A Serverless Journey: AWS Lambda Under the Hood
Lambda Load Balancing
-
Front End Invoke: authentication the caller, load configs & env ; confirm concurrency with Counting Service
-
Counting Service: Region wide view of concurrency to help set limits (quorum protocol, 2/3 agreement protocol ); <1.5 milliseconds response time
-
Worker Manager : assume role, track the container lifecyle (running, idle) and maintain the worker pool
-
Worker : provision sandbox and download customer code and run;
* warm sandbox means the sandbox finished previous run
* sandbox is equivalent of docker image -
Placement Service: provision worker
-
Example,
- Fannie Mae scale to between 20 and 50,000 concurrent executions over minutes.
Lambda Handling Failures
- Multi-AZ
Security Isolation
- EC2 as worker level
- EC2 Bare Metal as worker level (no hardware share with other account)
- Firecraker mode
- Virtual Devices have very limited access to improve security
Managing Utilization
- Keep the server busy
- Utilization is handled by AWS
- Lambda have different algorithm to spread the load (concentrate the load)
- Lambda Pack different/uncorrelated workload into one server to avoid similar workload spike all together.
Lambda benefit
- Load Balancing
- Auto Scaling
- Handling Failures
- Security Isolation
- Managing Utilization
new features
- Change introduced from 2019
- Lambda connect out via a shared remote NAT to ENI to outside
