© 2016, Amazon Web Services, Inc. or its Affiliates. All rights reserved.

Andrew Baird, AWS Solutions Architecture

June 21, 2016

Managing the Continuous

Delivery of Code to AWS

Lambda

Agenda

CD Overview

Scope of this Webinar

Key Services and Features

Live Demo

Things to be Aware Of

Tips & Tricks

What’s Next?

Continuous Delivery Overview

Continuous Delivery Overview

Source Build Test Production

Continuous integration

Continuous delivery

Continuous deployment

Continuous Delivery Benefits

Improve developer

productivity

Find and address

bugs quickly

Deliver updates fasterAutomate the software

release process

Scope of this Webinar

Continuous Delivery Overview

Source Build Test Production

Continuous integration

Continuous delivery

Continuous deployment

Our Application – A Serverless Website

AWS Lambda

Functions

web browser

Amazon S3

Dynamic Content

Amazon API

Gateway

Amazon

DynamoDB

Overview of building this application:

http://bit.ly/1MJb0O2

Static Content

Our Role

AWS Lambda

Functions

web browser

Amazon S3

Dynamic Content

Amazon API

Gateway

Amazon

DynamoDB

Static Content

Our Goal

Continuous Delivery pipeline to automate deployment and

release of new Lambda function code to non-Production

environments.

Key Services and Features

AWS CodePipeline

Continuous delivery service for fast and

reliable application updates

Model and visualize your software

release process

Builds, tests, and deploys your code

every time there is a code change

Integrates with 3rd party tools and AWS

AWS CodePipeline

AWS CodePipeline Benefits

Improved quality

Rapid delivery Get started fast

Configurable workflow Easy to integrate

Source

Source

GitHub

Build

JenkinsOnEC2

Jenkins

Deploy

JavaApp

Elastic Beanstalk

PipelineStageAction

Transition

CodePipeline

MyApplication

Source

Source

GitHub

Build

JenkinsOnEC2

Jenkins

Deploy

JavaApp

Elastic Beanstalk

NotifyDevelopers

Lambda

CodePipeline

MyApplication

Parallel actions

Source

Source

GitHub

Build

JenkinsOnEC2

Jenkins

Deploy

JavaApp

Elastic Beanstalk

NotifyDevelopers

Lambda

TestAPI

Runscope

CodePipeline

MyApplication

Sequential actions

AWS service integrations

Source Invoke Logic Deploy

AWS Elastic Beanstalk AWS CodeCommit

Amazon S3 AWS CodeDeploy

AWS Lambda

We have a strong partner list, and it’s growing

Source Build Test Deploy

Extend AWS CodePipeline Using Custom Actions

Update tickets Provision resources

Update dashboards Send notifications Security scan

Mobile testing

2. Perform Job

1. Invoke Lambda function

Source

Source

GitHub

Build

JenkinsOnEC2

Jenkins

Deploy

PublishVersion

AWS Lambda

MyApplicationCodePipeline

AWS

Lambda

3. PutJobSuccessResult

AWS Code Pipeline lets you invoke Lambda functions at each stage.

CodePipeline Overview

Job/Stage/Action Metadata

• UserParameters

• Input/Output Artifacts

• Artifact Credentials

{

"CodePipeline.job": {

"id": "8eb1c985-8031-4186-af7e-fdaa049e0a77",

"accountId": "xxx",

"data": {

"actionConfiguration": {

"configuration": {

"FunctionName": "PublishNewLambdaVersion",

"UserParameters": "function=LambdaFunctionName"

}

},

"inputArtifacts": [

{

"location": {

"s3Location": {

"bucketName": "codepipeline-us-east-1-xxx",

"objectKey": "Demo-Pipeline-Test/FunctionSo/M4BQFoQ.zip"

},

"type": "S3"

},

"revision": null,

"name": "FunctionSourceBundleName"

}

],

"outputArtifacts": [

{

"location": {

"s3Location": {

"bucketName": "codepipeline-us-east-1-xxx",

"objectKey": "Demo-Pipeline-Test/TestExecut/vG2GUh3"

},

"type": "S3"

},

"revision": null,

"name": "TestExecutionRequest"

}

],

"artifactCredentials": {

"secretAccessKey": "xxx",

"sessionToken": "xxx",

"accessKeyId": "xxx"

}

}

}

}

Our Pipeline

• Built code package lands in S3.

• Lambda Functions all the way down.

• Publish new Function version

• Integration Test

• Release function to environment

• Rollback if necessary

Creating a Pipeline via the CLI

{

"roleArn": "IAM-ROLE-ARN-FOR-

CODEPIPELINE-SERVICE",

"stages": [

{

"name": "Source",

"actions": [

{

"inputArtifacts":

[],

"name": "Source",

"actionTypeId": {

"category":

"Source",

"owner": "AWS",

"version": "1",

"provider": "S3"

},

"outputArtifacts": [

{

"name":

"FunctionSourceBundleName"

}

],

"configuration": {

"S3Bucket":

"SRC-BUCKET",

"S3ObjectKey":

"SRC-KEY.zip"

},

"runOrder": 1

}

]

},

{

"name": "dev",

"actions": [

{

"inputArtifacts": [

{

"name":

"FunctionSourceBundleName"

}

],

"name": "Publish-

Dev-Version",

"actionTypeId": {

"category":

"Invoke",

"owner": "AWS",

"version": "1",

"provider":

"Lambda"

},

"outputArtifacts": [

{

"name":

"TestExecutionRequest"

}

],

"configuration": {

"FunctionName":

"PublishNewLambdaVersion",

"UserParameters":

"function=LambdaFunctionNameToPublish"

},

"runOrder": 1

}

]

}

],

"artifactStore": {

"type": "S3",

"location": "BUCKET-NAME-THAT-

MEETS-CODEPIPELINE-REQUIREMENTS"

},

"name": "YOUR-PIPELINE-NAME"

}

aws codepieline create-pipeline --pipeline file://the-below.json

AWS Lambda

AWS Lambda –

CD Relevant Features

Function Versions

• Version your functions

• “Deployment” history

• Export code

• Can be used in parallel to each other

• Code as Infrastructure

http://docs.aws.amazon.com/lambda/latest/dg/API_UpdateFunctionCode.html

Function Aliases

• Assigned to function versions

• Can be reassigned

• Decouple clients from versioning

• Think of changing an alias as the

“Release” step, can enable Blue-Green

deployments.

Amazon API Gateway

Amazon API Gateway –

CD Relevant Features

API Stages

Stage Variables

Combine API Stages with Lambda Function Aliases

API Gateway Swagger Import/Export APIs

Live Demo

Live Demo – Our Pipeline

Amazon

DynamoDB

AddItem

PublishNewVersion

TestNewVersion

ReleaseAndValidate

Amazon API

Gateway

AddItem-Test

AddItem-ApiTest

Things to be Aware of

Things to be Aware of

AWS Lambda

• Different aliases assigned

to same version share

containers. Function code

should be alias-aware.

• New version means new

containers, remember to

pre-warm if needed.

• Lambda source code must

change for new version to

be published.

Amazon API Gateway

• Stage variable changes do

NOT require an API

deployment. Saving a

stage variable change

takes effect immediately.

AWS CodePipeline

• Job will hang until timeout, unless your Actions make the proper Success/Failure API call.

• Transitions between stages are Enabled OR Disabled. No concept today of manually permitting one job to proceed.

• Many capabilities via CLI/API not yet visible in the console.

Tips & Tricks

Tips & Tricks

CodePipeline Success/Failure Callback

Implement failure first - Think “Test Driven Development”

Fan-out testing – have a single Lambda “test suite” function that

invokes several test-case functions.

Continuation Tokens – use to extend Lambda-based actions

beyond 5 minutes.

API Versioning – don’t couple your Lambda function versions to

API versions (i.e. api.example.com/v1/prod). Would be disruptive

to your clients and discourage rapid Lambda function changes.

Tips & Tricks Contd.

Baby Steps toward CD – Use scheduled Lambda function to

enable/disable stage transition nightly.

Surround with CloudFormation

AWS CodePipline + AWS Lambda + Amazon API Gateway are all

supported now!

Don’t rely on $LATEST for Lambda functions in a testing/production

environment – take control of testing/blessing versions and aliases.

What’s next?

Expand your CI/CD Scope!

CodeCommit Integration

Static Code Analysis (FindBugs, JSHint, Pylint)

Automated Build – (Jenkins, Solano CI, or your own!)

CloudWatch Events – Success/Failure Detection & Action

Thank You!

We’re Hiring!

Email us at

amzn-interest@amazon.com