In a Serverless Days online event on June 18, leaders from the cloud computing industry, including experts from UC Berkeley, serverless.com, TencentCloud and Google Cloud, came together to discuss serverless computing’s latest innovations, use cases, and future directions.
In an O'Reilly survey of 1500 IT professionals in 2019, 40% of respondents worked at organizations that have adopted serverless architecture. A 2020 DataDog survey indicated that over 50% of AWS users are now using the serverless AWS Lambda Function as a Service (FaaS). Serverless technologies are going mainstream.
This edition of Serverless Days, a leading international event on serverless technologies, was hosted in China on June 18. Leading experts from the industry and academia shared facts, tips, and opinions on why serverless is all the rage and why enterprises should care.
Johann Schleier-Smith gave a talk about the history and future of serverless computing. He is a co-author of the "Cloud Programming Simplified: A Berkeley View on Serverless Computing" report, which defined serverless computing as the combination of the stateless FaaS (Function as a Service, such as AWS Lambda) and the stateful storage BaaS (Backend as a Service, such as AWS S3).
In our definition, for a service to be considered serverless, it must scale automatically with no need for explicit provisioning, and be billed based on usage. — A Berkeley View on Serverless Computing
According to Schleier-Smith, serverless computing has a dramatically simplified system or infrastructure management, and it is entering a new phase of simplified application development. There are three major approaches to the serverless FaaS infrastructure. All of them aim to provide isolation and safe sandboxes to execute user-submitted code.
The first approach to FaaS infrastructure is to use system or hardware level VMs, such as the AWS Firecracker. This approach provides the best isolation and security for applications, but could also be slow and complex to manage. The cloud provider installs and bootstraps the operating system and runtime software stack (e.g., Node.js or Python) to run the user code. The success of AWS Lambda proves the scalability of this approach.
The second approach is to use containers, such as Docker. The containers are managed by solutions such as Kubernetes. This approach is less secure but could be much more performant than system-level VMs. The cloud provider loads and starts the container image with the operating system and runtime stack, before any user code is executed.
The third, emerging approach, is to use application-specific VMs, such as WebAssembly. This approach provides a high level of abstraction. The WebAssembly VM does not need to bootstrap its own operating system or software stack. It can just execute compiled byte code applications. WebAssembly provides a high level "capability-based" security model for accessing system resources (e.g., through the WASI specification) instead of coarsely-grained operating-system-level isolations. However, the downside is that, unlike operating system containers, WebAssembly can only support applications compiled into the WebAssembly bytecode. Today, only C/C++, Rust, and AssemblyScript (a subset of TypeScript) are well supported.
There is room for multiple approaches to isolation, and applications may choose different ones depending on their needs. — Johann Schleier-Smith
Those three approaches offer a spectrum of solutions that balance performance, security, and ease-of-use. As technologies evolve, the lines between the approaches blur. For example, bridging between system-level VM and containers, the LightVM approach tries to compile relevant operating system functions directly into the VM to achieve faster performance.
Another example of serverless infrastructure innovation is Google Cloud's gVisor. Google's Wenlei He gave a good presentation on Cloud Run at the conference. Under the hood, Google gVisor technology provides a system-level sandbox designed to run containers. It is more secure than Docker and faster than system-level VMs. Today, Google's three most important serverless offerings, Cloud Run, Cloud Functions, and App Engine, are all built on top of gVisor.
One of the common (but possibly under-appreciated) dimensions of serverless in the context of FaaS is its ability to add a dimension of "programmability" to public cloud infrastructure. — Jason Polites, lead product manager, Google Cloud Serverless
As Schleier-Smith and Polites both allude to, the serverless infrastructure innovation is a means to an end. The end goal of serverless computing is to simplify internet application development for developers. Yet, recently, the "serverless Twitter" was abuzz with an architecture diagram that had many asking: how is this any simpler than the "serverful" technologies we are supposed to replace?
Austen Collins, the CEO of serverless.com, gave a great talk about the state-of-the-art of serverless tooling and application architecture. He coined the phrase "the rise of the serverless architect" to describe the rapidly changing demands for experienced serverless tech talents. As the adoption of serverless grows, developers are using it to build full-blown enterprise applications, as opposed to just simple web services or stateless connectors between AWS services. For example, developers are pushing the envelope around the divide between serverless FaaS and BaaS. AWS recently announced Elastic File System for Lambda to make Lambda functions stateful. On the other end, WebAssembly solutions are pushing for secure file system access through WASI or custom extensions for database access.
The architectural complexity of FaaS applications is exploding, as shown in the diagram above. It appears that developers need the skills of a software architect to build serverless solutions today. Being the first Serverless Days event in China, serverless.com announced a partnership with TencentCloud to provide software tools to simplify the deployment of Node.js+Express.js apps, static web sites and RESTful API endpoints on TencentCloud Serverless platform.
Like internet giants in the West, Tencent, one of the biggest internet companies in Asia, runs sophisticated data center operations to power its applications, and it is natural to offer part of the data center as cloud services. TencentCloud's general manager for Serverless Yunong Xiao spoke at the conference and discussed the major serverless offerings from TencentCloud, including Serverless Cloud Function (SCF) and Serverless Framework for applications deployed on the SCF.
The Serverless Days China event was organized and sponsored by Tencent Cloud. This virtual event attracted over 40,000 online attendees. It is the "East meets West" moment in serverless computing, as the technologies are generating a lot of interest among Chinese developers.