A crash course in building the Serverless API using Express and MongoDB

Today, the Serverless architecture has become a fantastic tool in a variety of technical contexts. We are using the Serverless architecture to develop data processors, chatbots, application apis, and more.

Today, I’ll walk you through creating a production-ready Express API on AWS Lambda using persistent MongoDB data stores. You can build Express applications on AWS Lambda and use MongoDB with ease.

As you can imagine, this is pretty simple — working with AWS Lambda is a lot like working with a small Node.js runtime environment, with a layer of abstraction for everything but the code.

Let’s get started!

To make a long story short

You can skip to the part that interests you (which hurts my feelings), or you can go straight to the chapter order.

Installation project
Create the database on MongoDB Atlas
Installing dependent libraries
Write a program
test
The deployment of
The load test
monitoring
conclusion

Installation project

What we get after engineering installation is engineering minimization of the structure. However, it still has everything you need to continue adding functionality to future production applications. To introduce to you, THE final layout of the project after installation is shown below:

As you can see, this is a fairly simple API for annotations with CRUD logic, but it gets the job done. Ok, enough said, let’s get this project going.

1. Install the Serverless framework

First you need to install and configure the Serverless architecture. This is a simple command-line tool for development that makes it very easy to deploy projects.

$ npm i -g serverless

Copy the code

You have now installed the Serverless library in your machine’s global environment, and its commands are now readily available on your terminal.

Tip: If you are using Linux, you may need to add sudo.

2. Create an IAM user on your AWS Console

Open your AWS Console and click on the Service dropdown in the upper left corner of the page. You’ll see many services. Type IAM in the search box and click on the search results.

You will be redirected to the IAM home page to continue adding new users.

Give your IAM user a name and select the Programmatic Access check box and click Next.

Now you can grant your new user a set of permissions, because we want Severless to create and delete various resources on our AWS account, so please check the AdministratorAccess section.

Keep going and we’ll see the user created next. Now, and only now, you have Access to the user Access Key ID and private Access Key. Make sure you fill them out, or download the.csv file on the page. At the same time, you need to keep these files safe from anyone else. Although this is a demo, I’ve blurred them out to make sure you understand the seriousness of the security that protects them.

With this done, we can finally start adding encryption keys to the Serverless configuration.

3. Add the IAM key to the Serverless configuration

Very good! After saving the key, you can set up Serverless to access your AWS account, and we switch back to the terminal and type this in one line:

$ serverless config credentials \
  --provider aws \
  --key xxxxxxxxxxxxxx \
  --secret xxxxxxxxxxxxxx

Copy the code

Hit enter! Now that your Serverless knows which accounts to connect to when running any terminal command, let’s see it in action.

4. Create a service

Create a new directory to place your Serverless application service, open the terminal there, and you are now ready to create a new service.

What we call services are AWS Lambda functions defined in a file called serverless.yml, where the events that trigger them and any AWS infrastructure resources they require are stored.

Go back to the terminal and type:

$ serverless create --template aws-nodejs --path sls-express-mongodb

Copy the code

The create command creates a new service. We need to choose a runtime environment for this method. Let’s call this template. Passing AWS -nodejs will set the runtime environment to Node.js — which is what we want. Path creates a new folder for the service. In this example, we’ll name it SLS-Express-mongodb.

5. Use the code editor to browse the service catalog

Open the SLS-Express-mongodb folder using your favorite code editor. There should be three files there, but for now we’ll just focus on serverless.yml — it contains all the configuration Settings for this service, including general configuration Settings and configuration for each function. Your serverless.yml file is currently filled with boilerplate code and comments that you can remove and paste in at will.

The functions property lists all the functions in the service. We just need one function so that our entire Express application will be packaged into this single function, where the Handler indicates which function. Our final application will have a server.js file with the run function (I think this step is simple enough).

Now let’s look at these events, which are acting as a proxy for routing, meaning that every request that hits an HTTP endpoint will be proxyed to the internal Express router, which is cool.

We also have a custom section. This custom section can safely load environment variables into our application. We can import these variables using the format ${self:custom.secrets.< Environment variable name >}, where the actual values of the variables are stored in a simple file called secrets.json.

Finally, we have the Serverless-Offline plug-in for offline testing.

Create the database on MongoDB Atlas

Ready for more configuration? Okay, no one likes this part, but I can’t help it. Let’s go to MongoDB Atlas and register.

The account is free and does not require a credit card, so it will be the sandbox we need for development. After setting up the account, open the account page and add a new organization.

Choose a name you like, press Next and continue to create the organization.

good We are in the organization page, please press the New Project button.

This will open a page to name your project. Just type the name you like and click Next.

MongoDB takes permissions and security very seriously, so Atlas will show you another administrative permissions page. We can now skip it and create the project.

Ok, let’s start creating the actual cluster! Press the big green “Build New Cluster” button. This opens a huge cluster creation window. You can leave everything as default, just make sure you select the M0 instance size, and then disable backup. As you can see, the price of this cluster will be free. Pretty good. That’s it. Click Create Cluster.

Once the cluster is created, add an administrator user to the cluster and give him a strong password.

Now that you just need to enable access from anywhere, we move on to the IP whitelist.

Your cluster will take a few minutes to deploy. While deployment is in progress, let’s start installing some dependencies.

Installing dependent libraries

This step is one of my favorite parts of any project. We need to make sure this step is done correctly so that it can go smoothly.

$ npm init -y 
$ npm i --save express mongoose body-parser helmet serverless-http 
$ npm i --save-dev serverless-offline

Copy the code

First, we are installing production dependencies, as you are no doubt aware of Express, Mongoose, and BodyParser. Helmet is a miniature middleware designed to protect your endpoints with appropriate HTTP headers. However, the real power lies in Serverless’s HTTP module. It creates the proxy in the Express application and packages it into a single lambda function.

Finally, we need Serverless offline to test our application locally. And then, how about we write some code?

Write the code

It’s about time! Let’s get started.

1. The new server. Js

First, we need to rename the handler.js file to server.js. Here we’ll just run the logic of the lambda function using the Serverless-HTTP module.

As you can see, we need the Serverless-HTTP module and export a function named run. This will save the value of the Serverless-HTTP instance and pass our app as a parameter. That’s all we need to package our Express application as a lambda function! Very simple.

2. Add private variables

Next, create a secrets.json file to hold the environment variables.

To get the connection string for the Atlas cluster, navigate to the cluster dashboard, and then press the gray Connect button. Follow the instructions to make sure the URL looks like the string above.

3. Create an Express application

Now we are ready to write the actual Express application.

Create a new folder in the root directory named lib. Here, you need to create an app.js file and a db.js file.

Installing Mongoose significantly simplifies the connection to the database. That’s what we need.

Tip: process.env.db is set in secrets.json and referenced in serverless.yml.

After adding the db.js switch to the app.js file, paste it in the code snippet below.

If you have ever used Express, you will be familiar with this. We need to import all the modules, use the middleware, import the database connection we just created and the route binding to the/API path, but we haven’t written any routes yet. So, let’s get started!

4. Add a route

In the lib folder, create a new folder called Routes. It becomes the basis for all routing in the application. Create an index.js file in the Routes folder and paste this code snippet.

Now we can add any other routes to this file without affecting any other Settings, which will make things a lot easier.

5. Write CRUD logic

We’ve reached the most interesting part. As you can see in the index.js file above, we need a notes.controller.js file to define CRUD operations. Well, let’s create it.

First, however, we need a Notes API model. Create a Notes folder in the Routes folder and create two additional files named note.js and notes.controller.js. In note.js, we will define the model for note.

With a title and description, our example can be expanded. Moving on, we’re ready to add the CRUD logic, open notes.Controller.js, and paste the code.

Make sure you don’t forget to introduce the Note model at the top of the file. Other than that, it’s pretty simple. We use the Mongoose model method to create CRUD operations. Of course, using async/await syntax is very comfortable, and you should also consider adding try-catch blocks around await operators. But in this case, this simple example will suffice.

That’s it for code. We’re ready to run some tests!

test

I prefer to test my applications locally before deploying them. That’s why I’ll quickly show you how to complete the test using the Serverless-Offline module. Because you have installed it and added it to the plugins section of serverless.yml, you can start local emulation of API Gateway and AWS Lambda on your local computer by running a single command.

$ sls offline start --skipCacheInvalidation

Copy the code

Tip: Run SLS at the root of your project and you’ll see a lot of commands. SLS Offline and SLS Offline Start should be available if you have configured them correctly.

To make it easier for you to use this command, add it to the NPM script of package.json.

After adding, you can run the command NPM run Offline directly, which is cleaner and easier to remember. Go back to your terminal and run it.

You will see the terminal telling you that the local server is started on port 3000. Let’s test it out!

To test my endpoints, I usually use Insomnia or Postman, and you’re certainly free to use whatever you like. First, start adding a note by clicking on the POST endpoint.

Very good! It works as expected. Continue to try the next GET request.

Still true. Now, go ahead and try all the other endpoints. Make sure it all works, and then let’s get ready to deploy it to AWS.

The deployment of

Would you believe me if I told you that deploying the API required only one command? Well, that’s the way it is.

$ sls deploy

Copy the code

Go back to the terminal, run the command above and wait patiently. You will see several endpoints appear on the terminal, and these are the endpoints of your API.

In the same way, as I showed above, test these deployed endpoints again to make sure they work.

Next, you might notice that you only deployed the API to the development phase. So, we also need to change NODE_ENV and deploy it to production. Open the secrets.json file and change the second line to:

"NODE_ENV": "production",

Copy the code

This sets the environment for your Express API to production and sets the stage to production. Before we deploy the API for our production environment, let’s delete the node_modules folder and reinstall with the –production option.

$ rm -rf ./node_modules && npm i --production

Copy the code

This ensures that only the dependencies specified in the dependencies list in package.json are installed and not the dependencies in the devDependencies list.

You only need to comment out the plugins section of serverless.yml before deployment.

Continue to deploy using the same commands as above.

$ sls deploy

Copy the code

The load test

If we didn’t do any load testing, this would not be the right tutorial for setting up the production environment API. I prefer to use a small NPM module for load testing. It is called loadTest and can be installed with a simple command.

$ npm i -g loadtest

Copy the code

Tip: Linux users may need to use the sudo directive.

Let’s step up the load. The command we want to run is 10 concurrent users requesting 100 hit/API /notes paths using GET.

$ loadtest -n 100 -c 10 https://<id>.execute-api.eu-central-1.amazonaws.com/production/api/notes

Copy the code

It took about five seconds to respond to all these requests without error. You can rest assured that whatever size of API you end up having will automatically scale to the size you need and serve your users without any problems. The following is a log overview of this load test.

The monitoring tool is called Dashbird. Let’s set it up so that you can properly monitor the API as well.

monitoring

For the Serverless architecture, the flaws in the engineering overview and lack of sufficient insight into what is going on in the application are real problems. There are several products that can really help alleviate this hassle — Dashbird, Datadog, Serverless, IOPipe, and so on.

Now that you’ve quickly started using the Serverless framework above, let’s set up Dashbird. You can visit the official documentation for a quick start or follow my guide below.

1. Register

Logic dictates that we should register first, creating an account instead of a credit card.

After registering, you will be redirected to the Getting Started page where you need to add an ARN for the IAM role. Fortunately, however, the Dashbird developers have created a CloudFormation stack for us, which makes creating IAM roles very easy.

2. Create new AWS IAM roles for Dashbird

After registering, you will be redirected to the Getting Started page.

Click the link to create a new CloudFormation stack and follow the steps.

All you need to do is click on the next step until you reach the check box named I confirm THAT AWS CloudFormation may create IAM resource box, select and create stack.

After creating the CloudFormation stack, you will see it in the console. Here, you simply copy the ARN of the DashbirdIntegrationRole.

How about that? Is that easy?

3. Set Dashbird using the created role

All you need to do is paste the ARN of the character copied above, and you’re ready to go. Dashbird checks to see if it can access your AWS account. If everything is set up correctly, you will be redirected to the application. The log will start recording in one minute.

Be sure to check your functionality and check that the tests you perform are visible on the diagram. This way, you’ve built a production-ready API that makes it easy to deploy and monitor your applications. Give yourself a round of applause!

conclusion

It was a fulfilling adventure! You have created a production-ready Serverless API. Using the Serverless architecture can be a bit difficult — especially for services you’re not used to, such as Lambda and API Gateway.

The method I showed above is the one I usually use. With my approach, you can make the transition to the Serverless architecture easier, using Node.js and the frameworks, modules, and middleware you’re used to.

We’re lucky to have development tools like Serverless Framework and observation tools like Dashbird that make the development process easy.

If you missed one of the above steps, take a look at the project’s codebase, which contains all of the project’s code.

If you would like to read some of my previous thoughts on Serverless, please visit my profile or join my newspaper team!

Or, by the way, check out some of my other posts:

Solving invisible scaling issues with Serverless and MongoDB
How to deploy a Node.js application to AWS Lambda using Serverless
Getting started with AWS Lambda and Node.js
A crash course on securing Serverless APIs with JSON web tokens
Migrating your Node.js REST API to Serverless
Building a Serverless REST API with Node.js and MongoDB
A crash course on Serverless with Node.js

I hope you enjoyed this article as much as I enjoyed writing it. If you like it, please give it a like and more people on Medium will see it. Finally, let’s be curious and have fun.

This article was first published by dev.to.