A Weekly Newsletter By Jeremy Daly

Off-by-none: Issue #64

November 19, 2019

pre:Invent is just getting started… 🤯

Welcome to Issue #64 of Off-by-none. Thanks for being here! 👋

Last week, we rehashed the Fat Lambda debate and met some new AWS heroes. This week, we look at a ton of announcements and feature launches leading up to re:Invent, plus we share lots of awesome content from the serverless community.

🥳 Don’t forget! If you’re planning on going to AWS re:Invent this year, be sure to register for the #ServerlessForEveryone Community Party @ AWS re:Invent 2019. We’re adding names to the waiting list, but we’d still love for you to join us and our awesome guests! We have some amazing sponsors (StackeryThundra, AWS, CloudZero, Lumigo, Protego, Serverless, Inc., Edrans, and New Relic Serverless) that are making this event possible. I hope you’ll be able to join us!

Lots to get to today, so let’s get to it! 🚀

Serverless News & Product Announcements 📣

Cloud Run, a managed Knative service, is GA
This really interesting service has been in beta for awhile, and is finally available in both a fully-managed version, and one for Anthos.

Launching our knowledge base
The team over at the Dashbird has put together a robust knowledge base that is loaded with all kinds of serverless information including DynamoDB modeling, API Gateway configurations, and much more.

Solo.io Releases Production-Ready Gloo Enterprise 1.0 for Modernizing to Cloud Native Applications
Gloo is an interesting solution for implementing the strangler pattern for aggregating and modernize distributed APIs. I don’t know much about the new Enterprise version, but it could be a useful bridge for companies that are straddling on-prem and cloud.

Aqua Security Acquires CloudSploit to Monitor Configs
Misconfiguring your cloud resources seems to be all the rage nowadays. This pickup by Aqua Security should help add some piece of mind, especially for those staring at huge cloud configuration files.

Pulumi infrastructure-as-code tool adds .NET language support
Pulumi continues on its quest to compete with AWS CDK, CloudFormation, and Terraform by adding additional language support for C#, F#, and VB.NET.

Serverless Use Cases 🗺

AWS Lambda: Real-World Use Cases for the DevOps Engineer
If you’re in the DevOps space and are curious how serverless can make your life easier, check out this excellent post from Emrah Samdan.

Stateful Programming Models in Serverless Functions
This is a good summary by Steef-Jan Wiggers that recounts Chris Gillum’s presentation at QCon. He talks about two ways in which you can add state to your Azure Functions to accommodate specific use cases.

Serverless Concepts 🏗

Error Handling in AWS Lambda and API Gateway
Ben Arena outlines four different approaches to handling errors with API Gateway and AWS Lambda. He didn’t mention Lambda API as a possible solution, but we’ll let it slide. 😉

Comparing the multi-table and single-table approaches to designing a DynamoDB data model
Paul Swail has an excellent article that discusses the multi-table versus single-table approach to designing data models in DynamoDB. I’m a big fan of the single table approach, but your mileage may vary, as Paul explains.

Why use Google Cloud Run? Here are 5 Compelling Reasons to Opt for Serverless Containers
Geshan Manandhar makes some good points, but as much as I love the idea of Google Cloud Run, there is still a fair amount of heavy lifting involved to get up and running. Plus, not having to learn a new paradigm might seems tempting, but ultimately it will be required in order to embrace a serverless mindset.

Serverless Patterns
I saw this pop up the other day. Toby Hede has put together some serverless patterns for you to learn from and use.

Serverless Patterns implemented, part 1
And speaking of serverless patterns, Vicenç García has taken some of the patterns from my post and created code samples for implementing them. Very cool.

Designing durable serverless apps with DLQs for Amazon SNS, Amazon SQS, AWS Lambda
AWS released DLQs for SNS topics this week, and with that, a bunch of new design patterns open up for building durable applications. Otavio Ferreira has an awesome post on how to use this new feature (along with existing fallback mechanisms) to build a highly durable serverless application.

EventBridge vs CloudWatch Events, Kinesis and SNS
Very informative post by Aviad Mor about EventBridge and how it compares to Kinesis and SNS. He mentions that EventBridge requires SQS to add resiliency, but that really depends on your downstream target. Unless you expect your target to be down for more that 24 hours, there is a fair amount of durability and resiliency built in. TLDR; don’t over engineer if you don’t need to.

AWS Serverless WebSockets – Introduction Around the Pitfalls
This is a great post by Joonas Laitio that goes through the details of how API Gateway WebSockets work, and what are some of the pitfalls that you need to be wary about.

AWS Lambda and Node.js 12: Support and Benchmark
AWS also released a bunch of new runtimes for Lambda, and Ran Ribenzaft benchmarked Node.js 12. According to this post, it’s a bit slower (which seems strange), but it’s packed with new features, so the tradeoff might be worth it.

Kinesis vs SNS/SQS
John Gilbert shares why he uses Kinesis for first-class events rather than SNS to SQS. While I agree that Kinesis is a workhorse that has lots of great use cases, I think you’ll see more of these event-driven workloads shift to EventBridge as a more flexible alternative.

Serverless Tutorials 🏗

Building a serverless data pipeline using Kinesis > Lambda > S3 Glacier pt. 1
Serkan Özal outlines the first few steps to building a serverless data pipeline using Kinesis.

Using AWS Lambda and SQS to perform mass, distributed and asynchronous updates on DynamoDB Tables
Great post by Rafal Wilinski that discusses possible serverless patterns to reliably perform DynamoDB table updates across a large number of items. I’ve implemented similar patterns (without the orchestrator) and have found that creating batches of 25 records PER SQS message is incredibly efficient. That way you set your Lambda batch size to 10, and you get 250 record updates per Lambda execution for a total of 10 batch writes.

Serverless Security 🔒

7 best practices when using AWS SSM Parameter Store
This useful post by Hoang Le outlines seven common practices when using AWS Parameter Store. #5 recommends fetching your parameters at runtime, which I agree with, but I prefer not to save the data in environment variables. Maybe I’m just paranoid.

Is Cloud Computing Secure? 7 FAQs About Cloud Security Answered (2020)
Trisha Paine from Protego answers seven frequently asked questions about cloud security.

Amazon GuardDuty Supports Exporting Findings to an Amazon S3 Bucket
I’m including this in the security section because it makes more sense here. Exporting your GuardDuty findings into S3 makes aggregating data across multiple regions and accounts super simple.

Serverless Reads 🤓

O’Reilly serverless survey 2019: Concerns, what works, and what to expect
Super interesting data in these survey results. Crazy to think that only 40% of respondents have adopted serverless in their organizations. The experience versus successful outcomes data is also quite fascinating. We still have a long way to go to get people on board, but it is certainly spreading.

How does improved VPC help reducing Lambda cold start
Crespo Wang explains how the improvements to VPC networking for Lambda dramatically reduced cold starts in his organization.

Towards Serverless (FaaS) as the next step in Infrastructure-as-a-Service (IaaS) evolution
Jonathan Eisenzopf has a interesting post that provides some thoughts on the current serverless ecosystem and how computing on the edge (or even on the client using WASM) might be the next evolution of compute.

Containers Or Serverless? The Battle For Your DevOps Mindshare
I’m including this post by John Anthony Radosta because I hold a different point of view. He mentions that “the complexity of inter-calling Lambda functions made it near impossible to debug anything.” If that’s the case, it sounds to me like it may have been a poorly designed system. Granted, knowing how to design serverless systems isn’t easy, but this seems like a case of blaming the hammer instead of the carpenter.

For the audiophile… 🎧

Episode #23: Serverless Application Security with Ory Segal (Part 1)
In this episode, I chat with Ory Segal about the differences between traditional and serverless security, the importance of the CSA’s 12 Most Critical Risks for Serverless Applications, and what the future of serverless security looks like.

And the flurry of AWS announcements and launches begins… 💨

Note: There were a TON of announcements this past week. I only included a handful of them that were really interesting to me, but it’s worth checking out the What’s New blog on AWS to see them all.

Amazon SNS Adds Support for Dead-Letter Queues (DLQ)
This is an amazing update! My biggest concern with sending events to SNS with destinations other than Lambda, was not being able to capture failures and replay messages. Now you can add an SQS queue to handle any failed delivery. Game changer.

AWS Lambda Supports Amazon SQS FIFO (First-In-First-Out) as an Event Source
Here’s an amazing edition to the Lambda event source catalog. SQS support has been available for quite some time, but SQS FIFO queues required a CloudWatch Events Rule hack to trigger your Lambda function every minute. Now you can simply subscribe a Lambda, and it will process your ordered messages serially as soon as they enter the queue.

You now can configure table settings when you restore a table from your Amazon DynamoDB backups
Love this feature! If you wanted to restore data to a new table, you had to restore all of the indexes and capacity settings. Now you can restore data without that extra overhead, which might even give you some flexibility with your data model.

Amazon DynamoDB adaptive capacity now handles imbalanced workloads better by isolating frequently accessed items automatically
This is a super cool feature. DynamoDB will now take frequently accessed items (like popular product records) and automatically distribute them to different partitions to avoid creating hot partitions and requiring more throughput.

AWS Lambda now supports Node.js 12
If you’ve been hoping for import/export statements, async stack traces, and private class variables, the wait is over.

AWS Lambda now supports Python 3.8
This is the newest major release of the Python language, and contains many new features such as assignment expressions, positional-only arguments, and typing improvements.

AWS Lambda now supports Java 11
You can use Java 11 features such as its improved HTTP Client API and new methods for reading and writing strings when authoring your functions.

AWS Step Functions adds Amazon EMR service integration
AWS Step Functions is now integrated with Amazon EMR, making it faster to build and easier to monitor EMR big data processing workflows. Read more here.

AWS AppSync adds Real-Time enhancements with Pure WebSockets support for GraphQL Subscriptions
Real-time updates to connected clients is becoming a standard practice in modern applications, and this new feature from AppSync, which basically handles all of this for you, is absolutely amazing. Read more here.

Amazon Transcribe Now Supports Speech-to-text in 8 Additional Languages
Repeating my previous comment for prosperity: “I’m looking forward to them fully supporting English.”

Support record-level insert, update, and delete on Amazon S3 with Amazon EMR
Super interesting use cases are possible with this, including a whole bunch of data privacy compliance. More about this here.

AWS CodePipeline Enables Passing Variables Between Actions At Execution Time
You can now pass variables from one action to another in your pipeline and dynamically configure your actions with variables that will be evaluated at execution time.

Amazon CloudWatch Launches Embedded Metric Format
This certainly adds a bunch of new capabilities, but it does seem to add quite a bit of heavy-lifting to your logging strategy.

AWS CloudFormation Launches Resource Import
So this is a super cool feature that allows you to import existing resources into CloudFormation stacks. Still waiting for the feature that allows you to export a resource configured in the console to a CloudFormation template. More detail here.

Introducing AWS Data Exchange
AWS Data Exchange is a new service that makes it easy for millions of AWS customers to securely find, subscribe to, and use third-party data in the cloud.

Thoughts from Twitter 🐦

I have some serious questions for you Twitter. What currently prevents the wide adoption of chaos engineering in your organization? ~ Adrian Hornsby
According to Adrian’s poll, it looks like most people feel as though there is “enough chaos in production” already, which obviously isn’t the point. It’s a fascinating discipline that most orgs would definitely benefit from.

Upcoming Serverless Events 🗓

There are a lot of upcoming serverless events, webinars, livestreams, and more. If you have an event you’d like me to mention, please email me.

November 20, 2019 – Serverless for PCI DSS Blueprint (Webinar)

November 22, 2019 – Is Serverless SecureLess? (Webinar)

December 2-6, 2019 – AWS re:Invent 2019

December 14, 2019 – ServerlessDays Fukuoka Japan

Serverless Star of the Week ⭐️

There is a very long list of people that are doing #ServerlessGood and contributing to the Serverless community. These people deserve recognition for their efforts. So each week, I will mention someone whose recent contribution really stood out to me. I love meeting new people, so if you know someone who deserves recognition, please let me know.

This week’s star is Jeff Hollan (@jeffhollan). Jeff is the Principal Program Manager for Microsoft Azure Functions. I know this issue is mostly about AWS and re:Invent, but let’s not forget that Microsoft launched a bunch of cool serverless stuff at Microsoft Ignite a couple of weeks ago. Jeff is leading the charge with Azure Functions, and when he gets free time, you will likely find him chatting up how to leverage cloud technology and serverless at various conferences and events around the world. Thank you, Jeff, for your advocacy and continued push for serverless innovation! 🙌

Final Thoughts 🤔

The number of announcements from AWS, two weeks before re:Invent, is already overwhelming. I know more are coming next week, and the ones at re:Invent are going to be mind-blowing! If you like to geek out on this stuff like I do, hold on to your hats, because the next few weeks are going to be a wild ride.

I hope you enjoyed this issue of Off-by-none. Please send me your feedback and suggestions as they help to make this newsletter better each week. You can reach me via Twitter, LinkedIn, Facebook, or email and let me know your thoughts, criticisms, or (perhaps) even how you’d like to contribute to Off-by-none. If you like this newsletter, and think others would too, please do me the honor of sharing it with friends and coworkers who are interested in serverless.

Take care,
Jeremy

Share this newsletter with your friends and coworkers!


Off-by-none is a weekly email newsletter that focuses on the technical details of building applications and products in the cloud using serverless technology. Together we can become better developers and product people by making fewer mistakes as we learn from each other. Off-by-none is the idea that we can become exceptional at what we do, if we are willing to put in the work. Join me on this journey as we help the community work to develop best practices, share our ideas, and learn to build better cloud-based software.

Sign up below and get Off-by-none delivered to your inbox every Tuesday.

I respect your privacy and I will NEVER sell, rent or share your email address.