From 1 to 201 Lambda functions in production: Evolving a serverless startup architecture

A story
about building
a proﬁtable bootstrapped
startup using serverless.

View Slide

@slobodan_
Our journey
starts with a prototype,
continues with an MVP,
and follows the evolution to
a real product.

View Slide

@slobodan_
We faced many issues
and learned a lot along the way.

View Slide

Evolving a serverless
startup architecture
From 1 to 201 Lambda functions in production

View Slide

@slobodan_
The problem & the idea

View Slide

@slobodan_
Everything started in 2016
with a problem in our other company.

View Slide

@slobodan_
Everything started in 2017
with an idea, a prototype, and a landing page.

View Slide

@slobodan_
Everything really started in 2018
with an MVP.

View Slide

@slobodan_
A simple idea
•Track leave requests and a number of remaining PTO days
•Use SSO to avoid another username and password to
remember
•Integrate with Slack to make and approve PTO requests
•Show events in a Google calendar

View Slide

@slobodan_
How hard can it be?

View Slide

@slobodan_
Slobodan Stojanović
CTO and co-founder of the product I am talking about
co-author of Serverless Apps with Node.js book
AWS Serverless Hero
JS Belgrade meetup organizer

View Slide

@slobodan_
Architecture

View Slide

@slobodan_
A prototype

View Slide

@slobodan_
An MVP architecture:
a simple serverless bot*

View Slide

@slobodan_
Why serverless?
•Faster - it was fast to build a prototype and an MVP
•Less - we outsourced scaling, maintenance, and security
•Focused - we focused on the business logic and minimized
time spent on everything else
•Cheaper - the cost scales with users, and it starts with $0

View Slide

View Slide

@slobodan_
Benefits
•Quick and independent deployments
•Easy to understand and maintain
•Easy to onboard new people
•Cheap

View Slide

@slobodan_
The cost of the infrastructure:
$0,00

View Slide

@slobodan_
Adding new features

View Slide

@slobodan_
Downsides
•Independent deployment for each Lambda function
•Hard to manage a!er we added 10 Lambda functions
•Hard to scale, as a critical part wasn't serverless
•An obvious bottleneck

View Slide

@slobodan_
~100 paying teams

View Slide

@slobodan_
The ﬁrst architecture iteration:
a complex serverless
spaghetti

View Slide

@slobodan_
The ﬁrst architecture iteration:
a complex serverless
application

View Slide

@slobodan_
Infrastructure as code (IaC)
&
ﬁrst microservices

View Slide

@slobodan_
Microservices

View Slide

View Slide

@slobodan_
We had ~150 Lambda functions

View Slide

@slobodan_
First migrations
from an old service
to a new one

View Slide

@slobodan_
We realized that we'll need to
ﬁnd the right architecture for
our problem

View Slide

@slobodan_
Most significant changes
•(Almost) everything was in AWS CloudFormation (IaC)
•We replaced Node.js server with serverless services
•We started using TypeScript instead of JavaScript
•We started a migration from MongoDB to DynamoDB

View Slide

@slobodan_
Benefits
•Easier deployments
•App was auto-scalable
•We had almost 100% uptime out-of-the-box
•Still very cheap (our infrastructure cost was less than $100/
month)

View Slide

@slobodan_
Downsides
•The big flaw in our system design: we were storing a state
and not events in our database
•We were still wasting a lot of time on less important things
•Project complexity and the number of new services
increased, and it was harder to onboard new developers
•Developers don't like YAML

View Slide

@slobodan_
~600 paying teams

View Slide

@slobodan_
The second architecture
iteration:
an event-driven system
with microservices

View Slide

@slobodan_
The quest for an architecture
that solves our problem

View Slide

@slobodan_
In the end, we decided to use
Event Sourcing
&
Command Query
Responsibility Segregation
(CQRS)

View Slide

@slobodan_
Why Event Sourcing
and CQRS?

View Slide

@slobodan_
Storing state
vs
storing events

View Slide

@slobodan_
A common flow in our app
•Ana created a new location and moved John and Mike to that location
•Ana assigned Mike as an approver
•Ana made a leave policy (20 PTO days per year)
•John requested leave, and Ana approved it
•Brought forward event happened and five unused days are transferred to the next
year balance
•Ana changed John's working week
•Mike added some past leaves for John
•Alex moved John to another location with a diﬀerent policy

View Slide

@slobodan_
How do we calculate John's
remaining PTO days?
Events and CQRS to the rescue.
As a bonus, we got everything we need for the audit logs.

View Slide

View Slide

1. The client sends an API POST
request or GraphQL mutation
2. The event is stored in the Events
table (append-only, no edits)
3. The DynamoDB streams the event to the Lambda
function that sends it to the EventBridge event bus
4. EventBridge triggers the specific
business logic Lambda function
5. The business logic Lambda stores the "cached"
data to one of the read-only DynamoDB tables
6. And then triggers the
mutation that sends a
"fake" mutation
7. A "fake" mutation
triggers the GraphQl
subscription to notify
the clients
8. App uses an event bus
to "route" the response
to the user's platform

View Slide

Client then query the read-only
tables directly using GraphQl

View Slide

Client then query the read-only
tables directly using GraphQl
Or using the RESTful API
in case of bots

View Slide

We decreased the number of
Lambda functions to 101!
But now we have 230 functions
in production !

View Slide

@slobodan_
Benefits
•Fully Managed GraphQL
•Less code
•Better control
•All benefits from the previous architecture (without the
spaghetti part)
•Monorepo and shared types

View Slide

@slobodan_
Downsides
•YAML is still very important (but we also added CDK for
some smaller services)
•Many new AWS services to learn
•Velocity templates

View Slide

Lambda functions → business
logic
Other services →
transformation and
orchestration

View Slide

@slobodan_
~2000 paying teams

View Slide

@slobodan_
The cost of the infrastructure:
~1% of MRR
~$1250

View Slide

@slobodan_
Architecture should evolve with
your product.
Don't waste your time making it
perfect for the MVP.

View Slide

@slobodan_
Development & Testing

View Slide

@slobodan_
Common questions during onboarding
•How do I run this locally?
•How do we debug errors?
•What is a DynamoDB single-table design, and why do we
store all events in the same table?
•What did we just do?

View Slide

@slobodan_
It's impossible to run the whole
serverless application locally
But if you are learning to be a pilot, you don't start with driving
a plane in your backyard !

View Slide

@slobodan_
You can simulate parts of your
application locally
Think of it as an early version of a "Flight Simulator"
It's helpful, but probably far from the complete set of
tools to learn how to fly the plane

View Slide

@slobodan_
What can we do?
•A Lambda function is just a function - you can run it locally
as any other function*
•You can use SAM Local or similar tools to run (a simulation
of) a Lambda function locally in the Docker container
•You can test in the cloud
•You can waste your time trying to simulate everything
locally

View Slide

@slobodan_
Or you can write tests

View Slide

@slobodan_
How do we test a common client-server app?

View Slide

@slobodan_
How do we test a serverless app?

View Slide

@slobodan_
Hexagonal architecture

View Slide

@slobodan_
Anatomy of a Lambda function

View Slide

@slobodan_
TypeScript example (business logic)
interface IParams {
event: T
parser: (T) => IParsedData
repositories: {
users: IUserRepository
notifications: INotificationRepository
}
}
export async function businessLogic(params: IParams): Promise {
const {event, parser, repositories} = params
try {
const parsedData = parser(event)
await repositories.users.invite(parsedData.email)
await repositories.notifications.invitationSent()
} catch (err) {
await repositories.notifications.failure(err)
}
}

View Slide

@slobodan_
TypeScript example (handler)
export async function handler(event: APIGatewayProxyEvent): Promise {
try {
const userRepository = new UsersDynamoDBRepository(process.env.USERS_TABLE)
const eventBridgeRepository = new EventBridgeRepository(process.env.EVENT_BUS)
await businessLogic({
event,
parser: parseApiGatewayEvent,
repositories: {
users: userRepository,
notifications: eventBridgeRepository
}
})
await apiGatewaySuccessResponse()
} catch(err) {
await apiGatewayErrorResponse()
}
}

View Slide

@slobodan_

View Slide

@slobodan_
Also useful for migrations

View Slide

@slobodan_

View Slide

@slobodan_
Integration tests

View Slide

@slobodan_
Testing in the cloud

View Slide

@slobodan_
describe('DynamoDB repository', () => {
describe('unit', () => { ... })
describe('integration', () => {
beforeAll(() => {
// Create test DB
})
afterAll(() => {
// Destroy test DB
})
// Tests
})
})

View Slide

@slobodan_
beforeAll(async () => {
const params = { ... }
await dynamoDb.createTable(params).promise()
await dynamoDb.waitFor('tableExists', {
TableName: tableName
}).promise()
})

View Slide

@slobodan_
afterAll(async () => {
await dynamoDb.deleteTable({
}).promise()
await dynamoDb.waitFor('tableNotExists', {
}).promise()
})

View Slide

@slobodan_
Or we deploy the
full app and run
integration tests

View Slide

@slobodan_
Deploy where?
Serverless environments are often cheap!

View Slide

@slobodan_
Our environments
12 similar
environments
total cost:
$1250/month

View Slide

@slobodan_
It's hard to run or simulate a
serverless app locally.
Make small trade-o"s to make
your app testable, and you'll be
able to move fast.

View Slide

@slobodan_
Security

View Slide

@slobodan_
Is serverless secure enough?

View Slide

@slobodan_
Accounts are cheap
Create one AWS sub-account per environment
Create an AWS sub-account for each developer
But remember to set budget notifications!

View Slide

@slobodan_
Tools for management and
easy repeatability
CloudFormation
AWS Organization Formation

View Slide

@slobodan_
Use AWS SSO

View Slide

@slobodan_
Use AWS IAM Identity Center
(Successor to AWS SSO)

View Slide

@slobodan_
Learn AWS Identity & Access
Management (IAM)
Apply the minimal permissions model for all AWS services
i.e., a Lambda function can do one specific operation only

View Slide

@slobodan_
Use WAF to protect
your application

View Slide

@slobodan_
But what about distributed
denial-of-service (DDOS)
attacks?

View Slide

@slobodan_
But what about distributed
denial-of-wallet (DDOW)
attacks?
"All AWS customers benefit from the automatic protections of
AWS Shield Standard, at no additional charge."

View Slide

@slobodan_
You still need to be sure that
your code is secure

View Slide

@slobodan_
Learn about security best
practices for your service
provider and use them from
day one.

View Slide

@slobodan_
Philosophy

View Slide

@slobodan_
Focus on the
important things only,
and outsource everything else

View Slide

@slobodan_
But how do we know what's
important?

View Slide

@slobodan_
See "Why the Fuss about Serverless?" (https://youtu.be/SPsaqiegOP4)

View Slide

@slobodan_
Does this apply only to the
infrastructure?

View Slide

@slobodan_
Do not waste your time or
energy building from scratch
components in the product or
commodity phases

View Slide

@slobodan_
Focus on your business logic
and outsource everything else.

View Slide

@slobodan_
Joe Armstrong
“Make it work, then make it beautiful,
then if you really, really have to, make it
fast.
90% of the time, if you make it beautiful,
it will already be fast. So really, just
make it beautiful!”
creator of Erlang programming language

View Slide

View Slide

Thank you!
twitter: @slobodan_

View Slide

From 1 to 201 Lambda functions in production: Evolving a serverless startup architecture

From 1 to 201 Lambda functions in production: Evolving a serverless startup architecture

Slobodan Stojanović

More Decks by Slobodan Stojanović

Other Decks in Programming

Featured

Transcript