This page gives a detailled overview of all techiques used for this project.
- User pushes new commit to Github
- Github creates webhook for AWS CodeBuild
- New Docker-Image is created and pushed to ECR
- Client sends http-request to URL assigned to CloudFront Distribution.
- CloudFront reads/caches static content from public S3 Bucket.
- Http-response is sent to Client.
- Client sends http-request to URL assigned to CloudFront Distribution.
- CloudFront reads/caches vectortiles from S3 Bucket.
- Temporary-redirect (307) to tileserver if vectortile is not available on S3.
- Tileserver generates vectortile with data from RDS-postgres-instance, sends it to client and also stores it on S3.
The database-instance MUST support at least postgis 2.4.0. Otherwise vectortiles can't be created.
aws-tileserver supports configurable REST-endpoints for vector tiles according to Vector Tile Specification 2.1. Each endpoint provides access to a vectortile with configurable layers.
Each layer is resolved to the following query:
(SELECT ST_AsMVT(q, '${layer.name}', ${layerExtend}, 'geom') as data FROM
(SELECT ${prefix}ST_AsMvtGeom(
${geom},
${bbox},
${layerExtend},
${buffer},
${clip_geom}
) AS geom${keys}
FROM ${layer.table} WHERE (${geom} && ${bbox})${where}${postfix}) as q)
All resulting layers are merged into one SQL query:
SELECT ( [${layer1} [|| ${layer2} [|| ...]] ) as data
- 990 (+5 for warm-up) HTTP/2-Requests (IPv4) were made to
https://tileserver.cyclemap.link/local/14/8691/5677.mvt - Everything is deployed to
eu-central-1 - Client timing was collected with curl (see
tools/benchmark.sh) - Lambda durations were collected from CloudWatch
- The raw results can be found in
docs/benchmark.ods
Move database to Serverless Aurora PostgreSQL to reduce monthly costs.Won't do. Resume after pause is 30s+ and keeping 2 ACUs hot at all times is too expensive.Evaluate Data API for Aurora Serverless.Won't do. See above. According to this review, performance also seems bad compared to API-calls.move terraform-state to s3-bucket.Done!- Security-Review for Lambda-Code (e.g. SQL-Injection, ...)
Change all scripts to use Postgres environment variables (PGUSER, ...)Only relevant for database processing. Is out of scope here.- Omit Postgres credentials altogether and use IAM-role instead
move lambda-function out of VPC to reduce cold-start-timeNot needed anymore. See https://aws.amazon.com/blogs/compute/announcing-improved-vpc-networking-for-aws-lambda-functions/- Add raster endpoint with node-mapbox-gl-native to serve pre-rendered raster-images.
- Check how blue-green deployments could be realized with API Gateway and Lambda.
- https://docs.aws.amazon.com/lambda/latest/dg/programming-model.html
- https://medium.com/@anjanava.biswas/nodejs-runtime-environment-with-aws-lambda-layers-f3914613e20e
- https://mikhail.io/serverless/coldstarts/aws/
- https://www.josephecombs.com/2018/03/05/how-to-make-an-AWS-S3-static-website-with-ssl
- https://medium.com/@adil/how-to-send-an-image-as-a-response-via-aws-lambda-and-api-gateway-3820f3d4b6c8
- http://erajasekar.com/posts/how-to-setup-subdomain-for-aws-api-gateway/
- https://stackoverflow.com/questions/17193647/difference-between-an-a-rec-and-cname-in-route53
- https://docs.aws.amazon.com/AmazonS3/latest/dev/how-to-page-redirect.html
- https://stackoverflow.com/questions/45773074/cloudfront-responds-with-403-forbidden-instead-of-triggering-lambda
- CloudFront cache settings
- Mocking aws-sdk with jest
- https://blog.atomist.com/typescript-imports/
- https://github.com/gotwarlost/istanbul/blob/master/ignoring-code-for-coverage.md
- https://lucybain.com/blog/2018/js-es6-spread-operator/
- https://learn.hashicorp.com/terraform/aws/lambda-api-gateway
- How to manage Terraform state - A guide to file layout, isolation, and locking for Terraform projects