Skip to content

Commit

Permalink
Merge pull request #6 from myyrakle/lambda-server-poor
Browse files Browse the repository at this point in the history 
Lambda server poor
  • Loading branch information
@myyrakle
myyrakle authored May 7, 2023
2 parents 52f3280 + 69151cb commit 36d97a6
Show file tree
Hide file tree
Showing 12 changed files with 276 additions and 1 deletion.
1 change: 1 addition & 0 deletions .gitignore
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,6 @@
.terraform
tfvars/
*.tfvars
*.exe
*.backup
*.tfstate
Expand Down
1 change: 0 additions & 1 deletion aws/ecs-server/rolling-update/variables.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,6 @@ variable "environment" {
type = string
}


// 서버명 (server_name-environment 형태로 구성됩니다.)
variable "server_name" {
description = "The name of the server machine you want to create."
Expand Down
3 changes: 3 additions & 0 deletions aws/lambder-server/README.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
# lambda server

- Lambda 기반의 웹서버 구성입니다.
25 changes: 25 additions & 0 deletions aws/lambder-server/function_url/.terraform.lock.hcl
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

45 changes: 45 additions & 0 deletions aws/lambder-server/function_url/README.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,45 @@
# Lambda web Server with function URL

- 가난한 이들을 위한 Lambda 기반의 간단한 웹서버 세팅
- 장점: 비용이 0부터 시작함. 트래픽이 한달 호출 100만건을 넘지 않으면 비용이 부과되지 않음
- 단점: 커스텀 도메인을 달 수 없음.

## 리소스 구성

1. Lambda
2. Lambda Function URL
3. Github Action (직접 구성. 예시는 아래에)
4. DynamoDB

## 프로젝트 템플릿

- 현재는 Axum 서버만 고려한 상태입니다.

### Axum(Rust)

- [템플릿](https://github.com/myyrakle/axum_serverless_template) 프로젝트를 clone하거나 fork해서 사용합니다.

## before

1. github에 레포지토리를 생성합니다.
2. github sercet에 AWS_ACCESS_KEY_ID와 AWS_SECRET_ACCESS_KEY를 추가합니다.

---

## parameter 설정

- 자세한 것은 [](./variables.tf)에서 확인하거나 수정할 수 있습니다.

### required parameter

1. region: 리전 정보입니다. 서울이라면 ap-northeast-2 값을 넘겨줍니다.
2. environment: 환경 정보입니다. server_name과 조합되어 고유의 리소스 이름을 형성합니다. prod, stage, dev 등의 값을 설정하면 됩니다.
3. server_name: 서버명입니다. environment와 조합해서 고유의 리소스 이름을 형성합니다.

### optional parameter

1. lambda_runtime: 람다 런타임. 현재는 커스텀(provided.al2)만 고려해둔 상태입니다.
2. lambda_layers: 컨테이너 포트포워딩 설정입니다.
3. cors_allow_origins: cors 설정. Frontend(브라우저)와 연동할 경우 와일드카드(\*)를 삭제하고 해당 호스트 주소를 추가합니다.
4. cors_allow_headers: cors 설정
5. cors_expose_headers: cors 설정
Binary file added aws/lambder-server/function_url/codes/axum.zip
View file
Binary file not shown.
29 changes: 29 additions & 0 deletions aws/lambder-server/function_url/dynamo.tf
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,29 @@
# 테이블을 여기에서 정의합니다.

// 유저 테이블
resource "aws_dynamodb_table" "user-table" {
name = "${local.resource_id}-user"
billing_mode = "PAY_PER_REQUEST"
hash_key = "uuid"
# range_key = ""

attribute {
name = "uuid"
type = "S"
}

attribute {
name = "email"
type = "S"
}

// 글로벌 보조 인덱스
global_secondary_index {
name = "email-index"
hash_key = "email"
// range_key = ""
projection_type = "ALL"
}

tags = local.tags
}
12 changes: 12 additions & 0 deletions aws/lambder-server/function_url/locals.tf
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,12 @@
data "aws_caller_identity" "current" {}

locals {
tags = {
Environment = var.environment
Application = var.server_name
}

resource_id = join("-", [var.server_name, var.environment])

account_id = data.aws_caller_identity.current.account_id
}
47 changes: 47 additions & 0 deletions aws/lambder-server/function_url/main.tf
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,47 @@
terraform {
required_providers {
# 일종의 라이브러리 로드
aws = {
source = "hashicorp/aws"
version = "~> 4.16"
}
}

required_version = ">= 1.2.0"
}

provider "aws" {
region = var.region
}

resource "aws_lambda_function" "lambda" {
description = "A lambda function for ${local.resource_id}}"
function_name = local.resource_id
role = aws_iam_role.lambda_role.arn
layers = var.lambda_layers
runtime = var.lambda_runtime
handler = "hello.handler"
filename = "codes/axum.zip"

environment {
variables = {
ServerName = var.server_name
ENVIRONMENT = var.environment
}
}
}

// Function Url
resource "aws_lambda_function_url" "release_url" {
function_name = aws_lambda_function.lambda.function_name
authorization_type = "NONE"

cors {
allow_credentials = true
allow_origins = var.cors_allow_origins
allow_methods = ["*"]
allow_headers = var.cors_allow_headers
expose_headers = var.cors_expose_headers
max_age = 86400
}
}
9 changes: 9 additions & 0 deletions aws/lambder-server/function_url/outputs.tf
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,9 @@
output "function_url" {
value = aws_lambda_function_url.release_url.function_url
description = "Function Url"
}

output "function_name" {
value = aws_lambda_function_url.release_url.function_name
description = "Function Name"
}
48 changes: 48 additions & 0 deletions aws/lambder-server/function_url/roles.tf
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,48 @@
// Lambda Role
resource "aws_iam_role" "lambda_role" {
name = local.resource_id
assume_role_policy = jsonencode({
Version = "2012-10-17"
Statement = [
{
"Effect" : "Allow",
"Principal" : {
"Service" : ["lambda.amazonaws.com"]
},
"Action" : [
"sts:AssumeRole"
]
}
]
})

inline_policy {
name = "root"
policy = jsonencode({
Version = "2012-10-17"
Statement = [
{
"Sid" : "SpecificTable",
"Effect" : "Allow",
"Action" : [
"dynamodb:BatchGet*",
"dynamodb:DescribeStream",
"dynamodb:DescribeTable",
"dynamodb:Get*",
"dynamodb:Query",
"dynamodb:Scan",
"dynamodb:BatchWrite*",
"dynamodb:CreateTable",
"dynamodb:Delete*",
"dynamodb:Update*",
"dynamodb:PutItem"
],
"Resource" : [
// 테이블을 추가할 때마다 여기에도 리소스를 추가해줍니다.
"arn:aws:dynamodb:*:*:table/${local.resource_id}_user"
]
}
]
})
}
}
57 changes: 57 additions & 0 deletions aws/lambder-server/function_url/variables.tf
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,57 @@
// 리전
variable "region" {
description = "region"
type = string
}

// tag 및 리소스 이름 구성에 사용됨
variable "environment" {
description = "environment info. (e.g: prod, dev, stage, test)"
type = string
}

// 서버명 (server_name-environment 형태로 구성됩니다.)
variable "server_name" {
description = "The name of the server machine you want to create."
type = string
}

// Lambda runtime
// https://docs.aws.amazon.com/lambda/latest/dg/API_CreateFunction.html#SSS-CreateFunction-request-Runtime 참조
// 커스텀 런타임은 provided.al2, provided
// nodejs | nodejs4.3 | nodejs6.10 | nodejs8.10 | nodejs10.x | nodejs12.x | nodejs14.x | nodejs16.x | java8 | java8.al2 | java11 | python2.7 | python3.6 | python3.7 | python3.8 | python3.9 | dotnetcore1.0 | dotnetcore2.0 | dotnetcore2.1 | dotnetcore3.1 | dotnet6 | nodejs4.3-edge | go1.x | ruby2.5 | ruby2.7 | provided | provided.al2 | nodejs18.x | python3.10 | java17
variable "lambda_runtime" {
description = "lambda runtime"
type = string
default = "provided.al2"
}

// Lambda layers
variable "lambda_layers" {
description = "layer arn list"
type = list(string)
default = []
}

// cors 설정
// Frontend(브라우저)와 연동할 경우 와일드카드(*)를 삭제하고 해당 호스트 주소를 추가합니다.
variable "cors_allow_origins" {
description = "cors allow origins"
type = list(string)
default = ["*"]
}

// cors 설정
variable "cors_allow_headers" {
description = "cors allow headers"
type = list(string)
default = ["date", "keep-alive", "content-type", "authorization"]
}

// cors 설정
variable "cors_expose_headers" {
description = "cors expose headers"
type = list(string)
default = ["date", "keep-alive"]
}

0 comments on commit 36d97a6

Please sign in to comment.