Compute - AWS Lambda

Serverless introduction

  • Cloud history: Data Centre => IaaS (EC2, 2016) => PaaS => Containers => Serverless
  • Concept came up with Faas (Function as a Service) = Lambda
    • Today the definition includes anything that’s managed where you developers don’t see / provision / manage servers.
    • In AWS: Lambda & Step Functions, DynamoDB, AWS Cognito, AWS API Gateway, S3, SNS & SQS, Kinesis, Aurora Serverless…
  • Serverless application examples:
    • Users -> Rest API -> API Gateway -> Lambda -> DynamoDB with log in function from Amazon Cognito.
    • Serverless thumbnail creation
      • User uploads image to S3
      • S3 triggers lambda function to create a thumbnail
      • Lambda
        • Creates & pushes thumbnail image into S3
        • Saves metadata in DynamoDB

Lambda

  • Lambda vs EC2

    EC2 Lambda
    Virtual servers in the cloud Virtual functions -> no servers to manage!
    Limited by RAM and CPU Limited by time - short executions
    Continuously running Run on-demand
    Scaling means intervention to add / remove servers Scaling is automated
  • Pricing
    1. Pay per calls.
    2. Pay per duration (in increment of 100ms)
      • E.g. you get 400.000 GBs of FREE compute time
        • = 400.000 seconds if function is 1 GB RAM
        • = 3.200.000 seconds if function is 128 MB RAM
  • Integrations
    • Almost whole AWS Stack can trigger it: API Gateway, Kinesis, DynamoDB, S3, AWS IoT, CloudWatch Events, CloudWatch Logs, AWS SNS, AWS Cognito, Amazon SQS and more.
  • Can use different programming languages: Node.js (JavaScript), Python, Java, C# (.NET CORE), Golang, C# / PowerShell, C++ and more.
  • Lambda like EC2 and ECS supports hyper-threading on one or more virtual CPUs.
  • [email protected] lets you run lambda functions in edge locations.
  • Blueprints are code templates for writing Lambda functions.
  • You can test lambdas directly on portal by configuring & sending test events in the Console
  • Security
    • IAM role must be attached to it.
    • Deployed within a VPC as default.
      • To enable your Lambda function to access resources inside your private VPC:
        • Give subnet IDs and security group IDs
        • Lambda uses those IDs to set up ENIs.
      • AWS Lambda uses this information to set up elastic network interfaces (ENIs) that enable your function to connect securely to other resources within your private VPC.
      • 💡 In your subnet you need enough available IP / ENI’s otherwise you get EC2ThrottledException for concurrent execution.
    • Lambda can have Security Groups.
    • Auditing and compliance through CloudTrail logging.
  • Configurations
    • Timeout: Default 3 seconds, 📝max of 15 minutes
      • Function fails directly after timeout
    • Environment variables that can be accessed directly from the code.
    • Allocated memory (128MB to 10 GB)
      • 💡 Increasing RAM will also improve CPU and network!
      • 📝Scaling is automated.
    • Lambda DLQ
      • Debugging and error handling through dead letter queues
      • Can be SNS or SQS queue
    • Encryption
      • Encryption helpers to pass secure credentials in an encrypted manner.
      • Prevents other developer who has access to console from seeing the credentials.
  • Scaling
    • ❗ Concurrency limits how many lambda functions can be executed simultaneously.
      • For initial burst between 500-3000 depending on region.
      • Later: 500 per minute until limit is reached.
      • Concurrency limit starts from 1000 (soft limit)
  • 💡 Architectures can get complicated -> AWS X-ray allows you to debug what’s happening.
    • Trace and analyse keywords.
  • ❗📝 Limitations
    • RAM: Up to 10GB
    • Deployment
      • Max size 250 MB or 50 MB (zipped)
        • 💡 Overcome limit: use /tmp directory to load other files at startup
      • Size of environment variables: 4 KB
    • Execution
      • Memory allocation: 128 MB - 10 GB (64 MB increments)
      • Maximum execution time: 15 minutes
      • Disk capacity in the “function container” (in /tmp): 512 MB
      • Concurrency limits: 1000 (soft limit)

Licenses and Attributions


Speak Your Mind