New value of full serverless architecture
With Amazon OpenSearch Serverless officially launched for "commercial use", Amazon Cloud Technology's full-stack "Serverless" application architecture has also "begun to take shape", which also means that in the future, enterprises can simply and easily build a complete application on Amazon Cloud Technology. Serverless application architecture.
Data also shows that there are currently more than 1 million active users of Amazon Cloud Technology's Serverless service, and the number of monthly call requests exceeds 100 trillion. It can be said that Amazon Cloud Technology's leadership in the Serverless field has been widely recognized by customers and the industry.
However, the pace of innovation of Amazon Cloud Technology "has not stopped." Take the Amazon Lambda service as an example. Although Lambda released eight years ago demonstrated Amazon Cloud Technology's vision for Serverless, it is undeniable that the Serverless technology at the time was still insufficient. Mature, until this re:Invent 2022, the launch of Lambda SnapStart's new function has greatly optimized the cold start speed of Serverless. In addition, its core data analysis service product has been fully "Serverless", which truly marks the Amazon Cloud Technology has truly made the serverless architecture "universal", and I believe it will bring more choices and better services to more enterprises on the cloud.
So why is Lambda SnapStart so important? This requires returning to the user's actual application scenario. Although the Serverless service can wake up and allocate virtual machines or containers when needed, realizing "allocation on demand" in the true sense, in specific application practice, due to The emergence of network delay and other factors can easily cause users to have a short waiting time when using this service, seriously affecting the user experience. To give an easy-to-understand example, a supplier of smart access control uses a Serverless service in the background application. The application is only started when someone swipes the access control. During peak periods when users are active when going out in the morning or returning home in the evening, the virtual machine may be always on. At night or when users are inactive at other times, the virtual machine is shut down, which also means that each time an application is started during this period, it will take a certain amount of time - that is to say, the response time of the Serverless service will affect the application response time. , which in turn affects the user's physical examination and makes the user feel that the response of the background application is delayed. From this perspective, shortening the cold start time of serverless computing services is of great significance to user experience.
In fact, Amazon Cloud Technology has previously shortened the startup time of serverless services to less than 1 second through technical improvements such as Firecracker microVM, and this time the newly released Lambda SnapStart function has once again shortened the startup time by 90%, and this time The launch of the function will undoubtedly help more applications adopt the Serverless architecture, because it truly allows Serverless services to bring enterprise customers the same experience as virtual machines that are powered on 24 hours a day and serve around the clock. At the same time, the consistency of application performance is also better. protection.
Data shows that the global Serverless service market size reached 44.61 billion yuan in 2020, of which China's Serverless service market size reached 6.37 billion yuan, accounting for approximately 14.3% of the global market. With the completion of the construction of Amazon Cloud Technology's full Serverless architecture, it is believed that it will also It will accelerate the serverless process in China and even the world.
Configuring an OpenSearch Serverless collection
To get started with Amazon OpenSearch Serverless, you can create a Collection (collection).
Before launching OpenSearch Serverless, you need to create a managed cluster, specify the instance type, number, and storage options, and then manage the lifecycle and sharding policy of the indexes within the cluster. You can use OpenSearch Serverless to create a collection to manage a set of indexes that work together to support a specific workload. There is no longer a need to specify hardware or manage indexes directly.
To create an OpenSearch Serverless collection and protect your data, you need to set upEncryption policies to assign an AWS KMS key to an or Multiple collections and then attach Network policies to the collection to control access from specified VPCs and public IP addresses.
To create an encryption policy, selectEncryption policies andCreate encryption policy. Encryption at rest protects the indexes in the collection. For each collection, AWS KMS generates a unique symmetric encryption key. Encryption policies are an ideal way to manage AWS KMS keys across multiple collections. You can define a target collection name or prefix, which automatically applies the encryption settings in this policy to the collection.
To allow users to access the collection, selectNetwork policies in the left navigation pane, and then select. Network policies determine whether a collection is accessible from the public network over the Internet or must be accessed through an OpenSearch Serverless hosted VPC endpoint. Create network policy
Multiple rules can be defined per collection, and the Access Type can be Public or VPC, the latter being the recommended option. If you select the public option, you can access the collection from the OpenSearch control panel. Additionally, you can configure access to the OpenSearch control panel and OpenSearch endpoints. For resource type, enable access to both the OpenSearch endpoint and the OpenSearch control panel. In both input boxes, select the Collection Name attribute and the collection name or prefix. Finally, to create an OpenSearch Serverless collection, select Create collection from the home page, or select Collections in the left navigation pane and then select Create collection.
Upload and search data in collections
The following example policy provides a single user with the minimum permissions required to create indexes in a collection, index some data, and perform searches. Replace the principal ARN with the ARN of the account you will use to log in to the OpenSearch control panel.
[
{
"Rules": [
{
"ResourceType": "index",
"Resource": [
"index/books/*"
],
"Permission": [
"aoss:CreateIndex",
"aoss:ReadDocument",
"aoss:UpdateIndex",
"aoss:DeleteIndex",
"aoss:WriteDocument"
]
}
],
"Principal": [
"arn:aws:iam::123456789012:user/admin"
]
}
]You can now use Postman or curl to upload data to your OpenSearch Serverless collection. Developer tools are also available in the OpenSearch Control Panel console. Select OpenSearch Dashboards on the collection's details page.
Log in to the OpenSearch control panel using the AWS access key and secret key specified for the principal in the data access policy. In the OpenSearch control panel, open the left navigation menu and select Dev Tools. To create a single index named books-index, run PUT books-index and index the first single document into books-index.
Search data can also be queried in the development tools.
GET books_index/_search
{
"query": {
"simple_query_string": {
"query": "Jeff",
"fields": ["author"]
}
}
}For time series data, data can be ingested using all streaming ingestion options, such as the nativeOpenSearch Streaming API, and various open source streaming ingest pipelines such as Logstash, FluentBit, Fluentd and Data Prepper. AWS Glue, Amazon Kinesis Data Firehose
In addition, you can easily migrate workloads by taking a snapshot of data from a managed cluster on OpenSearch Service and then restoring it to a collection. Once the data is in the collection, you can query it using your favorite OpenSearch client and interactively analyze and visualize the data using the OpenSearch control panel.