Every few years there is a new big thing in IT. Nowadays, all eyes are focused on Machine Learning (ML) and Artificial Intelligence (AI). At the same time, it seems that everyone got used to containers as the best way to deliver enterprise applications. What was hype a few years back, became our daily routine.
While containers addressed multiple pressing problems in their time, as an innovation, they were not very disrupting. From an organizational perspective, they just reinforced the division between developers and administrators. For sure, containers make less friction than previous solutions, which results in smoother continuous improvement and delivery process. That means fewer problems during releases and shorter time-to-market. So, what else besides better collaboration do they bring to the table?
To oversimplify, containers are just wrapping your old software in a standardized package, that is easier to handle by your admins in terms of dependencies and configuration management. However, the price tag is quite significant: more complicated build process and challenging administration of the specialized container-orchestration systems, which requires highly qualified staff.
What if there is a better way?
In 2014, AWS presented a new cloud service that revolutionized the way we think about delivering enterprise software. The AWS Lambda – a function as a service (FaaS) – together with multiple other cloud-native services started what we call now serverless.
What is this serverless thing?
Technopedia defines serverless computing as “a type of cloud computing where the customer does not have to provision servers for the back-end code to run on, but accesses services as they are needed. Instead, the cloud provider starts and stops a container platform as a service as requests come in and the provider bills accordingly.”
Why should I care?
Perhaps AWS Lambda and serverless in general, is most famous for its costing model, commonly referred to as pay-as-you-go. In serverless architecture, you don’t pay for idle resources. You only pay for compute resources when they are actively used, for instance, handling some user requests. You also pay for storage at rest (in AWS S3, DynamoDB or Aurora databases).
This characteristic alone can save significant amounts of money when applied to a suitable problem. Let’s consider a business application that is used only during office hours. In traditional architectures (using servers or containers), it generates costs even when users are not using it. On average, people work between 8 am to 6 pm, so the system is idle for 14 hours a day. There are also weekends. Simple math gives us the answer; the application is utilized at a 30% rate during a week. In serverless, you only pay for what you use. Your utilization rate is always 100%.
Furthermore, serverless almost literally means “worry about servers less”. While servers and containers are used underneath by the cloud provider to deliver the service, we – customers – don’t worry about that. In the same way as your WiFi at home is connected by cable or fiber to an ISP network. You don’t care about it, and enjoy the wireless Internet on your smartphone and laptop.
The absence of servers and traditional network architecture proofs to be of paramount importance in delivering software faster and cheaper. It saves a massive amount of programming and design work, thus shortening time-to-market, which is always welcome by your business stakeholders.
Moreover, in contrast to traditional architectures, serverless is natively highly-available and scalable. It means solutions that require abovementioned characteristics can be delivered faster and cheaper, as the cloud provider automates all the heavy lifting. You no longer need to create clusters and auto-scaling groups.
After releasing software, serverless also saves time needed for maintenance because the cloud provider conducts mundane tasks, such as server patching or security updates on the underlying infrastructure. In many cases, it completely removes the need for admin role in the project, because serverless doesn’t require so many network resources as virtual machines in the cloud.
It is also essential to know that serverless solutions can be much more secure than monolithic applications. Single monolith instance has to have all necessary privileges; it needs to know all the secrets (i.e. your database password, etc.) in order to work. Serverless applications are built of multiple single units (Lambda functions) that have only those privileges which they require to work correctly. Think about the serverless system as if it was a submarine composed of multiple compartments.
Should a Lambda function be compromised, an attacker gains access to only a few fine-grained privileges. The submarine does not sink as it is designed to survive flooding of a single compartment. In a monolith application, a single vulnerability can open access to everything. Thus, the damage of the breach is much more severe.
What brings us to…
In conclusion, serverless is something new that disrupts decades-long distinction between developers and administrators. It brings us much closer to each other and the real DevOps meaning. The developers are getting closer to the production environment and have the most significant impact on how it looks like, they decide which and how services are utilized. Those two roles intermingle. Perhaps the IT administrator role needs to be redefined as it may no longer exist in a few years’ time? That could be the most significant & unrecognized disruption which is happening to IT industry in recent years.
If You looking for help with Your cloud infrastructure governance or if You considering migration to cloud feel free to contact us.