Post on 16-Apr-2017
© 2016, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Andrew Baird, AWS Solutions Architecture
June 21, 2016
Managing the Continuous
Delivery of Code to AWS
Lambda
Agenda
CD Overview
Scope of this Webinar
Key Services and Features
Live Demo
Things to be Aware Of
Tips & Tricks
What’s Next?
Continuous Delivery Overview
Source Build Test Production
Continuous integration
Continuous delivery
Continuous deployment
Continuous Delivery Benefits
Improve developer
productivity
Find and address
bugs quickly
Deliver updates fasterAutomate the software
release process
Continuous Delivery Overview
Source Build Test Production
Continuous integration
Continuous delivery
Continuous deployment
Our Application – A Serverless Website
AWS Lambda
Functions
web browser
Amazon S3
Dynamic Content
Amazon API
Gateway
Amazon
DynamoDB
Overview of building this application:
http://bit.ly/1MJb0O2
Static Content
Our Role
AWS Lambda
Functions
web browser
Amazon S3
Dynamic Content
Amazon API
Gateway
Amazon
DynamoDB
Static Content
Our Goal
Continuous Delivery pipeline to automate deployment and
release of new Lambda function code to non-Production
environments.
Continuous delivery service for fast and
reliable application updates
Model and visualize your software
release process
Builds, tests, and deploys your code
every time there is a code change
Integrates with 3rd party tools and AWS
AWS CodePipeline
AWS CodePipeline Benefits
Improved quality
Rapid delivery Get started fast
Configurable workflow Easy to integrate
Source
Source
GitHub
Build
JenkinsOnEC2
Jenkins
Deploy
JavaApp
Elastic Beanstalk
PipelineStageAction
Transition
CodePipeline
MyApplication
Source
Source
GitHub
Build
JenkinsOnEC2
Jenkins
Deploy
JavaApp
Elastic Beanstalk
NotifyDevelopers
Lambda
CodePipeline
MyApplication
Parallel actions
Source
Source
GitHub
Build
JenkinsOnEC2
Jenkins
Deploy
JavaApp
Elastic Beanstalk
NotifyDevelopers
Lambda
TestAPI
Runscope
CodePipeline
MyApplication
Sequential actions
AWS service integrations
Source Invoke Logic Deploy
AWS Elastic Beanstalk AWS CodeCommit
Amazon S3 AWS CodeDeploy
AWS Lambda
Extend AWS CodePipeline Using Custom Actions
Update tickets Provision resources
Update dashboards Send notifications Security scan
Mobile testing
2. Perform Job
1. Invoke Lambda function
Source
Source
GitHub
Build
JenkinsOnEC2
Jenkins
Deploy
PublishVersion
AWS Lambda
MyApplicationCodePipeline
AWS
Lambda
3. PutJobSuccessResult
AWS Code Pipeline lets you invoke Lambda functions at each stage.
CodePipeline Overview
Job/Stage/Action Metadata
• UserParameters
• Input/Output Artifacts
• Artifact Credentials
{
"CodePipeline.job": {
"id": "8eb1c985-8031-4186-af7e-fdaa049e0a77",
"accountId": "xxx",
"data": {
"actionConfiguration": {
"configuration": {
"FunctionName": "PublishNewLambdaVersion",
"UserParameters": "function=LambdaFunctionName"
}
},
"inputArtifacts": [
{
"location": {
"s3Location": {
"bucketName": "codepipeline-us-east-1-xxx",
"objectKey": "Demo-Pipeline-Test/FunctionSo/M4BQFoQ.zip"
},
"type": "S3"
},
"revision": null,
"name": "FunctionSourceBundleName"
}
],
"outputArtifacts": [
{
"location": {
"s3Location": {
"bucketName": "codepipeline-us-east-1-xxx",
"objectKey": "Demo-Pipeline-Test/TestExecut/vG2GUh3"
},
"type": "S3"
},
"revision": null,
"name": "TestExecutionRequest"
}
],
"artifactCredentials": {
"secretAccessKey": "xxx",
"sessionToken": "xxx",
"accessKeyId": "xxx"
}
}
}
}
Our Pipeline
• Built code package lands in S3.
• Lambda Functions all the way down.
• Publish new Function version
• Integration Test
• Release function to environment
• Rollback if necessary
Creating a Pipeline via the CLI
{
"roleArn": "IAM-ROLE-ARN-FOR-
CODEPIPELINE-SERVICE",
"stages": [
{
"name": "Source",
"actions": [
{
"inputArtifacts":
[],
"name": "Source",
"actionTypeId": {
"category":
"Source",
"owner": "AWS",
"version": "1",
"provider": "S3"
},
"outputArtifacts": [
{
"name":
"FunctionSourceBundleName"
}
],
"configuration": {
"S3Bucket":
"SRC-BUCKET",
"S3ObjectKey":
"SRC-KEY.zip"
},
"runOrder": 1
}
]
},
{
"name": "dev",
"actions": [
{
"inputArtifacts": [
{
"name":
"FunctionSourceBundleName"
}
],
"name": "Publish-
Dev-Version",
"actionTypeId": {
"category":
"Invoke",
"owner": "AWS",
"version": "1",
"provider":
"Lambda"
},
"outputArtifacts": [
{
"name":
"TestExecutionRequest"
}
],
"configuration": {
"FunctionName":
"PublishNewLambdaVersion",
"UserParameters":
"function=LambdaFunctionNameToPublish"
},
"runOrder": 1
}
]
}
],
"artifactStore": {
"type": "S3",
"location": "BUCKET-NAME-THAT-
MEETS-CODEPIPELINE-REQUIREMENTS"
},
"name": "YOUR-PIPELINE-NAME"
}
aws codepieline create-pipeline --pipeline file://the-below.json
Function Versions
• Version your functions
• “Deployment” history
• Export code
• Can be used in parallel to each other
• Code as Infrastructure
http://docs.aws.amazon.com/lambda/latest/dg/API_UpdateFunctionCode.html
Function Aliases
• Assigned to function versions
• Can be reassigned
• Decouple clients from versioning
• Think of changing an alias as the
“Release” step, can enable Blue-Green
deployments.
Live Demo – Our Pipeline
Amazon
DynamoDB
AddItem
PublishNewVersion
TestNewVersion
ReleaseAndValidate
Amazon API
Gateway
AddItem-Test
AddItem-ApiTest
Things to be Aware of
AWS Lambda
• Different aliases assigned
to same version share
containers. Function code
should be alias-aware.
• New version means new
containers, remember to
pre-warm if needed.
• Lambda source code must
change for new version to
be published.
Amazon API Gateway
• Stage variable changes do
NOT require an API
deployment. Saving a
stage variable change
takes effect immediately.
AWS CodePipeline
• Job will hang until timeout, unless your Actions make the proper Success/Failure API call.
• Transitions between stages are Enabled OR Disabled. No concept today of manually permitting one job to proceed.
• Many capabilities via CLI/API not yet visible in the console.
Tips & Tricks
CodePipeline Success/Failure Callback
Implement failure first - Think “Test Driven Development”
Fan-out testing – have a single Lambda “test suite” function that
invokes several test-case functions.
Continuation Tokens – use to extend Lambda-based actions
beyond 5 minutes.
API Versioning – don’t couple your Lambda function versions to
API versions (i.e. api.example.com/v1/prod). Would be disruptive
to your clients and discourage rapid Lambda function changes.
Tips & Tricks Contd.
Baby Steps toward CD – Use scheduled Lambda function to
enable/disable stage transition nightly.
Surround with CloudFormation
AWS CodePipline + AWS Lambda + Amazon API Gateway are all
supported now!
Don’t rely on $LATEST for Lambda functions in a testing/production
environment – take control of testing/blessing versions and aliases.
Expand your CI/CD Scope!
CodeCommit Integration
Static Code Analysis (FindBugs, JSHint, Pylint)
Automated Build – (Jenkins, Solano CI, or your own!)
CloudWatch Events – Success/Failure Detection & Action