7 tools that ease serverless adoption

Serverless computing promises effortless scalability and cost reduction, with a pay-as-you-go billing model. But adopting serverless technologies is challenging.

It means rethinking almost everything you've done in the traditional server-based compute stack and software delivery model. Source code development, infrastructure management, continuous integration (CI), and continuous delivery (CD), as well as operational aspects such as monitoring and security—all are very different in serverless architectures.

The big cloud providers' serverless platforms (Amazon Web Services, Microsoft Azure, Google Cloud Platform, and IBM Cloud Functions) offer low-level building blocks you can use to set up development and operations platforms that support serverless architectures. But these tools in the serverless ecosystem typically require a great deal of expertise and expended effort to combine them into useful capabilities.

What if, rather than piecing everything from scratch, it were possible to leverage tools that can make the adoption of serverless technologies easier for your organization?  Here are a few tools from smaller players and startups that can help.

The State of Analytics in IT Operations

Tools that tackle development

Inevitably, the very first capability needed to build serverless solutions is a way to author function code or resource configuration artifacts. Serverless architectures use function-as-a-service (FaaS) offerings—including AWS Lambda, Azure Functions, and Google Functions—to package, deploy, and execute the business logic of software systems.

To create a function, one needs to write the function logic but also codify its configuration using a provider's native infrastructure-provisioning service—such as AWS CloudFormation—or a tool that works across different providers, such as HashiCorp Terraform.

SLAppForge

This startup offers a web-based integrated development environment (IDE) named Sigma for authoring serverless applications, as well as a built-in monitoring platform. The Sigma IDE combines support for editing function code with code completion and drag-and-drop functionality to add infrastructure resources to the underlying stack.

Sigma automatically produces an AWS CloudFormation configuration for the infrastructure stack and can trigger deployments directly from the UI.

The IDE supports code authoring in Node.js, Python, Java, C#, and Go, and integrates with AWS and GitHub. Sigma can be compared to Cloud9, AWS's own cloud IDE, although, unlike Cloud9, it doesn't require a server (EC2 instance) running the IDE. Instead, it uses a small serverless back end. The monitoring dashboard presents infrastructure stack and function configurations as well as key AWS CloudWatch metrics.

Stackery

Stackery is another entry that aims to simplify serverless application development. It focuses on the infrastructure management area, allowing organizations to create and manage infrastructure stacks using a drag-and-drop UI editor. Stackery supports a good selection of infrastructure resources commonly used for creating serverless architectures.

It's similar to Sigma in that when stacks are edited, YAML config files for AWS CloudFormation, using Serverless Application Model (SAM), are generated in the background. This allows CloudFormation to apply the stack configuration to the provider account.

Stackery integrates with AWS and GitHub, and also offers a command-line interface (CLI) that can be used instead of the web-based UI application or within an external CI/CD tool. The product also exposes AWS CloudWatch logs and metrics via its UI and CLI.

Tools for monitoring serverless applications

Creating and deploying a serverless application is only the beginning. The application needs to be monitored (or observed). The three pillars of modern monitoring are logging, metrics, and distributed tracing. This next set of products enhance or even completely replace capabilities offered by cloud platform providers. 

Dashbird

Focusing on monitoring and troubleshooting, Dashbird attempts to help operate serverless applications. It offers failure detection, analytics, and visibility for AWS Lambda-based solutions. The product integrates with AWS CloudWatch and AWS X-Ray to obtain logs, metrics, and traces. And it presents account-, service-, and function-level data on dashboards specifically crafted for serverless architectures.

Dashbird can detect failures in serverless applications based on configuration errors, metrics, and runtime errors. It integrates with Slack and email for alerting. The platform also supports navigating, searching, and live-tailing for logs from AWS CloudWatch, as well as fetching execution profiles from AWS X-Ray.

The product supports all runtime languages currently available on AWS—Python, Java, C#, Node.js, and Go—and doesn't require any code changes to start using it.

Epsagon

Where Dashbird leverages AWS's monitoring data, Epsagon delivers its own distributed tracing capability for serverless architectures, providing an AWS X-Ray alternative. The product offers auto-discovery of cloud resources and external APIs, as well as AI-supported root-cause analysis for easy troubleshooting.

Epsagon's UI presents data flow views based on the analysis of tracing data, and can provide an architecture view of resources involved in the execution of the flow, including third-party API calls. For each data flow captured and reported on by the platform, it's possible to obtain the status of the execution as well as details on individual steps within the flow. This includes the number of invocations and execution times or stack traces for errors.

The product integrates with AWS for resource discovery and for pulling additional metadata about function configurations, logs, and metrics.

IOPipe

Another company offering a bespoke observability stack for serverless architectures is IOpipe. The platform provides fine-grained and near-real-time visibility into applications built using serverless computing.

Metrics are collected at high resolution around each function invocation, including percentiles for outlier detection. Errors are reported with full stack traces, metrics, and logs. Additionally, distributed tracing can help troubleshooting slow steps in execution flows. Lastly, CPU profiling support is available for Node.js functions.

The platform supports Python, Node.js, Java, and Go runtimes and requires functions to be instrumented to capture and report monitoring data. It integrates with Slack, PagerDuty, email, webhooks, and AWS Lambda for alerting.

Tools for handling security

The next area where new products have emerged is serverless security. FaaS, being a managed environment, benefits from static security mechanisms such as access and execution policies. But there are still some gaps that the products listed below are trying to address.

Protego

Protego is an application security platform that targets full-lifecycle security, from deployment to runtime. The web-based UI application surfaces security-focused visualizations, including the security posture explorer, third-party vulnerability reports, and policy manager.

The platform combines cloud account scanning to detect and address problems with roles and permissions; an analytics engine using machine-learning and deep-learning algorithms to detect threats, anomalies, and malicious attacks; and runtime protection that inspects and filters function-input data.

The Protego platform supports AWS, Google Cloud Platform, and Azure, and functions using Node.js, Python, and Java runtimes. It also integrates with the popular Serverless Framework.

PureSec

The security platform offered by PureSec aims to provide an end-to-end security solution for serverless architectures. The platform supports the four top serverless vendors and provides security dashboards as well as the means to retrieve detailed forensic data to help with investigations into security incidents.

The platform can analyze functions while they are being built or packaged in your CI/CD tool to discover known vulnerabilities and misconfigurations. PureSec also provides runtime protection by means of a serverless application—scanning input data for injection attacks—as well as the behavioral protection engine, which leverages machine-learning algorithms to detect unauthorized interactions.

PureSec integrates with existing SIEM solutions to allow sharing security event information. To enable runtime protection, you must embed the PureSec library in the function code.

Build vs. buy: Your call

You don't have to just rely on the big platform vendors and the low-level building blocks they offer to get started with serverless. The smaller players and startups mentioned above have developed products that can help make the process easier. 

You have a choice: Invest the time and effort to build the serverless capabilities you need, or use these tools, which do some of that work for you, so you can get off the ground with serverless more quickly.