© 2016, Amazon Web Services, Inc. or its Affiliates. All rights reserved.

Andrew Baird, AWS Solutions Architect

04/28/2016

Continuous Delivery with AWS Lambda

Agenda

CD Overview Scope of this Webinar Key Services and Features Live Demo Things to be Aware Of Tips & Tricks What’s Next?

Continuous Delivery Overview

Continuous Delivery Overview

Source Build Test Production

Continuous integration

Continuous delivery

Continuous deployment

Continuous Delivery Benefits

Improve developer productivity

Find and address bugs quickly

Deliver updates fasterAutomate the software release process

Scope of this Webinar

Continuous Delivery Overview

Source Build Test Production

Continuous integration

Continuous delivery

Continuous deployment

Our Application – A Serverless Website

AWS Lambda

Functions

web browser

Amazon S3

Dynamic Content

Amazon API

Gateway

Amazon DynamoDB

Overview of building this application: http://bit.ly/1MJb0O2

Static Content

Our Role

AWS Lambda

Functions

web browser

Amazon S3

Dynamic Content

Amazon API

Gateway

Amazon DynamoDB

Static Content

Our Goal

Continuous Delivery pipeline to automate deployment and release of new Lambda function code to non-Production environments.

Key Services and Features

AWS CodePipeline

Continuous delivery service for fast and reliable application updates

Model and visualize your software release process

Builds, tests, and deploys your code every time there is a code change

Integrates with 3rd party tools and AWS

AWS CodePipeline

AWS CodePipeline Benefits

Improved quality

Rapid delivery Get started fast

Configurable workflow Easy to integrate

Source

SourceGitHub

Build

JenkinsOnEC2Jenkins

Deploy

JavaAppElastic Beanstalk

PipelineStageAction

Transition

CodePipelineMyApplication

Source

SourceGitHub

Build

JenkinsOnEC2Jenkins

Deploy

JavaAppElastic Beanstalk

NotifyDevelopersLambda

CodePipelineMyApplication

Parallel actions

Source

SourceGitHub

Build

JenkinsOnEC2Jenkins

Deploy

JavaAppElastic Beanstalk

NotifyDevelopersLambda

TestAPIRunscope

CodePipelineMyApplication

Sequential actions

AWS service integrations

Source Invoke Logic Deploy

AWS Elastic Beanstalk AWS CodeCommit Amazon S3 AWS CodeDeploy

AWS Lambda

We have a strong partner list, and it’s growingSource Build Test Deploy

Extend AWS CodePipeline Using Custom Actions

Update tickets Provision resources

Update dashboards Send notifications Security scan

Mobile testing

2. Perform Job1. Invoke Lambda function

SourceSourceGitHub

BuildJenkinsOnEC2Jenkins

DeployPublishVersionAWS Lambda

MyApplicationCodePipeline

AWSLambda

3. PutJobSuccessResult

AWS Code Pipeline lets you invoke Lambda functions at each stage.

CodePipeline OverviewJob/Stage/Action Metadata• UserParameters• Input/Output Artifacts• Artifact Credentials

{ "CodePipeline.job": {

"id": "8eb1c985-8031-4186-af7e-fdaa049e0a77", "accountId": "xxx", "data": {

"actionConfiguration": { "configuration": {

"FunctionName": "PublishNewLambdaVersion",

"UserParameters": "function=LambdaFunctionName"

} }, "inputArtifacts": [

{ "location": {

"s3Location": {

"bucketName": "codepipeline-us-east-1-xxx",

"objectKey": "Demo-Pipeline-Test/FunctionSo/M4BQFoQ.zip"

},

"type": "S3" }, "revision": null, "name":

"FunctionSourceBundleName" }

], "outputArtifacts": [

{ "location": {

"s3Location": {

"bucketName": "codepipeline-us-east-1-xxx",

"objectKey": "Demo-Pipeline-Test/TestExecut/vG2GUh3"

},

"type": "S3" }, "revision": null, "name":

"TestExecutionRequest"}

], "artifactCredentials": {

"secretAccessKey": "xxx", "sessionToken": "xxx", "accessKeyId": "xxx"

} }

} }

Our Pipeline• Built code package lands in S3.• Lambda Functions all the way down.

• Publish new Function version• Integration Test• Release function to environment• Rollback if necessary

Creating a Pipeline via the CLI{ "roleArn": "IAM-ROLE-ARN-FOR-CODEPIPELINE-SERVICE", "stages": [ { "name": "Source", "actions": [ { "inputArtifacts": [], "name": "Source", "actionTypeId": { "category": "Source", "owner": "AWS", "version": "1", "provider": "S3" }, "outputArtifacts": [ { "name": "FunctionSourceBundleName" } ], "configuration": { "S3Bucket":

"SRC-BUCKET", "S3ObjectKey": "SRC-KEY.zip" }, "runOrder": 1 } ] }, { "name": "dev", "actions": [ { "inputArtifacts": [ { "name": "FunctionSourceBundleName" } ], "name": "Publish-Dev-Version", "actionTypeId": { "category": "Invoke", "owner": "AWS", "version": "1", "provider": "Lambda"

}, "outputArtifacts": [ { "name": "TestExecutionRequest" } ], "configuration": { "FunctionName": "PublishNewLambdaVersion", "UserParameters": "function=LambdaFunctionNameToPublish" }, "runOrder": 1 } ] } ], "artifactStore": { "type": "S3", "location": "BUCKET-NAME-THAT-MEETS-CODEPIPELINE-REQUIREMENTS" }, "name": "YOUR-PIPELINE-NAME"}

aws codepieline create-pipeline --pipeline file://the-below.json

AWS Lambda

AWS Lambda – CD Relevant Features

Function Versions

• Version your functions• “Deployment” history• Export code• Can be used in parallel to each other

• Code as Infrastructure

http://docs.aws.amazon.com/lambda/latest/dg/API_UpdateFunctionCode.html

Function Aliases

• Assigned to function versions• Can be reassigned• Decouple clients from versioning• Think of changing an alias as the

“Release” step, can enable Blue-Green deployments.

Amazon API Gateway

Amazon API Gateway – CD Relevant Features

API Stages

Stage VariablesCombine API Stages with Lambda Function Aliases

API Gateway Swagger Import/Export APIs

Live Demo

Live Demo – Our Pipeline

Amazon DynamoDB

AddItem

PublishNewVersion

TestNewVersion

ReleaseAndValidate

Amazon API Gateway

AddItem-Test

UpdateFunctionCode()

Invoke()Invoke()

TestInvokeMethod()UpdateAlias()

AddItem-ApiTestInvoke()

Things to be Aware of

Things to be Aware of

AWS Lambda

• Different aliases assigned to same version share containers. Function code should be alias-aware.

• New version means new containers, remember to pre-warm if needed.

• Lambda source code must change for new version to be published.

Amazon API Gateway

• Stage variable changes do NOT require an API deployment. Saving a stage variable change takes effect immediately.

AWS CodePipeline

• Job will hang until timeout, unless your Actions make the proper Success/Failure API call.

• Transitions between stages are Enabled OR Disabled. No concept today of manually permitting one job to proceed.

• Many capabilities via CLI/API not yet visible in the console.

Tips & Tricks

Tips & Tricks

CodePipeline Success/Failure Callback Implement failure first - Think “Test Driven Development” Fan-out testing – have a single Lambda “test suite” function that

invokes several test-case functions. Continuation Tokens – use to extend Lambda-based actions

beyond 5 minutes. API Versioning – don’t couple your Lambda function versions to

API versions (i.e. api.example.com/v1/prod). Would be disruptive to your clients and discourage rapid Lambda function changes.

Tips & Tricks Contd.

Baby Steps toward CD – Use scheduled Lambda function to enable/disable stage transition nightly.

Surround with CloudFormation AWS CodePipline + AWS Lambda + Amazon API Gateway are all

supported now! Don’t rely on $LATEST for Lambda functions in a testing/production

environment – take control of testing/blessing versions and aliases.

What’s next?

Expand your CI/CD Scope!

CodeCommit Integration – new! Static Code Analysis (FindBugs, JSHint, Pylint) Automated Build – (Jenkins, Solano CI, or your own!) CloudWatch Events – Success/Failure Detection & Action

Thank you!