what is Serverless?
Build and run applications without thinking about servers
- automatic scaling
- high availability
- pay-for-use billing model
- event-driven compute
what is api gateway?
Create, maintain, and secure APIs at any scale
- concurrent API calls
- traffic management
- CORS support
- authorization and access control
- throttling
- monitoring
- API version management
Overall structure
Background
- as the value added service provider
- provide API service
- provide game theory algo
User case
Is api gateway and lambda good enough to finish the project?
No. Missing a lot of thing.
API service traffic
-- all free memebers - 1000 requests / second
-- each paid memeber - 1000 requests / second
User base
- 10,000 free memebers
- 20 paid memebers
Computer time
Basic algo runs max 0.5 second
Extended algo runs max 2 seconds
Implememtaion
use Per-client throttling limit
- Every paid memebers
have specific api gateway key and usage plan
All free memebers
share one api gateway key and usage plan
Solve what problem?
- GameFi company want to set price of game object
- they don't know how to set floor price
provide statistics method as the standalone service
Project scope?
Simple API service to solve their set floor price problem
Need Database?
No. GameFi company store their data.
Need Auth?
Yes. for paid memebership.
Need security?
Yes. make it as the standalone service.
Need parallel programming?
Yes. a lot of gameFi company will use it.
Need monitoring?
Yes. provide auth usage info for API caller.
Need special computing resource?
No. the algo is not data intensive calculation.
What tech tool is better?
serverless vs EC2 instance
- cost: lambda better
- parallel: lambda better
Serverless no tech limitation
api gateway timeout is 30 seconds. it is ok.
lambda timeout is 15 mins. it is ok.
api gateway provides api key for auth. it is ok.
api gateway provides throttling. it is ok.
api gateway payload size is 10MB. caller can provide enough data to run algo.
EC2 instance have tech limitation
EC2 need scale group to support high traffic.
Monitoring
Lambda
- Implement Amazon CloudWatch
api gateway
- Implement Amazon CloudWatch alarms
Security
Data encryption in transit
- Transport Layer Security (TLS)
- AWS certificate manager
east-privilege permissions
- Identity and access management
- Create brand new IAM role for api gateway and lambda
- API gateway: invoke lambda
- Lambda: Don't allow to connect others serivce (eg: db, ec2)
Error response
- CloudWatch alarms trigger service to send email
- email send to developers
- developers are serice owner and they are take action when service is error.
CICD
Basic setting
- Cloudformation
- Codepipeline
Overall structure
Tips:
- build on top. use AWS service to support business needs.
- konw AWS service limitation
- konw what AWS service can do
- think about operational performance
- think about security
- think about what service caller can do and they cannot do.
Finally you will know the standalone serive is not as small as you think before.
Top comments (0)