A Weekly Newsletter By Jeremy Daly

Off-by-none: Issue #75

February 4, 2020

The State of Serverless… 🚩

Welcome to Issue #75 of Off-by-none. It’s great to have you here! 👍

Last week, we shared exciting news about several serverless companies that were recently funded, plus highlights from ServerlessDays Belfast. This week, we’ve got excellent serverless survey results from Datadog, some mind-blowing DynamoDB knowledge bombs, plus plenty of content from the community.

If you’re curious about the current state of serverless… ✋

Datadog just released The State of Serverless 2020 report. There is a ton of really interesting insights from their customers’ cloud usage in there, especially the fact that half of them are using AWS Lambda. The report doesn’t break down use cases or the percentage of serverless workloads, but it does point to the fact that many large enterprises (and container users) are starting to implement Lambda functions. This is certainly encouraging for the future of serverless adoption. There has already been some great commentary on this, so I’ll leave further analysis to Chris MunnsFintan Ryan, and Paul Swail.

Serverless News & Announcements 📣

Announcing Serverless CI/CD
CI/CD with serverless applications has oft been an exercise in creativity, leading to some cobbled together monstrosities that would put Mary Shelley to shame. 🧟‍♂️ I did some early testing on the new CI/CD feature in Serverless Framework Pro, and I was very impressed.

Serverless Stories 📖

Scaling to Billions of Requests – The Serverless Way at Capital One
Excellent post by Vijay Bantanur and the team over at Capital One about how they’ve built out their streaming systems using serverless components. Lots of useful information in here, and also a nice proof point for the big data use cases.

How I built Heimdall, an open-source personal email guardian.
This project by Fabian Terh captures just how powerful serverless really is. His system utilizes cloud storage, email protocols, and event-driven compute, all without setting up, maintaining, or paying for servers. I’d also guess that this system costs pennies a month, and the fact that it was built and deployed in just over a week, shows how quickly we can prototype complex systems without massive investments in infrastructure.

Serverless Small Business Expense Tracker
While my typical advice would be to buy a solution like this, Anupam Mahapatra decided that building his own solution was a better choice. I will say, Google App Scripts is pretty cool, so if you use Google for Business, and you’ve got some automation tasks to do, definitely give it a look.

Building a Serverless Solution in AWS for $0.07
While this post doesn’t go into a lot of detail about the inner workings of his application, Rob Larter does reiterate the fact that prototyping solutions like this are fast and inexpensive. The better point, even if it starts to receive a boatload of traffic, it’s already build to handle that scale.

Serverless Architecture: Is It Actually Possible?
Another story of a development team moving to serverless and seeing a 90% cost reduction. There are so many stories like this, and almost all of them have some great tidbits of info in there that the cloud providers can learn from.

Serverless Use Cases 🗺

Starting out with data puddles, then we’ll think about data lakes
Awesome post by Adam Clark that outlines Comic Relief’s strategy for migrating to a serverless data lake. Best piece of advice in this article that should apply to most engineering decisions: “Sure, knitting’s fun for some people, but you’re on the company’s time, go buy the jumper from the store and don’t waste your time knitting a shitty one.” #truth

Creating a global data set: using serverless applications and deep learning
Here’s a good use case for you, using a serverless pipeline to analyze satellite imagery to locate mangrove forests. Ciaran Evans has a great post that outlines what his team did, and how they have been evolving their application to provide for more control and execution insights.

Custom caching strategy using Cloudflare Workers
Here is a deceptively simple use case by Akash Agrawal. One of the great features of Cloudflare Workers (and other edge-computing platforms) is the ability to manipulate the caching based on different attributes of the request as opposed to relying on simple caching strategies. Lots of very cool things that can be done with this.

Serverless Concepts 🏗

AWS – Serverless services on AWS
I think we sometimes take for granted how much we know about a specific topic when we’re so deeply immersed in it. So for those that want a quick rundown of some popular “serverless” AWS products, Ashish Patel has put together a list for you.

Best Practices Guide for Local Prototyping of Serverless Applications
Difficulty testing locally is a common complaint amongst serverless developers. Oftentimes people create a patchwork of local mocking solutions that seldom create parity with cloud environments, which can make local testing even more unreliable. Chase Douglas outlines a few best practices for working locally and highlights some of Stackery’s options to make things easier.

How to analyse and aggregate data from DynamoDB
Michael Bahr does a good job here laying out two popular aggregation use cases for DynamoDB Streams. There are several approaches to calculating aggregates with DynamoDB, and there likely is no one-size-fits-all solution. But hopefully, seeing posts like this will give you some ideas to optimize your own methods.

Introducing AWS CDK with a real life Lambda and API gateway example
Alexander Fortin gives a great overview of the AWS CDK and hits on some of the pros and the cons. He also references the discussion I had with Yan Cui on Serverless Chats about why we’re not particularly sold on it yet. But love it or hate it, it’s clear that many developers are finding it useful. And that’s not a bad thing.

Amazon Builders’ Library in Focus #6: Implementing Health Checks
Yan Cui shares his notes on the Amazon Builders’ Library in part six of his series. There are some interesting lessons here concerning health checks, something we need to think about when accessing “not-so-scalable” dependent systems from our serverless applications.

Serverless Tutorials 👷‍♀️

Use Cloudflare JavaScript Workers to Deploy your Static Generated Site (SSG)
Ernesto Freyre shows you how to use a static site generator and Cloudflare Workers to automate the deployment of your static website. He also throws in some great tips for easily performing rollbacks and handling SPAs.

Whitelist IP Address in Serverless Framework
Billy Dharmawan presents you with a quick and easy way to whitelist IP addresses in API Gateway.

Developing on AWS Lambda (Part 1): NodeJS and the AWS SDK
George Mao shows you how to handle asynchronous calls to the NodeJS AWS SDK in this quick tutorial.

Building your own SMS Serverless API
Jorge Luis Vargas shows you how to build a simple Twilio clone to send SMS messages from your serverless applications.

Cloud Security 🔒

Adopting serverless? Awesome! But have you thought about how to keep it secure?
Fernando Cardoso outlines the five main security concerns of serverless, including misconfiguration, application layer protection, dependency tracking, monitoring and logging, and writing secure code.

Cyberattacks Are Changing: Here’s How
Despite the overwhelming amount of FUD around cybersecurity, there are still things that we actually need to worry about. Third-party dependency poisoning, DDoS/DDoW, misconfigurations, and human mistakes (e.g. phishing) are not going away. The cloud is handling most of the perimeter and network security for us, but while the sky might not be falling, it’s wise to take a look up every once in a while.

Serverless Reads 🤓

Serverless Has Evolved in 2020
While there’s no masking his pitch for Stackery here, I think Tim Zonca makes a number of extremely important points in this posts. As someone who reads A LOT of posts and articles about serverless, it’s frustrating to me to see the same old tired arguments from the past repeated over and over again. The technology has moved passed that, and it’s time for the holdouts to realize that they’re still living in the last decade.

Building a developer community
Though this article isn’t focused on serverless, I think Alex DeBrie makes a lot of points that will affect the serverless ecosystem. Serverless is moving rapidly, and keeping up with the changes might as well be a full-time job. This is exacerbated by the fact that lots of serverless content is spread across the Internet and not organized very well. If you are building serverless tools and services, heed Alex’s advice, otherwise you’re going to leave a lot of people behind.

What Does A Robust Serverless Architecture Look Like?
Aphinya Dechalert argues that a robust serverless architecture requires that “the structure of code rests on a developer’s ability to create isolated solutions for a bigger picture,” which I think I agree with. She also points out the need for implementing permanency between triggers to avoid transient data loss, which I’m not 100% sure is necessary given the failure modes in the cloud. Either way, there are some interesting takes in here.

Narrowing the gap between serverless and its state with storage functions
Reading academic papers can be a bit, well, academic. Luckily for us, Adrian Colyer breaks it down and helps explain the intricacies of physically collocating storage and serverless compute.

For the audio/visual crowd… 📽

Serverless Chats Podcast – Episode #34: Advanced NoSQL Data Modeling in DynamoDB with Rick Houlihan (Part 1)
In this episode, I chat with Rick Houlihan about the use cases for NoSQL, why single table designs are so powerful, ways to model relational data with GSIs, and so much more in PART 1 of this two-part conversation.

Build with DynamoDB – Ep 13: Single-Table Design Pros and Cons
If you didn’t get a chance to see Rick Houlihan and Alex DeBrie go head-to-head in the live cage match on Twitch, it’s definitely worth the watch. There were no folding chairs being smashed, but the discussion about DynamoDB modeling was plenty interesting.

New from AWS 🆕

Amazon Managed Cassandra Service now supports ordering clauses in CQL queries and AWS CloudTrail logging
Friends don’t let friends manage their own Cassandra ring. So if you’re still a Cassandra fan, make sure you check out MCS.

Amazon Redshift now supports per-second billing
So this is pretty cool. Now if we can just get Lambda functions to support per-millisecond billing, we can break out the champagne. 🍾

Serverless Tools 🛠

Run your own conf, the serverless way
If you’re looking to build your own conference app, take a look at this new open source starter project.

Thoughts from Twitter 🐦

Did you try running machine learning workloads (inference, training) on AWS Lambda? I’d love to get your feedback on what worked, what not, which tools you used (or built). Thank you! #Serverless #MachineLearning ~ Danilo Poccia
We have seen several articles that discuss ML use cases in Lambda, so we know that some things are possible. I’m curious to see what Danilo will do with this data he is compiling, because I’m sure it’ll be extremely useful. If you have your own experiences, please share with him.

Not so much for failures, but maybe for general #serverless we utilize the SPRITE framework I just made up: 😉 S – Single responsibility, P – Principle of Least Privilege, R – Repeatability of Deployments, I – Isolation of Environments, T – Tracing and Observability, E – Event-driven ~ Jeremy Daly
This was in response to a post by Tom McLaughlin about a threat model around serverless. My post was a bit tongue in cheek, but the discussion on this thread is very interesting. It might be time for the community to collaborate on something like this.

Upcoming Serverless Events 🗓

There are a lot of upcoming serverless events, webinars, livestreams, and more. If you have an event you’d like me to mention, please email me.

February 6, 2020 – Troubleshooting Serverless APIs (webinar)

February 12, 2020 – Remote debugging of live AWS Lambda functions (Workshop at ServerlessDays Cardiff)

February 13, 2020 – ServerlessDays Cardiff 🗣

February 20, 2020 – The Complete Guide to Observability (webinar)

February 21, 2020 – ServerlessDays Rome

February 27, 2020 – ServerlessDays Nashville 🗣

March 19, 2020 – ServerlessDays Zürich

March 24, 2020 – ServerlessDays Helsinki 🗣

March 27, 2020 – ServerlessDays Hamburg 🗣

April 6, 2020 – ServerlessDays Boston

Serverless Star of the Week ⭐️

There is a very long list of people that are doing #ServerlessGood and contributing to the Serverless community. These people deserve recognition for their efforts. So each week, I will mention someone whose recent contribution really stood out to me. I love meeting new people, so if you know someone who deserves recognition, please let me know.

This week’s star is Dr. Donna Malayeri (@lindydonna). Donna is a Product Manager for Google Cloud Run, and a member of the Knative Steering Committee, which governs the Knative Project. Donna’s serverless experience extends back even before her role at Google though. She previously worked for Microsoft, and served as Senior Program Manager of Azure Functions. The community is lucky to have her expertise in product management for developer-facing technologies, her PhD from Carnegie Mellon, and all her past experience, tirelessly working to make serverless even better. Thank you, Donna! 🙌

Final Thoughts 🤔

It’s great to see real usage data from Datadog’s State of Serverless report, but I’m even more curious about serverless use cases, workload percentages, tools being used, etc. I’ve been working on a Serverless Community Survey that I hope to launch next week with help from the team at Nuweba. I’m still accepting feedback on it, so please feel free to send your thoughts my way.

I hope you enjoyed this issue of Off-by-none. Please send me your feedback and suggestions as they help to make this newsletter better each week. You can reach me via Twitter, LinkedIn, Facebook, or email and let me know your thoughts, criticisms, or (perhaps) even how you’d like to contribute to Off-by-none.

Take care,
Jeremy

P.S. If you like this newsletter, and think others would too, please do me the honor of sharing it with friends and coworkers who are interested in serverless.

Share this newsletter with your friends and coworkers!


Off-by-none is a weekly email newsletter that focuses on the technical details of building applications and products in the cloud using serverless technology. Together we can become better developers and product people by making fewer mistakes as we learn from each other. Off-by-none is the idea that we can become exceptional at what we do, if we are willing to put in the work. Join me on this journey as we help the community work to develop best practices, share our ideas, and learn to build better cloud-based software.

Sign up below and get Off-by-none delivered to your inbox every Tuesday.

I respect your privacy and I will NEVER sell, rent or share your email address.