All Lambda functions run in a VPC all the time
You never need to ldquoturn onrdquo security ndash itrsquos always on
You can also grant Lambda functions access to resources in your own VPC
How Add VPC subnet IDs and security group IDs to the function config
Typical uses RDB ElastiCache private EC2 endpoints
Allows access to peered VPCs VPN endpoints and private S3 endpoints
Functions configured for VPC access lose internet accesshellip
unless you have managed NAT or a NAT instance in the VPC
hellipEven if you have ldquoAuto-assign Public IPrdquo enabled
hellipEven if you have an internet gateway set up in your VPC
hellipEven if your security group allows all outbound traffic
AWS Cloud Kata for Start-Ups and Developers
AWS Lambda VPC Best practices
VPC is optional ndash donrsquot turn in on unless you need it
The ENIs used by Lambdarsquos VPC feature count against your quota
Ensure you have enough to match your peak concurrency levels (wersquoll consolidate where we can)
DO NOT delete or rename these ENIs
Ensure your subnets have enough IPs for those ENIs
Specify at least one subnet in each Availability ZoneOtherwise Lambda will obey but canrsquot be as fault-tolerant
AWS Cloud Kata for Start-Ups and Developers
Container
ECS
Cluster
Task amp Service
AWS CLI or ECS CLI
Summary
Serverless
Lambda
Use cases
Best practices
New feature
AWS Cloud Kata for Start-Ups and Developers
Hong
Kong
Thank you
AWS Cloud Kata for Start-Ups and Developers
AWS Lambda API Gateway and AWS IoT
regions
Available regions
Singapore
Sydney
AWS Cloud Kata for Start-Ups and Developers
Lambda usage scenarios
AWS Cloud Kata for Start-Ups and Developers
Use case Data processing
Example Amazon S3 bucket triggers
Amazon S3 bucket events
Original objectCompressed object
1
2
3
AWS Lambda
AWS Cloud Kata for Start-Ups and Developers
Use case Dynamic data ingestion
ldquoI want to apply custom logic to process content being uploaded to my data storerdquo
bull PDF watermarking
bull Image thumbnailing and transcoding
bull Document metadata Indexing
bull Log aggregation and filtering
bull RSS feed processing
bull Media content validation
AWS Cloud Kata for Start-Ups and Developers
Use case Realtime data stream processing Amazon Kinesis
ldquoI want to apply custom logic to process logs being uploaded through my Kinesis streamrdquo
bull Client activity tracking
bull metrics generation
bull data cleansing
bull Log filtering
bull indexing and searching
bull Log routing
AWS Cloud Kata for Start-Ups and Developers
Use case mobile backend1 AWS Mobile SDK + Amazon Cognito for mobile app
Or AWS IoT for devices
2 AWS Lambda runs the code
3 Amazon API Gateway (if you want your own endpoint)
4 Amazon DynamoDB holds the data
AWS LambdaAmazon
DynamoDB
AWS Cloud Kata for Start-Ups and Developers
Use case Serverless web apps
1 Amazon S3 for serving static content
2 AWS Lambda for dynamic content
3 Amazon API Gateway for https access
4 Amazon DynamoDB for NoSQL data storage
Dynamic content
in AWS Lambda
Data stored in
Amazon
DynamoDB
API GatewayStatic content in
Amazon S3
AWS Cloud Kata for Start-Ups and Developers
Use case Alexa apps + Slack = serverless bots
Alexa tell Slack to
send ldquoIrsquom giving the
demo nowrdquo
Message retrieval through scheduled
polling
Kevin says
ldquoBreak a legrdquo
Message upload
(via Slack API)
Team
(channel users)
Slack
AWS Cloud Kata for Start-Ups and Developers
Additional scenarios
Cognito
CloudFormationLambda
Lambda
SNS Lambda
LambdaDynamoDB
AWS Cloud Kata for Start-Ups and Developers
DEMO
AWS Cloud Kata for Start-Ups and Developers
1 Image uploading service
2 Image processing service
Face wall service
Dashboard service
3 Data feed services
Input
Image
S3
S3
Output
Image
Metadata DB
App Metric
Lambda
Camera uploads photos with AWS SDK to S3
S3 triggers Lambda event
Lambda function detects faces outputs cropped
images to S3 and stores metadata in DynamoDB
Web application pulls data from face wall and
dashboard services through API gateway which
triggers Lambda function
$$ charged by
Exec time per 100ms
Storage per GB
Number of requests
ReadWrite throughput
AWS Cloud Kata for Start-Ups and Developers
Recent launches and
best practices
AWS Cloud Kata for Start-Ups and Developers
reInvent 2015
bull Python
bull Scheduled functions
bull Longer running times (5 min)
bull Versioning
Recent launches
Since reInventbull Higher code storage limits (from 5 GB to
75 GB)
bull Custom VPC
bull 1-minute schedules
bull New regional launch
bull Nodejs 432
bull 1-click CORs setup
bull Stage variables
bull Custom (Lambda) authorizers
bull Builtin Swagger importexport
bull AWS CloudFormation support for API Gateway and versions
AWS Cloud Kata for Start-Ups and Developers
Function schedules The how-to guide
How can I keep a function warm (no cold starts)
Schedule it
How can I poll a queue (like SQS)
Schedule a function to read the queue
How can I get more timers
Have one scheduled function async invoke other functions
How can I get granularity finer than 1 minute
Run a background timer in your scheduled function
AWS Cloud Kata for Start-Ups and Developers
Function versioning The how-to guide
How can I get mutable configuration info
Read it (eg from DynamoDB) during function initialization
Wrap your config in a function and call it from your published code
How do I ldquoroll backrdquo in AWS Lambda
Using aliases just switch what the alias points to
(As a collection add API Gateway andor CloudFormation)
How do I do bluegreen deployments
AWS Lambda handles fleet deployments but if you want to shape
traffic put a second ldquotraffic coprdquo function in front
How can I lock a clientdevice onto an old version
Point them directly to that versionrsquos ARN
AWS Cloud Kata for Start-Ups and Developers
AWS Lambda VPC basics
All Lambda functions run in a VPC all the time
You never need to ldquoturn onrdquo security ndash itrsquos always on
You can also grant Lambda functions access to resources in your own VPC
How Add VPC subnet IDs and security group IDs to the function config
Typical uses RDB ElastiCache private EC2 endpoints
Allows access to peered VPCs VPN endpoints and private S3 endpoints
Functions configured for VPC access lose internet accesshellip
unless you have managed NAT or a NAT instance in the VPC
hellipEven if you have ldquoAuto-assign Public IPrdquo enabled
hellipEven if you have an internet gateway set up in your VPC
hellipEven if your security group allows all outbound traffic
AWS Cloud Kata for Start-Ups and Developers
AWS Lambda VPC Best practices
VPC is optional ndash donrsquot turn in on unless you need it
The ENIs used by Lambdarsquos VPC feature count against your quota
Ensure you have enough to match your peak concurrency levels (wersquoll consolidate where we can)
DO NOT delete or rename these ENIs
Ensure your subnets have enough IPs for those ENIs
Specify at least one subnet in each Availability ZoneOtherwise Lambda will obey but canrsquot be as fault-tolerant
AWS Cloud Kata for Start-Ups and Developers
Container
ECS
Cluster
Task amp Service
AWS CLI or ECS CLI
Summary
Serverless
Lambda
Use cases
Best practices
New feature
AWS Cloud Kata for Start-Ups and Developers
Hong
Kong
Thank you
AWS Cloud Kata for Start-Ups and Developers
Lambda usage scenarios
AWS Cloud Kata for Start-Ups and Developers
Use case Data processing
Example Amazon S3 bucket triggers
Amazon S3 bucket events
Original objectCompressed object
1
2
3
AWS Lambda
AWS Cloud Kata for Start-Ups and Developers
Use case Dynamic data ingestion
ldquoI want to apply custom logic to process content being uploaded to my data storerdquo
bull PDF watermarking
bull Image thumbnailing and transcoding
bull Document metadata Indexing
bull Log aggregation and filtering
bull RSS feed processing
bull Media content validation
AWS Cloud Kata for Start-Ups and Developers
Use case Realtime data stream processing Amazon Kinesis
ldquoI want to apply custom logic to process logs being uploaded through my Kinesis streamrdquo
bull Client activity tracking
bull metrics generation
bull data cleansing
bull Log filtering
bull indexing and searching
bull Log routing
AWS Cloud Kata for Start-Ups and Developers
Use case mobile backend1 AWS Mobile SDK + Amazon Cognito for mobile app
Or AWS IoT for devices
2 AWS Lambda runs the code
3 Amazon API Gateway (if you want your own endpoint)
4 Amazon DynamoDB holds the data
AWS LambdaAmazon
DynamoDB
AWS Cloud Kata for Start-Ups and Developers
Use case Serverless web apps
1 Amazon S3 for serving static content
2 AWS Lambda for dynamic content
3 Amazon API Gateway for https access
4 Amazon DynamoDB for NoSQL data storage
Dynamic content
in AWS Lambda
Data stored in
Amazon
DynamoDB
API GatewayStatic content in
Amazon S3
AWS Cloud Kata for Start-Ups and Developers
Use case Alexa apps + Slack = serverless bots
Alexa tell Slack to
send ldquoIrsquom giving the
demo nowrdquo
Message retrieval through scheduled
polling
Kevin says
ldquoBreak a legrdquo
Message upload
(via Slack API)
Team
(channel users)
Slack
AWS Cloud Kata for Start-Ups and Developers
Additional scenarios
Cognito
CloudFormationLambda
Lambda
SNS Lambda
LambdaDynamoDB
AWS Cloud Kata for Start-Ups and Developers
DEMO
AWS Cloud Kata for Start-Ups and Developers
1 Image uploading service
2 Image processing service
Face wall service
Dashboard service
3 Data feed services
Input
Image
S3
S3
Output
Image
Metadata DB
App Metric
Lambda
Camera uploads photos with AWS SDK to S3
S3 triggers Lambda event
Lambda function detects faces outputs cropped
images to S3 and stores metadata in DynamoDB
Web application pulls data from face wall and
dashboard services through API gateway which
triggers Lambda function
$$ charged by
Exec time per 100ms
Storage per GB
Number of requests
ReadWrite throughput
AWS Cloud Kata for Start-Ups and Developers
Recent launches and
best practices
AWS Cloud Kata for Start-Ups and Developers
reInvent 2015
bull Python
bull Scheduled functions
bull Longer running times (5 min)
bull Versioning
Recent launches
Since reInventbull Higher code storage limits (from 5 GB to
75 GB)
bull Custom VPC
bull 1-minute schedules
bull New regional launch
bull Nodejs 432
bull 1-click CORs setup
bull Stage variables
bull Custom (Lambda) authorizers
bull Builtin Swagger importexport
bull AWS CloudFormation support for API Gateway and versions
AWS Cloud Kata for Start-Ups and Developers
Function schedules The how-to guide
How can I keep a function warm (no cold starts)
Schedule it
How can I poll a queue (like SQS)
Schedule a function to read the queue
How can I get more timers
Have one scheduled function async invoke other functions
How can I get granularity finer than 1 minute
Run a background timer in your scheduled function
AWS Cloud Kata for Start-Ups and Developers
Function versioning The how-to guide
How can I get mutable configuration info
Read it (eg from DynamoDB) during function initialization
Wrap your config in a function and call it from your published code
How do I ldquoroll backrdquo in AWS Lambda
Using aliases just switch what the alias points to
(As a collection add API Gateway andor CloudFormation)
How do I do bluegreen deployments
AWS Lambda handles fleet deployments but if you want to shape
traffic put a second ldquotraffic coprdquo function in front
How can I lock a clientdevice onto an old version
Point them directly to that versionrsquos ARN
AWS Cloud Kata for Start-Ups and Developers
AWS Lambda VPC basics
All Lambda functions run in a VPC all the time
You never need to ldquoturn onrdquo security ndash itrsquos always on
You can also grant Lambda functions access to resources in your own VPC
How Add VPC subnet IDs and security group IDs to the function config
Typical uses RDB ElastiCache private EC2 endpoints
Allows access to peered VPCs VPN endpoints and private S3 endpoints
Functions configured for VPC access lose internet accesshellip
unless you have managed NAT or a NAT instance in the VPC
hellipEven if you have ldquoAuto-assign Public IPrdquo enabled
hellipEven if you have an internet gateway set up in your VPC
hellipEven if your security group allows all outbound traffic
AWS Cloud Kata for Start-Ups and Developers
AWS Lambda VPC Best practices
VPC is optional ndash donrsquot turn in on unless you need it
The ENIs used by Lambdarsquos VPC feature count against your quota
Ensure you have enough to match your peak concurrency levels (wersquoll consolidate where we can)
DO NOT delete or rename these ENIs
Ensure your subnets have enough IPs for those ENIs
Specify at least one subnet in each Availability ZoneOtherwise Lambda will obey but canrsquot be as fault-tolerant
AWS Cloud Kata for Start-Ups and Developers
Container
ECS
Cluster
Task amp Service
AWS CLI or ECS CLI
Summary
Serverless
Lambda
Use cases
Best practices
New feature
AWS Cloud Kata for Start-Ups and Developers
Hong
Kong
Thank you
AWS Cloud Kata for Start-Ups and Developers
Use case Data processing
Example Amazon S3 bucket triggers
Amazon S3 bucket events
Original objectCompressed object
1
2
3
AWS Lambda
AWS Cloud Kata for Start-Ups and Developers
Use case Dynamic data ingestion
ldquoI want to apply custom logic to process content being uploaded to my data storerdquo
bull PDF watermarking
bull Image thumbnailing and transcoding
bull Document metadata Indexing
bull Log aggregation and filtering
bull RSS feed processing
bull Media content validation
AWS Cloud Kata for Start-Ups and Developers
Use case Realtime data stream processing Amazon Kinesis
ldquoI want to apply custom logic to process logs being uploaded through my Kinesis streamrdquo
bull Client activity tracking
bull metrics generation
bull data cleansing
bull Log filtering
bull indexing and searching
bull Log routing
AWS Cloud Kata for Start-Ups and Developers
Use case mobile backend1 AWS Mobile SDK + Amazon Cognito for mobile app
Or AWS IoT for devices
2 AWS Lambda runs the code
3 Amazon API Gateway (if you want your own endpoint)
4 Amazon DynamoDB holds the data
AWS LambdaAmazon
DynamoDB
AWS Cloud Kata for Start-Ups and Developers
Use case Serverless web apps
1 Amazon S3 for serving static content
2 AWS Lambda for dynamic content
3 Amazon API Gateway for https access
4 Amazon DynamoDB for NoSQL data storage
Dynamic content
in AWS Lambda
Data stored in
Amazon
DynamoDB
API GatewayStatic content in
Amazon S3
AWS Cloud Kata for Start-Ups and Developers
Use case Alexa apps + Slack = serverless bots
Alexa tell Slack to
send ldquoIrsquom giving the
demo nowrdquo
Message retrieval through scheduled
polling
Kevin says
ldquoBreak a legrdquo
Message upload
(via Slack API)
Team
(channel users)
Slack
AWS Cloud Kata for Start-Ups and Developers
Additional scenarios
Cognito
CloudFormationLambda
Lambda
SNS Lambda
LambdaDynamoDB
AWS Cloud Kata for Start-Ups and Developers
DEMO
AWS Cloud Kata for Start-Ups and Developers
1 Image uploading service
2 Image processing service
Face wall service
Dashboard service
3 Data feed services
Input
Image
S3
S3
Output
Image
Metadata DB
App Metric
Lambda
Camera uploads photos with AWS SDK to S3
S3 triggers Lambda event
Lambda function detects faces outputs cropped
images to S3 and stores metadata in DynamoDB
Web application pulls data from face wall and
dashboard services through API gateway which
triggers Lambda function
$$ charged by
Exec time per 100ms
Storage per GB
Number of requests
ReadWrite throughput
AWS Cloud Kata for Start-Ups and Developers
Recent launches and
best practices
AWS Cloud Kata for Start-Ups and Developers
reInvent 2015
bull Python
bull Scheduled functions
bull Longer running times (5 min)
bull Versioning
Recent launches
Since reInventbull Higher code storage limits (from 5 GB to
75 GB)
bull Custom VPC
bull 1-minute schedules
bull New regional launch
bull Nodejs 432
bull 1-click CORs setup
bull Stage variables
bull Custom (Lambda) authorizers
bull Builtin Swagger importexport
bull AWS CloudFormation support for API Gateway and versions
AWS Cloud Kata for Start-Ups and Developers
Function schedules The how-to guide
How can I keep a function warm (no cold starts)
Schedule it
How can I poll a queue (like SQS)
Schedule a function to read the queue
How can I get more timers
Have one scheduled function async invoke other functions
How can I get granularity finer than 1 minute
Run a background timer in your scheduled function
AWS Cloud Kata for Start-Ups and Developers
Function versioning The how-to guide
How can I get mutable configuration info
Read it (eg from DynamoDB) during function initialization
Wrap your config in a function and call it from your published code
How do I ldquoroll backrdquo in AWS Lambda
Using aliases just switch what the alias points to
(As a collection add API Gateway andor CloudFormation)
How do I do bluegreen deployments
AWS Lambda handles fleet deployments but if you want to shape
traffic put a second ldquotraffic coprdquo function in front
How can I lock a clientdevice onto an old version
Point them directly to that versionrsquos ARN
AWS Cloud Kata for Start-Ups and Developers
AWS Lambda VPC basics
All Lambda functions run in a VPC all the time
You never need to ldquoturn onrdquo security ndash itrsquos always on
You can also grant Lambda functions access to resources in your own VPC
How Add VPC subnet IDs and security group IDs to the function config
Typical uses RDB ElastiCache private EC2 endpoints
Allows access to peered VPCs VPN endpoints and private S3 endpoints
Functions configured for VPC access lose internet accesshellip
unless you have managed NAT or a NAT instance in the VPC
hellipEven if you have ldquoAuto-assign Public IPrdquo enabled
hellipEven if you have an internet gateway set up in your VPC
hellipEven if your security group allows all outbound traffic
AWS Cloud Kata for Start-Ups and Developers
AWS Lambda VPC Best practices
VPC is optional ndash donrsquot turn in on unless you need it
The ENIs used by Lambdarsquos VPC feature count against your quota
Ensure you have enough to match your peak concurrency levels (wersquoll consolidate where we can)
DO NOT delete or rename these ENIs
Ensure your subnets have enough IPs for those ENIs
Specify at least one subnet in each Availability ZoneOtherwise Lambda will obey but canrsquot be as fault-tolerant
AWS Cloud Kata for Start-Ups and Developers
Container
ECS
Cluster
Task amp Service
AWS CLI or ECS CLI
Summary
Serverless
Lambda
Use cases
Best practices
New feature
AWS Cloud Kata for Start-Ups and Developers
Hong
Kong
Thank you
AWS Cloud Kata for Start-Ups and Developers
Use case Dynamic data ingestion
ldquoI want to apply custom logic to process content being uploaded to my data storerdquo
bull PDF watermarking
bull Image thumbnailing and transcoding
bull Document metadata Indexing
bull Log aggregation and filtering
bull RSS feed processing
bull Media content validation
AWS Cloud Kata for Start-Ups and Developers
Use case Realtime data stream processing Amazon Kinesis
ldquoI want to apply custom logic to process logs being uploaded through my Kinesis streamrdquo
bull Client activity tracking
bull metrics generation
bull data cleansing
bull Log filtering
bull indexing and searching
bull Log routing
AWS Cloud Kata for Start-Ups and Developers
Use case mobile backend1 AWS Mobile SDK + Amazon Cognito for mobile app
Or AWS IoT for devices
2 AWS Lambda runs the code
3 Amazon API Gateway (if you want your own endpoint)
4 Amazon DynamoDB holds the data
AWS LambdaAmazon
DynamoDB
AWS Cloud Kata for Start-Ups and Developers
Use case Serverless web apps
1 Amazon S3 for serving static content
2 AWS Lambda for dynamic content
3 Amazon API Gateway for https access
4 Amazon DynamoDB for NoSQL data storage
Dynamic content
in AWS Lambda
Data stored in
Amazon
DynamoDB
API GatewayStatic content in
Amazon S3
AWS Cloud Kata for Start-Ups and Developers
Use case Alexa apps + Slack = serverless bots
Alexa tell Slack to
send ldquoIrsquom giving the
demo nowrdquo
Message retrieval through scheduled
polling
Kevin says
ldquoBreak a legrdquo
Message upload
(via Slack API)
Team
(channel users)
Slack
AWS Cloud Kata for Start-Ups and Developers
Additional scenarios
Cognito
CloudFormationLambda
Lambda
SNS Lambda
LambdaDynamoDB
AWS Cloud Kata for Start-Ups and Developers
DEMO
AWS Cloud Kata for Start-Ups and Developers
1 Image uploading service
2 Image processing service
Face wall service
Dashboard service
3 Data feed services
Input
Image
S3
S3
Output
Image
Metadata DB
App Metric
Lambda
Camera uploads photos with AWS SDK to S3
S3 triggers Lambda event
Lambda function detects faces outputs cropped
images to S3 and stores metadata in DynamoDB
Web application pulls data from face wall and
dashboard services through API gateway which
triggers Lambda function
$$ charged by
Exec time per 100ms
Storage per GB
Number of requests
ReadWrite throughput
AWS Cloud Kata for Start-Ups and Developers
Recent launches and
best practices
AWS Cloud Kata for Start-Ups and Developers
reInvent 2015
bull Python
bull Scheduled functions
bull Longer running times (5 min)
bull Versioning
Recent launches
Since reInventbull Higher code storage limits (from 5 GB to
75 GB)
bull Custom VPC
bull 1-minute schedules
bull New regional launch
bull Nodejs 432
bull 1-click CORs setup
bull Stage variables
bull Custom (Lambda) authorizers
bull Builtin Swagger importexport
bull AWS CloudFormation support for API Gateway and versions
AWS Cloud Kata for Start-Ups and Developers
Function schedules The how-to guide
How can I keep a function warm (no cold starts)
Schedule it
How can I poll a queue (like SQS)
Schedule a function to read the queue
How can I get more timers
Have one scheduled function async invoke other functions
How can I get granularity finer than 1 minute
Run a background timer in your scheduled function
AWS Cloud Kata for Start-Ups and Developers
Function versioning The how-to guide
How can I get mutable configuration info
Read it (eg from DynamoDB) during function initialization
Wrap your config in a function and call it from your published code
How do I ldquoroll backrdquo in AWS Lambda
Using aliases just switch what the alias points to
(As a collection add API Gateway andor CloudFormation)
How do I do bluegreen deployments
AWS Lambda handles fleet deployments but if you want to shape
traffic put a second ldquotraffic coprdquo function in front
How can I lock a clientdevice onto an old version
Point them directly to that versionrsquos ARN
AWS Cloud Kata for Start-Ups and Developers
AWS Lambda VPC basics
All Lambda functions run in a VPC all the time
You never need to ldquoturn onrdquo security ndash itrsquos always on
You can also grant Lambda functions access to resources in your own VPC
How Add VPC subnet IDs and security group IDs to the function config
Typical uses RDB ElastiCache private EC2 endpoints
Allows access to peered VPCs VPN endpoints and private S3 endpoints
Functions configured for VPC access lose internet accesshellip
unless you have managed NAT or a NAT instance in the VPC
hellipEven if you have ldquoAuto-assign Public IPrdquo enabled
hellipEven if you have an internet gateway set up in your VPC
hellipEven if your security group allows all outbound traffic
AWS Cloud Kata for Start-Ups and Developers
AWS Lambda VPC Best practices
VPC is optional ndash donrsquot turn in on unless you need it
The ENIs used by Lambdarsquos VPC feature count against your quota
Ensure you have enough to match your peak concurrency levels (wersquoll consolidate where we can)
DO NOT delete or rename these ENIs
Ensure your subnets have enough IPs for those ENIs
Specify at least one subnet in each Availability ZoneOtherwise Lambda will obey but canrsquot be as fault-tolerant
AWS Cloud Kata for Start-Ups and Developers
Container
ECS
Cluster
Task amp Service
AWS CLI or ECS CLI
Summary
Serverless
Lambda
Use cases
Best practices
New feature
AWS Cloud Kata for Start-Ups and Developers
Hong
Kong
Thank you
AWS Cloud Kata for Start-Ups and Developers
Use case Realtime data stream processing Amazon Kinesis
ldquoI want to apply custom logic to process logs being uploaded through my Kinesis streamrdquo
bull Client activity tracking
bull metrics generation
bull data cleansing
bull Log filtering
bull indexing and searching
bull Log routing
AWS Cloud Kata for Start-Ups and Developers
Use case mobile backend1 AWS Mobile SDK + Amazon Cognito for mobile app
Or AWS IoT for devices
2 AWS Lambda runs the code
3 Amazon API Gateway (if you want your own endpoint)
4 Amazon DynamoDB holds the data
AWS LambdaAmazon
DynamoDB
AWS Cloud Kata for Start-Ups and Developers
Use case Serverless web apps
1 Amazon S3 for serving static content
2 AWS Lambda for dynamic content
3 Amazon API Gateway for https access
4 Amazon DynamoDB for NoSQL data storage
Dynamic content
in AWS Lambda
Data stored in
Amazon
DynamoDB
API GatewayStatic content in
Amazon S3
AWS Cloud Kata for Start-Ups and Developers
Use case Alexa apps + Slack = serverless bots
Alexa tell Slack to
send ldquoIrsquom giving the
demo nowrdquo
Message retrieval through scheduled
polling
Kevin says
ldquoBreak a legrdquo
Message upload
(via Slack API)
Team
(channel users)
Slack
AWS Cloud Kata for Start-Ups and Developers
Additional scenarios
Cognito
CloudFormationLambda
Lambda
SNS Lambda
LambdaDynamoDB
AWS Cloud Kata for Start-Ups and Developers
DEMO
AWS Cloud Kata for Start-Ups and Developers
1 Image uploading service
2 Image processing service
Face wall service
Dashboard service
3 Data feed services
Input
Image
S3
S3
Output
Image
Metadata DB
App Metric
Lambda
Camera uploads photos with AWS SDK to S3
S3 triggers Lambda event
Lambda function detects faces outputs cropped
images to S3 and stores metadata in DynamoDB
Web application pulls data from face wall and
dashboard services through API gateway which
triggers Lambda function
$$ charged by
Exec time per 100ms
Storage per GB
Number of requests
ReadWrite throughput
AWS Cloud Kata for Start-Ups and Developers
Recent launches and
best practices
AWS Cloud Kata for Start-Ups and Developers
reInvent 2015
bull Python
bull Scheduled functions
bull Longer running times (5 min)
bull Versioning
Recent launches
Since reInventbull Higher code storage limits (from 5 GB to
75 GB)
bull Custom VPC
bull 1-minute schedules
bull New regional launch
bull Nodejs 432
bull 1-click CORs setup
bull Stage variables
bull Custom (Lambda) authorizers
bull Builtin Swagger importexport
bull AWS CloudFormation support for API Gateway and versions
AWS Cloud Kata for Start-Ups and Developers
Function schedules The how-to guide
How can I keep a function warm (no cold starts)
Schedule it
How can I poll a queue (like SQS)
Schedule a function to read the queue
How can I get more timers
Have one scheduled function async invoke other functions
How can I get granularity finer than 1 minute
Run a background timer in your scheduled function
AWS Cloud Kata for Start-Ups and Developers
Function versioning The how-to guide
How can I get mutable configuration info
Read it (eg from DynamoDB) during function initialization
Wrap your config in a function and call it from your published code
How do I ldquoroll backrdquo in AWS Lambda
Using aliases just switch what the alias points to
(As a collection add API Gateway andor CloudFormation)
How do I do bluegreen deployments
AWS Lambda handles fleet deployments but if you want to shape
traffic put a second ldquotraffic coprdquo function in front
How can I lock a clientdevice onto an old version
Point them directly to that versionrsquos ARN
AWS Cloud Kata for Start-Ups and Developers
AWS Lambda VPC basics
All Lambda functions run in a VPC all the time
You never need to ldquoturn onrdquo security ndash itrsquos always on
You can also grant Lambda functions access to resources in your own VPC
How Add VPC subnet IDs and security group IDs to the function config
Typical uses RDB ElastiCache private EC2 endpoints
Allows access to peered VPCs VPN endpoints and private S3 endpoints
Functions configured for VPC access lose internet accesshellip
unless you have managed NAT or a NAT instance in the VPC
hellipEven if you have ldquoAuto-assign Public IPrdquo enabled
hellipEven if you have an internet gateway set up in your VPC
hellipEven if your security group allows all outbound traffic
AWS Cloud Kata for Start-Ups and Developers
AWS Lambda VPC Best practices
VPC is optional ndash donrsquot turn in on unless you need it
The ENIs used by Lambdarsquos VPC feature count against your quota
Ensure you have enough to match your peak concurrency levels (wersquoll consolidate where we can)
DO NOT delete or rename these ENIs
Ensure your subnets have enough IPs for those ENIs
Specify at least one subnet in each Availability ZoneOtherwise Lambda will obey but canrsquot be as fault-tolerant
AWS Cloud Kata for Start-Ups and Developers
Container
ECS
Cluster
Task amp Service
AWS CLI or ECS CLI
Summary
Serverless
Lambda
Use cases
Best practices
New feature
AWS Cloud Kata for Start-Ups and Developers
Hong
Kong
Thank you
AWS Cloud Kata for Start-Ups and Developers
Use case mobile backend1 AWS Mobile SDK + Amazon Cognito for mobile app
Or AWS IoT for devices
2 AWS Lambda runs the code
3 Amazon API Gateway (if you want your own endpoint)
4 Amazon DynamoDB holds the data
AWS LambdaAmazon
DynamoDB
AWS Cloud Kata for Start-Ups and Developers
Use case Serverless web apps
1 Amazon S3 for serving static content
2 AWS Lambda for dynamic content
3 Amazon API Gateway for https access
4 Amazon DynamoDB for NoSQL data storage
Dynamic content
in AWS Lambda
Data stored in
Amazon
DynamoDB
API GatewayStatic content in
Amazon S3
AWS Cloud Kata for Start-Ups and Developers
Use case Alexa apps + Slack = serverless bots
Alexa tell Slack to
send ldquoIrsquom giving the
demo nowrdquo
Message retrieval through scheduled
polling
Kevin says
ldquoBreak a legrdquo
Message upload
(via Slack API)
Team
(channel users)
Slack
AWS Cloud Kata for Start-Ups and Developers
Additional scenarios
Cognito
CloudFormationLambda
Lambda
SNS Lambda
LambdaDynamoDB
AWS Cloud Kata for Start-Ups and Developers
DEMO
AWS Cloud Kata for Start-Ups and Developers
1 Image uploading service
2 Image processing service
Face wall service
Dashboard service
3 Data feed services
Input
Image
S3
S3
Output
Image
Metadata DB
App Metric
Lambda
Camera uploads photos with AWS SDK to S3
S3 triggers Lambda event
Lambda function detects faces outputs cropped
images to S3 and stores metadata in DynamoDB
Web application pulls data from face wall and
dashboard services through API gateway which
triggers Lambda function
$$ charged by
Exec time per 100ms
Storage per GB
Number of requests
ReadWrite throughput
AWS Cloud Kata for Start-Ups and Developers
Recent launches and
best practices
AWS Cloud Kata for Start-Ups and Developers
reInvent 2015
bull Python
bull Scheduled functions
bull Longer running times (5 min)
bull Versioning
Recent launches
Since reInventbull Higher code storage limits (from 5 GB to
75 GB)
bull Custom VPC
bull 1-minute schedules
bull New regional launch
bull Nodejs 432
bull 1-click CORs setup
bull Stage variables
bull Custom (Lambda) authorizers
bull Builtin Swagger importexport
bull AWS CloudFormation support for API Gateway and versions
AWS Cloud Kata for Start-Ups and Developers
Function schedules The how-to guide
How can I keep a function warm (no cold starts)
Schedule it
How can I poll a queue (like SQS)
Schedule a function to read the queue
How can I get more timers
Have one scheduled function async invoke other functions
How can I get granularity finer than 1 minute
Run a background timer in your scheduled function
AWS Cloud Kata for Start-Ups and Developers
Function versioning The how-to guide
How can I get mutable configuration info
Read it (eg from DynamoDB) during function initialization
Wrap your config in a function and call it from your published code
How do I ldquoroll backrdquo in AWS Lambda
Using aliases just switch what the alias points to
(As a collection add API Gateway andor CloudFormation)
How do I do bluegreen deployments
AWS Lambda handles fleet deployments but if you want to shape
traffic put a second ldquotraffic coprdquo function in front
How can I lock a clientdevice onto an old version
Point them directly to that versionrsquos ARN
AWS Cloud Kata for Start-Ups and Developers
AWS Lambda VPC basics
All Lambda functions run in a VPC all the time
You never need to ldquoturn onrdquo security ndash itrsquos always on
You can also grant Lambda functions access to resources in your own VPC
How Add VPC subnet IDs and security group IDs to the function config
Typical uses RDB ElastiCache private EC2 endpoints
Allows access to peered VPCs VPN endpoints and private S3 endpoints
Functions configured for VPC access lose internet accesshellip
unless you have managed NAT or a NAT instance in the VPC
hellipEven if you have ldquoAuto-assign Public IPrdquo enabled
hellipEven if you have an internet gateway set up in your VPC
hellipEven if your security group allows all outbound traffic
AWS Cloud Kata for Start-Ups and Developers
AWS Lambda VPC Best practices
VPC is optional ndash donrsquot turn in on unless you need it
The ENIs used by Lambdarsquos VPC feature count against your quota
Ensure you have enough to match your peak concurrency levels (wersquoll consolidate where we can)
DO NOT delete or rename these ENIs
Ensure your subnets have enough IPs for those ENIs
Specify at least one subnet in each Availability ZoneOtherwise Lambda will obey but canrsquot be as fault-tolerant
AWS Cloud Kata for Start-Ups and Developers
Container
ECS
Cluster
Task amp Service
AWS CLI or ECS CLI
Summary
Serverless
Lambda
Use cases
Best practices
New feature
AWS Cloud Kata for Start-Ups and Developers
Hong
Kong
Thank you
AWS Cloud Kata for Start-Ups and Developers
Use case Serverless web apps
1 Amazon S3 for serving static content
2 AWS Lambda for dynamic content
3 Amazon API Gateway for https access
4 Amazon DynamoDB for NoSQL data storage
Dynamic content
in AWS Lambda
Data stored in
Amazon
DynamoDB
API GatewayStatic content in
Amazon S3
AWS Cloud Kata for Start-Ups and Developers
Use case Alexa apps + Slack = serverless bots
Alexa tell Slack to
send ldquoIrsquom giving the
demo nowrdquo
Message retrieval through scheduled
polling
Kevin says
ldquoBreak a legrdquo
Message upload
(via Slack API)
Team
(channel users)
Slack
AWS Cloud Kata for Start-Ups and Developers
Additional scenarios
Cognito
CloudFormationLambda
Lambda
SNS Lambda
LambdaDynamoDB
AWS Cloud Kata for Start-Ups and Developers
DEMO
AWS Cloud Kata for Start-Ups and Developers
1 Image uploading service
2 Image processing service
Face wall service
Dashboard service
3 Data feed services
Input
Image
S3
S3
Output
Image
Metadata DB
App Metric
Lambda
Camera uploads photos with AWS SDK to S3
S3 triggers Lambda event
Lambda function detects faces outputs cropped
images to S3 and stores metadata in DynamoDB
Web application pulls data from face wall and
dashboard services through API gateway which
triggers Lambda function
$$ charged by
Exec time per 100ms
Storage per GB
Number of requests
ReadWrite throughput
AWS Cloud Kata for Start-Ups and Developers
Recent launches and
best practices
AWS Cloud Kata for Start-Ups and Developers
reInvent 2015
bull Python
bull Scheduled functions
bull Longer running times (5 min)
bull Versioning
Recent launches
Since reInventbull Higher code storage limits (from 5 GB to
75 GB)
bull Custom VPC
bull 1-minute schedules
bull New regional launch
bull Nodejs 432
bull 1-click CORs setup
bull Stage variables
bull Custom (Lambda) authorizers
bull Builtin Swagger importexport
bull AWS CloudFormation support for API Gateway and versions
AWS Cloud Kata for Start-Ups and Developers
Function schedules The how-to guide
How can I keep a function warm (no cold starts)
Schedule it
How can I poll a queue (like SQS)
Schedule a function to read the queue
How can I get more timers
Have one scheduled function async invoke other functions
How can I get granularity finer than 1 minute
Run a background timer in your scheduled function
AWS Cloud Kata for Start-Ups and Developers
Function versioning The how-to guide
How can I get mutable configuration info
Read it (eg from DynamoDB) during function initialization
Wrap your config in a function and call it from your published code
How do I ldquoroll backrdquo in AWS Lambda
Using aliases just switch what the alias points to
(As a collection add API Gateway andor CloudFormation)
How do I do bluegreen deployments
AWS Lambda handles fleet deployments but if you want to shape
traffic put a second ldquotraffic coprdquo function in front
How can I lock a clientdevice onto an old version
Point them directly to that versionrsquos ARN
AWS Cloud Kata for Start-Ups and Developers
AWS Lambda VPC basics
All Lambda functions run in a VPC all the time
You never need to ldquoturn onrdquo security ndash itrsquos always on
You can also grant Lambda functions access to resources in your own VPC
How Add VPC subnet IDs and security group IDs to the function config
Typical uses RDB ElastiCache private EC2 endpoints
Allows access to peered VPCs VPN endpoints and private S3 endpoints
Functions configured for VPC access lose internet accesshellip
unless you have managed NAT or a NAT instance in the VPC
hellipEven if you have ldquoAuto-assign Public IPrdquo enabled
hellipEven if you have an internet gateway set up in your VPC
hellipEven if your security group allows all outbound traffic
AWS Cloud Kata for Start-Ups and Developers
AWS Lambda VPC Best practices
VPC is optional ndash donrsquot turn in on unless you need it
The ENIs used by Lambdarsquos VPC feature count against your quota
Ensure you have enough to match your peak concurrency levels (wersquoll consolidate where we can)
DO NOT delete or rename these ENIs
Ensure your subnets have enough IPs for those ENIs
Specify at least one subnet in each Availability ZoneOtherwise Lambda will obey but canrsquot be as fault-tolerant
AWS Cloud Kata for Start-Ups and Developers
Container
ECS
Cluster
Task amp Service
AWS CLI or ECS CLI
Summary
Serverless
Lambda
Use cases
Best practices
New feature
AWS Cloud Kata for Start-Ups and Developers
Hong
Kong
Thank you
AWS Cloud Kata for Start-Ups and Developers
Use case Alexa apps + Slack = serverless bots
Alexa tell Slack to
send ldquoIrsquom giving the
demo nowrdquo
Message retrieval through scheduled
polling
Kevin says
ldquoBreak a legrdquo
Message upload
(via Slack API)
Team
(channel users)
Slack
AWS Cloud Kata for Start-Ups and Developers
Additional scenarios
Cognito
CloudFormationLambda
Lambda
SNS Lambda
LambdaDynamoDB
AWS Cloud Kata for Start-Ups and Developers
DEMO
AWS Cloud Kata for Start-Ups and Developers
1 Image uploading service
2 Image processing service
Face wall service
Dashboard service
3 Data feed services
Input
Image
S3
S3
Output
Image
Metadata DB
App Metric
Lambda
Camera uploads photos with AWS SDK to S3
S3 triggers Lambda event
Lambda function detects faces outputs cropped
images to S3 and stores metadata in DynamoDB
Web application pulls data from face wall and
dashboard services through API gateway which
triggers Lambda function
$$ charged by
Exec time per 100ms
Storage per GB
Number of requests
ReadWrite throughput
AWS Cloud Kata for Start-Ups and Developers
Recent launches and
best practices
AWS Cloud Kata for Start-Ups and Developers
reInvent 2015
bull Python
bull Scheduled functions
bull Longer running times (5 min)
bull Versioning
Recent launches
Since reInventbull Higher code storage limits (from 5 GB to
75 GB)
bull Custom VPC
bull 1-minute schedules
bull New regional launch
bull Nodejs 432
bull 1-click CORs setup
bull Stage variables
bull Custom (Lambda) authorizers
bull Builtin Swagger importexport
bull AWS CloudFormation support for API Gateway and versions
AWS Cloud Kata for Start-Ups and Developers
Function schedules The how-to guide
How can I keep a function warm (no cold starts)
Schedule it
How can I poll a queue (like SQS)
Schedule a function to read the queue
How can I get more timers
Have one scheduled function async invoke other functions
How can I get granularity finer than 1 minute
Run a background timer in your scheduled function
AWS Cloud Kata for Start-Ups and Developers
Function versioning The how-to guide
How can I get mutable configuration info
Read it (eg from DynamoDB) during function initialization
Wrap your config in a function and call it from your published code
How do I ldquoroll backrdquo in AWS Lambda
Using aliases just switch what the alias points to
(As a collection add API Gateway andor CloudFormation)
How do I do bluegreen deployments
AWS Lambda handles fleet deployments but if you want to shape
traffic put a second ldquotraffic coprdquo function in front
How can I lock a clientdevice onto an old version
Point them directly to that versionrsquos ARN
AWS Cloud Kata for Start-Ups and Developers
AWS Lambda VPC basics
All Lambda functions run in a VPC all the time
You never need to ldquoturn onrdquo security ndash itrsquos always on
You can also grant Lambda functions access to resources in your own VPC
How Add VPC subnet IDs and security group IDs to the function config
Typical uses RDB ElastiCache private EC2 endpoints
Allows access to peered VPCs VPN endpoints and private S3 endpoints
Functions configured for VPC access lose internet accesshellip
unless you have managed NAT or a NAT instance in the VPC
hellipEven if you have ldquoAuto-assign Public IPrdquo enabled
hellipEven if you have an internet gateway set up in your VPC
hellipEven if your security group allows all outbound traffic
AWS Cloud Kata for Start-Ups and Developers
AWS Lambda VPC Best practices
VPC is optional ndash donrsquot turn in on unless you need it
The ENIs used by Lambdarsquos VPC feature count against your quota
Ensure you have enough to match your peak concurrency levels (wersquoll consolidate where we can)
DO NOT delete or rename these ENIs
Ensure your subnets have enough IPs for those ENIs
Specify at least one subnet in each Availability ZoneOtherwise Lambda will obey but canrsquot be as fault-tolerant
AWS Cloud Kata for Start-Ups and Developers
Container
ECS
Cluster
Task amp Service
AWS CLI or ECS CLI
Summary
Serverless
Lambda
Use cases
Best practices
New feature
AWS Cloud Kata for Start-Ups and Developers
Hong
Kong
Thank you
AWS Cloud Kata for Start-Ups and Developers
Additional scenarios
Cognito
CloudFormationLambda
Lambda
SNS Lambda
LambdaDynamoDB
AWS Cloud Kata for Start-Ups and Developers
DEMO
AWS Cloud Kata for Start-Ups and Developers
1 Image uploading service
2 Image processing service
Face wall service
Dashboard service
3 Data feed services
Input
Image
S3
S3
Output
Image
Metadata DB
App Metric
Lambda
Camera uploads photos with AWS SDK to S3
S3 triggers Lambda event
Lambda function detects faces outputs cropped
images to S3 and stores metadata in DynamoDB
Web application pulls data from face wall and
dashboard services through API gateway which
triggers Lambda function
$$ charged by
Exec time per 100ms
Storage per GB
Number of requests
ReadWrite throughput
AWS Cloud Kata for Start-Ups and Developers
Recent launches and
best practices
AWS Cloud Kata for Start-Ups and Developers
reInvent 2015
bull Python
bull Scheduled functions
bull Longer running times (5 min)
bull Versioning
Recent launches
Since reInventbull Higher code storage limits (from 5 GB to
75 GB)
bull Custom VPC
bull 1-minute schedules
bull New regional launch
bull Nodejs 432
bull 1-click CORs setup
bull Stage variables
bull Custom (Lambda) authorizers
bull Builtin Swagger importexport
bull AWS CloudFormation support for API Gateway and versions
AWS Cloud Kata for Start-Ups and Developers
Function schedules The how-to guide
How can I keep a function warm (no cold starts)
Schedule it
How can I poll a queue (like SQS)
Schedule a function to read the queue
How can I get more timers
Have one scheduled function async invoke other functions
How can I get granularity finer than 1 minute
Run a background timer in your scheduled function
AWS Cloud Kata for Start-Ups and Developers
Function versioning The how-to guide
How can I get mutable configuration info
Read it (eg from DynamoDB) during function initialization
Wrap your config in a function and call it from your published code
How do I ldquoroll backrdquo in AWS Lambda
Using aliases just switch what the alias points to
(As a collection add API Gateway andor CloudFormation)
How do I do bluegreen deployments
AWS Lambda handles fleet deployments but if you want to shape
traffic put a second ldquotraffic coprdquo function in front
How can I lock a clientdevice onto an old version
Point them directly to that versionrsquos ARN
AWS Cloud Kata for Start-Ups and Developers
AWS Lambda VPC basics
All Lambda functions run in a VPC all the time
You never need to ldquoturn onrdquo security ndash itrsquos always on
You can also grant Lambda functions access to resources in your own VPC
How Add VPC subnet IDs and security group IDs to the function config
Typical uses RDB ElastiCache private EC2 endpoints
Allows access to peered VPCs VPN endpoints and private S3 endpoints
Functions configured for VPC access lose internet accesshellip
unless you have managed NAT or a NAT instance in the VPC
hellipEven if you have ldquoAuto-assign Public IPrdquo enabled
hellipEven if you have an internet gateway set up in your VPC
hellipEven if your security group allows all outbound traffic
AWS Cloud Kata for Start-Ups and Developers
AWS Lambda VPC Best practices
VPC is optional ndash donrsquot turn in on unless you need it
The ENIs used by Lambdarsquos VPC feature count against your quota
Ensure you have enough to match your peak concurrency levels (wersquoll consolidate where we can)
DO NOT delete or rename these ENIs
Ensure your subnets have enough IPs for those ENIs
Specify at least one subnet in each Availability ZoneOtherwise Lambda will obey but canrsquot be as fault-tolerant
AWS Cloud Kata for Start-Ups and Developers
Container
ECS
Cluster
Task amp Service
AWS CLI or ECS CLI
Summary
Serverless
Lambda
Use cases
Best practices
New feature
AWS Cloud Kata for Start-Ups and Developers
Hong
Kong
Thank you
AWS Cloud Kata for Start-Ups and Developers
DEMO
AWS Cloud Kata for Start-Ups and Developers
1 Image uploading service
2 Image processing service
Face wall service
Dashboard service
3 Data feed services
Input
Image
S3
S3
Output
Image
Metadata DB
App Metric
Lambda
Camera uploads photos with AWS SDK to S3
S3 triggers Lambda event
Lambda function detects faces outputs cropped
images to S3 and stores metadata in DynamoDB
Web application pulls data from face wall and
dashboard services through API gateway which
triggers Lambda function
$$ charged by
Exec time per 100ms
Storage per GB
Number of requests
ReadWrite throughput
AWS Cloud Kata for Start-Ups and Developers
Recent launches and
best practices
AWS Cloud Kata for Start-Ups and Developers
reInvent 2015
bull Python
bull Scheduled functions
bull Longer running times (5 min)
bull Versioning
Recent launches
Since reInventbull Higher code storage limits (from 5 GB to
75 GB)
bull Custom VPC
bull 1-minute schedules
bull New regional launch
bull Nodejs 432
bull 1-click CORs setup
bull Stage variables
bull Custom (Lambda) authorizers
bull Builtin Swagger importexport
bull AWS CloudFormation support for API Gateway and versions
AWS Cloud Kata for Start-Ups and Developers
Function schedules The how-to guide
How can I keep a function warm (no cold starts)
Schedule it
How can I poll a queue (like SQS)
Schedule a function to read the queue
How can I get more timers
Have one scheduled function async invoke other functions
How can I get granularity finer than 1 minute
Run a background timer in your scheduled function
AWS Cloud Kata for Start-Ups and Developers
Function versioning The how-to guide
How can I get mutable configuration info
Read it (eg from DynamoDB) during function initialization
Wrap your config in a function and call it from your published code
How do I ldquoroll backrdquo in AWS Lambda
Using aliases just switch what the alias points to
(As a collection add API Gateway andor CloudFormation)
How do I do bluegreen deployments
AWS Lambda handles fleet deployments but if you want to shape
traffic put a second ldquotraffic coprdquo function in front
How can I lock a clientdevice onto an old version
Point them directly to that versionrsquos ARN
AWS Cloud Kata for Start-Ups and Developers
AWS Lambda VPC basics
All Lambda functions run in a VPC all the time
You never need to ldquoturn onrdquo security ndash itrsquos always on
You can also grant Lambda functions access to resources in your own VPC
How Add VPC subnet IDs and security group IDs to the function config
Typical uses RDB ElastiCache private EC2 endpoints
Allows access to peered VPCs VPN endpoints and private S3 endpoints
Functions configured for VPC access lose internet accesshellip
unless you have managed NAT or a NAT instance in the VPC
hellipEven if you have ldquoAuto-assign Public IPrdquo enabled
hellipEven if you have an internet gateway set up in your VPC
hellipEven if your security group allows all outbound traffic
AWS Cloud Kata for Start-Ups and Developers
AWS Lambda VPC Best practices
VPC is optional ndash donrsquot turn in on unless you need it
The ENIs used by Lambdarsquos VPC feature count against your quota
Ensure you have enough to match your peak concurrency levels (wersquoll consolidate where we can)
DO NOT delete or rename these ENIs
Ensure your subnets have enough IPs for those ENIs
Specify at least one subnet in each Availability ZoneOtherwise Lambda will obey but canrsquot be as fault-tolerant
AWS Cloud Kata for Start-Ups and Developers
Container
ECS
Cluster
Task amp Service
AWS CLI or ECS CLI
Summary
Serverless
Lambda
Use cases
Best practices
New feature
AWS Cloud Kata for Start-Ups and Developers
Hong
Kong
Thank you
AWS Cloud Kata for Start-Ups and Developers
1 Image uploading service
2 Image processing service
Face wall service
Dashboard service
3 Data feed services
Input
Image
S3
S3
Output
Image
Metadata DB
App Metric
Lambda
Camera uploads photos with AWS SDK to S3
S3 triggers Lambda event
Lambda function detects faces outputs cropped
images to S3 and stores metadata in DynamoDB
Web application pulls data from face wall and
dashboard services through API gateway which
triggers Lambda function
$$ charged by
Exec time per 100ms
Storage per GB
Number of requests
ReadWrite throughput
AWS Cloud Kata for Start-Ups and Developers
Recent launches and
best practices
AWS Cloud Kata for Start-Ups and Developers
reInvent 2015
bull Python
bull Scheduled functions
bull Longer running times (5 min)
bull Versioning
Recent launches
Since reInventbull Higher code storage limits (from 5 GB to
75 GB)
bull Custom VPC
bull 1-minute schedules
bull New regional launch
bull Nodejs 432
bull 1-click CORs setup
bull Stage variables
bull Custom (Lambda) authorizers
bull Builtin Swagger importexport
bull AWS CloudFormation support for API Gateway and versions
AWS Cloud Kata for Start-Ups and Developers
Function schedules The how-to guide
How can I keep a function warm (no cold starts)
Schedule it
How can I poll a queue (like SQS)
Schedule a function to read the queue
How can I get more timers
Have one scheduled function async invoke other functions
How can I get granularity finer than 1 minute
Run a background timer in your scheduled function
AWS Cloud Kata for Start-Ups and Developers
Function versioning The how-to guide
How can I get mutable configuration info
Read it (eg from DynamoDB) during function initialization
Wrap your config in a function and call it from your published code
How do I ldquoroll backrdquo in AWS Lambda
Using aliases just switch what the alias points to
(As a collection add API Gateway andor CloudFormation)
How do I do bluegreen deployments
AWS Lambda handles fleet deployments but if you want to shape
traffic put a second ldquotraffic coprdquo function in front
How can I lock a clientdevice onto an old version
Point them directly to that versionrsquos ARN
AWS Cloud Kata for Start-Ups and Developers
AWS Lambda VPC basics
All Lambda functions run in a VPC all the time
You never need to ldquoturn onrdquo security ndash itrsquos always on
You can also grant Lambda functions access to resources in your own VPC
How Add VPC subnet IDs and security group IDs to the function config
Typical uses RDB ElastiCache private EC2 endpoints
Allows access to peered VPCs VPN endpoints and private S3 endpoints
Functions configured for VPC access lose internet accesshellip
unless you have managed NAT or a NAT instance in the VPC
hellipEven if you have ldquoAuto-assign Public IPrdquo enabled
hellipEven if you have an internet gateway set up in your VPC
hellipEven if your security group allows all outbound traffic
AWS Cloud Kata for Start-Ups and Developers
AWS Lambda VPC Best practices
VPC is optional ndash donrsquot turn in on unless you need it
The ENIs used by Lambdarsquos VPC feature count against your quota
Ensure you have enough to match your peak concurrency levels (wersquoll consolidate where we can)
DO NOT delete or rename these ENIs
Ensure your subnets have enough IPs for those ENIs
Specify at least one subnet in each Availability ZoneOtherwise Lambda will obey but canrsquot be as fault-tolerant
AWS Cloud Kata for Start-Ups and Developers
Container
ECS
Cluster
Task amp Service
AWS CLI or ECS CLI
Summary
Serverless
Lambda
Use cases
Best practices
New feature
AWS Cloud Kata for Start-Ups and Developers
Hong
Kong
Thank you
AWS Cloud Kata for Start-Ups and Developers
Recent launches and
best practices
AWS Cloud Kata for Start-Ups and Developers
reInvent 2015
bull Python
bull Scheduled functions
bull Longer running times (5 min)
bull Versioning
Recent launches
Since reInventbull Higher code storage limits (from 5 GB to
75 GB)
bull Custom VPC
bull 1-minute schedules
bull New regional launch
bull Nodejs 432
bull 1-click CORs setup
bull Stage variables
bull Custom (Lambda) authorizers
bull Builtin Swagger importexport
bull AWS CloudFormation support for API Gateway and versions
AWS Cloud Kata for Start-Ups and Developers
Function schedules The how-to guide
How can I keep a function warm (no cold starts)
Schedule it
How can I poll a queue (like SQS)
Schedule a function to read the queue
How can I get more timers
Have one scheduled function async invoke other functions
How can I get granularity finer than 1 minute
Run a background timer in your scheduled function
AWS Cloud Kata for Start-Ups and Developers
Function versioning The how-to guide
How can I get mutable configuration info
Read it (eg from DynamoDB) during function initialization
Wrap your config in a function and call it from your published code
How do I ldquoroll backrdquo in AWS Lambda
Using aliases just switch what the alias points to
(As a collection add API Gateway andor CloudFormation)
How do I do bluegreen deployments
AWS Lambda handles fleet deployments but if you want to shape
traffic put a second ldquotraffic coprdquo function in front
How can I lock a clientdevice onto an old version
Point them directly to that versionrsquos ARN
AWS Cloud Kata for Start-Ups and Developers
AWS Lambda VPC basics
All Lambda functions run in a VPC all the time
You never need to ldquoturn onrdquo security ndash itrsquos always on
You can also grant Lambda functions access to resources in your own VPC
How Add VPC subnet IDs and security group IDs to the function config
Typical uses RDB ElastiCache private EC2 endpoints
Allows access to peered VPCs VPN endpoints and private S3 endpoints
Functions configured for VPC access lose internet accesshellip
unless you have managed NAT or a NAT instance in the VPC
hellipEven if you have ldquoAuto-assign Public IPrdquo enabled
hellipEven if you have an internet gateway set up in your VPC
hellipEven if your security group allows all outbound traffic
AWS Cloud Kata for Start-Ups and Developers
AWS Lambda VPC Best practices
VPC is optional ndash donrsquot turn in on unless you need it
The ENIs used by Lambdarsquos VPC feature count against your quota
Ensure you have enough to match your peak concurrency levels (wersquoll consolidate where we can)
DO NOT delete or rename these ENIs
Ensure your subnets have enough IPs for those ENIs
Specify at least one subnet in each Availability ZoneOtherwise Lambda will obey but canrsquot be as fault-tolerant
AWS Cloud Kata for Start-Ups and Developers
Container
ECS
Cluster
Task amp Service
AWS CLI or ECS CLI
Summary
Serverless
Lambda
Use cases
Best practices
New feature
AWS Cloud Kata for Start-Ups and Developers
Hong
Kong
Thank you
AWS Cloud Kata for Start-Ups and Developers
reInvent 2015
bull Python
bull Scheduled functions
bull Longer running times (5 min)
bull Versioning
Recent launches
Since reInventbull Higher code storage limits (from 5 GB to
75 GB)
bull Custom VPC
bull 1-minute schedules
bull New regional launch
bull Nodejs 432
bull 1-click CORs setup
bull Stage variables
bull Custom (Lambda) authorizers
bull Builtin Swagger importexport
bull AWS CloudFormation support for API Gateway and versions
AWS Cloud Kata for Start-Ups and Developers
Function schedules The how-to guide
How can I keep a function warm (no cold starts)
Schedule it
How can I poll a queue (like SQS)
Schedule a function to read the queue
How can I get more timers
Have one scheduled function async invoke other functions
How can I get granularity finer than 1 minute
Run a background timer in your scheduled function
AWS Cloud Kata for Start-Ups and Developers
Function versioning The how-to guide
How can I get mutable configuration info
Read it (eg from DynamoDB) during function initialization
Wrap your config in a function and call it from your published code
How do I ldquoroll backrdquo in AWS Lambda
Using aliases just switch what the alias points to
(As a collection add API Gateway andor CloudFormation)
How do I do bluegreen deployments
AWS Lambda handles fleet deployments but if you want to shape
traffic put a second ldquotraffic coprdquo function in front
How can I lock a clientdevice onto an old version
Point them directly to that versionrsquos ARN
AWS Cloud Kata for Start-Ups and Developers
AWS Lambda VPC basics
All Lambda functions run in a VPC all the time
You never need to ldquoturn onrdquo security ndash itrsquos always on
You can also grant Lambda functions access to resources in your own VPC
How Add VPC subnet IDs and security group IDs to the function config
Typical uses RDB ElastiCache private EC2 endpoints
Allows access to peered VPCs VPN endpoints and private S3 endpoints
Functions configured for VPC access lose internet accesshellip
unless you have managed NAT or a NAT instance in the VPC
hellipEven if you have ldquoAuto-assign Public IPrdquo enabled
hellipEven if you have an internet gateway set up in your VPC
hellipEven if your security group allows all outbound traffic
AWS Cloud Kata for Start-Ups and Developers
AWS Lambda VPC Best practices
VPC is optional ndash donrsquot turn in on unless you need it
The ENIs used by Lambdarsquos VPC feature count against your quota
Ensure you have enough to match your peak concurrency levels (wersquoll consolidate where we can)
DO NOT delete or rename these ENIs
Ensure your subnets have enough IPs for those ENIs
Specify at least one subnet in each Availability ZoneOtherwise Lambda will obey but canrsquot be as fault-tolerant
AWS Cloud Kata for Start-Ups and Developers
Container
ECS
Cluster
Task amp Service
AWS CLI or ECS CLI
Summary
Serverless
Lambda
Use cases
Best practices
New feature
AWS Cloud Kata for Start-Ups and Developers
Hong
Kong
Thank you
AWS Cloud Kata for Start-Ups and Developers
Function schedules The how-to guide
How can I keep a function warm (no cold starts)
Schedule it
How can I poll a queue (like SQS)
Schedule a function to read the queue
How can I get more timers
Have one scheduled function async invoke other functions
How can I get granularity finer than 1 minute
Run a background timer in your scheduled function
AWS Cloud Kata for Start-Ups and Developers
Function versioning The how-to guide
How can I get mutable configuration info
Read it (eg from DynamoDB) during function initialization
Wrap your config in a function and call it from your published code
How do I ldquoroll backrdquo in AWS Lambda
Using aliases just switch what the alias points to
(As a collection add API Gateway andor CloudFormation)
How do I do bluegreen deployments
AWS Lambda handles fleet deployments but if you want to shape
traffic put a second ldquotraffic coprdquo function in front
How can I lock a clientdevice onto an old version
Point them directly to that versionrsquos ARN
AWS Cloud Kata for Start-Ups and Developers
AWS Lambda VPC basics
All Lambda functions run in a VPC all the time
You never need to ldquoturn onrdquo security ndash itrsquos always on
You can also grant Lambda functions access to resources in your own VPC
How Add VPC subnet IDs and security group IDs to the function config
Typical uses RDB ElastiCache private EC2 endpoints
Allows access to peered VPCs VPN endpoints and private S3 endpoints
Functions configured for VPC access lose internet accesshellip
unless you have managed NAT or a NAT instance in the VPC
hellipEven if you have ldquoAuto-assign Public IPrdquo enabled
hellipEven if you have an internet gateway set up in your VPC
hellipEven if your security group allows all outbound traffic
AWS Cloud Kata for Start-Ups and Developers
AWS Lambda VPC Best practices
VPC is optional ndash donrsquot turn in on unless you need it
The ENIs used by Lambdarsquos VPC feature count against your quota
Ensure you have enough to match your peak concurrency levels (wersquoll consolidate where we can)
DO NOT delete or rename these ENIs
Ensure your subnets have enough IPs for those ENIs
Specify at least one subnet in each Availability ZoneOtherwise Lambda will obey but canrsquot be as fault-tolerant
AWS Cloud Kata for Start-Ups and Developers
Container
ECS
Cluster
Task amp Service
AWS CLI or ECS CLI
Summary
Serverless
Lambda
Use cases
Best practices
New feature
AWS Cloud Kata for Start-Ups and Developers
Hong
Kong
Thank you
AWS Cloud Kata for Start-Ups and Developers
Function versioning The how-to guide
How can I get mutable configuration info
Read it (eg from DynamoDB) during function initialization
Wrap your config in a function and call it from your published code
How do I ldquoroll backrdquo in AWS Lambda
Using aliases just switch what the alias points to
(As a collection add API Gateway andor CloudFormation)
How do I do bluegreen deployments
AWS Lambda handles fleet deployments but if you want to shape
traffic put a second ldquotraffic coprdquo function in front
How can I lock a clientdevice onto an old version
Point them directly to that versionrsquos ARN
AWS Cloud Kata for Start-Ups and Developers
AWS Lambda VPC basics
All Lambda functions run in a VPC all the time
You never need to ldquoturn onrdquo security ndash itrsquos always on
You can also grant Lambda functions access to resources in your own VPC
How Add VPC subnet IDs and security group IDs to the function config
Typical uses RDB ElastiCache private EC2 endpoints
Allows access to peered VPCs VPN endpoints and private S3 endpoints
Functions configured for VPC access lose internet accesshellip
unless you have managed NAT or a NAT instance in the VPC
hellipEven if you have ldquoAuto-assign Public IPrdquo enabled
hellipEven if you have an internet gateway set up in your VPC
hellipEven if your security group allows all outbound traffic
AWS Cloud Kata for Start-Ups and Developers
AWS Lambda VPC Best practices
VPC is optional ndash donrsquot turn in on unless you need it
The ENIs used by Lambdarsquos VPC feature count against your quota
Ensure you have enough to match your peak concurrency levels (wersquoll consolidate where we can)
DO NOT delete or rename these ENIs
Ensure your subnets have enough IPs for those ENIs
Specify at least one subnet in each Availability ZoneOtherwise Lambda will obey but canrsquot be as fault-tolerant
AWS Cloud Kata for Start-Ups and Developers
Container
ECS
Cluster
Task amp Service
AWS CLI or ECS CLI
Summary
Serverless
Lambda
Use cases
Best practices
New feature
AWS Cloud Kata for Start-Ups and Developers
Hong
Kong
Thank you
AWS Cloud Kata for Start-Ups and Developers
AWS Lambda VPC basics
All Lambda functions run in a VPC all the time
You never need to ldquoturn onrdquo security ndash itrsquos always on
You can also grant Lambda functions access to resources in your own VPC
How Add VPC subnet IDs and security group IDs to the function config
Typical uses RDB ElastiCache private EC2 endpoints
Allows access to peered VPCs VPN endpoints and private S3 endpoints
Functions configured for VPC access lose internet accesshellip
unless you have managed NAT or a NAT instance in the VPC
hellipEven if you have ldquoAuto-assign Public IPrdquo enabled
hellipEven if you have an internet gateway set up in your VPC
hellipEven if your security group allows all outbound traffic
AWS Cloud Kata for Start-Ups and Developers
AWS Lambda VPC Best practices
VPC is optional ndash donrsquot turn in on unless you need it
The ENIs used by Lambdarsquos VPC feature count against your quota
Ensure you have enough to match your peak concurrency levels (wersquoll consolidate where we can)
DO NOT delete or rename these ENIs
Ensure your subnets have enough IPs for those ENIs
Specify at least one subnet in each Availability ZoneOtherwise Lambda will obey but canrsquot be as fault-tolerant
AWS Cloud Kata for Start-Ups and Developers
Container
ECS
Cluster
Task amp Service
AWS CLI or ECS CLI
Summary
Serverless
Lambda
Use cases
Best practices
New feature
AWS Cloud Kata for Start-Ups and Developers
Hong
Kong
Thank you
AWS Cloud Kata for Start-Ups and Developers
AWS Lambda VPC Best practices
VPC is optional ndash donrsquot turn in on unless you need it
The ENIs used by Lambdarsquos VPC feature count against your quota
Ensure you have enough to match your peak concurrency levels (wersquoll consolidate where we can)
DO NOT delete or rename these ENIs
Ensure your subnets have enough IPs for those ENIs
Specify at least one subnet in each Availability ZoneOtherwise Lambda will obey but canrsquot be as fault-tolerant
AWS Cloud Kata for Start-Ups and Developers
Container
ECS
Cluster
Task amp Service
AWS CLI or ECS CLI
Summary
Serverless
Lambda
Use cases
Best practices
New feature
AWS Cloud Kata for Start-Ups and Developers
Hong
Kong
Thank you
AWS Cloud Kata for Start-Ups and Developers
Container
ECS
Cluster
Task amp Service
AWS CLI or ECS CLI
Summary
Serverless
Lambda
Use cases
Best practices
New feature
AWS Cloud Kata for Start-Ups and Developers
Hong
Kong
Thank you
AWS Cloud Kata for Start-Ups and Developers
Hong
Kong
Thank you