Professional Documents
Culture Documents
html
We are delighted to be able to share our ninth monthly architects' newsletter with you, which we will send on the last Friday of every month. InfoQ
strives to facilitate the spread of knowledge and innovation within this space, and in this newsletter we aim to curate and summarise key learnings
from news items, articles and presentations created by industry peers, both on InfoQ and across the web. We aim to keep readers informed and
educated about emerging trends, peer-validated early adoption of technologies, and architectural best practices, and are always keen to receive
feedback from our readers.
News
Attempting to observe Function-as-a-Service (FaaS) serverless applications can present many challenges. First, there is nowhere to install monitoring
agents anymore, and no opportunity for background processing, and so if you want to send telemetry data this has to be done during a function's
invocation when the user is still waiting on a (potentially business critical) response.
Second, The deep integration between AWS Lambda and AWS Kinesis has made event-driven architectures much easier to implement within the
AWS ecosystem, and patterns like CQRS have become much simpler to implement in practice. However, tracing function invocations through
asynchronous event sources like AWS Kinesis is not easy, and is not currently supported out-of-the-box by existing tools like Amazon X-Ray.
Cui concluded by stating that serverless observability tooling has become better over the past year, and that "through the work by many smart people,
more and more developers are waking up to the new constraints and challenges around operations and observability" when it comes to serverless
technologies like AWS Lambda. FaaS technologies can provide many benefits, but architects must be aware of the potential tradeoffs.
A key takeaway from the talk was that your organisation may have to adapt (a la Conway's Law) in order to take full advantage of the new
development paradigm, and expectations of the effort required and associated Total Cost of Ownership (TCO) should be set with senior stakeholders
upfront. Kehoe also warned that the "cloud has weather", and so engineers must design mitigation strategies into systems that cope with the
ephemeral nature of infrastructure and hard-to-predict faults.
Amazon Launches AWS Secrets Manager to Securely Store, Distribute, and Rotate
Credentials
Amazon recently announced the launch of the AWS Secrets Manager, which makes it easy for customers to store and retrieve secrets using an API or
the AWS Command Line Interface (CLI). The AWS Secrets Manager enables users to centralize the management of secrets of distributed services
and applications, and customers can rotate their credentials with the built-in schedule feature or custom Lambda functions. Users of AWS Secrets
Manager can manage access to secrets using a fine-grained set of IAM policies, control the lifecycle of secrets, and secure and audit secrets centrally.
This a managed service with a pay-as-you-go model and available in most regions.
NGINX
• Cluster scaling, sometimes called infrastructure-level scaling, refers to the (auto- mated) process of adding or removing worker nodes based on
cluster utilization.
• Application-level scaling, sometimes called pod scaling, refers to the (automated) process of manipulating pod characteristics based on a variety
of metrics, from low-level signals such as CPU utilization to higher-level ones, such as HTTP requests served per second, for a given pod. Two
kinds of pod-level scalers exist:
◦ Horizontal Pod Autoscalers (HPAs), which increase or decrease the number of pod replicas depending on certain metrics.
◦ Vertical Pod Autoscalers (VPAs), which increase or decrease the resource requirements of containers running in a pod.
Case Study
The article presents a simple tutorial on how to create serverless functions to allow customers to instantly checkout and buy an item from a Square
store. The tutorial begins with creating a static site on S3, and then moves on to creating AWS Lambda functions, before creating AWS API Gateway
endpoints to allow customers to instantly checkout using the Square Checkout API.
Moot discusses that there appears to be widespread misunderstanding around serverless computing and what it is comprised of, and that it is worth
clarifying that there is a difference between The Serverless Framework (which is used within the tutorial) and the serverless computing paradigm. The
Serverless Framework is just a tool that can be used to facilitate creating, deploying, and managing your serverless functions that you create with your
desired cloud provider. Serverless computing is a reference to a cloud provider dynamically managing the allocation of machine resources.
Much like Node, Moot argues, serverless is suffering from the same desire to "do all the things". Node is known for being really bad at handling CPU-
intensive tasks due to its single-threaded nature, and the same goes for using serverless for user facing interactions or APIs: "Users expect things to
be responsive, and cold starts kill the expected responsiveness". You can certainly try to circumvent this by keeping your functions warm, but this
"smells like an anti-pattern".
"The whole benefit of serverless is to not have to be as concerned with your infrastructure, yet people are writing more code to modify their
infrastructure's behavior that they don't really have control over".
Concluding the article, Moot cautions that if you plan to use serverless for user-facing applications, you must look carefully at your user traffic patterns
to your endpoints, as this dictates the overall user experience. A constant amount of traffic would provide a good use case - functions stay warm, and
a very small percentage of users would be impacted by a slow response - but if you have particularly spiky traffic, the user experience will suffer as
your platform provider is spinning up additional instances of your function to service your traffic.
To get notifications when InfoQ publishes content on this topic follow Serverless on InfoQ.
This is the ninth issue of a monthly newsletter, focusing exclusively on software architecture. We thought it would be valuable for you to get a quick
overview of things you might like to keep an eye on. If this is not the case, you can unsubscribe using the link below.