2019 was the year of learning for the Thundra team. We’ve met with early adopters of serverless, learned a lot from them and witnessed the acceleration of serverless adoption with both greenfield and lift-and-shift projects. We had the chance to improve Thundra by focusing on feedback and inputs coming from our customers. For example; we observed that debugging serverless functions is the biggest pain point yet waiting to be addressed. Likewise, We come across development teams using pure serverless very rarely while it’s more common to see serverless applications and resources talking with non-serverless workloads. Finally, we saw that using multiple tools for monitoring, security and debugging for serverless applications tends to cause problems for the developers because the tools can create conflicts during deployment and operation.
We’ve addressed, keep addressing, and will address the pain points of both serverless developers and enterprises by removing any obstacles. At an important milestone with our Series A funding today, I’d like to explain why Thundra is crucial to increase developer productivity and efficiency for any team developing cloud-native applications with serverless and container technologies.
How does Thundra work?
It’s simple and smooth to get started with Thundra and discover the bottlenecks in your cloud-native architecture. You can get started with Thundra either directly by signing up to console or from AWS Marketplace. Connecting Thundra to your AWS account and instrumenting your applications with Thundra’s client libraries is sufficient for Thundra to generate performance and security insights. You can either use Thundra’s default alerts on key metrics or set up your own alerts built on Thundra’s powerful query engine.
Thundra instruments the applications developed in Java, Node.js, Python, Golang, and .NET. Thundra can be used for applications that run not only on AWS Lambda but also on other platforms such as AWS Fargate and Amazon ECS and even on Kubernetes. You can forward the alerts generated by Thundra to your preferred incident management platforms such as Opsgenie and PagerDuty or to the Amazon Eventbridge to trigger your own way of responding issues.
What problems does Thundra solve?
We aim to help developers from development to production with our features easing debugging, monitoring, troubleshooting and securing the serverless-centric applications. Let’s go over Thundra’s core capabilities.
Debug the serverless applications remotely
According to the recent survey, debugging is the top concern for application teams developing with serverless. Abstracting the compute and storage resources away to the cloud makes it impossible to debug the applications as they are running. The solutions in the market are motivated creating a so-called AWS environment on the local computer. However, such solutions lack two important factors:
- These solutions either mocks or runs again the local replicas of the AWS resources. This is generally very far away from reflecting on the real behavior of the cloud environment.
- When you debug on the local instance, you can’t simulate the permissions of the AWS Lambda functions.
Thundra’s remote debugging solution addresses both problems by enabling debugging on the real AWS environment. In this case, the execution of the serverless applications on AWS is paused by Thundra, and the developers debug the application natively on their IDEs such as VSCode or Intellij IDEA. In this way, developers can effectively figure out how every line of their application works in their development environment. This is a significant improvement considering the round-trip time to debug the application with the logs.
Monitor your serverless and container workloads
With cloud-native applications, the wise way to monitor health is not to check the big screens with many charts fluctuating. Well, unless you have a big enough screen where you can check all the metrics for all hundreds of small microservices. Application teams need to have a holistic approach to “understand” the behavior and maintain the health of their applications. Thundra provides a topological view that lays out all the applications and resources in the same project. The compute resources can be either serverless functions, or containers and even VMs while the non-compute resources can be queues like Kafka or SQS, or streams like Kinesis, caches like Redis, data resources such as MongoDB, ElasticSearch, DynamoDB and so on. In such a view, it’s an at-a-glance task to discover the local discrepancies and their impact on the overall system. In the image below, you see a hybrid (serverless and containers) architecture with all green edges and nodes indicating that it’s all healthy. Using such a view is the correct way of ensuring harmony in your distributed environment.
Troubleshoot fast and get back to coding
Incidents happen. The best way to respond to these is to have sufficient observability in place. Thundra is the only provider that can show the root cause of the error, the impact on customer experience (if any) by both showing the asynchronous messaging between systems and pinpointing down to the line of code of the issue. In the following picture, you see that the error in the Lambda function at the bottom of the screen didn’t cause the whole transaction to fail but there’s something to check in the local error. You can understand the problem by diving into it and see how the values of variables changed line by line.
With Thundra’s flexible querying mechanism, you can define what an incident looks like for you. In this way, you can save queries as alert policies and run it against your data and forward the alerts to your favorite incident management platform such as Opsgenie or to Amazon Eventbridge to take automatic actions for the issues.
Maintain application security and compliance
Security is still a concern with serverless applications even though they are managed by the cloud vendor. The application itself is open to any threats and can exhibit malicious behavior. Application teams can safely accelerate software delivery by incorporating security from Thundra into their CI/CD workflows and runtime environments. Teams are relieved of the time-consuming task of repeatedly ensuring controls are in place and providing ongoing proof to auditors. New security and compliance controls provide whitelisting or blacklisting of services to apply consistent frameworks for adherence to PCI, HIPAA, SOC2, NIST, or other security or compliance policies. Thundra automates the typical manual efforts to prove to auditors that controls are in place to meet ISO27001 or other standards as well as the ongoing enforcement of controls to meet SOC2 or other standards.
With Thundra’s active guardrails, you can be sure that there won’t be any breach and data leakage out of your application.
What are we planning to do next?
We enjoyed being busy last year and there are many other great features that I didn’t dive into such as active anomaly detection on several metrics (invocation/error count and duration) and easy log search with wildcards, and so on. We are proud of the current status of Thundra but this is definitely not the limit defining the things that we want to achieve.
In the following year, we will continue our expansion on non-serverless tracing for other workloads such as Kubernetes. This is fairly important because, at any phase during serverless migration, there will be some serverless parts talking with the legacy parts of the big system. Showing the interaction between these resources is crucial for big enterprises adopting serverless.
We’ll also deepen our capabilities with application security; with active control of the event data to the application and generating and applying least privilege IAM permissions for AWS Lambda functions and many more.
While all of this happens, we won’t leave the observability out of the game. We are planning to come up with custom dashboards and reports, unique transaction metrics, management and many more.
We’re very proud of the current status of the product. It’s flattering to see the big support from our investors in our Series A funding. This really encourages us to deliver the highest value to the application teams for delivering and maintaining modern applications. We are excited about the hard work that we will put on the table to make Thundra even more awesome. For any question or feature request, please reach us out via firstname.lastname@example.org or shoot a message from Twitter.