Open Source

Stressed about serverless lock-in? Don't be

Serverless looks like the most proprietary thing to happen to software, ever. But it actually offers significant freedom. Here's why.

CoreOS CEO Alex Polvi thinks Amazon Web Services (AWS) Lambda is "one of the worst forms of proprietary lock-in we've ever seen in the history of humanity." Which is to say he's not a fan. But fan or not, Polvi's position is also incorrect, at least insofar as day-to-day pillaging of IT freedom is concerned. In part, this is because open source serverless options like Apache OpenWhisk have arisen to restore enterprise choice, but primarily, it is because the reality of lock-in is far more nuanced than Polvi allows.

It's shackles all the way down

But first, here's why Polvi has a point: As bad as traditional software lock-in might seem, it gets worse with cloud and is perfected in serverless. As Polvi has noted:

It's code that tied not just to hardware - which we've seen before - but to a data center, you can't even get the hardware yourself. And that hardware is now custom fabbed for the cloud providers with dark fiber that runs all around the world, just for them. So literally the application you write will never get the performance or responsiveness or the ability to be ported somewhere else without having the deployment footprint of Amazon.

Even when the code itself is open, the cloud makes it closed. Google Cloud, for example, makes much of its openness, especially compared to AWS. Yet when pressed on how any customer could hope to squeeze some openness lemonade out of its hardware lock-in lemon, Google's Miles Ward advised that "all" that is needed is to "just lay a few thousand miles of fiber, snag a few atomic clocks, get GPS sorted, and, yeah, you're cool."

SEE AWS Lambda garners interest, production workloads as serverless world evolves (ZDNet)

This isn't to say that Google, Microsoft, and AWS are being disingenuous when they talk up open source. Rather, the reality is that open source means something a bit less than it once did if the only real way to replicate a cloud's open source software, particularly in the serverless realm, is to replicate all of its hardware, networks, etc.

Lock-in, indeed.

But look! A key

Given that, as Red Hat's Rich Sharples points out, "pretty much everything interesting in technology is happening in open source today and that's definitely true for serverless," it's not surprising that the open source world has come up with an open alternative to closed clouds. OpenWhisk, originated by IBM and joined by Red Hat, Adobe (my employer), and others, promises an "open source cloud platform that allows you to execute code in response to events at any scale," with "OpenWhisk handl[ing] the infrastructure and servers." In a sense, it allows enterprises to spin up their own mini-AWS Lambdas or Azure Functions.

Pretty cool.

Yet even without open source alternatives, it's not clear that enterprises are at risk of eternal servitude to the AWS lock-in beast. For one thing, as one commentator has pointed out, "if you follow best practices for architecting a Serverless application, then you'll break down your app into a series of micro services. Each of these has the potential to be ported without impacting the rest of the app." Oh, and AWS sells such services in millisecond-increments.

SEE: Open source big data and DevOps tools: A fast path to analytics applications (Tech Pro Research)

In short, yes, you might be "locked into" a microservice, but that's relatively painless compared to a traditional software model built on multi-year contractual lock-in (and software audits to ensure compliance). This is particularly true if you consider the alternative:

Lambda locks you into the AWS event model and deployment model. Yes you could move elsewhere by reimplementing the event model on top of some other messaging system and a scalable node.js runtime but it's a lot of work. [I]f you didn't use Lambda then you'd have had to do that work anyway, so in the event of a move you're no worse off and if you never have to move then you've saved.

This lock-in sounds better all the time.

Small wonder, then, that Expedia has seen its adoption of AWS Lambda climb 450% over the past year, according to its vice president of technology Subbu Allamaraju. Rather than fixate on software or hardware-level lock-in, he advises, enterprises should "embrace techniques like service orientation, asynchronous and decoupled communication patterns, micro-architectures, experimentation, failing fast, tolerance for mistakes, chaos engineering, constant feedback and continuous learning."

This approach turns serverless into a key to enterprise freedom, not lock-in. No open source license required.

screen-shot-2017-11-08-at-8-22-53-am.jpg
Image: iStockphoto/turk_stock_photographer

Also see

About Matt Asay

Matt Asay is a veteran technology columnist who has written for CNET, ReadWrite, and other tech media. Asay has also held a variety of executive roles with leading mobile and big data software companies.

Editor's Picks

Free Newsletters, In your Inbox