The Dynamic Composer (an AWS serverless pattern)

I’m a big fan of following the Single Responsibility Principle when creating Lambda functions in my serverless applications. The idea of each function doing “one thing well” allows you to easily separate discrete pieces of business logic into reusable components. In addition, the Lambda concurrency model, along with the ability to add fine-grained IAM permissions per function, gives you a tremendous amount of control over the security, scalability, and cost of each part of your application.

However, there are several drawbacks with this approach that often attract criticism. These include things like increased complexity, higher likelihood of cold starts, separation of log files, and the inability to easily compose functions. I think there is merit to these criticisms, but I have personally found the benefits to far outweigh any of the negatives. A little bit of googling should help you find ways to mitigate many of these concerns, but I want to focus on the one that seems to trip most people up: function composition.

Continue Reading…

Takeaways from ServerlessNYC 2018

I had the opportunity to attend ServerlessNYC this week (a ServerlessDays community conference) and had an absolutely amazing time. The conference was really well-organized (thanks Iguazio), the speakers were great, and I was able to have some very interesting (and enlightening) conversations with many attendees and presenters. In this post I’ve summarized some of the key takeaways from the event as well as provided some of my own thoughts.

Note: There were several talks that were focused on a specific product or service. While I found these talks to be very interesting, I didn’t include them in this post. I tried to cover the topics and lessons that can be applied to serverless in general.

Update November 16, 2018: Some videos have been posted, so I’ve provided the links to them.

Audio Version:

Continue Reading…

What 15 Minute Lambda Functions Tells Us About the Future of Serverless

Amazon Web Services recently announced that they increased the maximum execution time of Lambda functions from 5 to 15 minutes. In addition to this, they also introduced the new “Applications” menu in the Lambda Console, a tool that aggregates functions, resources, event sources and metrics based on services defined by SAM or CloudFormation templates. With AWS re:Invent just around the corner, I’m sure these announcements are just the tip of the iceberg with regards to AWS’s plans for Lambda and its suite of complementary managed services.

While these may seem like incremental improvements to the casual observer, they actually give us an interesting glimpse into the future of serverless computing. Cloud providers, especially AWS, continue to push the limits of what serverless can and should be. In this post, we’ll discuss why these two announcements represent significant progress into serverless becoming the dominant force in cloud computing.

Continue Reading…

Off-by-none: Issue #5

It’s nobody’s fault but mine

Welcome to Issue #5 of Off-by-none. I really appreciate you being here! 🙌

Last week we took a more in-depth look at how we can use traditional microservice patterns and adapt them to our serverless applications. An Introduction to Serverless Microservices was the first in a series of posts to demonstrate the power of serverless microservices and how they can be implemented.

There are a lot of topics to cover, but I consistently get questions about how to handle errors in distributed systems. This is especially significant with serverless architectures since functions are ephemeral and observability is less than ideal. I’m working on a new post on this topic that I’ll share soon.

In the meantime… ⏰

When you’re looking for a good serverless read… 📖

The Case of the Broken Lambda by Vicki Boykis is an interesting read that turns debugging a Lambda function into a modern Sherlock Holmes mystery. The issue described is very specific, but there are some valid lessons in here.

Speaking of debugging, Investigating spikes in AWS Lambda function concurrency by Ian Carlson, Principal Solutions Architect at AWS, is another great read. This post gives you some useful strategies for tracking down issues caused by errant code or upstream scaling that can exacerbate concurrency issues.

Finally, Adnan Rahić published A crash course on Serverless with AWS — Image resize on-the-fly with Lambda and S3. Interesting use of Docker to package binaries for a Lambda function. This is a great example of how the Lambda runtime environment can support much more complex use cases.

When the idea of “serverless” relational databases piques your interest… 🕵️‍♂️

Aurora Serverless has been generally available for almost 2 months now. I was really excited when it came out and published Aurora Serverless: The Good, the Bad and the Scalable which goes into quite a bit of detail regarding cost and performance. I notices that AWS is hosting some webinars this week that might be interesting to those who want to explore this technology in more depth. You can register here for a live session or to get the replay when it’s available.

Serverless Star of the Week ⭐️

There is a very long list of people that are doing #ServerlessGood and contributing to the Serverless community. These people deserve recognition for their efforts. So each week, I will mention someone whose recent contribution really stood out to me. I love meeting new people, so if you know someone who deserves recognition, please let me know.

This week’s star is Paul Johnston (@PaulDJohnston). Paul was one of the co-founders of ServerlessDays (formerly Jeff), a senior developer advocate for serverless at AWS, and a serial CTO that has embraced serverless in all his recent endeavors. I really like the way Paul thinks about serverless, and while his occasional blog post is always worth the read, I’ve found myself spending a lot of time lately watching some of his conference talks. Like this one and this one and definitely this one.

One of the things I like so much about Paul is that he’s opinionated. I don’t always agree with some of his opinions 😉, but I definitely like how he makes his case for serverless and how it should be done. With best practices still emerging in serverless, I think it’s important for new developers to have some sort of framework to start with. Agree or disagree, Paul continues to put his ideas out there.

Final Thoughts 🤔

I’ve spent a lot of time this past week continuing to work on our serverless microservices at AlertMe. I’ve been immersed in this for the last few months, and through that process, some of my thinking has evolved a bit. I’ve discovered so many nuances, complexities, and workarounds, that I’ve had to stop a few times to build tools (like serverless-mysql) to encapsulate some of them. While these are obviously helpful, I feel like some of this tooling is starting to bog down the simplicity that is (or was) serverless. My boilerplates are getting a bit out of hand, which is something to think about.

I hope you enjoyed this issue of Off-by-none. Please send me feedback and suggestions to make this newsletter better. Contact me via Twitter, LinkedIn, Facebook, or email and let me know your thoughts, criticisms, or even how you’d like to contribute to Off-by-none.

Go build some great serverless apps. Hope to see you all next week!

Take care,
Jeremy

Off-by-none: Issue #4

All I see is choreography and I’ll never be a dancer

Welcome to Issue #4 of Off-by-none. Thanks for being here! 🙌

Last week we started a conversation about serverless microservices. It was mostly an overview to get us thinking about handling complexity in our serverless architectures and some of the challenges we might face when doing so. This week I want to dive deeper and start looking at how we can use traditional microservice patterns and adapt them to serverless applications.

Let’s get started! 🚀

When you like to break a mental sweat too… 🤯

Thinking about microservices can be a bit of a mind-bending experience for developers. Add serverless computing to the mix, and many run back to the safety and familiarity of their monolithic applications. I also think that there is still a lot of confusion about what serverless microservices look like and how they are implemented.

In my new post, An Introduction to Serverless Microservices, I outline a few basic principles of microservices and then discuss how we might implement them using serverless. I also touch on the idea of orchestration versus choreography and when one might be a better choice than the other with serverless architectures. I hope readers will walk away from this realizing both the power of the serverless microservices approach and that the basic fundamentals are actually quite simple to implement.

What to do when you’ve finished binge watching a show on Netflix and your brain feels like mush… 📚

We’ve been talking a lot about building applications with serverless microservices, but we haven’t really discussed the tools we can use to actually manage our deployments. Luckily for us, Nitzan Shapira over at Epsagon does it for us in The Most Popular Deployment Tools for Serverless.

If I had just one wish, it would be for more hours in the day. If I had two wishes, the second would be to reduce concerns with my cloud infrastructure. Paul Swail at Winter Wind Software gives us a list of concerns that go away in a serverless world. If I had just three wishes, the last one would be to have attended…

ServerlessDays PDX. Portland put on quite a show the other week (even without wifi apparently). And according to Jeffrey Fate (who was in attendance), “Observability is the new black.” He wrote a great post that summarizes each talk and provides a few key takeaways. I’m still hoping for the videos.

When you’re trying to debug your serverless app and you just want to scream… 😱

Last week, Steve Mayszak from AWS showed us some techniques for Serverless Application Debugging and Delivery Best Practices. Spoiler Alert: it was heavily focused on using AWS native technologies like Cloud9 and CodeStar, but there were some good nuggets in there regarding debugging your Lambda functions with X-Ray and how to use SAM templates to create safe deployments. You can watch the recording and check out the slides.

Ben Kehoe, Cloud Robotics Research Scientist at iRobot, takes a slightly different approach. In a recent InfoQ podcast, Ben talks about unit testing locally, then performing integration tests on deployed functions. He also talks about red/black deployments, something he’s mentioned before given the issues caused by canary deployments in distributed systems. Definitely worth a listen.

Where to turn for security advice when you realize that PCI, HIPPA, and others are slow to address cloud-native technologies… ☁️

How about here? PureSec just launched an OWASP Top 10 Project for Cloud-Native Application Security. This new document will raise awareness and create a baseline for application security in modern cloud-based application architectures such as serverless computing, container-based applications and microservices. I think this is long overdue, so I’m glad that Ory and his team took the initiative to organize this. They are looking for contributors as well, so join the project and help make the cloud more secure.

Serverless Star of the Week ⭐️

There is a very long list of people that are doing #ServerlessGood and contributing to the Serverless community. These people deserve recognition for their efforts. So each week, I will mention someone whose recent contribution really stood out to me. I love meeting new people, so if you know someone who deserves recognition, please let me know.

This week’s star is Marcia Villalba (@mavi888uy). You probably already know Marcia. She’s an AWS Serverless Hero that consistently produces fun and creative serverless and AWS content. Her FooBar channel on YouTube has well over 100 videos loaded with great serverless tips and tutorials and she publishes new videos every week. You can also stay updated on her new videos by following her blog.

The reason I chose Marcia this week is because she just started releasing videos en Español!  According to Wikipedia, over 437 million people speak Spanish across the globe. I love writing about serverless and introducing it to new audiences, but unless you want me to ask you “where is the train station?” in Spanish, English speakers are my primary audience. The fact that Marcia (a native Spanish speaker from Uruguay living in Finland) produces such amazing content in English is worthy of our praise, but now that she is introducing serverless to millions more in their native language, is just plain exceptional.  🙌

Final Thoughts 🤔

The more I write about serverless microservices, the more I realize just how amazing this technology is. And with new tools and services being released all the time, these benefits will soon become accessible to more and more people. I think that developers would be wise to embrace serverless as the need for specialists in this area will only continue to grow. These are some exciting times!

I hope you enjoyed this issue of Off-by-none. Please send me your feedback as it is always appreciated and helps to make this newsletter better each and every week. Contact me via Twitter, LinkedIn, Facebook, or email and let me know your thoughts, criticisms, or even how you’d like to contribute to Off-by-none.

Go build some great serverless apps. Hope to see you all next week!

Hasta luego,
Jeremy

An Introduction to Serverless Microservices

Thinking about microservices, especially their communication patterns, can be a bit of a mind-bending experience for developers. The idea of splitting an application into several (if not hundreds of) independent services, can leave even the most experienced developer scratching their head and questioning their choices. Add serverless event-driven architecture into the mix, eliminating the idea of state between invocations, and introducing a new per function concurrency model that supports near limitless scaling, it’s not surprising that many developers find this confusing. 😕 But it doesn’t have to be. 😀

In this post, we’ll outline a few principles of microservices and then discuss how we might implement them using serverless. If you are familiar with microservices and how they communicate, this post should highlight how these patterns are adapted to fit a serverless model. If you’re new to microservices, hopefully you’ll get enough of the basics to start you on your serverless microservices journey. We’ll also touch on the idea of orchestration versus choreography and when one might be a better choice than the other with serverless architectures. I hope you’ll walk away from this realizing both the power of the serverless microservices approach and that the basic fundamentals are actually quite simple.  👊

Audio Version:

Continue Reading…

Off-by-none: Issue #3

They say that breaking up (an app) is hard to do

Hello, All! Welcome to Issue #3 of Off-by-none. I’m so happy that you’re here to talk about #serverless. ⚡️

Last week we talked about serverless security and how important it is to educate developers, especially now that they are much closer to the execution stack and typically lack the necessary security training. This week, I want to start a discussion about what to do as more and more complexity begins creeping into our serverless applications. This is a long discussion, so we’ll just skim the surface today, but over the next few weeks, I’d like to expand on this topic and see where it leads us.

Let’s dive in! 🏊‍♂️

When your monolith starts to get out of hand… 🔥

A very popular use case for serverless is to create microservices (or even nanoservices). And before you respond with the obvious, “well of course, who would create monoliths with serverless?” Let me just say, a lot of people create monoliths in serverless. While there is much discouragement about doing so, in some narrow use cases, it can make sense. However, for most serverless workloads, splitting up your services into small, composable units, is a much better choice.

I’ve written extensively about serverless microservice patterns for AWS, and I’m personally a huge fan of microservice architectures in general. But microservice architectures are complex, and require coordination and communication between services to operate efficiently at scale. We strive for low coupling and high cohesion in our services, constantly wrestling with our choices of synchronous versus asynchronous communication, eventual consistency, orchestration versus choreography, service boundaries and much more.

Serverless introduces us to new ways to interconnect these microservices. We can use the more traditional pub/sub or message bus approach with things like SNS. Plus we can still queue information with SQS and use competing consumers to process our messages. But serverless is also an event-driven architecture, which goes beyond the service-oriented architectures (SOAs) of the past. Our services can be triggered by streamed events from Kinesis or DynamoDB, react to things like file uploads, configuration changes, alarms and much much more. They can drive the caching and routing behavior of CDNs with dynamic and distributed worker functions. They can coordinate massively distributed jobs at almost any scale and still aggregate the results using state machines, durable functions, or other available patterns.

This is a new way to think about and design our applications, and it isn’t easy. My most recent project has left me scratching my head a number of times about the best way to choreograph the communication between services. I’m even rereading Sam Newman’s Building Microservices to try and make sense of some of these paradigm shifts while still applying the best practices that more traditional microservice architectures have taught us. There is a lot to take in, so don’t feel bad if some of this stuff perplexes you. 😕

There are several good articles and talks that I link to in today’s newsletter, so explore these to see how others are dealing with these services at scale. I’ve been working on a few pieces that attempt to boil all this down for you, but they’re not quite ready for primetime. I hope this gets you thinking about this topic, and please feel free to share with me other resources you’ve found on the subject.

When you want to learn from the experts… 👨‍🔬

ServerlessDays Portland was yesterday, and it looks like it was another successful event. (BTW, I’m on the planning committee for ServerlessDays Boston, so follow us on Twitter and stay tuned for announcements).

Obviously Chris Munns was there, and gave a talk about “Serverless and DevOps?” and was kind enough to put the slides online. I’m hoping that the event was filmed and we’ll see some of the videos pop up online soon. It’s always great to see talks by Charity Majors, Nitzan ShapiraErica WindischKelsey Hightower and others.

Speaking of videos of serverless talks, A Cloud Guru just dropped the mother load! A ton of ServerlessConf 2018 talks are now available for your viewing pleasure! Grab a pen and a notebook, some popcorn, and get ready to binge watch hours of brilliant serverless talks. 🍿😳📺

Also, don’t forget that there is an AWS webinar on September 19, 2018 at 9 AM PT about Serverless Application Debugging and Delivery. I think it will be interesting, so I’m planning on watching.

When you have a few extra minutes to read on the train… 🚂

Chris Armstrong over at Gorilla Stack wrote a great piece called Splitting your Serverless Framework API on AWS. The CloudFormation 200 resources limit has bitten many of us when we start to build and launch complex serverless applications. Chris outlines some strategies to break up your Serverless apps by using a “base stack” to create your API Gateway and then integrate child stacks as your app grows. 👍

If there’s one company that has gone all in on serverless, it’s Nordstrom. Last week they launched a new blog on Medium (with a really creative title 😉) called Tech at Nordstrom. In their first real post, Google Cloud Next 2018: Is this the year that Google embraces serverless?, Rob Gruhl talks about how Nordstrom invokes over 200 million serverless functions every day and outlines a great wishlist for Google Cloud. ⛅️

Finally, Raees Bhatti teaches us how to Use Cloudflare Workers + Serverless Framework to add reliability and uptime to your FaaS. This is a great follow up to Troy Hunt’s article we mentioned last week that allowed him to support 141M monthly queries of 517M records for just 2.6 cents per day. 💸

What happens when Ory Segal bumps into Simon Wardley at SFO? ✈️

💥 Pure magic. Ory and Simon spend just over 30 minutes Musing on Serverless and Application Security in this excellent “informal” interview. Simon Wardley is the creator (and namesake) of Wardley Maps, which helps you anticipate market and ecosystem developments so you know where to go and why. He is a huge proponent of serverless and makes a number of compelling arguments as to why it will be the next big thing. There is both an audio version and transcript of this interview. It is an excellent discussion that is packed with valuable information and definitely worth a listen/read.

Serverless Star of the Week ⭐️

There is a very long list of people that are doing #ServerlessGood and contributing to the Serverless community. These people deserve recognition for their efforts. So each week, I will mention someone whose recent contribution really stood out to me. I love meeting new people, so if you know someone who deserves recognition, please let me know.

This week’s star is Andrea Passwater (@andreapasswater). Andrea is the Lead Content Strategist over at Serverless, Inc., creators of the amazing Serverless Framework. While Andrea describes herself as someone who “doesn’t code“, she has done a pretty good job stitching together some serverless applications to help automate her marketing tasks (see her Serverlessconf 2018 Lightning Talk). However, I didn’t choose Andrea just because she showed us how easy it is for “non-developers” to get started with serverless, but because of the valuable content she helps to create and disseminate.

“You probably aren’t just changing the way developers work. You could eventually start a mass automation movement that changes the way everyone works.” ~ Andrea Passwater

I’ve met thousands of developers over my career, and there are a select few that can present technical information in a way that can inspire others to change their mindset and explore new things. Andrea is not only coordinating this type of content (through the Serverless blog, [cron]incle newsletter, and Twitter), but is also doing a great job of distilling down technical content for the masses. Anything that helps lower the barrier to entry for serverless is a win in my book.

On a more personal note, I have two daughters in middle school, one who loves science, and the other who loves math. In a male-dominated tech industry, women like Andrea (who also started the #WomenWhoServerless meet ups) serve as role models to girls and young women all around the world who want to get into technology. You need to know that you’re making a positive impact, and that you have the undying gratitude of dads like me.  🙌

Final Thoughts 🤔

As I mentioned in the beginning, I just wanted to start this conversation about managing complexity in our serverless applications. As we begin to reach scale, there are a lot of things to start thinking about, especially when it comes to coordination of microservices. We’ll explore this in more detail in the weeks to come, but it never hurts to get a head start.

Also, it’s important to remember as we start to talk about serverless scale, that serverless has other use cases that apply to much smaller tasks as well. Think about the little things that Andrea Passwater automated to make her job a bit easier. Thinking Serverless (Big and Small) goes into some more detail about some of the smaller use cases as well.

I hope you enjoyed this issue of Off-by-none. Feedback is always greatly appreciated and helps me make this newsletter better each week. Contact me via Twitter, LinkedIn, Facebook, or email and let me know your thoughts, angry rants, or even how you’d like to contribute to Off-by-none.

Go build some great serverless apps. Hope to see you all next week!

Cheers,
Jeremy

Serverless Microservice Patterns for AWS

I’m a huge fan of building microservices with serverless systems. Serverless gives us the power to focus on just the code and our data without worrying about the maintenance and configuration of the underlying compute resources. Cloud providers (like AWS), also give us a huge number of managed services that we can stitch together to create incredibly powerful, and massively scalable serverless microservices.

I’ve read a lot of posts that mention serverless microservices, but they often don’t go into much detail. I feel like that can leave people confused and make it harder for them to implement their own solutions. Since I work with serverless microservices all the time, I figured I’d compile a list of design patterns and how to implement them in AWS. I came up with 19 of them, though I’m sure there are plenty more.

In this post we’ll look at all 19 in detail so that you can use them as templates to start designing your own serverless microservices.

Audio Version:

Continue Reading…

How To: Tag Your Lambda Functions for Smarter Serverless Applications

As our serverless applications start to grow in complexity and scope, we often find ourselves publishing dozens if not hundreds of functions to handle our expanding workloads. It’s no secret that serverless development workflows have been a challenge for a lot of organizations. Some best practices are starting to emerge, but many development teams are simply mixing their existing workflows with frameworks like Serverless and AWS SAM to build, test and deploy their serverless applications.

Beyond workflows, another challenge serverless developers encounter as their applications expand, is simply trying to keep all of their functions organized. You may have several functions and resources as part of a microservice contained in their own git repo. Or you might simply put all your functions in a single repository for better common library sharing. Regardless of how code is organized locally, much of that is lost when all your functions end up in a big long list in the AWS Lambda console. In this post we’ll look at how we can use AWS’s resource tagging as a way to apply structure to our deployed functions. This not only give us more insight into our applications, but can be used to apply Cost-Allocation Tags to our billing reports as well. 👍

Continue Reading…

Mixing VPC and Non-VPC Lambda Functions for Higher Performing Microservices

I came across a post the in the Serverless forums that asked how to disable the VPC for a single function within a Serverless project. This got me thinking about how other people structure their serverless microservices, so I wanted to throw out some ideas. I often mix my Lambda functions between VPC and non-VPC depending on their use and data requirements. In this post, I’ll outline some ways you can structure your Lambda microservices to isolate services, make execution faster, and maybe even save you some money. ⚡️💰

Continue Reading…