Download as PDF, PPTX
More Related Content
Similar to Serverless? How (not) to develop, deploy and operate serverless applications.
Serverless? How (not) to develop, deploy and operate serverless applications.
- 1. #cfgmgmtcamp @gerardthefox Serverless? How (not)to develop, deploy and operate serverless applications 6 Feb 2018 Gérard de Vos [email protected]
- 2. #cfgmgmtcamp @gerardthefox Content ● Whatis serverless? ● So what? ● Serverless products / services ● Get a grip ● Approach ● Demo? ● So why not serverless? ● Fin & ?
- 3. #cfgmgmtcamp @gerardthefox What isserverless? ● Of course there are servers. It's just not your concern, like the solar farm and national grid aren't for your wall socket. "serverless" might be a stupid name but it's just a name. (get over it :-) ● Metered by byte transferred, byte stored, CPU second runtime. Not by storage claimed, upper bandwidth, VMs/containers started. ○ S3 object storage, DynamoDB records vs block device / VHD ○ Egress traffic, CDN vs ethernet port, fibre line ○ DB query vs installed database cluster size ● Last piece: Compute. AWS Lambda, Google Cloud Function, Azure Functions, IBM OpenWhisk
- 4. #cfgmgmtcamp @gerardthefox What isserverless? Or where is serverless? SaaS Serverless PaaS IaaS In house Hardcore Power Datacenter Compute Super-/Hypervisor OS / container SW stack / Middleware / messaging Business application Business rules Business process
- 5. #cfgmgmtcamp @gerardthefox So what? Toil,muck, yak shaving, etc. https://aws.amazon.com/security/security-bulletins/AWS-2018-013/
- 6.
- 7.
- 8.
- 9. #cfgmgmtcamp @gerardthefox So what? ●You can save a few € by updating older systems to sls ○ but the € 20k vs € 100 cloud bill won't matter that much on the total budget Bigger, better reasons ● Opportunity Cost. What you miss out on https://en.wikipedia.org/wiki/Opportunity_cost ● Transaction Cost. The reason organizations exist https://en.wikipedia.org/wiki/Transaction_cost ● Jevons Paradox. Create higher order systems https://www.cio.com/article/2384346/cloud-computing/what-economists-can-teach-us-about-cloud-computing.html ● FinDev / Why the fuss about serverless? https://hackernoon.com/why-the-fuss-about-serverless-4370b1596da0
- 10. #cfgmgmtcamp @gerardthefox So what? Theshort short version: Don't do undifferentiated heavy lifting http://archive.oreilly.com/network/2006/12/20/web-20-bezos.html
- 11. #cfgmgmtcamp @gerardthefox Serverless products& services Providers: ● AWS: Lambda, S3, DynamoDB, SQS, SNS, Step functions, etc. ● GCP: Cloud functions, Cloud datastore, Cloud Pub/Sub, etc. ● MS Azure: Azure functions, Blob storage, etc. On your own servers: ● Apache OpenWhisk ● Kubeless ● OpenFaaS ● Fission.io
- 12. #cfgmgmtcamp @gerardthefox Get agrip It's newish (if we ignore /cgi-bin/, cron et al) Can't hire "10 years of experience with Lambda in production" Can't get industry certifications, trainings No Best Practices™ to copy-pasta You'll have to do the work yourselves (or ignore, always an option)
- 13. #cfgmgmtcamp @gerardthefox Get agrip You're not alone! While no Best, there are Emerging Practices and Good Practices to put to use http://serverlessconf.io/ https://www.jeffconf.com/ https://serverless.com/ https://github.com/anaibol/awesome-serverless And people blog, present, open source, and otherwise share all over the web
- 14. #cfgmgmtcamp @gerardthefox Approach -invest Different from the last 30 years. Invest time in learning. It's an investment, you will get a return on it!
- 15. #cfgmgmtcamp @gerardthefox Approach -commit Yes, you are locking yourself in. Maybe more so than otherwise, maybe less so. Do the risk assessment. Accept it. Commit to it. Back to the economics of it. What is the risk of AWS pulling an *racle and raising prices 2000%? What is the risk of AWS discontinuing a service on short notice? What is the risk of not moving up? What if your competitors do move up?
- 16. #cfgmgmtcamp @gerardthefox Approach -commit https://twitter.com/i/web/status/958050456101642241
- 17. #cfgmgmtcamp @gerardthefox Approach -standardization
- 18. #cfgmgmtcamp @gerardthefox Approach -standardization You say: we standardized on Java EE! (or Docker, or Node.js, or ...) You think people hear: we made a decision! we have things under control! We benefit from specialization, efficiencies of scale! we're building an ecosystem! People hear: we make you eat soup with a knife!
- 19. #cfgmgmtcamp @gerardthefox Approach -lifecycle Built in lifecycle mgmt ● Your app could be killed after milliseconds. It can be started from scratch at any time. Initialize fast. Think light ● Your app could be running for hours. Check if it already initialized. Clean up temp files. Memory mgmt (nullify references) ● Your first deploy is not "done", it's the beginning. Deploy, update, discontinue. Make functions / API versioned
- 20. #cfgmgmtcamp @gerardthefox Approach -lifecycle Built in lifecycle mgmt ● Lifecycle policies for storage. S3 object storage, SQS queues, DB records. ● Phoenix data centers. Recycle your cloud account. Blue/green cloud accounts. Also an excellent BCP exercise
- 21. #cfgmgmtcamp @gerardthefox Approach -organization ● Compartmentalize (or dare I say... containerize! ) ○ Map your system, Wardley mapping ○ Systems, processes, etc. get only one team as the owner ● You built it, you run it ○ No handoffs. Devops / product team model ○ Freedom + responsibility ● Right size ○ 5, 6 people to a team https://hackernoon.com/my-basics-for-mapping-a-business-5b20f364b216 https://queue.acm.org/detail.cfm?id=1142065
- 22. #cfgmgmtcamp @gerardthefox Approach -organization ● Right size ○ Bundle related FE functions in 1 git repo, BE functions in another git repo ● Automate ○ Use CI/CD to track, create and deploy ○ CD is the only thing that changes production, try for the other environments too
- 23. #cfgmgmtcamp @gerardthefox Approach -hands off There is no SSH/RDP'ing in, attaching debuggers/tracers/profilers Not logging into production servers was a good practice, now not even an option Apply your 12-factor, devops, µ-service, etc. practices: ● Log shipping Usually built into the platform. Format your logs in JSON ● Metrics shipping Same. ● Correlation IDs Forward them to the next step. HTTP headers, tags ● Distributed tracing (X-Ray, OpenTracing) https://12factor.net/ https://hackernoon.com/capture-and-forward-correlation-ids-through-different-lambda-event-sources-220c227c65f5
- 24. #cfgmgmtcamp @gerardthefox Approach -attitude with some platitudes 'If everything seems under control, you're not going fast enough.' - Mario Andretti MTTR > MTBF Continuous improvement is better than delayed perfection - Mark Twain Responding to change over following a plan "Testing" in production, aka monitoring, observability https://www.kitchensoap.com/2010/11/07/mttr-mtbf-for-most-types-of-f/ https://en.wikipedia.org/wiki/Continual_improvement_process http://agilemanifesto.org/ https://opensource.com/article/17/8/testing-production
- 25.
- 26. #cfgmgmtcamp @gerardthefox Serverless framework $sls create -t public_template --name my_app $ sls create -u https://my_template_repo/awesome_template -n my_other_app $ $EDITOR serverless.yml $ sls invoke local -f my_function $ sls deploy --stage test $ sls deploy -s test --function single_function $ sls deploy -s prod $ sls remove
- 27. #cfgmgmtcamp @gerardthefox So whynot serverless? ● Limited available features. Might not fit your use case (cold start latency, runtime, memory, price, etc) ● Limited available features. Might not fit your organization's current way of working "we make you eat soup with a knife" ● Metered. Might not fit your organization's budgeting and invoicing ● Limited providers. Might not fit your organization's policies or regulatory requirements e.g. no foreign providers. no providers under US control. running a full serverless stack in your own datacenter likely not worth the effort vs VMs/containers ● ...
- 28. #cfgmgmtcamp @gerardthefox Serverless (orinsert-better-name-here-please) Do's Don'ts Recognize as important part of compute-as-utility Ignore Commit (after due diligence) Half arse it Maintain a set of standards Set single standard, or set no standards Lifecycle mgmt Feature factory Product teams Waterfall, handoffs, and silos Automate, CI/CD Ambachtelijke IT. Artisanal creative handicraft IT Use agile approach Apply methods created for other contexts
- 29.
- 30.