Microservices Architecture for Web Applications using AWS Lambda and more

Editor's Notes

• #2: Hello everybody and welcome! Thank you for taking the time to attend this session. I feel very humble and honored to be here today to talk about Microservices Architecture. The more I dive into microservices, the more it reminds me of the joke: That any software program can be reduced to one line of code ... that has a bug. I hope my presentation is better than my joke :)
• #3: This talk has emerged and evolved over time from our presentation at AWS re:Invent conference back in October 2015.
• #4: The fundamental goal of every web application is to be up and running 24/7. But it’s a huge challenge to do it at scale. It recently happened to BuzzFeed, when they published this article that went viral. And New York Media when they have been attacked by some hacker. And Flipkart, when their exclusive launch of low cost smartphone went wrong. Do you guys remember recent attacks on Github? Please raise your hand if you had some scalability issues that brought down your platforms in the past. PAUSE. Me too, I have personally experienced a similar situation when Michael Jackson died in 2009 and the breaking news brought down our entire digital platform for a couple of hours. It was an unpleasant discussion with my manager.
• #5: It is a big concern for us that an overwhelming 87% of attacks affect our web applications. The average downtime costs us hundreds of thousands and millions of dollars per hour, not to mention damages in reputation and credit rating, customer churn and insurance increases. So is there something that we can easily change in our architecture, that will solve these problems fundamentally?
• #6: We’ve been doing it for a while, constantly helping customers, business owners or decisions makers, architects or developers, technical or none technical, we help making digital platforms resilient. That is how we ended up using abstracted services from AWS and building Platform-as-a-Service that we call Digital Enterprise End-to-end Platform.
• #7: My name is Eugene Istrati. I’m the Technology Partner at Mitoc Group. I have been in IT for over 15 years, with last 7 years working on AWS. I am certified solution architect who worked at companies like Hearst, Amazon, GrubHub and Tenaris. Mitoc Group is a web development studio that focuses on enterprise applications and platforms. We are official AWS Technology Partner and as of this week featured by AWS Lambda team as framework partner on aws.amazon.com/lambda/partners.
• #8: My presentation is focused around 3 major concepts: serverless architecture, microservices architecture and content management applications with hands-on demos.
• #9: My goal today is to show you hands on the value of microservices. At the end of this talk, I will demo some steps from our development process, based on the code that currently runs on todo.deep.mg. Because the initial provisioning takes some time, I’ll fire it up now, at the beginning of the presentation and spend the rest of the time explaining and showing.
• #10: What is the reference architecture for web applications hosting on AWS?
• #11: By the show of hands, let’s see how many of us are using this 3 tier architecture? PAUSE. Awesome! In a nutshell, the infrastructure spreads across multiple availability zones, which means it is running in separate physical datacenters that are millisecond latency apart from each other. Therefore it is no surprise that this architecture scales in minutes.
• #12: But if you have experienced before breaking news, or viral content, or various attacks on your web application, you know that scaling in minutes is just not enough. We had to build by ourselves additional complexity to scale the infrastructure faster and meet the spiking demands.
• #13: Using this architecture on AWS makes it easier for us to maintain and support. Less operations makes the application less complex.
• #14: But we still needed experienced devops engineers to do so.
• #15: As developers, we can choose whatever technology stack we would like to use: Java or C#, Python or Ruby, Scala or Go, JavaScript or JavaScript.
• #16: But we had to recruit and hire developers with rich skillset, who are able to build and support the entire technology stack.
• #17: And, of course, this architecture is cost effective, if we implement it properly. We are paying only for resources that we are using.
• #18: But when the infrastructure doesn’t scale fast enough to meet the demand, our engineering teams are over-provisioning to solve short-term problems and buy time until they figure out long-term solutions. Please raise your hand if you have done it before. PAUSE. Don’t tell my boss, but I did it as well.
• #19: While we were trying to solve these problems for our customers, two major events happened that changed everything.
• #20: 1. In 2014, at the re:Invent, Amazon launched AWS Lambda, an event-driven computing service for dynamic applications.
• #21: And 2. Last year, at NY Summit, AWS launched Amazon API Gateway, a fully managed service for scalable API endpoints.
• #22: These two new services enabled us to reinvent the reference architecture in a completely serverless approach.
• #23: So let’s dive into serverless architecture next.
• #24: What does serverless mean? Intuitively, there should be something related to “no servers”. And it is. The key concept is that developers don’t need to deal with servers and all associated operations to keep them up and running at scale. Instead, developers get abstracted services that are highly secure and highly available, pre-provisioned and pre-scaled.
• #25: So, the main question is: How can we get to this serverless architecture? Let me show you how we transformed our customers applications that used the reference architecture, explained layer by layer.
• #26: First question, how can we transform the web tier into a serverless one? Most of us think of S3 as a storage service available over the Internet. We think of S3 as a cluster of web servers behind load balancers that have turned off server side scripting modules. It is secured through IAM and there is no need to worry about underlying infrastructure.
• #27: As we are doing this transformation, the static component stays exactly the same as in reference architecture. We load everything into S3: css, javascript, documents, images, videos. And even html, which usually is served by EC2.
• #28: Because S3 doesn’t allow server side scripting, we use client side languages like JavaScript to add dynamic functionality. Modern JavaScript frameworks like AngularJS caught up a lot lately to other popular web frameworks. They provide similar patterns and best practices like Symfony, or Django, or Rails. And they are very friendly with search engines, allowing indexing of both new applications and legacy applications.
• #29: But the biggest benefit – it is completely serverless. The infrastructure comes pre-scaled at AWS size, which is virtually infinite. I have heard some people saying quote: “You will reach your budget faster than AWS will reach its physical limits”. And the bigger it is, the better it gets and the lower it costs.
• #30: Now let’s see how we transformed our app tier into a serverless one. AWS Lambda can roughly be described as a docker container on steroids. It deploys code in milliseconds and executes code in seconds. Like in case of web tier, it is secured through IAM and there is no need to worry about underlying infrastructure.
• #31: Because of the way Lambda is designed, we get out of the box an accelerated backend that has short time to live. We are writing small nodejs functions, loading them into Lambda, and consuming them through API Gateway. It is also possible to call Lambda directly, but then you need to build by yourself caching and throttling, metering and versioning. Or use these pre-built features in API Gateway.
• #32: And like in case of web tier, it is completely serverless.
• #33: How do we transform the database tier into a serverless one? We encourage all of us to use DynamoDB because the only operations you care about are reads per second and writes per second. And like in case of both web tier and app tier, it is secured through IAM and there is no need to worry about underlying infrastructure.
• #34: DynamoDB is an amazing schema-less key-value database like MongoDB. We only increase or decrease, reads or writes, independently from each other. But at scale, by itself, DynamoDB could be cost intensive. We virtually put SQS in front of DynamoDB and store datasets into the queue that later gets asynchronously saved into the database. Apparently, this “eventual consistency” pattern saved AWS customers like Shazam 50% of their database cost.
• #35: And again, guess what? It is completely serverless.
• #36: But if you are for some reason coupled to relational databases, you can choose RDS Aurora. It is a MySQL like database, cloud native and scales seamlessly.
• #37: I hope you guys are excited enough to see a demo of a serverless environment.
• #38: In this demo I will setup from scratch a serverless environment in my AWS account by going through these 5 steps. I will be mindful of our time and setup only most relevant AWS services and features. This will enable my account to run my web application that I have in my GitHub. Provisioning in CloudFront could take up to 20 minutes, so if it will not be ready, I will show the website using S3 link. Cool? Ok, let’s do it.
• #39: What did we learn? Well, serverless approach is awesome and has its own challenges. Some developers might find these challenges unpleasant and unwanted. We actually appreciate them a lot because it enabled us to achieve more by doing less. For example, not having alternatives to Services Oriented Architecture and Application Programming Interfaces forced everybody on the team to commit and build SOA and APIs.
• #40: SOA also means we build services. But a service on AWS Lambda is constrained by design to 300 seconds execution time and 1.5G of memory. Not to mention browsers limitations with responsive design, especially on mobile devices.
• #41: That is why we have turned to microservices architecture, which I will be talking about next.
• #42: Alright. Microservices architecture.
• #43: Microservices architecture is the new trend that makes all of us curious and excited. And 2 years ago, it almost didn’t exist.
• #44: What does microservices mean? In a nutshell, it’s an architectural pattern that can be applied almost anywhere, either we are talking about infrastructure, or platform, or application. Think of it like a shredder for monoliths, that makes from complex into simple and from difficult into easy. If it’s software driven, it could be designed as microservices.
• #45: My favorite speakers on microservices topics are Adrian Cockcroft, Martin Fowler and Sam Newman.
• #46: I mentioned Adrian Cockcroft for two reasons: 1. He is Netflix former Chief Architect, famous for pioneering and evangelizing microservices architecture and 2. In his presentation State of the Art in Microservices, Adrian is talking about how to speed up platforms. The milliseconds in deployment time and seconds in execution time really pushed us and turned us into early adopters of AWS Lambda.
• #47: Let me show you Microservices Architecture powered by AWS Lambda.
• #48: This is the diagram of our 3rd iteration of publishing workflow, which by the way we have completely messed up in the first 2 iterations. If you would like to hear the story of those iterations, please ask me after the session, because it is kind of embarrassing. Back to 3rd iteration, the context here is that our digital asset management customers have lots of assets, microsites and static marketing websites. We helped them to migrate on AWS with just one click. The source of assets was in GitHub, or Subversion, or internal infrastructure, somewhere really hard to get. Either way, we have build a series of Lambda functions that a) get raw files into inbound S3 bucket, b) process / extract / transform / load into DynamoDB or S3, and c) move processed files into outbound S3 bucket.
• #49: Let me share with you some tips and tricks.
• #50: AWS Lambda is about one year old, so be open minded while building code and expect the unexpected. Make sure you setup alarms in CloudWatch. You will thank me later for that. Also, SNS has a nice “delivery policy” feature that avoids at scale some throttling between S3 and Lambda direct integration. And beware of potential infinite loops, which happened to us in version 1 of the publishing workflow. We had 2 developers built 3 Lambda functions that ended up calling each other forever. This is one of those embarrassing stuff.
• #51: Microservices are game changers that enable speed and security, because it is much harder to figure out how to attack something that quickly disappears. But if you are coming from monolithic architecture, a practical approach is to build a service or feature first and then break it down into microservices.
• #52: What I can tell you for sure, with emerging tech like cloud computing, traditional development process is becoming outdated. Lots of developers are expected to follow the same process and it works at basic level. Everything changes at scale, especially for big media companies, where the challenges to keep these processes consistent and manageable are exponential.
• #53: Microservices architecture empowers and enables developers to be independent, self sufficient, highly decoupled and focused on small and simple. But most important, it helps developers to define their own process and follow their own pace. I personally love it and hope to never go back to monoliths.
• #54: Alright, and there we are, at the final demo.
• #55: In this demo, I will achieve the same goal as in the previous demo, only this time it is completely automated. I will go to GitHub and follow the steps from README, Getting Started section. After couple of command line executions, I will load in the browser the clone of todo app, that will be running my own AWS account as an web application. Let’s see what happens.
• #56: I would like to call out DEEP Framework, a collection of nodejs libraries that abstracts web applications and web services from specific cloud providers. We built it on top of AWS, and we plan to add additional support for Google Cloud or Microsoft Azure, hopefully with additional help from the community.
• #57: And that concludes our presentation and opens up the floor to more questions.