“Serverless” is an architecture where an entire infrastructure is managed by a cloud provider, and the resources are dynamically allocated on demand. A cloud provider handles the infrastructure management tasks (such as capacity provision, patching, auto-scaling, and high availability) so that you can focus on writing code.
Serverless Features
- No servers (host machines) to manage
- Inherent scaling and high availability (HA)
- Pay-as-you-go model
- No charge in idle time
- Quick deployment
- For event-driven architecture or/and microservice-based architecture
Backend as a Service (BaaS)
BaaS is a cloud service model where cloud providers host the server-side logic. A client application running via a web browser or mobile interface connects to the cloud server through APIs.
- BaaS is popularized by the explosion of mobile applications.
- BaaS provides common functionalities such as authentication, database management, and data storage.
- You do not need to code. You just use functionalities through APIs.
Function as a Service (FaaS)
A function is a cloud service where business logic is processed by event-triggered containers that are ephemeral in nature.
- Unlike BaaS, you provide your own code that is executed in a cloud.
- Event-triggered: The code is executed by triggers that you define.
- Containers: Once an event is triggered, a code in a container runs your code.
- Dynamic Scaling: You do not need to create instances of your application. The cloud provider takes care of creating and destroying containers.
- Ephemeral: Your application only runs when it is needed.
APIs
- API Proxy: An HTTP server that allows decoupling from backend services by routing calls to specific endpoints
- API Gateway: An API proxy, which provides additional features such as authentication, input validation, monitoring, and advanced routing.
Serverless Architecture
- You do not even need to configure and manage infrastructures such as VPC, routing, or servers.
- You do not need to create or destroy instances of your application manually.
- BaaS and FaaS can be a part of the serverless architecture.
- Serverless does not fit all types of applications. It is not a magic sword.
- Best for short-running tasks that can be charged for the running time
Advantages
- Speed to Market: By eliminating the infrastructure management overhead, you can release your applications quickly.
- Scalable: You can scale your application based on demands automatically.
- Lower Cost: Serverless applications are event-driven, and you are charged only when your code is executed.
Drawbacks
- Easy to become vendor (cloud-provider) locked
- Data security concern
- No ability for infrastructure optimization
- Testing and debugging are not easy
- Usually not built for long-running tasks
- Cold start can cause latency
Use cases
- Sporadically or irregularly used applications
- Lightweight applications that perform straightforward tasks
AWS Serverless Offerings
- Compute
- Lambda: (FaaS)
- Orchestration
- Step Functions
- API Integration
- API Gateway
- AppSync
- Storage and Data Stores
- S3: object storage and static website hosting
- DynamoDB: fully managed NoSQL DB
- Aurora Serverless: when you need to handle structured data
- Messaging
- SQS (Simple Queue Service): a message queuing service
- SNS (Simple Notification Service): a service for sending text messages and mobile notifications
- Event Routers
- EventBridge
- Tools and Deployment
- Amplify: (BaaS)
- AWS CDK (Cloud Development Kit)
- AWS SAM (Serverless Application Model)
- AWS X-Ray: debugging your code in depth
AWS SAM
AWS SAM (Serverless Application Model) is an open-source framework to define serverless applications using YAML.
- You can provide the simplified instruction to define your application – Lambda functions, APIS, and databases.
- AWS SAM transforms the instructions into the fully detailed CloudFormation template.
- AWS CloudFormation uses the transformed template to build the stack.
AWSTemplateFormatVersion : '2010-09-09'
Transform: AWS::Serverless-2021-07-11
Description: A hello world application.
Resources:
HelloWorldFunction:
Type: AWS::Serverless::Function
Properties:
Handler: main.handler
Runtime: python3.9
CodeUri: ./src
AWS SAM CLI
You can use the AWS SAM CLI utility to test and deploy your application.
- SAM CLI launches a DOcker container.
- You can use Cloud9 Environment – Linux 2 instance – to use the pre-installed SAM CLI.
cat /etc/os-release
sam --version
sam validate
AWS Serverless Application Repository
The AWS SAR enables builders to package serverless applications and reuse these within their own AWS accounts (private – default), or share them publicly.
- Upload your application code and a manifest file known as AWS SAM (Serverless Application Model) template.
- Publish apps with AWS SAM template
- Find and deloy published applications
Security in Serverless Architecture
- Apply the principle of least privilege
- Implement strong identity and access controls
- Apply security at all layers
- Understand AWS shared responsibility model
- Secure data both in transit and at rest
- Protect your endpoints from DDOS attack
- Protect your data and credentials
- Monitor and Audit
- Automated security monitoring
- Enable auditing and traceability