book

Learning Serverless

Name: Learning Serverless
Author: Jason Katzer
ISBN: 9781492057017

by Jason Katzer

October 2020

Beginner

230 pages

6h 59m

English

O'Reilly Media, Inc.

Read now

Unlock full access

Preface
About This BookHow This Book Is OrganizedConventions Used in This BookO’Reilly Online LearningHow to Contact UsAcknowledgments
Introduction to Serverless
What Is Serverless?History of ServerlessThe Cloud Provider LandscapeReliability, Availability, Disaster RecoveryStrengths of ServerlessIncreased Scalability, Security, and ReliabilityYou Only Pay for What You UseSaving Time and Money on Managing ServersImproved Developer ProductivityDecreased Management ResponsibilitiesConvenient IntegrationsWeaknesses of ServerlessThe Cold (Start) WarCompute TimeVPC/Network IssuesApplication SizePotential to Be More ExpensiveVendor Lock-InComplex DebuggingWhen Does It Make Sense to Use Serverless?When Is Serverless Compute Not Right for You?Let’s Get Started
I. The Path to Production
1. Distributed Systems
What Is a Distributed System?Why Do We Want a Distributed System?The Harsh Realities of Distributed SystemsThe Physical WorldMissing MessagesUnreliable ClocksCascading FailuresUnexpected OrderingIdempotencyWhat Am I Responsible For?What Do You Need to Consider When Designing a Distributed System?Loose Coupling (or Decoupling)Fault ToleranceGenerating Unique (Primary) KeysPlanning for IdempotencyTwo-Phase ChangesFurther ReadingConclusion
2. Microservices
Why Do You Want to Use Microservices?Improved Developer VelocityIncreased Developer FreedomIssues with MicroservicesIncreased ComplexityProper DevOps Practices and Resources NeededChallenges with Local Development and TestingHow Do You Use Microservices Effectively?Consistent InterfacesLoosely CoupledHow Micro Is a Microservice?Choosing Between Monoliths and MicroservicesWhen Should You Use a Monolith?When Do You Want to Use Microservices?Conclusion
3. Serverless Architecture and Patterns
The Role of an ArchitectWhat Do You Need to Know to Be an Architect?Making DecisionsWhat Kinds of Decisions?Documenting Your DecisionsHow Do We Make Decisions?When Do We Make Decisions?Cloud Provider ComponentsStreamsQueuesBucketsComputeDatastoresIdentity ServiceAPI GatewaysGraphQLNetworkingState MachinesLoggingMonitoring and AlertingEvents from Your Cloud ProviderPeriodic InvocationsPatternsExample 1: Serverless MonolithExample 2: Incoming WebhookExample 3: Using Your Cloud Provider for User AuthenticationExample 4: Generic Background Task PatternExample 5: Streaming Extract, Transform, LoadExample 6: Create Your Own Polling IntegrationExample 7: Processing Files and ImagesExample 8: Migration Service PatternExample 9: Fanning OutConclusion
4. Interfaces
Interfaces: Some Assembly RequiredThe MessageThe ProtocolThe ContractServerless InterfacesAutomatic Retries and Dead Letter QueuesFinite Versus Infinite ScaleDesigning Your InterfacesMessages/PayloadsSessions and Users/AuthAvoid Unbounded RequestsInterface Versus ImplementationLines with LogicDesigning the Unhappy PathValidating InputFailuresStrategies for Integrating with Other ServicesTime-OutsRetriesExponential BackoffWebhooksEvaluating External ServicesRate LimitsConclusion
II. The Tools
5. The Serverless Framework
Why Use the Serverless Framework?When the Serverless Framework Isn’t for YouAWS Is the Only First-Class CitizenAWS CloudFormation Is Not PerfectRelying on Strangers for Your InfrastructureWhat to Know Before You StartYAMLNode.jsCloud Resources and PermissionsInfrastructure TemplatesProduction Secrets.gitignoreThe Components of a serverless.yml FileProviderEnvironmentFunctionsResourcesPackagePlug-InsCustomNamespacing for Sanity and SecurityUsing the serverless CommandInstalling ServerlessSetting Up Serverless with CredentialsPulling in Templates Using serverless installInspecting the Package of Our Sample Project (What’s Inside)DeploymentInvoking the Function, and Viewing LogsRollbacksDestroying the ServiceDeployment PackagesReal-World serverless.ymlSetting Environment VariablesModify PermissionsConclusion
6. Monitoring, Observability, and Alerting
What Is Monitoring?Why Do We Need Monitoring?How Does Monitoring Relate to Serverless?The On-Ramp to AutomationWhat Are My Options?Hosted SaaS OfferingsSelf-Hosted and Open SourceComponents of MonitoringMetricsCharts/GraphsDashboardsAlerts/AlarmsA Selection of Advanced PracticesHeartbeatsSmoke Testing and/or CanariesThe Most Important Metric in the WorldAvoiding Vendor Lock-InCleaning Up Metrics and Alerts over TimeConclusion

7. Logging
What Does It Mean to Log?Why Log?When to Rely on Logs Instead of MetricsWhat Should You Log?What Shouldn’t You Log?How Does Logging Work?Ensuring Your Logs ScaleStructured LoggingMore Effective Debugging with LogsSearching LogsException Logging (Sentry)Collecting Other LogsComplianceDistributed TracingEncrypting Logs for Privacy and ComplianceEncrypt Only the Values of Sensitive FieldsEncrypt the Entire Log StatementConclusion
8. Changes, Automation, and Deployment Pipelines
Dealing with ChangeThe Role of AutomationWhat Do We Automate?Getting Your Code Ready for ProductionInfrastructure as CodeDatabase Changes (Migrations)Configuration ManagementWhat Is a Pipeline?Decisions to Make Regarding Your PipelineCanaries and Blue/Green DeploymentsPipeline PermissionsWhy Do You Need a Pipeline?Key Phases of a Deployment PipelineStep 1. Enforce StandardsStep 2. Build and PackageStep 3. TestStep 4. Publish the ArtifactStep 5. Deploy to the Target EnvironmentStep 6. Validate DeploymentStep 7. Roll Back if Necessary (and Possible)Handling Pipeline FailuresConclusion
III. Concepts
9. Security, Permissions, and Privacy
Everyone Is Responsible, but You Are Especially ResponsiblePrepare to Be HackedUnderstanding Your Threats and Your AttackersDesign for SecurityLimit, Track, and Review All Secrets and AccessBe Ready to RollDefense in DepthLimit Blast RadiusTrust but VerifyValidate All User Input and Double-Check Those SettingsMonitoring Your System for AnomaliesTest Your SecuritySelect Dependencies Carefully and Keep Your Software Up to DatePrioritize Privacy for Your Data and Your Customers’ DataDon’t Mess with ProductionKeep Your Machine SecureKeep LearningConclusion
10. Quality, Testing, and Staging
The Role of Code QualityCode StyleLintingTestingWhat to Test and What Not to TestTypes of TestingCode CoveragePower Up Your TestingStagingConclusion
11. Planning for Failure
Introduction: Understand It, Even if You Don’t Manage ItIdentify RisksExercise: Finding Your Failure PointsBe PreparedMaking a RunbookPlanning for OutagesOn-Call/Escalation PlanMonitor Your Cloud ProviderKnow Your (Service) LimitsConclusion
12. Conclusion
Deciding among VendorsCommunityGather the Advice of OthersWhat to Do When You Get StuckTaking the Next Step in Your Career
Index

Content preview from Learning Serverless

Chapter 4. Interfaces

You shouldn’t be uneasy about any parts of the architecture. It shouldn’t contain anything just to please the boss. It shouldn’t contain anything that’s hard for you to understand. You’re the one who’ll implement it; if it doesn’t make sense to you, how can you implement it?

Steve McConnell, Code Complete (Microsoft Press)

In Chapter 3, we discussed architecture. Traditionally, people think of the architecture of a system as the boxes in the diagram, but even more critical are the lines connecting the boxes. These lines can signify many things, and they are an abstraction of how these systems connect and communicate. In this chapter, we will study one major part of those lines: interfaces.

This chapter will discuss what an interface is, what to consider when creating or connecting to one, and the most common constructs the cloud providers offer for these lines.

Adopting modern application design comprised of smaller, independent components or services enables you to focus on development and empowers you to make the best choices in how you want to solve each problem. You should be able to focus on the features and the business logic, and the infrastructure should give you lift. But this does not come for free. You have to mind every point where coupling can occur, and minimize that coupling as much as possible. As previously discussed (in Chapter 3), you have to have rules and standards for your services’ interfaces and how they interact with other services. ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.

Read now

Unlock full access

More than 5,000 organizations count on O’Reilly

O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.

Julian F.

Head of Cybersecurity

I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.

Addison B.

Field Engineer

I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.

Amir M.

Data Platform Tech Lead

I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.

Mark W.

Embedded Software Engineer

Publisher Resources

ISBN: 9781492057000Errata Page

Cloud Computing

Data Engineering

Data Science

AI & ML

Programming Languages

Software Architecture

IT/Ops

Security

Design

Business

Soft Skills

Learning Serverless

by Jason Katzer

Chapter 4. Interfaces

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.