A Weekly Newsletter By Jeremy Daly

Off-by-none: Issue #43

June 25, 2019

Buongiorno from ServerlessDays Milano! 🇮🇹

Welcome to Issue #43 of Off-by-none. I’m so glad you joined us! 🙌

Last week, we looked at some frameworks that are making serverless easier. This week, we recap an amazing ServerlessDays event in Milan, we have some great serverless reads, and we have plenty of serverless content from the community.

There is a ton to get to this week, so let’s get started! 🏎

ServerlessDays Milan 🇮🇹

This past Friday was the third installment of ServerlessDays Milan, and it was a really great show. I started the day off by giving my Stop Calling Everything Serverless! keynote, followed up by a great talk from Andreas Grimm about authentication in the serverless world. Next up was the one and only Danilo Poccia talking about Diving deep into the event-driven side of serverless. This was definitely one of my favorite talks.

There was then a number of rapid fire lightning talks from Ran Rib of Epsagon, Marcia Villalba (Developing Serverless applications with GraphQL), Soenke Ruempler from Superluminar (Serverless vs. Organizations), and Farmin Farzin. Ory Segal gave an excellent talk about serverless security, including a number of great examples and a live demo. Victoria Bernard then gave us some Dev life hacks using serverless.

The highlight of the show might have been Gunnar Grosch’s talk about Performing chaos in a serverless world. The talk was great, of course, but the best part was when Gunnar purposely simulated a projector failure (to make the point that “everything fails all the time”) and Alex Casalboni jumped up to try and fix it. The MTTR from the ServerlessDays organizers was impressive. 😉

Bret McGowen from Google admitted that Kubernetes was really hard, but also introduced us to an interesting billing model for Google Cloud Run. Sheen Brisals pronounced that “Serverless was Definitionless” and then walked us through the serverless journey of shop.lego.com. Finally, Guillermo Rauch didn’t disappoint with an engaging closing keynote. He concluded that “serverful schedules, and serverless is scheduled.” I really like that definition. Even though it focuses on the execution model, it’s a great way to think of it.

Overall it was a great day. The organizers did a fantastic job, the speakers discussed a diverse set of topics, and the crowd was amazing. I’m looking forward to the videos coming in the next few weeks.

Serverless News & Product Announcements 🚀

ServerlessDays Tokyo and ServerlessDays Istanbul were announced!
Add two ServerlessDays events to the list that are happening this year. Istanbul on October 3rd and Tokyo on October 22nd.

What’s New in IOpipe for Python 1.8?
IOpipe’s new release adds a bunch of features to make auto-tracing more configurable, plus trace decorating, context for WSGI interfaces, and new event types.

Recent Developments in monitoring AWS Lambda in Python
Thundra has also added some enhancements to their Python support including distributed tracing support and automatic tracing for SqlAlchemy, Elasticsearch, and MongoDB.

Aqua Security releases new version of its cloud native security platform
Aqua 4.2 introduces advanced runtime protection for serverless functions, providing security teams with the ability to detect and prevent potential misuse and abuse of cloud-based serverless functions.

Serverless Stories 📖

Fun with AWS Lambda Layers and Serverless
Barend Bootha recounts his experience with Lambda Layers, and gives you a few tips to avoid deploying functions with missing versions.

Building a full Node.js website in the FaaS world: Serverless Framework + AWS Lambda
Yoram Griguer gives you a bunch of lessons learned from building with serverless at Biogen and why they don’t regret their choices.

From a high traffic monolithic app to serverless
The story of how Skyscrapers evolved a classic, high traffic, monolithic application to a serverless architecture using AWS Lambda, DynamoDB and Kinesis.

Serverless Use Cases 🗺

Building a PDF Generator on AWS Lambda with Python3 and wkhtmltopdf
Here’s a very hand use case from Richard Keller that uses the wkhtmltopdf binary with Lambda to create a highly-scalable PDF generator.

Empirically test and measure queries from Amazon DynamoDB
Ryan Meyer walks us through a really interesting way to intercept, track, and measure calls to a DynamoDB table for the purpose of performance analysis, refactoring legacy queries, or root cause analysis.

How to build a dynamic message of the day with AWS Lambda
In this simple use case, Chris Blackwell shows you how to create a basic templating system using S3 and personalization using Lambda.

Lightweight Serverless API Using AWS Lambda and ALB
Regis Wilson from Driven By Code explains how he built a simple serverless API using ALBs with Lambda targets. If you don’t need the heavy lifting of API Gateway, this might be a good (and cheaper) option for you.

If you’re thinking about going serverless… 🤔

How to convince your boss to go serverless
“In simple terms, one should clearly explain why going ‘Serverless’ is no longer an option, but a priority.”

Meet the Family: The “Other” AWS Serverless Services
Serverless != FaaS. Yan Cui introduces Serverless newcomers to the other “serverless” services that AWS has to offer.

Containers or Serverless: Which one to choose?
Alex Miranda gives some of his thoughts on the container versus serverless selection process. While he admits he doesn’t have a lot of experience with serverless, I think this goes to show the knowledge gap that needs to be filled.

Serverless 101: A Comprehensive Guide
Maybe not entirely comprehensive, but there are some good details in here about the history of serverless.

Serverless Tutorials 🏗

How to use Google Sheets Data as JSON in your front end, So simple.
If you need a quick and easy place to provide JSON to your front end (or backend), Google Sheets makes it surprisingly simple.

Save Money With AWS S3 Static Web Hosting
Simple step by step guide by Keith Miller to set up static web hosting with AWS S3.

Four Steps for Debugging your Content Delivery on AWS
Achraf Souk  show you how to configure alarms for delivery issues, and how to troubleshoot them using AWS tools and services like the CloudFront console, Athena and CloudWatch Logs Insights.

Using AWS Services from different regions using Serverless Architecture
Interesting workaround for dealing with regions that don’t support all AWS services.

URL Shortener + Tracking solution using Nexmo Messaging and AWS Serverless
Simple URL Shortener and click-tracker from Enrico Portolan.

Serverless Security 🔒

Serverless Computing from the Inside Out
Interesting article from Joe Vadakkan. He argues that the biggest “serverless” risks don’t stem from the technology itself, but from an organization’s response to the rapid adoption.

Amazon S3 consistently raises the bar in data security
Just a gentle reminder from AWS that S3 is really secure, if it’s in the right hands, that is. 😜

Best practices for secrets management in serverless applications
Here are a few tips from Snyk to keep your serverless secrets secure.

Serverless Reads 🤓

Serverless is a Doctrine, not a Technology
Paul Johnston has another great thought piece that tries to explain what serverless is. At first, it was a mindset, then “Cloud 2.0”, and now a doctrine. But, I really like the way he thinks about this stuff, and an evolving definition will be commonplace for quite some time.

Choosing a Database for Serverless Applications
Alex DeBrie wrote this excellent piece that discusses several database options for your serverless applications. Definitely worth the read if you’re thinking about building a serverless app.

In the cloud, beware of sharp edges, for there are many
Really great post by Ryan Green about understanding the limits imposed by cloud providers. Some of them can be raised, but many are hard limits that require changes to your implementation.

Forget monoliths vs. microservices. Cognitive load is what matters
Not specifically for serverless, but this is an interesting piece that argues that organizations should be using the team’s cognitive load as the guiding principle for the effective delivery and operation of modern software systems.

Solving Cold-Start disturbs serverless’ definition and it’s okay
Maxime Rouiller argues that just because Azure Premium Functions don’t scale to zero, doesn’t mean they’re not serverless. I actually argued for something like this in the past (but now I think there are better solutions than pre-warming).

When you’d rather just Netflix and chill… 🍿

Serverless Chats – Episode #2: Building Resilient Serverless Systems with Nitzan Shapira
In this episode, I chat with Nitzan Shapira from Epsagon about building resilient serverless applications, what can go wrong with serverless, and what we should do to make sure our applications are working as expected.

Serverless chaos demo – Latency injection into Lambda function
Walk-through of the serverless chaos engineering experiment Gunnar Grosch performed live at ServerlessDays Milano 2019. Latency injection into AWS Lambda function!

Serverless Smells – Think FaaS Podcast
Forrest Brazeal talks about developing an intuition for serverless designs that just don’t feel quite right.

Hillel Solow, CTO & Co-Founder at Protego, discusses all the latest topics in cloud-native and serverless with Eoin Shanaghy, CTO of fourTheorem, in this four part episode of the Serverless Show:

When you want to know what AWS has been working on… ⚙️

Amazon CloudFront announces seven new Edge locations in North America, Europe, and Australia
Four in the US, two in Europe and one in Australia. Capacity in each of the new cities has been doubled to serve the growing number of user requests.

Announcing Enhanced Lambda@Edge Monitoring within the Amazon CloudFront Console
Debugging Lambda@Edge used to be a nightmare, but this release from AWS might just change all that. Imagine being able to see all your edge locations and Lambda@Edge functions in one place! Wish granted.

Amazon API Gateway Adds Configurable Transport Layer Security Version for Custom Domains
You can now enforce TLS v1.2 on API Gateway. I can’t even remember how many times I’ve seen this request on a security audit. Good stuff.

Use IAM access advisor with AWS Organizations to set permission guardrails confidently
I haven’t looked into this extensively, but my initial impression is that it’s a good idea. Being able to review last accessed info and add guardrails to restrict unneeded access should be very powerful. Let’s just hope not too powerful to break some existing service with infrequent access patterns. There’s some more info in this post.

Introducing Service Quotas: View and manage your quotas for AWS services from one central location
This service could come in might handy, especially as you start to scale up your applications. More details are available in this post.

AWS Lambda Console shows recent invocations using CloudWatch Logs Insights
Hmm, I figured this was coming, but there is a long way to go before CloudWatch has parity with the likes of Epsagon, Thundra, IOpipe, etc.

Introducing Amazon QuickSight fine-grained access control over Amazon S3 and Amazon Athena
I have never used QuickSight, but I hear good things. Maybe this will make it a more attractive option now that you can get precise with data permissions?

Amazon DynamoDB now supports up to 25 unique items and 4 MB of data per transactional request
Transactions are an awesome feature of DynamoDB, and now that you can have 25 items, I think this could open up a number of new use cases. But not to maintain relational data models! (As Rick Houlihan says, “Don’t do that!”)

Serverless Tools 🛠

Serverless App to Speed up all your Lambda Functions
Yan Cui (with support from Lumigo) has published the new optimized-aws-sdk layer to enable HTTP keep-alive by default. There’s also a SAR app to make sure that all your functions have it automatically applied.

FFmpeg, ImageMagick, Pandoc and RSVG for AWS Lambda
Gojko Adzic has updated his Lambda Layers to support Amazon Linux 2.

Rocketsam: A CLI made to build and deploy microservices in AWS
This is a new serverless deployment tool that takes a slightly different approach to deploying your serverless applications.

Upcoming Serverless Events 🗓

There are a lot of upcoming serverless events, webinars, livestreams, and more. If you have an event you’d like me to mention, please email me.

June 25-26, 2019 – AWS re:Inforce. (I’m doing a Dev Chat on Serverless Security on Wednesday afternoon)

July 8, 2019 – Thundra – Happier Customers with Serverless and Observability (webinar)

July 9, 2019 – Epsagon: Modern Apps on AWS: Challenges and Solutions (webinar)

July 11, 2019 – ServerlessDays London

July 11, 2019 – AWS Summit New York (I’m doing a Dev Chat on building event-driven serverless applications)

July 17, 2019 – IOpipe: Charting a Course for Serverless with Matson (webinar)

August 27, 2019 –  ServerlessDays Sydney

August 29, 2019 –  ServerlessDays Melbourne

Serverless Star of the Week ⭐️

There is a very long list of people that are doing #ServerlessGood and contributing to the Serverless community. These people deserve recognition for their efforts. So each week, I will mention someone whose recent contribution really stood out to me. I love meeting new people, so if you know someone who deserves recognition, please let me know.

This week’s star is Gunnar Grosch (@gunnargrosch). Gunnar is a Cloud Evangelist and Co-founder at Opsio in Sweden. He is also a co-organizer of ServerlessDays Stockholm and AWS Community Day Nordics, and an organizer of serverless meetups and AWS User Groups. I really enjoyed Gunnar’s Performing chaos in a serverless world talk from ServerlessDays Milan. This type of practical advice is extremely important to spread to the community. Thanks for all your organizing efforts, Gunnar, and thanks for the great content.  🙌

Final Thoughts 🤔

Milan was an absolute blast. It is really great to see such an engaged community all around the world. Thanks again to the organizers for inviting me to talk. It was great to see all the familiar faces and to meet a bunch of new ones.

I hope you enjoyed this issue of Off-by-none. Please send me your feedback and suggestions as they help to make this newsletter better each week. You can reach me via Twitter, LinkedIn, Facebook, or email and let me know your thoughts, criticisms, or (perhaps) even how you’d like to contribute to Off-by-none.

If you like this newsletter, and think others would too, please do me the honor of sharing it with friends and coworkers who are interested in serverless.

Take care,
Jeremy

Share this newsletter with your friends and coworkers!


Off-by-none is a weekly email newsletter that focuses on the technical details of building applications and products in the cloud using serverless technology. Together we can become better developers and product people by making fewer mistakes as we learn from each other. Off-by-none is the idea that we can become exceptional at what we do, if we are willing to put in the work. Join me on this journey as we help the community work to develop best practices, share our ideas, and learn to build better cloud-based software.

Sign up below and get Off-by-none delivered to your inbox every Tuesday.

I respect your privacy and I will NEVER sell, rent or share your email address.