Serverless Roadmaps: Monitoring, Security, Frameworks, Tools

8 Nov 2018 6:00am, by

The platforms that run serverless workloads are just one aspect of a larger ecosystem of tools to manage and monitor applications throughout the software development lifecycle. Although many solutions are open source, there is a strong influx of companies hoping to profit as enterprises move serverless application into production environments. This article uses survey data to show which tools are seeing adoption by those using serverless architectures.

Frameworks make it easier to develop and deploy applications. The most popular framework in our survey was Serverless Framework by Serverless, Inc., which can be used on many different cloud platforms. Serverless, Inc. has found some success translating its early lead into adoption of another oft is offerings, Event Gateway, which routes events and assists with API development. We found that seven percent of current Serverless Framework users already deploy Event Gateway, with another 20 percent planning to do so in the next 18 months. The second most commonly mentioned framework only helps with AWS-centric development, the Server Application Model, from Amazon Web Services.

As we previously reported, 62 percent of everyone with expecting to use a serverless architecture say they will be writing functions using Python. Thus, it is not surprising that Python-specific tools like Python Lambda and AWS Chalice made significant showings on serverless roadmaps.

This data comes from a survey on in our “Guide to Serverless Technologies” eBook, which describes some of the challenges faced in monitoring serverless applications as well as their impact on enterprises’ security posture.

For monitoring, we found that cloud provider’s own tools were commonly used to monitor applications, with Amazon CloudWatch used by 88 percent of respondents with live AWS Lambda. implementations. Although Microsoft’s Azure Application Insights and Google’s Stackdriver were not offered as answers in the survey, many respondents made the effort to mention these tools in an”Other” box.

Other write-ins, like New Relic and Prometheus, fall into the category of more general monitoring tools that are starting to look at serverless applications. The survey itself asked about tools purpose-built for serverless use cases, such as Epsagon, Thundra and CloudZero, but there does not appear to be a clear-cut favorite among this group. The same thing can be said about the security solutions — Snyk and Twistlock are the leading tools being used, but overall adoption rates are low enough that competitors have a chance to catch up.

In-depth coverage on some of the technologies mentioned in this article can be found in these articles:

Interpreting the Data

As with most web-based surveys, this study does not claim to accurately describe market share. Instead, it just describes the current state of adoption among the 382 respondents that say they are using or planning to use serverless architecture in the next 18 months. High levels of future consideration are sometimes the result of brand recognition as opposed to concrete plans to use a specific product or service.

The New Stack took steps to limit the amount of vendor influence on the survey. For example, responses from identical companies or IP addresses were excluded from the study. Furthermore, UTM codes were used to track which respondents learned of the survey via a vendor. Although a few vendors may have received a one percentage point bump due to these respondents, this had a marginal impact on the total “in use + in plan” figures.

The full data set for the survey results is available online.

Stackery, Twistlock and New Relic are sponsors of The New Stack

Feature image via Pixabay.

This post is part of a larger story we're telling about serverless technologies.

Get the full story in the ebook

Get the full story in the ebook