Weekly update 14 | theburningmonk.com

Yan Cui

I help clients go faster for less using serverless technologies.

Hi, welcome to the first weekly update of November!

MEAP update for Production-Ready Serverless

There has been delays in publishing the rest of the VPC unit the last two weeks as my editor has been away. But worry not, I’m already working on the last unit on canary deployment and both units should be on their way to you soon.

Remember, whilst the course is still in the MEAP, you can get 40% off the face price using the code ytcui.

I have also turned this course into a classroom setting, so if you’re interested in having me run this as a workshop in your company, then drop me a line via the Contact page.

New Posts

AWS Lambda programming language comparison. I wrote a guest post for Epsagon where we compared several popular programming languages that are supported by Lambda – Node.js, Python, Go, C# and Java. We compared them on cold and warm start performance, cost impact, as well platform support.

More than functions – serverless observability webinar. To celebrate the launch of Epsagon I took part in their launch webinar along with Jeremy Daly and Corey Quinn. I had a great time hanging out with the guys and talking about serverless. You can check out the recording here.

Presentations

It’s been a busy two weeks and I managed to pack in four conferences in that time. I spoke at VoxxedDays Bristol, Get.Net Gdansk, O’Reilly Software Architecture conference and finally O’Reilly Velocity. Interestingly, I spoke about something different at every single event (but always around serverless, of course!). You can find all the slides below, I’ll post the links to the videos as well once they’re up.

Serverless Architectural Patterns from Yan Cui

Security in serverless world (get.net) from Yan Cui

Applying principles of chaos engineering to serverless (O'Reilly Software Architecture 2018) from Yan Cui

How to build observability into Serverless (O'Reilly Velocity 2018) from Yan Cui

Upcoming Talks

November is going to be a busy month of travelling for me. Here are the conferences I will be speaking at, if you happen to be at one of these events please don’t hesitate to come and say hi :-)

CodeMesh (London) – I’m giving a workshop as well as a talk on serverless
Serverless Computing London
BuildStuff (Vilnius) – I’m giving a workshop as well as a talk on serverless
CodeMotion Berlin – get 20% off ticket price with the code AFFILIATE
re:invent (Las Vegas) – my first time speaking at re:invent, yay!
DevTernity (Riga) – I’m giving a full-day workshop on productionizing serverless apps

Good Reads

How we got to $1 million in annual recurring revenue with $0 in fundraising – time is your most scarce resource, not money.

Here’s a couple of posts that lets you take a peek behind the curtain to see how the big boys do it ;-)

Why Netflix rolled its own Node.js Function-as-a-Service for its API platform. This slidedeck gives some more insight into this platform they call NodeQuark. Given their scale and needs, as well as the skillsets they possess, it makes sense for them to roll their own. But, for almost everybody else, please don’t do this!

I discovered this cool project called PacBot from TMobile. Pac stands for policy-as-code, it’s a platform for doing continuous compliance monitoring and reporting.

Ten platform commandments. Another great post from Charity Majors.

Github showcased a bunch of demos for their new Github Actions feature. I don’t know about you, but I’m quite excited to finally be able to use Github to drive my CI/CD pipelines without having to run a separate tool. I’m surprised it took them this long to get into this game but better late than never!

Securing serverless: attacking an AWS account via a Lambda function. Excellent story of how Ory (CTO of Puresec) hacked lambshell.com.

Customized rate limiting for API Gateway by path parameter, query parameter, and more. Nice trick to let you specify the API Key (hence control rate limiting) via a query parameter instead of the x-api-key header. I’m not sure when I’d actually use it, maybe in the case where a customer can’t specify HTTP headers for some reason? (I know, it’s stretching a little, but I have seen some weird limitations when integrating with third parties)

And finally, some wisdom from the one and only Dan North:

If you call the person who has to interact with your software a “user”, you haven’t figured out what they are trying to get done.

What are they trying to do? Name them after that. Then think about how to get your software out of their way.

No one wants to just /use/ software.

— Daniel Terhorst-North (@tastapod) August 19, 2018

Whenever you’re ready, here are 3 ways I can help you:

Production-Ready Serverless: Join 20+ AWS Heroes & Community Builders and 1000+ other students in levelling up your serverless game.
Consulting: If you want to improve feature velocity, reduce costs, and make your systems more scalable, secure, and resilient, then let’s work together and make it happen.
Join my FREE Community on Skool, where you can ask for help, share your success stories and hang out with me and other like-minded people without all the negativity from social media.