Serverless architectures for the rest of us…
Welcome to Issue #25 of Off-by-none. Thanks for joining us! 👍
Last week we discussed the UC Berkeley paper about serverless and pondered how SaaS providers should be thinking about serverless integrations. This week we thank IOpipe for supporting open source, explore some helpful serverless architectural patterns, and share plenty of great content and stories from the community.
A lot happening with serverless this week, so let’s get to the good stuff. 🍰
When you care about supporting the open source community… 🎗️
I am super excited to announce that IOpipe is now sponsoring two of my serverless open source projects! Lambda API and Lambda Warmer are projects that aim to make building serverless applications easier, and now with the generous financial support from IOpipe, I can make them even better. First item on the agenda: push Lambda API to a stable v1 release so that organizations can more easily build and test serverless applications before shifting their workloads with the strangler pattern.
When you’re not sure how to design your serverless architecture… 🤷♂️
When I first stared working with serverless applications, my biggest challenge was wrapping my head around event-driven architectures and function composition. Building small, single-purpose functions makes sense, but as soon as you start trying to figure out how they all efficiently communicate with one another (and with other services), the options can become overwhelming.
So which “pattern” do we use? The default answer always seems to be “it depends,” which, is usually not that helpful. Luckily for us, the good folks over at AWS have put together a new resources called AWS Solutions. This is a collection of vetted, technical reference implementations designed to help you solve common problems and build applications faster. These solutions cover a number of categories, but there’s a great section on serverless.
Everything from building an Ops automation tool, to centralized logging, to predictive analytics using SageMaker is covered. They even have a solution for our favorite serverless use case: image processing 😉. But seriously, these solutions include deep technical references, source code, architectural drawings, and the ability to launch the solution directly. If you are thinking about building anything on AWS, this is an amazing reference to inspire you and help you work through your own solution.
And speaking of amazing references, Rob Gruhl from Nordstrom has published the first article in a series entitled Adventures in event-sourced architecture. Event-sourcing is another pattern for distributed systems that is very effective for building large-scale, loosely coupled microservices. By using a distributed ledger to capture event stream data, you provide a tremendous amount of flexibility while increasing data quality and system reliability. I highly suggest reading this piece, even if it’s just to get the old gears turning. ⚙️
What to do if you prefer a serverless multimedia experience… 🍿
Forrest Brazeal is back with his Think FaaS Podcast. This week he discussed “Serverless In Production” with Yan Cui, another AWS Serverless Hero and serverless wizard. 🧙♂️
Marcia Villalba spends some more time sitting on the terrace at the Venetian talking about Serverless with Nitzan Shapira. Nitzan’s the CEO and co-founder of Epsagon, and knows his stuff when it comes to serverless observability.
And on the topic of people who know their stuff, Jeff Hollan talks about Azure Functions and the future of Serverless in the Enterprise in this talk for SSW TV.
When you want the latest serverless announcements… 📢
Nubewa has come out of stealth mode with a hefty $4.8M seed round. How Nuweba Brings Serverless Computing into the Mainstream explains a little more about what the company does and their plans for the future. More financial investments into the serverless ecosystem is always good news. 💰
Thundra released a new User Interface which helps you Identify “Jobs To Be Done.” This makes taking the right actions more intuitive when new events happen. I like this approach as it goes beyond just traditional alerts.
When people can’t stop talking about serverless security… 🔑
If you’re using Amazon GuardDuty and you want a better way to analyze the results, this post will teach you How to visualize Amazon GuardDuty findings using a completely serverless backend.
Insufficient logging in any system can lead to security issues simply because you don’t have enough data to see what’s happening within your application. Serverless implementations mostly require us to handle logging ourselves. In Securing Serverless Applications with Critical Logging, Renato from Dashbird points out some of the most important things that should (and shouldn’t) be logged from our serverless functions.
And Baffle released it First Data Protection Solution for AWS Lambda Serverless Compute, which essentially provides a data management layer that automatically encrypts and decrypts data as it is passed back and forth to Lambda functions.
When you don’t have enough frequent flyer miles… ✈️
If you weren’t able to attend ServerlessDays Cardiff, there’s a nice write up here. And ServerlessDays Hamburg was also a great success. Here’s a breakdown of Day 1 and Day 2 so you can see what you missed 😉. And there are plenty more ServerlessDays events coming up, including Boston and the recently announced ServerlessDays Helsinki.
If you don’t feel like traveling, Lumigo is hosting a webinar on the 7 things you need to know before going serverless.
Ory Segal from PureSec and Dan Cornell from Denim Group are hosting An OWASP SAMM Perspective on Serverless Computing webinar this Thursday.
And finally, Ran Ribenzaft from Epsagon and Heitor Lessa from AWS, are hosting a Serverless Observability Webinar that’s sure to provide some excellent insights.
When you’re interested in some real-world Serverless Stories… 🔦
In My Experience With Serverless GraphQL, Amo Moloko walks through some of the major gotchas he experienced and shows you how to get around them.
Intercom shows us How they used DynamoDB Streams to visualize changes in frequently updated objects. Sort of a twist on the event-sourcing model we discussed earlier, but using data changes as events. It’s an interesting way to capture history without completely redesigning the data flow.
Chris Oh spend weeks trying to figure out the best way to deploy a Scala serverless Lambda function using Travis CI. Luckily for us, he documented what he went through here and provided all the code.
Reusing Connections Lambda Functions (POC) is an interesting read that shows what happens when you start to bump up against “non-serverless” components in your serverless applications. Nice shoutout to Serverless MySQL in there as well. 😀
Manav Kohli from Thanx wrote an in-depth piece that tells us How to Process Data with Terraform and Lambda. There are still some great serverless use cases for Terraform, though I’d rather control my serverless applications using SAM or the Serverless Framework.
Where to look for some thought-provoking serverless use cases… 👀
Alex DeBrie teaches us how to Connect AWS API Gateway directly to SNS using a service integration. There are plenty of use cases for bypassing Lambda, and Alex walks us through a very popular one.
Jason Mihalopoulos show us an example of Serverless Data Processing with AWS Step Functions that uses sentiment analysis to flag negative reviews.
CouchDB Filters with OpenWhisk Triggers is another great use case by James Thomas that shows you how to restrict document changes to only the events you care about.
And how about a use case that provides a serverless, single page web application and set of supporting API Gateway end points and backing Lambda functions, which allow users to upload videos into S3 and compute and edit closed captions? Good news, AWS Labs already took care of it for you.
When your brain needs some good serverless reads… 🔖
FinDev and Serverless Microeconomics: Part 1 is a great piece by Aleksandar Simovic that discusses the new economic paradigm that serverless brings to software and how understanding the business value, revenue, cost, and the relationships among them, touches nearly every aspect of your business.
Forrest Brazeal published a new issue of Cloud Irregular that discusses how IAM Is The Real Cloud Lock-In. For those of you that are chained to your Active Directory cluster, you’ll understand this all too well. And Forrest’s FaaS and Furious cartoon got its own site, so be sure to go and check the archives.
SignalFX published The Definitive Guide to Serverless Monitoring and Observability that points out the challenges associated with monitoring serverless applications. It’s a good read that will get you thinking about what additional tools need to be put in place.
Better local development for Serverless Functions by Shane Dowling takes you through the trials and tribulations of attempting to emulate cloud services locally.
A new blog called Serverless Life has just recently popped up. There are some interesting articles on there that can keep you busy reading for awhile.
The Developer’s New Role in 300 Serverless Environments is a great piece by Toby Fee of Stackery that talks about the pains and benefits of managing multiple cloud environments for your serverless projects. Separating resources using stages, accounts and versions can get a bit difficult to manage, but Toby argues the tradeoffs are worth it.
If you’re interested in how Fission (sort of like Knative) works, Four Techniques Serverless Platforms Use to Balance Performance and Cost is a really in-depth piece that looks at it from a number of angles.
When people are (maybe) trying to make serverless easier… 💁♀️
λ# (pronounced “Lambda Sharp”) is a Compiler for CloudFormation that compiles all associated code, uploads all generated assets, and deploys a CloudFormation stack in a single command. Hmm.
Maxim Zaks is working on LIDL , an Interface Definition Language for AWS Lambda. I haven’t formed any opinions around this yet, but I’d be interested to hear your feedback.
What to do if you’re new to serverless, and really like listicles…
If you are a Google fan, you can learn Everything You Need to Know About Google Cloud Functions in this post on the New Stack.
And finally, if you are overwhelmed by all the new serverless lingo, Paul Swail put together a Serverless Glossary for you.
When you want to fire up your IDE and get hands-on with serverless… 👩💻
Here’s a quick and easy guide to Using Cognito for users management in your Serverless application. Everything you need to get up and running.
This is another short post that teaches you how to Use Git with AWS CodeCommit Across Multiple AWS Accounts. Very handy feature if you are using different profiles for different repositories.
If you’re using OpenFaaS, How to build a Serverless Single Page App gives you a very detailed walkthrough of the code and infrastructure needed.
Zac Charles is back teaching you how to Remotely debug .NET in AWS Lambda (with Breakpoints). And Gavin Lewis shows you How to Debug .NET Core Lambda Functions Locally with the Serverless Framework.
When you’re glad AWS is keeping everything up-to-date… 🛡️
AWS jumped right on the Container Security Issue (CVE-2019-5736) and updated all of their affected services. Check the list to see if you need to take any action on your side.
For you IoT fans, AWS announced IoT Atlas, a collection of IoT designs available in an easy-to-use, searchable website. The designs are cloud-service agnostic, allowing you to use them under the Creative Commons license where ever you want.
Amazon Kinesis Data Firehose Announced Support for Custom Amazon S3 Prefixes. Great way to partition your data for faster querying with something like Athena.
And finally, Jerry Hargrove updated his Periodic Table of Amazon Web Services, just in case you weren’t confused enough by their seemingly endless set of cloud offerings. 😁
Serverless Star of the Week ⭐️
There is a very long list of people that are doing #ServerlessGood and contributing to the Serverless community. These people deserve recognition for their efforts. So each week, I will mention someone whose recent contribution really stood out to me. I love meeting new people, so if you know someone who deserves recognition, please let me know.
This week’s star is Rob Gruhl (@RobGruhl). Rob is a senior engineering manager at Nordstrom and an AWS Serverless Hero. His team has been using serverless architectures to build scalable solutions since the advent of the serverless era. Rob and his team have also created and released two major open source projects: Serverless Artillary and the amazing, Hello Retail. He has been discussing event-sourcing architecture in distributed serverless systems for quite some time, and his new series of posts we discussed earlier is sure to make this excellent pattern easier to grok. Thanks for your continued contributions, Rob! 🙌
Final Thoughts 🤔
Lots of good news for the serverless ecosystem this week! I really like the new AWS Solutions compendium that was released. I think it will help a lot of people struggling with these new design patterns. And, of course, investments in companies like Nuweba are positive indicators that the space is continuing to grow and mature. Always more work to do, but it is great to see the pace of serverless adoption speeding up.
I hope you enjoyed this issue of Off-by-none. Please send feedback and suggestions so I can keep making this newsletter better each week. Feel free to contact me via Twitter, LinkedIn, Facebook, or email and let me know your thoughts, criticisms, or how you’d like to contribute to Off-by-none.
And please share this newsletter with your friends and coworkers who are interested in serverless. I shall be eternally grateful. 🙇♂️
See you next week,
Share this newsletter with your friends and coworkers!
Off-by-none is a weekly email newsletter that focuses on the technical details of building applications and products in the cloud using serverless technology. Together we can become better developers and product people by making fewer mistakes as we learn from each other. Off-by-none is the idea that we can become exceptional at what we do, if we are willing to put in the work. Join me on this journey as we help the community work to develop best practices, share our ideas, and learn to build better cloud-based software.
I respect your privacy and I will NEVER sell, rent or share your email address.