The dream of any product owner is fully customizable production software without the expense of paying for the hardware it rests upon. While the cloud and infrastructure as a service (IaaS) partially deliver on this promise, a completely serverless infrastructure would be much closer to this dream. From a product owner’s perspective, the possibility of deploying a public-facing application without investing precious dollars and time on infrastructure is tantalizing.
While not completely free of infrastructure, serverless infrastructure significantly reduces overhead costs by abstracting away physical hosting, physical security, server maintenance, and OS patching. Additionally, the flexibility of a serverless implementation is much greater than physical infrastructure, or even IaaS, as you pay only for what you use—at hundred-millisecond increments, on some platforms.
So, what exactly is serverless infrastructure? The answer varies slightly from provider to provider, but here is a short explanation. “Serverless” does not mean the absence of servers; it refers to the fact that the application owner does not need to know much about the underlying servers their software is running on. The serverless infrastructure provider abstracts away all the details about the infrastructure so your team can focus its efforts solely on delivery of new functionality instead of server maintenance.
For instance, a typical static web server is replaced by a blob hosting service, a database instance is replaced by a hosting providers database service, user management is handled by the provider’s single sign-on (SSO) and login solution, etc. All your DevOps team has to do is upload your application and content.
You do not need to worry about server patches, upgrading environments, reboots, adding additional resources to handle more load, spinning up additional needed services, or dealing with hardware failures.
Serverless infrastructure also gives us other technical and business advantages. First, you don’t need to hire twenty-four-hour on-call operations support just to keep the infrastructure running. This shrinks your technology footprint, meaning you can focus more resources on delivery and your DevOps team.
Serverless infrastructure does not eliminate the need for security experts, but it does allow you to trust your cloud provider for a large portion of your security needs. The cloud provider filling this role lets you hire only what you need to secure your application code and configure the cloud services properly.
Similarly, serverless infrastructure will not eliminate the need for cloud engineers, but it reduces the number you need so that they are only managing the abstract cloud services in relation to your application, not a myriad of infrastructure responsibilities that you used to need, such as auditing, monitoring, and patch compliance.
Overall, the main advantage is that you can hire fewer specialists not related to your application domain and let your provider handle most aspects of your infrastructure, allowing your team to focus on tasks directly related to feature delivery.
What does not go away with a serverless infrastructure is the need for proper automated testing, continuous integration (CI), continuous delivery (CD), and a DevOps mindset. Giving a developer unfettered access to production code almost never ends well. While they may fix whatever immediate issue is at hand, that easy-access cloud editor that can change production code will also allow defects to creep in. But there are tools that can help eradicate defects during delivery by gating code with automated static analysis, unit tests, and even functional UI tests.
Additionally, by committing to a CI/CD paradigm, the code is going to reside in an appropriate source code management tool, creating an audit trail of who changed what and when. By properly integrating and testing your application during the delivery process, you can decrease the number of production issues and allow your software developers to focus on new functionality.
However, there are also some disadvantages to using serverless technology. You are ceding two very important things to your cloud provider: choice and control. While you no longer need to worry about the underlying details of your application servers, you are very limited in how you access your application and server setting.
You are only going to be able to use technologies that the cloud provider you have selected offers, which can lead to vendor lock-in. Currently, serverless offerings are not compatible between providers, so if you are not satisfied with a particular serverless infrastructure provider, you are out of luck because nothing you have will work as is on another provider’s environment.
Serverless infrastructure is a way to absolve a project from the responsibility of managing hardware while simplifying infrastructure management, but it does not give product owners a free pass to ignore development and delivery best practices. Strong CI/CD automation and a DevOps mindset can help amplify the value of serverless infrastructure without significantly slowing down new feature implementation. After all, the technology is “serverless,” not “peopleless.”
User Comments
Very helpful overview, gives me the right level of understanding that I required. Thank you.
Another consideration is that serverless does not permit one to manage container images. A container image is an immensely valuable configuration artifact - one can scan it, one knows what is in it, it contains all the pieces of a runtime, and one can deploy it as a unit in an appliance-like manner. Serverless foregoes these benefits. The chief benefit of serverles is that one does not have to perform container orchestration, but for a sophisticated shop, that is of questionable benefit. Also, serverless promotes a very granular architecture, which sounds nice in theory but in practice can lead to version management hell. And Glenn is right about the lack of compatibility between serverless offerings, although there are frameworks that will probably eventually become standards.