30 questions to ask a serverless fanboy

Everyone is hot under the collar again. So-called serverless or no-ops services are popping up everywhere allowing you to deploy “just code” into the cloud. Not only won’t you have to login to a server, you won’t even have to know they’re there.

As your code is called, but cloud events such a file upload, or hitting an http endpoint, your code runs. Behind the scene through the magic of containers & autoscaling, Amazon & others are able to provision in milliseconds.

Join 32,000 others and follow Sean Hull on twitter @hullsean.

Pretty cool. Yes even as it outsources the operations role to invisible teams behind Amazon Lambda, Google Cloud Functions or Webtask it’s also making companies more agile, and allowing startup innovation to happen even faster.

Believe it or not I’m a fan too.

That said I thought it would be fun to poke a hole in the bubble, and throw some criticisms at the technology. I mean going serverless today is still bleeding edge, and everyone isn’t cut out to be a pioneer!

With that, here’s 30 questions to throw on the serverless fanboys (and ladies!)…

1. Security

o Are you comfortable removing the barrier around your database?
o With more services, there is more surface area. How do you prevent malicious code?
o How do you know your vendor is doing security right?
o How transparent is your vendor about vulnerabilities?

Also: Myth of five nines – Why high availability is overrated

2. Testing

o How do you do integration testing with multiple vendor service components?
o How do you test your API Gateway configurations?
o Is there a way to version control changes to API Gateway configs?
o Can Terraform or CloudFormation help with this?
o How do you do load testing with a third party db backend?
o Are your QA tests hitting the prod backend db?
o Can you easily create & destroy test dbs?

Related: 5 ways to move data to amazon redshift

3. Management

o How do you do zero downtime deployments with Lambda?
o Is there a way to deploy functions in groups, all at once?
o How do you manage vendor lock-in at the monitoring & tools level but also code & services?
o How do you mitigate your vendors maintenance? Downtime? Upgrades?
o How do you plan for move to alternate vendor? Database import & export may not be ideal, plus code & infrastructure would need to be duplicated.
o How do you manage a third party service for authentication? What are the pros & cons there?
o What are the pros & cons of using a service-based backend database?
o How do you manage redundancy of code when every client needs to talk to backend db?

Read: Why were dev & ops siloed job roles?

4. Monitoring & debugging

o How do you build a third-party monitoring tool? Where are the APIs?
o When you’re down, is it your app or a system-wide problem?
o Where is the New Relic for Lambda?
o How do you degrade gracefully when using multiple vendors?
o How do you monitor execution duration so your function doesn’t fail unexpectedly?
o How do you monitor your account wide limits so dev deploy doesn’t take down production?

Also: Are SQL databases dead?

5. Performance

o How do you handle startup latency?
o How do you optimize code for mobile?
o Does battery life preclude a large codebase on client?
o How do you do caching on server when each invocation resets everything?
o How do you do database connection pooling?

Also: Is Amazon too big to fail?

Get more. Grab our exclusive monthly Scalable Startups. We share tips and special content. Our latest Why I don’t work with recruiters

  • Allan Leinwand

    Hi Sean,

    Thanks for this post. Much to think about here. As we see adoption of serverless over the next two years, companies should definitely keep this in mind! I’ll likely reference this list more than once with my internal teams and with some of our customers!

    -Allan Leinwand, CTO, ServiceNow

    • http://www.iheavy.com/blog/ Sean Hull

      Thx Allan. Reach out ([email protected]) if you’d like to discuss further.

      There’s a lot happening in the serverless space.

      Also checkout Adrian Cockroft’s talk on microservices

  • John Wojcik

    ” Are you comfortable removing the barrier around your database?”
    It depends on what you mean by “database”. Lambda isn’t meant to be accessing mysql/rds or postgres, although running lambda in a VPC can make this more secure, you’ll never really be able to get the number of concurrent connections in your db that lambda is capable of.

    Lambda should be used with dynamodb or aurora (maybe). Not that it can’t be used with something relational – you just don’t have a way of limiting lambda connections to the database, nor a way to quickly scale up RDS (quickly, meaning on the order of minutes).

    While dynamodb can be scaled up with an API call.

    • http://www.iheavy.com/blog/ Sean Hull

      Thx John.

      It becomes more stark when you build a lambda function using Firebase as your database. Your lambda functions connect across the interwebs to store & retrieve data.

      This is the stack that the A Cloud Guru built their site on. Auth0 + Lambda + Firebase.

    • Efi Merdler-Kravitz

      I just want to add that as usual it depends on your needs, RDS support read replicas (see https://aws.amazon.com/rds/details/read-replicas/) so if your system is more ‘read’ inclined then RDS can be a sensible solution.