從劍宗到氣宗 - 談aws ecs與serverless最佳實踐
TRANSCRIPT
![Page 1: 從劍宗到氣宗 - 談AWS ECS與Serverless最佳實踐](https://reader034.vdocuments.site/reader034/viewer/2022050614/58f9b321760da3da068bd2b1/html5/thumbnails/1.jpg)
從劍宗到氣宗談 AWS ECS 與 Serverless 最佳實踐
Pahud HsiehApril19 2016, Taipei
![Page 2: 從劍宗到氣宗 - 談AWS ECS與Serverless最佳實踐](https://reader034.vdocuments.site/reader034/viewer/2022050614/58f9b321760da3da068bd2b1/html5/thumbnails/2.jpg)
Best Practice in AWS ECS and Serverless
• Last Updated: April/19 2016• Scheduled for 45 minutes
- The Challenges- Foundational Concepts of ECS and Serverless- New Challenges- The Future
• Q & A
![Page 3: 從劍宗到氣宗 - 談AWS ECS與Serverless最佳實踐](https://reader034.vdocuments.site/reader034/viewer/2022050614/58f9b321760da3da068bd2b1/html5/thumbnails/3.jpg)
A Bit About Me• Both an IT Pro and developer for the past 15 years• Chief Architect of Astra Cloud(miiicasa.com) from Taiwan• Experienced in IoT cloud platform across multiple AWS regions globally• AWS All-5 Certificates holder
- AWS Certified Solution Architect - Associate- AWS Certified SysOps - Associate- AWS Certified Developer - Associate- AWS Certified Solution Architect - Professional- AWS Certified DevOps Engineer - Professional
![Page 4: 從劍宗到氣宗 - 談AWS ECS與Serverless最佳實踐](https://reader034.vdocuments.site/reader034/viewer/2022050614/58f9b321760da3da068bd2b1/html5/thumbnails/4.jpg)
Old-Schools
Web Web
RDS RDS
ELB/ASG
Web Web
![Page 5: 從劍宗到氣宗 - 談AWS ECS與Serverless最佳實踐](https://reader034.vdocuments.site/reader034/viewer/2022050614/58f9b321760da3da068bd2b1/html5/thumbnails/5.jpg)
Looking Good?
![Page 6: 從劍宗到氣宗 - 談AWS ECS與Serverless最佳實踐](https://reader034.vdocuments.site/reader034/viewer/2022050614/58f9b321760da3da068bd2b1/html5/thumbnails/6.jpg)
Challenges• You pay too much for EC2 instances• pay even much for micro services• Complexity in Infrastructure• VPC, subnet, routing-table, NAT, NACL, security groups, ELB, ASG• Complexity in A/B testing and B/G deployment• CFN re-deploy, EB env swap, CodePipeline/CodeDeploy, OpsWorks, etc.• complexity means error-proneness
![Page 7: 從劍宗到氣宗 - 談AWS ECS與Serverless最佳實踐](https://reader034.vdocuments.site/reader034/viewer/2022050614/58f9b321760da3da068bd2b1/html5/thumbnails/7.jpg)
More Challenges
• dev/testing/QA/staging/prod consistency• CI & CD challenges• even worse to manage multiple AWS
regions • service decoupling means nightmares
![Page 8: 從劍宗到氣宗 - 談AWS ECS與Serverless最佳實踐](https://reader034.vdocuments.site/reader034/viewer/2022050614/58f9b321760da3da068bd2b1/html5/thumbnails/8.jpg)
Questions
• Can I just focus on my service stack unit, instead of computing unit(EC2) ?
• Self-Healing, Auto-Scaling, AZ-balancing ?• Log Consolidation ?• Immutable and Stateless Architecture ?• Cost Optimization and Resource Optimization ?• still having full control on my tech stack (frameworks and languages)• simple deployment, A/B and B/G ?
![Page 9: 從劍宗到氣宗 - 談AWS ECS與Serverless最佳實踐](https://reader034.vdocuments.site/reader034/viewer/2022050614/58f9b321760da3da068bd2b1/html5/thumbnails/9.jpg)
a highly scalable, fast, container management service that makes it easy to run, stop, and manage Docker containers on a cluster of Amazon EC2 instances.
AWS EC2 Container Service
![Page 10: 從劍宗到氣宗 - 談AWS ECS與Serverless最佳實踐](https://reader034.vdocuments.site/reader034/viewer/2022050614/58f9b321760da3da068bd2b1/html5/thumbnails/10.jpg)
ECS Cluster
ASGon demand
ASG spot instance
CloudWatch
![Page 11: 從劍宗到氣宗 - 談AWS ECS與Serverless最佳實踐](https://reader034.vdocuments.site/reader034/viewer/2022050614/58f9b321760da3da068bd2b1/html5/thumbnails/11.jpg)
Auto Scaling Policy Design
• scale out spot on 30%-60%• scale out on-demand when >= 60%• scale in on-demand when <60%• scale in spot when <=30%• with minimal 1 on-demand or RI
![Page 12: 從劍宗到氣宗 - 談AWS ECS與Serverless最佳實踐](https://reader034.vdocuments.site/reader034/viewer/2022050614/58f9b321760da3da068bd2b1/html5/thumbnails/12.jpg)
Simply Put
• on-demand/RI 打底 spot 伸縮• on-demand scale out last, scale in first• try spot fleet if you need couples of
instances( lets talk about it next time )
![Page 13: 從劍宗到氣宗 - 談AWS ECS與Serverless最佳實踐](https://reader034.vdocuments.site/reader034/viewer/2022050614/58f9b321760da3da068bd2b1/html5/thumbnails/13.jpg)
external ELB
internal ELB
instance * 2web * 2app * 2worker* 2
instance * 4
SQS
CloudWatchweb * 4
![Page 14: 從劍宗到氣宗 - 談AWS ECS與Serverless最佳實踐](https://reader034.vdocuments.site/reader034/viewer/2022050614/58f9b321760da3da068bd2b1/html5/thumbnails/14.jpg)
Benefits and Tips• Leverage ELB to build micro-services• Monitor service loading by CloudWatch and adjust spot fleet to scale out/in
services/tasks dynamically• Self-healing in container level• Fully-managed deployment and rolling update with revisions• Better resource utilization• Consolidate application logs to CloudWatch Logs• Create filter, metrics and build alarms from CloudWatch Logs• Push your docker images to ECR and deploy across regions with exactly the same
image
![Page 15: 從劍宗到氣宗 - 談AWS ECS與Serverless最佳實踐](https://reader034.vdocuments.site/reader034/viewer/2022050614/58f9b321760da3da068bd2b1/html5/thumbnails/15.jpg)
What if 20-30 micro services?
![Page 16: 從劍宗到氣宗 - 談AWS ECS與Serverless最佳實踐](https://reader034.vdocuments.site/reader034/viewer/2022050614/58f9b321760da3da068bd2b1/html5/thumbnails/16.jpg)
ECS Service Load Balancing
http://docs.aws.amazon.com/AmazonECS/latest/developerguide/service-load-balancing.html
![Page 17: 從劍宗到氣宗 - 談AWS ECS與Serverless最佳實踐](https://reader034.vdocuments.site/reader034/viewer/2022050614/58f9b321760da3da068bd2b1/html5/thumbnails/17.jpg)
Random ports LB and Service Discovery?
![Page 18: 從劍宗到氣宗 - 談AWS ECS與Serverless最佳實踐](https://reader034.vdocuments.site/reader034/viewer/2022050614/58f9b321760da3da068bd2b1/html5/thumbnails/18.jpg)
Load Balancing on Random Ports
http://www.slideshare.net/JulienSIMON5/amazon-ecs-january-2016/12
![Page 19: 從劍宗到氣宗 - 談AWS ECS與Serverless最佳實踐](https://reader034.vdocuments.site/reader034/viewer/2022050614/58f9b321760da3da068bd2b1/html5/thumbnails/19.jpg)
Meteor Galaxy session-aware with random ports
http://www.slideshare.net/AmazonWebServices/dvo313-building-nextgeneration-applications-with-amazon-ecs
![Page 20: 從劍宗到氣宗 - 談AWS ECS與Serverless最佳實踐](https://reader034.vdocuments.site/reader034/viewer/2022050614/58f9b321760da3da068bd2b1/html5/thumbnails/20.jpg)
Is there a way to move the code in a cloud native way?
![Page 21: 從劍宗到氣宗 - 談AWS ECS與Serverless最佳實踐](https://reader034.vdocuments.site/reader034/viewer/2022050614/58f9b321760da3da068bd2b1/html5/thumbnails/21.jpg)
“No server is easier to manage than no server”
- Werner Vogels, Amazon CTOAWS re:Invent 2015
![Page 22: 從劍宗到氣宗 - 談AWS ECS與Serverless最佳實踐](https://reader034.vdocuments.site/reader034/viewer/2022050614/58f9b321760da3da068bd2b1/html5/thumbnails/22.jpg)
AWS Lambda AWS API Gateway
“a compute service where you can upload your code to AWS Lambda and the service can run the code on your behalf using AWS infrastructure”
“a fully managed service that makes it easy for developers to create, publish, maintain, monitor, and secure APIs at any scale”
![Page 23: 從劍宗到氣宗 - 談AWS ECS與Serverless最佳實踐](https://reader034.vdocuments.site/reader034/viewer/2022050614/58f9b321760da3da068bd2b1/html5/thumbnails/23.jpg)
![Page 24: 從劍宗到氣宗 - 談AWS ECS與Serverless最佳實踐](https://reader034.vdocuments.site/reader034/viewer/2022050614/58f9b321760da3da068bd2b1/html5/thumbnails/24.jpg)
![Page 25: 從劍宗到氣宗 - 談AWS ECS與Serverless最佳實踐](https://reader034.vdocuments.site/reader034/viewer/2022050614/58f9b321760da3da068bd2b1/html5/thumbnails/25.jpg)
![Page 26: 從劍宗到氣宗 - 談AWS ECS與Serverless最佳實踐](https://reader034.vdocuments.site/reader034/viewer/2022050614/58f9b321760da3da068bd2b1/html5/thumbnails/26.jpg)
![Page 27: 從劍宗到氣宗 - 談AWS ECS與Serverless最佳實踐](https://reader034.vdocuments.site/reader034/viewer/2022050614/58f9b321760da3da068bd2b1/html5/thumbnails/27.jpg)
Mobile Integration
AWS Lambda
RequestResponse(Sync)Event(Asyc)
{“foo”:”bar”} event.context={“foo”:”bar”
}SDK
![Page 28: 從劍宗到氣宗 - 談AWS ECS與Serverless最佳實踐](https://reader034.vdocuments.site/reader034/viewer/2022050614/58f9b321760da3da068bd2b1/html5/thumbnails/28.jpg)
API Gateway Lambda function Integration
RESTful APIHTTP PUT /items/123{“foo”:”bar”} event.param_id=123
event.http_body={“foo”:”bar”}
![Page 29: 從劍宗到氣宗 - 談AWS ECS與Serverless最佳實踐](https://reader034.vdocuments.site/reader034/viewer/2022050614/58f9b321760da3da068bd2b1/html5/thumbnails/29.jpg)
API Gateway Service Proxy Integration
RESTful APIIAM assume role
execution
![Page 30: 從劍宗到氣宗 - 談AWS ECS與Serverless最佳實踐](https://reader034.vdocuments.site/reader034/viewer/2022050614/58f9b321760da3da068bd2b1/html5/thumbnails/30.jpg)
API Gateway Call Flow
![Page 31: 從劍宗到氣宗 - 談AWS ECS與Serverless最佳實踐](https://reader034.vdocuments.site/reader034/viewer/2022050614/58f9b321760da3da068bd2b1/html5/thumbnails/31.jpg)
Pros• cloud native with your business code in Lambda• no infrastructure to manage• leverage AWS PaaS infrastructure at scale• custom or federated authorization• very minimal cost for small-medium teams
- 30m requests = $11.63 per month (Lambda)- $4.25 per million requests(API Gateway)
![Page 32: 從劍宗到氣宗 - 談AWS ECS與Serverless最佳實踐](https://reader034.vdocuments.site/reader034/viewer/2022050614/58f9b321760da3da068bd2b1/html5/thumbnails/32.jpg)
http://www.slideshare.net/CaseyLee2/serverless-delivery
![Page 33: 從劍宗到氣宗 - 談AWS ECS與Serverless最佳實踐](https://reader034.vdocuments.site/reader034/viewer/2022050614/58f9b321760da3da068bd2b1/html5/thumbnails/33.jpg)
Cons - Lambda Limit• Lambda soft limit concurrency is 100 • 300 seconds max duration per invocation• Lambda in VPC restriction
- private IP addresses- ENIC limit(default 20*5=100)
![Page 34: 從劍宗到氣宗 - 談AWS ECS與Serverless最佳實踐](https://reader034.vdocuments.site/reader034/viewer/2022050614/58f9b321760da3da068bd2b1/html5/thumbnails/34.jpg)
Cons - API Gateway• 500-1000 QPS per AWS Account• 5M requests / month = $18.79• 100 QPS = $974.07 / month = 31,350NTD• No async or parallel invocation with
Lambda
![Page 35: 從劍宗到氣宗 - 談AWS ECS與Serverless最佳實踐](https://reader034.vdocuments.site/reader034/viewer/2022050614/58f9b321760da3da068bd2b1/html5/thumbnails/35.jpg)
Cons - Performance• push and pull invocation model of Lambda• -> delegation with higher memory• no connection pooling• -> always open/close conn in handler
scope
![Page 36: 從劍宗到氣宗 - 談AWS ECS與Serverless最佳實踐](https://reader034.vdocuments.site/reader034/viewer/2022050614/58f9b321760da3da068bd2b1/html5/thumbnails/36.jpg)
Cons - Development• CloudWatch debugging• immature CI/CD toolchains• lack of PHP, Ruby and Golang• re-deploy the whole bundle could be a pain
![Page 37: 從劍宗到氣宗 - 談AWS ECS與Serverless最佳實踐](https://reader034.vdocuments.site/reader034/viewer/2022050614/58f9b321760da3da068bd2b1/html5/thumbnails/37.jpg)
When should I use ECS, instead of serverless?
![Page 38: 從劍宗到氣宗 - 談AWS ECS與Serverless最佳實踐](https://reader034.vdocuments.site/reader034/viewer/2022050614/58f9b321760da3da068bd2b1/html5/thumbnails/38.jpg)
Use ECS• financial concern - When you have traffic more than
100QPS + • operation concern - Long running process or API service • language concern - Golang, PHP, Ruby, etc.• performance concern - need really big memory or CPU-
optimized• protocol concern - websockets, MQTT, other TCP
protocols
![Page 39: 從劍宗到氣宗 - 談AWS ECS與Serverless最佳實踐](https://reader034.vdocuments.site/reader034/viewer/2022050614/58f9b321760da3da068bd2b1/html5/thumbnails/39.jpg)
Use Serverless• small project, simple business logic• focus on the code only• no infrastructure management• stateless• quick micro services implementation• simply integrated with other AWS services
- i.e. API Gateway update DynamoDB, Kinesis, SQS as service proxy.
![Page 40: 從劍宗到氣宗 - 談AWS ECS與Serverless最佳實踐](https://reader034.vdocuments.site/reader034/viewer/2022050614/58f9b321760da3da068bd2b1/html5/thumbnails/40.jpg)
Conclusions• containerize your stack, and try serverless as much as you can• build stateless application • immutable architecture - every computing component can be replaced and
scaled with no impact• focus on your business logic, instead of the infrastructure, forget your
infrastructure• try not use any EC2, if necessary, avoid SSH into EC2 for manual operation• fully-managed and fully-automation is the way to go• embrace event-driven cloud computing
![Page 41: 從劍宗到氣宗 - 談AWS ECS與Serverless最佳實踐](https://reader034.vdocuments.site/reader034/viewer/2022050614/58f9b321760da3da068bd2b1/html5/thumbnails/41.jpg)
See You Next Time
![Page 42: 從劍宗到氣宗 - 談AWS ECS與Serverless最佳實踐](https://reader034.vdocuments.site/reader034/viewer/2022050614/58f9b321760da3da068bd2b1/html5/thumbnails/42.jpg)
Your Success Is Our Success