[AWS SAA-C02 Study Note] Serverless: Lambda, SQS, SNS, API Gateway, Fargate

Fargate

AWS Fargate is a serverless compute engine for containers that works with both Amazon Elastic Container Service (ECS) and Amazon Elastic Kubernetes Service (EKS). Fargate makes it easy for you to focus on building your applications. Fargate removes the need to provision and manage servers, lets you specify and pay for resources per application, and improves security through application isolation by design.

!!! For Containers !!!

Benefits

• Deploy and manage applications, nit infrastructes
• Right-sized resources with flexible pricing opitions
• Secure isolation by design
• Rich observability of applications

Lambda

Run code without provisioning or managing servers.

Servers automatically start and stop when needed.

Serverless Functions. Pay per invocation.

Intro

• Lambda is Cheap
• Lambda is Serverless
• Lambda Scales Automatically

Natively supports 7 runtimes languages:

1. Ruby
2. Python
3. Java
4. Go
5. Powershell
6. NodeJs
7. C#

You can also create your own custom runtime environments

Use Cases

Lambda is commonly used to glue different services together so the use cases are endless.

• Processing Thumbnails

• Contact Email Form

Triggers

Lambda can be invoked via the AWS SDK or trigger from other AWS services

Partner Event Sources

Pricing

First 1 million requests per month are free

There after $0.20 per additional 1 million requests

400,000 GB seconds free per month

There after $0.000016667 for every GB second

Interface

Defaults and Limites

Cold Starts

AWS has servers pre-configured (just sitting around turned off) for your runtime environment.

When a Lambda is invoked these servers need to be turned on and your code needs to be copied over.

During the time there will be a delay when the function will initially run which is called a cold start.

If the same Lambda is invoked and the server is still running, it will use that server again, so there will be little to delay to run that function. This what we call a warm server.

Tradeoff: cheap but cause delay in User Experience

There are strategies around Cold Starts such as Pre Warming which keep servers continuously running. Cloud Providers are always looking for ways to reduce cold starts.

Invocation Model

• Synchronous
• Asynchronous
• Poll based

Step Functions

AWS Step Functions is a low-code visual workflow service used to orchestrate AWS services, automate business processes, and build serverless applications.

Workflows manage failures, retries, parallelization, service integrations, and observability so developers can focus on higher-value business logic.

Lambda CheatSheet

Simple Queue Service (SQS)

Fully managed queuing services that enables you to decouple and scale microservices, distributed systems and serverless application.

• Any volume of messages
• “Poll” with consumers
• Messages processed in batches
• At-least once and exactly once delivery
• Visibility timeout allows handling failures
• Lambda service long-polls queues

Intro

what is queuing system?

Used to provide asynchronous communication and decouple processes via messages / events from a sender and receiver (producer and consumer)

SQS is for Application Integration

AWS SQS us a solution for the distributed queuing of messages generated by your application. It connects isolate applications together by passing along message to one another.

A queue is a temporary repository for messages that are awaiting processing.

Using AWS SDK, you write code which publishes messages onto the queue or you pull queue for messages.

!!! SQS is pull based, Not push based !!!

USe Case

an smartphone application and desktop application need to communicate with each other

Limits

Message Size: between 1 byte and 256 KB

Amazon SQS extended client library for Java lets you send messages from 256 KB to 2 GB in size. The message will be stored in S3 and library will reference the S3 object.

Message Rentention

how long SQS will hold onto a message in the queue before dropping it from queue (delete it)

4 days

Message retention can be adjusted from a minimum of 60 s to a max of 14 days.

Queues Types

Standard Queues

Allow you a nearly-unlimited number of transactions per second.

Guarantees that a message will be delivered AT LEAST once.

More than one copy of a message could be potentially delivered out of order.

Provides best-effort ordering that helps ensure a message is generally delivered in the same order that it was sent.

FIFO Queues

support multiple ordered message groups within a single queue.

Limited to 300 transaction per second.

SQS FIFO queues have all the same capabilities of a standard queue.

Message retention period

The message retention period is the amount of time that Amazon SQS retains a message that does not get deleted.

Amazon SQS automatically deletes messages that have been in a queue for more than the maximum message retention period. The default retention period is 4 days.

The retention period has a range of 60 seconds to 1,209,600 seconds (14 days).

Visibility Timeout

Visibility timeout sets the length of time that a message received from a queue (by one consumer) will not be visible to the other message consumers. (不重复处理)

• Visible Again: The visibility timeout begins when Amazon SQS returns a message. If the consumer fails to process and delete the message before the visibility timeout expires, the message becomes visible to other consumers.
• Received Once: If a message must be received only once, your consumer must delete it within the duration of the visibility timeout.

Short vs Long Polling

Polling is the method in which we retrieve messages from the queues

• Short Polling (default)

return message immediately, even if the messages queue being polled is empty

when you need a message right away

• Long Polling

waits util message arrives in the queue, or the long poll timeout expires

makes it inexpensive to retrieve messages from your queues as soon as the messages are availbale

Using long polling will reduce the cost because you can reduce number of empty receives

SQS Cheat Sheet

Simple Notification Service

Subscribe and send notifications via text message email, webhooks, lambdas, SQS and mobile notifications.

• Publish/subscribe messaging
• “Push” to subscreibers
• Messages are publish to a topic with multiple subscribers → “fan out”
• Messages can be filtered and only sent to certain subscribers
• Subscription protocols include: HTTP(s), Email, Amazon SQS, Lambda, SMS and mobile push

Intro

SNS is a highly available, durable, secure, fully managed pub/sub messaging service that enables you to decouple microservices, distributed systems and serverless applications.

Application integration!

• Publisher push events to an SNS Topic
• Subscribers subscribe to SNS Topic to have events pushed to them

AWS API → SNS → Subscribers

SNS Topics

Subscriptions

Application as Subscriber

send push notification messages directly to apps on mobile devices

Apple, Google, Microsoft (Desktop Application)

SNS Cheat Sheet

SQS, SNS with Lambda

Topic-queue Chaining

SNS to Lambda

Subscriber and Filter

API Gateway

Fully managed service to create, publish, maintain, monitor and secure APIs at any scale

Intro

API Gateway os a solution for creating secure APIs in your cloud environment at any scale.

Create APIs that act as a front door for applications to access data, business logic or functionality from back-end service

RESTful API?

Key Features

API Gateway handles all the tasks involved in accepting and processing up to hundreds of thousands of concurrent API calls, including traffic management, authorization and monitoring.

Configuration

• Resources

When you create an API you need to also create multiple Resources.

Resources are the URLs you define (ex. /projects)

Resources can have child resources (ex. /projects/-id-/edit)

• Methods

You need to define Methods on Resources

You can define multiple Methods on a Resource

Methods allow you to make API calls that resource URL with that protocol

ex. GET /projects/-id-, POST /projects/-id-

stages: versions of API

invoke URL: where to make API calls

deploy API: after making changes to API, you need to deploy it (when deployment, you need to choose stage)

integration type

Caching

API Caching can be enabled to cache your endpoints response to API calls

• When enabled on a stage, API Gateway caches responses from your endpoint for a specified TTL period
• API Gateway responds to requests by looking up the response from the cache (instead of making a request to the endpoint)

[Advantages]

CORS

Cross-Origin Resource Sharing is a way that the server at the other end (not client code in the browser) can relax a same-origin policy

• Allow restricted resources (ex. Fonts) on a webpage to be requested from a different domain than the initial resource that it came from
• Should always be enabled if using JS/AJAX that uses multiple domains with an API Gateway

!!! CORS is always enforced by client !!!

Same Origin Policy

SOP is a concept in the application security model, where a web browser permits scripts contained in a first web page, to access data in a second webpage.

• same origin policy are used to help prevent Cross-Site Scripting (XSS) attack
• They only works if both web pages have the same origin
• They are enforced at the web browser level
• They ignore tools such as postman or curl

API Gateway Cheat Sheet

Recap

• API Gateway
• Lambda
• DynamoDB
• S3
• Kinesis
• Aurora
• SNS
• SQS
• Fargate: serverless compute engine for containers
• EFS
• RDS Proxy: high-available database proxy
• AppSync: simplifies application deployment
• Step Functions: makes it easy to coordinate the components of distributed applications and microservices using visual workflows
• Athena
• Lambda@Edge
• EventBridge: serverless event bus service that makes it easy to access application data