Serverless Computing | Overview.

 

Here’s twtech concise overview of Serverless computing in the context of AWS and modern cloud architecture:

NB: 

Serverless were initially  managed as FaaS (Function as a Service) 

The concept:  Serverless

Serverless is a cloud computing model where twtech focuses only on writing code, and the cloud provider handles the infrastructure — including provisioning, scaling, and maintenance of servers.

Despite the name, there are still servers — but twtech doesn’t manage them.

 Key Characteristics of Serverless:

Feature	Description
No server management.	twtech doesn’t provision, scale, or manage servers.
Automatic scaling.	Apps scale up/down based on demand automatically.
Pay-per-use.	twtech only pay for the compute time or executions used.
Event-driven.	Functions or services are triggered by events (e.g., HTTP requests, file uploads, database changes).
Quick deployment.	Faster time-to-market and simplified development workflows.

 Common Serverless Services on AWS:

Service	Purpose
AWS Lambda.	Run backend code/functions without managing servers.
Amazon API Gateway.	Create REST or WebSocket APIs to trigger Lambda or other services.
AWS Fargate.	Run containers without managing EC2 instances.
AWS App Runner.	Deploy web apps and APIs from containers or source code — fully managed.
Amazon DynamoDB.	Serverless NoSQL database — auto-scales and manages throughput.
Amazon S3.	Serverless storage for static files, websites, backups, etc.
AWS Congnito.	It allows developers to add user sign-up, sign-in, and access control to their applications, supporting millions of users.
AWS Kinesis Data Firehose.	Facilitates the delivery of real-time streaming data to various destinations.
Aurora Severless.	It automatically starts up, shuts down, and scales capacity up or down.
Step Function.	To create and manage serverless applications, automating tasks that might involve multiple services and steps.
Amazon EventBridge / SNS / SQS.	Event buses, notifications, and queues for building event-driven apps.

When to Use Serverless:

twtech wants to reduce operational overhead
twtech app has variable or unpredictable traffic
twtech is building microservices, APIs, or event-driven apps
twtech needs to rapidly develop and iterate

 When NOT to Use Serverless:

twtech needs fine-grained control over twtech infrastructure.
twtech runs long-running or stateful processes.
twtech requires specific OS/kernel-level access.
twtech workloads are constant and predictable — sometimes reserved instances are more cost-effective.

twtech insight:

Serverless is about maximizing focus on twtech code and minimizing infrastructure concerns.
It’s ideal for scalable, cost-efficient, and agile application development.

AWS App2Container (A2C) I Overview.

AWS App2Container (A2C) Overview

AWS App2Container (A2C) is a command-line tool that helps enterprises modernize legacy applications by containerizing existing applications running on virtual machines (VMs...whether it's on-premises or an EC2 VM.) or bare metal servers without requiring code changes.

 Key Features

Feature	Description
Automated Containerization.	Automatically identifies application artifacts and dependencies.
Supports Multiple Platforms.	Works with Java and .NET (Windows/Linux) applications.
Generates Docker Artifacts.	Produces Dockerfiles and container images.
Infrastructure-as-Code Output.	Generates ECS, EKS, and App Runner deployment artifacts.
Integration with AWS Services.	Integrated with AWS CodeBuild, ECS, EKS, and App Runner.

 Supported Application Types

• Java Applications:
• Standalone JARs
• Spring Boot
• Tomcat-based applications
• .NET Applications:
• .NET Framework (Windows only)
• .NET Core (Windows/Linux)

 How AWS App2Container Works

1. Install A2C CLI on the VM or server hosting the application.
2. Inventory and Analyze the application.
3. Containerize:
• A2C creates a Dockerfile, container image, and ECS/EKS/App Runner artifacts.
4. Deploy:
• Deploy the container image to ECS, EKS, or App Runner using generated IaC templates.

Output Artifacts

• Dockerfile
• ECS Task Definition / EKS Kubernetes YAML / App Runner config
• CloudFormation templates
• Container image (built locally or with CodeBuild)

 Deployment Targets

Service	Use Case
Amazon ECS.	Simple container orchestration
Amazon EKS.	Kubernetes-based orchestration
App Runner.	Serverless container deployments

Benefits

• Speeds up container adoption.
• Reduces migration effort.
• Maintains application behavior.
• Simplifies deployment on AWS container services.

 Example Use Case

A company with a legacy Java app running on EC2:

• Installs A2C on the EC2 instance.
• Runs A2C to detect and containerize the app.
• Deploys it to ECS using generated CloudFormation templates.

Here is a step-by-step guide with commands to help use AWS App2Container (A2C) to containerize an existing application.

Step-by-Step Guide to Use AWS App2Container

Prerequisites:

·        EC2 instance or on-premise VM where twtech app is running.

·        AWS CLI configured (aws configure)

·        Admin privileges on the host

·        Docker installed

·        App2Container installed

Step 1: Install App2Container

Download and install A2C on the application server:

Linux:

# bash

curl -O https://d1.awsstatic.com/managed-files/AWS-App2Container-Installer.zip

unzip AWS-App2Container-Installer.zip

sudo ./install.sh

Windows (PowerShell):

# powershell

Invoke-WebRequest -Uri https://d1.awsstatic.com/managed-files/AWS-App2Container-Installer.zip -OutFile A2C.zip

Expand-Archive -Path A2C.zip -DestinationPath .

.\install.ps1

Step 2: Initialize A2C

Initialize A2C to set up the workspace:

# bash 

app2container init

twtech will be prompted to configure:

• Application artifact storage (e.g., S3 bucket)
• AWS Region
• Container registry (ECR)
• IAM roles or profiles

Step 3: Inventory the Running Applications

Scan for running apps on the instance:

# bash

app2container inventory

This returns a list of detected applications with an application-id.

Step 4: Analyze the Application

Choose an application ID from the inventory and analyze it:

# bash

app2container analyze --application-id app-id

This gathers dependencies, open ports, and startup processes.

Step 5: Containerize the Application

Generate Dockerfile, ECS/EKS/App Runner artifacts, and optionally build image:

# bash

app2container containerize --application-id app-id

twtech will get:

• Dockerfile
• Deployment YAML/JSON
• Image (if built locally)

Step 6: Deploy the Container (Optional)

twtech can deploy using one of the provided CloudFormation templates.

To ECS:

# bash

app2container generate app-deployment --application-id app-id --deploy ECS

To EKS:

#  bash

app2container generate app-deployment --application-id app-id --deploy EKS

To App Runner (only for web apps):

# bash

app2container generate app-deployment --application-id app-id --deploy apprunner

Then use the generated CloudFormation template to deploy:

# bash

aws cloudformation deploy --template-file twtech-a2c-template.yaml --stack-name twtech-app-stack

After Deployment

• twtech application is now running in a container.
• Logs, health checks, and scaling are managed by the target AWS service.

AWS App Runner Service | Overview & Hands-On.

 

Here's twtech overview of AWS App Runner:

 AWS App Runner – Service Overview

AWS App Runner is a fully managed container application service that allows twtech to quickly deploy and run web apps and APIs without managing servers, containers, or infrastructure.

 Key Features

Feature	Description
Fully managed.	No servers or clusters to manage—AWS handles scaling, load balancing, patching, and deployment.
Container-based.	Deploy directly from container images (from ECR or public registries) or source code (from GitHub).
Automatic scaling.	Scales up and down based on incoming traffic.
HTTPS out-of-the-box.	Automatic TLS with a custom domain support.
Built-in CI/CD.	App Runner can rebuild and redeploy apps on new code commits.
VPC connectivity.	Can securely connect to VPC resources (e.g., RDS, Redis).
Observability.	Integrated with CloudWatch logs and X-Ray tracing.

 How AWS App Runner Works

twtech can deploy apps to App Runner using two main sources:

1. Source Code (e.g., GitHub repo)
• App Runner builds the container using a build pipeline and deploys it.
• Requires a configuration file (apprunner.yaml or build settings in console).
2. Container Image
• Push twtech container image to Amazon ECR or use a public registry like Docker Hub.
• App Runner directly deploys the image.

 Typical Use Cases

• Microservices & APIs
• Web apps and frontend servers
• Prototypes, MVPs, or developer previews
• Backend services that need HTTPS and autoscaling without operational overhead

 Security & Networking

• IAM roles for deployment and runtime.
• HTTPS endpoints by default.
• Custom domains with TLS.
• Private VPC access to connect to RDS, ElastiCache, etc.
• Ingress VPC connector for private App Runner services.

 Monitoring & Observability

• Amazon CloudWatch Logs: App logs.
• AWS X-Ray: Application tracing.
• Metrics: CPU, memory, request count, response times.

 Pricing Overview

Pricing is based on usage, including:

• vCPU and memory provisioned during app runtime.
• Active requests and compute time.
• Build time (when using source-based deployment).

twtech Example:

• twtech pays per second of compute + memory while its service is handling requests.
• App Runner automatically scales down to zero (not always zero cost, depending on idle config).

 Sample Architecture

# css(Cascading Style Sheets)

[GitHub/ECR] ──> [App Runner] ──> [Internet Users]

                            └─> [RDS in VPC]

                            └─> [CloudWatch, X-Ray]

 Advantages

• Very fast to go from code → deploy.
• No infra to manage.
• Autoscaling with zero config.
• Secure out-of-the-box.

 Limitations

• Less control over low-level configurations (e.g., no custom load balancer).
• Limited runtime customization (compared to ECS/Fargate).
• Doesn't support WebSockets or long-lived connections well.
• Cold start delay when scaling from zero.

Project: Hands-On

To push an image to the ecr repo, twtech needs IAM role created: twtech-ecr-role

Prerequisite:

·       Aws configure from terminal,

·       Terraform installed and accessed from terminal,

·       Modules with codes,

·       Elastic Container Registry..ECR (public & private) in aws.

Install aws cli on wsl (Ubuntu)

sudo snap install aws-cli --classic

Verify the version of aws cli installed:

aws --version

Install terraform on system: local bin directory

Step-by-Step Installation via HashiCorp APT Repository (Recommended)

Run the exe setup in the extracted folder: to intall

To install Terraform on an Ubuntu system, follow these steps:

1. Update the system and install required packages: Curl

# bash

 

sudo apt update && sudo apt install -y gnupg software-properties-common curl

Verify the version of curl package manager install:

curl --version

2, Add the HashiCorp GPG key:

# bash

 

curl -fsSL https://apt.releases.hashicorp.com/gpg | sudo gpg --dearmor -o /usr/share/keyrings/hashicorp-archive-keyring.gpg

3, Add the official HashiCorp Linux repository:

# bash

 

echo "deb [signed-by=/usr/share/keyrings/hashicorp-archive-keyring.gpg] https://apt.releases.hashicorp.com $(lsb_release -cs) main" | sudo tee /etc/apt/sources.list.d/hashicorp.list

4, Update the package list:

# bash

 

sudo apt update

5, Install Terraform:

# bash

 

sudo apt install terraform

6, Verify the installation:

# bash

 

terraform –version

twtech sees something like:

# bash

 

Terraform v1.12.2

Alternative: Manual Installation (Download Binary)

1. Go to: https://developer.hashicorp.com/terraform/install
2. Download the appropriate .zip file for Linux.
3. Extract and move it to /usr/local/bin:

# bash

 

unzip terraform_*.zip

sudo mv terraform /usr/local/bin/

terraform -version

install and configure aws cli 

Naviagate into docker module to provision a server in aws,  using terraform code : while bootstrapping the packages.

Inspect the codes (file) : To ensure the configuration is okay for the resources referenced.

Bootstrapped script

Provider:

Resources:

Variables:

Initialize the modole

Format the codes:

Make a plan:

Verify whether that docker-trivy server is provision successfully form aws console with :  terraform code

Yes

SSH into server to Verify whether the packages were successfully bootstrapped: docker architecture and trivy image scanner.

Asw : UI

Verify whether docker engine is running, and enabled 

Verify version of trivy image scanner bootstrapped: trivy --version

Verify version of docker bootstrapped: docker --version

How twtech pull a docker image to the system: docker pull devopspatemf2021/webapps:latest

Image version:

List the image pulled: docker images

To tag the image and push to the ECR: twtech-pub-repo

Make sure aws-cli is installed

sudo snap install aws-cli --classic

And aws-cli configured: aws configure

Next:

Create IAM for ECR:

Search for the service: IAM

Create user : twtech-ecr-user

Attach a policy to the user: AmazonEC2ContainerRegistryFullAccess

Create policy:

View image push command for public ECR: twtech-pub-repo

Make sure that twtech has the latest version of the AWS CLI and Docker installed. For more information, see Getting Started with Amazon ECR .

Use the following steps to authenticate and push an image to twtech repository. For additional registry authentication methods, including the Amazon ECR credential helper, see Registry Authentication .

1. Retrieve an authentication token and authenticate twtech Docker client to its registry. Use the AWS CLI:

aws ecr-public get-login-password --region us-east-1 | docker login --username AWS --password-stdin public.ecr.aws/r3r4y7h7

Note: If twtech receives an error using the AWS CLI, it should make sure that it has the latest version of the AWS CLI and Docker installed.

2, Build your Docker image using the following command. For information on building a Docker file from scratch see the instructions here . twtech can skip this step if  its image is already built:

# docker build -t twtech-pub-repo . // not needed if image is already in dockerhub

3, After the build completes, tag twtech image so it can push the image to this repository:

docker tag devopspatemf2021/webapps:latest public.ecr.aws/r3r4y7h7/twtech-pub-repo:latest-webapp

4, Run the following command to push this image to twtech newly created AWS repository:

docker push public.ecr.aws/r3r4y7h7/twtech-pub-repo:latest-webapp

Verify on the public ECR created: twtech-pub-ecr-repo.

Yes: successfully pushed a docker image to ECR

Commands for private ECR: twtech-priv-repo

Make sure that twtech have the latest version of the AWS CLI and Docker installed. For more information, see Getting Started with Amazon ECR .

Use the following steps to authenticate and push an image to twtech repository. For additional registry authentication methods, including the Amazon ECR credential helper, see Registry Authentication .

1. Retrieve an authentication token and authenticate twtech Docker client to twtech registry. Use the AWS CLI:

aws ecr get-login-password --region us-east-2 | docker login --username AWS --password-stdin 98xxxxxxxxxx.dkr.ecr.us-east-2.amazonaws.com

Note: If twtech receives an error using the AWS CLI, it makes sure that it has the latest version of the AWS CLI and Docker installed.

2, Build twtech Docker image using the following command. For information on building a Docker file from scratch see the instructions here . twtech can skip this step if its image is already built:

# docker build -t twtech-priv-ecr-repo . // not needed

3, After the build completes, tag twtech image so it can push the image to this repository:

docker tag devopspatemf2021:latest: 980xxxxxx.dkr.ecr.us-east-2.amazonaws.com/twtech-priv-ecr-repo:latest-webapp

4, Run the following command to push this image to twtech newly created AWS repository:

docker push 98xxxxxxxx.dkr.ecr.us-east-2.amazonaws.com/twtech-priv-ecr-repo:latest-webapp

Verify that image is pushed to the private ECR: twtech-priv-ecr-repo

Yes: 

Addendum:

Youtube resource: https://www.youtube.com/watch?v=OBDiaKHK75c

How twtech  eventually uses aws app runner service to quickly deploy and access its applications

Search for aws service: aws app runner

Create aws app runner service name: twtech-webapp-runner-service

Source and deployment

Choose the source for your App Runner service and the way it's deployed. 

Image link: 98xxxxxxxxxxxx.dkr.ecr.us-east-2.amazonaws.com/twtech-priv-ecr-repo:latest-webapp

Source and deployment

Choose the source for your App Runner service and the way it's deployed.

Source and deployment

Deployment settings

Configure service

Auto scaling

Configure automatic scaling behavior.

Health check

Configure load balancer health checks.

Networking

Configure the way your service communicates with other applications, services, and resources.

Observability: Configure observability tooling.

Review and create

Step 1: Source and deployment

Step 2: Configure service

Auto scaling

Health check & Security

Networking , Observability & Tags

Create and deploy: twtech-app-runner

From : in progress of deployment 

To: successfully deployed 

How twtech accesses the application woth the default domain: https://8bdxxxxxx.us-east-2.awsapprunner.com/

twtech-webapp has a context path that must be added to the default domain to access the application:/twtech

https://8bdxxxxx.us-east-2.awsapprunner.com/twtech

To access the application event logs:

Log Events in CloudWatch:

How twtech deletes unwanted app runner : applications

Confirm and: delete