Hermann  Frami

Hermann Frami

1656655860

Serverless Secret Baker

Serverless Secret Baker is a Serverless Framework Plugin for secure, performant, and deterministic secret management using AWS Systems Manager Parameter Store and AWS KMS.  


How it works

AWS System Manager Parameter Store is responsible for storing and managing your versioned secret values. You can create and update your secrets via Parameter Store using your own workflow via the AWS Console or via the AWS CLI. When uploading secrets, Parameter Store will use KMS to perform the actual encryption of the secret and store the resulting ciphertext. It is important to choose a customer managed KMS CMK (customer managed key) rather than a AWS managed KMS CMK in this step in order to have the flexibility to decrypt the secrets at runtime, as we'll see later.

Serverless Secert Baker is responsbile for automatically retrieving the ciphertext stored in Parameter Store and storing it in a well-known file in your bundled application during serverless deploy. Serverless Secret Baker, nor Serverless Framework, never see the decrypted secret values.

Runtime Code Snippet for KMS Decryption is responsible for reading the ciphertext from the well-known file and decrypting it via KMS APIs for use in the application. Serverless Secret Baker provides sample code snippets in both Python and Node for performing this operation. Only Lambda functions with an IAM role that enables decryption via the specified KMS CMK will be able to decrypt the secrets.

Why all this fuss?

There are many solutions for secret management with AWS Lambda. Unfortunately, a lot of the solutions unnecessarily expose the secrets in plain text, incur latency by invoking an API call to decrypt a secret with every lambda invocation, or require potentially complex cache invalidation for when a secret is rotated.

Here are some common patterns to secret management and their downsides:

  1. Use Lambda Environment Variables: The plaintext value of the secret is exposed insecurely within the Cloud Formation template. AWS explicitly recommends not storing sensitive information in Lambda Environment Variables as it is not encrypted in transit during deploy time.
  2. Use the built-in Serverless Framework for AWS Parameter Store:. By using the built-in syntax of ${ssm:/path/to/secret~true} this will retrieve the plaintext secret at packaging time and store it in an Environment Variables. This has the same downsides to 1).
  3. Use AWS Parameter Store or AWS Secret Manager at Runtime: Requires either retrieving the secret via API at every invocation of the Lambda (latency) or retrieving it once and caching the secret in the lambda global scope. If caching the secret in global scope a cache invalidation strategy is needed to refresh the secret when it is updated in Parameter Store / Secret Manager to prevent lambdas using old, potentially invalid secrets.

This plugin addresses these concerns by focusing on:

  1. Security: Secrets should always be encrypted at rest and in transit. The secrets are stored in Parameter Store using a custom KMS CMK. The only time it is decrypted is at lambda invocation.
  2. Performance: Minimize external dependencies and API calls. The secrets are retrieved directly from KMS. There is no runtime dependency on Parameter Store or Secrets Manager. In addition, the secret can be cached in the Lambda global scope so only a single API call per warmed up lambda is needed.
  3. Deterministic State: Complex cache invalidation strategies are not needed. Because the ciphertext is bundled with the lambda at deploy time the secrets can be modified at the source in AWS Parameter Store without effecting the runtime state. In order to apply the new secrets, a new deployment of the Lambdas is required allowing it to go through a CI/CD pipeline to catch any potential errors with secrets and to ensure that all the lambdas get the new secret at the same time.

Step by step

  1. Create a symmetric customer managed KMS CMK
  2. Upload secrets as "SecureString" to SSM Parameter Store via AWS Console or AWS CLI, specifying the Cusomter Managed CMK in created in step 1
  3. Install this plugin via serverless plugin install --name serverless-secret-baker
  4. Add to your serverless.yml the following to specify which secrets to retrieve from parameter store:
custom:
  secretBaker:
    - MY_SECRET

The plugin will create a json file called secret-baker-secrets.json with all the secrets and include it in your application during packaging. In the above example the ciphertext and ARN of the AWS Parameter Store parameter located at MY_SECRET will be stored in the file under the key MY_SECRET.

See example code in examples folder for reference.

  1. Ensure your Lambda has permission to decrypt the secret at runtime using the CMK. Example:
iamRoleStatements:
  - Effect: Allow
    Action:
      - kms:Decrypt
    Resource:
      - # REPLACE with ARN for your CMK
  1. Add a code snippet in your application to decrypt the secret:

Advanced Configuration

If you would like to name your secrets something different than the path in Parameter Store you can specify a name and path in the configuration like so:

custom:
  secretBaker:
    # Retrieves the latest encrypted secret at the given parameter store path
    MY_SECRET: /path/to/ssm/secret

You can also pin your secrets to specific versions in Parameter Store to have a deterministic secret value:

custom:
  secretBaker:
    # Retrieves the version 2 encrypted secret at the given parameter store path 
    MY_SECRET: /path/to/ssm/secret:2

Alternate syntax explcitly defining name and path is also supported:

custom:
  secretBaker:
    - name: CUSTOM_SECRET
      path: a/custom/secret/path 

This allows you to mix styles

custom:
  secretBaker:
    - MY_SECRET
    - MY_OTHER_SECRET
    - name: CUSTOM_SECRET
      path: a/custom/secret/path 

Preserve the encrypted secrets file

The secrets files, secret-baker-secrets.json, is automatically generated at the start of every serverless deploy, serverless package, serverless invoke local, and serverless offline command. The secrets file, by default, will also be automatically removed upon command completion to not leave it in your source directory. If you'd like to preserve the secrets file, pass in the CLI option --no-secret-baker-cleanup

Author: Vacasaoss
Source Code: https://github.com/vacasaoss/serverless-secret-baker 
License: MIT license

#serverless #framework #plugin 

What is GEEK

Buddha Community

Serverless Secret Baker
Hermann  Frami

Hermann Frami

1655426640

Serverless Plugin for Microservice Code Management and Deployment

Serverless M

Serverless M (or Serverless Modular) is a plugin for the serverless framework. This plugins helps you in managing multiple serverless projects with a single serverless.yml file. This plugin gives you a super charged CLI options that you can use to create new features, build them in a single file and deploy them all in parallel

splash.gif

Currently this plugin is tested for the below stack only

  • AWS
  • NodeJS λ
  • Rest API (You can use other events as well)

Prerequisites

Make sure you have the serverless CLI installed

# Install serverless globally
$ npm install serverless -g

Getting Started

To start the serverless modular project locally you can either start with es5 or es6 templates or add it as a plugin

ES6 Template install

# Step 1. Download the template
$ sls create --template-url https://github.com/aa2kb/serverless-modular/tree/master/template/modular-es6 --path myModularService

# Step 2. Change directory
$ cd myModularService

# Step 3. Create a package.json file
$ npm init

# Step 3. Install dependencies
$ npm i serverless-modular serverless-webpack webpack --save-dev

ES5 Template install

# Step 1. Download the template
$ sls create --template-url https://github.com/aa2kb/serverless-modular/tree/master/template/modular-es5 --path myModularService

# Step 2. Change directory
$ cd myModularService

# Step 3. Create a package.json file
$ npm init

# Step 3. Install dependencies
$ npm i serverless-modular --save-dev

If you dont want to use the templates above you can just add in your existing project

Adding it as plugin

plugins:
  - serverless-modular

Now you are all done to start building your serverless modular functions

API Reference

The serverless CLI can be accessed by

# Serverless Modular CLI
$ serverless modular

# shorthand
$ sls m

Serverless Modular CLI is based on 4 main commands

  • sls m init
  • sls m feature
  • sls m function
  • sls m build
  • sls m deploy

init command

sls m init

The serverless init command helps in creating a basic .gitignore that is useful for serverless modular.

The basic .gitignore for serverless modular looks like this

#node_modules
node_modules

#sm main functions
sm.functions.yml

#serverless file generated by build
src/**/serverless.yml

#main serverless directories generated for sls deploy
.serverless

#feature serverless directories generated sls deploy
src/**/.serverless

#serverless logs file generated for main sls deploy
.sm.log

#serverless logs file generated for feature sls deploy
src/**/.sm.log

#Webpack config copied in each feature
src/**/webpack.config.js

feature command

The feature command helps in building new features for your project

options (feature Command)

This command comes with three options

--name: Specify the name you want for your feature

--remove: set value to true if you want to remove the feature

--basePath: Specify the basepath you want for your feature, this base path should be unique for all features. helps in running offline with offline plugin and for API Gateway

optionsshortcutrequiredvaluesdefault value
--name-nstringN/A
--remove-rtrue, falsefalse
--basePath-pstringsame as name

Examples (feature Command)

Creating a basic feature

# Creating a jedi feature
$ sls m feature -n jedi

Creating a feature with different base path

# A feature with different base path
$ sls m feature -n jedi -p tatooine

Deleting a feature

# Anakin is going to delete the jedi feature
$ sls m feature -n jedi -r true

function command

The function command helps in adding new function to a feature

options (function Command)

This command comes with four options

--name: Specify the name you want for your function

--feature: Specify the name of the existing feature

--path: Specify the path for HTTP endpoint helps in running offline with offline plugin and for API Gateway

--method: Specify the path for HTTP method helps in running offline with offline plugin and for API Gateway

optionsshortcutrequiredvaluesdefault value
--name-nstringN/A
--feature-fstringN/A
--path-pstringsame as name
--method-mstring'GET'

Examples (function Command)

Creating a basic function

# Creating a cloak function for jedi feature
$ sls m function -n cloak -f jedi

Creating a basic function with different path and method

# Creating a cloak function for jedi feature with custom path and HTTP method
$ sls m function -n cloak -f jedi -p powers -m POST

build command

The build command helps in building the project for local or global scope

options (build Command)

This command comes with four options

--scope: Specify the scope of the build, use this with "--feature" tag

--feature: Specify the name of the existing feature you want to build

optionsshortcutrequiredvaluesdefault value
--scope-sstringlocal
--feature-fstringN/A

Saving build Config in serverless.yml

You can also save config in serverless.yml file

custom:
  smConfig:
    build:
      scope: local

Examples (build Command)

all feature build (local scope)

# Building all local features
$ sls m build

Single feature build (local scope)

# Building a single feature
$ sls m build -f jedi -s local

All features build global scope

# Building all features with global scope
$ sls m build -s global

deploy command

The deploy command helps in deploying serverless projects to AWS (it uses sls deploy command)

options (deploy Command)

This command comes with four options

--sm-parallel: Specify if you want to deploy parallel (will only run in parallel when doing multiple deployments)

--sm-scope: Specify if you want to deploy local features or global

--sm-features: Specify the local features you want to deploy (comma separated if multiple)

optionsshortcutrequiredvaluesdefault value
--sm-paralleltrue, falsetrue
--sm-scopelocal, globallocal
--sm-featuresstringN/A
--sm-ignore-buildstringfalse

Saving deploy Config in serverless.yml

You can also save config in serverless.yml file

custom:
  smConfig:
    deploy:
      scope: local
      parallel: true
      ignoreBuild: true

Examples (deploy Command)

Deploy all features locally

# deploy all local features
$ sls m deploy

Deploy all features globally

# deploy all global features
$ sls m deploy --sm-scope global

Deploy single feature

# deploy all global features
$ sls m deploy --sm-features jedi

Deploy Multiple features

# deploy all global features
$ sls m deploy --sm-features jedi,sith,dark_side

Deploy Multiple features in sequence

# deploy all global features
$ sls m deploy  --sm-features jedi,sith,dark_side --sm-parallel false

Author: aa2kb
Source Code: https://github.com/aa2kb/serverless-modular 
License: MIT license

#serverless #aws #node #lambda 

Serverless Applications - Pros and Cons to Help Businesses Decide - Prismetric

In the past few years, especially after Amazon Web Services (AWS) introduced its Lambda platform, serverless architecture became the business realm’s buzzword. The increasing popularity of serverless applications saw market leaders like Netflix, Airbnb, Nike, etc., adopting the serverless architecture to handle their backend functions better. Moreover, serverless architecture’s market size is expected to reach a whopping $9.17 billion by the year 2023.

Global_Serverless_Architecture_Market_2019-2023

Why use serverless computing?
As a business it is best to approach a professional mobile app development company to build apps that are deployed on various servers; nevertheless, businesses should understand that the benefits of the serverless applications lie in the possibility it promises ideal business implementations and not in the hype created by cloud vendors. With the serverless architecture, the developers can easily code arbitrary codes on-demand without worrying about the underlying hardware.

But as is the case with all game-changing trends, many businesses opt for serverless applications just for the sake of being up-to-date with their peers without thinking about the actual need of their business.

The serverless applications work well with stateless use cases, the cases which execute cleanly and give the next operation in a sequence. On the other hand, the serverless architecture is not fit for predictable applications where there is a lot of reading and writing in the backend system.

Another benefit of working with the serverless software architecture is that the third-party service provider will charge based on the total number of requests. As the number of requests increases, the charge is bound to increase, but then it will cost significantly less than a dedicated IT infrastructure.

Defining serverless software architecture
In serverless software architecture, the application logic is implemented in an environment where operating systems, servers, or virtual machines are not visible. Although where the application logic is executed is running on any operating system which uses physical servers. But the difference here is that managing the infrastructure is the soul of the service provider and the mobile app developer focuses only on writing the codes.

There are two different approaches when it comes to serverless applications. They are

Backend as a service (BaaS)
Function as a service (FaaS)

  1. Backend as a service (BaaS)
    The basic required functionality of the growing number of third party services is to provide server-side logic and maintain their internal state. This requirement has led to applications that do not have server-side logic or any application-specific logic. Thus they depend on third-party services for everything.

Moreover, other examples of third-party services are Autho, AWS Cognito (authentication as a service), Amazon Kinesis, Keen IO (analytics as a service), and many more.

  1. Function as a Service (FaaS)
    FaaS is the modern alternative to traditional architecture when the application still requires server-side logic. With Function as a Service, the developer can focus on implementing stateless functions triggered by events and can communicate efficiently with the external world.

FaaS serverless architecture is majorly used with microservices architecture as it renders everything to the organization. AWS Lambda, Google Cloud functions, etc., are some of the examples of FaaS implementation.

Pros of Serverless applications
There are specific ways in which serverless applications can redefine the way business is done in the modern age and has some distinct advantages over the traditional could platforms. Here are a few –

🔹 Highly Scalable
The flexible nature of the serverless architecture makes it ideal for scaling the applications. The serverless application’s benefit is that it allows the vendor to run each of the functions in separate containers, allowing optimizing them automatically and effectively. Moreover, unlike in the traditional cloud, one doesn’t need to purchase a certain number of resources in serverless applications and can be as flexible as possible.

🔹 Cost-Effective
As the organizations don’t need to spend hundreds and thousands of dollars on hardware, they don’t need to pay anything to the engineers to maintain the hardware. The serverless application’s pricing model is execution based as the organization is charged according to the executions they have made.

The company that uses the serverless applications is allotted a specific amount of time, and the pricing of the execution depends on the memory required. Different types of costs like presence detection, access authorization, image processing, etc., associated with a physical or virtual server is completely eliminated with the serverless applications.

🔹 Focuses on user experience
As the companies don’t always think about maintaining the servers, it allows them to focus on more productive things like developing and improving customer service features. A recent survey says that about 56% of the users are either using or planning to use the serverless applications in the coming six months.

Moreover, as the companies would save money with serverless apps as they don’t have to maintain any hardware system, it can be then utilized to enhance the level of customer service and features of the apps.

🔹 Ease of migration
It is easy to get started with serverless applications by porting individual features and operate them as on-demand events. For example, in a CMS, a video plugin requires transcoding video for different formats and bitrates. If the organization wished to do this with a WordPress server, it might not be a good fit as it would require resources dedicated to serving pages rather than encoding the video.

Moreover, the benefits of serverless applications can be used optimally to handle metadata encoding and creation. Similarly, serverless apps can be used in other plugins that are often prone to critical vulnerabilities.

Cons of serverless applications
Despite having some clear benefits, serverless applications are not specific for every single use case. We have listed the top things that an organization should keep in mind while opting for serverless applications.

🔹 Complete dependence on third-party vendor
In the realm of serverless applications, the third-party vendor is the king, and the organizations have no options but to play according to their rules. For example, if an application is set in Lambda, it is not easy to port it into Azure. The same is the case for coding languages. In present times, only Python developers and Node.js developers have the luxury to choose between existing serverless options.

Therefore, if you are planning to consider serverless applications for your next project, make sure that your vendor has everything needed to complete the project.

🔹 Challenges in debugging with traditional tools
It isn’t easy to perform debugging, especially for large enterprise applications that include various individual functions. Serverless applications use traditional tools and thus provide no option to attach a debugger in the public cloud. The organization can either do the debugging process locally or use logging for the same purpose. In addition to this, the DevOps tools in the serverless application do not support the idea of quickly deploying small bits of codes into running applications.

#serverless-application #serverless #serverless-computing #serverless-architeture #serverless-application-prosand-cons

Secret Email System Review - Recommended or Not?

Matt Bacak’s secret email system is one of the most successful products in the WarriorPlus marketplace in recent memory. My secret email system review will not try to hard sell you on the product – I mean, it’s pretty cheap, so if you’re going to buy it, you’re going to buy it. Instead, I’ll concentrate on explaining the benefits of email marketing and how to get the most out of Matt’s system.

Nowadays, digital marketing is essential for every business. But what is the best strategy? There are many different points of view, but one thing is certain: emails are essential. Email marketing is one of the most efficient and cost-effective ways to promote a business online, and it is simple and inexpensive to get started. The most important thing is to understand your audience and deliver content and offers that are truly relevant to them.

The PDF Download of an Honest Secret Email System Review
The front-end product
What Matt Bacak is selling, which has been promoted by such capable affiliates as Curt Maly, is a PDF ebook that you can download immediately after purchasing. However, there are a number of bonuses included to sweeten the deal. You get access to Mr. Bacak’s private Facebook group, and instead of a simple PDF download, you get a massive zip file full of useful files and videos.
Now that we know what we’re up against, let’s get into this secret email system review!

What is Included in the Secret Email System Download?
Here is a list of everything you get inside the zip file sold at the front end of the Secret Email System:

Matt Bacak’s 3x Formula Calculator (plus a video explaining how to use it)
1000 email swipe files in text format (swipe files or “swipes” are like templates you can repurpose in a variety of ways).
A 1.5-hour video session

Free access to Matt’s high-converting leadpages lead generation template
A massive book of swipe files (in PDF format)
A copy of Matt’s book, Secrets of the Internet Millionaire Mind,
A video tutorial on how to select “irresistible offers” from affiliate marketplaces.

The PDF version of The Secret Email System
The Checklist for the Secret Email System PDF
Text files containing instructions for joining the Facebook group and other bonuses
Matt was charging less than $6 for all of that value last time I checked. He is demonstrating his many years of experience in internet marketing by creating an irresistible offer that people will want to buy and affiliates will want to promote. As a result, the Secret Email System has sold more copies on Warrior Plus than any other product in recent memory.

Examine everything included in the secret email system
Who is Matt Bacak, and why should I listen to him?
Many consider Matt Bacak to be an internet marketing legend, and email marketing is his primary focus. My first encounter with Matt came in the form of some Facebook ads he ran. Matt explained who he was in the video ad (which featured a little guy dancing in the background) and invited me to visit his blog, which I did. He demonstrated a thorough understanding of online business, so it’s no surprise that he put together the ultimate email marketing package.
headshot of Matt Bacak

Overall, Matt’s ad was one of the strangest Facebook ads I’ve ever seen. It was also one of the most effective and memorable. I didn’t buy whatever Matt was selling that day, but I read his blog and remembered his name and who he was. When I saw Curt Maly running ads for Matt Bacak’s Secret Email System months later, it made a big difference.

When I saw that the price was under $6 and that the bonuses were included, I knew I had to buy the product. I didn’t buy it right away because I was too busy, but it stayed in the back of my mind until I had the opportunity to do so.
If it isn’t obvious, I’ll explain: the reason you should listen to Matt Bacak is that he knows how to get inside people’s heads and stay there, both as a marketer and as a public figure.

Is the Secret Email System Training of Good Quality?
At first glance, the training does not appear to be groundbreaking, but this is because the creator is unconcerned about flashy packaging. You literally get a zip file full of stuff that most people would put on a membership website. I can see how this would irritate some people who are used to flashy ClickFunnels and Kajabi courses.

If that describes you, you’re missing out. Matt’s training isn’t flashy, but it describes a solid system that most businesses can implement in some way. As the name implies, it all revolves around building a list and emailing it on a regular basis. Did I ruin the surprise?
Front end offer and upsells from a secret email system
Bonuses from the Secret Email System (and a Bonus From Me)
I’ve already outlined everything you get in the zip file that serves as the funnel’s front-end offer. Everything else, other than the Secret Email System PDF itself, is considered a bonus, and the total value could easily be in the hundreds of dollars.

That’s why purchasing this product was such a no-brainer for me. I already knew how to write good marketing emails, but I really wanted to look inside Matt’s system.
In addition to everything else, you’ll get lifetime access to Matt’s private Facebook community. He answers questions from people here on a daily basis, and it can be a great place to learn.

The truth is that you get so much value and stuff from purchasing this product that adding another bonus is almost pointless. But I’m a bonus machine, so be prepared.
In 2020, I published my first book on email marketing, How to Build Your First Money Making Email List. You’re already getting a lot of reading material, but if you purchase Matt’s product through my link, I’ll add it to the stack. Most of the books I write sell for $27, so this just adds to the ridiculous valuation of this sub-six-dollar product.
Bonuses Bonuses for Matt Bacak’s Secret Email System
Will This Product Really Help You Make Money Online?

It all depends on whether or not you use the secret email system. According to multiple sources, Matt Bacak is in charge of millions of dollars in sales for both himself and his clients. And the best thing about this guy is that he’s upfront and honest, and he puts his money where his mouth is. What I mean is that he doesn’t hold anything back in the books he writes. That is another reason he has amassed such a large and devoted fan base.

Finally, if your business can profit from email marketing or if you want to use email marketing to become an influential public figure, I believe this ebook can assist you. It helped me improve my understanding of the business side of being an affiliate marketer and is far more valuable than the price tag. This product will be especially useful if you want to get started in affiliate marketing with a small investment.

matt bacak’s business model
Going Beyond My Review – Secret Email System
The book itself goes beyond email marketing, but I don’t want to give too much away. Instead, I’ll go over some of the finer points of lead generation quickly so you can get started building your email list as soon as possible.

Now, I’m guessing that roughly 90% of people reading this review are affiliate marketers or are interested in affiliate marketing. As a result, I’m going to focus on lead generation strategies used by many successful affiliates. If you want to learn more about my favorite affiliate marketing strategies, click on that link to read my in-depth guide.

The Most Effective Methods for Building an Email List
Here’s a rundown of some of the best (and quickest) ways to build an email list. First, you’ll need a way to collect emails, and it must be a high-converting method. My favorite lead generation tools are:
ConvertBox (on-site messaging software/advanced popup builder)
ConversioBot (website chatbot platform)

You may have noticed that the majority of them are chatbots. Chatbots, on the other hand, are one of the best ways to not only capture an email address, but also to obtain additional customer information and even directly sell products.
The following are the most effective ways to drive traffic to these tools:
Facebook ads (particularly effective when paired with ConvertBox)
Google Ads and YouTube Ads (a killer combination with ConvertBox or Conversiobot)

Influencer Marketing
Facebook organic marketing
Search Engine Optimization
Secret Email System sales page Matt Bacak

If you can master even one of those traffic methods and use it to drive people to a high-converting optin or sales funnel, you’ll be well on your way to creating a recurring income.
Whether or not you choose to purchase this product through my link, I wish you the best of luck with your online business. If you do purchase the system, I hope to see you in the Facebook community! Please feel free to contact me via message or email at any time.

And if you do get the ebook through my link, please let me know so I can send you a copy of my book as a bonus!

Frequently Asked Questions (FAQs) About The Secret Email System
Here are some frequently asked product-related questions.
Is the secret email system bonus worth it?

In my opinion, the front end product and the majority of the bonuses are worth the price. I would have paid more just to gain access to Matt’s Facebook group!
What are the benefits of a hidden email system?
The main benefit is that you will learn one of the highest ROI business practices (email marketing) from someone who has built a seven-figure online business.

What do you call email marketing?
Email marketing is an important component of digital marketing for many businesses. Email marketing software is frequently referred to as an autoresponder, but a good email marketing platform will have more functionality.

Is this a legitimate way to make money online?
My secret email system review says it’s a great way to make money online as long as your online business uses marketing emails. It does require a list, but Matt teaches several methods for creating one.

Visit The Officail Website

#secret email system matt bacak #secret email system review #secret email system #secret email system bonus #secret email system bonuses #secret email system reviews

Christa  Stehr

Christa Stehr

1602681082

Overcoming Common Serverless Challenges with Mainframe CICS Programs

By this point most enterprises, including those running on legacy infrastructures, are familiar with the benefits of serverless computing:

  • Greater scalability
  • Faster development
  • More efficient deployment
  • Lower cost

The benefits of agility and cost reduction are especially relevant in the current macroeconomic environment when customer behavior is changing, end-user needs are difficult to predict, and development teams are under pressure to do more with less.

So serverless is a no-brainer, right?

Not exactly. Serverless might be relatively painless for a new generation of cloud-native software companies that grew up in a world of APIs and microservices, but it creates headaches for the many organizations that still rely heavily on legacy infrastructure.

In particular, enterprises running mainframe CICS programs are likely to encounter frustrating stumbling blocks on the path to launching Functions as a Service (FaaS). This population includes global enterprises that depend on CICS applications to effectively manage high-volume transactional processing requirements – particularly in the banking, financial services, and insurance industries.

These organizations stand to achieve time and cost savings through a modern approach to managing legacy infrastructure, as opposed to launching serverless applications on a brittle foundation. Here are three of the biggest obstacles they face and how to overcome them.

Challenge #1

Middleware that introduces complexity, technical debt, and latency. Many organizations looking to integrate CICS applications into a microservices or serverless architecture rely on middleware (e.g., an ESB or SOA) to access data from the underlying applications. This strategy introduces significant runtime performance challenges and creates what one bank’s chief architect referred to as a “lasagna architecture,” making DevOps impossible.

#serverless architecture #serverless functions #serverless benefits #mainframes #serverless api #serverless integration

Christa  Stehr

Christa Stehr

1602964260

50+ Useful Kubernetes Tools for 2020 - Part 2

Introduction

Last year, we provided a list of Kubernetes tools that proved so popular we have decided to curate another list of some useful additions for working with the platform—among which are many tools that we personally use here at Caylent. Check out the original tools list here in case you missed it.

According to a recent survey done by Stackrox, the dominance Kubernetes enjoys in the market continues to be reinforced, with 86% of respondents using it for container orchestration.

(State of Kubernetes and Container Security, 2020)

And as you can see below, more and more companies are jumping into containerization for their apps. If you’re among them, here are some tools to aid you going forward as Kubernetes continues its rapid growth.

(State of Kubernetes and Container Security, 2020)

#blog #tools #amazon elastic kubernetes service #application security #aws kms #botkube #caylent #cli #container monitoring #container orchestration tools #container security #containers #continuous delivery #continuous deployment #continuous integration #contour #developers #development #developments #draft #eksctl #firewall #gcp #github #harbor #helm #helm charts #helm-2to3 #helm-aws-secret-plugin #helm-docs #helm-operator-get-started #helm-secrets #iam #json #k-rail #k3s #k3sup #k8s #keel.sh #keycloak #kiali #kiam #klum #knative #krew #ksniff #kube #kube-prod-runtime #kube-ps1 #kube-scan #kube-state-metrics #kube2iam #kubeapps #kubebuilder #kubeconfig #kubectl #kubectl-aws-secrets #kubefwd #kubernetes #kubernetes command line tool #kubernetes configuration #kubernetes deployment #kubernetes in development #kubernetes in production #kubernetes ingress #kubernetes interfaces #kubernetes monitoring #kubernetes networking #kubernetes observability #kubernetes plugins #kubernetes secrets #kubernetes security #kubernetes security best practices #kubernetes security vendors #kubernetes service discovery #kubernetic #kubesec #kubeterminal #kubeval #kudo #kuma #microsoft azure key vault #mozilla sops #octant #octarine #open source #palo alto kubernetes security #permission-manager #pgp #rafay #rakess #rancher #rook #secrets operations #serverless function #service mesh #shell-operator #snyk #snyk container #sonobuoy #strongdm #tcpdump #tenkai #testing #tigera #tilt #vert.x #wireshark #yaml