ServerLess technology analysis, state of the technology as of December 2018, what needs to be done to build a complete, operational serverless platform for production
3. My first steps as a Developer
• My 2nd computer was an Apple2e,
back in 1984
• I started programming in Basic. My
first app was a RPG
• My RPG was waiting for actions from
the player to process the moves and
(eventually) spawn monsters
• A couple of years later, I switched to
the PC…
• …and started to learn C
• Today, nothing really changed,
ServerLess systems execute « event
driven apps »
5. The ultimate definition of Serverless comes from CNCF
"Serverless computing refers to the concept of building and
running applications that do not require server management."
“Serverless computing does not
mean that we no longer use servers
to host and run code; nor does it
mean that operations engineers are
no longer required”
6. ServerLess Platform
Do you do ServerLess or FaaS ?
• A serverless infrastructure is made of:
− A front end service called Function
as a Service or FaaS
− A « Backend as a Service »
delivering things like Database as a
service or Storage as a Service
• FaaS alone is not a ServerLess
platform…
Function as a Service
Backend as a Service
7. Function as a Service Platforms
• Head back to CNCF for a complete landscape of solutions
8. And the ServerLess world looks like it’s the New Apps Nirvana…
« I think you should be more explicit here… »
… and my functionappears, works,and is scalable
I push my code
to the ServerLess
system…
Then, some
Magic happens…
9. The Good, the Bad
and the Ugly about
ServerLess Today
Caution: “Spoiler Ahead”
10. • Good Candidates to ServerLess
− Asynchronous units of work
− Apps with unpredictable variance in scaling
requirements
− Stateless, ephemeral processes
− Highly dynamic apps that need developement velocity
− Execution of logic in response to database changes
− Analytics on IoT sensor input messages
− Data Stream processing
− Data Extract, Transform, and Load jobs
− Chatbots
− Scheduled tasks
− Machine learning and AI models
− Continuous integration pipelines
Use Cases for Serverless are Event Driven Apps
Not every application can be a candidate to ServerLess
"Functions are invoked
as a result of an event
triggered by an event
source"
11. The Challenges of ServerLess Operations
• The Good: No worry about the Infra, about OS
updates, about availability, about scalability
• Yes, of course, but:
− You think Public Cloud, What about On
Premises ?
− Do you really want to test in production? Think
« Near production »
− How do you know which Function impacts the
performance of your application ?
− How do you know which functions are really
used on your FaaS platform ?
App Performance
Functions LifeCycle Mgmt
Near Production Tests
12. The Challenges of ServerLess Applications Development
• The Good: Forget about the OS, Enhanced
Development Speed, Maximum agility
• Yes, of course, but:
− How do you know that your function does
not exist already ?
− What are exactly the boundaries of your
application ?
− Do you know who is impacted if your
function fail ?
− How to debug application logic issues ?
Functions Catalog
Application Mapping
App Logic Debugging
13. The challenges of ServerLess Security
• The Good: Yes infrastructure security
improves: Easy patching, less code means
less attack surface, stateless means no long
running attack
• Yes, of course, but:
− How to protect data ?
− How to secure functions access ?
− No way to implement network isolation
any more
− Function acceleration means, pre armed
functions, means long running processes
fn
Secure Access
Network Isolation
Data Protection
14. What really is a
ServerLess Platform
For Production
Thanks to Containers, and to the Ops Team
15. Putting it all Together: A production-ready ServerLess Ref. Architecture
Production
Function as a Service
Backend as a Service
Near Production
Function as a Service
Backend as a Service
ServerLessMonitoring&Logging
FunctionsCatalog
DevOps
Security (Function Access & Data Access Control)
16. Containers are what fuels ServerLess platforms, and complement them
• (Almost) All ServerLess platforms are
implemented with containers
• ServerLess portability is lower than
Containers
• Containers allows the execution of more
Application designs
• Existing Monolithic applications can
easily run in containers
• You can do containers without writing
Dockerfiles…
Monolith App
Service Based App
Docker
Application
Designer
17. Operations are essential to the deployment of ServerLess
• ServerLess operations are still a green field
• Governance has to be invented and designed
• Responsibility for production has to be
established
• Cost at scale is (still) an architectural definer
• DevOps processes need to be adapted:
− Design Applications by workflows
− Autonomous Functions Development
− Coordination of delivery
Governance
18. Recap of the Session
ServerLess, Containers, and Operations
19. • Serverless runs event driven stateless apps
• Containers fuel Serverless platforms
• Containers are more agile than Serverless
• Containers make the glue with other apps
• Serverless is much more than just FaaS
• Functions need to be managed
• Functions need to be secured
• Functions lifecycle management is required
So, in summary, will ServerLess kill containers and Operations ?
ServerLess & Containers a complementary
Operations will not disappear, it is only a shift of focus