The original | www.pulumi.com/blog/is_ser…
The author | Lee Briggs & Piers Karsenbarg
The translator | donghui
Many developers say serverless is the future of computing, while others say it will never work. Our own views are less polarized. We see serverless as an option, a possible stepping stone from a start-up to a mid-sized enterprise to a large enterprise. In these two posts, we’ll discuss how serverless fits into this process, as well as its advantages and disadvantages.
Our goal is to help you realistically evaluate serverless computing. We want to stimulate discussion, not knee-jerk reactions, whether pro or con. Hopefully, these blog posts will help you start a discussion among all the people involved and agree on the best business solution. The course may or may not involve no server. In this first article, we’ll consider some of the most common issues when discussing serverlessness. In the second article, we will examine some broader issues.
What is serverless?
The term “serverless” is somewhat of a misnomer. A more cynical person might mutter, “No server still running on the server! “It’s true. No matter what cloud provider you use, you always use a server to run your applications. These servers must be configured, managed, and maintained. Serverless services provided by cloud providers often abstract away difficult-to-manage components of running applications: they run and manage servers for you. Developers can run their applications without worrying about the underlying layers, such as the operating system or even computing power.
Why serverless?
When people promote serverless, there are some ready answers. We’ll mention them quickly here, and then we’ll examine these claims more closely. Here are the top three reasons people give.
1. It’s a quick way to get started
Turning the management of the server over to the provider means that you can deliver applications to users very quickly. There is a lot of underlying infrastructure for which you don’t have to write or maintain code.
2. It’s cheap
Serverless can save you money in several ways. First, because the provider manages the server, administration costs are reduced. You don’t need to write as much code because the server isn’t your concern. You can get your application to market faster, which means you can start generating revenue faster. Finally, depending on your usage pattern, you only pay for the time it takes to execute the code. You don’t pay for free time.
3. IT is outside the control of IT
In organizations that adopt cloud engineering, people often move to serverless because they find IT too slow or unresponsive. In a “traditional” organization, it may be difficult to purchase hardware, it may be too slow, or it may be held back by operational or financial constraints. This is often a reason for people to turn to cloud providers, and as part of their migration, they may consider going serverless.
If there are barriers to providing cloud resources, such as strict permissions, you will also see serverless adoption in companies that have adopted cloud computing. Serverless is an easy way to get work done around problems that are considered “roadblocks.” Sometimes, the serverless push can come from outside the development department. For example, a Marketing Department might want to publish something that is time critical because it is related to an event.
Or is it?
Let’s take a closer look at why people advocate serverless.
1. Is this really a fast way to start?
Using a serverless application may make it easier to bring your application to market, but it requires rethinking how you build and develop your application, which can lead to labor penalties later. As you begin to take advantage of serverless products, your organization’s traditional approach to building production applications may need to be reconsidered, or even readjured. A good example of this is when you think about monitoring and observability: many monitoring platforms work on a layer that you can’t access, and you don’t have much insight into the performance of your application. Redesigning and rethinking how to build production-ready applications using serverless technology can introduce unexpected delays to the serverless journey.
2. Is it really cheap?
One of the reasons that serverless is considered cost-effective is that you only pay for the computing time you use. However, the savings from serverless use is not inevitable. It is important to profile the suitability of your application. There are two caveats here.
What is the pattern of requests?
If your application has many small quick requests, serverless may be a good choice. On the other hand, if your application relies on long-running operations, you might be shocked when you look at bills.
What about startup time?
Keep in mind that you still have to “pay” for the startup time of your application. Serverless services are often penalized with a “cold start,” so if you use them sparingly or not at all, you may have to run other processes in the background to make sure your application doesn’t pay the price. This also means that your first request will take longer than subsequent requests. If no server function requires a quick response all the time, you can pay extra for an implementation such as preset concurrency to mitigate the loss of a cold start. However, this can easily offset any cost savings you might have made compared to traditional software deployment methods.
3. What about control?
Adopting a serverless platform as a deployment mechanism means handing over responsibility for patching the infrastructure to the provider. You can no longer respond quickly to security warnings at the operating system layer; You trust your suppliers to do this. In this case, you may not want to give up control.
You still need to manage security notifications in your application dependencies, and you need a mechanism to respond to these issues. Serverless collectors often have the false impression that their application is “secure” due to the lack of infrastructure to manage, but this rarely happens. You may need to adapt any existing mechanisms you employ for penetration testing of your application to suit any new serverless platform. While your attack surface may be small, you still need to ensure that it is difficult for any potential attacker to attack horizontally through a serverless infrastructure.
If you choose serverless because you or another department wants to bypass standard IT processes, that points to problems within the organization, not the need for serverless. Technology cannot solve cultural problems. What really solves these problems is for people to talk to each other and figure out how to make life better for everyone involved.
It is important to understand that you are handing over control of your server to the provider rather than yourself, and you need to explore the trade-offs between compliance and serverless advantages in detail.
This article is reprinted from Serverless Life public account, please contact the original author for reprinting.