Building microservices with AWS Lambda

Building microservices with AWS Lambda

The main focus of the discourse was on how to build microservices with AWS lambda. Lecturer discussing lambda base services and their different patterns by giving the simple example of one public interface and one nonpublic interface pattern. The AWS lambda has new capability which is provision currency which resolves cold start issue with lambda. Furthermore, lecturer talked about MyService Architecture and its essential parts frontend, backend and shared capabilities.

Amazon providing microservices since the 2000s, and S3 providing 8 microservices back in 2006. 

Fig. 1 Single service.

After reinvent in 2018, S3 providing 235+ different microservices and with time they are keep expanding and interestingly these all are lambda base. There are different repeatable patterns and concept of microservices iceberg. In which we usually have single face public interface which is above the waterline and other services are below the water line. As shown in Fig. 1

Comparison between API in the front and Async in the back. There is synchronous communication, HTTPS clients, relying on API gateways, flexible client interface and securing against client in front API. However, in synchronous services which is use for simple purposes. In this services, we have basically one to one mapping to each other for larger application.

Architecture

AWS lambda is providing serverless compute services, highly available and build-in security. Lastly, in lambda you only have to pay when you are using it. Code inside a lambda is deployed in a unit called function which is typically consider as very much online and unique characteristics. Lecturer also demonstrated about limits in the function which is ranging from 120megabytes to 3 megabytes. In addition, it requires 15minutes duration for a single execution the application of a maximum 250MB and also providing 512 megabytes storage.

Something unique is lambda is that there is no concept of socket or port. In lambda we can’t talk directly talk on network, we only have access or invoke lambda function via its API because it is API’s driven model.

Serverless application

There are three basic component which make up serverless application which are Event source, Function and Service.

Fig. 2 Serverless application components.

There are more than 100 different services in AWS that are directly or via SNS then other services invoke Lambda which represents everything from end point. This could be Dev tools, security tools and managements tools also other which are directly invoke Lambda. Lambda supporting six different languages which are Java, Python, .net, Ruby and Node JS. There is also a runtime API which allows to think of Lambda. There is also a good improvement in Lambda to make it work with rational database which is called RDS proxy. In RDS proxy, its connection pooling in management for database in which we can connect our Lambda function with RDS proxy which helps to reduce the amount of connection management.

Accessing the API

There are three different ways for exposing an API. Amazon API gateway, application load balancer and last one is AWS AppSync.

  • Amazon API gateway

Lecturer discussed that they have two APIs before today which are REST and WebSocket support API which was added last year. Today, they are introducing new version of API which is called HTTP API. They key features of HTTP API are; it is simple, faster, 70% cheaper than other API gateways and 50% less overhead than other APIs.

  • Application load balancer

Application load balancer is a part of the overall load balancer family. It only supports HTTP and there is no need of interface with REST and WebSocket, it is only for HTTP Lambda function. It is perfect if we need mix model applications and it allows things to redirects and custom HTTP response. Another things is that in this model customer have to pay per hour for a time period. 

  • AWS AppSync

It has lot of flexible services and number of capabilities, AppSync is built to host GraphQL support APIs. It allows to take single API and be able to have it back to many data sources. Appsync have number of capabilities like number of different back ends including Lmabda, rational database and query DynamoDB. It also supports subscription and offline sync which is very useful for mobile applications. It has a different payment model which is payment per query and data transfer.

How to choose a right API

Here is table which will provide us a overview about choosing an API as per our requirement.

AWS AppSync Amazon API Gateway Application Load Balancer
  • Complex API with multiple data sources or very unique query against data sources
  • This is good for real time applications
  • Things might involve you interrupting the request for response, transferring data and security controls. 
  • Potentially high requests per month

Authorization

There are different type of authorization which could be use as per requirement and customer specifications

  1. OPEN; No authentication no authorization
  2. AWS Identity and Access Management  (IAM) permission

Use IAM policies and AWS credentials to grant access

  1. Amazon Cognito Authorization

It is a managed user directory

  1. Lambda Authorization

It use to validate a bearer token or request parameters and grant access.

Synchronous and Asynchronous APIs architecture understanding

Synchronous APIs architecture

If we have a single service and we make request generally we get a response. However, if there is something wrong then we simply retry this is traditional HTTP practice.

Pic of 28.10minute

But in distributed system or microservice architecture, there is bit more complexity. As we place an order to order service then there is invoice service which demands invoice. So, in secretive manner the invoice service reply back to order service and order service reply back to client. So there are number of points which could cause failure.

Pic at 28.59

 Asynchronous APIs architecture

In asynchronous architecture, there is also order service and invoice service but order service is not dependent on invoice service reply. Invoice service can directly reply to client after receiving msg from order service.

Pic 29.41

Connectivity between front end services and back end services

There are four kind of primary services which are used for connectivity purpose. Which are Amazon Simple Notification Service, Amazon Simple Queue Service, Amazon EventBridge and Amazon Kinesis Data Streams.

There are six key factors on which we can compare them. Firstly, scale/ concurrency control, durability of messages, persistence, consumption models, retries and pricing.

How to choose right Async service

Amazon Simple Notification Service Amazon Simple Queue Service Amazon EventBridge Amazon Kinesis Data Streams
  • One to one or minimal fanout
  • HTTP base target
  • Buffer request until they can be consumed
  • Whether order or not order
  • One to many fanout
  • Lots of different consumer target
  • Scheme matching
  • Massive throughputs
  • Multiple consumers
  • Log data, sensors data

Shared capabilities of frontend and backend

There are various services that are allow us to make a successful architecture

  1. Secrets/configuration management
  2. Simplifying code management
  3. Debugging/troubleshooting
  4. Performance control
  5. Security

 AWS Systems Manager – Parameter Store

There is centralized store to manage configuration data. In which there are supports hierarchies, encrypted with  AWS KMS, send notification of changes to Amazon SNS, could be secure with IAM and available via API/SDK. 

Lambda layers

  1. Functions can easily share codes, upload layer once and reference within any function
  2. Layer can be anything; dependencies, training data, configuration files
  3. Promote separation of responsibilities
  4. Built-in support for secure sharing by ecosystem

With Lambda layer we can reduce the duplication of code

Lambda permission model

Function policies

This basically told us that who has the ability to invoke this function.

Execution role

Define what AWS resources/API calls this function can access via IAM. 

AWS Serverless Application Model (AWS SAM)

  1. AWS CloudFormation extension optimized for serverless
  2. Special serverless resources types, functions, APIs, tables, layers and applications.
  3. Support anything AWS CloudFormation support

AWS SAM  Command Line Interface ( AWS SAM CLI)

  1. CLI tools for local development, debugging, testing, deploying and monitoring of serverless applications
  2. Supports API gateway and Lambda service testing.
  3. Response object and functions logs available on your local machine
  4. Can help you build in native dependencies.

In nutshell, this lecture discussed briefly the MyService Architecture and its essential parts frontend, backend and shared capabilities which shown in the following Fig 3. Furthermore, Synchronous and 

Fig.3 MyService Architecture.

Asynchronous APIs architecture, Shared capabilities of frontend and backend and their services. He also demonstrated shared services and its parts AWS system manager, Lambda layers and AWS SAM  Command Line Interface ( AWS SAM CLI) in details for better understanding of microservices with AWS Lambda.

You May Also Like

About the Author: CBPN Editor

Leave a Reply

Your email address will not be published. Required fields are marked *