> Instead it seems like a buzzword (?) for a weirdly niche way of running things that someone with a 4 Euro/Month nginx instance that hosts 10 websites will probably never understand.
To me, serverless means that I as the developer don't have to do ongoing server maintenance work. A 4 Euro/month setup sounds great, until you find out that you never enabled log rotation and filled up the disk space, or your certificate refresh was improperly configured and now you don't have SSL, or your site gets popular for a day and the site slows to a crawl unless you add an instance.
The dream of serverless is that I can deploy code in a “set it and forget it” manner. Stuff can still break at the application layer, but should work the same at the infrastructure layer in a year as they do today, and auto-scaling happens automatically.
> but should work the same at the infrastructure layer in a year
Serious doubt, there. This brave new world seems to be entirely focused on making it an incredibly fragile world with your code scattered to the winds. It's bad enough dealing with library semver breakages in a monolithic app. I can't imagine tracking a dozen serverless functions running god-knows-where with whatever resources some cloud service decides to allocate for you today. Billing is opaque as a black hole. Which I'm sure is more a feature than a bug, for these cloud providers.
> but should work the same at the infrastructure layer in a year
It's been my experience. For example, I've had periodic data fetching jobs last for years without giving them any thought. In some cases I've gone back years later and found them still chugging away, obediently putting data where I told them to years earlier. The one exception I can think of is when Lambda EOL'd Python 2.7, but that happened about 12 years after Python 3's initial release.
I've found the same to be true of web services. I have one that's been running continuously for 5+ years that I actually forgot about until just now.
Agreed, my company focuses on writing business logic that actually provides value to our customers, spends roughly 0 time configuring web infrastructure, and everything just works, our cloud costs are dirt cheap (especially when compared to cost of labor), the performance is better than if we had used a traditional server since code is being run on servers very near our users rather than a fixed location, and we save time, stress and money by not needing to hire cynical, behind the times sysadmins like deckard1.
Maybe that wouldn’t be the case if my company wasn’t a B2B SaaS that isn’t constrained by being the scaling concerns of a mass market consumer web app (specifically one that couldn’t scale via smart caching policies, which honestly is a minority of use cases), but for our use case it makes plenty of sense.
If you’re worried about cost overruns from auto scaling, you just set a billing limit and deal with it when you get close. Anyway the code we push to serverless is literally just the business logic we would have written anyway so there’s virtually no platform lock-in. And honestly my serverless costs are so cheap that it’ll be a long while before we bother touching them.
But where does the code run physically? Of course on a server, otherwise it wouldn't be reachable from the net. But who maintains those servers? Is there some contract with those who maintain it?
In my experience if you run things professionally you have to set up log rotation purely for legal reasons anyways. Is serverless without logs? Or how would you there ensure to log privacy relevant data only for the legally allowed periods?
How do you do SSL on serverless and who is in control of the certs that guarantee safe communications between you and your customers? If it is not you, are they somehow contractually bound to keep your user data private?
> In my experience if you run things professionally you have to set up log rotation purely for legal reasons anyways. Is serverless without logs? Or how would you there ensure to log privacy relevant data only for the legally allowed periods?
AFAIK the big providers use log rotation by default. I just know that I've been running some low-stakes serverless projects for years and have always been able to access recent logs, and never worried about disk space. Privacy laws is a good point I hadn't thought of (in the context of these projects), though.
> How do you do SSL on serverless
In the case of Netlify, they already manage the certificate if you point your domain at them and click a button, so it works automatically with their functions. Same story with Cloudflare. AWS and Google make you jump through a few more hoops, or you can host the endpoint from one of their domains and piggyback on their certificate.
I imagine the security practices of all four would hold up to the security practices of a 4 Euro / month VPS host.
To me, serverless means that I as the developer don't have to do ongoing server maintenance work. A 4 Euro/month setup sounds great, until you find out that you never enabled log rotation and filled up the disk space, or your certificate refresh was improperly configured and now you don't have SSL, or your site gets popular for a day and the site slows to a crawl unless you add an instance.
The dream of serverless is that I can deploy code in a “set it and forget it” manner. Stuff can still break at the application layer, but should work the same at the infrastructure layer in a year as they do today, and auto-scaling happens automatically.