Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Why & What of Serverless Computing

Why & What of Serverless Computing

Unraveling serverless computing and why you should give it a closer look. In this session at AITP Atlanta Meetup, I talk about the serverless movement, the trend, the hype, and what it really means. I talk about the evolution of architecture, the tenets of serverless computing, its use cases & challenges, security implications. I also touched upon the total cost of ownership and adoption of serverless computing in the industry.

Rupak Ganguly

May 16, 2019

More Decks by Rupak Ganguly

Other Decks in Technology


  1. @rupakg rupakganguly.com Why & What of Serverless unraveling serverless computing

    and why you should give it a closer look AITP Atlanta Meetup, Atlanta Rupak Ganguly May 16th, 2019 Solutions Architect, Docker Inc.
  2. @rupakg rupakganguly.com Why & What of Serverless unraveling serverless computing

    and why you should give it a closer look • The serverless movement • Evolution of architecture • Tenets of serverless computing • Use cases & challenges • Serverless TCO • Adoption in the enterprises We will look at:
  3. @rupakg rupakganguly.com “Serverless usually refers to an architectural pattern where

    the server side logic is run in stateless compute containers that are event-triggered, ephemeral and fully managed by third party.” - Martin Fowler of ThoughtWorks
  4. evolution monolithic architecture bare-metal servers tightly coupled components, deployed as

    single-unit data centers service-oriented architecture bare-metal, VMs, IaaS decoupled components, deployed as web services cloud micro-services architecture shift from infrastructure mgmt. API centric, single responsibility services platform-as-a-service zero admin of infrastructure serverless architecture functions as unit of deployment functions-as-a-service how we got here
  5. @rupakg rupakganguly.com serverless architecture shortest time to market greater developer

    productivity lowest total cost of ownership values applications run code in FaaS services and leverage other managed services
  6. @rupakg rupakganguly.com zero administration • no servers to maintain •

    no OS upgrades, no patches • renewed role of devops teams • paradigm shift, no ssh • no control over infrastructure
  7. @rupakg rupakganguly.com pay-per-execution • no paying for idle • upfront

    cost savings • micro-billing, per 100 ms * • 1 million requests free tier * • $0.20 per million requests post free tier * * AWS Lambda pricing
  8. @rupakg rupakganguly.com microservices • promotes single responsibility principle based services

    • no more death stars, monolithic apps • varied language support • small, autonomous, polyglot teams • agility, quick & frequent deployments
  9. @rupakg rupakganguly.com ecosystem • use provider services • use of

    third-party services • S3, Kinesis, SNS, SQS • DynamoDB, Firebase, GraphQL • Cognito, Auth0, Synk, PureSec • CloudWatch, X-Ray, IOPipe
  10. @rupakg rupakganguly.com auto-scaling • auto scaling Lambda • auto scaling

    DynamoDB • based on load, throughput consumption • no need for auto-scaling group policies • enables high-availability
  11. @rupakg rupakganguly.com event-driven • trigger & respond to events •

    http events (API Gateway) • webhook events • scheduled events • rich ecosystem of event sources
  12. @rupakg rupakganguly.com use cases • real-time/streaming, batch processing: kinesis ->

    lambda • REST APIs, Graph APIs: lambda -> API Gateway endpoint • event-driven workflows, scheduled tasks, data transforms what are others building
  13. @rupakg rupakganguly.com use cases • web, mobile & IoT backends

    • form processing • authentication • devops automation • chatbots • file manipulation • voice apps (Alexa) • ETL workloads • image resizing • video transcoding • security audits • dynamic websites • ecommerce stores • web hook listeners • CRON jobs • CI/CD pipelines • log analytics what are others building
  14. @rupakg rupakganguly.com challenges • cold start latency, more with VPC

    • price at high volumes • developer experience • provider limits • fear of vendor lock-in • application lifecycle management • metrics & monitoring • service discovery • team collaboration • standardization it’s not all rosy
  15. @rupakg rupakganguly.com security • Least privileges across resources • Reduce

    access to sensitive data, handle exceptions and validate input • Avoid embedding secrets, access keys and credentials in code • Throttle and define quotas • Encrypt data on the wire and data stored at rest • Scrutinize 3rd-party libraries & APIs for vulnerabilities • Be aware of new input/event sources guidelines & recommendations
  16. @rupakg rupakganguly.com cost breakdown •direct costs: • pay-per-invocation (no paying

    for idle) • Lambda cost, service(s) cost, data transfer cost, API Gateway cost •personnel costs: • building a devops team is not cheap, and involves a huge learning curve. • ~ 100,000+ per year per engineer https://theburningmonk.com/2019/01/you-are-thinking-about-serverless-costs-all-wrong/ measurable costs
  17. @rupakg rupakganguly.com •overhead costs: • delegate ops responsibilities to your

    cloud provider reduced responsibilities for devops team • frees developers to focus on building business functionality •opportunity costs: • ability to iterate faster & business can test ideas faster than competitors https://theburningmonk.com/2019/01/you-are-thinking-about-serverless-costs-all-wrong/ cost breakdown non-measurable costs