A Weekly Newsletter By Jeremy Daly

Off-by-none: Issue #27

March 5, 2019

Let’s focus on business value…

Welcome to Issue #27 of Off-by-none. Thanks for being here! 🙌

Last week we discussed whether or not serverless is really dead and met some new serverless heroes. This week we look at Lyft’s AWS bill, share lots of serverless tutorials, use cases, and stories from the community… and shamelessly plug ServerlessDays Boston!

So much happening with serverless, so let’s jump right on in. 🏊‍♂️

When you find out that Lyft is spending $8 million per month on AWS… 💰

The other day, as part of Lyft’s IPO filings, it came out that they are obligated to spend $300 million on Amazon Web Services by 2022. It seems like a big number (~$8M per month), but according to Corey Quinn on Twitter, it works out to something like $0.14 per ride. Whether that is considered a lot or a little is up to the number crunchers, but it seems to me that the cost (and headaches) of owning your own global network of data-centers would cost a heck of a lot more than that.

We know that Lyft is using a wide variety of AWS services (including Lambda, DynamoDB and other serverless offerings), but another interesting part of this story has to do with what “all-in” with AWS really means for some of its other vendors. After this news came out, MongoDB shares plummeted due to speculation that this might mean that Lyft would be moving from MongoDB to AWS’ new DocumentDB. There has been no confirmation from either side, but according to that article, Lyft “is quite dissatisfied with Mongo’s performance and is in the process of a massive database migration.”

This may be bad news for MongoDB, but I think it goes a bit deeper than that. To me, this seems like more confirmation of the “Multi-Cloud Fallacy.” I’m a huge supporter of open-source, but the business model is going to need to find a way to adapt to the changing cloud economy. At scale, multi-cloud strategies continue to breakdown, and consolidating and collocating your applications and data in hyperconnected data-centers, IMO, will be the preferred approach. Something to think about when choosing your vendors.

Serverless Use Cases 🗺

Sending funny dog GIFs using AWS IoT Button and Lambda
This is clearly the best use case for serverless that I’ve ever seen. 😂 But seriously, IoT is a great serverless use case, and I’m thinking about ordering one of those buttons just to do something fun like this.

Serverless collaboration
A quite fascinating look at how you can use WebRTC to create “serverless” communication between browsers. There are some limitations, but this is pretty cool.

How a Monolith Architecture Can Be Transformed into Serverless
Kyle Galbraith has a great piece that outlines a number of use cases for “movable” parts of your monolithic architecture and how they can be adapted to serverless. He also points out some limitations that make certain components “unmovable” due to things like high memory requirements or low latency. He concludes that serverless is not the future because of the need for other types of workloads. Agree to disagree. 😉

A Typescript Runtime for Lambda and Why You May Not Want To Use It
Matthew Bonig wrote a custom TypeScript runtime for Lambda, and then wasn’t happy with the performance. From my experience, performance with custom runtimes has been quite good, but something to consider if you’re thinking about building your own.

ArcGIS in Lambda
Interesting use case that ties ArcGIS management into Lambda functions. I’m sure there is much more you could do with this API that could allow for additional mapping capabilities.

Serverless Computing with Drupal
It’s only a matter of time before WordPress ends up in a Lambda function. Luckily, the team at Opensense Labs took a slightly different approach with Drupal. The article spends quite a bit of time justifying serverless, but key take away is the use of CloudFront as a caching layer to globally distribute your CMS.

If you’re interested in some serverless product announcements… 📢

Announcing OpenTracing Compatibility for Go Agent
Golang continues to gain popularity on AWS Lambda, and now Thundra has extended their Go Agent to allow you to manually instrument your functions with the OpenTracing interface.

Aqua Security Introduces Industry’s First Serverless Function Assurance for Securing Serverless Environments
I’m not sure it’s actually the first, but this shows continued investments into the severless security space. Detecting vulnerabilities and over-provisioned roles is a good first step, but restricting execution based on defined policies is pretty cool.

If you’re new to Serverless… 🐣

Serverless computing 101 for developers
Rodric Rabbah (one of the original creators of Apache OpenWhisk), gave a great interview with App Developer Magazine about serverless. It is a good introduction to the overall landscape (a bit skewed to open source, of course), but does a great job explaining some of the key concepts. Most important takeaway: “What developers are showing us is that serverless will become the way you develop all applications in the future.”

Five Frequently Asked Questions about Serverless
Micah Adams answers five questions that I’m sure most teams new to serverless will be asking. While I don’t agree completely with all his answers, it is good to see these types of questions being raised.

Serverless Architecture using Serverless Framework and AWS Lambda
This quick tutorial from Atin Kapoor gives newbies a step-by-step guide that should get them up and running fast.

How to explain serverless in plain English
I keep trying to refine my own pitch for the uninformed, but this post gives a nice roundup of definitions by some industry experts. Might help you better explain what you do to your significant other.

Three Projects to Get You Started with Serverless in 2019
Alex DeBrie has another great post that outlines starter projects for Ops engineers, web developers, and “anyone that wants to be a hero,” so they can jumpstart their serverless journey.

Cutting Through the Layers: AWS Lamba Layers Explained
Michael Lavers from IOpipe gives a great overview of Lambda Layers and what they’re good for. There is a mention of using layers as composition, but I still think there is a bigger opportunity here beyond just importing prebuilt packages. I have to work on that.

Serverless Tutorials 👷‍♂️

DynamoDB TTL as an ad-hoc scheduling mechanism
Yan Cui runs a series of experiments to see if you can use DynamoDB TTLs as a way to build a massively scalable scheduler system. Unfortunately, there just isn’t enough precision for certain tasks, but could certainly be useful in a number of circumstances.

There Is More than One Way to Schedule a Task
Zac Charles followed up on Yan’s post and offered some alternative approaches to scheduling a task, including SQS Delay Queues, SQS Message Timers, SQS Visibility Timeout, and my favorite, Step Functions.

OpenWhisk Web Action Errors With Sequences
James Thomas has a great post that explains the power of Action Sequences with OpenWhisk Functions and how you can tie those to synchronous web actions. Function composition is still one of the most confusing aspects of serverless, but Action Sequences are an interesting approach.

Setup CI/CD pipeline with AWS Lambda and the Serverless Framework
Lorenzo Micheli walks you through setting up a CI/CD pipeline for your serverless projects, complete with approval steps.

AWS Infrastructure as Code with CDK
If you’re not a fan of CloudFormation and you’d like to use a more familiar programming language to manage your infrastructure, Ross Rhodes’ post will teach you how to use the AWS Cloud Development Kit to configure a simple serverless application.

Using Little’s Law to estimate IP capacity in VPC for AWS Lambda
If you still need to use VPCs with your Lambda functions, you need to make sure you have enough IPs available for your ENIs. Vladyslav Usenko shows you some quick calculations to make sure your CIDR blocks aren’t too small.

Building serverless apps with components from the AWS Serverless Application Repository
Aleksandar Simovic reminds us that we should not be reinventing the wheel if someone has already created a good solution. The AWS SAR is loaded with really great apps to jumpstart your serverless projects.

AWS Lambda for .NET Developers
If you love .NET core, this great post by Marc Roussy will give you some good insight and all the details you need to run .NET on AWS Lambda.

Serverless Stories 📖

Paul Swail has an excellent series of posts documenting the decisions he needs to make in order to Migrate a Monolithic SaaS App to Serverless. In part two, he tackles Routing requests away from a legacy API. This should be an interesting set of posts to keep up with.

Painless Serverless: Destructuring services into functions automatically
Not sure how effective this would actually be (nor is the author) but the basic idea is to take a monolithic service and automatically break it down into discrete serverless functions. Interesting idea.

Going serverless: How we migrated our customer websites to AWS Lambda
Andy Buckingham and his team over at Aiir built a custom PHP Lambda Layer to replace nginx based web servers. I’m assuming they are using Lambda like mini servers (so maybe not the best use case), but they are taking advantage of ALBs instead of API Gateways, so that’s interesting.

How we migrated from monolithic to serverless mentality
This is just a short write-up by Darlei Soares that shows how quickly small teams (with the right mindset) can start to implement serverless architectures.

Serverless For Devops Teams
A list of “weird and wonderful use cases that the DevOps team” at Space Ape has found for Lambda functions.

SEEKing Serverless with DevopsGirls
Just a nice story about people coming together and volunteering their time to spread the idea of serverless, one small bootcamp at a time.

Serverless Computing: The Story of Success
The story of how the JetRuby Agency built a serverless application for a client, what technologies they used, how many people it required, and how long it took. Interesting read.

Serverless Reads 👓

Macroservices vs. Microservices vs. Serverless: the story of a modern solution architect
Mick Roper takes us through his decision making process when choosing a particular design pattern.

Why I, A Serverless Developer, Don’t Care About Your Containers
An important point in here while we continue to argue about what makes something “serverless.” Developers won’t really care about any of it as long as the providers are managing the services for them.

Serverless Architectural Patterns
Eduardo Romero outlines several useful patterns that you can use with your serverless applications. Lots of excellent links at the end as well.

Industry predictions for 2019
A good overview of how companies think about moving to the cloud and why leapfrogging containers might be the better approach.

Project Management In The Age Of Serverless
Robert Ayres argues that project managers need to know more about the technology as their teams adopt serverless. This posts lays out a number of factors to consider when defining your project management methodology as well as outlining the impact of emerging technologies on your projects.

Amazon DynamoDB auto scaling: Performance and cost optimization at any scale
Helpful post that gives an overview of how auto scaling works and how to use it to reduce your overall costs.

How Might Serverless Impact Node.js Ecosystem?
Aditya Modi asks an important question, especially when it comes to the size of third-party Node.js libraries. As he says, it takes time to load dependencies into memory, which can affect cold start times. Doesn’t mean we avoid libraries, it just means we need to be smarter about how we optimize them.

When you’re wondering what AWS has been up to… 🛠

Amazon Aurora Serverless Publishes Logs to Amazon CloudWatch
Don’t know how I missed this last week, but this is big. A major deficiency with Aurora Serverless was the inability to see your log files. You can now publish general logs, slow query logs, audit logs, and error logs directly to CloudWatch.

Resource Groups Tagging API Supports Additional AWS Services
Step Functions was added to the list, so more useful ways to organize and track your serverless application components.

Amazon Athena Now Supports Resource Tagging
The Athena Workgroup resource lets you separate query execution and query history between Users, Teams, or Applications running under the same AWS account, and now you can tag them for better insight for billing.

Amazon DynamoDB adds support for switching encryption keys to encrypt your data at rest
Probably not a common need, but it’s good to know that you can do this.

Introducing AWS X-Ray support for Python web frameworks used in Serverless
If you use Flask or Django with your serverless Python apps, you can now auto instrument them with X-Ray, which is pretty cool.

Upcoming Serverless Events 🗓

ServerlessDays Boston is next week Tuesday, March 12th! If you haven’t bought your ticket yet, you still have time. They are only $49 and include breakfast, lunch, happy hour drinks, and an amazing lineup of speakers. If that’s not enough, Christina Wong and I will be emceeing the event, so you don’t want to miss our comedy stylings. 😉

ServerlessDays Helsinki is on April 25th. Tickets are on sale now and the CFP is still open. ServerlessDays Tel Aviv is on June 4th (CFP is open).  And the Call for Papers for Serverless Computing London is also open.

If you don’t feel like traveling, Yan Cui is teaching an online training course for Designing Serverless Architecture with AWS Lambda on April 15th and 16th.

When you prefer multimedia… 📽

And speaking of ServerlessDays, all the ServerlessDays Cardiff 2019 videos are now available for your viewing pleasure. Lots of great stuff in there.

I also came across this video to help you Understand Serverless Kubernetes and Serverless on Kubernetes. It’s short, and actually worth watching if you are curious as to what Azure actually means by these terms. The idea of “nodeless” Kubernetes is particularly interesting.

The lasted episode of the Think FaaS Podcast finishes up a three part interview with Yan Cui. From DevOps to FinDev gives you a good overview of what FinDev is and why serverless plays an important role. However, we have to deduct 1 point because it went over the 15 minute timeout. 😬

Serverless Security 🔒

AWS Security Best Practices for API Gateway
Ory Segal from PureSec lays out the different ways that you can control access to your AWS API Gateways and gives you some best practices to make sure you keep your serverless functions secure.

The 12 Most Critical Risks for Serverless Applications 2019 Guide
PureSec also published a new guide that outlines the 12 Most Critical Risks for Serverless Apps. While serverless apps are more secure just given the fact that the provider is managing the infrastructure, it’s important to remember that the application code is still our responsibility.

5 Best Serverless Security Platform for Your Applications
A quick list and overview of five of the main serverless security platforms that are available to you.

Injection Attacks: Protecting Your Serverless Functions
Another reminder that event injection is a little different with serverless applications. Good overview of the issue, plus some mitigation strategies using Stackery and Twistlock.

When you’re looking for some serverless insights on Twitter… 🐦

A clever post by @mykola that does a great job explaining Eventual Consistency.

A valuable insight from Dwayne Monroe‏  that  “the age of bespoke IT needs to end, serverless is the method.”

Joe Emison also made a good point about people who see serverless as just as FaaS.

And Forrest Brazeal asked what is the most underrated AWS service? He got some pretty good answers.

Serverless Star of the Week ⭐️

There is a very long list of people that are doing #ServerlessGood and contributing to the Serverless community. These people deserve recognition for their efforts. So each week, I will mention someone whose recent contribution really stood out to me. I love meeting new people, so if you know someone who deserves recognition, please let me know.

This week’s star is Matt Weagle (@mweagle). Matt is another recently named AWS Serverless Hero and a valuable member of the serverless community. He organizes the Seattle Serverless Meetup and is a co-organizer of Seattle Serverless Days. You can find his serverless musings on Medium as well as his Twitter feed. Matt’s GitHub is loaded with sample serverless applications as well as his Sparta project, a Go framework for building serverless microservices with AWS Lambda. 👍

Final Thoughts 🤔

I’m curious what your thoughts are about the new format of the newsletter. I’ll be experimenting a bit more in future, so please let me know what you like (or don’t like) about it.

I hope you enjoyed this issue of Off-by-none. Please feel free to send feedback and suggestions so I can keep making this newsletter better each week. You can reach me via Twitter, LinkedIn, Facebook, or email and let me know your thoughts, criticisms, or how you’d like to contribute to Off-by-none.

And please do me the honor of sharing this newsletter with your friends and coworkers who might be interested in serverless. It would be greatly appreciated. 👍

See you next week (hopefully at ServerlessDays Boston),
Jeremy

Share this newsletter with your friends and coworkers!


Off-by-none is a weekly email newsletter that focuses on the technical details of building applications and products in the cloud using serverless technology. Together we can become better developers and product people by making fewer mistakes as we learn from each other. Off-by-none is the idea that we can become exceptional at what we do, if we are willing to put in the work. Join me on this journey as we help the community work to develop best practices, share our ideas, and learn to build better cloud-based software.

Sign up below and get Off-by-none delivered to your inbox every Tuesday.

I respect your privacy and I will NEVER sell, rent or share your email address.

Tags: , , , ,