Sorry, you need to enable JavaScript to visit this website.

Packaging Serverless Application Code in Container Image

Packaging Serverless Application Code in Container Image
April 26, 2021

"Serverless is the future of cloud computing"

Ever since the launch of AWS Lambda, a zip archive of the application code or binaries has been the only supported deployment option. In contrast, companies across the cloud industry have embraced Docker, and container images are now the de-facto standard of application packaging.

So, in line with the market, Amazon Web Services (AWS) has recently introduced a new feature that allows developers to package and deploy Lambda functions as container images of up to 10 GB size. Now the developers can easily build and deploy serverless applications using their preferred languages, familiar tools, and required dependencies.

Here are a few advantages of container images deployment:

  1. Code in your choice of programming language: The container entirely encapsulates your Lambda function (libraries, handler code, OS, runtime, etc.). Therefore, the experience of developing functions in languages not native to AWS Lambda is simplified.
  2. Use custom OS and custom runtimes: The Lambda service provides a variety of base image options with pre-installed runtimes. These base images will be patched and maintained by Amazon Web Services. Currently, the runtimes supported include dotnetcore2.1, dotnetcore3.1, go1.x, java8, java8.al2, java11, nodejs12.x, nodejs10.x, python3.8, etc. Developers can also provide their images based on Linux kernels.
  3. Deploy large files and packages: Now, the container images of up to 10 GB can be deployed as opposed to the earlier limit of 50 MB of zip files.

Another advantage of this approach is that you can save a considerable amount of money.  You are not paying for the resources, which you are not using. You are billed only when your application is using those resources.

Also, now the execution time for Lambda’s billing will be rounded up to the nearest millisecond (instead of being rounded up to the nearest 100ms as earlier).

How It Works

Containerized applications can be deployed to AWS Lambda in three simple steps:

  1. Prepare a container definition that implements the Lambda runtime interface.
  2. Build the container image and publish it to Amazon Elastic Container Registry (ECR).
  3. Deploy an AWS Lambda, grant it access to the ECR, and point to the container image.

Demo Setup

  1. A basic python application that can read and print the content of a data file is uploaded to an S3 bucket.
  2. The containerized application is deployed to AWS Lambda using Amazon Elastic Container Registry (ECR).
  3. A sample data file having JSON content is uploaded to an S3 bucket.
  4. This data file upload triggers the invocation of the Lambda function created as a part of step number two.
  5. Once invoked, the Lambda function will read and print the content of the S3 data file to AWS CloudWatch logs.

Architecture

Graphical user interface

Prerequisite

Amazon Web Services CLI must be configured on the Docker client machine.

Steps

  • Create a basic python file 'lambda.py' with the code below

     

    import json
    import boto3

    def handler(event, context):
        s3_client = boto3.client('s3')
        s3_clientobj = s3_client.get_object(Bucket='lambda-container-demo', Key='data.txt')

        for line in s3_clientobj['Body'].iter_lines():
            object = json.loads(line)
            print(f"Name: {object['name']['s']} ID: {object['id']['n']}")
        print("Lambda execution Completed...!")

  • Create 'data.txt' file and add the content below (or similar) to it

    {"name":{"s":"Aryan"}, "id":{"n": 1}}
    {"name":{"s":"Gupta"}, "id":{"n": 2}}

  • Create ‘Dockerfile’ with the code below

    FROM public.ecr.aws/lambda/python:3.6
    COPY lambda.py ${LAMBDA_TASK_ROOT}
    CMD [ "lambda.handler" ]

  • Build the Docker container image using the command below

    docker build . -t lambda-python-container-image:v1

  • Create an AWS ECR repository where the newly created Docker image is pushed

    aws ecr create-repository --repository-name demo-repo-for-lambda --image-scanning-configuration scanOnPush=true --region us-east-1

  • Create an AWS ECR repository where the newly created Docker image is pushed

    aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin .dkr.ecr.us-east-1.amazonaws.com

  • Tag the Docker container image to push it to the ECR repository

    docker tag lambda-python-container-image:v1 .dkr.ecr.us-east-1.amazonaws.com/demo-repo-for-lambda:v1

  • Push the container image to the ECR repository

    docker push .dkr.ecr.us-east-1.amazonaws.com/demo-repo-for-lambda:v1

  • Create AWS Lambda function with the configuration below (the console way of creating AWS Lambda is very straightforward)
    • On the ‘Create function’ screen, select the 'Container image' option
    • Use the 'Browse images' to select the Docker image that was pushed to the ECR repository
    • Under the ‘Permissions’ section, select the option 'Create a new role with basic Lambda permissions'.
  • Create an AWS S3 bucket using the command below

    aws s3 mb s3://lambda-container-demo

  • Add an S3 trigger of type 'All object create events' to the Lambda function so that it gets invoked as soon as the 'data.txt' file gets uploaded to the 'lambda-container-demo' bucket
  • Using IAM, assign the 'AmazonS3ReadOnlyAccess' policy to the IAM role created by the Lambda function
  • Upload the ‘data.txt’ file to the newly created AWS S3 bucket using the command below

    aws s3 cp data.txt s3://lambda-container-demo

  • As soon as the file to the S3 bucket is successfully uploaded, the Lambda function will be triggered, and the output below will be printed in CloudWatch logs

    CloudWatch logs

Conclusion

With the new container image support for Lambda, a Docker container can be used to package your custom code and dependencies for Lambda functions. The 10 GB deployment package limit makes it possible to deploy larger workloads that do not fit into the existing 50 MB quota for zip files.

With the new container image support for Lambda, Docker can be used to package your custom code and dependencies for Lambda functions

In this blog, we have seen how to build a container image, and configure AWS Lambda to run it.

References

https://aws.amazon.com/blogs/compute/using-container-image-support-for-aws-lambda-with-aws-sam/

https://www.serverless.com/blog/container-support-for-lambda