Production-Ready Serverless

Production-Ready Serverless

by Yan Cui, Cody Tankersley
Released March 2019
Publisher(s): Manning Publications
ISBN: 10000MNLV201730

Read it now on the O’Reilly learning platform with a 10-day free trial.

O’Reilly members get unlimited access to books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Video description

See it. Do it. Learn it! Production-Ready Serverless: Operational Best Practices introduces you to leading patterns and practices for creating operationally sound serverless applications using AWS Lambda, API Gateway, and Kinesis. You'll enjoy the professionally-produced video instruction from AWS expert Yan Cui, along with live exercises, text-based navigation, and the other innovative features built into Manning's liveVideo platform.

Production-Ready Serverless: Operational Best Practices teaches you how to build applications that take advantage of AWS Lambda and other AWS platform features like API Gateway and Kinesis. AWS expert Yan Cui guides you from writing your first AWS Lambda functions through handling the operational challenges Lambda can bring as you integrate serverless development practices into your applications. You'll build a basic e-commerce site piece by piece, including a Lambda-based web API using the API Gateway service. This hands-on course introduces processing events in real-time using Lambda and Kinesis Streams, implementing security against common OWASP attacks, modern serverless design patterns, and best practices for maximizing performance and minimizing cost!



About the Technology

AWS Lambda is a platform for running cloud-hosted functions—small, single-responsibility services that handle tasks and orchestrate data flow among other AWS services. Lambda functions responds to the events triggered by users and your application. AWS automatically scales Lambda for you based on demand, so you can minimize infrastructure plumbing management and enjoy the reliability, security, and responsiveness you need to create amazing applications!

About the Video


What's Inside

  • Creating and deploying Lambda functions with the Serverless framework
  • Building web APIs with Lambda and API Gateway
  • Implementing authentication and authorization using API Gateway, IAM, and Cognito User Pools
  • Implementing canary deployments using API Gateway and Lambda
  • Processing real-time events with Lambda and Kinesis Streams
  • Collecting and aggregating analytics events in real-time
  • Testing Lambda functions
  • Managing configurations for Lambda functions at scale
  • Securing applications against common OWASP attacks
  • Leading practices for Lambda, API Gateway and Kinesis Serverless design patterns


About the Reader
For developers with some experience building cloud-based applications on AWS.

About the Author

Yan Cui has worked with AWS since 2010 and has architected and implemented many scalable backend systems running on AWS, including a successful mobile game with 1,000,000 daily active users. He has worked with AWS Lambda in production extensively in the last 18 months, including migrating a social network from a monolithic backend architecture running on EC2 to an event-driven, service-oriented architecture centered around AWS Lambda. Yan is also an AWS hero!

We interviewed Yan as a part of our Six Questions series. Check it out here.



Quotes
The level of detail and pace are perfect for someone looking to tackle a complicated subject and being directly hands on like this is great. Best resource for real-world Serverless usage I have seen so far.
- Survey Responder

An essential guide to getting started with Serverless with AWS Lambda.
- Michael Bright

The jump start you need to serverless AWS Development.
- Paulo Cesar Dias Lima

Excellent introduction to securing and deploying your first serverless lambda on AWS.
- Anonymous Reviewer

Table of contents

  1. INTRODUCTION
    1. Introduction to course
    2. AWS Lambda 101
    3. Serverless Framework 101
    4. Managing permissions for the Serverless Framework
  2. BUILDING API WITH API GATEWAY AND LAMBDA
    1. Creating a landing page
    2. Creating the restaurants API
    3. Displaying restaurants on the landing page
    4. How to secure APIs in API Gateway
    5. Securing the get-restaurants endpoint with IAM authorization
    6. Cognito 101
    7. Securing API endpoints with Cognito user pools
    8. Leading practices for API Gateway
    9. Summary
  3. TESTING
    1. AWS Lambda requires a different approach to testing
    2. Writing integration tests
    3. Writing acceptance tests
    4. BONUS What can possibly go wrong?
  4. DEBUGGING
    1. Running and debugging functions locally with the Serverless Framework
    2. Running and debugging functions locally with SAM local
    3. Serverless Framework vs. SAM Local
  5. CI/CD
    1. What is CI/CD?
    2. Setting up a CI/CD pipeline for deploying Lambda functions
    3. Troubleshooting AWS CodeBuild problems
    4. Summary
  6. PROJECT ORGANIZATION TIPS
    1. Few monolithic functions vs. many single-purpose functions
    2. How should you organize your functions into repos?
    3. How should you manage shared infrastructures?
    4. Tips for more effective teamwork
  7. PROCESS REAL-TIME EVENTS WITH KINESIS LAMBDA
    1. Designing the order flow with events
    2. Implementing the place-order step
    3. Implementing the notify-restaurant step
    4. Implementing the accept-order step
    5. Implementing the notify-user step
    6. Implementing the fulfill-order step
    7. Dealing with partial failures
    8. Implementing partial failure retries with SNS
    9. Implementing per-function IAM roles
    10. Leading practices for using Kinesis and Lambda
    11. Problems with the event-driven approach
    12. Summary
  8. LOGGING
    1. Pushing logs from CloudWatch Logs to Elasticsearch
    2. Structured logging
    3. Sample debug-level logging
  9. MONITORING
    1. Serverless monitoring requires a different way of thinking
    2. Recording custom metrics synchronously
    3. Recording custom metrics asynchronously
    4. Recording memory usage and billed duration as metrics
    5. Auto-creating alarms for APIs
    6. Summary
  10. X-RAY
    1. AWS X-Ray 101
    2. Using X-Ray to trace Lambda executions
    3. Setting up custom X-Ray traces in Lambda functions
    4. AWS X-Ray limitations
  11. CORRELATION IDS
    1. Laying out the plan
    2. Auto-capturing incoming correlation IDs via HTTP headers
    3. Including all the captured correlation IDs in the logs
    4. Forwarding correlation IDs via HTTP headers
    5. Forwarding correlation IDs via Kinesis events
    6. Auto-capturing incoming correlation IDs via Kinesis events
    7. Enabling debug logging on individual user events
    8. Auto-capturing incoming correlation IDs via SNS messages
    9. Forwarding correlation IDs via SNS messages
    10. Summary
  12. PERFORMANCE
    1. Lifecycle of a Lambda function
    2. Strategies to minimize cold starts
    3. Taking advantage of container reuse for optimization
    4. Cost considerations
  13. ERROR HANDLING
    1. Lambda retry behaviors
  14. LAMBDA LIMITS
    1. Hard and soft limits for Lambda
    2. Other service limits
    3. How to request a soft limit raise
  15. MANAGING CONFIGURATIONS
    1. SSM Parameter Store 101
    2. Referencing SSM parameters in serverless.yml
    3. Limitations with Lambda environment variables
    4. Using Middy middleware to load SSM parameters at runtime
    5. Secrets Manager 101
    6. Using Middy middleware to load Secrets Manager secrets at runtime
    7. Considerations for advanced use cases
  16. VPC
    1. Configuring Lambda functions' access to a VPC
    2. When to use VPC and why you mostly shouldn’t
    3. You don’t need VPCs to secure your functions
    4. FunctionShield
    5. Encapsulating common middleware with a wrapper
  17. CANARY DEPLOYMENTS
    1. Why should we do canary deployments?
    2. Lambda weighted alias 101
    3. sls deploy with weighted alias
    4. Enabling auto-rollback during deployment
    5. Problems with weighted alias
    6. Problems with CodeDeploy
    7. Wrap up/Next

Product information

  • Title: Production-Ready Serverless
  • Author(s): Yan Cui, Cody Tankersley
  • Release date: March 2019
  • Publisher(s): Manning Publications
  • ISBN: 10000MNLV201730