简体繁体 English

使用API Gateway，Lambda，Cognito，S3，Dynamodb部署AWS Global基础架构

[英]Deploying AWS Global infrastructure with API Gateway, Lambda, Cognito, S3, Dynamodb

原文 2016-09-30 08:59:40 9 3 amazon-web-services/ aws-lambda/ aws-api-gateway/ amazon-route53

Let say I need an API Gateway that is going to run Lambdas and I want to make the best globally distributed performing infrastructure. 假设我需要一个运行Lambdas的API网关，并且我希望创建最佳的全球分布式执行基础架构。 Also, I will use Cognito for authentication, Dynamodb, and S3 for user data and frontend statics. 此外，我将使用Cognito进行身份验证，Dynamodb和S3用于用户数据和前端静态。

My app is located at myapp.com 我的应用程序位于myapp.com

First the user get the static front end from the nearest location: 首先，用户从最近的位置获取静态前端：

user ===> edge location at CloudFront <--- S3 at any region (with static front end) user ===> CloudFront的边缘位置<---任何地区的S3（带静态前端）

After that we need to comunicate with API Gateway. 之后我们需要与API Gateway通信。

user ===> API Gateway ---> Lambda ---> S3 || user ===> API Gateway ---> Lambda ---> S3 || Cognito || Cognito || Dynamodb Dynamodb

API Gateway can be located in several regions, and even though is distributed with CloudFront, each endpoint is pointing to a Lambda located at a given region: Let say I deploy an API at eu-west-1. API网关可以位于多个区域，即使与CloudFront一起分发，每个端点也指向位于给定区域的Lambda：假设我在eu-west-1部署API。 If a request is sent from USA, even if my API is on CloudFront, the Lambda it runs is located at eu-west-1, so latency will be high anyway. 如果从美国发送请求，即使我的API在CloudFront上，它运行的Lambda也位于eu-west-1，因此延迟也会很高。

To avoid that, I need to deploy another API at us-east-1 and all my Lambdas too. 为了避免这种情况，我需要在us-east-1和我所有的Lambdas上部署另一个API。 That API will be pointing to those Lambdas 该API将指向那些Lambdas

If I deploy one API for every single region, I would need one endpoint for each one of them, and the frontend should decide which one to request. 如果我为每个区域部署一个API，我需要为每个区域配置一个端点，并且前端应该决定请求哪个端点。 But how could we know which one is the nearest location? 但我们怎么知道哪一个是最近的位置？

The ideal scenario is a single global endpoint at api.myapp.com , which is going to go to the nearest API Gateway which runs the Lambdas located in that region too. 理想情况是api.myapp.com的单个全局端点， api.myapp.com转到最近的API网关，该网关也运行位于该区域的api.myapp.com 。 Can I configure that using Route 53 latency routing with multiple A records pointing to each api gateway? 我可以使用路由53延迟路由配置多个A记录指向每个api网关吗？

If this is not right way to do this, can you point me in the right direction? 如果这不是正确的方法，你能指出我正确的方向吗？

3 个解决方案

AWS recently announced support for regional API endpoints using which you can achieve this. AWS最近宣布支持区域API端点，您可以使用它来实现此目的。

Below is an AWS Blog which explains how to achieve this: 下面是一个AWS博客，解释了如何实现这一目标：

Building a Multi-region Serverless Application with Amazon API Gateway and AWS Lambda 使用Amazon API Gateway和AWS Lambda构建多区域无服务器应用程序

Excerpt from the blog: 摘自博客：

The default API endpoint type in API Gateway is the edge-optimized API endpoint, which enables clients to access an API through an Amazon CloudFront distribution. API Gateway中的默认API端点类型是边缘优化的API端点，它使客户端能够通过Amazon CloudFront分配访问API。 This typically improves connection time for geographically diverse clients. 这通常可以改善地理位置不同的客户端的连接时间。 By default, a custom domain name is globally unique and the edge-optimized API endpoint would invoke a Lambda function in a single region in the case of Lambda integration. 默认情况下，自定义域名是全局唯一的，边缘优化的API端点在Lambda集成的情况下将在单个区域中调用Lambda函数。 You can't use this type of endpoint with a Route 53 active-active setup and fail-over. 您不能将此类型的端点与Route 53主动 - 主动设置和故障转移一起使用。

The new regional API endpoint in API Gateway moves the API endpoint into the region and the custom domain name is unique per region. API网关中的新区域API端点将API端点移动到该区域，并且每个区域的自定义域名是唯一的。 This makes it possible to run a full copy of an API in each region and then use Route 53 to use an active-active setup and failover. 这使得可以在每个区域中运行API的完整副本，然后使用Route 53来使用主动 - 主动设置和故障转移。

Unfortunately, this is not currently possible . 不幸的是，这目前还不可行 。 The primarily blocker here is CloudFront. 这里的主要阻止者是CloudFront。 MikeD@AWS provides the info on their forums: MikeD @ AWS在其论坛上提供信息：

When you create a custom domain name it creates an associated CloudFront distribution for the domain name and CloudFront enforces global uniqueness on the domain name. 创建自定义域名时，它会为域名创建关联的CloudFront分配，CloudFront会对域名强制实施全局唯一性。

If a CloudFront distribution with the domain name already exists, then the CreateCloudFrontDistribution will fail and API Gateway will return an error without saving the domain name or allowing you to define it's associated API(s). 如果已存在具有域名的CloudFront分配，则CreateCloudFrontDistribution将失败，并且API Gateway将返回错误，而不保存域名或允许您定义其关联的API。

Thus, there is currently (Jun 29, 2016) no way to get API Gateway in multiple regions to handle the same domain name. 因此，目前（2016年6月29日）无法在多个区域中获取API网关来处理相同的域名。

AWS has no update on providing the needful since confirming existence of an open feature request on July 4, 2016. AWS Form thread for updates 自2016年7月4日确认存在开放功能请求以来，AWS没有提供必要的更新.AWS 表格更新线程

Checkout Lambda@Edge Checkout Lambda @ Edge

Q: What is Lambda@Edge? 问：什么是Lambda @ Edge？ Lambda@Edge allows you to run code across AWS locations globally without provisioning or managing servers, responding to end users at the lowest network latency. Lambda @ Edge允许您在全球范围内跨AWS位置运行代码，无需配置或管理服务器，以最低的网络延迟响应最终用户。 You just upload your Node.js code to AWS Lambda and configure your function to be triggered in response to Amazon CloudFront requests (ie, when a viewer request lands, when a request is forwarded to or received back from the origin, and right before responding back to the end user). 您只需将Node.js代码上传到AWS Lambda，并将您的功能配置为响应Amazon CloudFront请求而触发（即，当查看者请求登陆时，请求被转发或从原点接收，并且在响应之前回到最终用户）。 The code is then ready to execute across AWS locations globally when a request for content is received, and scales with the volume of CloudFront requests globally. 然后，当收到内容请求时，代码就可以在全球范围内的AWS位置执行，并随全局范围内的CloudFront请求量进行扩展。 Learn more in our documentation. 在我们的文档中了解更多

Usecase, minimizing latency for globally distributed users 用例，最大限度地减少全球分布用户的延迟

Q: When should I use Lambda@Edge? 问：我什么时候应该使用Lambda @ Edge？ Lambda@Edge is optimized for latency sensitive use cases where your end viewers are distributed globally. Lambda @ Edge针对终端查看器全局分布的延迟敏感用例进行了优化。 Ideally, all the information you need to make a decision is available at the CloudFront edge, within the function and the request. 理想情况下，您可以在CloudFront边缘，功能和请求中获得做出决策所需的所有信息。 This means that use cases where you are looking to make decisions on how to serve content based on user characteristics (eg, location, client device, etc) can now be executed and served right from the edge in Node.js-6.10 without having to be routed back to a centralized server. 这意味着您现在可以从Node.js-6.10中的边缘执行和提供有关如何根据用户特征（例如，位置，客户端设备等）来决定如何提供内容的用例，而无需被路由回中央服务器。