Building Serverless Microservices in Python E-Book

Building Serverless Microservices in Python

Copyright © 2019 Packt Publishing

All rights reserved. No part of this book may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written permission of the publisher, except in the case of brief quotations embedded in critical articles or reviews.

Every effort has been made in the preparation of this book to ensure the accuracy of the information presented. However, the information contained in this book is sold without warranty, either express or implied. Neither the author, nor Packt Publishing or its dealers and distributors, will be held liable for any damages caused or alleged to have been caused directly or indirectly by this book.

Packt Publishing has endeavored to provide trademark information about all of the companies and products mentioned in this book by the appropriate use of capitals. However, Packt Publishing cannot guarantee the accuracy of this information.

Commissioning Editor: Richa TripathiAcquisition Editor: Denim PintoContent Development Editor: Rohit Kumar SinghTechnical Editor: Romy DiasCopy Editor: Safis EditingProject Coordinator: Vaidehi SawantProofreader: Safis EditingIndexer: Pratik ShirodkarGraphics: Alishon MendonsaProduction Coordinator: Deepika Naik

First published: March 2019

Production reference: 2290319

Published by Packt Publishing Ltd. Livery Place 35 Livery Street Birmingham B3 2PB, UK.

ISBN 978-1-78953-529-7

www.packtpub.com

Mapt is an online digital library that gives you full access to over 5,000 books and videos, as well as industry leading tools to help you plan your personal development and advance your career. For more information, please visit our website.

Why subscribe?

Spend less time learning and more time coding with practical eBooks and Videos from over 4,000 industry professionals

Improve your learning with Skill Plans built especially for you

Get a free eBook or video every month

Mapt is fully searchable

Copy and paste, print, and bookmark content

Packt.com

Did you know that Packt offers eBook versions of every book published, with PDF and ePub files available? You can upgrade to the eBook version at www.packt.com and as a print book customer, you are entitled to a discount on the eBook copy. Get in touch with us at [email protected] for more details.

At www.packt.com, you can also read a collection of free technical articles, sign up for a range of free newsletters, and receive exclusive discounts and offers on Packt books and eBooks. 

Contributors

About the author

Richard Takashi Freeman has an M.Eng. in computer system engineering and a PhD in machine learning and natural language processing from the University of Manchester, United Kingdom. His current role is as a lead data engineer and architect, but he is also a data scientist and solutions architect. He has been delivering cloud-based, big data, machine learning, and data pipeline serverless and scalable solutions for over 14 years, and has spoken at numerous leading academic and industrial conferences, events, and summits.

He has written various technical blog posts, and has acquired in excess of three years' serverless production experience in connection with large-scale, consumer-facing websites and products.

Packt is searching for authors like you

If you're interested in becoming an author for Packt, please visit authors.packtpub.com and apply today. We have worked with thousands of developers and tech professionals, just like you, to help them share their insight with the global tech community. You can make a general application, apply for a specific hot topic that we are recruiting an author for, or submit your own idea.

Table of Contents

Title Page

Copyright and Credits

Building Serverless Microservices in Python

About Packt

Why subscribe?

Packt.com

Contributors

About the author

Packt is searching for authors like you

Preface

Who this book is for

What this book covers

To get the most out of this book

Download the example code files

Download the color images

Conventions used

Get in touch

Reviews

Serverless Microservices Architectures and Patterns

Understanding different architecture types and patterns

The monolithic multi-tier architecture and the monolithic service-oriented architecture

Benefits of monolithic architectures

Drawbacks of the monolithic architectures

Overview of microservices

Benefits and drawbacks of microservice architectures

SOA versus microservices

Virtual machines, containers, and serverless computing

Virtual machines

Containers

Serverless computing

Comparing virtual machines, containers, and serverless

Overview of microservice integration patterns

Design patterns

Why are patterns useful?

Software design patterns and principles

Serverless microservices pattern categories

Communication styles and decomposition microservice patterns

Communication styles

One-to-one communication microservice patterns

Many-to-many communication microservice patterns

Decomposition pattern by business capability

Decomposition pattern by bounded context

Serverless computing in AWS

Overview of some of the key serverless services in AWS

AWS Lambda

Serverless computing to implement microservice patterns

Example use case – serverless file transformer

Setting up your serverless environment

Setting up your AWS account

Setting up MFA

Setting up a new user with keys

Managing your infrastructure with code

Installing bash on Windows 10

Updating Ubuntu, installing Git and Python 3

Installing and setting up the AWS CLI

Summary

Creating Your First Serverless Data API

Overview of security in AWS

Why is security important?

Security by design principles

AWS Identity and Access Management

JavaScript object notation

IAM policies

IAM users

IAM groups

IAM roles

Securing your serverless microservices

Lambda security

API Gateway security

DynamoDB security

Monitoring and alerting

Find out more

Building a serverless microservice data API

Serverless microservice data API requirements

Query string

Data API architecture

Setting up Lambda security in the AWS Management Console

Creating an IAM policy

DynamoDB IAM policy

Lambda IAM policy

Creating the Lambda IAM role

Creating and writing to a NoSQL database called DynamoDB using AWS

Creating a DynamoDB in AWS

Writing data to DynamoDB using AWS

Querying DynamoDB using AWS

DynamoDB Scan in AWS Management Console

DynamoDB Query in AWS Management Console

Deleting DynamoDB using AWS

Creating and writing to a NoSQL database called DynamoDB using Python

Creating a DynamoDB table using Python

Writing to DynamoDB using Python

Querying DynamoDB using Python

Creating a Lambda to query DynamoDB

Creating the Lambda function

Testing the Lambda function

Setting up the API Gateway and integrating it with a Lambda proxy

Connecting API Gateway, Lambda, and DynamoDB

Cleaning-up

Summary

Deploying Your Serverless Stack

An overview of serverless stack build and deploy options

Manually provisioning infrastructure

Infrastructure as code

Building and deploying using the Serverless Application Model (SAM)

Building and deploying using alternate options

Creating a profile, an S3 bucket, IAM policies, and IAM roles resources

Creating an AWS credentials profile

Creating an S3 bucket

Setting up the configuration files for your AWS account

Updating the polices and assuming roles files

Creating the IAM roles and policies

Checking the IAM roles and policies

Building and deploying with API Gateway, Lambda, and DynamoDB

Building the Lambda as a ZIP package

SAM YAML template

Packaging and deploying your serverless stack

Putting it all together

Manually testing the serverless microservice

Making code and configuration changes

Deleting the serverless stack

Summary

Testing Your Serverless Microservice

Unit testing your Python Lambda code

Why is testing important?

Types of testing

Unit testing Lambda Python code

The sample test data

The unit test

Mocking

Running the unit test

Code coverage

Running and debugging your AWS Lambda code locally

Batch-loading data into DynamoDB

Running the Lambda locally

Integration testing using real test data

Testing that a Lambda has been deployed correctly

Testing that API Gateway has been deployed correctly

The AWS Serverless Application Model CLI

Loading and end-to-end testing at scale

Load testing your serverless microservice

Strategies to reduce the API's latency

Cleaning up

Summary

Securing Your Microservice

Overview of the security in AWS

Why is security important?

Types of security terms in AWS

Overview of AWS Identity and Access Management (IAM)

IAM users

IAM groups

IAM roles

Securing your serverless microservice

Lambda security

DynamoDB security

Monitoring and alerting

Summary

Other Books You May Enjoy

Leave a review - let other readers know what you think

Preface

This book will give you a very good understanding of microservices and serverless computing, as well as their benefits and drawbacks compared to existing architectures. You will gain an appreciation for the power of deploying a full serverless stack, not only when you save money in terms of running costs, but also in terms of support maintenance and upgrading. This effectively allows your company to go to market a lot quicker with any new products, and beat your competitors in the process. You will also be able to create, test, and deploy a scalable, serverless microservice where the costs are paid per usage and not as per their up time. In addition, this will allow you to autoscale based on the number of requests, while security is natively built in and supported by AWS. So, now that we know what lies ahead, let's jump right into the book.

Who this book is for

If you are a developer with basic knowledge of Python and want to learn how to build, test, deploy, and secure microservices, then this book is for you. No prior knowledge of building microservices is required.

What this book covers

Chapter 1, Serverless Microservice Architectures and Patterns, provides an overview of monolithic and microservice architectures. You will learn about design patterns and principles and how they relate to serverless microservices.

Chapter 2, Creating Your First Serverless Data API, discusses security and its importance. We will discuss IAM roles and get an overview of policies and some of the security concepts and principles involved in securing your serverless microservices, specifically regarding Lambda, API Gateway, and DynamoDB.

Chapter 3, Deploying Your Serverless Stack, shows you how to deploy all that infrastructure using only code and configuration. You will learn about different deployment options.

 Chapter 4, Testing Your Serverless Microservice, covers the concept of testing. We will explore many types of testing, from unit tests with mocks, integration testing with Lambda and API Gateway, debugging a Lambda locally, and making a local endpoint available, to load testing.

Chapter 5, Securing Your Microservice, covers important topics on how to make your microservices secure.

To get the most out of this book

Some prior programming knowledge will be helpful.

All the other requirements will be mentioned at the relevant points in the respective chapters.

Download the example code files

You can download the example code files for this book from your account at www.packt.com. If you purchased this book elsewhere, you can visit www.packt.com/support and register to have the files emailed directly to you.

You can download the code files by following these steps:

Log in or register at

www.packt.com

.

Select the

SUPPORT

tab.

Click on

Code Downloads & Errata

.

Enter the name of the book in the

Search

box and follow the onscreen instructions.

Once the file is downloaded, please make sure that you unzip or extract the folder using the latest version of:

WinRAR/7-Zip for Windows

Zipeg/iZip/UnRarX for Mac

7-Zip/PeaZip for Linux

The code bundle for the book is also hosted on GitHub at https://github.com/PacktPublishing/Building-Serverless-Microservices-in-Python. In case there's an update to the code, it will be updated on the existing GitHub repository.

We also have other code bundles from our rich catalog of books and videos available at https://github.com/PacktPublishing/. Check them out!

Download the color images

We also provide a PDF file that has color images of the screenshots/diagrams used in this book. You can download it here: http://www.packtpub.com/sites/default/files/downloads/9781789535297_ColorImages.pdf.

Conventions used

There are a number of text conventions used throughout this book.

CodeInText: Indicates code words in text, database table names, folder names, filenames, file extensions, pathnames, dummy URLs, user input, and Twitter handles. Here is an example: "Here, you can see that we have EventId as resource 1234, and a startDate parameter formatted in the YYYYMMDD format."

A block of code is set as follows:

"phoneNumbers": [ { "type": "home", "number": "212 555-1234" }, {

When we wish to draw your attention to a particular part of a code block, the relevant lines or items are set in bold:

{ "

firstName

": "John", "lastName": "Smith", "age":

27

, "address": {

Any command-line input or output is written as follows:

$ cd /mnt/c/

Bold: Indicates a new term, an important word, or words that you see on screen. For example, words in menus or dialog boxes appear in the text like this. Here is an example: "In the DynamoDB navigation pane, choose Tables and chooseuser-visits."

Get in touch

Feedback from our readers is always welcome.

General feedback: If you have questions about any aspect of this book, mention the book title in the subject of your message and email us at [email protected].

Errata: Although we have taken every care to ensure the accuracy of our content, mistakes do happen. If you have found a mistake in this book, we would be grateful if you would report this to us. Please visit www.packt.com/submit-errata, selecting your book, clicking on the Errata Submission Form link, and entering the details.

Piracy: If you come across any illegal copies of our works in any form on the internet, we would be grateful if you would provide us with the location address or website name. Please contact us at [email protected] with a link to the material.

If you are interested in becoming an author: If there is a topic that you have expertise in, and you are interested in either writing or contributing to a book, please visit authors.packtpub.com.

Reviews

Please leave a review. Once you have read and used this book, why not leave a review on the site that you purchased it from? Potential readers can then see and use your unbiased opinion to make purchase decisions, we at Packt can understand what you think about our products, and our authors can see your feedback on their book. Thank you!

For more information about Packt, please visit packt.com.

Serverless Microservices Architectures and Patterns

Microservices architectures are based on service. You could think of the microservices as a lightweight version of SOA but enriched with more recent architectures, such as the event-driven architecture, where an event is defined as a state of change that's of interest. In this chapter, you will learn about the monolithic multi-tier architecture and monolithic service-oriented architecture (SOA). We will discuss the benefits and drawbacks of both architectures. We will also look at the microservices background to understand the rationale behind its growth, and compare different architectures.

We will cover the design patterns and principles and introduce the serverless microservice integration patterns. We then cover the communication styles and decomposition microservice patterns, including synchronous and asynchronous communication.

You will then learn how serverless computing in AWS can be used to quickly deploy event-driven computing and microservices in the cloud. We conclude the chapter by setting up your serverless AWS and development environment.

In this chapter we will cover the following topics:

Understanding different architecture types and patterns

Virtual machines, containers, and serverless computing

Overview of microservice integration patterns

Communication styles and decomposition microservice patterns

Serverless computing in AWS

Setting up your serverless environment

Understanding different architecture types and patterns

In this section, we will discuss different architectures, such as monolithic and microservices, along with their benefits and drawbacks.

The monolithic multi-tier architecture and the monolithic service-oriented architecture

At the start of my career, while I was working for global fortune 500 clients for Capgemini, we tended to use multi-tier architecture, where you create different physically separate layers that you can update and deploy independently. For example, as shown in the following three-tier architecture diagram, you can use Presentation, Domain logic, and Data Storage layers:

In the presentation layer, you have the user interface elements and any presentation-related applications. In domain logic, you have all the business logic and anything to do with passing the data from the presentation layer. Elements in the domain logic also deal with passing data to the storage or data layer, which has the data access components and any of the database elements or filesystem elements. For example, if you want to change the database technology from SQL Server to MySQL, you only have to change the data-access components rather than modifying elements in the presentation or domain-logic layers. This allows you to decouple the type of storage from presentation and business logic, enabling you to more readily change the database technology by swapping the data-storage layer.

A few years later at Capgemini, we implemented our clients' projects using SOA, which is much more granular than the multi-tier architecture. It is basically the idea of having standardized service contracts and registry that allows for automation and abstraction:

There are four important service properties related to SOA:

Each service needs to have a clear business activity that is linked to an activity in the enterprise.

Anybody consuming the service does not need to understand the inner workings.

All the information and systems are self-contained and abstracted.

To support its composability, the service may consist of other underlying services

Here are some important SOA principles:

Standardized

Loosely coupled

Abstract

Stateless

Granular

Composable

Discoverable

Reusable

The first principle is that there is a standardized service contract. This is basically a communication agreement that's defined at the enterprise level so that when you consume a service, you know exactly which service it is, the contract for passing in messages, and what you are going to get back. These services are loosely coupled. That means they can work autonomously, but also you can access them from any location within the enterprise network. They also offer an abstract version, which means that these services are a black box where the inner logic is actually hidden away, but also they can work independently of other services.

Some services will also be stateless. That means that, if you call a service, passing in a request, you will get a response and you would also get an exception if there is a problem with the service or the payload. Granularity is also very important within SOA. The service needs to be granular enough that it's not called inefficiently or many times. So, we want to normalize the level and the granularity of the service. Some services can be decomposed if they're being reused by the services, or services can be joined together and normalized to minimize redundancy. Services also need to be composable so you can merge them together into larger services or split them up.

There's a standardized set of contracts, but the service also needs to be discoverable