AWS RDS Proxy for Serverless

What is a database proxy?

A database proxy is a wonderful tool that is able to provide significant functionality across various use cases. Or put differently, the proxy is a middle layer sitting between a database and an application. The application connects to a proxy, which then forwards connections into the database.

AWS RDS Proxy

Amazon RDS Proxy is a fully managed, highly available database proxy for Amazon Relational Database Service (RDS) that makes applications more scalable, more resilient to database failures, and more secure.

Many applications, including those built on modern serverless architectures, can have a large number of open connections to the database server, and may open and close database connections at a high rate, exhausting database memory and compute resources. Amazon RDS Proxy allows applications to pool and share connections established with the database, improving database efficiency and application scalability. With RDS Proxy, failover times for Aurora and RDS databases are reduced by up to 66% and database credentials, authentication, and access can be managed through integration with AWS Secrets Manager and AWS Identity and Access Management (IAM).

Amazon RDS Proxy can be enabled for most applications with no code changes, and you don’t need to provision or manage any additional infrastructure.

Pricing is simple and predictable: you pay per vCPU of the database instance for which the proxy is enabled.

Amazon RDS Proxy is now generally available for Aurora MySQL, Aurora PostgreSQL, RDS MySQL and RDS PostgreSQL.

Let us discuss below architecture

Above architecture will create many connections. We have to take care of below things in above architecture

1. When there’s a lot of connections being made to database from many lambdas, many credentials needed to be saved
2. Database performance for handling lot of connections
3. If its an important application, failover time needed to be improved, reduce to zero
4. Improving the connection management, so all the lambda functions can write seamlessly to the database

Now let us include RDS Proxy between Serverless Application and Database

We will get below benefits over above challenges

1. It will manage all the credentials with Secret Manager
2. It will handle all the connection management, so it will increase the performance of the database
3. It will handle all the failover time so the failover time is going to reduce a lot
4. As it will take care of the connection management, hence the writing to database will be seamless

Also, A database proxy server helps handle additional load on your database. While traditional proxy servers allow applications to scale more effectively, they are difficult to deploy, patch, and manage – consuming time and energy that could be better spent on developing great products. Amazon RDS Proxy gives you the benefits of a database proxy without requiring additional burden of patching and managing your own proxy server. RDS Proxy is completely serverless and scales automatically to accommodate your workload.

Your Amazon RDS Proxy instance maintains a pool of established connections to your RDS database instances, reducing the stress on database compute and memory resources that typically occurs when new connections are established
RDS Proxy also shares infrequently used database connections, so that fewer connections access the RDS database. This connection pooling enables your database to efficiently support a large number and frequency of application connections so that your application can scale without compromising performance.

Few pointers below:

1. Multiplexing: Reusing connections after each transaction
2. Borrowing: when we temporarily remove a connection from the pool and reuse it. After the use it returns the connection to original pool
3. Pinning: If RDS is not sure of reusing a connection, it maintains the connection it maintains the connection in the session until the session ends

RDS Proxy minimizes application disruption from outages affecting the availability of your database, by automatically connecting to a new database instance while preserving application connections. When failovers occur, RDS Proxy routes requests directly to the new database instance. This reduces failover times for Aurora and RDS databases by up to 66%.

1. High availability: RDS Proxy will make sure the database is available always. If one instance goes down it will automatically connect with the replica or backup db.
2. Faster failover time: It will speed up the failover time up to 60% to 70%
3. Amazon RDS Proxy is highly available and deployed over multiple Availability Zones (AZs) to protect you from infrastructure failure. Each AZ runs on its own physically distinct, independent infrastructure, and is engineered to be highly reliable. In the unlikely event of an infrastructure failure, the RDS Proxy endpoint remains online and consistent allowing your application to continue to run database operations.

Security

1. It enforces the use of Transport Layer Security between RDS Proxy and database
2. Additionally, Amazon RDS Proxy gives you additional control over data security by giving you the choice to enforce IAM authentication for database access and avoid hard coding database credentials into application code. RDS Proxy also enables you to centrally manage database credentials using AWS Secrets Manager.

re:Invent Session link : https://virtual.awsevents.com/media/1_2k2eqhb8