Check out my new course Learn you some Lambda best practice for great good! and learn the best practices for performance, cost, security, resilience, observability and scalability.
Hi, welcome to the first weekly update of November!
MEAP update for Production-Ready Serverless
There has been delays in publishing the rest of the VPC unit the last two weeks as my editor has been away. But worry not, I’m already working on the last unit on canary deployment and both units should be on their way to you soon.
Remember, whilst the course is still in the MEAP, you can get 40% off the face price using the code ytcui.
I have also turned this course into a classroom setting, so if you’re interested in having me run this as a workshop in your company, then drop me a line via the Contact page.
AWS Lambda programming language comparison. I wrote a guest post for Epsagon where we compared several popular programming languages that are supported by Lambda – Node.js, Python, Go, C# and Java. We compared them on cold and warm start performance, cost impact, as well platform support.
More than functions – serverless observability webinar. To celebrate the launch of Epsagon I took part in their launch webinar along with Jeremy Daly and Corey Quinn. I had a great time hanging out with the guys and talking about serverless. You can check out the recording here.
It’s been a busy two weeks and I managed to pack in four conferences in that time. I spoke at VoxxedDays Bristol, Get.Net Gdansk, O’Reilly Software Architecture conference and finally O’Reilly Velocity. Interestingly, I spoke about something different at every single event (but always around serverless, of course!). You can find all the slides below, I’ll post the links to the videos as well once they’re up.
November is going to be a busy month of travelling for me. Here are the conferences I will be speaking at, if you happen to be at one of these events please don’t hesitate to come and say hi :-)
- CodeMesh (London) – I’m giving a workshop as well as a talk on serverless
- Serverless Computing London
- BuildStuff (Vilnius) – I’m giving a workshop as well as a talk on serverless
- CodeMotion Berlin – get 20% off ticket price with the code AFFILIATE
- re:invent (Las Vegas) – my first time speaking at re:invent, yay!
- DevTernity (Riga) – I’m giving a full-day workshop on productionizing serverless apps
How we got to $1 million in annual recurring revenue with $0 in fundraising – time is your most scarce resource, not money.
Here’s a couple of posts that lets you take a peek behind the curtain to see how the big boys do it ;-)
Why Netflix rolled its own Node.js Function-as-a-Service for its API platform. This slidedeck gives some more insight into this platform they call NodeQuark. Given their scale and needs, as well as the skillsets they possess, it makes sense for them to roll their own. But, for almost everybody else, please don’t do this!
I discovered this cool project called PacBot from TMobile. Pac stands for policy-as-code, it’s a platform for doing continuous compliance monitoring and reporting.
Ten platform commandments. Another great post from Charity Majors.
Github showcased a bunch of demos for their new Github Actions feature. I don’t know about you, but I’m quite excited to finally be able to use Github to drive my CI/CD pipelines without having to run a separate tool. I’m surprised it took them this long to get into this game but better late than never!
Securing serverless: attacking an AWS account via a Lambda function. Excellent story of how Ory (CTO of Puresec) hacked lambshell.com.
Customized rate limiting for API Gateway by path parameter, query parameter, and more. Nice trick to let you specify the API Key (hence control rate limiting) via a query parameter instead of the x-api-key header. I’m not sure when I’d actually use it, maybe in the case where a customer can’t specify HTTP headers for some reason? (I know, it’s stretching a little, but I have seen some weird limitations when integrating with third parties)
And finally, some wisdom from the one and only Dan North:
If you call the person who has to interact with your software a “user”, you haven’t figured out what they are trying to get done.
What are they trying to do? Name them after that. Then think about how to get your software out of their way.
No one wants to just /use/ software.
— Dan North (@tastapod) August 19, 2018
I specialise in rapidly transitioning teams to serverless and building production-ready services on AWS.
Are you struggling with serverless or need guidance on best practices? Do you want someone to review your architecture and help you avoid costly mistakes down the line? Whatever the case, I’m here to help.
Check out my new course, Learn you some Lambda best practice for great good! In this course, you will learn best practices for working with AWS Lambda in terms of performance, cost, security, scalability, resilience and observability. Enrol now and enjoy a special preorder price of £9.99 (~$13).
Are you working with Serverless and looking for expert training to level-up your skills? Or are you looking for a solid foundation to start from? Look no further, register for my Production-Ready Serverless workshop to learn how to build production-grade Serverless applications!
Here is a complete list of all my posts on serverless and AWS Lambda. In the meantime, here are a few of my most popular blog posts.
- Lambda optimization tip – enable HTTP keep-alive
- You are thinking about serverless costs all wrong
- Many faced threats to Serverless security
- We can do better than percentile latencies
- I’m afraid you’re thinking about AWS Lambda cold starts all wrong
- Yubl’s road to Serverless
- AWS Lambda – should you have few monolithic functions or many single-purposed functions?
- AWS Lambda – compare coldstart time with different languages, memory and code sizes
- Guys, we’re doing pagination wrong