stdlib.com an easy way to deploy to AWS Lambda + API Gateway?
nelsonic opened this issue ยท 4 comments
Keith Horwood of http://stdlib.com/ reached out for feedback.
Since he asked nicely (and I believe in giving before you get...)
I'm giving him One Pomodoro of my time. โ๏ธ ๐ธ ๐
First impression is: Really promising!
Automatic Scaling Without Configuration
How? given that Lambda has an initial limit of 100 concurrent invocations ...
which you then have to "contact support" to get extended according to your needs...
see: http://stackoverflow.com/questions/36826352/aws-lambda-toomanyrequestsexception-rate-exceeded (I know, because I've felt the pain of hitting the "Lambda-Limit"...) ๐
Is thestdlib.comservice running my lambdas on their AWS account in which case they are handling the scaling for me? so I don't have to manually contact AWS support...?
Ease of deployment looks great!
A Complete End-to-End "Server-less" Solution
GitHub Repo: clearly got some good traction. โญ๏ธ
Docs look great! http://docs.stdlib.com/main/#/introduction โ
Signed up (though not a fan of a modal for signup, I'm sure they have A/B tested it for conversion...)
Next action after signup is unclear... what do I do now?
Will reading the docs get me up and running in the next minute before I get distracted by a notification?
Don't see the point of a profile page that I have to manually update...
I would have used GitHub auth here... get people's details and profile pic from GitHub... ๐ค
or Twitter. most Devs I know have twitter... ๐ฆ
Scrolled down and see that I have No Services Available...
I would have a link to help the person create their "Hello World" first service.
e.g: http://docs.stdlib.com/main/#/quickstart
The next logical thing for me after I'm "sold" on the features is to ask "How Much?!"
Pricing: http://stdlib.com/pricing is where the site lets me down. still unclear... ๐ค
This is the only thing "holding me back" from building something on it today.
I like to know exactly how something can be "free".
Does Keith have a mountain of money he's burning to get his service to critical mass and then sell it to Big Company XYZ (e.g: MSFT who aren't competing particularly well in against AWS Lambda...)
Feedback to Keith
- Website (Landing Page) is superb.
- clear offering and call-to-action to try the product!
- Docs are great and able to get up-and-running quickly!
TODO
In order of importance to me (a potential user):
- Pricing holding me back from adopting it... how is it "free"? (VC Funded?)
will it have the same fate as Nodejitsu ?
I don't want to invest my time in learning/using a (admittedly great looking) platform for the "rug" to be pulled in a year's time and be forced to "migrate" all my microservices at short-notice... clarify this set up a basic PayPal form to accept $10 from me an I will try it. Being able to pay to use a service actually gives it credibility!! ๐ - "Try Online" deploy the hello world example (without any "global" installation)
- How do I run locally and what is the "Continuous Integration Story"...?
- Do I still have to pay AWS or does
stdlibhandle the payment to AWS (and then is there a markup for the Compute/Gateway resources or same cost?) - Give me a way to make a "Buildpack" https://devcenter.heroku.com/articles/buildpacks which I can single-click deploy a microservice to AWS and I'm SOLD!
Conclusion
Sadly my Pomodoro is has run out! โ๏ธ
but I would invest more time in this if these "Todo" items were addressed by Keith and his team!
I cannot recommend something I haven't tried. (and nobody else should!!)
Looks really promising.
@keithwhor is a credible developer with great project: https://github.com/keithwhor/nodal under his belt so I believe this has real potential! #WatchThisSpace!
tl;dr
There Are Many Serverless "Solutions" ... what is the stdlib USP?
Why would I use this instead of
- AWS Lambda (the Gorilla!)
- https://serverless.com (the "works everywhere" market leading framework...)
- https://github.com/claudiajs/claudia deployment tool to Lambda + Gateway
- https://github.com/Miserlou/Zappa (credible Python-based system with more traction than stdlib)
see discussion: https://news.ycombinator.com/item?id=13089630
Security Concerns
Note: this is a personal "bugbear" of mine and not a direct "criticism" of anyone @stdlib.com
Why do I need to install the CLI globally?
why should I trust a random package from NPM with global access to my system? Can't I try this without making a commitment of installing a CLI globally?
to be clear I - and most people - tend to give people the benefit of the doubt when it comes to the security of their code, but
shouldI...?!?
thiscould be the ultimate engineering attack!!... @evilpacket right...? ๐ญ
how trivial would it be to setup a nice-looking website buy some adwords for "Serverless" or "mine" GitHub for email addresses and get devs to install a "toolkit" that is actually a rootkit ...?
What are your impressions?
Hey Nelson --- thanks for making this thread for feedback.
I actually want to be clear, we run our own gateway and we don't consider "deploying to Lambda" a core competency. It's something we do, but we think about deploying to Lambda like changing your own brakes --- if it's really "zero-ops", why do I still feel like I need trustworthy mechanics? (serverless, apex, claudia, etc.) We, in a sense, take "serverless" for granted - it's clearly the future of compute, so what's next? That's what we're focused on - the next abstractions. Deployment is trivial, we can all write .zip tools and call an API. (Though we're still happy about our workflow.)
It's best if you think of what we're doing with StdLib almost like GitHub for service deployment. We'll be publishing more information in the coming weeks about pricing (we've hammered most of it down). I don't want to use this as an excuse, because execution and delivery are ultimately all that matters, but if you want to know why we're going to stick around --- the majority of the workflows you see were created by one developer - that's me - with the web UIs generated by a very talented Google engineer who joined our team only a couple of months ago. There's still a lot to build, and though we are venture-backed, we're also extremely capital efficient (we're pretty proud of that --- having your own compute platform that you can dogfood endlessly helps in a bit of a virtuous cycle). The team we've brought together is extremely competent, and we're lucky to have them.
Thanks again for this --- the criticism is extremely helpful and we'll be executing on it as fast as we can. We're far from perfect, and we work within tight constraints to deliver as much value as possible. We'd love it if you and others let us know what you want to see next --- because we're building it. :)
Thanks so much,
- Keith
Also, if you wanna check out a recent article we wrote about massively parallel DNA sequence alignment on StdLib, here it is :) (I dropped out of an MS in Biochemistry to run my first startup, hence the little bit of specialization in the space):
@keithwhor I'm really excited for what you & your team are building! I can see from the commit history that you have made a monumental effort over the last few months and if you continue your momentum it will be an amazing product! I will fire up a VM later and install your CLI globally and give it a shot. The fact that you replied on GitHub gives me a lot of faith that you aren't some "customer service" rep who "values my call", but rather are a passionate and dedicated CEO who is executing on a vision for what "serverless" can be!
I will gladly do a full write-up "post" on stdlib when pricing is available.
But meanwhile, if you can assure me that it will be in a similar ballpark to Lambda+Gateway, I'm happy to write a service and deploy it to your system this weekend...
Thanks again for reaching out and for sharing the link(s)!
From everyone @dwyl, all the very best for 2017! โค๏ธ โ
๐
I promise that it will be the easiest way you've deployed a function as a web API. ๐
Expect pricing to be out and solidified soon. I will definitely post an update here when we're ready! Thanks so much for the feedback, we live and die by our developers, so I want to make sure everybody's voice is heard.