Morioh
Login
Dexter Goodwin

Dexter Goodwin

2 years ago

We spoke with Veselin Pizurica, CTO and co-founder of Waylay about the serverless paradigm. What concerns do enterprises have regarding serverless adoption and security issues, how can they achieve monitoring and observability of serverless applications, and how will the world of serverless evolve?

JAXenter: Hello Veselin and thanks for taking the time for our interview! Serverless is not the “new kid on the block” in the world of development anymore. Still, not that many enterprises have adopted the new paradigm already. Why is that?

Veselin Pizurica: It is correct that two different impediments are hampering serverless adoption. That is also confirmed and described in the  O’Reilly survey on serverless: Concerns, what works, and what to expect.

Everything starts with a rather simple idea of developing microservices and connecting different cloud functions, but in most cases that leads to eventual architecture complexity. Therefore we often see this being manifested as a problem of tracing and observability. The architecture complexity is often accompanied by a complex deployment model.

The second hindrance is related to nontechnical concerns and fear: fear of losing control, fear of vendor lock-in, fear of weak security, unpredictable cost etc.

Fear of (losing) ownership kicks in because you are delegating your application and business operation to someone else. Many big companies are offloading their workload into the cloud without knowing whether the total cost of ownership of the application will reflect their business goals. They will be charged per volume consumption, and hence their cost might skyrocket while their business is still in the early stages. As the cost is driven by the use of cloud microservices, cloud-native architects have also become responsible for the OPEX cloud cost.

SEE ALSO: Modernizing application development with serverless and Quarkus

JAXenter: You said that there are concerns regarding security. Can you give us a little insight into why the security aspect is problematic?

Veselin Pizurica: Attack vectors by hackers can be coming from all directions, either by trying to get into the network via compromised devices, by hijacking the login credential of the person with access to the application or by exploiting a weak/outdated security stack in the application.

Therefore each of these threats needs to be addressed carefully. Security and identity are extremely important aspects of any software solution. I mentioned identity separately, even though it is often seen as part of the Identity and Access Management (IAM). The reason is that in the IoT world, proving the identity of a device is not trivial.

#interview #cloud #security #serverless

"Serverless future will depend on the serverless orchestrator"

jaxenter.com

"Serverless future will depend on the serverless orchestrator"

“Serverless future will depend on the serverless orchestrator” We spoke with Veselin Pizurica, CTO and co-founder of Waylay about the serverless paradigm. How can they achieve monitoring and observability of “Serverless future will depend on the serverless orchestrator”

1.10 GEEK