The purpose of Serverless is to focus on writing the code that delivers business value and offload undifferentiated heavy lifting to the Cloud providers or SaaS vendors of your choice. Today’s code quickly becomes tomorrow’s technical debt even if you meet the perfect decision. The less you own, the better it is from the maintainability point of view. In this talk I will go through examples of the various Serverless architectures on AWS where you glue together different Serverless managed services relying mostly on configuration, significantly reducing the amount of the code written to perform the task. Own less, build more!
Writing less code with Serverless on AWS at FrOSCon 2021
1. Writing Less Code with
Serverless on
by Vadym Kazulkin, ip.labs Froscon, 21 August 2021
2. Contact
Vadym Kazulkin
ip.labs GmbH Bonn, Germany
Co-Organizer of the Java User Group Bonn
and Serverless Bonn Meetup
v.kazulkin@gmail.com
@VKazulkin
https://www.linkedin.com/in/vadymkazulkin/
https://www.iplabs.de/
4. Agenda
• Challenges of the software development
• Serverless and its value proposition
• Dive deeper into “own less, build more” and
“lower technical debt” aspects
• Examples of AWS Serverless services and architectures for
writing less code
• How to be successful with Serverless
5. Let’s talk about the
challenges of the software
development in general
first
6. Cognitive Load –
the total amount of mental effort
being used in the working memory
• Intrinsic
• Extraneous
• Germane
https://teamtopologies.com/
8. Cognitive Load
• Intrinsic
• Extraneous
• How to automate tests (unit, integration, end-to-end, web, desktop, mobile)
• How to build, package, deploy and run my application
• How to configure monitoring, alerting, auto-scaling, logging and tracing
• How to operate and maintain infrastructure
• How to build-in fault-tolerance and resiliency
• How to make the hardware, networking and application secure
• Germane
9. Cognitive Load
• Intrinsic
• Extraneous
• Germane
• Domain Knowledge (payment, e-commerce)
• Business processes and workflows
10. Cognitive Load
• Intrinsic ->
become fluent in it
• Extraneous ->
minimize amount of what we
implement/operate/support/own by ourselves
• Germane ->
minimize amount of domains that we have to implement
by ourselves
11. What our boss wants from us?
… that we are productive
13. What is holding us back from
being productive?
Technical Debt - reflects the implied cost of
additional rework caused by choosing an
easy (limited) solution now instead of using
a better approach that would take longer
”The Cost of Poor Quality Software in the US: A 2018 Report”
https://www.it-cisq.org/the-cost-of-poor-quality-software-in-the-us-a-2018-report/The-Cost-of-Poor-Quality-Software-in-the-US-2018-Report.pdf
14. Technical Debt
• Even a perfect solution can become the technical debt over
the time
• Version of programming language comes out of support
(Java 8) and update requires some code changes
• Security considerations forces us to upgrade one of our
dependencies (library or web application server version)
• One of our dependencies (i.e. to open source project) is
discontinued
15. Technical Debt
Think of what can happen to your software over
the entire life cycle of your product
16. Technical Debt
• is related to amount of code written
• is related to amount of dependencies used
• open source projects, programming
languages, databases, (web) application
servers
17. Legacy Systems are systems that can’t
evolve
”The Cost of Poor Quality Software in the US: A 2018 Report”
https://www.it-cisq.org/the-cost-of-poor-quality-software-in-the-us-a-2018-report/The-Cost-of-Poor-Quality-Software-in-the-US-2018-Report.pdf
Legacy System
19. Evolutionary Architecture –
Fitness functions
• Source code metrics (such as measuring cyclomatic
complexity)
• Unit tests (% of coverage and % of success)
• Performance metrics (such as API latency or
throughput)
• Security (encryption at rest, e.g. checking that all S3
buckets have encryption enabled, or automatic key rotation
for all external APIs, with tools such as the AWS Secrets
Manager)
• ArchUnit, Sonar, CI/CD Tools
• CodeCommit,…CodeDeploy, Jenkins
Danilo Poccia „ Serverless + Evolutionary Architectures + Safe Deployments = Speed in the Right Direction”
https://blog.usejournal.com/serverless-evolutionary-architectures-safe-deployments-speed-in-the-right-direction-7b4b01e27254
21. The Value Proposition of
Serverless
But let’s talk about of Total Cost of Ownership of
the Serverless paradigm
22. TCO Full Picture
No Infrastructure
Operation and
Maintenance
Forrest Brazeal „The Business Case For Serverless” https://www.trek10.com/blog/business-case-for-serverless
24. TCO Full Picture
No Infrastructure
Operation and
Maintenance
Auto Scaling and
Fault Tolerance
Built in
Forrest Brazeal „The Business Case For Serverless” https://www.trek10.com/blog/business-case-for-serverless
25. Auto Scaling And Fault Tolerance
Built In
• Can you get capacity planning
and auto scaling right?
• Do you want to solve the hard problem
of fault tolerance by yourself?
26. TCO Full Picture
No Infrastructure
Operation and
Maintenance
Auto Scaling and
Fault Tolerance
Built in
Own less,
build more
Forrest Brazeal „The Business Case For Serverless” https://www.trek10.com/blog/business-case-for-serverless
27. Own less, build more
By heavily relying on the managed Serverless
services you
• Need fewer engineers to start
implementing your new product idea
• Can do more with the same amount of
people
• Can more easily evolve your architecture
28. TCO Full Picture
No Infrastructure
Operation and
Maintenance
Auto Scaling and
Fault Tolerance
Built in
Own less,
build more
Lower technical debt
Forrest Brazeal „The Business Case For Serverless” https://www.trek10.com/blog/business-case-for-serverless
30. TCO Full Picture
No Infrastructure
Operation and
Maintenance
Auto Scaling and
Fault Tolerance
Built in
Own less,
build more
Lower technical debt
Focus on Business
Value and Innovation
Forrest Brazeal „The Business Case For Serverless” https://www.trek10.com/blog/business-case-for-serverless
31. Focus On Business Value and
Innovation
Every organization wants exactly this!
32. TCO Full Picture
No Infrastructure
Operation and
Maintenance
Auto Scaling and
Fault Tolerance
Built in
Own less,
build more
Lower technical debt
Faster Time to
Market
Forrest Brazeal „The Business Case For Serverless” https://www.trek10.com/blog/business-case-for-serverless
Focus on Business
Value and Innovation
33. Faster Time To Market
• Time To Market is the key differentiator in
today’s business!
• Ask yourself: what is core for your business and
what you can get as Commodity +(Utility) as a
Service?
34. TCO Full Picture
No Infrastructure
Operation and
Maintenance
Auto Scaling and
Fault Tolerance
Built in
Own less,
build more
Lower technical debt
Faster Time to
Market
Forrest Brazeal „The Business Case For Serverless” https://www.trek10.com/blog/business-case-for-serverless
Focus on Business
Value and Innovation
35. Serverless AWS Services
“Accelerate Innovation and Maximize Business Value with Serverless Applications”
https://www.slideshare.net/AmazonWebServices/accelerate-innovation-and-maximize-business-value-with-serverless-applications-srv212r1-aws-reinvent-2018
36. How to write less code with
AWS Serverless services 1/2
• Write fewer Lambda functions
• use direct AWS service integrations in case the Lambda only
calls the AWS service itself
37. Less Lambda functions means less:
• code to write, test, run and maintain
• CI/CD (deploy, rollback strategies) to maintain
• Infrastructure as a Code (IAM policies, permission) to write and test
• cold-start worries
• point of failures and retries
• security concerns
• worries about Lambda limits (e.g. concurrency settings per AWS account)
• spending on Lambda, CloudWatch and 3rd party SaaS on (AWS) (monthly) bill
Sheen Brisals “Don’t wait for Functionless. Write less Functions instead”
https://medium.com/lego-engineering/dont-wait-for-functionless-write-less-functions-instead-8f2c331cd651
38. How to write less code with
AWS Serverless services 2/2
• Write fewer Lambda functions
• use more direct service integrations in case the Lambda only calls the
Service itself
• Write less Infrastructure as a Code by using AWS Services/Frameworks
which provide meaningful abstractions
• AWS Amplify and Serverless Framework Components
39. Examples how to write less code with
AWS Serverless services
• API Gateway Service Integration
• HTTP APIs Storage-First Service
Integration
• Step Functions Service Integration
• Step Functions Workflow Studio
• EventBridge with Service Integrations
and API Destinations
• Event Bridge Filtering and Routing
• Lambda Destinations
• NoSQL Workbench for DynamoDB
• Export DynamoDB Table Data to S3
• SNS message filtering and native
integration between SNS and
Kinesis Data Firehose
• Amplify Framework
• Serverless Framework Components
40. Sheen Brisals “Don’t wait for Functionless. Write less Functions instead”
https://medium.com/lego-engineering/dont-wait-for-functionless-write-less-functions-instead-8f2c331cd651
API Gateway Service Integration
41. API Gateway Service Integration with
Dynamo DB : Example ID generator 1/2
Sheen Brisals “Sequence Numbering in Serverless via API Gateway”
https://medium.com/lego-engineering/sequence-numbering-in-serverless-via-api-gateway-40e5f6c83e93
https://github.com/ToQoz/api-gateway-mapping-template
42. API Gateway Service Integration with
Dynamo DB : Example ID generator
Sheen Brisals “Sequence Numbering in Serverless via API Gateway”
https://medium.com/lego-engineering/sequence-numbering-in-serverless-via-api-gateway-40e5f6c83e93
https://github.com/ToQoz/api-gateway-mapping-template
45. Using Service Integrations with
EventBridge /Put Targerts
“Amazon EventBridge Put Targets” https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_PutTargets.html
46. Using API Destinations with EventBridge
“Amazon EventBridge” https://aws.amazon.com/eventbridge/
47. Using API Destinations with EventBridge
“Using API destinations with Amazon EventBridge”
https://aws.amazon.com/de/blogs/compute/using-api-destinations-with-amazon-eventbridge/
48. EventBridge Filtering and Routing
“Reducing custom code by using advanced rules in Amazon EventBridge”
https://aws.amazon.com/de/blogs/compute/reducing-custom-code-by-using-advanced-rules-in-amazon-eventbridge/
50. Native integration between SNS and
Kinesis Data Firehose
https://aws.amazon.com/de/blogs/compute/introducing-message-archiving-and-analytics-for-amazon-sns/ /
51. Step Functions Service Integration
“Service Integrations with AWS Step Functions” https://docs.aws.amazon.com/step-functions/latest/dg/concepts-service-integrations.html
52. EventBridge service integration for
Step Functions
“Amazon EventBridge service integration for AWS Step Functions”
https://aws.amazon.com/de/blogs/compute/introducing-the-amazon-eventbridge-service-integration-for-aws-step-functions/
53. Step Functions Workflow Studio – A Low-Code
Visual Tool for Building State Machines
“AWS Step Functions Workflow Studio”
https://aws.amazon.com/de/blogs/aws/new-aws-step-functions-workflow-studio-a-low-code-visual-tool-for-building-state-machines/
61. Common patterns
• Direct service integrations to reduce the amount of code written
• API Gateway, HTTP API, Step Functions, EventBridge, SNS,
Amplify
• Visual Studio/Tools to reduce the cognitive load
• Step Functions, Amplify, DynamoDB
• Automated CI/CD to focus on the business logic
• Amplify, SAM
63. Using Serverless ecosystem will
with the right engineering practices in place will significantly reduce
• extraneous and germane cognitive load
• the amount of code written
• the amount of dependencies (no execution runtime and web application server to
take care of)
64. Reducing dependencies doesn’t mean that you own nothing (you still
own things, but in general less)
• Lambda language runtime version will be retired from time to time
• Node.js <10.x, Java 8 runtime migration to Amazon Corretto
• Aurora with PostgreSQL/MySQL compatibilities will force you to
upgrade database version behind
• Retiring PostgreSQL version 9.6
plan and execute upgrades continuously and iteratively
Word of caution about the Serverless
ecosystem
66. How to measure success
Let’s focus on software delivery and operational performance
(how to do the things right)
• Provide the managers and executives metrics, that we’re on the right path
• See from the developer’s perspective how to achieve it and improve
It’s also important to the right thing!
67. How to measure success
See DORA State of DevOps 2018-2019 Reports
71. AWS Lambda Deployment
Best Practices:
• API Gateway Stage variables and Lambda
Aliases
• Lambda Alias Traffic Shifting
Chris Munns: “Testing and Deployment Best Practices for AWS Lambda-Based Applications”
https://www.youtube.com/watch?v=zJQDAsWm-5k&list=LLYgjRSI2oCzI9eooyFrWR7A&index=1
72. AWS Lambda Deployment
Best Practices
• AWS Lambda Alias Canary and Linear Traffic
Shifting & AWS SAM Safe Deployments
• CloudWatch Rollback Alarms & Lambda hooks
Chris Munns: “Testing and Deployment Best Practices for AWS Lambda-Based Applications”
https://www.youtube.com/watch?v=zJQDAsWm-5k&list=LLYgjRSI2oCzI9eooyFrWR7A&index=1
73. Think of different versions of business logic (Lambda) working correctly with
the persistent layer (S3, EFS, RDS, Serverless databases f.e. Aurora and
DynamoDB) behind
• Do not make not backward compatible changes in the file format on the
storage
• Do not make not backward compatible changes to the database structure
• Do not rename table columns
• Do not add new NOT NULL column into the database table
Word of caution about the Blue-Green
and Canary Serverless deployments
74. Time Spent
See DORA State of DevOps 2018-2019 Reports
Measure if Serverless increasses the time spent on
New Work (producing business value and innovation)
75. Co-evolution of practices with
Serverless 1/2
• True DevOps
• Complete infrastructure automation
• Chaos Engineering
• FinDev responsibilities in the teams
Sheen Brisals “Why the ‘WHY’ matters more than the ‘WHAT’ in Serverless!”
https://medium.com/lego-engineering/why-the-why-matters-more-than-the-what-in-serverless-2ef56c397962
DevOps Topologies: https://web.devopstopologies.com/
76. Co-evolution of practices with
Serverless 2/2
• Each team or even developer can have its own
(AWS test) account per feature or service
• Only minimal local testing (quick functional tests)
• Adopt “testing in production”
Michael Bryzek “What do you know about testing in production?” https://www.youtube.com/watch?v=z-ATZTUgaAo