Please enable JavaScript.
Coggle requires JavaScript to display documents.
Lambda - PART 1 - Coggle Diagram
Lambda - PART 1
-
What's lambda?
- Serveless, you don't have to manage nothing
- FaaS (Function as a Service)
- Some AWS services serveless lambda, dynamo, cognito, api gateway, S3, Kinesis Data Firehorse, Aurora, Step Functions, Fargate
Lambda
- Virtual functions
- No manage
- Short executions
- Run on-demand
- Scaling is automated
Benefits
- Easy princing
- Pay per request and compute time
- Free tier 1.000.000 lambda requets and 400.000 GBs of compute time
- It's $0.20 per 1 million requets
- 400.000 secs if function is 1GB RAM
- 3.200.000 secs if function is 128 MB RAM
- After $1 dollar for 600.000 GB seconds
- Integrated with a lot of aws services
- Integrated with CloudWatch
- You can get up to 10 GB of RAM per function
- Increasing the RAM you will also increase CPU and network
- Node.js, Python, Java, C#, Goland, Ruby, Custom Runtime API, Lambda Coniner Image (Lambda Runtime API)
- Example: Serveless CRON Job (CloudWatch Events EventBridge -> Lambda)
Lambda - Synch Invocations
- Using CLI, SDK, API Gateway, Application Load Balancer
- Error handling must happen client side (retries, exponential backoff)
- You request and wait the response
- ELB, API GATEWAY, CLOUD FRONT, S3 BATCH, COGNITO, AWS STEP FUNCTIONS, LEX, ALEXA, KINESIS DATA FIREHOSE
Lambda integration with ALB
- To expose in the internet, you need to use ALB or API GATEWAY
- Must be registered in a target group
- ELB to call the lambda converts HTTP to JSON. In the JSON it pass ELB info, HTTP method & path, query string parameters, headers, body
- And after convert JSON to HTTP to get the response
- ALB multi-header values. When you use http header and query strings parameters you pass the vaues in a array to lambda
Lambda Asynch Invocations
- S3, SNS, CloudWatch Events
- S3 -> Event Queue -> Lambda (lambda has 3 retries total. the first in 1 minute and second 2m minute)
- In this example, lambda is idempotent
- If the lambda retries you will see some duplicate logs on CloudWatch
- You can also create a DLQ to send the messages with error from the queue
- It's faster than synch
- AWS Services to use synch S3, SNS, CloudWatch Events and EventBridge, CodeCommit, CodePipeline, CloudWatch Logs, Simple Email Service, CloudFormation, Config, IoT, IoT Events
CloudWatch Events / EventBridge
- Create or Rate EventBridge Rule to trigger the lambda
- CodePipeline EventBridge Rule to trigger the lambda
S3 Events Notifications
- Get notification when some object is created in S3
- S3 -> Lambda (Asynch)
- S3 -> SQS -> Lambda (Synch)
- S3 -> Lambda -> RDS or DynamoDb (Asynch)
Lambda Event Source Mapping
- Kinesis Data Stream, SQS, SQS FIFO, DynamoDb
- Synch
- Lambda -> (read) Event Source Mapping -> Kinesis
- Shard per item order
- After proccessed the data is removed from the stream
- Low traffic -> use batch window
- high traffic -> use multiple batches in parallel (10 batches per shard)
Lambda Event Source Mapping - Error handling
- By default if your function returns error the entire batch is reprocessed until the function succeds or the items in the batch expire
- You can discard old events, restrict the number of retries, split the batch on error,
- Discard events can go to a destination
Lambda Event Source Mapping - SQS and SQS FIFO
- Event Source Mapping will poll SQS using Long Polling
- Specify batch size 1 to 10 messages
- Recommended set the queue visibility timeout to 6x the timeout of your lambda function
- To use DQL set in the SQS level
Queue and Lambda
- Lambda supports FIFO (in order)
- For standard queues items aren't necessarily processed in order
- Lambda scale up to process it as quickly as possible
Lambda Destinations
- Send the result async to some where
- You can define for success and failed
- Asnync invoke: SQS, SNS, EventBridge bus
- Not use DQL (just in case of failures)
- Event Source mapping: SQS, SNS
Lambda Execution Role (IAM ROLE)
- Lambda needs IAM role to make the action in the aws services
- You need to create policy and iam role
- Best practice: create one lambda execution role per function (1x1)
Lambda Environments
- key value pair in string form
- Help to store secrets (encryptyed by KMS)
Lambda Logging and tracing
- CloudWatch logs to see logs (you need IAM to authorized the log)
- CloudWatch metrics are displayed already
Lambda tracing with X-ray
- Enable lambda configuration (active tracing)
- runs the x-ray daemon for you
- Use aws xray sdk in the code
- ensure lambda function has the correct iam execution role
- _X_AMZN_TRACE_ID -> contains the tracing header
- AWS_XRAY_CONTEXT_MISSING -> by default, LOG_ERROR
- AWS_XRAY_DAEMON_ADDRESS -> the X-ray daemon IP_ADDRESS:PORT