Kumasulira kwa nkhaniyi kunakonzedwa makamaka kwa ophunzira a maphunzirowo . Kodi mukufuna kupanga mbali iyi? Onerani kalasi yambuye yolembedwa ndi Egor Zuev (TeamLead ku InBit) ndikujowina gulu lotsatira lamaphunziro: liyamba pa Seputembara 26.
Anthu ochulukirapo akusamukira ku AWS Lambda chifukwa chazovuta, magwiridwe antchito, ndalama, komanso kuthekera kochita zopempha mamiliyoni kapena ma thililiyoni pamwezi. Kuti muchite izi, simuyenera kuyang'anira zomangamanga zomwe ntchitoyo imayendera. Ndipo autoscaling imakulolani kuti mutumikire masauzande ofunsira nthawi imodzi pamphindikati. Ndikuganiza kuti AWS Lambda ikhoza kutchedwa imodzi mwazinthu zodziwika bwino za AWS.
AWS Lambda
AWS Lambda ndi ntchito yamakompyuta yoyendetsedwa ndi zochitika yomwe imakupatsani mwayi woyendetsa ma code popanda kupereka kapena kuyang'anira ma seva ndikuwonjezera ntchito zina za AWS pogwiritsa ntchito malingaliro achikhalidwe. Lambda imangoyankha zochitika zosiyanasiyana (zotchedwa zoyambitsa), monga zopempha za HTTP kudzera pa Amazon API Gateway, kusintha kwa deta mu ndowa za Amazon S3 kapena matebulo a Amazon DynamoDB; kapena mutha kuyendetsa khodi yanu kudzera pa mafoni a API pogwiritsa ntchito AWS SDK ndikusintha kusintha kwa AWS Step Functions.
Lambda imayendetsa kachidindo pamakompyuta omwe amapezeka kwambiri ndipo ali ndi udindo woyang'anira nsanja yoyambira, kuphatikiza kukonza ma seva ndi makina ogwiritsira ntchito, kupereka zothandizira, kukweza ma auto, kuyang'anira ma code, ndi kudula mitengo. Ndiye kuti, mungofunika kukweza nambala yanu ndikukonza momwe iyenera kuchitikira komanso nthawi yake. Kenako, ntchitoyi idzasamalira kukhazikitsidwa kwake ndikuwonetsetsa kupezeka kwa pulogalamu yanu.
Kodi mungasinthe liti kupita ku Lambda?
AWS Lambda ndi nsanja yabwino yamakompyuta yomwe ili yoyenera kugwiritsidwa ntchito mosiyanasiyana, bola chilankhulo ndi nthawi yogwiritsira ntchito nambala yanu zimathandizira ndi ntchitoyo. Ngati mukufuna kuyang'ana kwambiri pa code yanu ndi malingaliro abizinesi pamene mukutumiza kukonza kwa seva, kupereka, ndi kukulitsa pamtengo wokwanira, AWS Lambda ndiyo njira yopitira.
Lambda ndi yabwino popanga zolumikizira mapulogalamu, ndipo ikagwiritsidwa ntchito limodzi ndi API Gateway, mutha kuchepetsa kwambiri ndalama ndikufika pamsika mwachangu. Pali njira zosiyanasiyana zogwiritsira ntchito ntchito za Lambda ndi zosankha pakukonza zomanga zopanda seva - aliyense akhoza kusankha choyenera malinga ndi cholinga chake.
Lambda imakulolani kuti mugwire ntchito zosiyanasiyana. Chifukwa chake, chifukwa cha chithandizo cha CloudWatch, mutha kupanga ntchito zochedwetsa ndikusinthiratu njira zanu. Palibe zoletsa pamtundu ndi kulimba kwa ntchitoyo (kugwiritsa ntchito kukumbukira ndi nthawi kumaganiziridwa), ndipo palibe chomwe chimakulepheretsani kugwira ntchito mwadongosolo pa Microservice yokhazikika pa Lambda.
Apa mutha kupanga zochita zotsata ntchito zomwe sizikuyenda mosalekeza. Chitsanzo chodziwika bwino ndikukulitsa chithunzi. Ngakhale pamachitidwe ogawidwa, ntchito za Lambda zimakhalabe zofunikira.
Chifukwa chake, ngati simukufuna kuthana ndi kugawa ndikuwongolera zida zamakompyuta, yesani AWS Lambda; ngati simukufuna kuwerengera kolemera, kogwiritsa ntchito kwambiri, yesaninso AWS Lambda; ngati code yanu ikuyenda nthawi ndi nthawi, ndiko kulondola, muyenera kuyesa AWS Lambda.
Chitetezo
Mpaka pano palibe zodandaula za chitetezo. Kumbali ina, popeza njira zambiri zamkati ndi mawonekedwe amtunduwu zimabisidwa kwa ogwiritsa ntchito a AWS Lambda omwe amayendetsedwa ndi nthawi yoyendetsa, malamulo ena ovomerezeka otetezedwa pamtambo amakhala opanda ntchito.
Monga ntchito zambiri za AWS, Lambda imaperekedwa pachitetezo chogawana komanso kutsatira pakati pa AWS ndi kasitomala. Mfundoyi imachepetsa ntchito yolemetsa kwa kasitomala, popeza AWS imagwira ntchito zosamalira, kuyang'anira ndi kuyang'anira zigawo zautumiki - kuchokera ku machitidwe ogwiritsira ntchito omwe akukhala nawo ndi gawo la virtualization kupita ku chitetezo chakuthupi cha katundu wa zomangamanga.
Kunena makamaka za AWS Lambda, AWS ili ndi udindo woyang'anira zomangamanga, ntchito zomwe zikugwirizana nazo, makina ogwiritsira ntchito, ndi nsanja yogwiritsira ntchito. Ngakhale kasitomala ali ndi udindo wa chitetezo cha code yake, kusunga zinsinsi, kulamulira mwayi wopezekapo, komanso utumiki wa Lambda ndi zothandizira (Identity and Access Management, IAM), kuphatikizapo mkati mwa malire a ntchito zomwe zimagwiritsidwa ntchito.
Chithunzi chomwe chili pansipa chikuwonetsa chitsanzo chogawana nawo momwe chikugwirira ntchito ku AWS Lambda. Udindo wa AWS ndi lalanje ndipo Udindo wa Makasitomala ndi wabuluu. Monga mukuwonera, AWS imatenga udindo wochulukirapo pazogwiritsa ntchito zomwe zatumizidwa.
Chitsanzo Chogawana Udindo Chogwiritsidwa Ntchito ku AWS Lambda
Lambda runtime
Ubwino waukulu wa Lambda ndikuti pochita ntchito m'malo mwanu, ntchitoyo imagawa zofunikira. Mutha kupewa kuwononga nthawi ndi khama pakuwongolera dongosolo ndikuyang'ana kwambiri malingaliro abizinesi ndi zolemba.
Utumiki wa Lambda wagawidwa mu ndege ziwiri. Yoyamba ndi ndege yolamulira. Malinga ndi Wikipedia, ndege yowongolera ndi gawo la netiweki yomwe imayang'anira kusamutsa magalimoto ndi njira. Ndilo gawo lalikulu lomwe limapanga zisankho zapadziko lonse lapansi zokhuza kupereka, kutumikira, ndi kugawa ntchito. Kuphatikiza apo, ndege yowongolera imagwira ntchito ngati network network topology, yomwe ili ndi udindo wowongolera ndi kuyang'anira magalimoto.
Ndege yachiwiri ndi ndege ya data. Iwo, monga ndege yowongolera, ili ndi ntchito zake. Ndege yowongolera imapereka ma API oyang'anira ntchito (CreateFunction, UpdateFunctionCode) ndikuwongolera momwe Lambda amalankhulirana ndi mautumiki ena a AWS. Ndege ya data imayendetsa Invoke API, yomwe imagwira ntchito za Lambda. Pambuyo poyitanidwa, ndege yolamulira imagawa kapena kusankha malo omwe alipo omwe akukonzekera ntchitoyo, ndiyeno imapanga code mmenemo.
AWS Lambda imathandizira zilankhulo zosiyanasiyana zamapulogalamu, kuphatikiza Java 8, Python 3.7, Go, NodeJS 8, .NET Core 2, ndi zina, kudzera m'malo awo othamanga. AWS imawasintha pafupipafupi, imagawira zigamba zachitetezo, ndikuchita zina zokonza malowa. Lambda imakupatsani mwayi wogwiritsanso ntchito zilankhulo zina, pokhapokha mutagwiritsa ntchito nthawi yoyenera nokha. Ndiyeno muyenera kusamalira kusamalira kwake, kuphatikizapo kuwunika chitetezo chake.
Kodi zonsezi zimagwira ntchito bwanji ndipo ntchitoyo idzagwira ntchito bwanji?
Ntchito iliyonse imayenda m'malo amodzi kapena angapo odzipereka, omwe amakhalapo pa moyo wa ntchitoyo kenako amawonongeka. Chilengedwe chilichonse chimangoyimba foni imodzi panthawi imodzi, koma chimagwiritsidwanso ntchito ngati pali mafoni angapo amtundu womwewo. Madera onse othamanga amayendera pamakina enieni okhala ndi ma hardware virtualization - otchedwa ma microVM. MicroVM iliyonse imaperekedwa ku akaunti inayake ya AWS ndipo imatha kugwiritsidwanso ntchito ndi malo kuti igwire ntchito zosiyanasiyana mkati mwa akauntiyo. Ma MicroVM amapakidwa kukhala midadada yomangira nsanja ya Lambda Worker hardware, yomwe ndi yake komanso imayendetsedwa ndi AWS. Nthawi yothamanga yomweyi singagwiritsidwe ntchito ndi ntchito zosiyanasiyana, komanso ma microVM si apadera kumaakaunti osiyanasiyana a AWS.
AWS Lambda Isolation Model
Kudzipatula kwa malo othamanga kumayendetsedwa pogwiritsa ntchito njira zingapo. Pamwamba pa chilengedwe chilichonse pali makope osiyana a zigawo zotsatirazi:
- Nambala yantchito
- Zigawo zilizonse za Lambda zosankhidwa kuti zigwire ntchitoyi
- Malo ogwirira ntchito
- Malo ochepa ogwiritsira ntchito kutengera Amazon Linux
Njira zotsatirazi zimagwiritsidwa ntchito kusiyanitsa magawo osiyanasiyana opangira:
- cgroups - kuchepetsa mwayi wa CPU, kukumbukira, kusungirako ndi zothandizira pa intaneti pa nthawi iliyonse yothamanga;
- malo opangira mayina - ma ID opangira magulu, ma ID a ogwiritsa ntchito, malo olumikizirana ndi netiweki ndi zinthu zina zomwe zimayendetsedwa ndi Linux kernel. Nthawi iliyonse yothamanga imayenda m'malo akeake;
- seccomp-bpf - imaletsa mafoni omwe angagwiritsidwe ntchito panthawi yothamanga;
- iptables ndi ma routing tables - kudzipatula kwa malo ochitirana wina ndi mzake;
- chroot - imapereka mwayi wocheperako pamafayilo omwe ali pansi.
Kuphatikizidwa ndi matekinoloje odzipatula a AWS, njirazi zimatsimikizira kulekanitsa kodalirika kwa nthawi yothamanga. Madera olekanitsidwa motere sangathe kupeza kapena kusintha deta kuchokera kumadera ena.
Ngakhale maulendo angapo othamanga a akaunti yomweyo ya AWS amatha kugwira ntchito pa microVM imodzi, sizingachitike kuti ma microVM angagawidwe pakati pa maakaunti osiyanasiyana a AWS. AWS Lambda imagwiritsa ntchito njira ziwiri zokha kupatula ma microVM: zochitika za EC2 ndi Firecracker. Kudzipatula kwa alendo ku Lambda kutengera zochitika za EC2 zakhala zikuchitika kuyambira 2015. Firecracker ndi hypervisor yatsopano yotseguka yomwe idapangidwa makamaka ndi AWS kuti ikhale yopanda ntchito komanso idayambitsidwa mu 2018. Zida zamagetsi zomwe zimagwiritsa ntchito ma microVM zimagawidwa pakati pa zolemetsa zamaakaunti osiyanasiyana.
Kupulumutsa malo ndi ma process state
Ngakhale kuti nthawi yothamanga ya Lambda imakhala yosiyana ndi ntchito zosiyanasiyana, imatha kutchula ntchito yomweyo mobwerezabwereza, kutanthauza kuti nthawi yothamanga ikhoza kukhala ndi moyo kwa maola angapo isanawonongeke.
Nthawi iliyonse yothamanga ya Lambda ilinso ndi fayilo yolembedwa yomwe imapezeka kudzera mu /tmp directory. Zomwe zili mkati mwake sizingapezeke kuchokera kunthawi zina. Pankhani ya kulimbikira kwa boma, mafayilo olembedwa ku /tmp amakhalapo pa moyo wonse wa nthawi yothamanga. Izi zimalola kuti zotsatira za mafoni angapo azisonkhanitsidwa, zomwe zimakhala zothandiza kwambiri pamachitidwe okwera mtengo monga kutsitsa mitundu yophunzirira makina.
Imbani kutumiza kwa data
Invoke API itha kugwiritsidwa ntchito m'njira ziwiri: mawonekedwe a zochitika ndi momwe mungayankhire. M'mawonekedwe a zochitika, kuyimbako kumawonjezedwa pamzere woti adzachitike pambuyo pake. Muzopempha-zoyankha, ntchitoyi imatchedwa nthawi yomweyo ndi malipiro operekedwa, pambuyo pake yankho limabwezedwa. Muzochitika zonsezi, ntchitoyi imayenda m'malo a Lambda, koma ndi njira zosiyanasiyana zolipira.
Pamayimbidwe oyankha, zolipira zimayenda kuchokera ku API yokonza (API Caller), monga AWS API Gateway kapena AWS SDK, kupita ku balancer, kenako kupita ku Lambda call service (Invoke Service). Chotsatiracho chimasankha malo oyenera ogwirira ntchitoyo ndikudutsa malipirowo kuti amalize kuyimba. The load balancer imalandira magalimoto otetezedwa ndi TLS pa intaneti. Magalimoto mkati mwa ntchito ya Lambda - pambuyo potengera katundu - amadutsa mu VPC yamkati mdera linalake la AWS.
AWS Lambda Call Processing Model: Pempho-Kuyankha Mode
Kuyimba kwa zochitika kumatha kupangidwa nthawi yomweyo kapena kuwonjezeredwa pamzere. Nthawi zina, mzerewu umagwiritsidwa ntchito pogwiritsa ntchito Amazon SQS (Amazon Simple Queue Service), yomwe imatumiza mafoni ku Lambda yokwaniritsa kuyimbira foni kudzera munjira yofufuzira mkati. Magalimoto opatsirana amatetezedwa ndi TLS, ndipo palibenso kubisa kwa data komwe kumasungidwa ku Amazon SQS.
Kuyimba kwa zochitika sikubweza mayankho - Wogwira ntchito ku Lambda amangonyalanyaza chilichonse choyankha. Mafoni otengera zochitika kuchokera ku Amazon S3, Amazon SNS, CloudWatch, ndi magwero ena amakonzedwa ndi Lambda muzochitika. Mafoni ochokera ku Amazon Kinesis ndi DynamoDB mitsinje, mizere ya SQS, Application Load Balancer, ndi mafoni a API Gateway amakonzedwa motengera kuyankha.
Kuwunikira
Mutha kuyang'anira ndikuwunika ntchito za Lambda pogwiritsa ntchito njira ndi ntchito zosiyanasiyana za AWS, kuphatikiza izi.
Amazon CloudWatch
Imasonkhanitsa ziwerengero zosiyanasiyana monga kuchuluka kwa zopempha, nthawi ya zopempha, ndi kuchuluka kwa zopempha zomwe zalephera.
Amazon CloudTrail
Imakulolani kuti mulowe, kuwunika mosalekeza, ndikusunga zidziwitso zamaakaunti zomwe zimagwirizana ndi zomangamanga za AWS. Mudzakhala ndi mbiri yathunthu yazomwe zachitika pogwiritsa ntchito AWS Management Console, AWS SDK, zida zama mzere wamalamulo, ndi ntchito zina za AWS.
AWS X-ray
Imakupatsirani mawonekedwe athunthu mumigawo yonse yofunsidwa mu pulogalamu yanu kutengera mapu azinthu zake zamkati. Imakulolani kuti mufufuze mapulogalamu panthawi yachitukuko komanso m'malo opanga.
Kukonzekera kwa AWS
Mudzatha kutsata kusintha kwa kasinthidwe ka ntchito ya Lambda (kuphatikiza kufufutidwa) ndi nthawi yothamangitsira, ma tag, mayina othandizira, kukula kwa ma code, kugawa kukumbukira, makonda anthawi yake ndi makonda a concurrency, komanso ntchito ya Lambda IAM, subnetting, ndi zomangira zamagulu achitetezo. .
Pomaliza
AWS Lambda imapereka zida zamphamvu zomangira mapulogalamu otetezeka komanso owopsa. Njira zambiri zotetezera ndi kutsatira mu AWS Lambda ndizofanana ndi ntchito zina za AWS, ngakhale pali zosiyana. Pofika pa Marichi 2019, Lambda ikutsatira kutsatira kwa SOC 1, SOC 2, SOC 3, PCI DSS, Health Insurance Portability and Accountability Act (HIPAA), ndi malamulo ena. Chifukwa chake, mukamaganiza zokhazikitsa pulogalamu yanu yotsatira, lingalirani za ntchito ya AWS Lambda - ikhoza kukhala yoyenera kwambiri pantchito yanu.
Source: www.habr.com