Hands-On Serverless Applications with Go E-Book

Hands-On Serverless Applications with Go

Copyright © 2018 Packt Publishing

All rights reserved. No part of this book may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written permission of the publisher, except in the case of brief quotations embedded in critical articles or reviews.

Every effort has been made in the preparation of this book to ensure the accuracy of the information presented. However, the information contained in this book is sold without warranty, either express or implied. Neither the author, nor Packt Publishing or its dealers and distributors, will be held liable for any damages caused or alleged to have been caused directly or indirectly by this book.

Packt Publishing has endeavored to provide trademark information about all of the companies and products mentioned in this book by the appropriate use of capitals. However, Packt Publishing cannot guarantee the accuracy of this information.

Commissioning Editor: Richa TripathiAcquisition Editor: Denim PintoContent Development Editor: Pooja ParvatkarTechnical Editor: Subhalaxmi NadarCopy Editor: Safis EditingProject Coordinator: Ulhas KambaliProofreader: Safis EditingIndexer: Priyanka DhadkeeGraphics: Tom ScariaProduction Coordinator: Deepika Naik

First published: August 2018

Production reference: 1280818

Published by Packt Publishing Ltd. Livery Place 35 Livery Street Birmingham B3 2PB, UK.

ISBN 978-1-78913-461-2

www.packtpub.com

Mapt is an online digital library that gives you full access to over 5,000 books and videos, as well as industry leading tools to help you plan your personal development and advance your career. For more information, please visit our website.

Why subscribe?

Spend less time learning and more time coding with practical eBooks and Videos from over 4,000 industry professionals

Improve your learning with Skill Plans built especially for you

Get a free eBook or video every month

Mapt is fully searchable

Copy and paste, print, and bookmark content

PacktPub.com

Did you know that Packt offers eBook versions of every book published, with PDF and ePub files available? You can upgrade to the eBook version at www.PacktPub.com and as a print book customer, you are entitled to a discount on the eBook copy. Get in touch with us at [email protected] for more details.

At www.PacktPub.com, you can also read a collection of free technical articles, sign up for a range of free newsletters, and receive exclusive discounts and offers on Packt books and eBooks.

Contributors

About the author

Mohamed Labouardyis a software engineer/DevOps engineer and AWS Solution Architect. He is also a certified Scrum Master.

He is interested in serverless architecture, containers, distributed systems, Go, chaos engineering, and machine learning. He is a contributor to numerous open source projects such as DialogFlow, Jenkins, Docker, Nexus, and Telegraf. He has authored some open source projects related to DevOps as well.

He currently works at Foxintelligence as a lead DevOps engineer. He is also a technical content writer at several platforms and is a regular speaker at multiple international events and conferences, such as Nexus User Conference and AllDayDevOps.

You can find him on Twitter at@mlabouardy.

About the reviewers

Arpit Aggarwal is a programmer with over 7 years of industry experience in software analysis, design, effort estimation, development, troubleshooting, testing, and supporting web applications. He is among the top contributors of StackOverflow with more than 9,000 reputation and more than 100 badges in multiple areas such as Java, Scala, Go, Spring, Spring-MVC, GiT, Angular, Unit Testing, Web Services, and Docker, and has written many technical articles for Java Code Geeks, System Code Geeks, Web Code Geeks, and DZone.

Radomír Sohlichreceived the master's degree in Applied Informatics from Faculty of Applied Informatics at Tomas Bata University in Zlín. After that, he got a job in a start-up company as a software developer and worked on various projects, usually based on the Java platform. Currently, he continues a software developer career as a contractor for a large international company.

In 2015, he fell in love with Go and kept exploring the endless power and possibilities of the language. He is passionate about learning new approaches and technology and feels the same about sharing the knowledge with others.

Packt is searching for authors like you

If you're interested in becoming an author for Packt, please visit authors.packtpub.com and apply today. We have worked with thousands of developers and tech professionals, just like you, to help them share their insight with the global tech community. You can make a general application, apply for a specific hot topic that we are recruiting an author for, or submit your own idea.

Table of Contents

Title Page

Copyright and Credits

Hands-On Serverless Applications with Go

Packt Upsell

Why subscribe?

PacktPub.com

Contributors

About the author

About the reviewers

Packt is searching for authors like you

Preface

Who this book is for

What this book covers

To get the most out of this book

Download the example code files

Download the color images

Conventions used

Get in touch

Reviews

Go Serverless

The serverless paradigm

The cloud-computing evolution

Infrastructure as a Service

Platform as a Service

Container as a Service

Function as a Service

Serverless architecture

Benefits of going serverless

Drawbacks of going serverless

Serverless cloud providers

AWS Lambda

Source events

Use cases

Go serverless

Summary

Questions

Getting Started with AWS Lambda

Technical requirements

Setting up the AWS environment

The AWS command line

Installing the AWS CLI

AWS Management Console

Configuration

Testing

Setting up the Go environment

The runtime environment

The development environment

Summary

Questions

Developing a Serverless Function with Lambda

Technical requirements

Writing a Lambda function in Go

Execution role

Deployment package

Uploading a ZIP file

Uploading from Amazon S3

Event testing

Summary

Questions

Setting up API Endpoints with API Gateway

Technical requirements

Getting started with API Gateway

Setting up an API endpoint

Debugging and troubleshooting

Invoking the function with an HTTP request

Building a RESTful API

API architecture

Endpoints design

The GET method

The GET method with parameters

The POST method

Summary

Managing Data Persistence with DynamoDB

Technical requirements

Setting up DynamoDB

Creating a table

Loading sample data

Working with DynamoDB

Scan request

GetItem request

PutItem request

DeleteItem request

Summary

Questions

Deploying Your Serverless Application

Lambda CLI commands

The list-functions command

The create-function command

The update-function-code command

The get-function-configuration command

The invoke command

The delete-function command

Versions and aliases

Versioning

FindAllMovies v1.0.0

FindAllMovies v1.1.0

Semantic Versioning

Aliases

Stage variables

Summary

Implementing a CI/CD Pipeline

Technical requirements

Continuous Integration and deployment workflow

Continuous Integration

Continuous Deployment

Continuous Delivery

Automating the deployment of Lambda functions

Continuous Deployment with CodePipeline and CodeBuild

Source provider

Build provider

Deploy provider

Continuous Pipeline with Jenkins

Distributed builds

Setting up a Jenkins job

Git Hooks

Continuous Integration with Circle CI

Identity and access management

Configuring the CI Pipeline

Summary

Questions

Scaling Up Your Application

Technical requirements

Load testing and scaling

Lambda autoscaling

Downstream resources

Private Lambda functions

Concurrent execution

Lambda throttling

Concurrency reservation

Summary

Building the Frontend with S3

Technical requirements

Single Page Application

Developing web applications with Angular

Generating your first Angular component

Accessing Rest web services with Angular

Cross Origin Resource Sharing

S3 static website hosting

Setting up an S3 bucket

Setting up Route 53

Certificate Manager

CloudFront distribution

CI/CD workflow

API documentation

Summary

Questions

Testing Your Serverless Application

Technical requirements

Unit testing

Automated unit tests

Integration testing

RPC communications

Serverless Application Model

Load testing

Summary

Questions

Monitoring and Troubleshooting

Monitoring and debugging with AWS CloudWatch

CloudWatch metrics

CloudWatch alarms

CloudWatch logs

Tracing with AWS X-Ray

Summary

Securing Your Serverless Application

Technical requirements

Authentication and user control access

Securing API access

User management with AWS Cognito

Setting up a test user via the AWS Management Console

Setup using Cognito Golang SDK

Encrypted environment variables

Data encryption at rest

Data encryption in transit

Logging AWS Lambda API calls with CloudTrail

Vulnerability scanning for your dependencies

Summary

Questions

Designing Cost-Effective Applications

Lambda pricing model

Lambda cost calculator

Optimal memory size

Code optimization

Lambda cost and memory tracking

Summary

Infrastructure as Code

Technical requirements

Deploying AWS Lambda with Terraform

Creating the Lambda function

Setting up DynamoDB table

Configuring API Gateway

Cleaning up

Deploying AWS Lambda with CloudFormation

CloudFormation designer

Deploying AWS Lambda with SAM

Exporting a serverless application

Summary

Questions

Assessments

Chapter 1: Go Serverless

Chapter 2: Getting Started with AWS Lambda

Chapter 3: Developing a Serverless Function with Lambda

Chapter 5: Managing Data Persistence with DynamoDB

Chapter 7: Implementing a CI/CD Pipeline

Chapter 9: Building the Frontend with S3

Chapter 10: Testing Your Serverless Application

Chapter 12: Securing Your Serverless Application

Chapter 14:

Other Books You May Enjoy

Leave a review - let other readers know what you think

Preface

Serverless architecture is popular in the tech community due to AWS Lambda. Go is simple to learn, straightforward to work with, and easy to read for other developers, and now it's been heralded as a supported language for AWS Lambda. This book is your optimal guide to designing a serverless Go application and deploying it to Lambda. This book starts with a quick introduction to the world of serverless architecture and its benefits, then delves into AWS Lambda through practical examples. You'll then learn how to design and build a production-ready application in Go using AWS serverless services with zero upfront infrastructure investment. The book will help you learn how to scale up serverless applications and handle distributed serverless systems in production. Then you will also learn to log and test your application. Along the way, you'll also discover how to set up a CI/CD pipeline to automate the deployment process of your Lambda functions. Moreover, you will learn to troubleshoot and monitor your applications in near real time with services such as AWS CloudWatch and X-Ray. The book will also teach you how to scale up serverless applications and secure the access with AWS Cognito. By the end of this book, you will have mastered designing, building, and deploying Go-based Lambda applications to production.

Who this book is for

This book is for Gophers who would like to learn about serverless architectures. Go programming knowledge is assumed. DevOps and solution architects who are interested in building serverless applications in Go will also benefit from this book.

What this book covers

Chapter 1, Go Serverless, gives a foundational explanation of what serverless is, how it works, whats its features are, why AWS Lambda pioneered serverless compute offerings, and why you should use Go for building serverless applications.

Chapter 2, Getting Started with AWS Lambda, supplies guidelines for setting up an AWS environment alongside the Go runtime and development environment.

Chapter 3, Developing a Serverless Function with Lambda, describes how to write your first Go-based Lambda function from scratch and how to invoke it manually from the console.

Chapter 4, Setting Up API Endpoints with API Gateway, illustrates how to trigger your Lambda function in response to incoming HTTP requests with API Gateway and build a unified event-driven RESTful API backed with serverless functions.

Chapter 5, Managing Data Persistence with DynamoDB, shows how to resolve Lambda functions stateless issue by using a DynamoDB datastore to manage data.

Chapter 6, Deploying Your Serverless Application, presents advanced AWS CLI commands and options that you can use while building serverless functions in AWS Lambda to save time. It also shows how to create and maintain multiple versions and releases of Lambda functions.

Chapter 7, Implementing a CI/CD Pipeline, shows how to set up a Continuous Integration and Continuous Deployment pipeline to automate the deployment process of Lambda functions from end to end.

Chapter 8, Scaling Up Your Application, covers how autoscaling works, how Lambda can handle traffic demands during peak service usage with no capacity planning or scheduled scaling, and how you can throttle and limit the number of executions using concurrency reservation.

Chapter 9, Building the Frontend with S3, illustrates how to build a single-page application with a REST backend backed by serverless functions.

Chapter 10, Testing Your Serverless Application, shows how test the serverless application locally using the AWS Serverless Application Model. It also covers Go unit testing and performance testing with third-party tools and shows how Lambda can be used to perform test harness.

Chapter 11,Monitoring and Troubleshooting, goes a step further in order to show you how to set up function-level monitoring with CloudWatch and how to debug and troubleshoot Lambda functions with AWS X-Ray to profile the application for abnormal behavior detection.

Chapter 12,Securing Your Serverless Application, is dedicated to the best practices and recommendations to follow in AWS Lambda to make your application resilient and secure according to the AWS Well-Architected Framework.

Chapter 13,Designing Cost-Effective Applications, covers also some tips for optimizing and reducing your serverless application billing and how to track the Lambda cost and usage with real-time alerts, before this becomes an issue.

Chapter 14,Infrastructure as Code, introduces tools such as Terraform and SAM to help you design and deploy your N-Tier serverless application in automated way, in order to avoid human errors and repeatable tasks.

To get the most out of this book

This book is written for anyone who work under Linux, Mac OS X, or Windows. You will need Go installed and an AWS account. You will also need Git in order to clone the repository with the source code provided with this book. Similarly, you are expected to have a basic knowledge of Go, the Bash command line, and some web programming skills. All prerequisites are described in the Chapter 2, Getting Started with AWS Lambda, with instructions to make sure you can follow this book with ease.

Last, keep in mind that this book is not intended to replace online resources, but rather aims to complement them. So you will obviously need internet access to complete your reading experience at some points, through provided links.

Download the example code files

You can download the example code files for this book from your account at www.packtpub.com. If you purchased this book elsewhere, you can visit www.packtpub.com/support and register to have the files emailed directly to you.

You can download the code files by following these steps:

Log in or register at

www.packtpub.com

.

Select the

SUPPORT

tab.

Click on

Code Downloads & Errata

.

Enter the name of the book in the

Search

box and follow the onscreen instructions.

Once the file is downloaded, please make sure that you unzip or extract the folder using the latest version of:

WinRAR/7-Zip for Windows

Zipeg/iZip/UnRarX for Mac

7-Zip/PeaZip for Linux

The code bundle for the book is also hosted on GitHub athttps://github.com/PacktPublishing/Hands-On-Serverless-Applications-with-Go. In case there's an update to the code, it will be updated on the existing GitHub repository.

We also have other code bundles from our rich catalog of books and videos available athttps://github.com/PacktPublishing/. Check them out!

Download the color images

We also provide a PDF file that has color images of the screenshots/diagrams used in this book. You can download it here: http://www.packtpub.com/sites/default/files/downloads/HandsOnServerlessApplicationswithGo_ColorImages.pdf.

Conventions used

In this book, you will find a number of text styles that distinguish between different kinds of information. Here are some examples of these styles and an explanation of their meaning.

Code words in text are shown as follows: "Within the workspace, create a main.go file using vim with the following content."

A block of code is set as follows:

package mainimport "fmt"func main(){ fmt.Println("Welcome to 'Hands-On serverless Applications with Go'")}

Any command-line input or output is written as follows:

pip install awscli

Bold: Indicates a new term, an important word, or words that you see onscreen. For example, words in menus or dialog boxes appear in the text like this. Here is an example: "On the Source page, select GitHub as the source provider."

Get in touch

Feedback from our readers is always welcome.

General feedback: Email [email protected] and mention the book title in the subject of your message. If you have questions about any aspect of this book, please email us at [email protected].

Errata: Although we have taken every care to ensure the accuracy of our content, mistakes do happen. If you have found a mistake in this book, we would be grateful if you would report this to us. Please visit www.packtpub.com/submit-errata, selecting your book, clicking on the Errata Submission Form link, and entering the details.

Piracy: If you come across any illegal copies of our works in any form on the Internet, we would be grateful if you would provide us with the location address or website name. Please contact us at [email protected] with a link to the material.

If you are interested in becoming an author: If there is a topic that you have expertise in and you are interested in either writing or contributing to a book, please visit authors.packtpub.com.

Reviews

Please leave a review. Once you have read and used this book, why not leave a review on the site that you purchased it from? Potential readers can then see and use your unbiased opinion to make purchase decisions, we at Packt can understand what you think about our products, and our authors can see your feedback on their book. Thank you!

For more information about Packt, please visit packtpub.com.

Go Serverless

This chapter will give you a foundational understanding of what serverless architecture is, how it works, and what its features are. You'll learn how AWS Lambda is on a par with big players such as Google Cloud Functions and Microsoft Azure Functions. Then, you will discover AWS Lambda's different execution environments and its Go support. Moreover, we'll discuss the advantages of using Go as your programming language for building serverless applications.

The following topics will be covered in this chapter:

Cloud-computing models—u

nderstanding what they are and what they can be used for.

Pros and cons of serverless architecture.

Why Go is a great fit for AWS Lambda.

The serverless paradigm

Cloud-based applications can be built on low-level infrastructure pieces or can use higher-level services that provide abstraction from the management, architecting, and scaling requirements of core infrastructure. In the following section, you will learn about the different cloud-computing models.

The cloud-computing evolution

Cloud providers offer their services according to four main models: IaaS, PaaS, CaaS, and FaaS. All the aforementioned models are just thousands of servers, disks, routers, and cables under the hood. They just add layers of abstraction on top to make management easier and increase the development velocity.

Infrastructure as a Service

Infrastructure as a Service (IaaS), sometimes abbreviated to IaaS, is the basic cloud-consumption model. It exposes an API built on top of a virtualized platform to access compute, storage, and network resources. It allows customers to scale out their application infinitely (no capacity planning).

In this model, the cloud provider abstracts the hardware and physical servers, and the cloud user is responsible for managing and maintaining the guest operating systems and applications on top of it.

AWS is the leader according to Gartner's Infrastructure as a Service Magic Quadrant. Irrespective of whether you're looking for content delivery, compute power, storage, or other service functionality, AWS is the most advantageous of the various available options when it comes to the IaaS cloud-computing model. It dominates the public cloud market, while Microsoft Azure is gradually catching up with to Amazon, followed by Google Cloud Platform and IBM Cloud.

Platform as a Service

Platform as a Service (PaaS) provides developers with a framework in which they can develop applications. It simplifies, speeds up, and lowers the costs associated with the process of developing, testing, and deploying applications while hiding all implementation details, such as server management, load balancers, and database configurations.

PaaS is built on top of IaaS and thus hides the underlying infrastructure and operating systems, to allow developers to focus on delivering business values and reduce operational overhead.

Among the first to launch PaaS was Heroku, in 2007; later, Google App Engine and AWS Elastic Beanstalk joined the fray.

Container as a Service

Container as a Service (CaaS) became popular with the release of Docker in 2013. It made it easy to build and deploy containerized applications on on-premise data centers or over the cloud.

Containers changed the unit of scale for DevOps and site reliability engineers. Instead of one dedicated VM per application, multiple containers can run on a single virtual machine, which allows better server utilization and reduces costs. Also, it brings developer and operation teams closer together by eliminating the "worked on my machine" joke. This transition to containers has allowed multiple companies to modernize their legacy applications and move them to cloud.

To achieve fault-tolerance, high-availability, and scalability, an orchestrations tool, such as Docker Swarm, Kubernetes, or Apache Mesos, was needed to manage containers in a cluster of nodes. As a result, CaaS was introduced to build, ship, and run containers quickly and efficiently. It also handles heavy tasks, such as cluster management, scaling, blue/green deployment, canary updates, and rollbacks.

The most popular CaaS platform in the market today is AWS as 57% of the Kubernetes workload is running on Amazon Elastic Container Service (ECS), Elastic Kubernetes Service (EKS), and AWS Fargate, followed by Docker Cloud, CloudFoundry, and Google Container Engine.

This model, CaaS, enables you to split your virtual machines further to achieve higher utilization and orchestrate containers across a cluster of machines, but the cloud user still needs to manage the life cycle of containers; as a solution to this, Function as a Service (FaaS) was introduced.

Function as a Service

The FaaS model allows developers to run code (called functions) without provisioning or maintaining a complex infrastructure. Cloud Providers deploy customer code to fully-managed, ephemeral, time-boxed containers that are live only during the invocation of the functions. Therefore, business can grow without customers having to worry about scaling or maintaining a complex infrastructure; this is called going serverless.

Amazon kicked off the serverless revolution with AWS Lambda in 2014, followed by Microsoft Azure Functions and Google Cloud Functions.

Serverless architecture

Serverless computing, or FaaS, is the fourth way to consume cloud computing. In this model, the responsibility for provisioning, maintaining, and patching servers is shifted from the customer to cloud providers. Developers can now focus on building new features and innovating, and pay only for the compute time that they consume.

Benefits of going serverless

There are a number of reasons why going serverless makes sense:

NoOps

: The server infrastructure is managed by the cloud provider, and this reduces the overhead and increases developer velocity. OS updates are taken care of and patching is done by the FaaS provider. This results in d

ecreased time to market and faster software releases,

and eliminates the need for a system administrator.

Autoscaling and high-availability

:

Function as a unit of scale leads to small, loosely-coupled, and stateless components that, in the long run, lead to scalable applications. It is up to the service provider to decide how to use its infrastructure effectively to serve requests from the customers and horizontally scale functions-based on the load.

Cost-optimization

: You pay only for the compute time and resources (RAM, CPU, network, or invocation time) that you consume. You don't pay for idle resources. No work indicates no cost. If t

he billing period on

a Lambda function

, for example, is 100 milliseconds, then it could significantly reduce costs.

Polygot

: One benefit that the serverless approach brings to the table is that, as a programmer, you can choose between different language runtimes depending on your use case. On

e part of the application can be written in Java, another in Go, another in Python; it doesn't really matter as long as it gets the job done.

Drawbacks of going serverless

On the other hand, serverless computing is still in its infancy; hence, it is not suitable for all use cases and it does have its limitations:

Transparency

: The infrastructure is managed by the FaaS provider. This is in exchange for flexibility; you don't have full control of your application, you cannot access the underlying infrastructure, and you cannot switch between platform providers (vendor lock-in). In future, we expect increasing work toward the unification of FaaS; this will help avoid vendor lock-in and allow us to run serverless applications on different cloud providers or even on-premise.

Debugging

: Monitoring and debugging tools were built without serverless architecture in mind. Therefore, serverless functions are hard to debug and monitor. In addition, it's difficult to set up a local environment to test your functions before deployment (pre-integration testing)

.

The good news is that tools will eventually arrive to improve observability in serverless environments, as serverless popularity is rising and multiple open source projects and frameworks have been created by the community and cloud providers (AWS X-Ray, Datadog, Dashbird, and Komiser).

Cold starts

: It takes some time to handle a first request by your function as the cloud provider needs to allocate proper resources (AWS Lambda needs to start a container) for your tasks. To avoid this situation, your function must remain in an active state.

Stateless

:

Functions need to be stateless to provide the provisioning that enables serverless applications to be transparently scalable. Therefore, to persist data or manage sessions, you need to use an external database, such as DynamoDB or RDS, or an in-memory cache engine, such as Redis or Memcached.

Having stated all these limitations, these aspects will change in the future with an increasing number of vendors coming up with upgraded versions of their platforms.

Serverless cloud providers

There are multiple FaaS providers out there, but to keep it simple we'll compare only the biggest three:

AWS Lambda

Google Cloud Functions

Microsoft Azure Functions

The following is a pictorial comparison:

As shown in the preceding diagram, AWS Lambda is the most used, best-known, and the most mature solution in the serverless space today, and that's why upcoming chapters will be fully dedicated to AWS Lambda.

AWS Lambda

AWS Lambda is the center of the AWS serverless platform:

AWS Lambda was launched at re:Invent 2014. It was the first implementation of serverless computing where users could upload their code to Lambda. It performs operational and administrative activities on their behalf, including provisioning capacity, monitoring fleet health, applying security patches, deploying their code, and publishing realtime logs and metrics to Amazon CloudWatch.