Best Practices for Working with Alibaba Cloud Function Compute

By Juv Chan, Alibaba Cloud Tech Share Author. Tech Share is Alibaba Cloud’s incentive program to encourage the sharing of technical knowledge and best practices within the cloud community.

Serverless computing, or more simply Serverless, is ranked the 2nd Most Loved Platform in the Stack Overflow Developer Survey Result 2018, with more than 100,000 developers participated globally. Based on the CNCF Serverless Cloud Native Landscape 2018, the major Serverless — Hosted Platforms providers have a total market capitalization value of $3.01T.

It is clear that Serverless is not only gaining more popularity among the developers, it is also getting more commercial adoptions, growth and support from the industry.

Figure 1. CNCF Serverless Cloud Native Landscape 2018

What Is Alibaba Cloud Function Compute?

This article aims to discuss and share about some of the hands-on best practices and their justifications on working with Alibaba Cloud Function Compute from a developer’s perspective. Some of the best practices are common best practices which could also be applicable to other serverless compute service providers while some are only specific for Alibaba Cloud platform.


Best Practices

1. Use Serverless Framework for Deploying Serverless Functions to Function Compute

Provider Agnostic
Allow users to build, package, test and deploy the same serverless service and function(s) in the same behaviour for all serverless cloud providers which are supported by the Serverless Framework. Users no longer have to rely on provider specific SDKs which makes migration to other providers difficult and time-consuming.

Extensible with Reusable or Custom Plugins
Serverless Framework Plugins allows the users to extend or overwrite the framework core functionalities. Community contributed plugins repository is available for public use and contributions.

Support serverless functions written in NodeJS, Python, Java, Go, C# or Scala.

Strong Enterprise & Community Support
Serverless Framework supports most of the major serverless cloud providers, provides solid documentations, examples and contributions from the global serverless community

Note: At the time of writing, Alibaba Cloud is still not one of the Serverless Infrastructure Providers officially supported by the Serverless Framework yet. However, Alibaba Cloud has already provided examples on how to use the Serverless Framework and also the Serverless Alibaba Cloud Function Compute Plugin for deploying serverless infrastructure to Alibaba Cloud Function Compute.

2. Avoid Using Access Key from Root User Account for Function Compute API Calls

It is important to highlight that Alibaba Cloud has published the Alibaba Cloud Account Security Best Practices which strongly recommends to avoid creating any Access Key for the root user account.

3. Create an API User Account for Function Compute API Calls

Figure 2. Example RAM User for Function Compute in Alibaba Cloud RAM Console

To learn more, user can refer to the RAM Best Practices by Alibaba Cloud in the aspect of logon verification, account authorization and permission assignment.

4. Apply the Principle of Least Privilege for Function Compute API User Account

For the RAM user or user group for creating and managing Alibaba Cloud Function Compute, the recommended least-privilege authorization policies are as follows:

  • AliyunFCFullAccess
  • AliyunRAMFullAccess
  • AliyunLogFullAccess
  • AliyunOSSFullAccess

Figure 3. Recommended Minimum Authorization Privileges Granted for Function Compute Full Access

If the user or user group only requires Read-Only access to Function Compute, the recommended least-privilege authorization policy is as follows:

  • AliyunFCReadOnlyAccess

If the user or user group only requires Invocation access to Function Compute e.g. to invoke serverless functions, the recommended least-privilege authorization policy is as follows:

  • AliyunFCInvocationAccess

5. Make Use of ActionTrail Service for Troubleshooting

The figure below is showing a list of events and the issues encountered by the example Function Computer API user during the development and experimental process which used the Serverless Framework CLI to build and deploy a new serverless service and function to Alibaba Cloud Function Compute.

Figure 4. Example of using ActionTrail for Troubleshooting

6. Avoid Writing Long-Running Functions

It is definitely more cost effective to write efficient serverless functions. Hence, the rule of thumb is that, whenever possible, refactor the large functions into smaller functions to optimize the execution duration.

7. Write Testable Functions

For example, isolate the core business logic from the function’s entry point handler.

8. Exception Handling and Logging

9. Use CloudMonitor to Monitor Function Compute Functions Metrics and Setup Alerts

  • Total Invocations
  • Average Duration (millisecond)
  • Function Errors
  • Function Errors Rate (%)
  • Max Memory Usage (MB)
  • Billable Invocations
  • Billable Invocations Rate (%)
  • Throttles
  • Throttles Rate (%)
  • Client Errors
  • Client Errors Rate (%)
  • Server Errors
  • Server Errors Rate (%)

User can also create new alarm rules and notification methods so that they can get real-time notifications whenever certain alarming issues occur for incident response and management team to take the necessary actions as soon as possible.

10. Minimize Deployment Package Size

Remove unnecessary dependencies packages especially those for development and testing only packages as they are not needed for run-time in the production environment.

This article is also published on Medium:


Follow me to keep abreast with the latest technology news, industry insights, and developer trends.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store