Select your cookie preferences

We use cookies and similar tools to enhance your experience, provide our services, deliver relevant advertising, and make improvements. Approved third parties also use these tools to help us deliver advertising and provide certain site features.

Resources for AWS Lambda Under the Hood, QCon SF 2023

AWS Lambda Under the Hood

AWS Lambda is a serverless compute service running at a massive scale! Supporting packages of up to 10GiB while allowing over 15K new containers per second (for a single customer) and serving millions of TPS across millions of unique workflows is a challenging problem. Delivering all this with low startup times (sub-50ms) required innovative storage, caching, and chunk loading techniques. This talk will cover how Lambda is built and how we had to modify the architecture to support 10GiB payloads. You will walk away with insights on how to think about your own cloud based architecture and some key internals about Lambda to help you make the most out of it.

AWS Lambda Under the Hood

AWS Lambda

Run code without thinking about servers or clusters. Run code without provisioning or managing infrastructure. Simply write and upload code as a .zip file or container image.

Firecracker

Firecracker is an open source virtualization technology that is purpose-built for creating and managing secure, multi-tenant container and function-based services.

AWS Builders Library

The Amazon Builders’ Library is a collection of living articles that describe how Amazon develops, architects, releases, and operates technology. The content in The Builders’ Library is written by Amazon’s senior technical leaders and engineers covering topics across architecture, software delivery, and operations.

Starting up faster with AWS Lambda SnapStart

AWS Lambda SnapStart is a new performance optimization developed by AWS that can significantly improve the startup time for applications.

On-demand Container Loading in AWS Lambda

AWS Lambda is a serverless event-driven compute service, part of a category of cloud compute offerings sometimes called Function-as-a-service (FaaS).

Propagating reseed notifications to user space

User space often implements PRNGs that use /dev/random as entropy source. We can not expect that this randomness sources stay completely unknown forever.

Flush+Flush: A Fast and Stealthy Cache Attack

Research on cache attacks has shown that CPU caches leak significant information. Proposed detection mechanisms assume that all cache attacks cause more cache hits and cache misses than benign applications and use hardware performance counters for detection.

FLUSH+RELOAD: a high resolution, low noise, L3 cache side-channel attack

Sharing memory pages between non-trusting processes is a common method of reducing the memory footprint of multi-tenanted systems. In this paper we demonstrate that, due to a weakness in the Intel X86 processors, page sharing exposes processes to information leaks.

Mike Danilov

Presented by Mike Danilov

Mike Danilov is a Senior Principal Engineer with AWS Lambda. He is currently focused on virtualization technologies, which would enable next generation of execution environments to run customer code on-demand. Mike works on various projects across multiple technologies and time zones. Mike has been with AWS since 2013 and worked in EC2 Virtual Private Cloud organization before joining AWS Lambda. In this capacity, Mike worked with infrastructure data plane teams to deliver fast, reliable and feature-rich networking experience for EC2 customers. Prior to AWS, Mike spent over 8 years working in financial industry. He led development of a high frequency trading system for the global investment bank.

Follow on LinkedIn