Challenge #1 - Architecture Self Review

Designing a Holiday Rental Property Management Tool

Welcome to the 103 new subscribers who joined in the last week!
Thank you so much for your early support! I never expected it to grow this quickly!
If you have any feedback on this challenge series and these review questions, please let me know!

Merry Christmas!

I hope you’re all having a great holiday season. This is part 2 of the first architecture challenge. I hope you all enjoy this episode and it helps you take your architecture to the next level!

Serverless Christmas Tree!

Architecture Self Review

Learning to design software architecture on your own is hard for two main reasons:

• You get tunnel vision. It’s incredibly hard to see your designs from another perspective once you’ve designed something. This means you’re less likely to find ways to improve it.

• You don’t know what you don’t know! AWS and Serverless have lots of limits. Some of them are soft limits, but some are hard limits that you can’t change. If you don’t know that a DynamoDB record is limited to 400KB then you might design a solution that has growing records and won’t realise that

This is one of the reasons that I started this architecture challenge. To expose you to more designs and patterns - but explicitly pointing out where different limits will affect your architecture.

The questions and things to watch out for will help you look at your architecture from a different angle and point out things to watch out for (service limits) that you might not have thought about, or even known about.

---

Submit Your Architecture

Since launching the challenge just a week ago I’ve already had multiple people reach out and ask how they can submit and share their designs. If this challenge series goes well then I want to open a full community where people can upload and discuss their architecture.

For now, I want to enable community discussion and peer review. I’ve created a Git repo where people can upload their submissions for each challenge. To submit, follow these steps:

• Fork the main repo (https://github.com/SamWSoftware/ServerlessArchitectureChallenge)

• Clone your repo locally

• Add a folder to /{Challenge Number}/submissions/{Your Name}

• Put whatever you want into that folder. Ideally an architecture diagram (png would be great) and some notes on how the architecture works and your process to get there

• Push your changes

• Create a PR into the main repo

If you want to view and discuss other people’s submissions then check out the open PRs.

If you have anything you would want to see in a future Serverless Community, let me know!

---

Review Questions

After all of that, let’s get onto reviewing your architecture. Go through all of these questions and answer them for yourself. Some of them will be simple one or two-word answers, others will require a more detailed answer, and some may even require extra research, diagrams and notes.

Hopefully, some of these questions will highlight limitations in your architecture or ways you can improve your serverless architecture knowledge and skills. Limitations in your architecture aren’t bad - as long as you understand them and accept them.

Default Questions (Well-Architected Framework)

To start we have a set of questions that are generic to any type of architecture, serverless or not. These questions will be part of every self-review and are a great starting point. If there are any other questions you’d add to this list, send them over to me!

Security:

• How do you secure your data in transit?

• How do you secure your data at rest?

• How is your architecture protected against malicious intent?

  • APIs

  • Storage ( database and file storage )

Reliability:

• How would your infra react if an availability zone went offline for an hour?

  • Would your application still be usable?

  • Would there be any temporary or permanent loss of data?

  • Would that be acceptable?

• How would your infra react if a whole region went offline for an hour?

  • Would your application still be usable?

  • Would there be any temporary or permanent loss of data?

  • Would that be acceptable?

• How would your application react if your traffic increased 10x in 5 minutes? (An advert plays on tv)

  • Would your compute and database scale up to handle this quick increase in traffic

  • Might you hit some service limits?

• If a developer added a recursive bug to the code that caused memory usage to spike, how would your application handle it?

• What would happen if your database was corrupted or accidentally deleted?

Performance:

• Might anything in your application cause user requests to fail to meet latency requirements?

• How do you configure and optimise your compute resources? (EC2 instance type / Lambda memory)

• What should the team be monitoring to ensure optimal performance?

Cost Optimisation:

• What is the rough cost to run this application?

• What is the most expensive component of your application?

• What designs/patterns have been implemented to optimise costs?

Sustainability:

• How does your architecture make the most of user usage patterns to improve sustainability?

Project specific questions / things to watch out for

• How accurate is your scheduling method? If a visitor gets there but still hasn’t been sent the key lock code then they’ll be very annoyed. (DynamoDB TTL method for scheduling is only guaranteed to 48 hours).

• What if the email to the cleaning crew fails to send? Have you overwritten the current code so no-one can unlock the key box?

• If you’ve used DynamoDB, what is your schema so that you can effectively query the bookings by property or by owner?

• What ongoing maintenance tasks are there to maintain this app? Is this too much for the founder to handle on their own?

• How are you ensuring that one of the rental owners can’t access the properties and data of another owner?

• At the requested scale the application might be over 300,000 bookings a year (400 owners, 15 properties, 50 bookings per year). How does your architecture handle this? Take note of limits in your email service provider and auth platform.

• You are asked to add a feature. When there is a cancellation or a booking slot that has not been booked, the owner wants a button to send an email to all people who have previously stayed there. How complicated would it be to extend your current architecture to handle this?

• A hotel chain hears about the app. They have 80 hotels, each with around 400 rooms. The hotel chain needs more fine access control. They need three new roles: chain manager, hotel manager and hotel employee.

  • How complicated would it be to extend your current architecture to handle this?

  • Are there any known limitations in your current architecture that could become an issue with increased scale?

---

What happens next?

Now that you’ve critiqued your own architecture, there may be things that you want to update or change.

But the best kind of feedback is still going to be peer review.

Upload your architecture and create your pull request into the github repo.

Then look through other people’s designs. Take note of where they’ve done things differently and why. It’s always amazing how much you can learn from other people.

Next week I’ll send out the third email for this challenge - my architecture. I’ll give my diagrams, as well as a breakdown of my thought processes and the considerations and limitations that I’ve accepted in my architecture.

Tips for giving feedback

When giving feedback on other people’s architecture please be considerate. Some people will be serverless experts, some people will be designing some of their first realistic serverless architecture. Anyone being a dick will be blocked from commenting on the repo.

If you do see possible issues with someones design, try phrasing it as a question instead of a statement:

Bad - Your architecture won’t work. EventBridge can’t directly invoke SES.

Better - Is EventBridge able to directly invoke SES?

Bad - You shouldn’t directly invoke a Lambda from another Lambda.

Better - Why have you go a Lambda directly invoking another Lambda? Are there any limitations or drawbacks to doing it that way? Have you considered X pattern?

This is a much nicer way to get feedback, but also protects you if you’ve got something wrong.

---

If you like the idea of this Serverless Architecture Challenge then please share it with your friends and colleagues.

If you have any feedback, please email me at sam@completecoding.io

Good luck!

Sam