How I migrate a Node.js App to Serverless using Lambda & API Gateway & Terraform
I’ve started diving in AWS six months ago. Before I was working as a System Engineer for eCommerce company which the infrastructure was managed in Datacenter.
One of my first project on AWS world was to migrate a legacy React.js web app to AWS. I’ve chosen to build this application without server because I did not want to manage server configuration (packaging, update, Security…)
and mostly use all the power of AWS for Building Serverless app.
In this post, I will describe all the step that I realised in order to do it. I will only focus on the terraform code for building the infrastructure, not on the app code (react.js for webapp and python for lambda…).
The post is for people who have already a background on terraform and AWS and who are interested in building serverless infrastructure.
Step 0 : List of AWS Resources
Route 53 : For friendly DNS.
CloudFront: For low latency when accessing the application in the world.
API Gateway: For API which send requests to lambda function.
Lambda: For processing, requests send by API Gateway.
RDS: For persisting data.
CloudWatch: For Getting logs of lambda, API Gateway and RDS.
You will not able to see values of the parameters in the terraform code. I’ve stored them in consul
Step 1: Building Database and migrate data — RDS MySQL
RDS it’s not really a serverless service but the legacy application used MySQL as database so with did not have the choice but to use RDS. The serverless database for AWS is DynamoDB or Aurora Serverless.
In order to connect on the database or give the right to the app to perform the operation on it, you need to specify a security group and rules which will define it.
The database was on a private subnet (AWS recommendation), so you need to attach it on your desired private subnet of your VPC
Step 2: Building S3 which serve as frontend
As mentioned above, the code of frontend was stored on bucket. This bucket is using as the origin of Cloudfront distribution. The main advantage of S3, you don’t need to manage the infrastructure behind, AWS takes care of that. It’s really good for building static website.
In my case I gave access for everyone to get file on this bucket. You could restrict access only for Cloudfront, it was not necessary for our need.
Step 3: Building CloudFront
Cloudfront it’s a lovely tool to use when your website is distributed all over the world. It helps to considerably reduce the latency of accessing your application by caching the content close to the location of the users.
Step 4: Building Route53
Route53 is the AWS service for managing DNS. In our case, it was a specific demand of client to have friendly URL. In the example below the code will create this DNS record: tuto.thehktech.com.
Step 5: Building API Gateway
API Gateway is a powerful service which helps to design and implement quickly API endpoint.
Step 6: Building Lambda & Security Group
Lambda is the core of the app. It’s the main AWS service for building Serverless APP. With lambda as S3, you don’t care about ops problems, you simply need to focus on your code. Lambda support multiple programming language (Python, Node.js, Go, Java…), for my project I wrote it on Python 3.6.
The lambda code was archived in zip stored on the bucket (I used Ansible to automate to upload my code on S3)
By default lambda do not have any right to access and perform actions on AWS Resources that why you needed to create a role. The role contains the policy which defines what actions lambda have the right to do.
I gave the right for my lambda to send log to cloudwatch and send monitoring notification through SNS.
Lamda function needed to connect to the database, that why I specified a security group to allow from RDS the lambda requests.
Step 6: Deploy your Terraform Code
When all the previous steps have been completed, the infrastructure has been build through these terraform commands.
Step 7: Enjoy Your Serverless APP