A Weekly Newsletter By Jeremy Daly

Off-by-none: Issue #80

March 10, 2020

Welcome to your Lambda Destination… 🏝

Welcome to Issue #80 of Off-by-none. Thanks for joining us!

Last week, we met some new heroes, got HTTP APIs support in the Serverless Framework, and a GA version of NoSQL Workbench. This week, the Serverless Framework adds Lambda Destination support, we see a massive investment in serverless, and we get a new serverless podcast. Plus we have plenty of awesome posts from our friends in the serverless community.

⚠️ Before we begin, don’t forget to take the Serverless Community Survey! And if you already took it, please share it with all your recently work-from-home (or self-quarantined 😬) coworkers, family, and friends. ☣️

Serverless News & Announcements 📣

End-to-End Observability for Serverless
Instantly monitor and troubleshoot Lambda functions to get the full picture of what they’re doing and why they fail. Agentless and automated, Epsagon delivers full visibility for containers, VMs, FaaS, and more with no training, manual coding, tagging or maintenance required. Try free today!. Sponsored

AWS Lambda Destination Support
Praise [insert deity of your choice]! 🙌I cannot understate the importance (or my excitement of) Lambda Destinations. And now that the Serverless Framework supports them, I can go through all my recent projects and pull out those AWS::Lambda::EventInvokeConfigs from my resources.

Netlify nabs $53M Series C as microservices approach to web development grows
Another big money investment into the serverless space. Netlify is a great example of taking a serverless use case to the extreme and monetizing it. Happy to see this company keep growing and enabling more serverless sites.

Announcing the new Real-World Serverless podcast
More serverless content for your commute! 🎧Yan Cui has launched a brand new podcast where he discusses real-world use cases and challenges with the engineers who are building serverless applications.

2019 CNCF Survey results are here: Deployments are growing in size and speed as cloud native adoption becomes mainstream
The CNCF released the results of their cloud native survey from last year. Some of the big takeaways are that container usage is up (no surprise there), but 41% of respondents are using serverless, with AWS Lambda topping out the hosted solution (53%) and Knative being the most popular (34%) for installable software.

TriggerMesh Joins the Cloud Native Computing Foundation
I still think we need to have a separate “Cloud Native, but for real this time, Computing Foundation” that focuses only on serverless, but I guess having more contributors to the CloudEvents spec isn’t a bad thing.

Putting an End to the Misery of Serverless Application Debugging With Thundra
I saw a demo of the Thundra Debugger the other day and it is very, very cool. One of the biggest problems we have as serverless developers is needing to test code remotely, which often means republishing over and over and adding more logging. The way this tool integrates directly with your IDE changes everything.

Serverless Stories 📖

Rust and Serverless, with a focus on Cloudflare Workers
Simon Werner has a good post that documents his experience trying to build a REST API with Rust and serverless. Lots of roadblocks right now, but given the future of WASM and serverless computing at the edge, this is something to keep your eye on.

How to Build a Scalable, Cost-Effective Event-Driven ETL Solution using Serverless?
Vyas Sarangapani has an awesome post that documents the architecture his team used to build a serverless ETL system. I love when people share their architectures. It’s always super instructive to see how others solve their problems.

AWS Lambda With Static Outgoing IP
Not every problem is easily solved with a serverless solution (though I’ve had success using a NAT Gateway as a proxy), so sometimes throwing an EC2 server into the mix might work for you. Yury Smykalov explains why EC2 plus tinyproxy worked for him.

Serverless Use Cases 🗺

Build Slack Home Tab in minutes using AWS Lambda and Amazon EventBridge
Slobodan Stojanović has a great article that shows you how Vacation Tracker is using their SAR App to route their Slack commands through EventBridge and off to Lambda workers to handle the response. There are some very cool patterns in here, plus sample code if you want to implement some of this yourself.

AWS primitives for scheduling future tasks
Paul Swail outlines a few strategies that can be used to schedule tasks with AWS. This has been written about extensively (and he includes some links to those articles), but it’s a common use case that creeps up from time to time. I personally like running a CloudWatch Event every 15 minutes and using an SQS with a DeliveryDelay to handle more precision, but everything has its tradeoffs.

Does Serverless Make Sense for Your Organization?
This article lays out five different use cases for serverless that are being applied by a number of large companies. There are a few “other considerations” in here, but I feel like we’ve addressed those a thousand times over.

Monitor Servers and Reboot SolusVM via AWS Lambda Function
Whether you’re running SolusVM or not, using a Lambda function to monitor servers or perform schedules maintenance is a great DevOps use case for serverless.

Serverless Concepts 🏗

5 reasons why you should use EventBridge instead of SNS
Yan Cui outlines five reasons why EventBridge should be your new go-to over SNS. There are still plenty of reasons why you’d want to use SNS, but with all the capabilities being added to EventBridge (like content filtering), the majority of use cases will be satisfied.

Firecracker: lightweight virtualization for serverless applications
If you ever wanted to do a deep dive on Firecracker, but didn’t want to dig through all the open source docs, Adrian Colyer has a treat for you. In this post, he summarizes the recently released NSDI’20 paper on Firecracker and gives you a great overview of its design and the problems it solves.

5 Steps to Making a Predictable Cost Model for AWS Serverless Projects
Great article by Allen Helton that points out a number of cost considerations when building serverless applications. Data transfer, execution time, CloudWatch logs, etc., all have costs associated with them. He also mentions cost modeling around business processes, which I’m a huge fan of. One of the super powers of serverless is knowing exactly how much a particular process will cost you, which makes calculating the value of that process much easier.

Introduction to Firebase
You know I’m a big fan of the AWS ecosystem, but if you’ve never looked at Firebase, you definitely should. There are some great features and capabilities (like built-in auth) that make it a handy tool in your serverless arsenal.

Lambdas in Production
Caleb Brewer has a nice “cheatsheet” of things to remember when running Lambdas in production. It’s not a long list, but each one is an absolute must.

Serverless Tutorials 👷‍♀️

Supercharge Development, Delivery and Management of Serverless Applications
Stackery empowers enterprise development teams to deliver Well-Architected serverless applications quickly, securely, and at scale— without the overhead of complex infrastructure and operations management. Accelerate overall development and secure delivery of serverless applications by up to 60x – so your team can focus on perfecting core business logic. Sponsored

HTML to PDF conversion using Node.js runtime as AWS Lambda Functions
Keyur Bhole shows you how to generate a PDF from HTML and CSS using the Node.js runtime on AWS Lambda Functions. He also provides you with the compiled executables to add to you Lambda Layers.

Add type definitions to your Lambda functions
Great tip from Paul Swail about using the @types/aws-lambda library to add autocomplete and type checking to your IDE when developing with TypeScript.

New at Begin: add and manage routes via manifest file
I really like what Brian Leroux and his team are doing over at Begin. The Architect Framework is really powerful and super easy to use, and Begin ties it all together to let you build modern apps, “fast af.” 😉

Serverless Kubernetes with Amazon EKS
I have absolutely no interest in doing this, but for those of you looking for a K8s alternative with the same basic semantics, this tutorial is for you.

Using Serverless Framework with the Amplify Client Library
If you want to take advantage of the Amplify Client Library, but you’d like more control over your serverless backend, Josh Heling can show you how.

Serverless Security 🔒

Egress Filtering in Serverless Applications
I love me a good serverless security post. Dorian Smiley points out something that many people seem to overlook (besides the fact that most developers don’t think about security). Lambda functions that are not in a VPC have wide open “outbound” access to the public Internet. There are several reason why you would want this, but if you are using lots of NPM dependencies (and you know you are), then this can be a huge security risk. Dorian offers some mitigation strategies in here, but having the ability to disable outbound access from non-VPC Lambda functions has been on my #awswishlist for quite some time.

Serverless (in)security
Pawel Rzepa rehashes the main concerns with security in serverless. As he says, it’s really all about application security. Don’t trust any inputs (even if generated by a cloud resource), use the Principle of Least Privilege, and be wary of third-party dependencies. That should get you most of the way there.

Serverless Reads 🤓

Cloud developers are falling in love with serverless computing – and more soon should
Jason English has a nice round up of some recent studies and reports about serverless that point to the adoption curve trajectory. We’ve commented in the past on the reports mentioned, and the underlying data certainly seems to show that people get it. Although, that recent CNCF survey said 83% of cloud customers are running containers with 78% on Kubernetes.

11 Reasons Why You Are Going To Fail With Microservices
This isn’t specific to serverless, but I found the article to be quite interesting. I’m a huge fan of microservice architecture, especially using serverless, but it is very easy to get lots of things wrong. There are many excellent reasons to choose microservices, however, be cautious of the potholes along your journey.

Serverless is not functions
David Carboni has a thoughtful piece that discusses the “unlearning” that must happen as we move to a serverless mindset. He also recounts his “presentation-less” talk at ServerlessDays Cardiff (which I was lucky enough to see in person).

De-construct the Monolith: How Serverless Modernizes Infrastructure & Refactors Apps
Another great post by Tim Zonca from Stackery. If you’re trying to get some decision makers to buy in on serverless, send them a link to this post.

For the commuter… 🚎

Serverless Chats Podcast – Episode #39: Big Data and Serverless with Lynn Langit
In this episode, I chat with Lynn Langit about why big data is outgrowing traditional systems, how bioinformatics and genomics are generating the biggest data scale ever seen, and why serverless and the cloud are making it easy for researcher to process this data faster and more economically.

ServerlessDays Nashville 2020 – How to fail with Serverless by Jeremy Daly
Here’s my talk from ServerlessDays Nashville. The cloud is designed for failure, and public cloud providers like AWS have several ways to deal with those failures in your applications. In this talk, I review the failure modes and retry policies that allow you to build resilient, highly-available systems.

Videos from ServerlessDays Nashville 2020
And if you really want to dig deep, check out the YouTube playlist for all of the talks at ServerlessDays Nashville 2020.

Why you should use OpenAPI for your API design
Nick Van Hoof talks about how OpenAPI can make your life easier in a serverless world in his presentation from the API Conference.

New from AWS 🆕

AWS Serverless Application Repository adds support for sharing applications with AWS organizations
I really love the concept behind SAR, but multi-account sharing was always a bit of a pain. Now you no longer need to manually enter in account ids, but can share with your entire organization and never have to worry about updating your app configs again. Check out this great post by James Beswick.

Amazon CloudWatch now allows you to combine multiple alarms
You can now combine multiple alarms to reduce alarm noise and focus on critical operational issues. This is a pretty cool feature. For example, I have an alarm on ApproximateNumberOfMessagesVisible and another one on ApproximateAgeOfOldestMessage. I only need an alert if they both cross a certain threshold.

AWS WAF adds Anonymous IP List for AWS Managed Rules
Useful feature if you want to block users who attempt to hide their identity or evade geographic restrictions.

Build k-Nearest Neighbor (k-NN) similarity search engine with Amazon Elasticsearch
This is a very cool new feature built in to Amazon Elasticsearch. While a relatively simple algorithm, k-NN is quite effective, and can be a super useful addition to your ES datasets.

Amazon SageMaker Ground Truth Now Supports Multi-Label Image and Text Classification and Amazon CloudWatch Events
If you’ve ever actually built a machine learning application, you’ve likely had to set up an interface for human review (it’s okay, you can admit it). So having SageMaker Ground Truth at your disposal is pretty sweet. And now you can enable multi-classification and CloudWatch events to kick off additional workflows.

Serverless Tools 🛠

24 open source tools for the serverless developer: Part 1 & Part 2
Yan Cui has assembled a list of open source tools that help make serverless development easier.

Thoughts from Twitter 🐦

In this thread: more evidence AWS needs to build a circuit breaker state service, and integrate it deeply into Lambda. Customers arguing about the best way to implement something we all need to build for ourselves is a prime indicator of opportunity. ~ Ben Kehoe
Ben makes an extremely important point. If you’re not using circuit breakers, you should be, but the implementation (and the best practices) aren’t very obvious when it comes to Lambda functions. Also, depending on the invocation method, velocity, and throughput, there are different ways to approach the problem (think stream processing). Having an official built-in feature would be very nice.

We recently made changes that reduced the time to ~5 min consistently. We’re not done yet as this continues to be a priority for us this year. When we say a config is deployed we reference p100 metrics; however, most edge locations are updated in seconds. ~ Amazon CloudFront
Um, so this is awesome news. I was not seeing these improvements the other day (still looking at 20+ minutes for initial deployments and 15+ for modifying updates), but the fact that this is being worked on and some changes have been made, is welcome news.

Friends, I’m just starting to get into and research AWS Lambdas, but as primarily a front-end dev, I don’t have a lot of use cases in mind. What are some of the ways you’re using Lambdas? ~ Kyle Shevlin
Kyle has been an awesome contributor to the JavaScript space, and it’s great to see him venturing into serverless. His post asks for use cases, and while I commented that you can use serverless for almost anything, there were several more specific responses that you might find helpful in the thread.

Upcoming Serverless Events 🗓

There are a lot of upcoming serverless events, webinars, livestreams, and more. If you have an event you’d like me to mention, please email me.

March 10, 2020 – How Best Friends Animal Society Shifts-Left with Security Strategy on AWS Serverless Infrastructure (webinar)

March 13-April 10, 2020 – Getting Started with Amazon DynamoDB (Virtual Workshops)

March 19, 2020 – ServerlessDays Zürich

March 24, 2020 – ServerlessDays Helsinki 🗣

March 24, 2020 – Introducing HTTP APIs: A Better, Cheaper, Faster Way to Build APIs (Online Tech Talk)

March 27, 2020 ServerlessDays Hamburg (Rescheduled to October 2)

March 30, 2020 – Optimizing Lambda Performance for Your Serverless Applications (Online Tech Talk)

April 6, 2020 ServerlessDays Boston (Rescheduled – new date pending)

April 20, 2020 – ServerlessDays Auckland

April 23, 2020 – ServerlessDays Vienna

April 24, 2020 – ServerlessDays Paris

Serverless Star of the Week ⭐️

There is a very long list of people that are doing #ServerlessGood and contributing to the Serverless community. These people deserve recognition for their efforts. So each week, I will mention someone whose recent contribution really stood out to me. I love meeting new people, so if you know someone who deserves recognition, please let me know.

This week’s star is Amy Arambulo Negrette (@nerdypaws). Amy most recently started a role as Cloud Architect at Trek10, a company that designs, builds, and supports serverless and event-driven architectures for its customers. But before her recent move, Amy was a Cloud Software Engineer at CloudReach, and prior to that, came from the public sector where she designed enterprise scale solutions while updating them with serverless technologies. She’s even built web applications for names like Yahoo! Sports and NASA. Thank you, Amy, for all your work in serverless! 🙌

Final Thoughts 🤔

Lots of great stuff happening in the serverless space this past week. More tools, more investments, and more great content to help developers learn how to build better serverless applications. In other not-so-good news, the recent COVID-19 outbreak is wreaking havoc on people’s health and the world economy. So, stay safe out there, wash your hands, take care of your loved ones, and if you’ve got some extra time at home because you no longer need to commute to the office, use that time to learn more about serverless. 😉

Also, please don’t forget to take the Serverless Community Survey! The more responses we get, the more valuable the data will be. We are sharing this data with everyone, so your input will help the community make serverless better.

I hope you enjoyed this issue of Off-by-none. Please send me your feedback and suggestions as they help to make this newsletter better each week. You can reach me via Twitter, LinkedIn, Facebook, or email and let me know your thoughts, criticisms, or (perhaps) even how you’d like to contribute to Off-by-none.

Best,
Jeremy

P.S. If you like this newsletter, and think others would too, please do me the honor of sharing it with friends and coworkers who are interested in serverless.

Share this newsletter with your friends and coworkers!


Off-by-none is a weekly email newsletter that focuses on the technical details of building applications and products in the cloud using serverless technology. Together we can become better developers and product people by making fewer mistakes as we learn from each other. Off-by-none is the idea that we can become exceptional at what we do, if we are willing to put in the work. Join me on this journey as we help the community work to develop best practices, share our ideas, and learn to build better cloud-based software.

Sign up below and get Off-by-none delivered to your inbox every Tuesday.

I respect your privacy and I will NEVER sell, rent or share your email address.