Off-by-none: Issue #25

Serverless architectures for the rest of us…

Welcome to Issue #25 of Off-by-none. Thanks for joining us! 👍

Last week we discussed the UC Berkeley paper about serverless and pondered how SaaS providers should be thinking about serverless integrations. This week we thank IOpipe for supporting open source, explore some helpful serverless architectural patterns, and share plenty of great content and stories from the community.

A lot happening with serverless this week, so let’s get to the good stuff. 🍰

When you care about supporting the open source community… 🎗️

I am super excited to announce that IOpipe is now sponsoring two of my serverless open source projects! Lambda API and Lambda Warmer are projects that aim to make building serverless applications easier, and now with the generous financial support from IOpipe, I can make them even better. First item on the agenda: push Lambda API to a stable v1 release so that organizations can more easily build and test serverless applications before shifting their workloads with the strangler pattern.

When you’re not sure how to design your serverless architecture… 🤷‍♂️

When I first stared working with serverless applications, my biggest challenge was wrapping my head around event-driven architectures and function composition. Building small, single-purpose functions makes sense, but as soon as you start trying to figure out how they all efficiently communicate with one another (and with other services), the options can become overwhelming.

So which “pattern” do we use? The default answer always seems to be “it depends,” which, is usually not that helpful. Luckily for us, the good folks over at AWS have put together a new resources called AWS Solutions. This is a collection of vetted, technical reference implementations designed to help you solve common problems and build applications faster. These solutions cover a number of categories, but there’s a great section on serverless.

Everything from building an Ops automation tool, to centralized logging, to predictive analytics using SageMaker is covered. They even have a solution for our favorite serverless use case: image processing 😉. But seriously, these solutions include deep technical references, source code, architectural drawings, and the ability to launch the solution directly. If you are thinking about building anything on AWS, this is an amazing reference to inspire you and help you work through your own solution.

And speaking of amazing references, Rob Gruhl from Nordstrom has published the first article in a series entitled Adventures in event-sourced architecture. Event-sourcing is another pattern for distributed systems that is very effective for building large-scale, loosely coupled microservices. By using a distributed ledger to capture event stream data, you provide a tremendous amount of flexibility while increasing data quality and system reliability. I highly suggest reading this piece, even if it’s just to get the old gears turning. ⚙️

What to do if you prefer a serverless multimedia experience… 🍿

Forrest Brazeal is back with his Think FaaS Podcast. This week he discussed “Serverless In Production” with Yan Cui, another AWS Serverless Hero and serverless wizard. 🧙‍♂️

Marcia Villalba spends some more time sitting on the terrace at the Venetian talking about Serverless with Nitzan Shapira. Nitzan’s the CEO and co-founder of Epsagon, and knows his stuff when it comes to serverless observability.

And on the topic of people who know their stuff, Jeff Hollan talks about Azure Functions and the future of Serverless in the Enterprise in this talk for SSW TV.

When you want the latest serverless announcements… 📢

Nubewa has come out of stealth mode with a hefty $4.8M seed round. How Nuweba Brings Serverless Computing into the Mainstream explains a little more about what the company does and their plans for the future. More financial investments into the serverless ecosystem is always good news. 💰

Thundra released a new User Interface which helps you Identify “Jobs To Be Done.” This makes taking the right actions more intuitive when new events happen. I like this approach as it goes beyond just traditional alerts.

When people can’t stop talking about serverless security… 🔑

If you’re using Amazon GuardDuty and you want a better way to analyze the results, this post will teach you How to visualize Amazon GuardDuty findings using a completely serverless backend.

Insufficient logging in any system can lead to security issues simply because you don’t have enough data to see what’s happening within your application. Serverless implementations mostly require us to handle logging ourselves. In Securing Serverless Applications with Critical Logging, Renato from Dashbird points out some of the most important things that should (and shouldn’t) be logged from our serverless functions.

And Baffle released it First Data Protection Solution for AWS Lambda Serverless Compute, which essentially provides a data management layer that automatically encrypts and decrypts data as it is passed back and forth to Lambda functions.

When you don’t have enough frequent flyer miles… ✈️

If you weren’t able to attend ServerlessDays Cardiff, there’s a nice write up here. And ServerlessDays Hamburg was also a great success. Here’s a breakdown of Day 1 and Day 2 so you can see what you missed 😉. And there are plenty more ServerlessDays events coming up, including Boston and the recently announced ServerlessDays Helsinki.

If you don’t feel like traveling, Lumigo is hosting a webinar on the 7 things you need to know before going serverless.

Ory Segal from PureSec and Dan Cornell from Denim Group are hosting An OWASP SAMM Perspective on Serverless Computing webinar this Thursday.

And finally, Ran Ribenzaft from Epsagon and Heitor Lessa from AWS, are hosting a Serverless Observability Webinar that’s sure to provide some excellent insights.

When you’re interested in some real-world Serverless Stories… 🔦

In My Experience With Serverless GraphQL, Amo Moloko walks through some of the major gotchas he experienced and shows you how to get around them.

Intercom shows us How they used DynamoDB Streams to visualize changes in frequently updated objects. Sort of a twist on the event-sourcing model we discussed earlier, but using data changes as events. It’s an interesting way to capture history without completely redesigning the data flow.

Chris Oh spend weeks trying to figure out the best way to deploy a Scala serverless Lambda function using Travis CI. Luckily for us, he documented what he went through here and provided all the code.

Reusing Connections Lambda Functions (POC) is an interesting read that shows what happens when you start to bump up against “non-serverless” components in your serverless applications. Nice shoutout to Serverless MySQL in there as well. 😀

Manav Kohli from Thanx wrote an in-depth piece that tells us How to Process Data with Terraform and Lambda. There are still some great serverless use cases for Terraform, though I’d rather control my serverless applications using SAM or the Serverless Framework.

Where to look for some thought-provoking serverless use cases… 👀

Alex DeBrie teaches us how to Connect AWS API Gateway directly to SNS using a service integration. There are plenty of use cases for bypassing Lambda, and Alex walks us through a very popular one.

Jason Mihalopoulos show us an example of Serverless Data Processing with AWS Step Functions that uses sentiment analysis to flag negative reviews.

CouchDB Filters with OpenWhisk Triggers is another great use case by James Thomas that shows you how to restrict document changes to only the events you care about.

And how about a use case that provides a serverless, single page web application and set of supporting API Gateway end points and backing Lambda functions, which allow users to upload videos into S3 and compute and edit closed captions? Good news, AWS Labs already took care of it for you.

When your brain needs some good serverless reads… 🔖

FinDev and Serverless Microeconomics: Part 1 is a great piece by Aleksandar Simovic that discusses the new economic paradigm that serverless brings to software and how understanding the business value, revenue, cost, and the relationships among them, touches nearly every aspect of your business.

Forrest Brazeal published a new issue of Cloud Irregular that discusses how IAM Is The Real Cloud Lock-In. For those of you that are chained to your Active Directory cluster, you’ll understand this all too well. And Forrest’s FaaS and Furious cartoon got its own site, so be sure to go and check the archives.

SignalFX published The Definitive Guide to Serverless Monitoring and Observability that points out the challenges associated with monitoring serverless applications. It’s a good read that will get you thinking about what additional tools need to be put in place.

Better local development for Serverless Functions by Shane Dowling takes you through the trials and tribulations of attempting to emulate cloud services locally.

A new blog called Serverless Life has just recently popped up. There are some interesting articles on there that can keep you busy reading for awhile.

The Developer’s New Role in 300 Serverless Environments is a great piece by Toby Fee of Stackery that talks about the pains and benefits of managing multiple cloud environments for your serverless projects. Separating resources using stages, accounts and versions can get a bit difficult to manage, but Toby argues the tradeoffs are worth it.

If you’re interested in how Fission (sort of like Knative) works, Four Techniques Serverless Platforms Use to Balance Performance and Cost is a really in-depth piece that looks at it from a number of angles.

When people are (maybe) trying to make serverless easier… 💁‍♀️

λ# (pronounced “Lambda Sharp”) is a Compiler for CloudFormation that  compiles all associated code, uploads all generated assets, and deploys a CloudFormation stack in a single command. Hmm.

Maxim Zaks is working on LIDL , an  Interface Definition Language for AWS Lambda. I haven’t formed any opinions around this yet, but I’d be interested to hear your feedback.

What to do if you’re new to serverless, and really like listicles…

John Demian from Dashbird gives you Ten Amazing Benefits of Serverless Technology, which you may want to compare and contrast with the Ten Attributes of Serverless.

If you are a Google fan, you can learn Everything You Need to Know About Google Cloud Functions in this post on the New Stack.

And finally, if you are overwhelmed by all the new serverless lingo, Paul Swail put together a Serverless Glossary for you.

When you want to fire up your IDE and get hands-on with serverless… 👩‍💻

Here’s a quick and easy guide to Using Cognito for users management in your Serverless application. Everything you need to get up and running.

This is another short post that teaches you how to Use Git with AWS CodeCommit Across Multiple AWS Accounts. Very handy feature if you are using different profiles for different repositories.

If you’re using OpenFaaS, How to build a Serverless Single Page App gives you a very detailed walkthrough of the code and infrastructure needed.

Zac Charles is back teaching you how to Remotely debug .NET in AWS Lambda (with Breakpoints). And Gavin Lewis shows you How to Debug .NET Core Lambda Functions Locally with the Serverless Framework.

When you’re glad AWS is keeping everything up-to-date… 🛡️

AWS jumped right on the Container Security Issue (CVE-2019-5736) and updated all of their affected services. Check the list to see if you need to take any action on your side.

For you IoT fans, AWS announced IoT Atlas, a collection of IoT designs available in an easy-to-use, searchable website. The designs are cloud-service agnostic, allowing you to use them under the Creative Commons license where ever you want.

Amazon Kinesis Data Firehose Announced Support for Custom Amazon S3 Prefixes. Great way to partition your data for faster querying with something like Athena.

And finally, Jerry Hargrove updated his Periodic Table of Amazon Web Services, just in case you weren’t confused enough by their seemingly endless set of cloud offerings. 😁

Serverless Star of the Week ⭐️

There is a very long list of people that are doing #ServerlessGood and contributing to the Serverless community. These people deserve recognition for their efforts. So each week, I will mention someone whose recent contribution really stood out to me. I love meeting new people, so if you know someone who deserves recognition, please let me know.

This week’s star is Rob Gruhl (@RobGruhl). Rob is a senior engineering manager at Nordstrom and an AWS Serverless Hero. His team has been using serverless architectures to build scalable solutions since the advent of the serverless era. Rob and his team have also created and released two major open source projects: Serverless Artillary and the amazing, Hello Retail. He has been discussing event-sourcing architecture in distributed serverless systems for quite some time, and his new series of posts we discussed earlier is sure to make this excellent pattern easier to grok. Thanks for your continued contributions, Rob! 🙌

Final Thoughts 🤔

Lots of good news for the serverless ecosystem this week! I really like the new AWS Solutions compendium that was released. I think it will help a lot of people struggling with these new design patterns. And, of course, investments in companies like Nuweba are positive indicators that the space is continuing to grow and mature. Always more work to do, but it is great to see the pace of serverless adoption speeding up.

I hope you enjoyed this issue of Off-by-none. Please send feedback and suggestions so I can keep making this newsletter better each week. Feel free to contact me via Twitter, LinkedIn, Facebook, or email and let me know your thoughts, criticisms, or how you’d like to contribute to Off-by-none.

And please share this newsletter with your friends and coworkers who are interested in serverless. I shall be eternally grateful. 🙇‍♂️

See you next week,
Jeremy

Off-by-none: Issue #19

Starting off the new year with a serverless bang… 💥

Welcome to Issue #19 of Off-by-none. I’m so glad you’re here to talk about serverless! 🙌

Last week we reminisced about 2018 and laid out some plans for the new year. This week we’ll sort through all the serverless content that people created over the holiday break. Plus we look at some serverless use cases, share some upcoming webinars, and give you links to plenty of great talks to keep you busy for awhile.

We’ve got a lot to get to today, but before we jump in, I wanted to share that Lambda API v0.10 was released. Lambda API is a lightweight web framework for your serverless applications. It’s open source, fast, free, and now supports seamless integration with ALBs. v0.10 also added support for multi-value headers and query string parameters, plus new method-based middleware and much more. I’d love for you to check it out and send me feedback.

Okay, back to our regularly scheduled program. Here we go! 🚀

When you’d rather just sit back and watch some serverless videos… 🍿

ServerlessDays Milan 2018 released videos of all the talks from their event in October of last year. Lots of really great talks in here from Yan Cui, Ian Massingham, Danilo Poccia, and many more.

Serverless Computing London has also released some additional videos including Mikhail Shilkov’s Performance Tales of Serverless, Nate Taggart’s Rethinking Testing For Serverless, and Guy Podjarny’s Serverless Security: What’s Left To Protect?

Heitor Lessa announced that the second season of Build on Serverless is going to be about “Building a Serverless Airline App from scratch + leading practices applied.” This is a fun (and educational) thing to watch. You can (and should) RSVP on Twitch.

Also, Marcia Villalba released the first video in her Serverless Interviews series which just so happens to feature yours truly. So if you want to see me ramble on about serverless for 15 minutes while admiring the view of the Mirage in the background, this video is for you.

When you want to learn more about serverless security… 🔒

The team over at Protego created a Damn Vulnerable Serverless Application and donated it to OWASP so that you can learn what not to do when building serverless application. You can read more about it here. Now we have this AND the Serverless GOAT project that PureSec donated last month. These are both great resources to see how easily serverless vulnerabilities can be exploited and what to do to protect your application.

If you’re interested in discussing the OWASP Top 10 and how they apply to serverless applications, Ory Segal and I are hosting a Foundations of Lambda Security webinar on January 24, 2019 at 11am ET. Lots on information to cover, plus an interactive Q&A session at the end. Should be fun. 😉

What to do when you’re ready to use Lambda Layers… 🍰

Injecting Chaos to AWS Lambda functions using Lambda Layers by Adrian Hornsby, introduces us to a great use case for Layers. Werner said it best, “Everything fails all the time.” Using Chaos Engineering to test the resiliency of your distributed cloud applications is a great way to ensure that when things do fail, that your application will handle those issues gracefully and minimize the blast radius.

Gojko Adzic and his team created some public layers so you can now use FFmpeg, SOX, Pandoc and RSVG with your AWS Lambda projects. One more thing you don’t have worry about.

And if you want to take a Deep Dive Into Lambda Layers and the Lambda Runtime API, sign up for this webinar hosted by Chris Munns, Principal Developer Advocate at AWS. It’s scheduled for January 31, 2019 at 2pm ET.

When you’re having trouble choosing the right database for your serverless app… ⚖️

Alex DeBrie posted a tweet mentioning Rick Houlihan’s Match Your Workload to the Right Database (DAT301) talk at re:Invent. If you thought his Advanced Design Patterns for DynamoDB (DAT401) talk was amazing, prepare for another mind-blowing experience watching this one. Lots of practical advice to help you choose the right backend for your workload. 🤯

Speaking of DynamoDB, Forrest Brazeal from Trek10 spent his holiday break resurrecting the Northwind database from the annals of MS Access and teaches us how to convert it to NoSQL. From relational DB to single DynamoDB table: a step-by-step exploration is a great guide that shows us both the pros and cons of attempting to move relational workflows to DynamoDB. If you’re thinking about moving to NoSQL, please take a few minutes to read this.

When you’re wondering what AWS has been up to… Δ

AWS announced the Amazon API Gateway Service Level Agreement, which may have you scratching your head thinking, don’t all AWS services have SLAs? Just ask Scott Piper from SummitRoute. He put together an AWS Service Support table that shows just how few AWS services actually have them. Something for the 2019 #AWSwishlist.

The AWS Toolkit for Visual Studio Code project seems to be coming along nicely as well. Whether you just want to try it out, or contribute in some way, it’s pretty cool to see AWS developing more things like this out in the open.

They also keep making strides with Nested Applications. If you’d like to learn more, there is a Nested Applications: Accelerate Serverless Development Using AWS SAM and the AWS Serverless Application Repository webinar scheduled for January 31, 2019.  It’s hosted by James Hood, Sr. Software Dev Engineer at AWS, so you know it’s going to be good.

When you’re looking for some sample serverless use cases… 🔍

I love finding people that are applying serverless to new and interesting use cases. Whether they are solving complex workflows, or just a simple function that accomplishes a single task that makes your life easier, seeing the broad application of serverless is quite fascinating. Here are a few I found this week.

Building a serverless data analytics pipeline by Rodrigo Reis shows us a simple, but effective way to capture a stream of web events. They use an SQS queue and reserved concurrency to help throttle requests to their Elasticsearch cluster, which is both simple, and a great approach at their stage. They’re also smartly using IOpipe for observability.

Blog URL to PDF to Amazon Kindle by Dhaval Nagar outlines a simple app for automatically sending blog posts to a Kindle. There are probably multiple ways that this type of workflow could be used.

Serverless Function to Sync Data from a Database to Google Spreadsheet is another simple workflow that would be perfect for marketing teams, sales, or your billing department. No need to build interfaces for reporting data when there are already tools that people are familiar with.

If you want to get a bit more complex, check out How to build a React chat app with AWS API Gateway WebSockets, Custom Lambda Authorizer. Lots to chew on here, but if you’re heading down the WebSockets path, this is a good resource for you.

When you just want some interesting serverless content… 🤓

Save time and money with AWS Lambda using asynchronous programming by James Beswick provides some great tips for handling synchronous calls in your serverless functions. Also be sure that you Don’t overpay when waiting on remote API calls either.

Mike Vizard predicts the Battle Over Serverless Computing Frameworks to Heat Up in 2019. There is a lot of discussion in this piece about other companies (read: NOT AWS) embracing Knative and other open source “serverless” middleware to power their FaaS solutions. I think this goes to show how popular serverless is becoming and the thrashing that’s going on to catch up with AWS. I’m not sure this is going to play out the way these companies think it will.

There’s a new serverless framework called BAM! I haven’t used it yet, but let’s just add this to the list.

Jerry Hargrove continues to create more Cloud Diagrams & Notes for our viewing pleasure. His AWS Lambda and Aurora Serverless ones are awesome.

Yan Cui shows us how to perform Error Handling in AWS Lambda With Wrappers. He talks about the need for middleware in our serverless applications and how we can use it to capture errors and help us debug our systems.

Speaking of debugging, Hamit Burak Emre over at Thundra shows us how to Debug Your Python Functions Locally. Step-by-step debugging in Lambda functions with breakpoints? Yes, please.

Finally, Slobodan Stojanović, author and serverless wizard, answers the question, “What do you use for scheduling AWS Lambdas?” His answer gives us cron jobs and delayed triggers, all without servers to manage or maintain. 👍

Serverless Star of the Week ⭐️

There is a very long list of people that are doing #ServerlessGood and contributing to the Serverless community. These people deserve recognition for their efforts. So each week, I will mention someone whose recent contribution really stood out to me. I love meeting new people, so if you know someone who deserves recognition, please let me know.

This week’s star is Farrah Campbell (@FarrahC32). Farrah is the Ecosystems Manager at Stackery, a visual tool for building serverless applications. Farrah has become another positive voice in the serverless community, helping to organize ServerlessDays Portland and other workshops, and an ever present figure at conferences helping to spread the serverless word. She was also recently featured as a Serverless Superhero in How serverless is breaking down barriers in tech. Diversity in tech has always been a challenge, so it’s great to have people like Farrah as part of the serverless community working to make it more inclusive.

Final Thoughts 🤔

Week #1 of 2019 is in the books, and if this is any indication, it is going to be a banner year for the serverless community! There has already been a ton of great serverless content so far, plus Paul Johnston pointed out that there are EIGHT ServerlessDays conferences between now and April 11th. One of which is Boston, so be sure to buy your tickets soon! I know I’m excited.

I hope you enjoyed this issue of Off-by-none. Please send me your feedback and suggestions so I can continue to make this newsletter better. Feel free to contact me via Twitter, LinkedIn, Facebook, or email and let me know your thoughts, criticisms, or how you’d like to contribute to Off-by-none.

Take care,
Jeremy

🚀 Project Update:

Lambda API: v0.9.2 Released

Lambda API v0.9.2 has been released and contains additional updates and fixes for the index.d.ts TypeScript declarations file. Thanks again to @hassankhan and @Wintereise for submitting the changes. The release is immediately available via NPM. Read More...

Off-by-none: Issue #12

Leaving on a jet plane (to re:Invent)… ✈️

Welcome to Issue #12 of Off-by-none. I’m glad to see all the new faces here and I can’t wait to meet several of you at re:Invent next week!

Last week we looked at a number of resources for serverless beginners as well as some advanced topics for devs looking to level up. This week we’ll continue to dig deeper and explore more about microservices and step functions, plus we’ll look at how startups can benefit from using serverless.

Before we jump in, I wanted to mention Mark Hinkle’s post that compiles a bunch of serverless survey results. Serverless Adoption by the Numbers is a great overview of the serverless landscape. Some key takeaways include: searches for the term “serverless” have increased 20x in the last 3 years, serverless will overtake containers-as-a-service in 2018, and many companies are leveraging multiple cloud providers. There’s also a list of resources at the end if you want to check out the different surveys. Very encouraging news.

Okay, there is a ton to get to today. Let’s get started! 🤘🏻

What to do when you want to take serverless to the next level… ⛷

Toby Fee from Stackery has a great post that outlines 6 Best Practices for High-Performance Serverless Engineering. Lots of useful tips in here.

A few weeks ago I went to ServerlessNYC and outlined a few key takeaways from Gwen Shapira‘s talk about handling data in serverless applications. Mark Boyd from The New Stack has written a post about her talk that goes into a little more detail. You can watch her talk as well.

Thinking about doing some queue processing with your serverless application? Mikhail Shilkov ran some experiments and documented them in his post From 0 to 1000 Instances: How Serverless Providers Scale Queue Processing. He compares Lambda, Google Cloud Functions and Azure Functions to see how they handle 100,000 messages flooded into a queue. The results are very interesting.

Are you prepared to build a production-ready serverless application? Yan Cui (aka @theburningmonk) has completed his Production-Ready Serverless video course! If you want to get a complete overview of testing, debugging, CI/CD, monitoring, error handling, and more, check out his serverless course.

When you realize the power of Step Functions… 🔌

If you’re still using servers, like Chad Van Wyhe at PCI, you can reduce AWS Costs with Step Functions simply by automating the shutdown and snapshotting of your instances. This is an interesting use case that could be applied to a number of applications.

Paul Swail discovered how to Schedule emails without polling a database using Step Functions. I thought this was quite clever, so I posted the link on Twitter.

Apparently other people thought it was clever as well. 😉 Perhaps this use case was already discovered, but thanks to Paul for documenting it. Plus, there are plenty of applications that would be perfect for. This is most likely going to be my go to strategy for building scheduling services.

When you’re curious what all the fuss is about microservices… 🤓

I’m a huge fan of microservices and have written extensively about them (see here and here, oh and here). So whenever I find content about microservices, I have to take a look. There were a few good resources I came across this week that I wanted to share.

Kyle Galbraith tells us 6 Interesting Things You Need to Know from Creating Serverless Microservices. Kyle is just building a small application, but many of his observations are spot on. I’m not sure I would start by creating separate AWS accounts for each microservice, but it certainly is a valid approach for fine-grained scoping of resource limits plus avoiding other services being noisy neighbors and exhausting concurrent executions.

I recently went down the YouTube rabbit hole when I discovered a talk by Sam Newman from GOTO Berlin earlier this month. Sam Newman is the author of Building Microservices, which is a must read, btw. Anyway, his talk, Insecure Transit – Microservice Security, dives deep into things like the Confused Deputy problem and proposes solutions (like using an internal JSON Web Token to pass context to downstream services). Really good stuff.

I then found a talk he did at GOTO Amsterdam called, Confusion in the Land of Serverless, which is another excellent talk. This ultimately led me to his course: Serverless Fundamentals for Microservices: An Introduction to Core Concepts and Best Practices. I didn’t get a chance to watch this yet, but it looks like a really good, in-depth courses for building microservices with serverless.

When you’re considering what tech to use for your startup… 👨🏻‍💻

James Beswick‘s new post, Serverless for startups — it’s the fastest way to build your technology idea, is a great overview of how serverless can be used to quickly and inexpensively test your product concept. Unless your application needs to do something that serverless can’t do (🤔), there really isn’t a better way to build a greenfield application.

Along the same lines, Necmettin Karakaya wrote a piece that gives you a Full-Stack Serverless MVP recipe for cash-trapped Startups. This might not be the perfect recipe for your use case, but it shows you that there are enough tools and services out there to build your applications without the need to manage servers.

Finally, a while back I wrote a fictional story about two different startup teams. One chose serverless technology, the other did not, and the outcomes are very different. A Tale of Two Teams is a fun read that draws from real experiences that I’ve had over the course of my 20 years spent writing software and building applications.

When you want to get started with serverless… 🚼

New Relic gives us some Tips and Practical Guidance for Getting Started with AWS Lambda. There is plenty of good bits of information in here. Worth the read if you’re new to Lambda and serverless.

It’s amazing how many open source serverless platforms there are. In 7 open source platforms to get started with serverless computing, Daniel Oh lays out a number of popular choices. He also gives a great overview of Knative. Helpful if you’re interested in orchestrating and serving up your own serverless function containers.

When you want to bring serverless workflows to the enterprise… 🏢

Forrest Brazeal and Chris Munns put on a great webinar on Serverless Workflows for the Enterprise. There were some excellent ideas in there for segregating shared services accounts and setting up Dynamic Feature Pipelines. There were also lots of best practices for testing, secrets management, and multi-account security. You can watch the video and download the slides.

You can also listen to Forrest and Jared Short talk about the Future of FaaS  (and Jared’s new role at Serverless, Inc.) on the Think FaaS podcast.

When AWS makes it impossible for you to keep up with their product updates… 🤯

And I thought there were a lot of updates last week! AWS is continuing to pump out new features before re:Invent next week. Below is just a sample of some announcements that make their total serverless offering even better.

Also, Forrest Brazeal noticed this in the CloudFormation schema for AppSync the other day:

Looks like we might be getting RDS HTTP Endpoints after all. #gamechanger 👍

Project Update: Lambda API v0.9 Released 🚀

This past week I finally released Lambda API v0.9. Lambda API v0.9 adds new features to give developers better control over error handling and serialization. A TypeScript declaration file has also been added along with some additional API Gateway inputs that are now available in the REQUEST object. You can contribute to the project on GitHub or install it via npm.

Serverless Star of the Week ⭐️

There is a very long list of people that are doing #ServerlessGood and contributing to the Serverless community. These people deserve recognition for their efforts. So each week, I will mention someone whose recent contribution really stood out to me. I love meeting new people, so if you know someone who deserves recognition, please let me know.

This week’s star is Paul Swail (@paulswail). Paul is a full-stack web developer/cloud architect from Northern Ireland who has a consulting company called, Winter Wind Software. He’s got a great blog about serverless and a weekly newsletter. He also built this handy Lambda Scaling Calculator. Earlier we mentioned his latest article, Schedule emails without polling a database using Step Functions, but it is worth mentioning again. It’s use case ideas like this that help developers and businesses realize the power of serverless. Keep up the great work, Paul!

Final Thoughts 🤔

That was a lot to get through, but I hope you’re encouraged (as I am) by all the progress being made with serverless. Some new patterns are starting to emerge that are expanding use case examples, plus more experiments and tales from developers using it in production are making the case for serverless even stronger. There’s always more to do, plus with re:Invent next week, we’re sure to see a number of great new features.

I’ll be at re:Invent next week, so I look forward to sharing all the things I learn! And please ping me if you want to meet up to chat about serverless or grab a drink. 😀🍻

I hope you’ve enjoyed this issue of Off-by-none. Please send me your feedback and suggestions. They are always welcome and appreciated. It helps me make this newsletter better each week. Please feel free to contact me via Twitter, LinkedIn, Facebook, or email and let me know your thoughts, criticisms, and if you’d like to contribute to Off-by-none.

Now go build some amazing serverless apps! ⚡️

Take care,
Jeremy

P.S. If you liked this newsletter, please share with your friends and coworkers. I’d really appreciate it. Thanks! 😉

🚀 Project Update:

Lambda API: v0.9 Released

v0.9 adds new features to give developers better control over error handling and serialization. A TypeScript declaration file has also been added along with some additional API Gateway inputs that are now available in the REQUEST object. Read More...

Off-by-none: Issue #10

Do you hear what I hear? 👂

Welcome to Issue #10 of Off-by-none. Thanks for joining us! 👍

Last week we talked about how serverless was starting to gain quite a bit of momentum with things like the announcement of more tools and conferences. However, my attendance at the ServerlessNYC conference was a bit of an eye-opener for me. I spoke with a lot of people about a “serverless bubble” (although echo chamber is probably a better way to describe it). I knew that the serverless community was still relatively small, but have we gotten to the point where we’re just feeding the community and not doing enough to expand it?

This week we’re going to explore the topic of serverless adoption and offer up some resources to help companies and developers get started with this amazing technology. Let’s go! 🏎

When you realize you might be in a serverless echo chamber… 🙉

I posted this tweet a couple of days after the ServerlessNYC conference and I got quite a bit of feedback. There were several people pushing back on the idea, but I think many of those who did are in the “serverless echo chamber” themselves. There was a lot of discussion here that needs to be boiled down and researched a bit more, but I think it is clear that there are a number of factors that are hampering serverless adoption. I’d love to know your thoughts on this, so please weigh-in on the Twitter thread, or send me a note.

When you’re sad that you missed ServerlessNYC… 🗽

It really was a great event. But cheer up, my friend, there’s no need for #FOMO. I’ve put together a recap of the event with all the key takeaways and lessons learned.

TLDR; Kelsey Hightower made you rethink the barriers to serverless adoption, Jason Katzer told us that unlimited still has limits, Gwen Shapira gave us new ways to think about serverless data flow, Ben Kehoe made us adopt a new serverless native mindset, Tyler Love showed us that serverless can easily handle billions of requests, Chase Douglas filled some gaps for us in the serverless development lifecycle, and an open source serverless panel told us we need to work on standardization.

When you realize that serverless is more than functions… 🎉

Epsagon recently launched their distributed tracing product for serverless applications, and decided to kick it off with a star-studded webinar (plus me 🤣). But seriously, Shannon, Nitzan and Ran are doing some great things around serverless observability. This discussion, with insights from Yan Cui and Corey Quinn, was really interesting. You can watch, listen, or read it here.

Speaking of webinars, Forrest Brazeal is hosting an AWS Online Tech Talk called Serverless Workflows for the Enterpise on November 14, 2018 at 12pm ET. This will focus on how to seamlessly build and deploy serverless applications across multiple teams in large organizations. Should be a great intro for enterprises looking to adopt serverless.

When you’re still on the fence about adopting serverless… 🎓

7 tools that ease serverless adoption outlines a few of the tools we’ve been talking about for a while. While this isn’t an exhaustive list, the article does give recommendations for the three major areas of serverless applications: development, monitoring and security. There are a lot of other tools out there (like the Serverless Framework) that can help you jump into the serverless waters, but this is a good list to get you started. ⚡️

Ben Kehoe was interviewed by the Wall Street Journal about serverless computing requiring a shift in mindset. I like the way Ben thinks about serverless, especially when he says things like, “Your developers should care about solving business problems and not solving technology problems, but we’ve been solving technology problems for so long that that’s what we tend to care about first.” (🎤 drop)

Another key component to adopting a tech like serverless, is to make sure that developers can leverage their existing skills. Programming language options are a big piece of that. Yan Cui’s new AWS Lambda Programming Language Comparison post gives us a great overview of supported languages and the pros/cons to think about when choosing a serverless runtime. ⚖️

Finally, security tends to be a sticking point (especially with SysAdmins) when it comes to adopting serverless (and the cloud in general). Luckily for us, Ory Segal at PureSec has put together some AWS Security Best Practices for AWS Lambda. Serverless gives us the ability to develop applications that are more secure and more resilient if designed properly. Also check out my Securing Serverless: A Newbie’s Guide for an overview of serverless security in general.

When you discover the meaning of Occam’s razor

“The simplest solution tends to be the correct one.” I’ve talked to a lot of people this past week about serverless adoption, and it wasn’t surprising to hear what the use case was for most early adopters. According to The New Stack, 73% of people using serverless are using it for HTTP REST APIs and web applications. This was echoed by many of the people I spoke with, and also evident from a number of candidates I recently screened that had listed “serverless” as one of their skills.

It seems that “migrating an Express.js app to Lambda with a [pick your favorite database] backend” is how most people tend to get started. Of course, migrating a monolith to a serverless function might not be the best (or most efficient) use of serverless (read Yan Cui’s: AWS Lambda — should you have few monolithic functions or many single-purposed functions?). However, it is familiar enough to lower the bar for adoption. But once we’ve taken that step, how do we start optimizing our applications?

There are a ton of options, and I know that many people (including myself) love GraphQL. AWS even has their AppSync service that can make building GraphQL endpoints much easier, but like everything managed, it comes with a cost. Plus, sometimes our APIs go beyond simple CRUD operations and we need something more expressive, powerful, and familiar. If you’re looking for an alternative, check out the open source Lambda API project.

It’s an alternative to Express.js, Koa, Restify and other Node.js web frameworks, and is built specifically for serverless applications. There are a lot of built-in features to get you up and running fast, plus support for things like middleware, logging, and much more. We’re always looking for contributors, so please give it a try and help us make adopting this type of serverless use case even easier.

When you finally have a reason to try serverless… 👩‍💻

Serverless, Inc. (creators of the fabulous Serverless Framework) are hosting the #NoServerNovember Challenge this month. Every week they will be releasing a series of serverless challenges that will help experienced users level up, and brand new users get started. If you’ve been wanting to try serverless, these challenges will give you something a little more interesting to do than following a “hello world” tutorial. Plus there’s some swag in it for the winners.

Serverless Star of the Week ⭐️

There is a very long list of people that are doing #ServerlessGood and contributing to the Serverless community. These people deserve recognition for their efforts. So each week, I will mention someone whose recent contribution really stood out to me. I love meeting new people, so if you know someone who deserves recognition, please let me know.

This week’s star is Soenke Ruempler (@s0enke). Soenke is the co-founder of , a cloud and serverless consulting firm in Hamburg, Germany. He’s also an organizer for  as well as the . He recently shared his slides from his talk at code.talks last month. Serverless vs. (Backend) Developers is a really interesting look at the state of serverless adoption and provides some great insights for serverless 🥑s to change the way they are advocating.

Final Thoughts 🤔

As much traction as serverless has gained, there is a loooooong way to go. Information Technology is a multi-trillion dollar market and public cloud computing is only a tiny fraction of that. According to Chris Munns, “MOST cloud is still VM. On prem most compute is still bare metal. Containers adoption at scale is still so so so tiny.” So where is serverless in all this?

Lots of people are experimenting with containers, but the vast majority of companies and developers are still using traditional architectures (on-prem or cloud-based VMs) to build their applications. It’s very possible that serverless could completely leapfrog containers in terms of adoption if it evolves to support both startup and enterprise use cases. Is the echo chamber that is the serverless community making the case to help expand serverless adoption, or are we simply feeding on our own hype? I’d love to know your thoughts.

I hope you enjoyed this issue of Off-by-none. Feedback and suggestions are always appreciated and help to make this newsletter better each week. Please feel free to contact me via Twitter, LinkedIn, Facebook, or email and let me know your thoughts, criticisms, and if you’d like to contribute to Off-by-none.

Now go spread the word by telling your friends about serverless. See you next week! 👋

Thanks again,
Jeremy

🚀 Project Update:

Lambda API: v0.8.1 Released

Lambda API v0.8.1 has been released to patch an issue with middleware responses and a path prefixing options bug. The release is immediately available via NPM. Read More...
🚀 Project Update:

Lambda API: v0.8 Released

Lambda v0.8 is finally here and was well worth the wait! New features include allowing middleware to accept multiple handlers, new convenience methods for cache control and signing S3 URLs, and async/await support for the main function handler. And best of all, new LOGGING and SAMPLING support for you to add more observability into your APIs and web applications. Read More...

How To: Build a Serverless API with Serverless, AWS Lambda and Lambda API

AWS Lambda and AWS API Gateway have made creating serverless APIs extremely easy. Developers can simply create Lambda functions, configure an API Gateway, and start responding to RESTful endpoint calls. While this all seems pretty straightforward on the surface, there are plenty of pitfalls that can make working with these services frustrating.

There are, for example, lots of confusing and conflicting configurations in API Gateway.  Managing deployments and resources can be tricky, especially when publishing to multiple stages (e.g. dev, staging, prod, etc.). Even structuring your application code and dependencies can be difficult to wrap your head around when working with multiple functions.

In this post I’m going to show you how to setup and deploy a serverless API using the Serverless framework and Lambda API, a lightweight web framework for your serverless applications using AWS Lambda and API Gateway. We’ll create some sample routes, handle CORS, and discuss managing authentication. Let’s get started.

Continue Reading…

🚀 Project Update:

Lambda API: v0.1.0-beta released

I made a few changes to support empty response and automatic string conversion. There were some minor documentation updates as well. Almost ready for a stable version. 🎸 Read More...