serverless architecture on aws(20151121版)
TRANSCRIPT
-
Keisuke Nishitani, Solutions Architect, Amazon Web Services Japan K.K.
2015.11.21
Serverless Architecture on AWS
-
v 20151121AWS(http://aws.amazon.com)
v AWSAWS
v
-
{
"Name" : "","Twitter" : "@Keisuke69","Profile" : {
"Role" : "Solution Architect","Customers": [ "Web Services", "Start-up
],"Services" : [
"Amazon API Gateway,"AWS Lambda","All Mobile Services
]}
}
-
v
v1
vv
-
Web Web/APEC2 ELB Web DBRDSMulti AZEC2 EC21
etc
WebEC2
DBRDS
LBELB
-
Lambda
API Gateway
AWS
(EC2)
S3
CloudFront
-
Lambda
API Gateway
AWS
S3
CloudFront
(EC2)
JavaScript/UI
-
Lambda
API Gateway
AWS
S3
CloudFront
(EC2)
JavaScript/UI
JavaScriptS3 CloudFront
-
Lambda
API Gateway
AWS
S3
CloudFront
(EC2)
JavaScript/UI
JavaScriptS3 CloudFront
API API Gateway Lambda
-
Lambda
API Gateway
AWS
S3
CloudFront
(EC2)
JavaScript/UI
JavaScriptS3 CloudFront
API API Gateway Lambda
JavaScript/iOSAndroidAPI
-
Lambda
API Gateway
AWS
S3
CloudFront
(EC2)
JavaScript/UI
JavaScriptS3 CloudFront
API API Gateway Lambda
JavaScript/iOSAndroidAPI
LambdaAWS Cognito
-
JavaScript/UI
JavaScriptS3 CloudFront
API API Gateway Lambda
JavaScript/iOSAndroidAPI
LambdaAWS Cognito
API GW/LambdaEC2
Lambda
API Gateway
AWS
S3
CloudFront
(EC2)
-
2-Tier Architecture
v SDK
v AWSCredentialCognito
AWS
Android/iOSSDK
JavaScriptSDK
DynamoDB SNS S3 LambdaCognito
Credential
-
JavaScript/UI
JavaScriptS3
CloudFront
API API Gateway Lambda
JavaScript/iOSAndroidAPI View
LambdaAWS
API GW/LambdaEC2
Lambda
API Gateway
AWS
(EC2)
S3
CloudFront
-
AWS
EC2 EC2
EC2CodeDeployElastic BeanstalkOpsWorks
-
All you need is code.
-
VidRoll EC2
IT
API Gateway
Lambda
10
-
Legacy Architecture
Limelight Edge
Laptop Encoders
RTMPWowza Transmux
Servers
Wowza Transcode Servers
Wowza Record Servers
RTMP
RTMP
RTMP
Auto Uploader
MP4 HLS
S3 VOD bucket
CloudFront mobile client
Live Streaming
VOD
CloudFront mobile clientHLS
HLS
-
Current Architecture
Laptop Encoders
HLS
S3 Playback
VOD Stream mobile client
CloudFront Streaming
Live stream mobile client
CloudFront S3 Ingest
480p Transcode
HQ Copy
360p Transcode
Audio-only Transcode
Thumbnail
QOS Analytics
Cascading Lambda Functions
-
easy tenMobile app that helps you learn 10 new, foreign words a day
Users have learned
170 000 000+newwords
1 200 000+downloads
Featured in 85+ countries Top 5 grossing apps overall (Russia) Top 8 grossing apps overall (Brazil)
-
vEC2
v
v/
-
Lambda consumer
S3
Mobile Analytics
DynamoDB
SQS
Amazon EMR
Amazon Cognito
Amazon Kinesis
Mobile app
Amazon Redshift
Lambda interface
S3 dump
DynamoDB log
Microservice Core
-
Real-Time Stream Processing
Amazon Kinesis AWS Lambda
Amazon Redshift
Amazon SNS
New records available
-
Real-Time DB Triggers Workflow
New data available
Amazon DynamoDB AWS Lambda
Amazon DynamoDB
Amazon Redshift
-
Real-Time Message Handling
New message published
Amazon SNS AWS Lambda
Amazon SNS
Amazon Kinesis
-
Audit CloudTrail Activity
AWS Lambda
Amazon S3Amazon CloudTrail
Amazon SNS
AWS IAM
-
Automated Infrastructure Management
AWS Lambda
Amazon SNS
Amazon CloudWatch Alarm
ec2runInstance
ecsstartTask
beanstalkupdateApp
kinesissplitShard
Any API call
https://aws.amazon.com/blogs/compute/scaling-amazon-ecs-services-automatically-using-amazon-cloudwatch-and-aws-lambda/
-
Forward AWS Events to External Endpoints
http://danilop.net/aws/2015/07/26/sns2ifttt/ | https://github.com/danilop/SNS2IFTTT
AWS Lambda
Amazon SNS
IFTTT via the Maker channel
Amazon CloudWatch Events
Auto Scaling
-
Deploy Lambda Functions
https://aws.amazon.com/blogs/compute/dynamic-github-actions-with-aws-lambda/
AWS Lambda
Amazon SNS
GitHub Repo
lambda createFn ()
-
Key
-
AWS Lambda
-
Lambda:
AWS Lambda
100ms
Lambda
-
AWS Lambda
AWS AWS
VPC
Lambda function JavaScriptNode.jsJavaPython
-
AWS Lambda
S3
AWS LambdaAmazon S3 Bucket
1
2
3
-
AWS Amazon S3 Amazon Kinesis Amazon DynamoDBStreams(Preview) Amazon Cognito Amazon SNS Alexa AppKit Amazon SWF Amazon SES inbound mail Amazon CloudWatch Logs Amazon Connected Home (Preview) AWS IoT
-
Key
-
Amazon API Gateway
-
API
-
API
HTML5/JS
IoT
-
Amazon API Gateway
API
AWS IAM
AWSAuth
DDoS
-
Amazon API Gateway
API
AWS SigV4
AWS Lambda
-
Amazon API Gateway
CloudFrontDDoS
iOSAndroidJavaScriptSDK
Swagger
Request / Response
-
Method and integration
-
Amazon API Gateway AWS Lambda Amazon Cognito Amazon DynamoDB
API
AWS
-
API
POST DynamoDB
/users
POST /
/login
POST
GET /pets
GET ID/pets/{petId}
-
SwaggerAPI
SwaggerAPI
AWSextention
Amazon API Gateway Swagger ImporterAPI
-
Method Response
Integration Request
Method Request
Method
SwaggerAPI
/users:
post:summary: Registers a new userconsumes:- application/json
produces:
- application/jsonparameters:- name: NewUserin: bodyschema:
$ref: '#/definitions/Userx-amazon-apigateway-integration:type: awsuri: arn:aws:apigateway:us-east-1:lambda:path/2015-03-31...
credentials: arn:aws:iam::964405213927:role/pet_store_lambda_invoke...
responses:200:
schema:$ref: '#/definitions/RegisterUserResponse'
-
Unauthenticated
API
Mobile apps AWS Lambda lambdaHandler
Register
LoginAPI Gateway
Authenticated
Mobile apps AWS Lambda lambdaHandler
ListPets
GetPet
API Gateway
Assume Role
CreatePet
Sigv4 Invoke with caller credentials
Authorized by IAM
Cognito
DynamoDB
-
HTTPRegister action
Login action
Create Pet action
Get Pet action
BadRequestExceptionBAD_REQUEST +
Stack Trace
InternalErrorExceptionINTERNAL_ERROR +
Stack TracelambdaHandler Amazon API
Gateway
responses:"default":
statusCode: "200""BAD.*":
statusCode: "400""INT.*":
statusCode: "500"
-
POST / DynamoDB
Amazon Cognito
/users
POST DynamoDB
Amazon Cognito
/login
-
Amazon Cognito
AWS
AWS
-
Login API
Client API Gateway Backend
/login Login Action
Credentials verified
Get OpenID Token
Identity ID + Token
Get Credentials
Access Key + Secret Key + Session Token
/login
2
3
1
-
POST Pet DynamoDB PetId
GET DynamoDBPet
/pets
GET Pet id Lambda functionMapping Template
DynamoDBIDPet Pet
/pets/{petId}
-
IAM{"Version": "2012-10-17",
"Statement": [{"Effect": "Allow","Action": ["dynamodb:GetItem","dynamodb:PutItem","dynamodb:Scan","lambda:InvokeFunction","execute-api:invoke"
],"Resource": ["arn:aws:dynamodb:us-east-1:xxxxxx:table/test_pets","arn:aws:lambda:us-east-1:xxxxx:function:PetStore,"arn:aws:execute-api:us-east-1:xxxx:API_ID/*/POST/pets"
]}
]
}
DynamoDB API Gateway Lambda
-
/
JSON
SDK
API
-
Pet
{ "properties":{
"petId":{ "type":"string","description":"The generated unique identifier
for the new pet"},"petType":{
"type":"string","description":"Free text pet type"
},"petName":{
"type":"string","description":"Free text pet name"
},"petAge":{
"type":"integer","format":"int32","description":"Age of the new pet"
}},"definitions":{
}}
-
SDK
API
-
1SDK
-
SDK
: AWS signature version 4API
//
-
JAWS
Web
CF LambdaScaffold API Gateway
Lambda CLI
AWS
https://github.com/jaws-framework/JAWS
-
AWS Mobile Hub (BETA)
-
AWS Mobile Hub (Beta)
1.
2.
3.
4.
AWS
-
AWS Mobile Hub (Beta)
-
Facebook (Google, Twitter, Amazon etc
Powered by Amazon Cognito Identity
User Sign-in
-
iOS/Android 1:1 Quickstart App demonstrates features Enable/Disable SNS
Powered by Amazon SNS
Push
-
AWS Mobile HubBETA
AWS
AWS Management Console
US-East-1
AWS Mobile Hub
-
Conclusion
EC2
-
Questions?
-
v API Gateway Secure Pet Store https://github.com/awslabs/api-gateway-secure-pet-storev Keynote Videos on YouTubev Breakout Sessions Videos on YouTube
v Architecturev Big Data & Analyticsv Computev Databasesv Developer Toolsv DevOpsv Gamingv IT Strategy & Migrationv Mobile Developer & IoTv Networkingv Security & Compliancev Spotlightv Storage & Content Delivery
v Breakout Sessions Slides on SlideShare v Breakout Sessions Audios on iTunes Podcast
-
Thank you!