deep dive on aws chalicedeep dive on aws chalice a serverless microframework for python james...
TRANSCRIPT
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
T O K Y O2
01
9.1
0.0
3-
04
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
T O K Y O
20
19
.10
.03
-0
4Deep Dive on AWS ChaliceA Serverless Microframework for Python
James Saryerwinnie | @jsaryerSenior Software Development EngineerAmazon Web Services
D - 1
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Agenda
Overview of Chalice
Deployment
Python Packaging
AWS IAM Policy Generation
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Chalice is a microframework for writing serverless apps in python
Framework for creating serverless applications
CLI for deployment and packaging
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Overview
from chalice import Chalice
app = Chalice(app_name='helloworld')
@app.route('/')def index():
return {'hello': 'world'}
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Overview
from chalice import Chalice
app = Chalice(app_name='helloworld')
@app.route('/')def index():
return {'hello': 'world'}
$ chalice deploy
https://dfut7pnl47/dev/
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Overview
from chalice import Chalice
app = Chalice(app_name='helloworld')
@app.route('/')def index():
return {'hello': 'world'}
$ chalice deploy
https://dfut7pnl47/dev/
Framework CLI
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
More Chalice [email protected]_s3_event('mybucket')def resize_image(event):
pass
@app.schedule('rate(5 minutes)')def rate_handler(event):
pass
@app.on_sns_message(topic='mytopic')def handler(event):
pass
@app.on_sqs_message(queue='myqueue')def handler(event):
pass
@app.lambda_function()def handler(event, context):
pass
@app.route('/resource/{value}',methods=['PUT'])
def resource(value):pass
@app.authorizer(ttl_seconds=30)def jwt_auth(auth_request):
pass
@app.on_ws_message()def websocket_msg(event):
pass
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Chalice deploy
AWS Lambda
Amazon API Gateway
Role
AWS Cloud
Permissions
Swagger Doc
Deployment ZIP
from chalice import Chalice
app = Chalice(app_name='helloworld')
@app.route('/')
def index():
return {'hello': 'world'}
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Chalice deploy
AWS Cloud
AWS Lambda
Amazon API Gateway
Permissions
App Code
Deployment ZIP
Swagger Doc
Role
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Warning about Internals
Disclaimer: these are implementation details
The goal is to better understand how Chalice can help you
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Websocket App
import boto3
from chalice import Chalice
app = Chalice(app_name='websocket')
app.experimental_feature_flags.update([
'WEBSOCKETS'
])
app.websocket_api.session =boto3.Session()
@app.on_ws_connect()
def connect(event):
print('New connection: %s’ %
event.connection_id)
@app.on_ws_message()
def message(event):
print('%s: %s' % (event.connection_id,
event.body))
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Websocket App
import boto3
from chalice import Chalice
app = Chalice(app_name='websocket')
app.experimental_feature_flags.update([
'WEBSOCKETS'
])
app.websocket_api.session =boto3.Session()
@app.on_ws_connect()
def connect(event):
print('New connection: %s’ %
event.connection_id)
@app.on_ws_message()
def message(event):
print('%s: %s' % (event.connection_id,
event.body))
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Websocket App
import boto3
from chalice import Chalice
app = Chalice(app_name='websocket')
app.experimental_feature_flags.update([
'WEBSOCKETS'
])
app.websocket_api.session =boto3.Session()
@app.on_ws_connect()
def connect(event):
print('New connection: %s’ %
event.connection_id)
@app.on_ws_message()
def message(event):
print('%s: %s' % (event.connection_id,
event.body))
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Application Graph Builder
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
from chalice import Chalice
app = Chalice(app_name='one')
@app.lambda_function()
def handler(event, context):
return {}
Application Graph Builder
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Application Graph Builder
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Dependency Order
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Dependency Order
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Dependency Order
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Dependency Order
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Dependency Order
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Dependency Order
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Dependency Order
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Dependency Order
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Dependency Order
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Dependency Order
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Dependency Order
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Local Build
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Local Build
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Local Build
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Planner
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Planner
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Additional Plan Instructions
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Executor
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Executor
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Benefits of this Architecture
DECOUPLED
Each stage is independent which makes it easy to test and optimize each stage without affecting other stages.
ALTERNATIVES
You can swap out components with alternate implementations, supporting other deployment backends.
CONTROL IO
IO only happens a specific stages in the pipeline. We can implement features such as dry run and fast feedback loops.
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
.├── app.py└── requirements.txt
boto3==1.9.188botocore==1.12.204jmespath==0.9.3cryptography==2.7
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
.├── app.py└── requirements.txt
boto3==1.9.188botocore==1.12.204jmespath==0.9.3cryptography==2.7
pip install -r requirements.txt
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
$ aws lambda create-function ¥--function-name Hello ¥--role-name MyApp ¥--runtime python3.6 ¥--handler app.handler ¥--zip-file fileb://app.zip
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
deploy.zip
$ aws lambda create-function ¥--function-name Hello ¥--role-name MyApp ¥--runtime python3.6 ¥--handler app.handler ¥--zip-file fileb://app.zip
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
deploy.zip
Chalice Runtime
Your Application Code
Third Party Package Dependencies
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
deploy.zip
Chalice Runtime
Your Application Code
Third Party Package Dependencies
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
deploy.zip
Chalice Runtime
Your Application Code
Third Party Package Dependencies
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
$ file cryptography/hazmat/bindings/_openssl.so
hazmat/bindings/_openssl.so: Mach-O universal binary with 2 architectures:
[i386:Mach-O bundle i386] [x86_64:Mach-O 64-bit bundle x86_64]
bindings/_openssl.so (for i386): Mach-O bundle i386
bindings/_openssl.so (for x86_64): Mach-O 64-bit bundle x86_64
pip install cryptography
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
$ file cryptography/hazmat/bindings/_openssl.so
hazmat/bindings/_openssl.so: Mach-O universal binary with 2 architectures:
[i386:Mach-O bundle i386] [x86_64:Mach-O 64-bit bundle x86_64]
bindings/_openssl.so (for i386): Mach-O bundle i386
bindings/_openssl.so (for x86_64): Mach-O 64-bit bundle x86_64
pip install cryptography
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Python Packaging
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
deploy.zip
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
AWS IAM Policy Generation
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
AWS IAM Policy Generation
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
AWS IAM Policy Generation
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
AWS IAM Policy Generation
Amazon CloudWatch Logs
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
AWS IAM Policy Generation
Amazon VPC
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
AWS IAM Policy Generation
AWS Lambda
Amazon API Gateway
Permissions
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
AWS IAM Policy Generation
Amazon DynamoDB
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
AWS IAM Policy Generation
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
AWS IAM Policy Generation
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
import boto3from chalice import Chalice
app = Chalice(app_name='test-policy')client = boto3.client('dynamodb')
@app.route('/')def list_tables():
return client.list_tables()
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
client = boto3.client('dynamodb')
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
client.list_tables()
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Run the Auto Policy Generator
$ chalice gen-policy
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": ["dynamodb:ListTables"],
"Resource": ["*"],
"Sid": "30b6e077c9314011a8406dc262185caf"
}
]
}
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Caveat
• Experimental
• Use as a starting point
• Can specify your own IAM policy file to use
• Also specify a specific IAM Role ARN to use
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Wrapping Up
Overview of Chalice
Deployment
Python Packaging
IAM Policy Generation
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Next Steps
Try out AWS Chalice! https://chalice.readthedocs.io/en/latest/
Create feature requests: https://github.com/aws/chalice
AWS Chalice Workshop Next
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Thank you!
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
James Saryerwinnie
@jsaryer