Cloud Day 2023 -- Serverless: cosa significa nel 2023?

Transcript

1. CLOUD DAY 2023 Serverless: cosa significa nel 2023? Luca Bianchi

   CTO @ Neosperience CTO @ Neosperience Health AWS Serverless Hero

2. KUDOS

3. Who am I? CTO @ Neosperience and Neosperience Health, Proudly

   AWS Serverless Hero, passionate about software architectures, serverless, and machine learning. Serverless Italy Meetup co-founder. Luca Bianchi, PhD github.com/aletheia https://it.linkedin.com/in/lucabianchipavia https://speakerdeck.com/aletheia www.bianchiluca.com @bianchiluca Big Daddy Little Elisa Keep in touch! www.bianchiluca.com

4. “This talk IS NOT about GenAI.”

5. “we don’t need to explain what serverless is anymore.”

6. Serverless is the new normal • Adoption spans cloud provider

   customers: 70% of AWS, 60% of Google, and 49% of Azure use one or more serverless solutions. • Growth Rate is stepping up YoY • Infrastructure-as-Code is widely adopted by companies of any size. Source: Datadog State of serverless 2023 Source: Datadog state of Serverless 2023

7. Serverless supports different languages • Node runtime (JS/TS) is the

   most adopted, followed by Python. • Java is still significant for enterprise workloads or when a complete rewrite is impossible. • .NET is on the rise as developers start to embrace AWS. • Go and Rust are stable and growing as soon as their developer base increases. Source: Datadog state of Serverless 2023

8. Nonetheless, there are a few myths rising… • “There is

   no way to build a Node Lambda running in less than 200ms.” • “Serverless means AWS Lambda functions.” • “Serverless creates vendor lock-in.” • “Just bring your workload to serverless; it will be faster and cheaper.” • “AWS Lambda cold starts cannot be improved.” • “AWS Lambda supports only old runtime releases.”

9. “This isn’t your father serverless!”

10. inside a Lambda Function (using Typescript / NodeJS)

11. Typescript with Lambda • Use SAM or CDK to compile

    code into one single bundle • Prefer tsx over ts-node • Prefer ESM module type • npm i -D esbuild to compile without Docker • Set esbuild optimizations Lambda under the hood https://www.cloudday.it/e/sessione/3270/Lambda- under-the-hood Fast Lambda Github Repo https://github.com/aletheia/fast-lambda

12. Typescript with Lambda

13. AWS SDK v3 • It is a complete rewrite of

    v2. • Modular architecture (supports tree shaking). • Use command objects over client methods (reduced package size). • Bundle your SDK with your code (one single minified file, better cold start). Reduce Lambda cold start times: migrate to AWS SDK https://aws.amazon.com/it/blogs/developer/reduce- lambda-cold-start-times-migrate-to-aws-sdk-for- javascript-v3/ instead of client methods prefer using command objects

14. Lambda Powertools • A set of utilities to improve developer

    productivity while embedding best practices. • Available in Python and Typescript. • Supported in CDK and SAM. • It can be used as middy middleware, Typescript decorator, or manually configuring dependency. Lambda Powertools (Typescript) https://docs.powertools.aws.dev/lambda/typescript/ latest/ Lambda Powertools (Python) https://docs.powertools.aws.dev/lambda/python/ latest/

15. Lambda Powertools (with MiddyJS) • Place the Tracer middleware at

    the top of the middleware chain, followed by the Logger and any other middleware. • Instantiate logger and tracer outside lambda handler to improve lambda cold start. • Use makeHandlerIdempotent with a persistence store (such as DDB) to ensure idempotency. Powertools for AWS Lambda (MiddyJS) https://middy.js.org/docs/integrations/lambda- powertools

16. around a Lambda Function

17. Synchronous invocation Asynchronous invocation Polling invocation AWS CLI Amazon S3

    Amazon DynamoDB Application Load Balancer Amazon SNS Amazon Kinesis Amazon Cognito Amazon Simple Email Service Amazon MSK Amazon Lex AWS CloudFormation Amazon SQS Amazon Alexa Amazon CloudWatch Logs Amazon API Gateway Amazon CloudWatch Events Amazon CloudFront via Lambda@Edge AWS CodeCommit Amazon Kinesis Data Firehose AWS Config Amazon S3 Batch AWS IoT AWS Lambda URL AWS IoT Events AWS CodePipeline Lambda Triggers Synchronous invocation Asynchronous invocation Polling invocation AWS CLI Amazon S3 Amazon DynamoDB Application Load Balancer Amazon SNS Amazon Kinesis Amazon Cognito Amazon Simple Email Service Amazon MSK Amazon Lex AWS CloudFormation Amazon SQS Amazon Alexa Amazon CloudWatch Logs Amazon API Gateway Amazon CloudWatch Events Amazon CloudFront via Lambda@Edge AWS CodeCommit Amazon Kinesis Data Firehose AWS Config Amazon S3 Batch AWS IoT AWS Lambda URL AWS IoT Events AWS CodePipeline

18. Additions to API Gateway API: • HttpApi, RestApi, and WebSocketApi.

    • Private API and Regional API to be available within a VPC and deployed to a specific AWS Region. • Swagger Schema validation. Integrations • Private integration: integrate with a resource not accessible to the public internet through VPC Link • AWS Service Integration

19. apart from Lambda Function

20. Authentication • Amazon ApiGateway supports IAM, Lambda, and JWT authorizer.

    • JWT is a RFC 7519 standard (https://jwt.io/). • Amazon Cognito as JWT issuer (UserPool as IdP, IdentityPools handlers external IdPs) • Use aws-jwt-verify to verify JWTs signed by Amazon Cognito and any OIDC- compatible IDP • Supported either by CDK or SAM AWS JWT Verify https://github.com/awslabs/aws-jwt-verify JWT AUD Explaination https://stackoverflow.com/a/41237822

21. Authorization • Role Based Access Control (RBAC) is challenging to

    scale to manage complex applications because roles tend to pile. • Decoupling access control from business logic is a best practice. • Amazon Verified Permissions (AVP) is a serverless managed solution to implement Attribute Based Access Control (ABAC). • Cedar is the policy definition language. • Fine-grained and attribute-based policies • Create and manage stores, schemas, and permissions with avp-cli. AVP CLI https://www.npmjs.com/package/avp-cli Authorization and Amazon Verified Permissions: A New Way to Manage Permissions https://dev.to/aws-builders/authorization-and-cedar-a- new-way-to-manage-permissions-part-i-1nid

22. AWS Step Function (1 of 2) • Extract stateful logic

    from Lambda functions. • Prefer more straightforward functions with an external orchestrating state machine. • AWS Step Function is a managed serverless state machine. • Can be defined using either domain ASL or CDK constructs.

23. AWS Step Function (2 of 2) • Support 200+ AWS

    services with AWS SDK integration. • Standard or Express workflows. • Visual builder with Workflow Studio to craft SF visually. • It can be used from Python / Jupyter Notebooks with AWS Step Functions Data Science SDK. The AWS Step Functions Workshop https://catalog.workshops.aws/stepfunctions/en-US

24. AWS AppSync • Managed serverless GraphQL service. • fetch data

    and update with GraphQL mutations. • Pack multiple responses into one single client-tailored payload. • Resolvers to HTTP, AWS Lambda, Amazon Aurora, Amazon DynamoDB, and Amazon OpenSearch Service. • JS resolvers to resources (with limitations). • Producers publish data to AppSync. • Clients subscribe to channels to receive updates.

25. Event Bridge • Enables decoupling of data producer and consumer.

    • Events can be validated against JSON schema. • Message filtering using rules provides routing. • Supports multi-account routing. • Every AWS service has an EventBridge bus (default). • Custom EventBridge buses can be created. • Integrates with 20+ AWS services. Visuals courtesy of David Boyne (@boyney123)

26. Event Bridge (Pipes) • Create direct integrations between services, without

    the need-to-know specialist knowledge of connecting these services. • A Pipe consists of two main parts, the Source and the Target. • Supports event filtering and enriching before sending to the target destination. Visuals courtesy of David Boyne (@boyney123)

27. Event Bridge (API Destinations) • A type of event consumer.

    • Routes events to external APIs using HTTP • Use input transforms to transform events before sending to API • Define a “connection”, an object specifying authorization type and parameters to authorize with external API. • Invocation rates can be configured to buffer messages and implement fan-out patterns Visuals courtesy of David Boyne (@boyney123)

28. Serverless Databases Several solutions with modern features: • Real-time Access

    (low latency) • Infinite Scalability, High Security, Availability • Schemaless / Relational? • Function Deployment Vendor offering is wide and expanding: • AWS Dynamo DB • Amazon Aurora Serverless • Azure CosmosDB • BigQuery / Redshift

29. Serverless Cache • DynamoDB is sometimes used as a serverless

    cache (providing single- digit millisecond response). • ElastiCache (with Redis) but it is not truly serverless. • Momento Cache is a fast and easy- to-use cache with SDK. Momento Cache Chart credits to Momento (gomomento.com)

30. What about the future?

31. evolving Infrastructure-as-Code

32. Edge deployments • Deploy FaaS at edge • Transparent multi-region

    support • Supports JS, Rust, C, C++ • Key/Value Edge storage • Lambda @Edge on steroids

33. Infrastructure from Code • Developers just need to write business

    code. • Infrastructure is inferred from API calls and information flow configuration. • Framework maintains feature parity with cloud vendors. this code translates into

34. Ampt • Infrastructure is built around your code from SDK

    calls. • Ampt SDK exposes abstractions for storage, tasks, APIs, parameters, and web sockets. • Supports frameworks such as Express, NextJS, Nuxt, NestJS, React, Angular, Astro, SvelteKit, etc. • Offer support to frontend deployment with no configuration.

35. evolving software architectures

36. Serverless Newsletter (2015) • Single point of failure. • Everything

    is synchronous. • Service coupling. • Difficult to test.

37. Serverless Newsletter (2023) • No single point of failure. •

    Logic is testable • Subsystems can be reused. • Easy to test. • Many moving parts.

38. Event-Driven Architectures (EDA) • Events-first thinking. • Services are decoupled.

    • events are used to trigger and communicate between services. • eventual consistency. • thin or fat events? • CQRS with Event Sourcing and EDA patterns. Martin Fowler on EDA https://www.youtube.com/watch? v=STKCRSUsyP0&t=1s Introduction to Event-Driven Archtiectures https://serverlessland.com/event-driven-architecture Visuals courtesy of David Boyne (@boyney123)

39. CLOUD DAY 2023 THANK YOU! Join Serverless Italy! https://www.meetup.com/serverless-italy/ Keep

    in touch! www.bianchiluca.com