Hands-On Serverless Applications with Kotlin

Hands-On Serverless Applications with Kotlin

by Hardik Trivedi, Ameya Kulkarni
Released September 2018
Publisher(s): Packt Publishing
ISBN: 9781788993708

Read it now on the O’Reilly learning platform with a 10-day free trial.

O’Reilly members get unlimited access to books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Book description

Choose the right architecture and design it using design patterns to create a serverless application that cuts costs and is easily scalable

Key Features

  • Design enterprise ready serverless applications that effortlessly meet your customers' requirements
  • Effectively deploy, manage, monitor, and orchestrate serverless applications using AWS
  • Use Cloud9 to provision a secured development environment in the cloud

Book Description

Serverless is a cloud computing execution model where the cloud provider dynamically manages the allocation and provisioning of servers. Many companies have started using serverless architectures to cut costs and improve scalability. Hands-On Serverless Applications with Kotlin is your one-stop guide to designing serverless architectures for your applications with AWS and Kotlin.

To start with, you'll explore the fundamentals of serverless architecture and how AWS Lambda functions work. You will then learn to design, build, secure, and deploy your application to production. In addition to these activities, you'll understand how to implement non-functional requirements such as auditing and logging. Moving on, you'll discover how to scale up and orchestrate serverless applications using an open source framework and handle distributed serverless systems in production.

By the end of the book, you'll have gained the knowledge needed to build scalable and cost-efficient Kotlin applications with a serverless framework.

What you will learn

  • Design a serverless architecture
  • Use AWS Lambda to contain your serverless API
  • Explore the various ways to keep serverless apps safe and secure
  • Understand how a serverless API allows you to use huge infrastructure and cut costs
  • Discover how to handle distributed systems in Kotlin
  • Design the data flow between cloud services and custom business logic
  • Secure your Kotlin AWS serverless application
  • Master Kotlin design patterns for serverless applications

Who this book is for

Hands-On Serverless Applications with Kotlin is for you if you are a Kotlin developer who wants to learn about serverless architectures. It is assumed that you have some knowledge of Kotlin programming and AWS.

Table of contents

  1. Title Page
  2. Copyright and Credits
    1. Hands-On Serverless Applications with Kotlin
  3. Packt Upsell
    1. Why subscribe?
    2. Packt.com
  4. Contributors
    1. About the authors
    2. About the reviewer
    3. Packt is searching for authors like you
  5. Preface
    1. Introduction
    2. Who this book is for
    3. What this book covers
    4. To get the most out of this book
      1. Download the example code files
      2. Conventions used
    5. Get in touch
      1. Reviews
  6. Basics of Serverless
    1. What is serverless computing?
    2. The evolution of serverless computing
      1. On-premise
        1. Colocation providers
        2. Virtualization and IaaS
        3. PaaS
        4. BaaS
        5. SaaS
        6. FaaS
        7. Serverless computing
        8. Serverless – the time is now
      2. Diving into serverless computing with a use case
        1. A review of serverless computing
        2. Comparing and contrasting traditional and serverless paradigms
          1. The case study of an application
          2. The architecture of the system using traditional methods
          3. The architecture of the system using the serverless paradigm
          4.  Traditional versus serverless, in a nutshell
    3. Pros and cons of serverless
      1. Advantages of serverless systems
        1. Reduced operational costs
        2. Optimized resource utilization
        3. Faster time to market
        4. High-development velocity and laser-sharp focus on authoring code
        5. Promoting a microservices architecture
      2. The drawbacks of serverless systems
        1. Nascent ecosystem
        2. Yielding of control
        3. Opinionated offerings
        4. Provider limits
        5. Standardized and provider-agnostic offerings
        6. Tooling
        7. Competition from containers
      3. Rethinking serverless
        1. An absence of local states
        2. Applying modern software development practices
        3. Time-boxed execution
        4. Startup latency
        5. Testability
        6. Debugging
    4. The serverless computing ecosystem
      1. Serverless computers and infrastructure providers
        1. AWS Lambda
        2. IBM OpenWhisk
        3. Microsoft Azure Cloud Functions
        4. Google Cloud Functions
        5. Auth0 Webtasks
        6. Others
        7. Serverless toolkits
    5.  Summary
  7. AWS Serverless Offerings
    1. AWS Lambda overview
      1. Execution environment
      2. Service limits
      3. Invocation types
        1. Custom invocation via AWS CLI or embedded AWS SDK in an application
        2. Event sources from other AWS Services
        3. Execution environments/runtimes
          1. Handler
          2. Context
          3. Logging
          4. Exceptions and error handling
          5. Storing the state
        4. JVM execution environment
          1. Handlers in Java 
          2. Context object
          3. Logging
          4. Error handling
      4. A case study of a simple Java Lambda function
        1. Creating the Lambda function
          1. Lambda dashboard
          2. Basics of creation
        2. Configuring the Lambda function
        3. Writing a Lambda function
        4. Deploying the Lambda function
        5. Testing a Lambda function 
      5. Case study of a simple Kotlin Lambda function
        1. Tooling
        2. Anatomy of a Kotlin Lambda function
          1. Project structure
          2. build.gradle
          3. Handler
          4. Packaging and deploying
        3. Testing the Kotlin function
      6. Integrating a Lambda function with an upstream component
        1. Types API Gateway and Lambda integrations
          1. Lambda integration/ Lambda custom integration
          2. Lambda proxy integration
          3. Anatomy of the Lambda function when used in Lambda proxy integration
        2. Creating an API Gateway
        3. Integration testing
        4. Deploying the API Gateway
        5. End-to-end test
      7. Basic monitoring of lambda functions
      8. Versioning Lambda functions
    2. Summary
  8. Designing a Kotlin Serverless Application
    1. The problem statement
      1. Analyzing the problem statement
      2. Functional specifications of the app
      3. Designing the serverless API 
      4. Architectural and design decisions
        1. AWS Cognito for login and registration
        2. The Kotlin language
        3. PostgresSQL 10 on Amazon RDS
        4. API Gateway for proxy and edge engineering
          1. API keys and usage plans
          2. Authorization
          3. Defining request and response models
          4. API Gateway extensions to Swagger
          5. Swagger 2.0 JSON documentation with API Gateway extensions
        5. AWS Lambda as an FaaS platform
      5. System design
        1. Domain models
          1. APIErrorResponseWithMessage
          2. APISuccessResponseWithMessage
          3. Poll
          4. PollCreationRequest
          5. RespondentDetails
          6. PollResponseStatistics
          7. PollDetails
        2. API model
          1. Registering a respondent
          2. Fetching all Polls
          3. Creating a Poll
          4. Fetching a Poll
          5. Deleting a Poll
          6. Responding to a Poll
        3. Persistence layer design
          1. Connecting to the instance
          2. Configuring an application user
          3. Schema definition
        4. Security and access control to the API
          1. API key
          2. Cognito authorizer for API
      6. Note on the local development environment
        1. Setting up
          1. AWS Account
          2. Installing IntellIj  Idea CE
          3. PostgreSQL
        2. Third-party libraries
          1. Liquibase
          2. JOOQ
        3. Build life cycle
    2. Summary
  9. Developing Your Serverless Application
    1. Preparing the serverless environment
      1. Configuring a Cognito pool
      2. Swagger for the API
    2. Implementing lambda functions
      1. Writing your first lambda function in Kotlin
        1. Choosing an IDE
        2. Setting up a project
        3. Writing a function that returns dummy static data
        4. Data classes
        5. Default parameters
        6. Mutable list
          1. Converting JSON into models using Jackson
          2. The apply() function
      2. Building a fat JAR
      3. Deploying a JAR
      4. Testing and executing
    3. Implementing other lambda functions in Kotlin
      1. Preparing the data classes
      2. Registering respondents
      3. Creating a poll
      4. Getting a poll
      5. Kotlin and the builder pattern
    4. Implementation of the app
      1. Setting up AWS Authentication using Cognito pool
      2. Connecting to your backend
        1. Object declaration
    5. Integrating the API
      1. Configuring the API client
        1. Singleton
        2. Lateinit versus lazy initialization
          1. Lateinit
          2. The lazy property
        3. Interfaces
        4. Rxify the API call
          1. Lambda functions
      2. Some interesting implementations
        1. Returning data from a function
        2. The destructuring declaration
        3. Kotlin's approach to anonymous classes
    6. Summary
  10. Improving Your App with Firebase Service
    1. About Firebase   
    2. Firebase authentication
      1. Configuring authentication methods
      2. Configuring the client app to use the authentication service
        1. The when() expression
      3. Improving the signIn() function using Lambda functions
        1. Extension functions
          1. Ditching the findViewById() method
          2. View extensions
    3. Firebase cloud functions
      1. Prerequisites
      2. Setting up the project
      3. Creating a simple cloud function
      4. Deploying the cloud function
    4. Saving data into the real-time database
      1. Structuring the request model
      2. Structuring and saving the database object
      3. Getting the list of polls
        1. Interoperability with JavaScript
    5. Monitoring crashes
      1. Customizing the crash reports
      2. Adding custom logs and keys
    6. Monitoring the application's performance
      1. How does it work?
      2. Monitoring HTTP/s network requests
      3. Using the SDK
    7. Summary
  11. Analyzing Your Application
    1. What are non-functional requirements?
      1. AWS CloudTrail
      2. AWS CloudWatch
    2. AWS CloudTrail
      1. Concepts
        1. Overview
        2. Event packet structure
      2. Integrations
        1. AWS services supported for CloudTrail auditing
        2. AWS services not supported for CloudTrail auditing
      3. Example
        1. Creating a simple audit trail for auditing Lambda configurations
          1. Creating a trail 
          2. Advanced configuration of the trail
          3. The created trail
          4. Trail repository
    3. AWS CloudWatch
      1. Concepts
        1. Metrics
        2. Namespaces
      2. Logs
      3. Alarms
      4. Dashboards
    4. A practical walk-through
      1. Visualization using CloudWatch dashboards
        1. Creating a dashboard for Greeter metrics
          1. Creating a  dashboard
          2. Adding widgets
          3. Metrics selection for Lambda
          4. Creating a widget for the API Gateway metrics
          5. Dashboard preview
          6. Test run
      2. Integration of CloudTrail and CloudWatch
        1.  Configuring CloudWatch with CloudTrail
        2. Creating an IAM role
        3. Verifying the integration
    5. Summary
  12. Secure Your Application
    1. AWS security concepts
      1. Account access 
        1.  Root credentials 
        2. Enabling Multifactor authentication
        3. Need based account creation
        4. IAM groups
        5. Password policy 
      2. IAM roles and policies
        1. Subject/principal
        2. Resources
        3. Permissions
        4. Policies
        5. Groups
        6. Roles
        7. Identities
        8. Users
        9. Best practices for creating IAM users
          1. Creating individual users
          2. The principle of least privilege
          3. Leveraging predefined policies
          4. Rotating passwords and keys
          5. Using temporary credentials
          6. IAM policy conditions
          7. Continuous and exhaustive monitoring
      3. AWS Virtual Private Cloud
        1. Subnets
          1. Private subnets
          2. Public subnets
        2. Security groups
          1. Inbound
          2. Outbound
    2. Infrastructure hardening
      1. Hardening AWS Cognito
        1. Security measures for users
          1. Allowing user signup
          2. Expiring unused accounts
          3. Setting password policies
          4. Enabling MFA
          5. User verification
      2. Hardening AWS API Gateway
        1. SSL/HTTPS
        2. API key and usage plans
        3. Resource policies
        4. Authorizers
        5. CORS support
        6. Throttling
      3. Hardening AWS Lambda
        1. Using KMS to encrypt sensitive information
        2. Execution role
      4. Hardening AWS RDS
        1. Moving RDS into a VPC's private subnet
        2. Do not use master credentials
    3. Practical walk–through
      1. Setting up the test bed
        1. Database access using JOOQ
          1. The build.gradle file
          2. Handler
          3. Invocation
      2. Database configuration as environment variables
        1. Defining environment variables
        2. Modifying the handler to source these environment variables
          1. Building and deploying
          2. Invoking the API
      3. Encrypting the environment variables
        1. Configuring KMS 
          1. Creating a Key
          2. Supplying key details
          3. Defining administrative permissions
          4. Defining usage permissions
          5. Key created
        2. Configuring Lambda with KMS
          1. Enabling encryption in transit
        3. Decrypting in the handler
          1.  Boilerplate decryption
          2. The handler class
          3. The build.gradle file
        4. Deploying and testing
      4. Creating an RDS user
        1. Creating a user
        2. Granting privileges
      5. VPC changes
        1. Current setup
        2. Creating the VPC
        3. Creating security groups
          1. Security groups for Lambda
          2. Security groups for RDS
        4. Modification of RDS
        5. Modification of Lambda
          1. Attaching security groups and specifying subnets
          2. Modifying permissions of the IAM role
        6. Conclusion of the walk–through
    4. Summary
  13. Scale Your Application
    1. Infrastructure as code
    2. Serverless Framework
      1. Concepts
        1. Providers
        2. Services
        3. Resources
        4. Functions
        5. Events
    3. Practical walk-through
      1. Getting started
        1. Installation 
          1. Prerequisites for installation
          2. Installing the framework
          3. Configuring the CLI tool
      2. Bootstrapping the project
        1. Creating a service
        2. Code organization and boilerplate
          1. Workspace structure
          2. The build.gradle file
          3. The serverless.yaml file
        3. Workflow
          1. Building the package
          2. Deploying the entire Service
          3. Deploying a single function
          4. Actual workflow
          5. Environment variables
      3. Provisioning the VPC
        1. Creating a VPC
        2. Creating and attaching the internet gateway 
        3. Public subnet
        4. Private subnet
        5. NAT gateway
          1. Elastic IP allocation
          2. Creation of NAT gateway and EIP Association
        6. Route association
          1. Creating a Route Table for the Public Subnet
          2. Default Public Route 
          3. Association of a Public Route Table to a Public Subnet
          4. Routing in the Private Subnet
        7. Security groups
      4. Provisioning IAM policies and roles for Lambda execution
        1. Execution role creation
        2. Basic execution policy
        3. VPC execution policy
      5. Provisioning a Cognito user pool
      6. Provisioning the KMS key
      7. Provisioning RDS
      8. Provisioning lambda functions
        1. Model definitions
        2. API gateway Validation
          1. Installing the request validator plugin
          2. Usage of the plugin
          3. Integration of the validators
        3. Lambda to Register a Respondent
        4. Lambda to fetch all polls
        5. Lambda to create polls
        6. Lambda to delete a poll
        7. Lambda to fetch a poll
        8. Lambda for responding to a poll
        9. Lambda to migrate the database
        10. Lambda to fix the database migrations
    4. Caveats while scaling Serverless applications
      1. Lambda execution life cycle
      2. Workarounds for scaling lambda functions
    5. Summary
  14. Advanced AWS Services
    1. AWS Cloud9
      1. Introduction to Cloud9
      2. How does it work?
      3. Getting started
        1. Prerequisites
        2. Setting up an EC2 environment
        3. Best practices
        4. Usage patterns
      4. Supported languages
      5. Practical walk-through of authoring the lambda function in Cloud9
      6. Use cases of Cloud9
    2. AWS Alexa
      1. Introduction to Alexa
      2. Building blocks
        1. Skills
        2. Skills Kit
        3. Interaction model
          1. Invocations
          2. Intents
          3. Slot types
        4. Interfaces
        5. Functional endpoints
        6. Account linking
      3. Walkthrough of creating a simple custom Alexa Skill
        1. Problem statement
        2. Creating a skill
          1. Registration on Amazon Developer Console
          2. Naming a skill
          3. Defining invocations
          4. Defining intents and utterances
          5. Linking the functional endpoint
          6. Creating a Lambda function
          7. A few tweaks
          8. The build.gradle file
          9. Entrypoint handler function
          10. Technical architecture handler
          11. The serverless.yaml file
          12. Building the lambda function
          13. Deploying the lambda function
          14. Linking the Lambda to the Skill
          15. Testing
          16. Applying the finishing touches
          17. Distribution and certification
    3. Summary
  15. Other Books You May Enjoy
    1. Leave a review - let other readers know what you think

Product information

  • Title: Hands-On Serverless Applications with Kotlin
  • Author(s): Hardik Trivedi, Ameya Kulkarni
  • Release date: September 2018
  • Publisher(s): Packt Publishing
  • ISBN: 9781788993708