O'Reilly logo
live online training icon Live Online training

Designing Serverless Architecture with AWS Lambda

Move beyond the basics to construct an entire Lambda pipeline

Yan Cui

<p>AWS Lambda has changed the way we deploy and run software, but this new paradigm has also created new challenges for old problems. For example, how do you test a cloud-hosted function locally, and how do you monitor it? What about logging and config management? And how do you start migrating from existing architectures? <p> Over two days, expert Yan Cui shares solutions to the challenges of running Lambda in production and migrating from an existing monolithic system. Through a mix of lectures, demonstrations, and hands-on exercises, you'll learn testing strategies for lambda functions and how to monitor them in production, how to create continuous integration and development (CI/CD) pipelines for lambda functions, how to implement centralized logging and distributed tracing, how to manage configurations, and how to secure lambda functions. <p> You'll also discover serverless design patterns and best practices when using AWS Lambda with API Gateway and Kinesis.

What you'll learn-and how you can apply it

  • Why testing lambda functions requires a different approach and mindset
  • The current limitations and trade-offs of AWS Lambda and how to work through them
  • How AWS Lambda affects the security of your application and what is still left to protect in a serverless architecture
  • Best practices for using AWS Lambda with API Gateway and Kinesis and how to implement them
  • How to navigate any challenges that may come up as your serverless architecture becomes more expansive and complex

And you’ll be able to:

  • Construct your own CI/CD pipeline for lambda functions
  • Create your own centralized logging and distributed tracing for lambda functions

This training course is for you because...

  • You’re a software architect or senior developer who wants to learn how to run AWS Lambda in production.

Prerequisites

  • Familiarity with AWS products (EC2, Kinesis, etc.)
  • A general knowledge of AWS Lambda (equivalent to one of the introductory sessions on Safari) (useful but not required)

Required materials and setup:

  • A machine with the AWS CLI command-line tool and the Serverless Framework installed
  • An AWS account (free tier is fine)
  • A GitHub account

Recommended preparation:

AWS: AWS Environments with AWS Lambda (learning path)

Learning AWS Lambda (book)

Serverless Architectures on AWS: With examples using AWS Lambda (book)

About your instructor

  • Yan Cui has nearly a decade of experience working with AWS. He has architected and implemented a large Serverless architecture of over 170 Lambda functions utilizing many AWS services including API Gateway, Kinesis, IOT, DynamoDB, SNS, Elasticache and many more. He has been through the journey of migrating a monolithic system to Lambda and has solved the many growing pains as his Serverless architecture became more expansive and complex.

Schedule

The timeframes are only estimates and may vary according to how the class is progressing

Day 1

AWS Lambda basics (10 minutes)

  • Lecture and demonstrations: How to create a simple lambda function; a tour of the AWS Lambda management console

Getting started with the Serverless Framework (25 minutes)

  • Lecture and demonstrations: How to use the Serverless Framework to create and deploy an API using API Gateway and Lambda; how to use the Serverless Framework to create a Kinesis processor
  • Hands-on exercise: Create a "Hello, world" lambda function and deploy it using the Serverless Framework
  • Q&A

Testing lambdas (15 minutes)

  • Lecture and demonstrations: A technique for reusing test cases for both integration and acceptance tests

Break (10 minutes)

Continuous integration and continuous delivery (30 minutes)

  • Lecture and demonstration: How to set up a CI/CD pipeline for Lambda
  • Q&A

Centralized logging (10 minutes)

  • Lecture and demonstrations: How to use the AWS management console to subscribe CloudWatch logs to Amazon Elasticsearch and automatically subscribe new CloudWatch log groups to Amazon Elasticsearch; how to use lambda functions to process and ship log entries to a self-hosted third-party ELK stack

Distributed tracing (30 minutes)

  • Lecture and demonstrations: How to set up custom traces and see a trace in X-Ray; the current limitations for X-Ray; how to extend tracing to Kinesis and SNS processing lambda functions by capturing and forwarding correlation IDs
  • Hands-on exercise: Install and deploy prepared lambda functions in your AWS account and view X-Ray traces
  • Q&A

Break (10 minutes)

Monitoring (10 minutes)

  • Lecture and demonstration: How to use log messages to track custom metrics to avoid latency overhead

Thinking about performance (10 minutes)

  • Lecture and demonstration: How to write a recursive function to process large S3 files

Thinking about retries (10 minutes)

  • Lecture and demonstrations: How to use recursive functions to process SQS messages

Wrap-up and Q&A (10 minutes)

Day 2

Introduction and Day 1 recap (10 minutes)

Language options (5 minutes)

  • Lecture: Language options, both natively supported and those supported through tooling (e.g., Go, Rust, F#, Scala, Kotlin, and Clojure); package size and cold start differences between the language options

Limits (5 minutes)

  • Lecture: Current soft and hard limits; how to request limit raises

Config management (20 minutes)

  • Lecture and demonstration: How to use environment variables to configure lambda functions; how to use EC2 Parameter Store and KMS to manage config values and secrets
  • Hands-on exercise: Use the Serverless Framework to configure environment variables for lambda functions

Lambda in virtual private clouds (VPCs) (10 minutes)

  • Lecture and demonstration: How to configure a lambda function to be deployed to your VPC in order to access Elasticache
  • Q&A

Break (10 minutes)

Security (40 minutes)

  • Lecture and demonstration: How to use Identity and Access Management (IAM) (configured via the Serverless Framework) to specify a minimum set of permissions for your lambda functions; how to use the API key to secure APIs in API Gateway; how to use IAM roles to secure APIs in API Gateway; cross-site scripting attacks against a Lambda-backed site; SQL injection attacks
  • Hands-on exercise: Use the Serverless Framework to configure IAM policies per function
  • Q&A

Lambda best practices (15 minutes)

  • Lecture and demonstration: AWS Lambda best practices; API Gateway best practices with Lambda; Kinesis best practices with Lambda

Break (10 minutes)

Step functions (20 minutes)

  • Lecture and demonstration: How to use step functions to chain invocation of lambda functions; how to manage step function state; how to handle errors in step functions
  • Hands-on exercise: Create a "Hello, world" step function

Exploring design patterns (25 minutes)

  • Lecture and demonstration: How to apply architecture patterns, such as fan out, fan in, saga, and event sourcing, with Lambda and other AWS services

Wrap-up and Q&A (10 minutes)