Serverless introduction

• Cloud history: Data Centre => IaaS (EC2, 2016) => PaaS => Containers => Serverless
• Concept came up with Faas (Function as a Service) = Lambda
  • Today the definition includes anything that’s managed where you developers don’t see / provision / manage servers.
  • In AWS: Lambda & Step Functions, DynamoDB, AWS Cognito, AWS API Gateway, S3, SNS & SQS, Kinesis, Aurora Serverless…
• Serverless application examples:
  • Users -> Rest API -> API Gateway -> Lambda -> DynamoDB with log in function from Amazon Cognito.
  • Serverless thumbnail creation
    • User uploads image to S3
    • S3 triggers lambda function to create a thumbnail
    • Lambda
      • Creates & pushes thumbnail image into S3
      • Saves metadata in DynamoDB

Lambda

• Lambda vs EC2

  EC2	Lambda
  Virtual servers in the cloud	Virtual functions -> no servers to manage!
  Limited by RAM and CPU	Limited by time - short executions
  Continuously running	Run on-demand
  Scaling means intervention to add / remove servers	Scaling is automated

• Pricing
  1. Pay per calls.
  2. Pay per duration (in increment of 100ms)
     • E.g. you get 400.000 GBs of FREE compute time
       • = 400.000 seconds if function is 1 GB RAM
       • = 3.200.000 seconds if function is 128 MB RAM
• Integrations
  • Almost whole AWS Stack can trigger it: API Gateway, Kinesis, DynamoDB, S3, AWS IoT, CloudWatch Events, CloudWatch Logs, AWS SNS, AWS Cognito, Amazon SQS and more.
• Can use different programming languages: Node.js (JavaScript), Python, Java, C# (.NET CORE), Golang, C# / PowerShell, C++ and more.
• Lambda like EC2 and ECS supports hyper-threading on one or more virtual CPUs.
• Lambda@Edge lets you run lambda functions in edge locations.
• Blueprints are code templates for writing Lambda functions.
• You can test lambdas directly on portal by configuring & sending test events in the Console
• Security
  • IAM role must be attached to it.
  • Deployed within a VPC as default.
    • To enable your Lambda function to access resources inside your private VPC:
      • Give subnet IDs and security group IDs
      • Lambda uses those IDs to set up ENIs.
    • AWS Lambda uses this information to set up elastic network interfaces (ENIs) that enable your function to connect securely to other resources within your private VPC.
    • 💡 In your subnet you need enough available IP / ENI’s otherwise you get EC2ThrottledException for concurrent execution.
  • Lambda can have Security Groups.
  • Auditing and compliance through CloudTrail logging.
• Configurations
  • Timeout: Default 3 seconds, 📝max of 15 minutes
    • Function fails directly after timeout
  • Environment variables that can be accessed directly from the code.
  • Allocated memory (128MB to 10 GB)
    • 💡 Increasing RAM will also improve CPU and network!
    • 📝Scaling is automated.
  • Lambda DLQ
    • Debugging and error handling through dead letter queues
    • Can be SNS or SQS queue
  • Encryption
    • Encryption helpers to pass secure credentials in an encrypted manner.
    • Prevents other developer who has access to console from seeing the credentials.
• Scaling
  • ❗ Concurrency limits how many lambda functions can be executed simultaneously.
    • For initial burst between 500-3000 depending on region.
    • Later: 500 per minute until limit is reached.
    • Concurrency limit starts from 1000 (soft limit)
• 💡 Architectures can get complicated -> AWS X-ray allows you to debug what’s happening.
  • Trace and analyse keywords.
• ❗📝 Limitations
  • RAM: Up to 10GB
  • Deployment
    • Max size 250 MB or 50 MB (zipped)
      • 💡 Overcome limit: use /tmp directory to load other files at startup
    • Size of environment variables: 4 KB
  • Execution
    • Memory allocation: 128 MB - 10 GB (64 MB increments)
    • Maximum execution time: 15 minutes
    • Disk capacity in the “function container” (in /tmp): 512 MB
    • Concurrency limits: 1000 (soft limit)

---

---