Deep Dive on AWS ChaliceDeep Dive on AWS Chalice A Serverless Microframework for Python James...

© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.

T O K Y O2

01

9.1

0.0

3-

04


T O K Y O

20

19

.10

.03

-0

4Deep Dive on AWS ChaliceA Serverless Microframework for Python

James Saryerwinnie | @jsaryerSenior Software Development EngineerAmazon Web Services

D - 1


Agenda

Overview of Chalice

Deployment

Python Packaging

AWS IAM Policy Generation


Chalice is a microframework for writing serverless apps in python

Framework for creating serverless applications

CLI for deployment and packaging


Overview

from chalice import Chalice

app = Chalice(app_name='helloworld')

@app.route('/')def index():

return {'hello': 'world'}


Overview





$ chalice deploy

https://dfut7pnl47/dev/


Overview





$ chalice deploy

https://dfut7pnl47/dev/

Framework CLI


More Chalice [email protected]_s3_event('mybucket')def resize_image(event):

pass

@app.schedule('rate(5 minutes)')def rate_handler(event):

pass

@app.on_sns_message(topic='mytopic')def handler(event):

pass

@app.on_sqs_message(queue='myqueue')def handler(event):

pass

@app.lambda_function()def handler(event, context):

pass

@app.route('/resource/{value}',methods=['PUT'])

def resource(value):pass

@app.authorizer(ttl_seconds=30)def jwt_auth(auth_request):

pass

@app.on_ws_message()def websocket_msg(event):

pass


Chalice deploy

AWS Lambda

Amazon API Gateway

Role

AWS Cloud

Permissions

Swagger Doc

Deployment ZIP



@app.route('/')

def index():



Chalice deploy

AWS Cloud

AWS Lambda

Amazon API Gateway

Permissions

App Code

Deployment ZIP

Swagger Doc

Role


Warning about Internals

Disclaimer: these are implementation details

The goal is to better understand how Chalice can help you


Websocket App

import boto3


app = Chalice(app_name='websocket')

app.experimental_feature_flags.update([

'WEBSOCKETS'

])

app.websocket_api.session =boto3.Session()

@app.on_ws_connect()

def connect(event):

print('New connection: %s’ %

event.connection_id)

@app.on_ws_message()

def message(event):

print('%s: %s' % (event.connection_id,

event.body))


Application Graph Builder



app = Chalice(app_name='one')

@app.lambda_function()

def handler(event, context):

return {}



Dependency Order


Local Build


Planner


Additional Plan Instructions


Executor


Benefits of this Architecture

DECOUPLED

Each stage is independent which makes it easy to test and optimize each stage without affecting other stages.

ALTERNATIVES

You can swap out components with alternate implementations, supporting other deployment backends.

CONTROL IO

IO only happens a specific stages in the pipeline. We can implement features such as dry run and fast feedback loops.


.├── app.py└── requirements.txt

boto3==1.9.188botocore==1.12.204jmespath==0.9.3cryptography==2.7


.├── app.py└── requirements.txt

boto3==1.9.188botocore==1.12.204jmespath==0.9.3cryptography==2.7

pip install -r requirements.txt


$ aws lambda create-function ¥--function-name Hello ¥--role-name MyApp ¥--runtime python3.6 ¥--handler app.handler ¥--zip-file fileb://app.zip


deploy.zip

$ aws lambda create-function ¥--function-name Hello ¥--role-name MyApp ¥--runtime python3.6 ¥--handler app.handler ¥--zip-file fileb://app.zip


deploy.zip

Chalice Runtime

Your Application Code

Third Party Package Dependencies


$ file cryptography/hazmat/bindings/_openssl.so

hazmat/bindings/_openssl.so: Mach-O universal binary with 2 architectures:

[i386:Mach-O bundle i386] [x86_64:Mach-O 64-bit bundle x86_64]

bindings/_openssl.so (for i386): Mach-O bundle i386

bindings/_openssl.so (for x86_64): Mach-O 64-bit bundle x86_64

pip install cryptography


Python Packaging


deploy.zip



Amazon CloudWatch Logs



Amazon VPC



AWS Lambda

Amazon API Gateway

Permissions



Amazon DynamoDB


import boto3from chalice import Chalice

app = Chalice(app_name='test-policy')client = boto3.client('dynamodb')

@app.route('/')def list_tables():

return client.list_tables()


client = boto3.client('dynamodb')


client.list_tables()


Run the Auto Policy Generator

$ chalice gen-policy

{

"Version": "2012-10-17",

"Statement": [

{

"Effect": "Allow",

"Action": ["dynamodb:ListTables"],

"Resource": ["*"],

"Sid": "30b6e077c9314011a8406dc262185caf"

}

]

}


Caveat

• Experimental

• Use as a starting point

• Can specify your own IAM policy file to use

• Also specify a specific IAM Role ARN to use


Wrapping Up

Overview of Chalice

Deployment

Python Packaging

IAM Policy Generation


Next Steps

Try out AWS Chalice! https://chalice.readthedocs.io/en/latest/

Create feature requests: https://github.com/aws/chalice

AWS Chalice Workshop Next

https://chalice.readthedocs.io/en/latest/

https://github.com/aws/chalice

Thank you!


James Saryerwinnie

@jsaryer

Deep Dive on AWS ChaliceDeep Dive on AWS Chalice A Serverless Microframework for Python James...

Documents

Transcript of Deep Dive on AWS ChaliceDeep Dive on AWS Chalice A Serverless Microframework for Python James...