|
We are delighted to be able to share our ninth monthly architects' newsletter with you, which we will send on the last Friday of every month. InfoQ strives to facilitate the spread of knowledge and innovation within this space, and in this newsletter we aim to curate and summarise key learnings from news items, articles and presentations created by industry peers, both on InfoQ and across the web. We aim to keep readers informed and educated about emerging trends, peer-validated early adoption of technologies, and architectural best practices, and are always keen to receive feedback from our readers.
News
The Present and Future of Serverless Observability
At QCon London, Yan Cui provided an overview of the challenges of observing a serverless architecture, and discussed the tradeoffs to consider, the current state of the tooling for serverless observability, and also examined new and proposed tooling to help with the current challenges.
Attempting to observe Function-as-a-Service (FaaS) serverless applications can present many challenges. First, there is nowhere to install monitoring agents anymore, and no opportunity for background processing, and so if you want to send telemetry data this has to be done during a function's invocation when the user is still waiting on a (potentially business critical) response.
Second, The deep integration between AWS Lambda and AWS Kinesis has made event-driven architectures much easier to implement within the AWS ecosystem, and patterns like CQRS have become much simpler to implement in practice. However, tracing function invocations through asynchronous event sources like AWS Kinesis is not easy, and is not currently supported out-of-the-box by existing tools like Amazon X-Ray.
Cui concluded by stating that serverless observability tooling has become better over the past year, and that "through the work by many smart people, more and more developers are waking up to the new constraints and challenges around operations and observability" when it comes to serverless technologies like AWS Lambda. FaaS technologies can provide many benefits, but architects must be aware of the potential tradeoffs.
Serverless IoT @iRobot
At QCon San Francisco 2017, Ben Kehoe discussed the benefits of the Internet of Things (IoT) paradigm when producing constantly connected devices, and argued that serverless technology (and the associated event-driven architecture) is a natural fit within this domain. In this recently released video of the talk, Kehoe argued that serverless is "cheaper, faster, leaner, better", but he also cautioned that deployment of serverless applications is still not a completely solved problem, and observability is particularly challenging, as your call graph is now your (distributed) component graph.
A key takeaway from the talk was that your organisation may have to adapt (a la Conway's Law) in order to take full advantage of the new development paradigm, and expectations of the effort required and associated Total Cost of Ownership (TCO) should be set with senior stakeholders upfront. Kehoe also warned that the "cloud has weather", and so engineers must design mitigation strategies into systems that cope with the ephemeral nature of infrastructure and hard-to-predict faults.
AWS Serverless Application Model (SAM) Implementation is Now Open-source
The AWS Serverless Application Model (SAM) implementation is now available under the open source Apache 2.0 license. AWS SAM extends AWS CloudFormation to provide a simplified way of defining the resources needed by your serverless application. The SAM implementation is the code that translates SAM templates into AWS CloudFormation stacks. Previously, developers could submit feature requests to the SAM specification, but now can contribute new features and enhancements by forking the SAM repository on GitHub, and proposing changes to the implementation by creating a pull request.
Amazon Launches AWS Secrets Manager to Securely Store, Distribute, and Rotate Credentials
Amazon recently announced the launch of the AWS Secrets Manager, which makes it easy for customers to store and retrieve secrets using an API or the AWS Command Line Interface (CLI). The AWS Secrets Manager enables users to centralize the management of secrets of distributed services and applications, and customers can rotate their credentials with the built-in schedule feature or custom Lambda functions. Users of AWS Secrets Manager can manage access to secrets using a fine-grained set of IAM policies, control the lifecycle of secrets, and secure and audit secrets centrally. This a managed service with a pay-as-you-go model and available in most regions.
Building Azure Functions With F# Script and Visual Studio Code
In a series of blog posts Mike Sigsworth presents the steps required to create a simple Azure Function using F# Script, VS Code, and v1 of the Azure Functions Core Tools. The series provides information on what you need to install, all the way through creating the function, testing locally, and ultimately deploying it to an Azure account.
How to Build your Own Serverless Platform
Tomasz Janczuk has recently posted on Medium an article that explains "how to build your own serverless platform", based on his lessons learned from working on Auth0 Extend in recent years. Janczuk states that after you have implemented the design detailed in this post on a cloud vendor's infrastructure, you will have a functioning, multi-tenant serverless platform that can power the serverless webhooks of your SaaS. However, he cautions that the operations of a serverless solution like the one described in this post "is a project in itself, in many respects just as complex as the solution". He plans to cover this in a future post.
Can Open-Source Serverless Be Simpler than AWS Lambda?
In a recent TheNewStack article Yaron Haviv argued that “open-source serverless is not always as integrated as cloud provider services, but it gives you far more choices in setting your own parameters, choosing which data or API gateways you want to use, local debugging, avoiding cold starts if you want, and it’s faster”. Haviv provides an example test case using the Nuclio serverless event and data processing platform, in order to support his arguments.
This edition of The Software Architects' Newsletter is brought to you by:
|
Scaling with Kubernetes
In Kubernetes, scaling can mean different things to different users. We distinguish between two cases:
- Cluster scaling, sometimes called infrastructure-level scaling, refers to the (auto‐ mated) process of adding or removing worker nodes based on cluster utilization.
- Application-level scaling, sometimes called pod scaling, refers to the (automated) process of manipulating pod characteristics based on a variety of metrics, from low-level signals such as CPU utilization to higher-level ones, such as HTTP requests served per second, for a given pod. Two kinds of pod-level scalers exist:
Case Study
Simple Serverless eCommerce: Tutorial with the Square Checkout API
In a recent Medium post "Super Simple Serverless eCommerce", Richard Moot, engineer at Square, writes that a lot of mainstream companies have begun using serverless in order to enhance their tech stacks (e.g., Nordstrom, Netflix, and Coca-Cola). He discusses that although it may initially appear that serverless is just a growing fad, this was the same line of thought many people had about Node until Walmart launched a new site before Black Friday. We might be approaching a "similar inflection point for serverless" to rapidly improve the speed of development and scale that Node has been able to accomplish.
The article presents a simple tutorial on how to create serverless functions to allow customers to instantly checkout and buy an item from a Square store. The tutorial begins with creating a static site on S3, and then moves on to creating AWS Lambda functions, before creating AWS API Gateway endpoints to allow customers to instantly checkout using the Square Checkout API.
Moot discusses that there appears to be widespread misunderstanding around serverless computing and what it is comprised of, and that it is worth clarifying that there is a difference between The Serverless Framework (which is used within the tutorial) and the serverless computing paradigm. The Serverless Framework is just a tool that can be used to facilitate creating, deploying, and managing your serverless functions that you create with your desired cloud provider. Serverless computing is a reference to a cloud provider dynamically managing the allocation of machine resources.
Much like Node, Moot argues, serverless is suffering from the same desire to "do all the things". Node is known for being really bad at handling CPU-intensive tasks due to its single-threaded nature, and the same goes for using serverless for user facing interactions or APIs: "Users expect things to be responsive, and cold starts kill the expected responsiveness". You can certainly try to circumvent this by keeping your functions warm, but this "smells like an anti-pattern".
"The whole benefit of serverless is to not have to be as concerned with your infrastructure, yet people are writing more code to modify their infrastructure's behavior that they don't really have control over".
Concluding the article, Moot cautions that if you plan to use serverless for user-facing applications, you must look carefully at your user traffic patterns to your endpoints, as this dictates the overall user experience. A constant amount of traffic would provide a good use case - functions stay warm, and a very small percentage of users would be impacted by a slow response - but if you have particularly spiky traffic, the user experience will suffer as your platform provider is spinning up additional instances of your function to service your traffic.
To get notifications when InfoQ publishes content on this topic follow Serverless on InfoQ.
This is the ninth issue of a monthly newsletter, focusing exclusively on software architecture. We thought it would be valuable for you to get a quick overview of things you might like to keep an eye on. If this is not the case, you can unsubscribe using the link below.
Forwarded email? Subscribe and get your own copy.
|
