Product Guy, Serverless Advocate & Startup Veteran

My name is Jeremy Daly. I appreciate the visit. 👍 I’ve been managing the development of complex web and mobile applications for businesses across the globe for over 20 years. I’m currently the Chief Technology Officer at AlertMe, but I always keep myself busy with several side projects and consulting clients.

I write a lot about serverless and I like to share thoughts and stories about programmingproduct managemententrepreneurship and productivity. Sometimes I’ll write reviews or have random thoughts that I need to get out of my head. I also like to post a how-to article every once in a while. Feel free to jump in to one of the categories above, view all my posts, or view my latest posts below.

If you’d like to get updates, please subscribe to Off-by-none, my weekly newsletter that focuses on all things serverless. You can also follow me on TwitterGithub and Facebook.


My Latest Posts:

🚀 Project Update:

Lambda API: v0.10.1 Released

Lambda API v0.10.1 has been released to fix an issue with the "statusCode" reporting incorrectly in error logs. The arity requirement for handler functions has also been relaxed since it's possible that they may not be needed within a route definition. Read More...

Throttling Third-Party API calls with AWS Lambda

In the serverless world, we often get the impression that our applications can scale without limits. With the right design (and enough money), this is theoretically possible. But in reality, many components of our serverless applications DO have limits. Whether these are physical limits, like network throughput or CPU capacity, or soft limits, like AWS Account Limits or third-party API quotas, our serverless applications still need to be able to handle periods of high load. And more importantly, our end users should experience minimal, if any, negative effects when we reach these thresholds.

There are many ways to add resiliency to our serverless applications, but this post is going to focus on dealing specifically with quotas in third-party APIs. We’ll look at how we can use a combination of SQS, CloudWatch Events, and Lambda functions to implement a precisely controlled throttling system. We’ll also discuss how you can implement (almost) guaranteed ordering, state management (for multi-tiered quotas), and how to plan for failure. Let’s get started!

Continue Reading…

How To: Use SNS and SQS to Distribute and Throttle Events

An extremely useful AWS serverless microservice pattern is to distribute an event to one or more SQS queues using SNS. This gives us the ability to use multiple SQS queues to “buffer” events so that we can throttle queue processing to alleviate pressure on downstream resources. For example, if we have an event that needs to write information to a relational database AND trigger another process that needs to call a third-party API, this pattern would be a great fit.

This is a variation of the Distributed Trigger Pattern, but in this example, the SNS topic AND the SQS queues are contained within a single microservice. It is certainly possible to subscribe other microservices to this SNS topic as well, but we’ll stick with intra-service subscriptions for now. The diagram below represents a high-level view of how we might trigger an SNS topic (API Gateway → Lambda → SNS), with SNS then distributing the message to the SQS queues. Let’s call it the Distributed Queue Pattern.

Distributed Queue Pattern

This post assumes you know the basics of setting up a serverless application, and will focus on just the SNS topic subscriptions, permissions, and implementation best practices. Let’s get started!

Continue Reading…

🚀 Project Update:

Lambda API: v0.10 Released

Lambda API v0.10 adds the ability for you to seamlessly switch your Lambdas between API Gateway and Application Load Balancers. New execution stacks enables method-based middleware and more wildcard functionality. Plus full support for multi-value headers and multi-value query string parameters. Read More...

Stop Calling Everything Serverless!

I’ve been building serverless applications since AWS Lambda went GA in early 2015. I’m not saying that makes me an expert on the subject, but as I’ve watched the ecosystem mature and the community expand, I have formed some opinions around what it means exactly to be “serverless.” I often see tweets or articles that talk about serverless in a way that’s, let’s say, incompatible with my interpretation. This sometimes makes my blood boil, because I believe that “serverless” isn’t a buzzword, and that it actually stands for something important.

I’m sure that many people believe that this is just a semantic argument, but I disagree. When we refer to something as being “serverless”, there should be an agreed upon understanding of not only what that means, but also what it empowers you to do. If we continue to let marketers hijack the term, then it will become a buzzword with absolutely no discernible meaning whatsoever. In this post, we’ll look at how some leaders in the serverless space have defined it, I’ll add some of my thoughts, and then offer my own definition at the end.

Continue Reading…

Serverless Tip: Don’t overpay when waiting on remote API calls

Our serverless applications become a lot more interesting when they interact with third-party APIs like Twilio, SendGrid, Twitter, MailChimp, Stripe, IBM Watson and others. Most of these APIs respond relatively quickly (within a few hundred milliseconds or so), allowing us to include them in the execution of synchronous workflows (like our own API calls).  Sometimes we run these calls asynchronously as background tasks completely disconnected from any type of front end user experience.

Regardless how they’re executed, the Lambda functions calling them need to stay running while they wait for a response. Unfortunately, Step Functions don’t have a way to create HTTP requests and wait for a response. And even if they did, you’d at least have to pay for the cost of the transition, which can get a bit expensive at scale. This may not seem like a big deal on the surface, but depending on your memory configuration, the cost can really start to add up.

In this post we’ll look at the impact of memory configuration on the performance of remote API calls, run a cost analysis, and explore ways to optimize our Lambda functions to minimize cost and execution time when dealing with third-party APIs.

Continue Reading…

re:Capping re:Invent: AWS goes all-in on Serverless

Last week I spent six incredibly exhausting days in Las Vegas at the AWS re:Invent conference. More than 50,000 developers, partners, customers, and cloud enthusiasts came together to experience this annual event that continues to grow year after year. This was my first time attending, and while I wasn’t quite sure what to expect, I left with not just the feeling that I got my money’s worth, but that AWS is doing everything in their power to help customers like me succeed.

There have already been some really good wrap-up posts about the event. Take a look at James Beswick’s What I learned from AWS re:Invent 2018, Paul Swail’s What new use cases do the re:Invent 2018 serverless announcements open up?, and All the Serverless announcements at re:Invent 2018 from the Serverless, Inc. blog. There’s a lot of good analysis in these posts, so rather than simply rehash everything, I figured I touch on a few of the announcements that I think really matter. We’ll get to that in a minute, but first I want to point out a few things about Amazon Web Services that I learned this past week.

Continue Reading…

Aurora Serverless Data API: A First Look

On Tuesday, November 20, 2018, AWS announced the release of the new Aurora Serverless Data API. This has been a long awaited feature and has been at the top of many a person’s #awswishlist. As you can imagine, there was quite a bit of fanfare over this on Twitter.

Obviously, I too was excited. The prospect of not needing to use VPCs with Lambda functions to access an RDS database is pretty compelling. Think about all those cold start savings. Plus, connection management with serverless and RDBMS has been quite tricky. I even wrote an NPM package to help deal with the max_connections issue and the inevitable zombies 🧟‍♂️ roaming around your RDS cluster. So AWS’s RDS via HTTP seems like the perfect solution, right? Well, not so fast. 😞

Continue Reading…

🚀 Project Update:

Lambda API: v0.9.2 Released

Lambda API v0.9.2 has been released and contains additional updates and fixes for the index.d.ts TypeScript declarations file. Thanks again to @hassankhan and @Wintereise for submitting the changes. The release is immediately available via NPM. Read More...
🚀 Project Update:

Lambda API: v0.9.1 Released

Lambda API v0.9.1 has been released to include the index.d.ts TypeScript declarations file in the NPM package (thanks again, @hassankhan). The release is immediately available via NPM. Read More...
🚀 Project Update:

Lambda API: v0.9 Released

v0.9 adds new features to give developers better control over error handling and serialization. A TypeScript declaration file has also been added along with some additional API Gateway inputs that are now available in the REQUEST object. Read More...

Takeaways from ServerlessNYC 2018

I had the opportunity to attend ServerlessNYC this week (a ServerlessDays community conference) and had an absolutely amazing time. The conference was really well-organized (thanks Iguazio), the speakers were great, and I was able to have some very interesting (and enlightening) conversations with many attendees and presenters. In this post I’ve summarized some of the key takeaways from the event as well as provided some of my own thoughts.

Note: There were several talks that were focused on a specific product or service. While I found these talks to be very interesting, I didn’t include them in this post. I tried to cover the topics and lessons that can be applied to serverless in general.

Update November 16, 2018: Some videos have been posted, so I’ve provided the links to them.

Audio Version:

Continue Reading…

What 15 Minute Lambda Functions Tells Us About the Future of Serverless

Amazon Web Services recently announced that they increased the maximum execution time of Lambda functions from 5 to 15 minutes. In addition to this, they also introduced the new “Applications” menu in the Lambda Console, a tool that aggregates functions, resources, event sources and metrics based on services defined by SAM or CloudFormation templates. With AWS re:Invent just around the corner, I’m sure these announcements are just the tip of the iceberg with regards to AWS’s plans for Lambda and its suite of complementary managed services.

While these may seem like incremental improvements to the casual observer, they actually give us an interesting glimpse into the future of serverless computing. Cloud providers, especially AWS, continue to push the limits of what serverless can and should be. In this post, we’ll discuss why these two announcements represent significant progress into serverless becoming the dominant force in cloud computing.

Continue Reading…

🚀 Project Update:

Lambda API: v0.8.1 Released

Lambda API v0.8.1 has been released to patch an issue with middleware responses and a path prefixing options bug. The release is immediately available via NPM. Read More...

An Introduction to Serverless Microservices

Thinking about microservices, especially their communication patterns, can be a bit of a mind-bending experience for developers. The idea of splitting an application into several (if not hundreds of) independent services, can leave even the most experienced developer scratching their head and questioning their choices. Add serverless event-driven architecture into the mix, eliminating the idea of state between invocations, and introducing a new per function concurrency model that supports near limitless scaling, it’s not surprising that many developers find this confusing. 😕 But it doesn’t have to be. 😀

In this post, we’ll outline a few principles of microservices and then discuss how we might implement them using serverless. If you are familiar with microservices and how they communicate, this post should highlight how these patterns are adapted to fit a serverless model. If you’re new to microservices, hopefully you’ll get enough of the basics to start you on your serverless microservices journey. We’ll also touch on the idea of orchestration versus choreography and when one might be a better choice than the other with serverless architectures. I hope you’ll walk away from this realizing both the power of the serverless microservices approach and that the basic fundamentals are actually quite simple.  👊

Audio Version:

Continue Reading…

🚀 Project Update:

Serverless MySQL: v1.1.0 Released

Serverless MySQL v1.1.0 adds additional transaction support capabilities to allow users to retrieve interim query results for use with future queries. This is useful for getting the insertId from previous queries when performing transactions. Read More...

Serverless Security: Locking Down Your Apps with FunctionShield

I’ve written quite extensively about serverless security, and while you don’t need to be an expert on the matter, there are a number of common sense principles that every developer should know. Serverless infrastructures (specifically FaaS and managed services) certainly benefit from an increased security posture given that the cloud provider is handling things like software patching, network security, and to some extent, even DDoS mitigation. But at the end of the day, your application is only as secure as its weakest link, and with serverless, that pretty much always comes down to application layer security.

In this post we’re going to look at ways to mitigate some of these application layer security issues by using some simple strategies as well as a free tool called FunctionShield.

Audio Version:

Continue Reading…

Managing MySQL at Serverless Scale

“What? You can’t use MySQL with serverless functions, you’ll just exhaust all the connections as soon as it starts to scale! And what about zombie connections? Lambda doesn’t clean those up for you, meaning you’ll potentially have hundreds of sleeping threads blocking new connections and throwing errors. It can’t be done!”  ~ Naysayer

I really like DynamoDB and BigTable (even Cosmos DB is pretty cool), and for most of my serverless applications, they would be my first choice as a datastore. But I still have a love for relational databases, especially MySQL. It had always been my goto choice, perfect for building normalized data structures, enforcing declarative constants, providing referential integrity, and enabling ACID-compliant transactions. Plus the elegance of SQL (structured query language) makes organizing, retrieving and updating your data drop dead simple.

But now we have SERVERLESS. And Serverless functions (like AWS Lambda, Google Cloud Functions, and Azure Functions) scale almost infinitely by creating separate instances for each concurrent user. This is a MAJOR PROBLEM for RDBS solutions like MySQL, because available connections can be quickly maxed out by concurrent functions competing for access. Reusing database connections doesn’t help, and even the release of Aurora Serverless doesn’t solve the max_connections problem. Sure there are some tricks we can use to mitigate the problem, but ultimately, using MySQL with serverless is a massive headache.

Well, maybe not anymore. 😀 I’ve been dealing with MySQL scaling issues and serverless functions for years now, and I’ve finally incorporated all of my learning into a simple, easy to use NPM module that (I hope) will solve your Serverless MySQL problems.

Continue Reading…

Jeremy goes to AWS re:Invent 2018

It’s official! I’m going to AWS re:Invent 2018. 🙌

My goal from this trip is to learn, learn, learn… and then share, share, share.   There are over 30 sessions that talk about serverless, plus 40,000 other people there to meet and learn from! I’m so excited. 🙃

I know that many of you will be there, but for those of you who can’t be, I’ll do my best to share insights, tips, how-tos, best practices and more. I’ll even have a drink for you if you’d like 🍺 (no arm twisting necessary)!

Continue Reading…

Serverless Microservice Patterns for AWS

I’m a huge fan of building microservices with serverless systems. Serverless gives us the power to focus on just the code and our data without worrying about the maintenance and configuration of the underlying compute resources. Cloud providers (like AWS), also give us a huge number of managed services that we can stitch together to create incredibly powerful, and massively scalable serverless microservices.

I’ve read a lot of posts that mention serverless microservices, but they often don’t go into much detail. I feel like that can leave people confused and make it harder for them to implement their own solutions. Since I work with serverless microservices all the time, I figured I’d compile a list of design patterns and how to implement them in AWS. I came up with 19 of them, though I’m sure there are plenty more.

In this post we’ll look at all 19 in detail so that you can use them as templates to start designing your own serverless microservices.

Audio Version:

Continue Reading…

🚀 Project Update:

Lambda API: v0.8 Released

Lambda v0.8 is finally here and was well worth the wait! New features include allowing middleware to accept multiple handlers, new convenience methods for cache control and signing S3 URLs, and async/await support for the main function handler. And best of all, new LOGGING and SAMPLING support for you to add more observability into your APIs and web applications. Read More...

Aurora Serverless: The Good, the Bad and the Scalable

Amazon announced the General Availability of Aurora Serverless on August 9, 2018. I have been playing around with the preview of Aurora Serverless for a few months, and I must say that overall, I’m very impressed. There are A LOT of limitations with this first release, but I believe that Amazon will do what Amazon does best, and keep iterating until this thing is rock solid.

The announcement gives a great overview and the official User Guide is chock full of interesting and useful information, so I definitely suggest giving those a read. In this post, I want to dive a little bit deeper and discuss the pros and cons of Aurora Serverless. I also want to dig into some of the technical details, pricing comparisons, and look more closely at the limitations.

Audio Version

Continue Reading…

A Tale of Two Teams

Audio Version:

It was the best of times, it was the worst of times, it was the age of wisdom, it was the age of foolishness… ~ A Tale of Two Cities by Charles Dickens

There is a revolution happening in the tech world. An emerging paradigm that’s letting development teams focus on business value instead of technical orchestration. It is helping teams create and iterate faster, without worrying about the limits or configurations of an underlying infrastructure. It is enabling the emergence of new tools and services that foster greater developer freedom. Freedom to experiment. Freedom to do more with less. Freedom to immediately create value by publishing their work without the traditional barriers created by operational limits.

Continue Reading…

How To: Add Test Coverage to your Serverless Applications

Writing serverless functions brings developers closer and closer to the stack that runs their code. While this gives them a tremendous amount of freedom, it also adds additional responsibility. Serverless applications require developers to think more about security and optimizations, as well as perform other tasks that were traditionally assigned to operations teams. And of course, code quality and proper testing continue to be at the top of the list for production-level applications. In this post, we’ll look at how to add test coverage to our Node.js applications and how we can apply it to our Serverless framework projects. ⚡️

Continue Reading…

Serverless Peeps You Need To Follow

In my never ending quest to consume all things serverless, I often find myself scouring the Interwebs for new and interesting serverless articles, blog posts, videos, and podcasts. There are more and more people doing fascinating things with serverless every day, so finding content is becoming easier and easier. However, this increase in content comes with an increase in noise as well. Cutting through that noise isn’t always easy. 🙉

Great content with valuable insights

I personally love reading articles that introduce new use cases or optimizations for serverless. Stories about companies using serverless in production and how their architectures are set up are also extremely interesting. I’ve been working in the serverless space for several years now, and have come across a number of people who produce and/or share really great content. I’ve put together a list of people that I follow and enjoy their content regularly. Hopefully these people will help you learn to love serverless as much as I do. ❤️⚡️

Continue Reading…

How To: Tag Your Lambda Functions for Smarter Serverless Applications

As our serverless applications start to grow in complexity and scope, we often find ourselves publishing dozens if not hundreds of functions to handle our expanding workloads. It’s no secret that serverless development workflows have been a challenge for a lot of organizations. Some best practices are starting to emerge, but many development teams are simply mixing their existing workflows with frameworks like Serverless and AWS SAM to build, test and deploy their serverless applications.

Beyond workflows, another challenge serverless developers encounter as their applications expand, is simply trying to keep all of their functions organized. You may have several functions and resources as part of a microservice contained in their own git repo. Or you might simply put all your functions in a single repository for better common library sharing. Regardless of how code is organized locally, much of that is lost when all your functions end up in a big long list in the AWS Lambda console. In this post we’ll look at how we can use AWS’s resource tagging as a way to apply structure to our deployed functions. This not only give us more insight into our applications, but can be used to apply Cost-Allocation Tags to our billing reports as well. 👍

Continue Reading…

Thinking Serverless (Big and Small)

I’ve been reading and writing a lot of about serverless lately, and one of the things I realized, is that most articles talk about how SCALABLE serverless architectures are. This, of course, is one of the major benefits of using serverless to build your applications. The ability to scale to thousands of concurrent requests per second without needing to manage your own servers, is simply amazing. 🙌

However, not needing to manage any servers has other benefits beyond the capabilities to achieve web scale. Having on-demand compute space also make serverless the perfect candidate for smaller workloads. In this post, let’s discuss how we can utilize serverless to handle our “less than unicorn 🦄” services and the benefits this can bring.

Continue Reading…

Lambda Warmer: Optimize AWS Lambda Function Cold Starts

At a recent AWS Startup Day event in Boston, MA, Chris Munns, the Senior Developer Advocate for Serverless at AWS, discussed Lambda cold starts and how to mitigate them. According to Chris (although he acknowledge that it is a “hack”) using the CloudWatch Events “ping” method is really the only way to do it right now. He gave a number of really good tips to pre-warm your functions “correctly”:

  • Don’t ping more often than every 5 minutes
  • Invoke the function directly (i.e. don’t use API Gateway to invoke it)
  • Pass in a test payload that can be identified as such
  • Create handler logic that replies accordingly without running the whole function

Continue Reading…

15 Key Takeaways from the Serverless Talk at AWS Startup Day

I love learning about the capabilities of AWS Lambda functions, and typically consume any article or piece of documentation I come across on the subject. When I heard that Chris Munns, Senior Developer Advocate for Serverless at AWS, was going to be speaking at AWS Startup Day in Boston, I was excited. I was able to attend his talk, The Best Practices and Hard Lessons Learned of Serverless Applications, and it was well worth it.

Chris said during his talk that all of the information he presented is on the AWS Serverless site. However, there is A LOT of information out there, so it was nice to have him consolidate it down for us into a 45 minute talk. There was some really insightful information shared and lots of great questions. I was aware of many of the topics discussed, but there were several clarifications and explanations (especially around the inner workings of Lambda) that were really helpful. 👍

Continue Reading…

Mixing VPC and Non-VPC Lambda Functions for Higher Performing Microservices

I came across a post the in the Serverless forums that asked how to disable the VPC for a single function within a Serverless project. This got me thinking about how other people structure their serverless microservices, so I wanted to throw out some ideas. I often mix my Lambda functions between VPC and non-VPC depending on their use and data requirements. In this post, I’ll outline some ways you can structure your Lambda microservices to isolate services, make execution faster, and maybe even save you some money. ⚡️💰

Continue Reading…

5 Reasons Why Your Serverless Application Might Be A Security Risk

There has been a lot of buzz lately about serverless security. People are certainly talking about it more and sharing great articles on the topic, but many serverless developers (especially new ones) are still making the same critical mistakes. Every time a serverless function is deployed, its unique security challenges need to be addressed. Every time. I’ve researched and written extensively about serverless security (see Securing Serverless: A Newbie’s Guide). I’ve read countless articles on the subject. And while there is no shortage of information available, let’s be honest: developers are busy building applications, not pouring through hundreds of articles.

I know, it sounds boring, but I would encourage you to do your research on serverless security. Serverless applications are different than traditional, server-hosted applications. Much of the security responsibility falls on the developer, and not following best practices opens you (or your company) up to an attack. But I know you’re busy. I totally get it. So rather than forcing you to read a bunch of long articles 😴 or watch a plethora of videos 🙈, I’ve whittled it all down to the five biggest serverless security risks for you. Sure, there are a lot of other things to consider, but IMO, these are the most important ones. Nothing here hasn’t been said before. But If you do nothing more than follow these principles, your serverless applications will be much more secure. 🔒

Continue Reading…

Serverless Consumers with Lambda and SQS Triggers

On Wednesday, June 27, 2018, Amazon Web Services released SQS triggers for Lambda functions. Those of you who have been building serverless applications with AWS Lambda probably know how big of a deal this is. Until now, the AWS Simple Queue Service (SQS) was generally a pain to deal with for serverless applications. Communicating with SQS is simple and straightforward, but there was no way to automatically consume messages without implementing a series of hacks. In general, these hacks “worked” and were fairly manageable. However, as your services became more complex, dealing with concurrency and managing fan out made your applications brittle and error prone. SQS triggers solve all of these problems. 👊

Update December 6, 2018: At some point over the last few months AWS fixed the issue with the concurrency limits and the redrive policy. See Additional experiments with concurrency and redrive polices below.

Audio Version (please note that this audio version is out of date given the new updates)

Continue Reading…

Event Injection: Protecting your Serverless Applications

Updated January 25, 2019: This post was updated based on feedback from the community.

The shared security model of cloud providers extends much further with serverless offerings, but application security is still the developer’s responsibility. Many traditional web applications are front-ended with WAFs (web application firewalls), RASPs (runtime application self-protection), EPPs (endpoint protection platforms) and WSGs (web security gateways) that inspect incoming and outgoing traffic. These extra layers of protection can save developers from themselves when making common programming mistakes that would otherwise leave their applications vulnerable. If you’re invoking serverless functions from sources other than API Gateway, you no longer have the ability to use the protection of a WAF. 

Continue Reading…

10 Things You Need To Know When Building Serverless Applications

I am a HUGE fan of serverless architectures. This new type of compute not only opens up more possibilities for developers, but can support highly-scalable, complex applications for a fraction of the cost compared to provisioning virtual servers. My first question when planning a new application is always, “Can I build this with serverless?” Spoiler alert, the answer is almost always YES!

I’ve been building serverless applications since the release of AWS Lambda in 2015, so answering the question above is pretty easy for me. However, a lot of people I talk to who are new to serverless often have many questions (and misconceptions). I want you to be successful, so below I’ve create a list of 10 things you need to know when building a serverless application. These are things I wish I knew when I started, so hopefully they’ll help you get up to speed a faster and start building some amazing applications.

Continue Reading…

🚀 Project Update:

Lambda API: v0.7 Released

v0.7 adds new features to control middleware execution based on path, plus additional parsing of the AWS Lambda context object. ESLint and coverage reports using Istanbul and Coveralls were also added to ensure code quality and adequate test coverage. Read More...

How To: Optimize the Serverless Optimizer Plugin

I’m sure you’re already well aware of how awesome the ⚡ Serverless Framework is for managing and deploying your serverless applications. And you’re probably aware that there are several great plugins available that make Serverless even better. But did you know that there was a plugin to optimize your functions and reduce the size of your deployment packages? Or are you already using this plugin to optimize your functions, but hate how it takes too long to optimize locally run functions? In this post I’ll share some quick tips to help you optimize your Serverless Optimizer experience.

Continue Reading…

Transducers: Supercharge your functional JavaScript

This is the first in a series of posts on functional programming in JavaScript. My goal is to make these ideas more accessible to all levels of programmers. Feedback about style, content, etc., would all be greatly appreciated.

One thing that perplexed me early on in my functional programming days was the concept of transducers. I spent a lot of time Googling and found some great articles that went deep into the theory and the underlying mechanics. However, the practical use of them still seemed a bit out of reach. In this post I’ll attempt to explain transducers in a more understandable way and hopefully give you the confidence to use them in your functional JavaScript. While this article attempts to make transducers more accessible, you will need to have some basic knowledge of functional programming in JavaScript. Specifically, you should know about function composition and iterator functions like .map(), .filter(), and most importantly, .reduce(). If you are unfamiliar with these concepts, go get a grasp on them first.

Continue Reading…

🚀 Project Update:

Lambda API: v0.6 Released

v0.6 is all about making the serverless developer's life easier! New support for both callback-style and async-await in route functions and middleware, new HTTP method routing features, and route debugging tools. Plus Etag support and automatic authorization parsing. Read More...

Solving the Cold Start Problem

Dear AWS Lambda Team,

I have a serious problem: I love AWS Lambda! In fact, I love it so much that I’ve pretty much gone all in on this whole #serverless thing. I use Lambda for almost everything now. I use it to build backend data processing pipelines, distribute long running tasks, and respond to API requests. Heck, I even built an Alexa app just for fun. I found myself building so many RESTful APIs using Lambda and API Gateway that I went ahead and created the open source Lambda API web framework to allow users to more efficiently route and respond to API Gateway requests.

Serverless technologies, like Lambda, have revolutionized how developers think about building applications. Abstracting away the underlying compute layer and replacing it with on-demand, near-infinitely scalable function containers is brilliant. As we would say out here in Boston, “you guys are wicked smaht.” But I think you missed something very important. In your efforts to conform to the “pay only for the compute time you consume” promise of serverless, you inadvertently handicapped the service. My biggest complaint, and the number one objection that I hear from most of the “serverless-is-not-ready-for-primetime” naysayers, are Cold Starts.

Continue Reading…

How To: Manage Serverless Environment Variables Per Stage

I often find myself creating four separate stages for each ⚡ Serverless Framework project I work on: dev, staging, prod, and local. Obviously the first three are meant to be deployed to the cloud, but the last one, local, is meant to run and test interactions with local resources. It’s also great to have an offline version (like when you’re on a plane ✈ or have terrible wifi somewhere). Plus, development is much faster because you’re not waiting for round trips to the server. 😉

A really great feature of Serverless is the ability to configure ENVIRONMENT variables in the serverless.yml file. This lets us store important global information like database names, service endpoints and more. We can even reference passwords securely using AWS’s Service Manager Parameter Store and decode encrypted secrets on deployment, keeping them safe from developers and source repositories alike. 😬 Just reference the variable with ${ssm:/myapp/my-secure-value~true} in your configuration file.

Continue Reading…

🚀 Project Update:

Lambda API: v0.5 Released

v0.5 takes advantage of AWS Lambda's recently released support for Node v8.10 and has removed its Bluebird promise dependency in favor of async/await. Lambda API is now faster and adds built-in CORS support, additional wildcard features, new HTTP header management methods and more. Read More...

How To: Stub “.promise()” in AWS-SDK Node.js

Since AWS released support for Node v8.10 in Lambda, I was able to refactor Lambda API to use async/await instead of Bluebird promises. The code is not only much cleaner now, but I was able to remove a lot of unnecessary overhead as well. As part of the refactoring, I decided to use AWS-SDK’s native promise implementation by appending .promise() to the end of an S3 getObject call. This works perfectly in production and the code is super compact and simple:

The issue came with stubbing the call using Sinon.js. With the old promise method, I was using promisifyAll() to wrap new AWS.S3() and then stubbing the getObjectAsync method. If you’re not familiar with stubbing AWS services, read my post: How To: Stub AWS Services in Lambda Functions using Serverless, Sinon.JS and Promises.

Continue Reading…

How To: Manage RDS Connections from AWS Lambda Serverless Functions

Someone asked a great question on my How To: Reuse Database Connections in AWS Lambda post about how to end the unused connections left over by expired Lambda functions:

I’m playing around with AWS lambda and connections to an RDS database and am finding that for the containers that are not reused the connection remains. I found before that sometimes the connections would just die eventually. I was wondering, is there some way to manage and/or end the connections without needing to wait for them to end on their own? The main issue I’m worried about is that these unused connections would remain for an excessive amount of time and prevent new connections that will actually be used from being made due to the limit on the number of connections.

🧟‍♂️ Zombie RDS connections leftover on container expiration can become a problem when you start to reach a high number of concurrent Lambda executions. My guess is that this is why AWS is launching Aurora Serverless, to deal with relational databases at scale. At the time of this writing it is still in preview mode.

Update September 2, 2018: I wrote an NPM module that manages MySQL connections for you in serverless environments. Check it out here.

Update August 9, 2018: Aurora Serverless is now Generally Available!

Overall, I’ve found that Lambda is pretty good about closing database connections when the container expires, but even if it does it reliably, it still doesn’t solve the MAX CONNECTIONS problem. Here are several strategies that I’ve used to deal with this issue.

Continue Reading…

Is Code Really Self-Documenting?

In my 20+ years of programming, I’ve encountered a near endless amount of opinions on everything from coding styles to programming paradigms to the great whitespace debate. Obviously, I have strong opinions on a number of these. But for me, the one that bothers me the most is this notion that “code is self-documenting.” 😾

I know what you’re probably thinking: “of course not all code is self-documenting, only well-written code is.” I don’t entirely disagree. I can generally look at someone else’s code and understand exactly WHAT it is doing. However, often it’s not obvious WHY they did it that way, or even why they did it in the first place. In my opinion, the programmer’s intent (the WHY) is just as important as the HOW when it comes to properly documenting software.

So whether you agree with me or not, let’s explore how to better document our software by writing cleaner code, following some general commenting etiquette, and commenting more effectively to make you and your team more productive. 👍

Continue Reading…

Securing Serverless: A Newbie’s Guide

So you’ve decided to build a serverless application. That’s awesome! May I be the first to welcome you to the future. 🤖 I bet you’ve done a lot of research. You’ve probably even deployed a few test functions to AWS Lambda or Google Cloud Functions and you’re ready to actually build something useful. You probably still have a bunch of unanswered questions, and that’s cool. We can still build some really great applications even if we only know the basics. However, when we start working with new things we typically make a bunch of dumb mistakes. While some are relatively innocuous, security mistakes can cause some serious damage.

I’ve been working with serverless applications since AWS launched Lambda in early 2015. Over the last few years I’ve developed many serverless applications covering a wide range of use cases. The most important thing I’ve learned: SECURE YOUR FUNCTIONS! I can tell you from personal experience, getting burned by an attack is no bueno. I’d hate to see it happen to you. 😢

To make sure it doesn’t happen to you, I’ve put together a list of 🔒Serverless Security Best Practices. This is not a comprehensive list, but it covers the things you ABSOLUTELY must do. I also give you some more things to think about as you continue on your serverless journey. 🚀

Continue Reading…

How To: Build a Serverless API with Serverless, AWS Lambda and Lambda API

AWS Lambda and AWS API Gateway have made creating serverless APIs extremely easy. Developers can simply create Lambda functions, configure an API Gateway, and start responding to RESTful endpoint calls. While this all seems pretty straightforward on the surface, there are plenty of pitfalls that can make working with these services frustrating.

There are, for example, lots of confusing and conflicting configurations in API Gateway.  Managing deployments and resources can be tricky, especially when publishing to multiple stages (e.g. dev, staging, prod, etc.). Even structuring your application code and dependencies can be difficult to wrap your head around when working with multiple functions.

In this post I’m going to show you how to setup and deploy a serverless API using the Serverless framework and Lambda API, a lightweight web framework for your serverless applications using AWS Lambda and API Gateway. We’ll create some sample routes, handle CORS, and discuss managing authentication. Let’s get started.

Continue Reading…

Off-by-none: Issue #29

You can “serverless” too…

Welcome to Issue #29 of Off-by-none. It’s an honor to have you join us! 😊

Last week we were live at ServerlessDays Boston! This week, we’ll recap some of my favorite things from the Boston event, we’ll address some more #NoOps nonsense, and, of course, we’ve got plenty of great content from the growing serverless community.

There is a ridiculous amount of stuff to get to today, so buckle your seatbelts, and let get going! 🏎

When you’re wondering how ServerlessDays Boston went… 💥

It was “wicked” awesome! Seriously, as one of the organizers, I couldn’t have hoped it had gone any better. We had over 200 people attend, and other than a small snafu with the coffee being a bit late in the morning, the day went really well. The speakers were amazing, and thanks to Ann Guilinger’s live tweets, many were able to follow along even if they weren’t at the event. Ashish Addepalli also wrote a great follow up entitled, Learnings after a day at Serverless Days Boston. It’s loaded with some great takeaways.

And while all of the speakers were amazing, there were two talks in particular that really stood out to me. The first was by Ben Kehoe of iRobot. His talk, Applying the Serverless Mindset to Any Tech Stack, further pushed the idea that serverless is not about the technology you use, but instead about the focus on business value it enables. He wrote a brilliant followup piece, Serverless is a State of Mind, which I suggest you all read. Ben says to adopt the serverless mindset, and continue to move your organization up “the serverless ladder.”

The second talk I really appreciated was James Beswick‘s, Scared Serverless – What we learned after quitting servers for a year. As James told the story of his consulting firm transitioning clients to serverless architectures, and all of the roadblocks, small wins, set backs, and ultimate successes they had, you could tell that it resonated with audience. Whether you were a hardcore serverless veteran, or someone simply looking to get started, his message was refreshing, because it showed how powerful serverless ultimately is, but also that it will take time (and effort) to get there. This is highly reflective of my journey to serverless, and more real world talks like this are what people making the leap need to hear.

The videos of all the talks will be posted soon!

When you keep seeing #NoOps… 🤦🏻‍♂️

I recently came across two articles that continue to push the idea of NoOps. A NoOps state of mind and Make your existing solution tastier with serverless salt: NoOps, are both examples, IMO, of over-hyping that is detrimental to the serverless movement. While I certainly agree that moving to serverless dramatically reduces your operational overhead, there is still a significant amount of work to configure, monitor, and understand your infrastructure. That takes expertise and experience.

Both of the above articles ultimately admit that serverless isn’t actually NoOps, but instead a step towards it. And as Jamie Andrews points out in his piece, Why Serverless needs Ops, operational problems don’t go away in serverless, they become a lot more specialized. As organizations start forming serverless teams, understanding the skills necessary to staff them, is ultimately what we need to be exploring. Setting the right expectations for organizations will go a long way to successfully adopting serverless.

When you hear that serverless websites are the next big thing… 📰

Static Site Revolution: Top Websites Built with Gatsby
Sorry WordPress, but it looks like your days might finally be numbered (well, not really). Static site generators that are hosted on CDNs are becoming extremely popular, and this article outlines a few big sites that are taking advantage of the benefits.

Quickstart: Serve static websites serverless
But static site generation isn’t the only way to create “serverless” sites. Jonas Neustock’s post shows you a very simple way to generate HTML with a Lambda function. Probably not the cleanest (or most efficient) approach, but others are using these combinations to create interesting projects.

Webiny – Serverless CMS
Speaking of interesting projects, Webiny, a new open source “serverless” CMS has been released. There is a lot to unpack with this and from what I’ve seen, it’s packed with features. It appears to be cloud agnostic, but the database is MongoDB, so I think there is more work to be done.

Serverless Product Announcements 📢

Iguazio’s Platform Scales NVIDIA GPU-Accelerated Deployments
If you’re a data scientist that wants to seamlessly convert your research into production-scale ML projects, Iguazio’s recent partnership with Samsung SDS could blow your mind. Yaron Haviv, Igauzio’s CTO, gave me a demo of their platform yesterday and everything from the architecture, to the speed, to the developer experience blew my mind. I’ll be very interested in keeping an eye on their product offerings.

Discovering Issues Visually in your Serverless Architecture with Thundra
Distributed tracing in your serverless applications can be very helpful tool when trying to track down and debug errors. Thundra has added “Architecture” views that lets you visualize all your components along with the connections between them. If you spot an error, you can easily dig deeper.

Serverless Use Cases

Bringing realtime to serverless web applications
Here’s a great use case that is very popular, especially with distributed applications that need to handle some significant backend processing. James Beswick shows us how to handle this with AWS IoT and MQTT. A similar solution with API Gateway WebSockets would also be possible.

Building an Object Detection API with AWS S3, Rekognition and Lambda
Branko Blagojevic gives us a detailed walkthrough for another interesting use case that could process quite a bit of information at scale.

Publish to RabbitMQ from AWS Lambda
Why would you want to publish to RabbitMQ from your serverless application? Unfortunately, I have a use case for this. ☹️ But the good news is that if you are tethered to a RabbitMQ implementation, and you’d like to start migrating parts of it to serverless, you’re in luck.

Route53 Latency Based Routing made easy with Serverless
Sometimes caching at the edge isn’t enough, and we actually need to do more intense compute closer to our users. Route53 has quite a few options to ensure that users are routed to the right region, and this post will show you how to leverage Lambda to build a robust, globally available application.

gRPC to AWS Lambda: Is it Possible?
No, but the team at Coinbase sure gave it one heck of a try. I do like articles like this that try to push the boundaries of serverless. You always learn something new.

If you’re new to Serverless…

“A comparison between client-server and serverless full-stack app architectures”
If you’ve got 30 minutes to kill, this post by Tom Bowden outlines the difference between building a traditional server-based app versus using Amplify to publish something more modern.

How can I turn my Restful API into a Serverless application and deploy it to AWS Lambda Step by Step — Part I and Part II
In this two part series, Fabian Leon Ortega takes you through converting your existing API. This is all done through the console (which you wouldn’t want to do for production), but gives you a good overview nonetheless.

AWS to GCP —Web Applications
A good post by Serverless Guru that shows you how the two cloud providers compare.

My Database: Is it “serverless” An opinionated Checklist
Alexander Magnus Partsch has some opinions on what makes a “serverless” database.

AWS Lambda — Best Practices
It’s always nice to see what others are adopting as best practices. Here’s a list from Sandeepa Hande.

7 things you should know when getting started with Serverless APIs
Simona Cotin has a very detailed post that answers seven important questions when building a serverless API on Microsoft Azure.

Serverless Tutorials 👷‍♂️

How to Build a Member App using Facial Recognition and Serverless
James Beswick walks you through building a highly scalable facial recognition app with just a few lines of code.

How to Test Serverless Apps
Yan Cui has an excellent guest post for Epsagon that outlines the different stages of testing for a serverless application.

Store and Rotate API Keys with AWS Secrets Manager
Zac Charles gives us a detailed post that show you how to use AWS Secrets Manager, and more importantly, how to regularly rotate them.

GraphQL APIs with AWS AppSync: Part onePart two and Part three
Christopher Bartling has a three part series that shows you how to set up GraphQL with AppSync using a DynamoDB backend with Lambda resolvers.

Accelerate your backend development using AWS Serverless GraphQL
A slightly different approach to using GraphQL on AWS by using just Lambda and the GraphQL Apollo library.

Dynamic image resizing with Node.js and the Serverless Framework
The most iconic use case of serverless. But it’s still a good one.

Serverless Stories 📖

Serverless integration testing at Freetrade
Hugh Grigg from Freetrade explains how they do their serverless testing.

Students create NCAA March Madness predictive analysis via Google Cloud
Google recruited students to produce tournament data analysis to illustrate how organizations can take advantage of its different tools for analytics, machine learning and more. Pretty cool.

Serverless Reads 👓

Visualizing Cold Starts
Mikhail Shilkov has a great post that visualizes FaaS cold starts across the big three cloud providers using Google Maps.

Serverless Benchmark 2.0 
Interesting post by Bernd Strehl that introduces the next version of his serverless-benchmark.com site that benchmarks five different FaaS providers.

FinDev and Serverless Microeconomics: Part 2 – Impacts
Aleksandar Simovic’s second piece on the economics of serverless. This time he outlines the impact on Finance and Accounting, Product and Engineering, and Strategy.

Why You Can’t Ignore Changes to Monitoring and Logging for Serverless
Nitzan Shapira says when using modern cloud technologies and distributed systems, the mindset of monitoring versus logging has to change.

4 Simple Features That Would Make a Big Difference to Cognito User Pools
Rich Buggy has a few ideas that would make Cognito User Pools even better.

7 checkboxes to compare serverless orchestration services
Interesting interview with a team of researchers who published Comparison of Production Serverless Function Orchestration Systems.

When you’re curious what AWS has been working on… 🛠

AWS recently released an Open Distro for Elasticsearch. There was a companion article, Keeping Open Source Open, that talks about Amazon’s motivations. Of course, open source and cloud providers have been the subject of some recent controversy, and this was no exception. In On “Open” Distros, Open Source, and Building a Company, Elasticsearch creator, Shay Banon, is less than enthusiastic about AWS’s announcement.

AWS Joins the GraphQL Foundation
Speaking of open source, AWS will now be sharing everything they learned from building and operating AppSync and Amplify with the GraphQL community.

Registration for AWS re:Inforce 2019 now open!
If you thought 5 days in Vegas wasn’t enough, then come spend two more in Boston for the first ever AWS security conference.

How to design Amazon DynamoDB global secondary indexes
This is a great post that gives you a number of best practices for working with DynamoDB indexes.

Announcing Amazon Kinesis SubscribeToShard API Support in the AWS SDK for Ruby
AWS continues to improve their Ruby SDK. So good news for all you Ruby warriors out there.

Stories from AWS Serverless Heroes: Who They Are, How They Started, and What They’re Working on Now
Meet some of the AWS Serverless Heroes in this recently released video.

Upcoming Serverless Events 🗓

ServerlessDays Amsterdam is just 10 days away, and the speaker lineup is amazing. If you can make this event, you definitely should. You can get 50% off ticket prices by using the discount code “Off-by-none-fw89”, or just click here to apply the discount.

James Beswick is giving his Scared Serverless talk at the Southern Maine AWS User Group on Tuesday, April 2, 2019.

The Serverless Architecture Conference is from April 8-10th in The Hague, Netherlands. And don’t forget that I’m speaking.

ServerlessDays Atlanta is on Tuesday, April 9th. This one is combined with DevOps Days and Map Camp.

ServerlessDays Zurich is on Thursday, April 11th.

And don’t miss this AWS Serverless Webinar: Unleash Innovation & Build Modern Applications (Four-Part Session) on March 21st.

Serverless Star of the Week ⭐️

There is a very long list of people that are doing #ServerlessGood and contributing to the Serverless community. These people deserve recognition for their efforts. So each week, I will mention someone whose recent contribution really stood out to me. I love meeting new people, so if you know someone who deserves recognition, please let me know.

This week’s star is Joe Emison (@JoeEmison). Joe is the co-founder and CTO at Branch Insurance and the former co-founder and CTO at @BuildFax. He has a number of great articles, including one of my favorites, the Serverless Sea Change. You can also find several of his talks such as Serverless Patterns and Anti-patternsBetter Application Architecture with Serverless, and How to Fold a Fitted Sheet. Joe’s Twitter feed is filled with plenty of serverless insights and he is a valuable voice in the community. Thanks for all you do, Joe!

Final Thoughts 🤔

Thanks again to all the ServerlessDays Boston speakers, sponsors and attendees. It truly was an amazing event thanks to all the wonderful people that made it happen. If you get a chance, I highly suggest attending one of these. The community is flourishing, and being part of one of these events and meeting others that are facing the same challenges as you, is a very rewarding experience.

I hope you enjoyed this issue of Off-by-none. Please feel free to send feedback and suggestions so I can keep making this newsletter better each week. You can reach me via Twitter, LinkedIn, Facebook, or email and let me know your thoughts, criticisms, or how you’d like to contribute to Off-by-none.

And please do me the honor of sharing this newsletter with your friends and coworkers who might be interested in serverless. It would be greatly appreciated. 👍

Until next time,
Jeremy

Off-by-none: Issue #28

Live from ServerlessDays Boston…

Welcome to Issue #28 of Off-by-none. Thank you so much for being a part of the community! 🙌

Last week we looked at Lyft’s AWS bill and what it means for multi-cloud. This week we’re live at ServerlessDays Boston, plus we’ve got plenty of great stories and content from the community.

Lots of serverless stuff to get to, so here we go! 🚀

Charity Majors giving the opening keynote at ServerlessDays Boston

Serverless Product Announcements 📢

Meet the Adobe I/O Team: Mihai Corlan on Building Adobe’s Serverless Platform
Adobe’s developer tools is introducing Adobe I/O Runtime, a serverless platform built on top of OpenWhisk. You likely won’t build all your apps there, but this is an interesting way to interact with your Adobe data from collocated execution environments. Props for not naming them “functions.” 👍

Easy Observability and Monitoring with Lambda Layers
The team over at IOpipe put together a handy guide that shows you three ways to add their service using Lambda Layers. While the guide is about their service, you can apply these to any Layer.

Manage table resources in serverless
Chris Feist created a new plugin for the Serverless Framework that reduces the amount of boilerplate needed to create DynamoDB tables.

SQL order from API chaos
A new “API composition platform” called Transposit just recently appeared. “Transposit is a zero-ops platform that brings the power of a relational database to the API ecosystem. Our relational engine provides the ability to write SQL and JavaScript to query and transform your data as though each data connection were a virtual table in a single relational database.” Hmm. 🤔

Serverless Use Cases 🗺

Dyson Fan Control over MQTT via Serverless
Here’s an interesting use case. Nathan Glover set up a couple of Lambda functions to control a Dyson Fan by using the public MQTT endpoint.

Build a serverless data pipeline with AWS S3 Lamba and DynamoDB
More of a how-to, but goes to show an interesting use case for putting dependencies into a separate layer.

Async APIs
Richard Boyd’s post addresses a common use case for long-running or throttled asynchronous events.

If you’re new to Serverless… 🐣

What can serverless do for Node.js developers?
If you’re a Node.js developer and want to know how you can up your game with serverless, this short article will give you a good primer.

Best Practices for Serverless Development
Here’s another best practices post that will give you some good ideas whether you’re new to serverless or a hardened veteran.

How to Get Started With Serverless, Express and AWS Lambda
If you are thinking about migrating your Express app to a monolithic Lambda function, this post’s for you. While not a best practice, this is a common use case for those just getting started. I’ll allow it (for now). 😉

Serverless FAQ
Have questions about serverless? Know someone that does? This short post by the Serverless Gurus answers some of the common questions that our newbie friends might have.

Deploy your existing Nodejs APIs in serverless 
Another post about using the Serverless Framework to migrate your Node.js workload to Lambda. Some helpful setup tips in here as well.

Create a Highly Scalable Image Processing Service on AWS Lambda and API Gateway in 10 Minutes
This is a detailed walkthrough of how to use the AWS console to setup an image processing service with Python. This is a good post for the beginner because it walks you through all the configurations by hand. But please, learn how to write this as IaC before you go into production.

Serverless Tutorials 👷‍♂️

Everything you ever wanted to know about the Amazon DynamoDB console but were afraid to ask: A detailed walkthrough
If you’ve been using DynamoDB for awhile, you’ve likely been using CloudFormation to build your tables. This is a good post to show us how powerful the console is when you want to explore your data and configurations.

How to Configure and Connect to Serverless MySQL Database
For many a developer, you will need to pry RDBMS from their cold dead hands. That’s okay. I still use MySQL with some of my serverless applications (yes, it is possible). This is a good tutorial to show you how to get a cluster configured and connect from an execution environment.

Dynamize your resources’ parameters with the Serverless Framework!
This is a helpful post that shows you how to inject parameters into your serverless application configurations. This is extremely useful for managing variables between stages.

How to set up AWS accounts for multiple product environments
This is an extremely common use case, and if you’re not in the business of setting up nested AWS accounts all the time, it’s easy to get confused. Paul Swail has this nice write up that should save you some time.

Creating an AWS DocumentDB Cluster
The Serverless Gurus have been busy this past week. Here is another great post that will walk you through setting up a new AWS DocumentDB Cluster. Whether you should or not is another question.

Sharing Lambda Layers and Restricting Your Own Usage
Zac Charles has a great post that gives you some of the ins-and-outs of sharing Lambda Layers. If you’re planning on publishing your own, this is a useful guide to make sure you get the permissions right.

Securing APIs in Serverless (AWS Lambda)
A detailed post that shows you how to secure your API Gateways using Amazon Cognito. Not always as straightforward as you might think.

Tutorial: Setting up a private subnet on AWS
If you need to use VPCs with your serverless components, use this guide to configure your environments correctly.

Serverless Stories 📖

How Shamrock transacts billions of dollars with Serverless Framework Enterprise
Great story about Shamrock moving from containers to Lambda using the Serverless Framework. They are apparently using a “multi-cloud” strategy, so let’s see how that plays out.

ETL (Extract, Transform, Load) in Insights
Shiyang Fei discusses the decision making process that Compass used to choose between Apache AirFlow and AWS Step Functions. Lots of pros and cons outlined in here, and spoiler alert: they chose Step Functions.

Reflections on Serverless:From SOA to Serverless part 2
An interesting discussion from Diego Pacheco describing the architecture evolution from SOA to Serverless. Part 2 focuses on strategy evolution and architecture strategy.

Serverless Reads 👓

What AWS Lambda Users Should Know About Azure Functions, and Vice Versa
I’m a huge AWS fan, but it’s good for us serverless developers to see what other cloud providers are offering. Mahdi Azarboon gives us a breakdown of the differences between Azure Functions and Lambda.

Understanding the scaling behaviour of DynamoDB OnDemand tables
Yan Cui gives us another excellent post that takes a deep dive into DynamoDB on-demand tables. He’s got everything you need to know about costs, auto-scaling, and pre-warming to handle massive throughput.

Lambda Concurrency Limits and SQS Triggers Don’t Mix Well (Sometimes)
Another great post by Zac Charles that highlights some of the issues around SQS Triggers with Lambda functions. The ability to consume SQS with Lambda was a welcome addition, but you need to be a bit prescriptive when configuring your concurrency and redrive policy settings.

A Serverless 2.0 point of view
Alain Rouen says the evolution in the serverless movement is arriving and explains why it is important to understand it and how it will change the way we build apps.

3 Tips to Control the Cost of AWS Lambda
Emrah Samdan from Thundra gives us three excellent tips to help you reduce your Lambda costs.

Can you use database pooling with serverless?
Alastair Taft asks this question and gives us five possible solutions for using database pooling with Postgres and AWS Lambda. Luckily for us, AWS is working on better solutions for this problem.

The main stories from QCon London ’19
QCon London was last week, and Alex Wauters gives us a good roundup of the event. There is an interesting discussion about serverless in here.

Introduction to Monitoring Serverless Applications
A good read that will give you the basics.

When you’re wondering what AWS has been up to… 🛠

AWS Amplify Console supports instant cache invalidation and delta deployments on every code commit
Great new feature that will automatically invalidate CloudFront caches when you publish new code. If you’ve ever needed to do a manual cache invalidation, you’ll appreciate this.

Automate Releases to the AWS Serverless Application Repository using AWS CodePipeline
Eliminate the need to use the SDK or console to publish changes to your SAR apps. No more extra code needed. 👍

AWS Step Functions Adds Tag-Based Permissions
Control access based on tags using AWS Identity and Access Management. Very cool.

New Amazon SNS Console Now Available
Updated user interface in the new Amazon SNS Console is optimized for screens of all sizes, making configuration, management, and monitoring more accessible on a variety of devices.

Upcoming Serverless Events 🗓

Serverless Application Troubleshooting
This webinar, tomorrow (March 13th), features Erez Berkner talking about gathering the right data and improving your team’s velocity with distributed serverless visibility and monitoring.

AWS Lambda Security: Inside & Out
Mike Deck, Principal Solutions Architect at AWS, and Ory Segal, CTO & co-founder at PureSec, are running a webinar covering deep topics in serverless and AWS Lambda security. Happening on April 3, 2019.

Serverless Star of the Week ⭐️

There is a very long list of people that are doing #ServerlessGood and contributing to the Serverless community. These people deserve recognition for their efforts. So each week, I will mention someone whose recent contribution really stood out to me. I love meeting new people, so if you know someone who deserves recognition, please let me know.

This week’s star is Zac Charles (@zaccharles). Zac is Lead Engineer at JUST EAT and has been quite prolific lately with his serverless blog posts. He shares a lot of his work with C# and .NET on AWS Lambda and has a number of open source projects including LambdaNative and LambdaRemoteDebug. He’s also an active voice on Twitter. Keep the great content coming, Zac. The community appreciates it! 🙌

Final Thoughts 🤔

ServerlessDays Boston is in full swing and there have already been several amazing talks, with many more to go. If you’re here, come say “HI!” and make sure you grab some “Off-by-none” stickers. Looking forward to writing a few follow up posts on what we learned today. Just need to decompress first.

I hope you enjoyed this issue of Off-by-none. Please feel free to send feedback and suggestions so I can keep making this newsletter better each week. You can reach me via Twitter, LinkedIn, Facebook, or email and let me know your thoughts, criticisms, or how you’d like to contribute to Off-by-none.

And please do me the honor of sharing this newsletter with your friends and coworkers who might be interested in serverless. It would be greatly appreciated. 👍

Take care,
Jeremy

Off-by-none: Issue #27

Let’s focus on business value…

Welcome to Issue #27 of Off-by-none. Thanks for being here! 🙌

Last week we discussed whether or not serverless is really dead and met some new serverless heroes. This week we look at Lyft’s AWS bill, share lots of serverless tutorials, use cases, and stories from the community… and shamelessly plug ServerlessDays Boston!

So much happening with serverless, so let’s jump right on in. 🏊‍♂️

When you find out that Lyft is spending $8 million per month on AWS… 💰

The other day, as part of Lyft’s IPO filings, it came out that they are obligated to spend $300 million on Amazon Web Services by 2022. It seems like a big number (~$8M per month), but according to Corey Quinn on Twitter, it works out to something like $0.14 per ride. Whether that is considered a lot or a little is up to the number crunchers, but it seems to me that the cost (and headaches) of owning your own global network of data-centers would cost a heck of a lot more than that.

We know that Lyft is using a wide variety of AWS services (including Lambda, DynamoDB and other serverless offerings), but another interesting part of this story has to do with what “all-in” with AWS really means for some of its other vendors. After this news came out, MongoDB shares plummeted due to speculation that this might mean that Lyft would be moving from MongoDB to AWS’ new DocumentDB. There has been no confirmation from either side, but according to that article, Lyft “is quite dissatisfied with Mongo’s performance and is in the process of a massive database migration.”

This may be bad news for MongoDB, but I think it goes a bit deeper than that. To me, this seems like more confirmation of the “Multi-Cloud Fallacy.” I’m a huge supporter of open-source, but the business model is going to need to find a way to adapt to the changing cloud economy. At scale, multi-cloud strategies continue to breakdown, and consolidating and collocating your applications and data in hyperconnected data-centers, IMO, will be the preferred approach. Something to think about when choosing your vendors.

Serverless Use Cases 🗺

Sending funny dog GIFs using AWS IoT Button and Lambda
This is clearly the best use case for serverless that I’ve ever seen. 😂 But seriously, IoT is a great serverless use case, and I’m thinking about ordering one of those buttons just to do something fun like this.

Serverless collaboration
A quite fascinating look at how you can use WebRTC to create “serverless” communication between browsers. There are some limitations, but this is pretty cool.

How a Monolith Architecture Can Be Transformed into Serverless
Kyle Galbraith has a great piece that outlines a number of use cases for “movable” parts of your monolithic architecture and how they can be adapted to serverless. He also points out some limitations that make certain components “unmovable” due to things like high memory requirements or low latency. He concludes that serverless is not the future because of the need for other types of workloads. Agree to disagree. 😉

A Typescript Runtime for Lambda and Why You May Not Want To Use It
Matthew Bonig wrote a custom TypeScript runtime for Lambda, and then wasn’t happy with the performance. From my experience, performance with custom runtimes has been quite good, but something to consider if you’re thinking about building your own.

ArcGIS in Lambda
Interesting use case that ties ArcGIS management into Lambda functions. I’m sure there is much more you could do with this API that could allow for additional mapping capabilities.

Serverless Computing with Drupal
It’s only a matter of time before WordPress ends up in a Lambda function. Luckily, the team at Opensense Labs took a slightly different approach with Drupal. The article spends quite a bit of time justifying serverless, but key take away is the use of CloudFront as a caching layer to globally distribute your CMS.

If you’re interested in some serverless product announcements… 📢

Announcing OpenTracing Compatibility for Go Agent
Golang continues to gain popularity on AWS Lambda, and now Thundra has extended their Go Agent to allow you to manually instrument your functions with the OpenTracing interface.

Aqua Security Introduces Industry’s First Serverless Function Assurance for Securing Serverless Environments
I’m not sure it’s actually the first, but this shows continued investments into the severless security space. Detecting vulnerabilities and over-provisioned roles is a good first step, but restricting execution based on defined policies is pretty cool.

If you’re new to Serverless… 🐣

Serverless computing 101 for developers
Rodric Rabbah (one of the original creators of Apache OpenWhisk), gave a great interview with App Developer Magazine about serverless. It is a good introduction to the overall landscape (a bit skewed to open source, of course), but does a great job explaining some of the key concepts. Most important takeaway: “What developers are showing us is that serverless will become the way you develop all applications in the future.”

Five Frequently Asked Questions about Serverless
Micah Adams answers five questions that I’m sure most teams new to serverless will be asking. While I don’t agree completely with all his answers, it is good to see these types of questions being raised.

Serverless Architecture using Serverless Framework and AWS Lambda
This quick tutorial from Atin Kapoor gives newbies a step-by-step guide that should get them up and running fast.

How to explain serverless in plain English
I keep trying to refine my own pitch for the uninformed, but this post gives a nice roundup of definitions by some industry experts. Might help you better explain what you do to your significant other.

Three Projects to Get You Started with Serverless in 2019
Alex DeBrie has another great post that outlines starter projects for Ops engineers, web developers, and “anyone that wants to be a hero,” so they can jumpstart their serverless journey.

Cutting Through the Layers: AWS Lamba Layers Explained
Michael Lavers from IOpipe gives a great overview of Lambda Layers and what they’re good for. There is a mention of using layers as composition, but I still think there is a bigger opportunity here beyond just importing prebuilt packages. I have to work on that.

Serverless Tutorials 👷‍♂️

DynamoDB TTL as an ad-hoc scheduling mechanism
Yan Cui runs a series of experiments to see if you can use DynamoDB TTLs as a way to build a massively scalable scheduler system. Unfortunately, there just isn’t enough precision for certain tasks, but could certainly be useful in a number of circumstances.

There Is More than One Way to Schedule a Task
Zac Charles followed up on Yan’s post and offered some alternative approaches to scheduling a task, including SQS Delay Queues, SQS Message Timers, SQS Visibility Timeout, and my favorite, Step Functions.

OpenWhisk Web Action Errors With Sequences
James Thomas has a great post that explains the power of Action Sequences with OpenWhisk Functions and how you can tie those to synchronous web actions. Function composition is still one of the most confusing aspects of serverless, but Action Sequences are an interesting approach.

Setup CI/CD pipeline with AWS Lambda and the Serverless Framework
Lorenzo Micheli walks you through setting up a CI/CD pipeline for your serverless projects, complete with approval steps.

AWS Infrastructure as Code with CDK
If you’re not a fan of CloudFormation and you’d like to use a more familiar programming language to manage your infrastructure, Ross Rhodes’ post will teach you how to use the AWS Cloud Development Kit to configure a simple serverless application.

Using Little’s Law to estimate IP capacity in VPC for AWS Lambda
If you still need to use VPCs with your Lambda functions, you need to make sure you have enough IPs available for your ENIs. Vladyslav Usenko shows you some quick calculations to make sure your CIDR blocks aren’t too small.

Building serverless apps with components from the AWS Serverless Application Repository
Aleksandar Simovic reminds us that we should not be reinventing the wheel if someone has already created a good solution. The AWS SAR is loaded with really great apps to jumpstart your serverless projects.

AWS Lambda for .NET Developers
If you love .NET core, this great post by Marc Roussy will give you some good insight and all the details you need to run .NET on AWS Lambda.

Serverless Stories 📖

Paul Swail has an excellent series of posts documenting the decisions he needs to make in order to Migrate a Monolithic SaaS App to Serverless. In part two, he tackles Routing requests away from a legacy API. This should be an interesting set of posts to keep up with.

Painless Serverless: Destructuring services into functions automatically
Not sure how effective this would actually be (nor is the author) but the basic idea is to take a monolithic service and automatically break it down into discrete serverless functions. Interesting idea.

Going serverless: How we migrated our customer websites to AWS Lambda
Andy Buckingham and his team over at Aiir built a custom PHP Lambda Layer to replace nginx based web servers. I’m assuming they are using Lambda like mini servers (so maybe not the best use case), but they are taking advantage of ALBs instead of API Gateways, so that’s interesting.

How we migrated from monolithic to serverless mentality
This is just a short write-up by Darlei Soares that shows how quickly small teams (with the right mindset) can start to implement serverless architectures.

Serverless For Devops Teams
A list of “weird and wonderful use cases that the DevOps team” at Space Ape has found for Lambda functions.

SEEKing Serverless with DevopsGirls
Just a nice story about people coming together and volunteering their time to spread the idea of serverless, one small bootcamp at a time.

Serverless Computing: The Story of Success
The story of how the JetRuby Agency built a serverless application for a client, what technologies they used, how many people it required, and how long it took. Interesting read.

Serverless Reads 👓

Macroservices vs. Microservices vs. Serverless: the story of a modern solution architect
Mick Roper takes us through his decision making process when choosing a particular design pattern.

Why I, A Serverless Developer, Don’t Care About Your Containers
An important point in here while we continue to argue about what makes something “serverless.” Developers won’t really care about any of it as long as the providers are managing the services for them.

Serverless Architectural Patterns
Eduardo Romero outlines several useful patterns that you can use with your serverless applications. Lots of excellent links at the end as well.

Industry predictions for 2019
A good overview of how companies think about moving to the cloud and why leapfrogging containers might be the better approach.

Project Management In The Age Of Serverless
Robert Ayres argues that project managers need to know more about the technology as their teams adopt serverless. This posts lays out a number of factors to consider when defining your project management methodology as well as outlining the impact of emerging technologies on your projects.

Amazon DynamoDB auto scaling: Performance and cost optimization at any scale
Helpful post that gives an overview of how auto scaling works and how to use it to reduce your overall costs.

How Might Serverless Impact Node.js Ecosystem?
Aditya Modi asks an important question, especially when it comes to the size of third-party Node.js libraries. As he says, it takes time to load dependencies into memory, which can affect cold start times. Doesn’t mean we avoid libraries, it just means we need to be smarter about how we optimize them.

When you’re wondering what AWS has been up to… 🛠

Amazon Aurora Serverless Publishes Logs to Amazon CloudWatch
Don’t know how I missed this last week, but this is big. A major deficiency with Aurora Serverless was the inability to see your log files. You can now publish general logs, slow query logs, audit logs, and error logs directly to CloudWatch.

Resource Groups Tagging API Supports Additional AWS Services
Step Functions was added to the list, so more useful ways to organize and track your serverless application components.

Amazon Athena Now Supports Resource Tagging
The Athena Workgroup resource lets you separate query execution and query history between Users, Teams, or Applications running under the same AWS account, and now you can tag them for better insight for billing.

Amazon DynamoDB adds support for switching encryption keys to encrypt your data at rest
Probably not a common need, but it’s good to know that you can do this.

Introducing AWS X-Ray support for Python web frameworks used in Serverless
If you use Flask or Django with your serverless Python apps, you can now auto instrument them with X-Ray, which is pretty cool.

Upcoming Serverless Events 🗓

ServerlessDays Boston is next week Tuesday, March 12th! If you haven’t bought your ticket yet, you still have time. They are only $49 and include breakfast, lunch, happy hour drinks, and an amazing lineup of speakers. If that’s not enough, Christina Wong and I will be emceeing the event, so you don’t want to miss our comedy stylings. 😉

ServerlessDays Helsinki is on April 25th. Tickets are on sale now and the CFP is still open. ServerlessDays Tel Aviv is on June 4th (CFP is open).  And the Call for Papers for Serverless Computing London is also open.

If you don’t feel like traveling, Yan Cui is teaching an online training course for Designing Serverless Architecture with AWS Lambda on April 15th and 16th.

When you prefer multimedia… 📽

And speaking of ServerlessDays, all the ServerlessDays Cardiff 2019 videos are now available for your viewing pleasure. Lots of great stuff in there.

I also came across this video to help you Understand Serverless Kubernetes and Serverless on Kubernetes. It’s short, and actually worth watching if you are curious as to what Azure actually means by these terms. The idea of “nodeless” Kubernetes is particularly interesting.

The lasted episode of the Think FaaS Podcast finishes up a three part interview with Yan Cui. From DevOps to FinDev gives you a good overview of what FinDev is and why serverless plays an important role. However, we have to deduct 1 point because it went over the 15 minute timeout. 😬

Serverless Security 🔒

AWS Security Best Practices for API Gateway
Ory Segal from PureSec lays out the different ways that you can control access to your AWS API Gateways and gives you some best practices to make sure you keep your serverless functions secure.

The 12 Most Critical Risks for Serverless Applications 2019 Guide
PureSec also published a new guide that outlines the 12 Most Critical Risks for Serverless Apps. While serverless apps are more secure just given the fact that the provider is managing the infrastructure, it’s important to remember that the application code is still our responsibility.

5 Best Serverless Security Platform for Your Applications
A quick list and overview of five of the main serverless security platforms that are available to you.

Injection Attacks: Protecting Your Serverless Functions
Another reminder that event injection is a little different with serverless applications. Good overview of the issue, plus some mitigation strategies using Stackery and Twistlock.

When you’re looking for some serverless insights on Twitter… 🐦

A clever post by @mykola that does a great job explaining Eventual Consistency.

A valuable insight from Dwayne Monroe‏  that  “the age of bespoke IT needs to end, serverless is the method.”

Joe Emison also made a good point about people who see serverless as just as FaaS.

And Forrest Brazeal asked what is the most underrated AWS service? He got some pretty good answers.

Serverless Star of the Week ⭐️

There is a very long list of people that are doing #ServerlessGood and contributing to the Serverless community. These people deserve recognition for their efforts. So each week, I will mention someone whose recent contribution really stood out to me. I love meeting new people, so if you know someone who deserves recognition, please let me know.

This week’s star is Matt Weagle (@mweagle). Matt is another recently named AWS Serverless Hero and a valuable member of the serverless community. He organizes the Seattle Serverless Meetup and is a co-organizer of Seattle Serverless Days. You can find his serverless musings on Medium as well as his Twitter feed. Matt’s GitHub is loaded with sample serverless applications as well as his Sparta project, a Go framework for building serverless microservices with AWS Lambda. 👍

Final Thoughts 🤔

I’m curious what your thoughts are about the new format of the newsletter. I’ll be experimenting a bit more in future, so please let me know what you like (or don’t like) about it.

I hope you enjoyed this issue of Off-by-none. Please feel free to send feedback and suggestions so I can keep making this newsletter better each week. You can reach me via Twitter, LinkedIn, Facebook, or email and let me know your thoughts, criticisms, or how you’d like to contribute to Off-by-none.

And please do me the honor of sharing this newsletter with your friends and coworkers who might be interested in serverless. It would be greatly appreciated. 👍

See you next week (hopefully at ServerlessDays Boston),
Jeremy

Off-by-none: Issue #26

Introducing the new serverless heroes…

Welcome to Issue #26 of Off-by-none. It is great to see you all again! 😃

Last week we thanked IOpipe for supporting open source and explored some helpful serverless architectural patterns provided by AWS and others. This week, we figure out if serverless is really dead, meet some new serverless heroes, and share lots of great content and stories from the community.

It was a busy week for serverless, so let’s get to it. 🚀

When you’re holding out for a hero ’til the end of the night… 👨‍🚀👩‍🚀

AWS announced its latest round of AWS Serverless Heroes, including Ant Stanley, Matt Weagle, Kurt LeeShingo Yoshida, and me! ☺️ It is an incredible honor to be welcomed into this remarkable group of people doing amazing things with serverless. And a huge thank you to all of you for reading this newsletter, my blog posts, and my Twitter ramblings. If it wasn’t for you sharing and retweeting, this wouldn’t have been possible. 🙌

I already had quite a few things planned for 2019, and this just makes me want to do more to help the serverless community learn and grow.

When you hear a rumor that Serverless is Dead… ☠️

Chris Munns of AWS gave the closing keynote at ServerlessDays Austin and proclaimed that Serverless is Dead! Don’t worry, “Modern application development using managed services that provide opinionated event-driven interfaces” isn’t going away. This was about the death of the term by “extreme buzzword trauma,” as he called it. I had tried to tell people to Stop Calling Everything Serverless, but I think Chris is right, our enemies were too many. 🧟‍♂️

So what do we do now that the term “serverless” is being applied everywhere to everything? We could try to ignore it, or as Chris said, “we should instead be focusing on what we’re seeing to be the new way of doing modern application development.” This is an important point. While confusion is sure to abound, and perhaps have a short term impact on adoption, eventually, “serverless” will just be the way to build applications in the cloud.

In Paul Johnston’s most recent post, Cloud 2.0: Code is no longer King — Serverless has dethroned it, he argues that code is a liability. The evolution of the cloud will be in understanding what services to use and when, and perhaps more importantly, when not to write code. This allows teams to build faster and solve problems that actually impact customers, as opposed to unnecessary problems they bring on themselves.

Okay, so maybe it’s too late to salvage the term “serverless”, but the vision and the evolution is just beginning. To quote Chris again, “Long live serverless!” 

When you’re looking for the latest serverless announcements… 🔈

Serverless Framework v1.38 has been released, now with support for WebSockets. So that’s pretty cool.

Last week, we mentioned that IOpipe was sponsoring my Lambda API and Lambda Warmer open source projects. This is actually part of their New Serverless Open Source Sponsorship Program, so look forward to more generous sponsorships in the future.

Stackery just announced their new pricing plans, which includes a free developer tier. If you’d rather use a visual interface instead of going cross-eyed writing YAML files, give them a look.

For those of you that love to get your Java on, Microsoft announced the general availability of Java support in Azure Functions. Even cooler, you can use the Azure Functions Maven plugin to create, build, and deploy your functions from any Maven-enabled project.

When you want some expert advice… 👩‍⚕️

ServerlessDays Boston is in 2 weeks! Tickets are only $49 and include breakfast, lunch, drinks at the happy hour, and an insane amount of serverless knowledge from an amazing lineup of speakers. Please spread the word to your friends and colleagues.

James Beswick joins a webinar with Stackery on February 27th to teach you how to Save time and money with AWS Lambda using asynchronous programming.

If you want to know How to Accelerate Serverless Adoption, sign up for this webinar on March 7th with Shannon Hogue from Epsagon and Avner Braverman from Binaris. Should be interesting.

If you want more from Epsagon, you can also sign up for the Best Practices to Monitor and Troubleshoot Serverless Application webinar on March 7th as well.

The AWS Serverless Webinar: Unleash Innovation & Enable Legacy (Four-Part Session) is scheduled for Thursday, March 21st. AWS’s Steve Liedig will be joined by new AWS Community Hero, Aileen Smith, and others, for what’s sure to be a very educational series of sessions.

A Cloud Guru announced that Serverlessconf 2019 will be held from October 7th through the 9th in New York City. Definitely looking forward to this.

When you want to hear some interesting Serverless Stories… 📖

There certainly is a learning curve for serverless, and even those of us with a lot of experience tend to scratch our heads now and again. In Dear deployment diary: serverless is f**king hard, the author points out the challenges that larger companies face when the line between developer and operations become blurred.

On the subject of serverless not always being easy, Pavol Fulop gives us some Takeaways from using AppSync, which entails a lot of struggles. It’s always interesting to hear where people are getting stuck.

For those of you that have been putting off building that side project, here’s another example of how a developer created a MVP in 1 week for $10 while working a full-time job. It’s not the most complex app, but it goes to show how quickly serverless can get you up and running.

Benedikt Eckhard’s piece, My First Alexa Skill — Lessons Learnt, is an in-depth look at how he went about designing, building, deploying, and testing an Alexa skill. Some really good lessons in here.

Jeff Lu explains how his team took a serverless approach to Weather Underground in order to generate Intellicast radar maps.

And, Things about serverless I wish I used from the start by Antonio Terreno is a quick hit list of some simple tips that can save you quite a bit of time.

When you’re wondering what’s going on around the AWS universe… 🤓

Simon-Pierre Gingras published a very helpful AWS S3 Batch Operations: Beginner’s Guide for us to start thinking about all the amazing things we’ll be able to do with this. S3 Batch is still in preview mode, but when it goes GA with Lambda support, the possibilities will be endless.

Last week, we mentioned the new AWS Solutions catalog that contains vetted, technical reference implementations that can help you solve
common problems with prebuilt CloudFormation templates. Kira Hammond built this useful AWS Solutions Update Feed that you can subscribe to, triggering an email, SQS message, or Lambda function when new solutions are added. And of course, it’s 100% serverless. 😉

Jerry Hargrove (aka @awsgeek) has some new visual notes on Amazon Transcribe. As more and more people move to audio and video on the web, I think they’ll find this to be an incredibly handy service.

If you’re curious how Jerry Hargrove keeps producing these amazing pieces of content, check out his How I Create Visual Notes at awsgeek.com — My Step-by-Step Process.

And if you like visual things, the newly released AWS Architecture Icons are available for download.

Finally, If you need your weekly dose of snark, check out Corey Quinn’s guest appearance on What’s New with AWS – Week of February 11, 2019 with Jeff Barr. Nothing serverless in here, but always good to see AWS having a little fun.

When you want to be inspired by some serverless use cases… 🗺

Alex Casalboni’s new post, Design patterns for high-volume, time-series data in Amazon DynamoDB, is a great example of how breaking with best practices sometimes creates a better solution. Beyond just this use case, there are likely several other practical reasons to auto-provision DynamoDB tables.

Nikolay Nemshilov has a fascinating read on building a Serverless Genetic Algorithm. Genetic algorithms are an extremely powerful problem solving mechanism and Nikolay demonstrates a quick and dirty solution using parallelization with Lambda functions.

Scott Ringwelski from Handshake has a post that explores Serverless Use Cases At Startups. I think he offers a fresh perspective on how mid-size startups could take advantage of serverless and how implementing odd jobs and internal automation might be a great place to start.

Lambda@Edge: Why Less is More is a good introduction to get you thinking about how powerful computing at the edge can be. There are a lot of use case around this concept, and Nuatu Tseggai from Stackery, points out a whole bunch.

When you’re looking for serverless brain candy… 🍬

Why serverless is revolutionary for product managers by James Beswick is 20 years of software development wisdom wrapped up into a 9 minute read. There is so much to unpack here, I think you just need to read it yourself.

John Demian from the Dashbird is Getting down and dirty with metric-based alerting for AWS Lambda in his new post. There are some helpful definitions in this post that explain the metrics captured by CloudWatch as well as how to set up alarms. There’s also a nice chart that shows you how observability platforms like Dashbird can extend the basic metrics and search capabilities of CloudWatch.

Making AppSync Easier with Thundra gives some more insight into how observability platforms can make monitoring and debugging your serverless applications so much easier. Using Lambda as an AppSync datasource is obviously incredibly powerful, but as this piece points out, debugging it can get a bit tricky.

Nader Dabit had some thoughts on the new Serverless paper from the folks over at Berkeley. Cloud Programming Simplified: Simplified points out a few key points from the paper and offers some of Nader’s thoughts.

Mikhail Shilkov’s new Evergreen Serverless Performance Reviews has taken his fantastic posts and made them even better. He’s now tracking the performance of serverless functions from various cloud providers and has automated them so they’re always up-to-date.

Alex DeBrie has another excellent post entitled, AWS API Performance Comparison: Serverless vs. Containers vs. API Gateway integration. Which one should you use for your workload? It depends, but Alex has some recommendations for you.

In Chaos test your Lambda functions with Thundra, Yan Cui shows us how to use an observability platform to inject errors into our serverless application and then trace them to make sure the proper fallbacks are in place. Great advice and an excellent use of these third-party tools.

When you just want to build something serverless… 🏗

Marcia Villalba has another great video that shows you how to build a Simple application with API Gateway Websockets. This is an incredibly powerful feature of API Gateway that opens up some really great use cases (and no, it’s not just chat). 💬

How to Use AWS Lambda to Send High Volume Emails at Scale outlines a serverless architecture that could give you some ideas of your own. Definitely a useful pattern if you want to own your own mass email generation.

Serverless Functions in Depth is a great tutorial for front-end developers looking to get started with serverless. I think using Amplify CLI will resonate with devs familiar with some common build tools.

For something a bit more advanced, this tutorial will show you how to create A predictive engine API deployment with AWS and serverless in minutes.

Building a Serverless Mixpanel Alternative. Part 1: Collecting and Displaying Events is the first part of a tutorial series on building an analytical web application with Cube.js. Lots of useful concepts in here.

How to build a serverless web crawler, another great post by James Beswick, will take you through several different ways to build a classic web crawler using combinations of Lambda, DynamoDB streams, SQS queues, S3 and more.

Serverless Star of the Week ⭐️

There is a very long list of people that are doing #ServerlessGood and contributing to the Serverless community. These people deserve recognition for their efforts. So each week, I will mention someone whose recent contribution really stood out to me. I love meeting new people, so if you know someone who deserves recognition, please let me know.

This week’s star is Ant Stanley (@IamStan). Ant was recently named an AWS Serverless Hero, and for good reason. When he’s not consulting, he’s running the Serverless User Group in London, organizing ServerlessDays London, and helping organizer around the world as part of the global ServerlessDays leadership team. He was also a co-founder of A Cloud Guru and organized the first ServerlessConf event back in 2016. I think he’s done more to spread the word of serverless than anyone else. His blog and Twitter account are also great sources for serverless insights.

Final Thoughts 🤔

I can’t thank you all enough for being a part of this newsletter. I can’t believe it’s already been six months since we started this! I try each week to capture and disseminate important and interesting stories and announcements, but I could always use more help. If there are great stories that need to be heard, or interesting use cases, or people who you feel deserve to be the star of the week, please send them to me. This newsletter is as much yours as it is mine.

I hope you enjoyed this issue of Off-by-none. Please feel free to send feedback and suggestions so I can keep making this newsletter better each week. You can reach me via Twitter, LinkedIn, Facebook, or email and let me know your thoughts, criticisms, or how you’d like to contribute to Off-by-none.

And please do me the honor of sharing this newsletter with your friends and coworkers who might be interested in serverless. It would be greatly appreciated. 👍

Until next time,
Jeremy

Off-by-none: Issue #25

Serverless architectures for the rest of us…

Welcome to Issue #25 of Off-by-none. Thanks for joining us! 👍

Last week we discussed the UC Berkeley paper about serverless and pondered how SaaS providers should be thinking about serverless integrations. This week we thank IOpipe for supporting open source, explore some helpful serverless architectural patterns, and share plenty of great content and stories from the community.

A lot happening with serverless this week, so let’s get to the good stuff. 🍰

When you care about supporting the open source community… 🎗️

I am super excited to announce that IOpipe is now sponsoring two of my serverless open source projects! Lambda API and Lambda Warmer are projects that aim to make building serverless applications easier, and now with the generous financial support from IOpipe, I can make them even better. First item on the agenda: push Lambda API to a stable v1 release so that organizations can more easily build and test serverless applications before shifting their workloads with the strangler pattern.

When you’re not sure how to design your serverless architecture… 🤷‍♂️

When I first stared working with serverless applications, my biggest challenge was wrapping my head around event-driven architectures and function composition. Building small, single-purpose functions makes sense, but as soon as you start trying to figure out how they all efficiently communicate with one another (and with other services), the options can become overwhelming.

So which “pattern” do we use? The default answer always seems to be “it depends,” which, is usually not that helpful. Luckily for us, the good folks over at AWS have put together a new resources called AWS Solutions. This is a collection of vetted, technical reference implementations designed to help you solve common problems and build applications faster. These solutions cover a number of categories, but there’s a great section on serverless.

Everything from building an Ops automation tool, to centralized logging, to predictive analytics using SageMaker is covered. They even have a solution for our favorite serverless use case: image processing 😉. But seriously, these solutions include deep technical references, source code, architectural drawings, and the ability to launch the solution directly. If you are thinking about building anything on AWS, this is an amazing reference to inspire you and help you work through your own solution.

And speaking of amazing references, Rob Gruhl from Nordstrom has published the first article in a series entitled Adventures in event-sourced architecture. Event-sourcing is another pattern for distributed systems that is very effective for building large-scale, loosely coupled microservices. By using a distributed ledger to capture event stream data, you provide a tremendous amount of flexibility while increasing data quality and system reliability. I highly suggest reading this piece, even if it’s just to get the old gears turning. ⚙️

What to do if you prefer a serverless multimedia experience… 🍿

Forrest Brazeal is back with his Think FaaS Podcast. This week he discussed “Serverless In Production” with Yan Cui, another AWS Serverless Hero and serverless wizard. 🧙‍♂️

Marcia Villalba spends some more time sitting on the terrace at the Venetian talking about Serverless with Nitzan Shapira. Nitzan’s the CEO and co-founder of Epsagon, and knows his stuff when it comes to serverless observability.

And on the topic of people who know their stuff, Jeff Hollan talks about Azure Functions and the future of Serverless in the Enterprise in this talk for SSW TV.

When you want the latest serverless announcements… 📢

Nubewa has come out of stealth mode with a hefty $4.8M seed round. How Nuweba Brings Serverless Computing into the Mainstream explains a little more about what the company does and their plans for the future. More financial investments into the serverless ecosystem is always good news. 💰

Thundra released a new User Interface which helps you Identify “Jobs To Be Done.” This makes taking the right actions more intuitive when new events happen. I like this approach as it goes beyond just traditional alerts.

When people can’t stop talking about serverless security… 🔑

If you’re using Amazon GuardDuty and you want a better way to analyze the results, this post will teach you How to visualize Amazon GuardDuty findings using a completely serverless backend.

Insufficient logging in any system can lead to security issues simply because you don’t have enough data to see what’s happening within your application. Serverless implementations mostly require us to handle logging ourselves. In Securing Serverless Applications with Critical Logging, Renato from Dashbird points out some of the most important things that should (and shouldn’t) be logged from our serverless functions.

And Baffle released it First Data Protection Solution for AWS Lambda Serverless Compute, which essentially provides a data management layer that automatically encrypts and decrypts data as it is passed back and forth to Lambda functions.

When you don’t have enough frequent flyer miles… ✈️

If you weren’t able to attend ServerlessDays Cardiff, there’s a nice write up here. And ServerlessDays Hamburg was also a great success. Here’s a breakdown of Day 1 and Day 2 so you can see what you missed 😉. And there are plenty more ServerlessDays events coming up, including Boston and the recently announced ServerlessDays Helsinki.

If you don’t feel like traveling, Lumigo is hosting a webinar on the 7 things you need to know before going serverless.

Ory Segal from PureSec and Dan Cornell from Denim Group are hosting An OWASP SAMM Perspective on Serverless Computing webinar this Thursday.

And finally, Ran Ribenzaft from Epsagon and Heitor Lessa from AWS, are hosting a Serverless Observability Webinar that’s sure to provide some excellent insights.

When you’re interested in some real-world Serverless Stories… 🔦

In My Experience With Serverless GraphQL, Amo Moloko walks through some of the major gotchas he experienced and shows you how to get around them.

Intercom shows us How they used DynamoDB Streams to visualize changes in frequently updated objects. Sort of a twist on the event-sourcing model we discussed earlier, but using data changes as events. It’s an interesting way to capture history without completely redesigning the data flow.

Chris Oh spend weeks trying to figure out the best way to deploy a Scala serverless Lambda function using Travis CI. Luckily for us, he documented what he went through here and provided all the code.

Reusing Connections Lambda Functions (POC) is an interesting read that shows what happens when you start to bump up against “non-serverless” components in your serverless applications. Nice shoutout to Serverless MySQL in there as well. 😀

Manav Kohli from Thanx wrote an in-depth piece that tells us How to Process Data with Terraform and Lambda. There are still some great serverless use cases for Terraform, though I’d rather control my serverless applications using SAM or the Serverless Framework.

Where to look for some thought-provoking serverless use cases… 👀

Alex DeBrie teaches us how to Connect AWS API Gateway directly to SNS using a service integration. There are plenty of use cases for bypassing Lambda, and Alex walks us through a very popular one.

Jason Mihalopoulos show us an example of Serverless Data Processing with AWS Step Functions that uses sentiment analysis to flag negative reviews.

CouchDB Filters with OpenWhisk Triggers is another great use case by James Thomas that shows you how to restrict document changes to only the events you care about.

And how about a use case that provides a serverless, single page web application and set of supporting API Gateway end points and backing Lambda functions, which allow users to upload videos into S3 and compute and edit closed captions? Good news, AWS Labs already took care of it for you.

When your brain needs some good serverless reads… 🔖

FinDev and Serverless Microeconomics: Part 1 is a great piece by Aleksandar Simovic that discusses the new economic paradigm that serverless brings to software and how understanding the business value, revenue, cost, and the relationships among them, touches nearly every aspect of your business.

Forrest Brazeal published a new issue of Cloud Irregular that discusses how IAM Is The Real Cloud Lock-In. For those of you that are chained to your Active Directory cluster, you’ll understand this all too well. And Forrest’s FaaS and Furious cartoon got its own site, so be sure to go and check the archives.

SignalFX published The Definitive Guide to Serverless Monitoring and Observability that points out the challenges associated with monitoring serverless applications. It’s a good read that will get you thinking about what additional tools need to be put in place.

Better local development for Serverless Functions by Shane Dowling takes you through the trials and tribulations of attempting to emulate cloud services locally.

A new blog called Serverless Life has just recently popped up. There are some interesting articles on there that can keep you busy reading for awhile.

The Developer’s New Role in 300 Serverless Environments is a great piece by Toby Fee of Stackery that talks about the pains and benefits of managing multiple cloud environments for your serverless projects. Separating resources using stages, accounts and versions can get a bit difficult to manage, but Toby argues the tradeoffs are worth it.

If you’re interested in how Fission (sort of like Knative) works, Four Techniques Serverless Platforms Use to Balance Performance and Cost is a really in-depth piece that looks at it from a number of angles.

When people are (maybe) trying to make serverless easier… 💁‍♀️

λ# (pronounced “Lambda Sharp”) is a Compiler for CloudFormation that  compiles all associated code, uploads all generated assets, and deploys a CloudFormation stack in a single command. Hmm.

Maxim Zaks is working on LIDL , an  Interface Definition Language for AWS Lambda. I haven’t formed any opinions around this yet, but I’d be interested to hear your feedback.

What to do if you’re new to serverless, and really like listicles…

John Demian from Dashbird gives you Ten Amazing Benefits of Serverless Technology, which you may want to compare and contrast with the Ten Attributes of Serverless.

If you are a Google fan, you can learn Everything You Need to Know About Google Cloud Functions in this post on the New Stack.

And finally, if you are overwhelmed by all the new serverless lingo, Paul Swail put together a Serverless Glossary for you.

When you want to fire up your IDE and get hands-on with serverless… 👩‍💻

Here’s a quick and easy guide to Using Cognito for users management in your Serverless application. Everything you need to get up and running.

This is another short post that teaches you how to Use Git with AWS CodeCommit Across Multiple AWS Accounts. Very handy feature if you are using different profiles for different repositories.

If you’re using OpenFaaS, How to build a Serverless Single Page App gives you a very detailed walkthrough of the code and infrastructure needed.

Zac Charles is back teaching you how to Remotely debug .NET in AWS Lambda (with Breakpoints). And Gavin Lewis shows you How to Debug .NET Core Lambda Functions Locally with the Serverless Framework.

When you’re glad AWS is keeping everything up-to-date… 🛡️

AWS jumped right on the Container Security Issue (CVE-2019-5736) and updated all of their affected services. Check the list to see if you need to take any action on your side.

For you IoT fans, AWS announced IoT Atlas, a collection of IoT designs available in an easy-to-use, searchable website. The designs are cloud-service agnostic, allowing you to use them under the Creative Commons license where ever you want.

Amazon Kinesis Data Firehose Announced Support for Custom Amazon S3 Prefixes. Great way to partition your data for faster querying with something like Athena.

And finally, Jerry Hargrove updated his Periodic Table of Amazon Web Services, just in case you weren’t confused enough by their seemingly endless set of cloud offerings. 😁

Serverless Star of the Week ⭐️

There is a very long list of people that are doing #ServerlessGood and contributing to the Serverless community. These people deserve recognition for their efforts. So each week, I will mention someone whose recent contribution really stood out to me. I love meeting new people, so if you know someone who deserves recognition, please let me know.

This week’s star is Rob Gruhl (@RobGruhl). Rob is a senior engineering manager at Nordstrom and an AWS Serverless Hero. His team has been using serverless architectures to build scalable solutions since the advent of the serverless era. Rob and his team have also created and released two major open source projects: Serverless Artillary and the amazing, Hello Retail. He has been discussing event-sourcing architecture in distributed serverless systems for quite some time, and his new series of posts we discussed earlier is sure to make this excellent pattern easier to grok. Thanks for your continued contributions, Rob! 🙌

Final Thoughts 🤔

Lots of good news for the serverless ecosystem this week! I really like the new AWS Solutions compendium that was released. I think it will help a lot of people struggling with these new design patterns. And, of course, investments in companies like Nuweba are positive indicators that the space is continuing to grow and mature. Always more work to do, but it is great to see the pace of serverless adoption speeding up.

I hope you enjoyed this issue of Off-by-none. Please send feedback and suggestions so I can keep making this newsletter better each week. Feel free to contact me via Twitter, LinkedIn, Facebook, or email and let me know your thoughts, criticisms, or how you’d like to contribute to Off-by-none.

And please share this newsletter with your friends and coworkers who are interested in serverless. I shall be eternally grateful. 🙇‍♂️

See you next week,
Jeremy