Merikanto

一簫一劍平生意,負盡狂名十五年

AWS - 06 Lambda & API Gateway & Step Functions

Veröffentlicht am in
Symbole im Artikel gezählt: 5.8k Wörter Lesezeit ≈ 7 min

In the sixth post of the AWS series, we’re going to talk about 3 serverless-related services:

  • Lambda (Serverless Functions)
  • API Gateway (Part of Serverless Stack)
  • Step Functions (Serverless Orchestration)

Lambda

Stage variables are name-value pairs that you can define as configuration attributes associated with a deployment stage of an API.

They act like environment variables and can be used in your API setup and mapping templates.


Active tracing with X-Ray is only available in Lambda


  • Serverless compute service, scales automatically
  • Lambda functions are stateless
  • Lambda supports sync & async invocation of Lambda function

Components

  • Event source publishes events, triggers Lambda function. And the Lambda Function is the custom code to process events
  • Event source mapping
    • Maps an event source to a Lambda function
    • It enables automatic invocation of your Lambda function when events occur
  • Runtimes
    • Lambda runtimes allow functions in different languages to run in the same base execution environment.
    • The runtime sits in-between the Lambda service and your function code, relaying invocation events, context information, and responses between the two
  • Layer
    • Lambda layers are a distribution mechanism for libraries, custom runtimes, and other function dependencies
    • Use layers to manage your function’s dependencies independently and keep your deployment package small
  • Downstream resource
    • AWS service that your Lambda function calls once it is triggered
  • Log stream
    • While Lambda automatically monitors your function invocations and reports metrics to CloudWatch, you can annotate your function code with custom logging statements that allow you to analyze the execution flow and performance of your Lambda function

Difference

  • Environment vars: always encrypt at rest, can be encrypted in transit
  • Versions & aliases: Secondary resources, manage function deployment & invocation

Lambda@Edge

  • Run Lambda functions to customize content that CloudFront delivers, executing the functions in AWS locations closer to the viewer
  • The functions run in response to CloudFront events, without provisioning or managing servers
  • Automate with CodeDeploy & CodePipeline
  • Lambda will automatically track the behavior of your Lambda function invocations, and provide feedback that you can monitor. In addition, it provides metrics that allows you to analyze the full function invocation spectrum, including event source integration and whether downstream resources perform as expected

Metrics that Lambda monitor (then reports through CW)

  • Invocations
  • Duration
  • Throttles
  • IteratorAge
  • Error count & success rate
  • DeadLetterErrors

Lambda Layers


Lambda & DynamoDB Streams

DynamoDB Streams

  • Capture data modification events in DynamoDB tables

  • Each event is represented by a stream record, captures when new item is CUDed

    • Stream records (24h) are organized into groups (shards). Each shard acts as a container for multiple stream records

  • DynamoDB Stream & Lambda:

    Trigger: Code that executes automatically when an event of interest appears in a stream

  • Use:

    • Data replication across regions
    • Materialized view of tables
    • Data analysis with Kinesis

With triggers, we can build applications that react to data modifications in DynamoDB tables


DynamoDB Stream + Lambda

  • After you enable DynamoDB Streams on a table, associate the DynamoDB table with a Lambda function. AWS Lambda polls the stream and invokes your Lambda function synchronously when it detects new stream records

  • Configure the StreamSpecification you want for your DynamoDB Streams

    • StreamEnabled
    • StreamViewType (what info is written to the stream for this table)

API Gateway

Concepts

  • API endpoints: Host name API in GW, deployed to a specific region
    • Edge optimized
    • Regional
    • Private
  • API key: (similar to github blog deploy key)
  • API stage: a stage in the API lifecycle
  • Proxy integration
    • HTTP proxy: GW passes the entire request and response between the frontend and an HTTP backend
    • Lambda proxy: GW sends the entire request as an input to a backend Lambda function

Features

  • GW can execute Lambda code in your account, start Step Functions state machines, or make calls to Elastic Beanstalk, EC2, or web services outside of AWS with publicly accessible HTTP endpoints

  • GW helps you manage traffic to your backend by setting throttling rules based on the number of requests per second for each HTTP method in your APIs

  • Set up a cache with customizable keys and TTL for your API data to avoid hitting your backend services for each request

  • Run multiple versions of the same API simultaneously with API Lifecycle

  • All APIs expose HTTPS endpoints only (all encrypted, does not support unencrypted HTTP)


Monitoring

  • GW is integrated with CW Metrics: API calls, latency, error rates
  • GW also log API execution errors to CW Logs

Security

  • Authorize & verify API requests: Signature v4 (IAM & access policies)
  • Enable WAF for APIs

Step Functions (SF)

  • Serverless orchestration: Coordinate multiple AWS services into serverless workflows, so you can build & update apps quickly
  • SF has built-in fault tolerance and maintains service capacity across multiple AZs in each region
  • SF scales automatically

Concepts

  • Step Functions is based on tasks & state machines

    • Task: Performs work by using an activity / Lambda function, or by passing parameters to the API actions of other services
    • Finite state machine: Express an algorithm as a number of states, their relationships, and their input and output

    Define state machines with JSON-based Amazon States Language


Features

  • State machine execution occurs when a state machine runs and performs its tasks. Each Step Functions state machine can have multiple simultaneous executions

  • State machine updates in SF are eventually consistent

  • By default, when a state reports an error, AWS Step Functions causes the execution to fail entirely

  • Define workflows as state machines: transform complex code into easy to understand statements and diagrams


Common use cases

  • Ensure that long-running, multiple ETL jobs execute in order and complete successfully, instead of manually orchestrating those jobs or maintaining a separate application
  • By using SF to handle a few tasks in your codebase, you can approach the transformation of monolithic applications into microservices as a series of small steps
  • Use SF to easily automate recurring tasks such as patch management, infrastructure selection, and data synchronization; SF will automatically scale, respond to timeouts, and retry failed tasks
  • Combine multiple Lambda functions into responsive serverless applications and microservices, without having to write code for workflow logic, parallel processes, error handling, timeouts or retries
  • Orchestrate data and services that run on Amazon EC2 instances, containers, or on-premises servers