Well ob­vi­ous­ly: Fru­gal­i­ty, se­cu­ri­ty, and elas­tic­i­ty. But I want more, I want bet­ter soft­ware.

[This is part of the Server­less­ness se­ries.]

Fru­gal­i­ty · The core idea is that when your work­load goes to ze­ro, so does your bil­l. You might save big; Fi­nan­cial Engines is the first case study that Google popped up for me, but I’ve heard mut­tered sto­ries in the hall­ways about way big­ger sav­ings than that. And then there’s my co-worker who took his school-photographer wife’s Web­site billings from $10/­month down to a few cents.

And we’re not just talk­ing about Lamb­da. When there are no mes­sages flow­ing through your SQS queue, you’re not pay­ing any­thing. When your Step Func­tions work­flow is wait­ing, it’s just a row in a database. And so on and so on.

From Werner Vogels’ 2017 re:invent keynote

Dis­clo­sure: I lob­bied to get that sound­bite in­to that keynote.

Se­cu­ri­ty · When you can’t see the server­s, that means we’re tak­ing care of them. And since servers fail, our ser­vices have to be de­signed to sur­vive restart­s. Which means that we can (and do) bounce them when­ev­er they need patch­ing. So what­ev­er hosts your Dy­namoDB ta­ble or your SNS top­ic is run­ning on, they’re like­ly freshly-enough patched to cut the num­ber of known vul­ner­a­bil­i­ties to just about the min­i­mum pos­si­ble. [Urgh, up­on typ­ing this, it oc­curred to me to check the up­time on the Lin­ux box host­ing this blog, and it’s like a year. The box gen­er­at­ing the bits you are now read­ing is prob­a­bly a soft tar­get for all the bad guys out there. Ahem.]

Any­how, there’s no per­fect se­cu­ri­ty in this bad old world, but freshly-patched in­stances re­al­ly do help a lot.

Elas­tic­i­ty · When we de­liv­er server­less ser­vices, what we’re re­al­ly try­ing to do is get you out of the busi­ness of ca­pac­i­ty fore­cast­ing. That busi­ness sucks. It’s hard, and easy to get wrong; the penal­ty for es­ti­mat­ing low is lousy per­for­mance for your cus­tomer­s, and es­ti­mat­ing high is throw­ing away mon­ey. So go server­less and let us take care of that for you.

(By the way, I’m not claim­ing that we’re any smarter about ca­pac­i­ty man­age­ment than you are. When you ag­gre­gate all the AWS customers’ traf­fic, the lumpy lo­cal vari­a­tions even out. So it’s a much eas­i­er prob­lem if you’re a public-cloud provider. Of course you have to not mind bil­lions in capex.)

What about soft­ware qual­i­ty? · As I’ve blogged be­fore, that “Frugality, Se­cu­ri­ty, Elasticity” pitch op­er­ates at a more or less pure busi­ness lev­el. But I’m a tech­nol­o­gist and en­gi­neer, so I have to ask, are server­less ap­pli­ca­tion de­signs bet­ter de­sign­s? I think the on­ly hon­est an­swer is “We don’t know yet.”

Hav­ing said that, my gut is say­ing “yes”. It helps that I’m an old functional-programming big­ot, and the no­tion of state­less func­tions in the cloud re­spond­ing to events gives me a warm glow. There are things we do know: mi­croser­vices that are con­nect­ed asyn­chronous­ly with mes­sag­ing sys­tems (e.g. SQS, 100% server­less) are more ro­bust and flex­i­ble than those that aren’t. But… Can I say we have a ba­sis of ex­pe­ri­ence suf­fi­cient­ly strong to say “Serverless soft­ware is better”? Nope.

But I’m pret­ty sure that go­ing server­less isn’t go­ing to give you a worse de­sign. So you should bloody well go ahead and do it, be­cause: Fru­gal­i­ty, Se­cu­ri­ty, and Elas­tic­i­ty.

But wait… · Look at that pic­ture above from Wern­er Vogels’ keynote at the 2017 re:In­ven­t.

Then con­sid­er the fact that you have a fi­nite time bud­get for soft­ware de­sign. If you go server­less, then you you don’t have to de­sign Ku­ber­netes flows or Au­to Scal­ing poli­cies or fleet-health met­rics or any of that oth­er stuff. All your de­sign time can be ded­i­cat­ed to, like Werner’s slide says, soft­ware that di­rect­ly ad­dress­es busi­ness is­sues. So, giv­en more de­sign time, you’re prob­a­bly gonna get a bet­ter de­sign with server­less.

My feel­ing is, the why of server­less is pret­ty ob­vi­ous. It’s the how that’s in­ter­est­ing.


Comment feed for ongoing:Comments feed

From: Bram (Dec 16 2018, at 08:31)

Isn’t AWS already metered?

So if your instance is idle, you pay less than what you would pay for one that burns 100% cpu?


author · Dad · software · colophon · rights

December 10, 2018
· Technology (85 fragments)
· · Cloud (15 more)

By .

I am an employee
of Amazon.com, but
the opinions expressed here
are my own, and no other party
necessarily agrees with them.

A full disclosure of my
professional interests is
on the author page.