Serverless Applications with Chalice
This is a modal window.
The media could not be loaded, either because the server or network failed or because the format is not supported.
Formal Metadata
Title |
| |
Title of Series | ||
Number of Parts | 160 | |
Author | ||
License | CC Attribution - NonCommercial - ShareAlike 3.0 Unported: You are free to use, adapt and copy, distribute and transmit the work or content in adapted or unchanged form for any legal and non-commercial purpose as long as the work is attributed to the author in the manner specified by the author or licensor and the work or content is shared also in adapted form only under the conditions of this | |
Identifiers | 10.5446/33736 (DOI) | |
Publisher | ||
Release Date | ||
Language |
Content Metadata
Subject Area | ||
Genre | ||
Abstract |
|
00:00
Computer fontComputer fontSoftware developerCartesian coordinate systemSoftware frameworkService (economics)Multiplication signFocus (optics)Computer animation
00:41
Computer fontSample (statistics)Lambda calculusCartesian coordinate systemCore dumpSampling (statistics)Service (economics)Gastropod shellStructural loadServer (computing)Scaling (geometry)File formatOperator (mathematics)Data storage deviceClient (computing)CodeRun time (program lifecycle phase)ScalabilityFunctional (mathematics)Term (mathematics)Dependent and independent variablesArithmetic meanComputer animation
02:18
Lambda calculusSample (statistics)Computer fontServer (computing)Text editorMereologyScaling (geometry)Cartesian coordinate systemRepresentational state transferMathematicsLatent heatInterior (topology)Service (economics)CASE <Informatik>RootFunctional (mathematics)Connectivity (graph theory)Software frameworkDependent and independent variablesCore dumpBus (computing)Open sourcePoint cloudComputer animation
03:32
Lambda calculusService (economics)Gateway (telecommunications)Cartesian coordinate systemPrice indexSet (mathematics)Dependent and independent variablesRevision controlLambda calculusFunctional (mathematics)BitDampingDirection (geometry)Computer animation
04:14
Lambda calculusCodeIdentity managementExecution unitWeightFunctional (mathematics)Gateway (telecommunications)CodeRepresentational state transferGastropod shellCartesian coordinate systemMereologyTemplate (C++)Computer animation
04:51
Hash functionVideoconferencingOrder (biology)Installation artMultiplication signCASE <Informatik>Video gameDemo (music)Beta functionFlagCartesian coordinate systemProjective planeGastropod shellData structureDirectory serviceComputer fileMobile appComputer animation
05:29
Cartesian coordinate systemRecurrence relationFunctional (mathematics)RoutingMobile appCore dumpSubject indexingLambda calculusExistencePoint (geometry)Formal grammarComputer fileObject (grammar)
06:15
Cartesian coordinate systemOrder (biology)Mobile appLibrary (computing)Source code
06:51
Hash functionPrice indexInterior (topology)Set (mathematics)Cartesian coordinate systemComputer fileFunctional (mathematics)Level (video gaming)RoutingUniform resource locator
07:36
Connectivity (graph theory)Lambda calculusDependent and independent variablesFunctional (mathematics)AreaFocus (optics)Address spaceCartesian coordinate systemLogicProjective planeLecture/ConferenceMeeting/Interview
08:23
Convex hullConnectivity (graph theory)Cartesian coordinate systemGateway (telecommunications)Subject indexingFunctional (mathematics)Dependent and independent variablesSampling (statistics)Computer fileRoutingRight angleMobile appObject (grammar)Matching (graph theory)Group actionRootLevel (video gaming)Computer animation
09:26
Computer virusConvex hullLambda calculusPoisson-KlammerVariable (mathematics)Functional (mathematics)RoutingCASE <Informatik>ResultantDependent and independent variablesParameter (computer programming)
10:02
Game theoryConvex hullGateway (telecommunications)Sample (statistics)Computer fontFunctional (mathematics)Lambda calculusGateway (telecommunications)RoutingResultantView (database)Gastropod shellOcean currentPrice indexCategory of beingPoint (geometry)Projective planeCartesian coordinate systemMathematicsProcess (computing)Order (biology)Mobile appComputer animation
11:28
Pauli exclusion principleAirfoilSampling (statistics)Cartesian coordinate systemVideoconferencingDemo (music)Object (grammar)MereologyFlow separationSpacetimeCASE <Informatik>Representational state transferTrailElectronic mailing listQuery languageMobile appJSONXML
12:51
PasswordPasswordTrailMultiplication signComputer fileCartesian coordinate systemJSONXML
14:09
Rule of inferenceGreatest elementHand fanSanitary sewerSample (statistics)AuthenticationComputer fontUltraviolet photoelectron spectroscopyCartesian coordinate systemWeb applicationOrder (biology)AuthenticationWeb browserLogicLoginImage registrationBranch (computer science)VideoconferencingQuantum stateLogic gateJSONXMLLecture/ConferenceComputer animation
14:50
Level (video gaming)Level (video gaming)Branch (computer science)Parameter (computer programming)Gateway (telecommunications)AdditionInterior (topology)Cartesian coordinate systemLatent heatLogicPoint (geometry)Group actionWeb browserWeb pageOrder (biology)
15:49
Key (cryptography)CASE <Informatik>Uniform resource locatorServer (computing)Level (video gaming)MereologyRepresentational state transferTerm (mathematics)Multiplication signWordCartesian coordinate systemConnectivity (graph theory)Source codeJSONXML
17:36
Order (biology)Table (information)Representational state transferCartesian coordinate systemLogicDependent and independent variablesInformationGateway (telecommunications)Computer animation
18:11
Execution unitSampling (statistics)CodeGateway (telecommunications)Computer clusterFunctional (mathematics)Table (information)RoutingModule (mathematics)Different (Kate Ryan album)Directory serviceCartesian coordinate systemMobile appComputer fileRight angleLibrary (computing)Frame problemEndliche ModelltheorieObject (grammar)Computer animationXML
19:26
Maß <Mathematik>TupleCodeException handlingInformationLatent heatAbsolute valueGateway (telecommunications)XML
20:01
Surjective functionMaizePhase transitionSample (statistics)AuthenticationException handlingComputer fontCodeRoutingTerm (mathematics)LogicError messageMereologyFigurate numberDependent and independent variablesSheaf (mathematics)Functional (mathematics)Parameter (computer programming)Electronic mailing listCore dumpSoftware crackingException handlingRow (database)XML
21:20
Sanitary sewerSample (statistics)AuthenticationComputer fontDampingComputer configurationAuthorizationPoint (geometry)Level (video gaming)Information privacyWeb browserControl flowGenderFreewareInformation securityEmailException handlingTerm (mathematics)DebuggerSoftware testingDefault (computer science)Scripting languageComputer configurationProcess (computing)CASE <Informatik>Right angleCartesian coordinate systemLaptopWordWeb applicationMachine visionDifferent (Kate Ryan album)Physical systemMobile appDependent and independent variablesGame controllerOptical disc driveWeb 2.0Assembly languageOrder (biology)Computer fileLibrary (computing)Directory serviceCodeRepresentational state transferCore dumpLatent heatServer (computing)Module (mathematics)Arithmetic meanCAN busComputer animation
24:12
Computer fileFormal languageCodeClient (computing)Directory serviceGateway (telecommunications)Software development kitInformationElectric generatorMereologyTerm (mathematics)Cartesian coordinate systemBitRoutingComputer filePressureData structureLevel (video gaming)Source code
25:34
AuthorizationComputer configurationImage registrationLoginLambda calculusImage registrationCartesian coordinate systemMultiplication signPressureAuthorizationGraph (mathematics)Token ringComputer configurationService (economics)LoginTable (information)Reading (process)TrailAuthenticationTerm (mathematics)Order (biology)Functional (mathematics)CuboidCASE <Informatik>System callEmailLogicDependent and independent variablesProcess (computing)PasswordResultantConnectivity (graph theory)Point (geometry)Sign (mathematics)Mobile appRepresentational state transferDebuggerClient (computing)Right angleSampling (statistics)Link (knot theory)Gateway (telecommunications)CodeDifferent (Kate Ryan album)Lambda calculusComputer animation
28:43
Context awarenessInternet service providerMaxima and minimaRoutingOrder (biology)Token ringAuthorizationPoint (geometry)Reading (process)Key (cryptography)Functional (mathematics)Web pageAuthenticationLatent heatLambda calculusInformationTable (information)Ocean currentData dictionaryIdentifiabilityContext awarenessCategory of beingCognitionObject (grammar)CASE <Informatik>FamilyDatabaseXML
30:42
Image registrationTable (information)Lambda calculusFunctional (mathematics)PasswordCASE <Informatik>Process (computing)Point (geometry)Order (biology)Term (mathematics)TrailDatabaseDependent and independent variablesDecimalSign (mathematics)
32:31
Event horizonDependent and independent variablesFunction (mathematics)Context awarenessRevision controlMobile appClient (computing)EmailSample (statistics)AuthenticationComputer fontEvent horizonLambda calculusRight angleSheaf (mathematics)Process (computing)Gateway (telecommunications)Image registrationFunctional (mathematics)InformationTable (information)Different (Kate Ryan album)Entire functionContext awarenessOrder (biology)RoutingParameter (computer programming)AuthorizationCartesian coordinate systemMobile appLogicMultiplication signSound effectSign (mathematics)Real numberLaptopRouter (computing)Computer fontXML
34:56
Computer fontBroadcast programmingData managementIdentity managementFunctional (mathematics)Lambda calculusMereologyRevision controlOperating systemOperator (mathematics)Term (mathematics)Source codeExtension (kinesiology)Physical systemProcess (computing)DampingSlide ruleData managementInformationCartesian coordinate systemGateway (telecommunications)Multiplication signAdditionElectric generatorMobile appWindowGame theoryDemo (music)Service (economics)Point (geometry)Constraint (mathematics)Frame problemFood energyScheduling (computing)Metropolitan area networkTheoryNumberVirtual machineArea
37:33
Resource allocationCodeSoftware developerCartesian coordinate systemProjective planeStress (mechanics)Mobile appProcess (computing)Data managementBoilerplate (text)Point (geometry)Matching (graph theory)LaptopAreaLine (geometry)Scaling (geometry)Computer fileGateway (telecommunications)AbstractionComputer animation
38:33
Repository (publishing)Software developerWordBeta functionCartesian coordinate systemRepository (publishing)FeedbackTwitterCodeRenewal theoryGastropod shellMultiplication signLibrary (computing)Online helpWritingError messageInterface (computing)Link (knot theory)Service (economics)Computer animationLecture/ConferenceXML
40:06
Level (video gaming)Table (information)Template (C++)AreaDatabaseDifferent (Kate Ryan album)Latent heatCartesian coordinate systemLoginServer (computing)SequelInstance (computer science)Software frameworkFunctional (mathematics)Term (mathematics)Software testingElasticity (physics)MereologyComputer configurationCellular automatonRight angleSlide ruleINTEGRALCodeMultiplication signGoodness of fitComputer virusLecture/Conference
42:40
VotingMultiplication signTerm (mathematics)Functional (mathematics)PlanningSpherical capCellular automatonLimit (category theory)Denial-of-service attack1 (number)Gateway (telecommunications)Run time (program lifecycle phase)Set (mathematics)Workstation <Musikinstrument>Scaling (geometry)Elasticity (physics)InternetworkingWebsiteCartesian coordinate systemLambda calculusThread (computing)Process (computing)Parallel portOcean currentLecture/Conference
Transcript: English(auto-generated)
00:04
Hi everyone, my name is Kyle Knapp and I'm a software developer at Amazon Web Services where I primarily focus on developing Python client-side tooling such as the AWS CLI, the AWS SDK for Python, also known as Boto3, and a Python micro-framework for developing
00:23
serverless applications known as Chalice. And today what I'm going to talk to you about is how you can go about writing serverless applications using Chalice. To start, what I want to do is go over an outline of what I'm going to talk about. First, I'm going to give an introduction into serverless applications, mainly talk about
00:41
what they are, why you care about them. I'll give an introduction to Chalice, so getting started with Chalice and some of the core concepts. Then I'm going to go ahead and actually have a sample application show you how you can build it from the ground up using Chalice features. So, before I talk about what exactly a serverless application is, let me talk about why you
01:01
care about it and the benefits of serverless applications. To start, serverless applications mean you're not managing or provisioning servers, so that's less of a DevOps load for you. Next, you're only paying for the execution run time for your code, so if you're managing your own server, you're still paying for the server to be up and running, but even if there's no code running, you're still paying that cost.
01:23
And finally, you get scalability, so in terms of serverless applications, they're usually hosted by a service and it handles all of the scaling for you, so you don't have to worry about load balancing to meet the request needs of you're saying for your serverless application. So now let me talk about what exactly a serverless application is.
01:42
So here we have just a client and a server, and on the server we just have a simple hello world function running. When the client sends a request to the server, it will go ahead and run the code and reply back with hello world. So with a serverless application, this all completely goes away and it gets replaced by a service such as AWS Lambda.
02:02
AWS Lambda is a service for hosting your serverless applications, and what happens here is you have a bunch of code, you upload it to AWS Lambda, and AWS Lambda will store that code for you so that when you make a request to AWS Lambda, it will go ahead and execute that code and return the response hello world back for you.
02:21
So the key part here is you don't own the server, you're not managing it or anything, it's all handled by AWS Lambda and it will handle all the scaling for you as well. So now with that brief introduction of what serverless applications are, let me talk about Chalice. So Chalice is an open source Python micro framework for managing serverless applications
02:42
on AWS Lambda and integrating those serverless applications with other resources in your AWS cloud. So to get a better idea of what Chalice can do, let's go over a common use case you may use Chalice for, and that comes with REST APIs. So with a typical REST API, you send a resourceful request, so you're sending a Git to the
03:04
root path of your API, and you'll get an HTTP response back. Or maybe you send a Git request to the resources component and you get all your resources back from the REST API. Or maybe you want to change the method, maybe you want to put a specific resource
03:20
into your API and apply back with HTTP response. So the way that Chalice works is it takes AWS Lambda, it uses it as the back end, your core functionality for your REST API, and another service called Amazon API Gateway, which is essentially the front door for your serverless application. It's handling the HTTP request, sending the HTTP responses, handling the throttling,
03:41
and any authentication for you. So now if you send an HTTP request here, it'll get sent to Amazon API Gateway. Amazon API Gateway will then invoke your Lambda function or run your code, and return a response back to Amazon API Gateway, giving you an HTTP response back. Okay, so now if you just kind of take a look at the simplified version of how it's set up,
04:03
it looks pretty simple. It's just a two-way directional relationship. But in reality, if you were to go ahead and start this from scratch, it's a little bit more complicated than that. In reality, you need to worry about setting up an IAM role for your Lambda function, so you know what permissions you have. You need to actually take your code dependency, zip it up, and set it to create a function.
04:22
You have to create a Swagger document to create your REST API for Amazon API Gateway, and link it all together by adding permissions for Amazon API Gateway to go ahead and invoke it and create a deployment so you can hit it with an HTTP request. The nice part about Chalice, though, is that you don't really have to worry about this.
04:41
If you were to do this by hand, you'd have to go through the console, you'd have to use an SDK or CloudFormation template. But Chalice handles this all for you, allowing you to focus on the actual Python aspect of your application. So what I have here is a video of how you can kind of get started with Chalice. The Wi-Fi's been a little spotty, so I was going to do a live demo, but in order to save some time, in case things don't go as planned,
05:02
I have this video being ran. So first you need to pip install Chalice by using pip install dash s pre. Right now, Chalice is 1.0 beta, so you need to use the pre flag. And once you do that, you can go ahead and run Chalice new project, and that'll get you started with a brand new Chalice project application.
05:22
It'll create a new directory, and inside this directory, you'll see two files. There's an app.py and requirements.txt. The requirements.txt initially is empty to start, and that is where you specify all the dependencies for your Chalice application. So what happens with Chalice is that if you specify a dependency in your requirements.txt, it'll go ahead and download the dependency
05:42
when setting your deployment package to Lambda. So the second file, the app.py file, is where all your core functionality exists. And if I open it up right here, you'll notice it's actually very similar to, if you're familiar with Flask, where you create an app object, and you go ahead and specify routes for that app.
06:01
So right here, we're registering a route route, so that if a HTTP request is sent to it, that's a git, the index function would get ran and return hello world. So let's go ahead and actually just quickly just deploy this app using Chalice. So as this Chalice app is getting deployed, one thing I want to mention is while this application is just sending hello world,
06:23
this is a production-ready application. You can send as many requests as you want, and the AWS Lambda will scale it up for you and be able to handle any incoming requests. So once it's going to be done deploying, it will go ahead, and there's one more thing we're going to need in order to start hitting the API.
06:42
And that is a Python library called HTTPPy. That's pretty much a command line tool for making HTTP requests from the command line. So if I go ahead and actually, from Chalice URL, I can see what my API URL is again. Go ahead and copy it, and send a git request to my API.
07:02
And you can see it returns back hello world. Cool. So now what I can do is if I want to add more routes to my application, I can go into my app.py file and go ahead and add new routes. So for example, I'm going to go ahead and add the foo route to this application so that if a git request is made to foo, I will go ahead and run the foo function that will return foo bar.
07:27
So now once I have that updated, I can go ahead and run Chalice deploy again. And that will update my lambda function, and I should be ready to go in and actually start using
07:40
this new update to my API. So now I'm going to get my URL real quick because I don't have it memorized. And I go ahead and paste that and add the foo component to my path. And from there, what I'll get is the expected response I want back. So it should return foo bar, which it does.
08:04
So the two things I really hope you guys got out of this demonstration was how quickly you can hit the ground running using a Chalice application to start using just Chalice new project and Chalice deploy, and also the fact that Chalice is handing all of the AWS resource setup for you. So you don't actually have to worry about AWS. You just have to focus on the Python-specific logic
08:22
of your application. So now what I want to do is go to some of the key components of a Chalice application, and by going over this sample app on the right. So what I have here to start is a app object that I create, and I register a bunch of routes to it. So let's take some sample HTTP requests and see how the app reacts.
08:42
So here we're just sending a get request to the route path, and what that will happen is it'll match up with this route, and therefore when AWS Lambda gets invoked, it will run the index function. Once it runs, it will return back hello world to the end user, and Amazon APA gateway will forward an HTTP response back saying hello world.
09:01
So now let's take a get to the resource hello. This will match up with this route here and run the hello euro Python function. And once it's run, it will return hello euro Python as a HTTP response back. Okay, so now let's actually look at something different now. So with this request right here, you'll notice that the exact path
09:22
doesn't actually match up with any of the literals here in the app .py file. What will happen is it actually matches up with this route, and that's because if you provide a curly bracket in your path, it means it's a variable. So you can provide any value you want. In our case, we're just providing Kyle as a variable. So as a result, Lambda will run the hello name function
09:43
returning back using the name provided, and this name parameter is passed in using the variable in the path. And as a result, the value of name will be Kyle, and go ahead and return hello Kyle back to the end user's HTTP response. So the final one I want to talk about is the post.
10:02
So with the post, what happens, you'll notice that it uses the resource hello, but it doesn't use the second from the top function. That's because it's a post, and the route registered only allows for a post if you use in the methods keyword arg. So by default, if you don't specify any methods, it will only allow for gets.
10:22
So as a result, Amazon API gateway will invoke this Lambda function with the post function involved. If you're looking into the post function, you'll notice that it uses the app.current request. That refers to the HTTP request that triggered the Lambda function. And you can get properties of the request, such as the JSON body. So for example, you will have the value JSON body
10:42
when you're actually invoking your function. So now that when you return, you'll notice that the JSON body matches up with the actual request. Cool. So that was just a brief introduction chalice. Let's talk about the main points I covered. One, in order to start a new chalice project, you just need to run the chalice new project command. It lets you hit the rigana running
11:02
and immediately deploy that. Chalice deploy, if you make any changes to your application, all you need to do is run chalice deploy. You can immediately start using it and sending HTTP requests to it. App.route, that allows you to run specific functions based off the HTTP request path or method that you sent. And finally, there is the current request property,
11:23
which allows you to access the current request that triggered your function. So let's talk about the sample application part. This is the meaty part of the talk. In my sample application, what I did was I created a trivia app. So here is a video of me running my trivia app. If you're interested, you can go to that URL.
11:42
It's a public S3 object or a bucket. And I'm gonna go ahead and kind of demo this from the video. So here what happens is that the application will ask my REST API a specific question. So it'll give me the question and a list of possible answers to use.
12:01
And what will happen now is, let's try to answer this question. Hopefully everyone knows where they currently are right now. In case you don't know, we're in Rimini, Italy. So let's go ahead and select that answer. And then there's a separate API request that will now let you post the answer
12:20
to figure out if you got it right. So of course, by posting the answer Rimini, Italy, we got that right. And we can go ahead and query for another answer on our REST API. So now here's the second question, asking about spaces, how many should be used for annotation. Let's say we're completely new in Python and we put none use tabs, which is obviously wrong.
12:42
So the chalice app will send a request and it will tell you that you're wrong and you get the next question. So let's just say we've been answering a lot of questions and we want to keep track of our score, where we are. So we have this additional ability to go ahead and sign up as a user and be able to log in
13:00
and keep track of our score over time. So I'm gonna go ahead and add this as my username being Kyle and then give it a password. And then from there, I can go ahead and log in.
13:23
So once I log in, what that will do is take me back to the original question and I can start answering. So for this first question, let's say I forgot that it's 2017 and I thought it was 2016, I put Bilbao down, which is obviously wrong. Now let's actually get this answer correct. And once we submit four here,
13:40
we should be able to go ahead and get the next question and see what our current score is. You can see that total correct is one, total answer is two. I can now say, let's say I want to take a break and go ahead and log out and resume later. So if I go ahead and log out, it will return to me back to the original question and I can go ahead and log in again.
14:04
And that should take me back to where I left off was that third question about the Zen of Python. So that's the gist of my application. What I want to do now is actually talk about how you go about writing this application with Chalice. So there's three steps in writing this application.
14:20
One, you have to worry about the question-to-answer API, that whole idea of getting a question and then posting that answer in order to determine if you're right or wrong. There's the web application portion, so specifically the browser logic to make sure that you can work in the browser. And then there's this third step, which is authentication users, so being able to handle registration, log in, and being able to track user score. So in order to show the REST,
14:41
the Git answer and the post-answer API, let me go over this new video in which what I'll do is I'll show you an initial branch of, right now I have the master branch that has all the prod stuff on it. I am using this initial API branch that just has the Git and post. There's additional APIs that I'll need later on. But to kind of show you a chalice deployment,
15:01
what I'm gonna do is deploy this branch to AWS Lambda and API Gateway. And I wanted to make you understand that in this command I'm running, I am running it with a dash dash stage argument. So the purpose of dash dash stage is that it'll allow you to combine your resources
15:21
into specific stage groups. So right now I have a bunch of resources running my prod application. So if you went to the browser page, it's hitting all my prod resources. If I'm gonna go ahead and deploy, deploy new resources, deploy new logic, I don't wanna be deploying straight to prod, right? I wanna be deploying to some other stage that has all the resources isolated.
15:40
So that is what I'm doing here. And then once I feel comfortable, I can go ahead and deploy it to prod. So in order to hammer that point home, all I have to do is run chalice URL with a stage URL to show that the actual URI that I get back is completely different from what the dev stage is.
16:00
So now let's actually get into the question and answer part of the API. So if I want to actually go ahead and get a question, I go ahead and copy this URL in, and I add the path component's questions and question ID. So in terms of how we do questions, you have to provide a question ID.
16:21
They start at one, increment by one each time. So by running a get on this URL, you will get the first question for the trivia application. So we run a get on that. You'll see that it returns back that URL Python, where it's being held, and the possible answers that you can use. It didn't reply to an answer back,
16:41
so you're gonna have to go ahead and post this answer. We allow for a post to the same URI, and then what we're gonna do is include a JSON body in this post for our server to be able to figure out what the correct answer is. So we provide the answer key and the actual answer, and once we actually go ahead and post this,
17:01
it'll tell us if we're correct or not, in which we were correct. In the case where we submitted a wrong answer, it'll do a similar thing. But, so let's say I put down Bilbao, Spain instead for this.
17:21
And what will happen instead, it will tell you, all right, the correct answer is actually Remini, but the, and you got your answer wrong. So let's go ahead, now that you have an idea of how the REST API looks, let's actually go talk about how you'd go about doing this. So let's imagine we have our get question API.
17:42
We have a question table that has all of our questions. In order to set up a REST API for this, all we need to do is stick a chalice application in between the two, so that if you send a get request, it will be forwarded by Amazon API Gateway to AWS Lambda, which will read from the question table
18:00
and return the information back to the user as an HTTP response. So now, if they provide a question that doesn't exist, that would be the same logic, but Lambda will realize it's not on the table and tell Amazon API Gateway to give the user a four four at the very end. So, here is some sample code on how you actually implement it.
18:21
Don't worry about trying to read through it all right now. I'm gonna step through it one by one, so make sure you pay attention. So to start, I just import chalice here. The second thing I import is a chalicelib.question. So this is not a dependency of chalice. It's actually a built-in functionality. So if you want your application to grow outside of an app.py file,
18:41
like you want more than one file involved, you can use something called a chalicelib, which what it'll do is you can create a new chalicelib directory in your chalice app, allowing you to put new modules, like I added a questionspy module into my chalicelib directory. And this is a lot different than requirements.txt,
19:01
because requirements.txt is mainly for third-party package dependencies, so stuff that you didn't write, but you just wanna take a dependency on. Afterwards, I go ahead and create my app object, and then I register my route and a handler for it. It accepts a question ID, because question ID is a variable in the URI.
19:22
And now all we have to do is create a questions table called getQuestion. This will return none if the question doesn't exist, or a name tuple of information about the question. So if the question doesn't exist, we're gonna go ahead and raise this chalice.notFoundError. So chalice has a bunch of built-in exceptions that allows you to raise it in your code, and Amazon API Gateway will propagate
19:42
the specific status code back to the end user. So by raising a chalice.notFoundError, you will raise a 404 to the end user. So now after all that's been gone through, we can go ahead and return the question ID if it was found. So the post side of it is very similar to the get. All you have to do is in abs lambda,
20:01
once you get the question back, is determine if the provided answer is correct. And if it is, go ahead and return true to the end user. So here again is the code required to do this. Don't worry about reading this all through right now. I'm gonna step through it again. So to register the route to start, we use the same path as before, but instead we specify a post.
20:21
The last route we registered was only a get. So now we go ahead and create our function handle, in which we accept question D as a parameter because it's a variable in the path. And then from there, the very first thing before we do any core logic is to make sure that the answer's actually in the JSON body. And if it isn't, we raise another built-in chalice exception,
20:42
which is the bad request error. This will raise a 400 error to the end user in terms of an HTTP response. And then from there, what we can do is do some of the more core logic and figure out what to be provided and get the actual question, make sure that the provided answer is a list of possible answers. If it's not, let's go ahead and raise another bad request error, another 400,
21:02
and tell them you need to provide an actual answer of the list of possible answers. Once all those checks have been complete, what we go ahead and do is return, if they're correct, what was the provided answer and the actual correct answer. So that was the question and answer part of the API. Let's talk about what we kinda learned in this section.
21:21
First, we talked about chalice dash dash stage, so the idea of being able to group your resources into different stages so you don't interfere or deploy over your existing resources. So if you wanted to experiment with a dev stage, you can keep your prod stage running and not have to worry about deploying over what you have previously deployed. We talked about chalice exception handling,
21:42
so raising a built-in chalice exception to go ahead and propagate a specific status code you want back to the user. And we also talked about chalice lib, so if you wanna outgrow your app.py file, you can go ahead and create a chalice lib directory and create your own modules inside of that. So now that we talked about the question and answer API, let's talk about the web application portion of it.
22:02
So for the web application, there's two things we're gonna have to worry about. We're gonna have to add ability for cores, and we're gonna also have to get an SDK to be able to interact with our API in the browser. So with cores, right now what I've been doing is just making API requests with my laptop to my rest API. I don't really have to worry about cores.
22:20
But the minute I put a browser in there, we have to worry about data security in terms of making cross-domain requests. And to do that, we have to abide by cores. And here's an example for a simple get request. What happens here is that when we send a get request, it'll send the same response back, but we also include this header right here, the access control allow origin header,
22:41
which specifies what origins are allowed to read this resource. In our case, we just provided a star, meaning any resource can. If the request gets a little more complicated, maybe it's a put or has some extra headers, the browser also sends some pre-flight requests in terms of an options HTTP method.
23:00
And in order to do that, it'll determine what permissions it has to send in this request. So specifically, the server will apply back with what headers you can reuse in your request, what methods you can use in sending it, and also what origins are allowed to access this resource. In order to enable this in a chalice application, it's quite simple.
23:21
You just add cores equals true. That'll give you all the default values. It'll get you a star for the allow origin. It'll give you a preset of headers. And any methods that have been labeled as cores will also add that to the allow methods for the cores headers. If you want anything more specific, you can go ahead and run it with cores config
23:42
instead of a boolean, and you can get specific values that way as well. So now what I wanna do is talk about generating SDKs. So the front-end application I have is all written in JavaScript. Don't worry, I'm not gonna show you very, very much JavaScript. This is a Python conference. I'm way more confident with my Python abilities,
24:03
so I'm gonna spare you guys of that. But with a chalice-generated SDK, what it allows you to do is generate a JavaScript-based SDK to interact with your API. So here is an example of how you go about doing it. So all you need to do is just run chalice,
24:20
generate SDK, and specify a directory. And what's gonna happen here is that chalice will make an API request to Amazon API Gateway, and Amazon API Gateway will go ahead and generate your JavaScript SDK for you. Chalice will then download it and unzip it in the directory that you specified.
24:40
So now if I go ahead and cd into this directory, you can see the different files I have available to me. And you can see that I have a API Gateway client, js file, and under here you can see some client code. Let's look at the more specific things related to our application. So for example here, we have our invoke URL.
25:02
You can see this is exactly the same as our dev stage, so this is the URL we're gonna be hitting in the end. Then if I skip along a little bit to the later on in the file, you can also see some of the methods, so some of the routes. So you can see here, this is just the questions, so this is the get question part of the API.
25:21
This allows me to get my information about a question. So that's it in terms of how much JavaScript I show you, but it just gives you an idea of how you can have easy access to your API from a front-end application. So continuing on, let's go ahead and talk about the last piece that we need in order to complete this application, which is authorization and users.
25:45
So in terms of authorization and users, the one thing, if you remember from the sample application, there was the ability to log in, there was the ability to register yourself and be able to keep track of your score and where you've been. So Chellis has a bunch of different authorization options available to you. There's of course none, which we've been using
26:01
the entire time, we don't have to be authorized to use our APIs. There is Xam Authorizer, which is using Abyr's credentials and Amazon SIGV4 signing to give authorization. There is Cognito User Pool Authorizer, which is using Amazon Cognito, which is a managed service for managing users and user pools and handling credentials and login and registration and whatnot.
26:23
And finally, there is the ability to define your own authorizers using the decorator app.authorizer. So in your Chellis code, you can go ahead and actually implement all the logic that you need for your authorizer and then link that up with your rest API handlers. For this application, I'm gonna be using the Cognito User Pool Authorizer.
26:42
Mainly because Amazon Cognito User Pools gives you a lot of functionality right out of the box. So mainly it's to be able to manage users, so it's to be able to manage all the user data there and handle login and registration all for you. It provides SDKs for user registration login, so my front end application is just a simple function call to get my credentials or to register a new user.
27:02
And it also provides AWS Lambda triggers. So while it provides an out of box solution, if I wanna customize it all, I can create Lambda functions that will customize the process in terms of how a user signs in or registers themself. So in order to talk about how an authenticated user answer would be,
27:22
let's talk about the anonymous one first. So here's the setup for the anonymous one. If we wanna actually add an authenticated answer API, we go ahead and add the user component here. And in adding the user component, we need two more resources. One being a user table, we also need Amazon Cognito.
27:43
So in terms of the workflow in order to actually keep track of the user's answers, we need to do the following. First, the client will have to make a request to Amazon Cognito using their username and password to authenticate themselves. Once they've been authenticated with Amazon Cognito, they go ahead and return a JWT token back to be used in subsequent requests.
28:03
And from there, you can go ahead and post your answer, but notice that there's an authorization header included that matches the exact same JWT token, and Amazon API Gateway will then check to make sure that they're authorized, and go ahead and invoke the AWS Lambda function. AWS Lambda will make sure
28:20
what their answer was was correct, and based off the result, we'll go ahead and record that in our user table, and finally return that HTTP response back to the end user. Here. So to actually implement this, here is sample code on how you do it. I'm gonna step through this one by one again, so follow along.
28:40
Here, what I have is the pool yarn. So the Amazon Cognito user pool, I set this up prior to any shell-less deployments, and the pool yarn is essentially the identifier for this pool. And from there, what I do is create a Cognito user pool authorizer. So I provide my pool yarn to that to have an authorizer that I can then take in my route
29:02
and assign it as my authorizer. So any request going through this route has to have Cognito user pool authentication in order for it to pass through. So now from there, what we'll go ahead and do is create a function, and go ahead and run the answer question function.
29:20
If you remember from before, answer question comes from just the anonymous post questions question ID route. Once we have the answer data, we need to actually figure out who the user was to just answer that question. And in order to get that, what we can do is go ahead and run this helper function called get authenticated username, which uses a property on the current request object,
29:41
which is the context. The context provides information about which exactly triggered my Lambda function and just information about it. And if I open this up, you see I get a big JSON dictionary. I actually shortened this dictionary because if I didn't, it will fill up the entire page and it didn't have any room. So I shortened it just for the specifics that we want.
30:01
And specifically what we want is the Cognito username out of it. In this case, the username was my username. So another point I want to make out to you is that ideally if you're keeping these in a database, you probably want to be using the sub token. This is a uniquely generated ID by Amazon Cognito.
30:21
So if you're trying to add these users to a user pool, you probably want to use that as a primary key. But I'm just using Cognito username for simplicity and reading for this talk. So now I go ahead and create my user table. I update my user score and return the answer data, which came from the answer question.
30:41
So now that we have login all handled and keeping track of user score, the one thing we haven't covered is how do we handle registration of users? So like I said before, Amazon Cognito provides to you a out-of-the-box solution, but you may want to customize it. In my case, I actually wanted to customize it. Specifically, in terms of registering new user, usually you sign up and then you have to do a confirmation
31:01
of the user has to then confirm themselves. I wasn't particularly interested in doing a confirmation, so I wanted to be able to disable that. A second thing I wanted was that immediately after a user registered, I wanted to keep track of them in my DynamoDB database. I did not want to only have access to users
31:20
that have just answered a question, because that's the only way I would be able to track it by adding them when I invoke the Lambda function. So in order to do this, I add two more Lambda functions. One Lambda function for auto-confirming the users, and another Lambda function for actually adding users. And the way it works now is once you register,
31:42
you send a username and password to Amazon Cognito, and Amazon Cognito will start the registration process. And these Lambda functions are hooked up to specific points in the registration process so that Amazon Cognito would then invoke the Lambda function on a specific point. So at the pre-sign up trigger, we'll go ahead and invoke our auto-confirm function,
32:01
in which case the Lambda function will respond to Amazon Cognito to go ahead and say, you can go ahead and auto-confirm this user. After they've been signed up and confirmed, there is another trigger called the post-confirmation trigger. And with the post-confirmation trigger, what we'll do is have the Amazon Lambda function go ahead and actually add the user to our table.
32:21
It will return back a response, and Amazon Cognito will tell the user, you're all signed up, you're good to go. So the auto-confirm function. It's not very difficult to do this. All you have to do is in your app.py file, go ahead and add this function right here. So this is a little bit different
32:41
than you've been seeing previously. We've been using routes as a decorator. This time we're actually using the Lambda function decorator. So what that means is a standalone Lambda function, so it's not connected to any API gateway, so you can't actually make a REST API request to it. And it's also isolated from your API Lambda function,
33:02
all the logic that's handling your routes. So this function now accepts two arguments. There is the event and context. The event is usually a dictionary that has all the parameters that triggered this Lambda function, and the context has information about how the Lambda function got triggered. If I actually look at the event here, you can see the different information
33:22
I have available to myself for this pre-signup event. And specifically what I'm interested in is telling this auto-confirm user value a false and setting it to true. And after that, I'll go ahead and return the event, this entire thing, telling Amazon Cognito to skip the confirmation signup, the confirm signup step.
33:42
So in order to add a user now, this is not too difficult either. All you have to do is add another Lambda function here. And like I said, like I did in the last one, the Lambda function is a standalone Lambda function because it's using the Lambda function decorator, so it's not connected to Amazon API Gateway. And the event that it adds is,
34:03
the event that it takes in is this event here. And out of this event, I can get information such as the username, which will allow me to go ahead and add the user to the user table. I can go ahead and return the entire event to Amazon Cognito, and then that's all it takes for the entire registration process to happen.
34:23
One thing I also wanna mention before is that after these Lambda function deployed, I have to go ahead and add these as triggers to my existing user pool. It's a one-time setup thing, but I'm using Chalice mainly here so I can handle the deployments and updates of my Lambda functions in my Chalice application because it makes it very easy for me to update it.
34:45
So, going back to that line, let's talk about what we learned in a section. We talked about how to use Amazon Cognito to give authorization for your Chalice application. We talked about app.currentrequest.context, so being able to get information about your Lambda function and how it got invoked.
35:03
And finally, we talked about the app.LambdaFunction decorator, so being able to set up a standalone Lambda function that is not connected to Amazon API Gateway and just runs by itself. So, given the time constraints, there's some other Chalice features I really wish we got to talk about,
35:22
but unfortunately was not able to. One feature being the app.schedule decorator. So this is like the Lambda function decorator, but it's cool because you can essentially have cron jobs running for your serverless application. So every X minutes, every X hours, or a specific day of the week, you can have a Lambda function run.
35:41
So that's very convenient. Another one is dependency management. So, if you remember before in the intro demo, I talked about requirements.txt and how it downloads all the dependencies you need for you. While that's pretty straightforward, but when it comes to C extensions, it gets kind of complicated.
36:00
Because with AWS Lambda, it's underlying operating system it's running on is Amazon Linux. So if you send up a compiled version of the C extension that isn't compatible with Amazon Linux, you're gonna have a lot of problems with your Amazon and your AWS Lambda function. The cool part what Chalice will do though, is it will actually download wheels for you that are compatible for Amazon Linux,
36:22
unzip it into your deployment package, and go ahead and allow you to run that in Lambda. So for example, if you're doing your deployments from a window machine, and you had a dependency on NumPy for example, it'll go ahead and download those wheels for you that are compatible for Amazon Linux, and go ahead and include that deployment package so you can have NumPy run your Lambda function.
36:42
It doesn't matter to the operating system. So last thing I want to talk about, additional Chalice feature is the AWS IAM policy generation. Which what it allows you to do is, if you remember from the very first, one of the first slides where we're talking about
37:01
the setting it up from scratch about the IAM policy. So Lambda needs a bunch of permissions in terms of if you're gonna access other AWS resources. What Chalice will do is scan through your source code, determine all the operations you're using, all the AWS resources you're using, and actually generate that IAM policy for you so you don't actually have to worry about that part of the Lambda deployment part.
37:24
So now let's start wrapping this up. The one thing I really hope you guys got out of this talk was the benefits of using Chalice. From the beginning, it showed how it allows for easy and fast-paced app development. So from Chalice's new project, you can get quickly started and deploy that application
37:40
and quickly iterate on top of it. There's not a lot of boilerplate code you need to worry about in deploying your Chalice application. I think in the end, my app.py file for this entire application was less than 100 lines of code. So that was really nice. Another point is it handles all the AWS resource management for you. So it provides a nice abstraction
38:01
on top of all the AWS Lambda and API gateway stuff. So you don't actually have to worry about that. It'll handle it all for you. So you can just focus on the Python-specific aspect of your code. And finally, it produces production-ready applications. Production-ready being it's being ran on AWS Lambda
38:20
and therefore it's handling all the scaling for you and all of the infrastructure management. So you can go ahead and deploy it, just leave it there and not have to worry about it or worry about any of the DevOps related to it. Okay, so the final thing I wanted to mention is that we released Chalice 1.0 beta last week. So what that means is that while it's still
38:42
developer preview, we're getting very close to actually going GA with this and having that 1.0 release. So between now and when we actually do 1.0, it's only gonna be small enhancements based off user feedback and trying to polish up the final interface. So I really hope this talk motivated you guys
39:01
to all try out Chalice, try writing some serverless applications. And if you have any feedback, come find me or there's another dev here, James, from the Chalice team. Or you can also post an issue on GitHub. Any feedback we can get between now and we go GA is very valuable. So we'd be grateful for it.
39:22
So one thing I wanna say is here's some related links. Here's a Chalice repository, Chalice documentation, and also all the code I use for my Chalice trivia app, you can find it here. I need to fill out the readme a little bit so if you're trying to deploy it initially, you might have a little bit of issues, but you can at least get a gist of how I actually went about writing this application.
39:42
And you can follow me at Twitter, at vcalnap for any updates related to this talk. And also if you wanna talk about AWS, Chalice, or any of the libraries that I work on, please come find me or my team member later this week. I'll be here the entire conference. So if we have time for questions,
40:01
we can do it after, but thanks everyone for coming and listening. We do have time for a few questions, so let's get started. Hi, hello. Is Chalice providing, good talk by the way. Yeah, thanks. Is Chalice providing any way to manage resources
40:23
like S3 buckets or databases or anything else? Not currently. The closest thing you could do is it provides the ability to have CloudFormation templates where you can have an S3 bucket there. But one feature I really wanna add is some of the major resources like S3, DynamoDB, something you'll be using a lot in your application
40:41
and being able to manage it. But that's something on the roadmap. Yeah, hi, thanks for your talk. In terms of data persistency, what databases, because you show a user table, a question table, what options are there?
41:01
Can you repeat the question? I can't hear very well. Sorry. So in terms of data persistency, like databases, what can you use? Can you use like MySQL, Postgres, DynamoDB? Yeah, I mean whatever table you have available to you or whatever it can connect to. I was using DynamoDB in my user table, so that's really nice because it's just,
41:23
integrates really well with the AWS, just resources and whatnot. Does that answer the question or? Yes, thanks. Okay. Yeah, hey, thank you for the talk. And what about testing? Because the code you showed was really, really tight coupled. And, oh sorry, what about testing?
41:42
Yeah, so in terms of testing, you can go ahead and just test those general handlers. But in terms of actual framework, if you're familiar with Flask and how it has its own testing framework, Chellis doesn't really have anything specific like that, but it's something we want to add in the coming days.
42:07
Thank you for the talk. Very nice slides. Thanks. And my question is that you told the main difference between pre or art is that you don't have a server to manage. But if you take Elastic Beanstalk, for instance,
42:21
you also don't manage anything. You just upload some artifact with which speaks whiskey. And that's it. What's the difference? And the serverless itself feels like a little misguiding because you have a server on demand. Yeah, yeah, I hear you saying. So the thing with Elastic Beanstalk is that you still have the application up and running.
42:41
But if you're using AWS Lambda, though, you're only paying for the execution run time. So you still may have your Elastic Beanstalk application still going, and you're still paying for that resource, both. AWS Lambda, you only have to worry about whenever it gets executed, if that makes sense. Last question.
43:01
Okay, and another question. Okay, if I get denial of service attack, and you're told it scales very crazy, would Amazon bill me, all that DDoS, or us? For the, we're talking about DDoSing? How does it work? Yeah, denial of service, so I get a lot of traffic. The Amazon can handle it, but to all my expense.
43:23
Like, how does it work? Oh, yeah, so what you're gonna have to probably set up is in terms, you can actually set up throttling through API Gateway, and that'll actually handle to make sure that your Lambda function doesn't get evoked way too many times, so you can avoid that. Oh, you can just cap it, right? Yeah. Okay, thank you. Actually, I think we have time for one last question,
43:41
if anyone has one. Hey, thank you for the talk. So, I just looked it up on the internet, and it seems like there are some limitations. Well, of course, it's everywhere. And it seems like you can have only a thousand parallel threads, like, threads and processes executed for one function,
44:04
one Lambda function. So, my question is, what if you need to serve more than a thousand QPS? Can you repeat that again? I didn't catch the last part, sorry. So, basically, I looked at the Amazon website, talking about restrictions. So, there are limitations. You can run, I think, 1,024 threads and processes
44:21
for one Lambda function in parallel, at the same time. What if you need to serve more than 1,000 QPS? I believe that's just a, sorry. So, I believe that's just your cap on terms of Lambda functions. In terms of having it invoke, I believe that's not the limit, is it? Well, that's what I've seen. Maybe I misunderstood it. I'm pretty sure you can only have about,
44:40
you can only have 1,024. I think that's where the current limit is, of just simultaneous Lambda functions going. Like, they're separate ones. Oh, okay. So, it's not, like, Chalice will have the same Lambda function for your API. So, you can hit that as much as you want. There won't be an issue with that. Okay, makes sense. So, it's not an indication. Okay, cool, thanks. All right, thank you, everyone.
45:01
All right, thanks.