March 26, 2019
Welcome to Issue #30 of Off-by-none. I’m glad you could join us. I know this is a bit late this week. I’ve been working on the launch of AlertMe’s new serverless article matching system, and it’s been a lot of work. Should be live first thing tomorrow, so I’m looking forward to that.
Last week we recapped some of my favorite things from ServerlessDays Boston, and then we face-palmed on some more talk of #NoOps. This week, we’re going to look at the new Event Fork Pipelines, explore the underlying security model of Lambda, and serve up some more amazing content from the serverless community.
Lots of great serverless stuff to get to, so let’s right jump in! 🤘🏻
AWS announced “Event Fork Pipelines” in this Enriching Event-Driven Architectures with AWS Event Fork Pipelines post. The post outlines a suite of new open-source Nested Applications that can be easily plugged into your SAM templates or launched directly from the Serverless Application Repository into your account. I highly suggest reading the post so that you understand what each of the three pipelines can do, but I wanted to take a minute and highlight the underlying pattern that makes these pipelines possible.
The diagram below is showing the “event fork pattern”, or what I’ve called the Distributed Trigger or Distributed Queue pattern in the past. This has become a very common pattern (I’ve been using it more and more myself lately) because the reliability of SNS to SQS is insanely high. SNS will literally try 100,010 times to deliver a message to SQS for up to 23 days, making it the perfect buffer to not only throttle events, but to increase their durability as well. Lambda functions are subscribed to the underlying SQS queues that then process the events and move on.
The benefits of these repeatable patterns expose a larger architectural design for your serverless applications. It’s not new, but for many, it is a different way to think about how data flows through your (now distributed) system. I really love how AWS has productized these patterns to make it easier for people to just plug them into their applications. If you plan on building a resilient and scalable serverless system, this is how you should be designing your event workflows and pipelines.
A serverless search engine for Data Scientists and Developers emerges
We’re seeing more and more use cases for data science using serverless tech. Now there’s a new service from Rockset that allows developers and data scientists to ingest all the popular semi-structured formats and automatically turn them into fast SQL tables.
The Lazy Programmer’s Guide to Web Scrapers
Need to automatically grab and aggregate some data every time a resource is updated? Anna Spysz from Stackery wrote up a nice little post about how they use serverless to generate their public changelog.
Build a voting website that doesn’t crash under load (in under an hour)
Need to build an app that has lots of spiky traffic and unpredictable load? James Beswick says, “Sounds like a job for serverless.”
Playing with Perl-based Lambda functions
If you have any Perl scripts lying around (maybe check your cgi-bin), then why not move them to a Lambda function? Well, maybe not. But if you really want to, Andy Powell will show you the way.
Analyze URL paths to search individual elements in Amazon Elasticsearch Service
S3 is great place to drop your files, but it isn’t searchable. This great post from Jon Handler will show you how you can use Elasticsearch to map and index your blob storage.
Location-based search results with DynamoDB and Geohash
James Beswick’s prolificacy brings us another great post that shows us how to create geospatial searches using DynamoDB and Geohashes. Bonus points for mentioning the Haversine formula. 🌎
Using SAM for a small-business website
George Kampanos built a globally-distributed, serverless website for his dad’s restaurant. It not only costs them $0 per month to run, but it also gave him time to make some great GIFs for the blog post.
Train your own chatbot in AWS lambda
If you want to build a serverless chatbot service equivalent to what AWS Lex and Dialogflow offer by using “Snips NLU” and some Python, check out this post by Alex Yu.
Thin Status Monitoring
Service status pages are a must for any SaaS business, and Kev Jackson show us how serverless is perfect for creating highly-available dashboards for you and your customers.
How to warm your lambda function properly
Woonki Moon has some thoughts on what’s the best way to avoid cold starts, if you’re super worried about them. Psst, you probably don’t need to worry about them.
Can We Solve Serverless Cold Starts?
Renato Byrro from Dashbird also shares some insights on cold starts. He even mentions my Lambda Warmer package that can make your life easier if you really, really, really need to keep your functions warm. But again, you probably don’t.
How do You Structure Your Code When Moving Your API from Express to Serverless function
This is actually a really common question. John Papa throws out some best practices for setting up your serverless applications using Azure. Plenty of concepts in here that translate across providers.
Understanding Lambda Concurrency
Another common question. Pubudu Jayawardana shows you some limitations you need to consider when running lots of Lambda functions simultaneously.
AWS SDK Timeouts for Lambda
Did you know the AWS SDK has a default timeout of two minutes? Thomas Michael Wallace gives you some tips to grab a bit more control.
Your first dead simple RESTful API with node.js and serverless
Let Jarett Engdahl walk you through setting up a serverless API using the Serverless Framework and deploying it to AWS.
The AWS Serverless Tools You Can’t Live Without
Peter Swain outline five serverless tools he can’t live with out. TLDR; you need a CDN, framework, observability tool, NoSQL database, and tools to help with local development.
I can serverless, and you can too!
I feel like we’ve already mentioned a few of James’ posts this week, but if you want to learn how to be a great product manager AND use serverless, his stuff is always great.
How and Why to Use CloudFormation Macros
Alex DeBrie has another great post that gives you the what, why, and how of CloudFormation macros. These can come in very handy when building your serverless applications.
Making Terraform and Serverless framework work together
What do you do when you need to share resources like VPCs, SQS queues and RDS databases across multiple serverless applications? Yan Cui gives us some good reasons to use Terraform in combination with Serverless to manage your AWS infrastructure.
AWS Lambda layers with .NET Core
Another “how-to-create-a-lambda-layer” post, but this time Norm Johanson shows us how to do it with .NET Core.
How to Run 1000s of AWS Lambda functions each minute
Ivan Klishch outlines a number of solutions for running Lambdas to process high concurrency workloads.
Amazon Cognito for Alexa Skills User Management
Learn how to set up an Amazon Cognito user pool and how to use it to perform authentication for both your Alexa skill and a webpage.
Jerry Hargrove (aka awsgeek) on Twitter…
“This weekend I was rendering a 3D scene with Blender on EC2. Per frame GPU render time was about 6 seconds, back of napkin math said the job wouldn’t finish for 32 hours. While I waited, I switched to AWS Lambda & the same job finished in 11 minutes. 11 minutes!”
A lookback at ServerlessDays Cardiff
Matthew Lewis helped co-organize the first ServerlessDays event in Wales, and somehow lived to tell the tale. 😂 I know how much work it is to plan a conference like this, but this retrospective is sure to help others along the way.
The Journey to 90% Serverless at Comic Relief
Excellent post by Adam Clark that outlines his company’s journey to serverless.
Deploying API Gateway as a proxy in front of a legacy API
Part three of Paul Swail’s “Serverless Migration Decision Journal.”
Handling thousands of image upload per second with Amazon S3
Asdullah Siddique outlines the solution that uDroppy used to handle the high-volume of image processing needed to serve their customers.
Security Overview of AWS Lambda: An In-Depth Look at Lambda Security
AWS recently published a whitepaper that does an awesome job of digging into all the nuts and bolts of Lambda. If you ever wondered about the isolation model or the Invoke Data path, it’s all in here. Key point for me was that as of March 2019, Lambda is compliant with SOC 1, SOC 2, SOC 3, PCI DSS, HIPAA, and many more. I get a lot of questions about that. This is definitely worth the read.
Security in Serverless. Step by step
Speaking of serverless security, Kirill Kolyaskin outlines a number of important factors for making sure your serverless applications are secure.
Concurrency and Isolation in Serverless Functions
Mikhail Shilkov explore the execution concurrency models of three FaaS offerings and the associated trade-offs.
Benchmarking Lambda’s New Custom Runtime for .NET Core
Zac Charles is at it again with another great post. This time he’s testing out the new Amazon.Lambda.RuntimeSupport library for using newer versions of the .NET runtime.
AWS Config Adds Support for Amazon API Gateway
You can now use AWS Config to record configuration changes to Amazon API Gateway. Definitely useful for operational troubleshooting, audit, and compliance use cases.
Setting permissions to enable accounts for upcoming AWS Regions
You can now control access to enable and disable new AWS Regions for your AWS account with IAM permissions. So when you give your developers keys with star permissions that inadvertently get checked into source control, hackers can only exploit one region.
Amazon Rekognition Launches Enhanced Face Analysis
This release features improved accuracy for gender identification, emotion detection and attributes such as “EyesOpen”.
April 2, 2019 – James Beswick is giving his Scared Serverless talk at the Southern Maine AWS User Group.
April 9, 2019 – ServerlessDays Atlanta. This one is combined with DevOps Days and Map Camp.
April 11, 2019 – ServerlessDays Zurich.
There is a very long list of people that are doing #ServerlessGood and contributing to the Serverless community. These people deserve recognition for their efforts. So each week, I will mention someone whose recent contribution really stood out to me. I love meeting new people, so if you know someone who deserves recognition, please let me know.
This week’s star is Nitzan Shapira (@nitzanshapira). Nitzan is the co-founder and CEO at Epsagon (@epsagon). Not only is he leading the team that built an amazing distributed tracing product that helps you monitor and troubleshoot your serverless application, but he’s also active in the serverless community. You can find him publishing articles on his blog and the Epsagon blog, plus you’re bound to see him speaking at a conference somewhere. Nitzan is also an organizer for ServerlessDays Tel Aviv, which takes place on June 4th of this year. He also gave me a great “I see dead functions” shirt at ServerlessDays Boston 😃. Thanks for all you do Nitzan!
It was an extremely busy week for me and the team at AlertMe as we are getting ready for a big internal launch, but I’m glad I was able to stay plugged in to all the serverless happenings. The Event Fork Pipelines announcement and the Security Overview of Lambda are really important (IMO) to the continued push for serverless adoption. Transparency and education is what the serverless community is all about, and it’s great to see AWS’ and others’ commitment to that.
I hope you enjoyed this issue of Off-by-none. Please feel free to send feedback and suggestions so I can keep making this newsletter better each week. You can reach me via Twitter, LinkedIn, Facebook, or email and let me know your thoughts, criticisms, or how you’d like to contribute to Off-by-none.
If you have a minute, please share this newsletter with your friends and coworkers who might be interested in serverless. I would really appreciate it. 👍
Stay up to date on using serverless to build modern applications in the cloud. Get insights from experts, product releases, industry happenings, tutorials and much more, every week!
Check out all our amazing sponsors and find out how you can help spread the #serverless word by sponsoring an issue.
Jeremy is the GM of Serverless Cloud at Serverless, Inc. and an AWS Serverless Hero that has a soft spot for helping people solve problems using serverless. He frequently consults with companies and developers transitioning away from the traditional “server-full” approach. You can find him ranting about serverless on Twitter, in several forums and Slack groups, hosting the Serverless Chats podcast, and at (virtual) conferences around the world.
Off-by-none is committed to celebrating the diversity of the serverless community and recognizing the people who make it awesome. If you know of someone doing amazing things with serverless, please nominate them to be a Serverless Star ⭐️!