Serverless Computing - Architectural Considerations & Principles
Serverless Computing –Architectural Considerations & PrinciplesJanuary 2018
Serverless Computing – Architectural Considerations & PrinciplesServerless Computing –ArchitecturalConsiderations & PrinciplesIntroductionThe last decade has seen tremendousinnovation in the enterprise IT space.The primary focus of this technologicalinnovation has been enablingbusinesses agility, improve resiliencyand drive cost efficiencies.The revolution in the server computingspace over the past decade hasallowed enterprise IT to develop anddeploy scalable software withoutworrying about the underlyinginfrastructure. At the same time,cost of technology operationshave also gone down significantlywhile improving time-to-market forenterprises.Serverless as a concept is notnewAmazon launched its cloudstorage service (AWS S3)in 2006, which was alsoa ‘serverless service’ thatprovided unlimited storage atinfinite scale without having tomaintain servers. However, thedifferentiation now is that thecompute services are becoming‘serverless’ thus defining anew paradigm in softwarearchitecture.Server computing is now evolvingtowards even smaller units of scale –from virtual machines to containersto serverless1. The technologyevolution has been depicted below.This thought paper provides avendor neutral summary of industryrecommended principles and keyconsiderations for architectingserverless systems.Figure: Evolution of technology1.Enterprise HardwareEnterprise DataCenterCo-locationCloudComputingHybrid CloudAtomic Unit of ComputePhysical ServerVirtualMachinesContainersFunctionsSoftware volution of Server Computing: VMs to Containers to Serverless — Which to Use When?, Gartner, June 201703
Serverless Computing – Architectural Considerations & PrinciplesSo, what exactly is ‘serverless’The word ‘serverless’ doesn’t stand for‘No Servers’. Instead, servers are anintegral part of this concept; however,it is the cloud provider which handlesthe complexity of managing individualservers and provides an ephemeralcompute service2, that will execute apiece of code on-demand triggeredthrough requests and events, with theservice consumer being charged onlyfor the duration of execution.In the traditional cloud computingscenario, enterprises needed topay a fixed and a recurring amountfor using virtual servers to run itswebsites or applications irrespectiveof whether the cloud services arebeing used or not. However, withserverless computing enterprises willneed to pay only for service usagewith no charge for idle time i.e. payper-execution.To summarize, serverless is anevent-driven computing model orcode execution where underlyinginfrastructure (including physicaland virtual hosts, virtual machines,containers as well as the operatingsystems) is abstracted from thedeveloper and the service consumer.Applications run in statelesscontainers that are spawnedbased on triggering of events.The application logic or businesslogic is encapsulated in Functions 3which runs on containers in thecloud provider’s infrastructure.As the application load increases,more Functions are executedproportionately, the scaling ofthe underlying infrastructure istaken care by the cloud provider.The consumer of these services,does not need to plan for scaling,capacity planning and managementand corresponding administrationServerless computing cancomplement the API economyAPIs are end-user interfacesof a service that allowsanother piece of a softwareto communicate and in-turnconsume the same. Withserverless computing, APIswill remain at the heart of theservices; however, the backendwould be serverless – aninvocation of the API would inturn trigger the function or aseries of functions.activities associated with maintainingvirtual machines, server farmcapacity and operating systems.Serverless computing: Anevolution of cloud computingServerless computing is an evolutionof cloud computing service models–from Infrastructure-as-a-Service(IaaS) to Platform-as-a-Service (PaaS)to Function-as-a-Service (FaaS).While IaaS abstracts the underlyinginfrastructure to provide virtualmachines for ready consumption andPaaS abstracts the entire operatingsystem and middleware layer toprovide the application developmentplatform, FaaS goes one step furtherin terms of abstracting the entireprogramming runtime to provideoptions to readily deploy a piece ofcode and execute without worryingabout its deployment.Leading cloud providers like Amazon,Microsoft, Google and IBM havelaunched serverless services in thelast 2 years. While Amazon’s serviceis called AWS Lambda (launchedin 2014), the respective servicesof Microsoft and Google are calledAzure Functions (launched in 2015)2.3.Denotes the fact compute resources in serverless disappears immediately after use Functions are units of deployment or work in serverless computing and contains application or business logic in the form of code which is executed whena certain event is triggered04
Serverless Computing – Architectural Considerations & PrinciplesIaaSPaaSFaaSUnit of deploymentOperating SystemApplicationsFunctionsProvidesVirtual machines packagedwith operating systemsApplication developmentplatformExecute code (with businesslogic) on-demandAbstractsPhysical hardwareOperating system &middlewareProgramming runtimeand Google Functions (launched in 2016 – alpha release).IBM has also released its serverless service calledOpenWhisk.Re-imagining the technology stackAs depicted below the traditional technology stack forservice delivery can be re-imagined to fit the serverlessstack across each layers of network, compute anddatabase.Traditional StackServerless stackNetworkAPI GatewayComputeFunction as a Service(FaaS)DatabaseDatabase as a Service(DbaaS)The three key core technology components of serverless computing stack includes the following:01API Gateway: The API Gatewayacts as the communication layerbetween the frontend and the FaaSlayer. It maps REST API endpointswith the respective functions thatruns the business logic. With serversout of equation there is no need fordeploying and manage load balancersalso in this model.4.02Functions or Function as a Service(FaaS): This is the layer that executesspecific business logic (or code) withthe cloud provider providing the levelof abstraction in terms of executingthe business logic.03Backend as a Service (BaaS): This isessentially a cloud based distributedNoSQL database which essentiallyremoves database administrationoverheads. elational databases like SQL are not preferred in a serverless architecture because they have a limit on the number of database connections that can beRopened simultaneously at a time which can result in scalability and performance challenges05
Serverless Computing – Architectural Considerations & PrinciplesBenefits of serverless computingKey attributes of serverless computing include the following:5.6.01Fully managed service: As iterated earlier, it is a fully managed service provided by the cloud serviceproviders and the developers doesn’t need to worry about the underlying infrastructure, operatingsystem, middleware, language runtime and its management and dependencies.02Supports event-driven approach: Functions are triggered based on events. Different cloudservices5 and existing applications that supports a trigger mechanism can initiate and launch afunction.03Provides infinite scalability and built-in high availability: Depending on the user traffic,functions scale horizontally in a completely automatic and elastic fashion which is managed by thecloud service provider.04Less-Ops: Serverless doesn’t necessarily mean NoOps6 for the service consumers; however, it candefinitely mean ‘Less-Ops’ as operational tasks like debugging, testing, trouble-shooting etc. remainswhile the infrastructure management is fully outsourced to the cloud service provider.05Pay for execution time: In a serverless computing model service consumers pay only for theduration of execution of a function and the number of functions executed. When a function is notexecuted no charge is levied – thus eliminating any idle time. This is a significant benefit over cloudcomputing where users are charged on an hourly basis for running virtual machines. or example, AWS services like S3, DynamoDB, Kinesis Streams, SNS and SES etc. can trigger AWS Lambda function. HTTP triggers either from a REST APIFare also supported No operations is a concept which refers to an IT environment becoming automated to the extent that the underlying infrastructure is abstracted withoutneed for a dedicated team to manage the same06
Serverless Computing – Architectural Considerations & PrinciplesIndustry incumbents canregain competitive advantagethrough this smallest form ofcomputingCompetitive advantage in today’sbusiness landscape is determined bythe quality of customer interactionand service, customized productsand services and effectiveness"We are a technologycompany",JPMorgan CFO Marianne Lake(Source: Business Insider, 2016)With tech start-ups disruptingalmost every industry withtechnological innovations,industry incumbents arestruggling with their legacy ITfootprint to innovate at therequired pace to keep up withthe changing customerof internal business processeseffectiveness. And all of theseare driven by technology witharchitectural design and deploymentof software being at the core.Serverless computing gives industryincumbents the required computingmodel to compete with the high-technew comers in their industry. Inthis technology approach, softwareapplications can be broken downinto individual functionalities orfunctions in the serverless computingparlay (i.e. a micro-services basedarchitecture) that are portable,cost-efficient and most importantlynot bound to a legacy infrastructurefootprint. The separation of theapplication functionalities fromthe supporting infrastructureprovides the greatest opportunityfor enterprises for applicationmodernization and remove alldevelopment constrains posedby legacy infrastructure. In fact,serverless can be the exit strategyfor enterprises from their legacy ITfootprint.Key considerations forarchitecting serverlesssystemsServerless computing mightseem a lot more attractive overother traditional infrastructureconsumption and computationalmodels. However, we at Deloittebelieve that without the rightsoftware architecture it is notpossible to realize the benefits.Not all application or servicecan be delivered in a serverlessmodel – we believe the futureenterprise IT landscape will be ahybrid landscape.07
Serverless Computing – Architectural Considerations & PrinciplesIn addition, not all application or service can be delivered in a serverless model – we believe the future enterprise ITlandscape will be a hybrid landscape. Hence, to ensure that the optimum architecture is in place, we have outlinedcertain architectural considerations that needs to be kept in mind while architecting serverless systems.Key architectural considerations for serverless are as follows:Functions are ephemeral i.e. persistfor a certain period of time only:Functions are deployed in a container7.These containers are started when aspecific event is triggered and remainsactive for a certain duration beyondwhich it shuts-down automatically andall resources within the container ceaseto exist thereafter 8 . Hence, applicationswith larger processing requirementsmay not be suitable candidates forserverless.0102Cold start: Cold start happens when an inactive (i.e.cold) function is invoked for the first time. This istypically the time taken by the underlying containerrunning the function to load the runtime along withthe libraries and associated dependencies. Coldstarts can increase the execution time significantlyand affect application performance if not handledappropriately. One way of addressing this bottleneckis to ensure functions stay alive (i.e. hot)before execution.Functions provide limited abilityto configure database indexes:Use of relational database inserverless architectures createsscalability and performancechallenges due to limitationsof the number of simultaneousconnections that can be openedin relational databases. InsteadNoSQL databases can be thepreferred choice. In addition, therecan be limitations with regard toconfiguring nodes and indexes.7.8.9.Functions are stateless: This implies that any kindof resource within a function will not exist afterthe function ceases to exist. This is an importantconsideration and hence appropriate measures mustbe implemented. For example, storing the session statein a persistent database if the session needs to bepreserved.03Language support: Currently differentserverless services support differentlanguages for development. For example,AWS Lambda supports Node.js, Pythonand Java; Azure Functions support C#,Javascript and (preview of F#, Python,Batch, PHP, PowerShell); and, GoogleFunctions supports only Javascript. Hence,selection of the platform may dictate thechoice of language for development.04050607Functions don’t allow file systems levelaccess: This essentially means featureslike reading attributes from configurationfiles or spilling over in-memory cache todisk is not supported. Hence, serverlessmay not be the right architectural modelfor applications requiring file system levelaccess or operating system level access.Comes with built-in logging & monitoringmechanisms: Serverless services today comes withtheir own in-built logging and monitoring mechanisms 9.This can be an architectural and operational shift in casean enterprise has been using custom tools for similarpurposes. Containerization involves splitting applications into small parts, or containers, all sharing the same underlying operating system For example, AWS Lambda and Azure Functions have maximum execution time (per request) of 300 seconds (i.e. 5 minutes) For example, AWS Lambda supports CloudWatch and Azure Functions support App Service monitoring08
Serverless Computing – Architectural Considerations & PrinciplesRecommended serverless architectural principlesWe believe designing the appropriate technology architecture, aligned to the business requirements is the foundationfor capitalizing on the technology innovations to drive competitive advantage in business. This is the reason whycompanies like are Netflix, Amazon are successful. CIOs and Senior IT executives will need to realize this fact and thesooner they do its better.Below are some of the industry recommended guiding principles or best practices that can be kept in mind whilearchitecting serverless systems:Develop single-purpose functions thatare stateless: Since functions are statelessand persists for a limited duration only, it isrecommended to write single-purpose codesfor function. This limits the execution time of afunction which has a direct impact on cost. Inaddition, single purpose codes are easier to test,deploy and release thus improving enterpriseagility. Finally, even though statelessness maybe perceived as a limitation, it provides infinitescalability to a platform to handle an increasingnumber of requests, which otherwise would nothave been possible.Create thicker and powerful frontends:Executing more complex functionality at thefront-end especially through rich client-sideapplication framework helps reduce cost byminimizing function calls and execution times.Completely decoupling back-end logic from thefront-end while not compromising on security isone way of doing. This also allows more servicesto be accessed from front-end resulting inbetter application performance and richer userexperience.Identify performance bottlenecks: On-goingmeasurement of performance bottlenecks interms of identifying which functions are slowingdown a particular service is critical to ensureoptimal customer experience.01020304050610.Design push-based, event-drivenpatterns: Designing push-based andevent-driven architecture patternswhere a chain of events propagatewithout any user input impartsscalability to an architecture.Incorporate appropriate securitymechanism across the technologystack: Appropriate securitymechanisms must be incorporated atthe API Gateway layer and also at theFaaS layer. These security mechanismsinclude features like access controls,authentication, identify and accessmanagement, encryption andestablishing trust relationship etc.Leverage third party services:Serverless being an emerging fieldexisting enterprise tools for variousservices like logging, monitoring etc.may not be compatible. Choosing theright third party tools for executing thetask at hand will be key for enterprisesto ensure the benefits of serverless areutilized to the fullest. S erverless: The future of cloud computing by Peter Sbarski, ServerlessConf, 201609
Serverless Computing – Architectural Considerations & PrinciplesConclusionWith the right architecturalconsiderations and due diligence,serverless may present industryincumbents with an exit strategyto move from legacy infrastructureto adopt public cloud models – thiswas not observed earlier. However,industry incumbents will needmove away from the status-quo andembrace the change. A structuredapproach with a defined roadmapis required to move away fromthe current software architectureparadigms which is based on the10legacy monolithic model with theserverless paradigm where thefocus isn’t on infrastructure but ondelivering the required businessfunctionalities which in turn changesthe economic model for IT servicedelivery.There are concerns though with regardto vendor lock-in and adherenceto industry specific compliancerequirements in a serverless model.Like any emerging technology,Serverless will go through its cyclebefore mainstream adoption happens.Serverless has the potential to changethe economic model of IT consumptionof enterprises leading to significantcost reductions associated primarilywith IT support and maintenance(which can be a significant 50 – 60%of the total IT budget of enterprises),reduce time-to-market and fosterinnovation to support changingbusiness requirements and provide anedge over competitors.
Serverless Computing – Architectural Considerations & Principles11
ContactsRakesh BarikPartner, Technology Consulting LeaderDeloitte Touche Tohmatsu India LLPE-mail: rakeshbarik@deloitte.comAnubrata ChakrabartiPartner, ConsultingTechnology Strategy & ArchitectureE-mail: anchakrabarti@deloitte.comRitesh PalManager, ConsultingTechnology Strategy & ArchitectureE-mail: riteshpal@deloitte.comDeloitte refers to one or more of Deloitte Touche Tohmatsu Limited, a UK private companylimited by guarantee (“DTTL”), its network of member firms, and their related entities. DTTLand each of its member firms are legally separate and independent entities. DTTL (alsoreferred to as “Deloitte Global”) does not provide services to clients. Please see www.deloitte.com/about for a more detailed description of DTTL and its member firms.The information contained in this material is meant for internal purposes and use onlyamong personnel of Deloitte Touche Tohmatsu Limited, its member firms, and their relatedentities (collectively, the “Deloitte Network”). The recipient is strictly prohibited from furthercirculation of this material. Any breach of this requirement may invite disciplinary action(which may include dismissal) and/or prosecution. None of the Deloitte Network shall beresponsible for any loss whatsoever sustained by any person who relies on this material. 2018 Deloitte Touche Tohmatsu India LLP. Member of Deloitte Touche Tohmatsu Limited
Serverless computing: An evolution of cloud computing Serverless computing is an evolution of cloud computing service models -from Infrastructure-as-a-Service (IaaS) to Platform-as-a-Service (PaaS) to Function-as-a-Service (FaaS). While IaaS abstracts the underlying infrastructure to provide virtual machines for ready consumption and
PSI AP Physics 1 Name_ Multiple Choice 1. Two&sound&sources&S 1∧&S p;Hz&and250&Hz.&Whenwe& esult&is:& (A) great&&&&&(C)&The&same&&&&&
Hacking Serverless Runtimes Serverless technology is getting increasingly ubiquitous in the enterprise and startup communities. As micro-services multiply and single purpose services grow, how do you audit and defend serverless runtimes? The advantages of serverless runtimes are clear: increased
AWS Serverless Application Model Developer Guide Benefits of using AWS SAM What is the AWS Serverless Application Model (AWS SAM)? The AWS Serverless Application Model (AWS SAM) is an open-source framework that you can use to build serverless applications on AWS.
Argilla Almond&David Arrivederci&ragazzi Malle&L. Artemis&Fowl ColferD. Ascoltail&mio&cuore Pitzorno&B. ASSASSINATION Sgardoli&G. Auschwitzero&il&numero&220545 AveyD. di&mare Salgari&E. Avventurain&Egitto Pederiali&G. Avventure&di&storie AA.&VV. Baby&sitter&blues Murail&Marie]Aude Bambini&di&farina FineAnna
The program, which was designed to push sales of Goodyear Aquatred tires, was targeted at sales associates and managers at 900 company-owned stores and service centers, which were divided into two equal groups of nearly identical performance. For every 12 tires they sold, one group received cash rewards and the other received
the implementation of a new performance-focused serverless platform, and comparing its performance to existing offerings. II. PROTOTYPE DESIGN We have developed a performance-oriented serverless com-puting platform1 to study serverless implementation considera-tions and provide a baseline for existing platform comparison.
serverless architecture and how future research can over-come those limitations (Sec. 4). By sharing these design patterns with the wider research and development com-munity, we hope to encourage others to develop more se-curity applications using serverless architecture and ex-plore similar
EA BA EWITA (Business Architecture Enterprise-wide IT Architecture) Recent work (e.g., Paul Harmon at Cutter, META Group, and a number of federal agency EA projects) emphasizes the importance of including BA in the EA definition.
