
New for AWS Lambda – Environment Variables and Serverless Application Model - luhn
https://aws.amazon.com/blogs/aws/new-for-aws-lambda-environment-variables-and-serverless-application-model/
======
djhworld
The environment variables thing was desperately needed, I raised this as a
Feature Request with AWS over a year ago (my work has enterprise support)

I remember them telling us a way to make a lambda function distinguish whether
it is in a DEV/TEST or PROD environment was to do some sort of regex on the
function name, which was suboptimal, especially if you have Lambda's created
via CloudFormation.

We "got around" this problem by creating tables in DynamoDB as our DEV/PROD
environments are in separate AWS accounts, so the dynamo tables contained
simple key/value pairs that you would read once when the lambda container
started up. Another option would be to have a file in S3 or something, but you
still have to write code to manage the retrieval of those resources.

Looking forward to dropping all that infrastructure and using this feature
instead.

~~~
scrollaway
Did you happen to raise a feature request for Python 3 as well? With any luck,
we'll get that before Python 4 is released... :)

~~~
djhworld
We primarily use Java 8, but I'd imagine a lot of people have raised it

------
forrestbrazeal
My team has been using Lambda/Dynamo/API Gateway/Cognito for a couple of web
services this year and really loving it. The addition of CloudWatch Events to
the mix was really the final piece of the puzzle for us, because now we can
launch lambda functions on a schedule to perform asynchronous background tasks
(think data crunching, email notifications, etc).

Lambda is maturing so fast that I almost feel bad complaining about it, but of
course we have run into our fair share of issues, too. One thing that's making
our life more difficult right now is the fact that when you launch a Lambda
function in a VPC via CloudFormation, the function's ENI doesn't get attached
until the function runs the first time, so CloudFormation doesn't know
anything about the ENI. Thus, when you tear down the CF stack, the ENI gets
orphaned and hangs around in a detached state. Throw some automation into the
mix and you can start eating up IP addresses in your subnet really fast. I
have no doubt they will fix this soon.

~~~
manojlds
Interesting. I want to see how Terraform fares in this aspect.

------
schappim
Do you use / know of any services like AWS Lambda that supports Ruby out of
the box?

I've been playing with AWS Lambda using travelling Ruby and Mruby, but have
hit issues (with native gems etc).

I have used Iron Worker previously, but they seem to be going up market and
don't even display pricing on their site.

Thanks in advance for your input!

~~~
ch4s3
I wonder if you could use opal?

~~~
schappim
yeah that was one of my very early thoughts...

~~~
ch4s3
I'm not normally interested in Opal per se, but it would be great for this.
I'd much rather write Ruby for simple call/response APIs than JS.

------
iwintermute
Can anyone share their experiences using AWS Lambda in Production?

~~~
tjholowaychuk
I wrote the apex(1) tool and created
[https://apex.sh/ping/](https://apex.sh/ping/) with Lambda, in general it has
been great, has scaled flawlessly since launch (granted I'm only doing ~8M
requests / day).

Conceptually I think it's great for pipelines or use-cases like this, VMs are
generally a terrible level of abstraction for a lot of problems, and the
Lambda style promotes better architecture because of this.

The connectivity between Kinesis/SNS and friends is great. I'd agree that
Lambda is not currently a good fit for "regular" apps, APIs should be fine now
that the proxy stuff is in there, though there's slight latency.

No need to worry about gracefully stopping or restarting daemons, just push
new code and the old stuff goes away, it really is a great abstraction that
way. Basically replace anything you'd use a Go channel for, with more Lambda
or SNS->Lambda if you need retries and backoff, it'll spare you a lot of code.

I find the workflow great as well, the slowest part for me is compiling the Go
binaries, the rest is virtually instant. Especially now with all this
needlessly complex Docker stuff it's refreshing to use something simple.

Cost is prohibitive for sustained use, so make sure you price things out
properly, it sounds very cheap until you look at say a constant 100 requests/s
behind API Gateway. It's easily 300-400% what you'd pay on EC2.

Cold-start is really a non-issue in most cases, it seems to take very little
to keep a function warmed, so unless you get zero traffic (which would be dirt
cheap on a t2.micro anyway) you'll be fine.

~~~
boyd
Had never heard of apex. Looks really nice and giving it a try now!

Edit: Feedback: Really like it. One feature that would be _very nice_ would be
the ability to trigger a ping on demand, e.g., for testing auth set up on a
request. Runscope implements a similar feature. Otherwise great so far!

~~~
tjholowaychuk
Thanks! Agreed, I have that on the list, quick sanity check is always good.
Taking a bit of a break to work on other products but I'll keep adding to it.

~~~
tedmiston
I've looked at Apex a few times. I was going to ask you for a hacker plan but
it sounds like you're already doing such numbers it might not be justified. It
would be really nice for me to be able to have a master subscription for my
contracting work for client projects.

~~~
tjholowaychuk
I've thought about adding a smaller plan, I still might at some point but it
certainly reaches a level where it's not really worth it, especially since I
want to provide equal support to everyone. I'll have to experiment with that.

I had limited free plans originally but that went horribly wrong haha, free
users only attract other free users, a few days later I had like 4000 free
people. Maybe that works for startups, but not "real" companies.

------
consultutah
Interesting. Slowly carving away at the reasons that serverless.com was
created.

~~~
Everhusk
Very slowly, Serverless had this a year ago. By the time AWS gets something
like a 'sls function deploy' it's pretty likely that serverless will have
support multiple cloud providers, in which case they should be pretty safe.

~~~
cagataygurturk
With cloudformation you can deploy full stack serverless apps. IMHO You don't
need serverless any more.

~~~
workleg
I beg to differ. CloudFormation is great, but crafting CF templates for non-
trivial backends is not for the faint of heart. Also iterating on them while
tweaking things in CF templates and corresponding logic in micro-services
running on Lambda is not the shortest/fastest feedback loop with the current
AWS tooling. Also things are pretty hard to test. After over a year of
struggling with the current tooling, I've started working on a framework [0]
that would allow writing serverless infrastructures at a higher abstraction
level.

[0]: [http://qmu.li](http://qmu.li)

------
brilliantcode
Has anyone been able to get Chalice to work?

[https://github.com/awslabs/chalice](https://github.com/awslabs/chalice)

Basically, I'm interested to know how the Swagger template file will look a
like. It'd be nice if you could use Swagger to quickly create REST api on
Lambda stack.

Being able to quickly generate scaffold CRUD REST api on Lambda behind
Authentication + DynamoDB would be an absolute killer app.

I'd imagine that Azure is not far behind. But one thing that's killing it for
Azure is the Visual Studio IDE. Edit my ASP web app, one click deploy to Azure
from inside VS is a killer app as well.

I really wish AWS came up with their own IDE where it would be tightly
integrated with AWS. Imagine if you could write code and deploy it instantly
without setting things up yourself through the AWS console (not that it's bad
or anything).

~~~
Mizza
I'm biased saying this, but Chalice is a half-baked rip-off of Zappa[0],
deliberately nerfed by Amazon to lock you into the AWS stack.

If you want to see an example of how easy it is to use Zappa + Lambda +
DyanamoDB, you can check out Zappa BitTorrent Tracker, which can use S3 or
DynamoDB as a back-end.[1]

As a bonus, Zappa has had both local and remote environment variables as a
feature for months - although it's pretty cool that this new announcement can
use KMS, although that will of course mean more vendor-lock in if you choose
to go that route.

[0] [https://github.com/Miserlou/Zappa](https://github.com/Miserlou/Zappa) [1]
[https://github.com/Miserlou/zappa-bittorrent-
tracker](https://github.com/Miserlou/zappa-bittorrent-tracker)

~~~
ranman
(I work for AWS) I've been livestreaming building a zappa app on twitch.tv/aws
! daysuntilreinvent.com is powered by zappa!

I will say that chalice wasn't meant to copy zappa. Chalice and Zappa both
started in Jan of 2016. Zappa has way more features and is a wonderful piece
of software.

One thing Chalice does well that I'd love to see in Zappa is automatically
figuring out what kind of IAM policy/permissions you need by analyzing the
code.

------
vmarsy
Nice, This could be useful also if you could have "secret" variables as well,
similar to [1].

[1] [https://www.visualstudio.com/en-
us/docs/build/define/variabl...](https://www.visualstudio.com/en-
us/docs/build/define/variables#secret-variables)

------
jtwaleson
Does anyone know if the 256 character limit for the value is in place like in
ECS? Super annoying.

~~~
nitrogen
You could probably split longer data into multiple variables and concatenate
them, but maybe having such large environment variables is a sign that you
might be better served with a different mechanism.

For example, instead of passing in a big JSON blob, one could split the JSON
keys into separate environment variables.

~~~
jtwaleson
I wanted to add a 2K public key, could be split up but annoying solution. Used
a IAM role with rights to an S3 object in the end.

~~~
chronial
If you can, you should switch to elliptic curve keys – they are less than 256
bytes.

------
tedmiston
This is a _very_ welcome improvement to an awesome service that I use daily.
Now if we could just get a smoother bundling / deployment workflow or a way to
edit uploaded bundles on the AWS Lambda dashboard.

------
skoocda
Has anyone been able to use Lambda for relatively high-memory load
applications? (~2GB+ RAM)

That's our biggest restraint at the moment, so far I haven't seen any good
options.

~~~
djhworld
Lambda only supports up to a maximum of 1536mb of RAM right now.

I've been involved with developing lambda functions that consume roughly 1.2gb
of ram each time, but the memory usage is easy to predict as the function is
triggered by files in S3 that are about the same size.

They say to break your problem down into smaller chunks to fit into the memory
- is that possible in your case?

~~~
skoocda
Not easily! I'm doing speech recognition; I might be able to run a segment
through two separate models, with half the lexicon available in each run, then
just combine the results. However I don't think the overall savings will be
enough to justify running it twice. It's getting close though, once they get
the RAM up more, I'll try it out.

------
tszming
Environments (dev, prod etc) support would be great, currently need to use
apex to simulate.

------
packetslave
my current annoyance with Lambda is the lack of support for timezones in the
scheduler. we use it for spinning up/down EC2 instances at particular times,
and having to manually work around DST is a pain.

