Serverless has been around for a few years now and has generated a lot of developer curiosity and interest. I wanted to learn more and find out how it has evolved and what it can do for businesses today.
Here is my basic primer on serverless
Although I refer to AWS Lambda and associated services here, Microsoft and Google have serverless services in general availability too.
What is serverless?
Serverless means no servers – no VMs, no containers. You run your code and then get your results back. Think of it as compute-as-a-service. Small, discrete chunks of code (say, functions) can be executed in discrete steps, as needed, and you pay for those discrete usages of the service. After each execution, you will need to write your state information somewhere (say, S3 or SNS) since serverless also means no persistent storage.
Importantly, serverless implies – no underlying infrastructure that needs to be provisioned, sized, configured, designed, scaled, patched, monitored, or managed by the developer.
Here is an example of what you can do with serverless.
Say you are building a service that provides ad-words recommendations to businesses based on whatever is going on today in the world. So your service monitors twitter trends and identifies what is buzzy today, and then your service automates the creation and placement of Ads for specific AdWords, thus providing a less-expensive but potentially more effective ad campaign for your clients that use your service. (now that I think about this for a couple of mins, this idea may not be terrible :-))
You could code all this logic up and run it on EC2 servers with auto-scaling groups or have it run on containers, but then you would end up with servers/containers to configure for the following – high-availability, scaling, orchestration, hygiene, monitoring, operations, etc. All the “server stuff” that needs to be taken care of.
You could also code all this logic up using serverless components and end up with no or substantially fewer servers to manage. Just your code doing its thing.
Is serverless reeeally 🙂 serverless?
You still need processor/memory/IO to run your code. In the past, you would instantiate a server to run your code. With serverless, you can just run your code. The functionality of the server is abstracted for you.
Why should you care about serverless?
It provides new ways to build your applications. This new way may be more performant, easier to manage, less expensive. Going serverless also allows you focus on the business problem – more lines of code towards features & functions, less towards configuration & management of infrastructure. serverless architecture lends itself well to event-driven workflows that have high volatility volume (extremely spiky).
People have now built several large businesses ($10M+ rev) powered pre-dominantly by serverless architecture with meager EC2 expenses
Is serverless an all or nothing thing?
No. Parts of your application can be serverless, and parts of your application can be run on servers. The idea is – the fewer servers you have, the less infrastructure-footprint you need to manage
How is serverless different from containers?
Containers are light-weight, but you are still responsible for configuring and managing the orchestration. In the case of serverless, the management overhead of the underlying infrastructure is lesser than containers.
What are some popular use-cases where serverless is being used?
Anything event-driven tends to be a good use-case for serverless. The object gets uploaded to S3, and you can trigger a Lambda function to process the object. Think image-processing, video-transcoding, etc. Lambda scales with your load, and you pay for what you use
Is serverless only for greenfield applications?
Serverless is definitely a very modern way of building applications. Most deployments today are using serverless for greenfield applications. Many organizations have started peeling off parts of their monoliths into smaller serverless modules
How does security work for serverless applications?
Similar to the way it works for microservices applications. You are responsible for managing secrets and securing your data. Authentication, payment-processing, access-controls, logging – all of these foundational and critical functions still need to be architected and integrated securely into your code. Because the architecture is micro-services-based, you can plug into modules providing those services via APIs.
Do you have to be in the Cloud to be able to do serverless?
No. There are serverless frameworks available now that allow you to deploy serverless architectures on-prem. Say you are a large enterprise with regulatory requirements for on-premises data storage. But on-prem – you own and manage all that infrastructure.
What are the serverless services from AWS?
Compute –
· Lambda (very widely used AWS serverless service)
· Lambda@Edge – run Lambda functions at the Edge based on CloudFront events
· Fargate – serverless container orchestration engine
Data Stores –
· DynamoDB
· Aurora Serverless (provisioned DB clusters)
API Management –
· API Gateway – fully managed service that scales automatically based on traffic volume
There are several other services that meet the broad definition of serverless “no infrastructure to manage by the developer and scaling is not something you have to configure…” – SNS, SQS, AppSync, Kinesis, Athena, etc.
As new architectures and design patterns evolve and iterate from the widespread deployment & usage of the Cloud, it is clear that newer and better applications can now be built in business-friendly ways.
What does business-friendly mean?
No upfront investments, ability to scale up if and only when needed, ability to scale down immediately and stop paying, pay-as-you-go, robust and dependable. More customer-impact for fewer dollars.