The Hidden Complexity of Serverless Platforms

A user taps a single "Deploy" button on a control panel, abstracting away the complex, tangled mess of infrastructure, wires, and cloud services in the background.

Modern websites are often built using serverless platforms which promise to eliminate most work associated with setting up and managing the infrastructure, these services also come with a lot of convenient features such as autoscaling and integrated CI/CD pipelines which work particularly well for developers building JAMStack websites.

JAMstack is a popular and modern architectural pattern for building websites and applications and it is probably one of the most secure, scalable and cost-effective, especially in the era of cloud services.

JAMstack stands for Javascript, APIs and Markup:

  • Javascript is responsible for dynamically updating the page content on the client side
  • APIs are responsible for providing the data and business functionalities
  • Markup is used for defining the structure of the application, usually created using static site generation (SSG)

Compared to dynamic websites which generate the page markup on each request, JAMstack shifts the content generation at build-time using SSG, the generated files are then uploaded to a server and paired with a CDN for efficient caching and delivery, finally client-side scripts dynamically update parts of a page by fetching data from an API.

Next.js, Astro and Eleventy are some of the most popular Javascript frameworks used for building JAMstack websites. There are also non-javascript based alternatives, Hugo for instance is a very popular static site generator written in Go which offers incredibly fast build times.

Although JAMstack websites might look simple and easy to deploy, the infrastructure powering one might be more complex that you think, especially if you are trying to build a production-grade solution with integrated CI/CD, monitoring, DDoS protection and auto-scaling.

The Advantages of JAMstack

JAMstack can be a very low maintenance and low-cost solution for hosting websites, especially when paired with “serverless” cloud services such as AWS S3 and Lambda.

In case you didn’t know what serverless means, it is a way of categorizing certain cloud services, in particular the so called PaaS, or Platform as a Service, which provides a managed environment where developers can deploy and run applications without worrying about the underlying infrastructure.

For instance, services like AWS S3 and Cloudflare R2 allow you to easily host static files. Adding a CDN in front of your cloud storage can greatly reduce latency, improve loading times and reduce egress costs. This setup is also extremely safe and virtually unhackable as the infrastructure is completely abstracted away by the cloud provider.

Services such as AWS Lambda and Cloudflare Workers allow you to create serverless APIs that can automatically scale and adapt to unpredictable traffic patterns. These services often come with very generous free-tiers, for instance AWS Lambda gives you 1 million free invocations per month, which can be extremely cost effective for low traffic websites.

If your website suddenly starts receiving a lot of traffic, the serverless API will automatically scale to meet the current demand without any manual interventions on the infrastructure configuration. (NOTE: In case the traffic gets consistently high and predictable, it might be worth migrating to long-running backend services using containers).

The All-In-One Cloud Platforms

Many cloud providers offer all-in-one solutions that allow developers to quickly build production-grade JAMstack websites. AWS Amplify, Github Pages, Cloudflare Workers and Netlify are examples of some popular services that make JAMstack sites really easy to set up and deploy in minutes.

These platforms typically include integration with git repositories, CI/CD pipelines for automated builds and deployments, global content delivery networks (CDNs) for fast content delivery, automatic SSL certificate provisioning, multiple environments, firewalls, DDoS protection, monitoring and observability, and the ability to deploy serverless APIs using functions.

This type of services provide a lot of convenience and a very low time-to-market as developers only need to integrate changes in the main branch of a git repository to see their changes deployed in a production-grade environment with built-in scalability, observability and security.

The Infrastructure Behind Serverless

When deciding which cloud service to use, it’s essential to consider various factors beyond just licensing and fees. We must also take into account the time invested in building and maintaining the software, staff salaries, and potential overall risks. Together, these direct and indirect elements form the total cost of ownership (TCO).

Choosing a PaaS solution such as AWS Amplify or Cloudflare Workers gives you ready made platforms that allows you to go live in minutes without having to know anything about infrastructure.

PaaS provides a lot of convenience at a higher pay-per-use cost, which can be very effective in some cases compared to building a custom solution from scratch or having to invest significant amounts of time and money in recruiting, training, development and maintenance.

To give you an idea of the convenience provided by these all-in-one solutions, let’s go through a high-level list of things required to build an equivalent JAMstack platform using individual AWS services:

  1. Create an S3 Bucket to host static website content.
  2. Add a CloudFront distribution (the CDN) in front of the S3 bucket
  3. Create a custom domain in Route 53 pointing to Cloudfront
  4. Create and provision the SSL certificate using ACM
  5. Configure the CI/CD pipelines using CodeBuild and CodePipeline to build and deploy the code automatically
  6. Create an API Gateway for hosting the serverless API.
  7. Implement each API endpoint using AWS Lambda
  8. Add AWS WAF to secure the API against common security threats
  9. Add AWS Shield to protect the API from DDoS attacks
  10. Configure Cloudwatch to collect logs and metrics
  11. Configure IAM policies and roles for all the above mentioned services

As you can see, a custom solution built using individual AWS services requires knowledge of multiple components and a higher effort, often measurable in weeks, compared to the “click to deploy” offering of the all-in-one services.

This complexity increases exponentially if we were to implement this type of architecture from scratch using non-managed services that just provide the bare infrastructure, known as IaaS, or Infrastructure as a Service, as we would now be responsible for:

  • setting up a VPC, or Virtual Private Cloud
  • configure public and private networks and their respective routing tables
  • define firewall rules using security groups
  • provision virtual machines using EC2
  • manually handle OS updates
  • learn about containerization and orchestration
  • create an ECS or Kubernetes cluster to manage containerized services with auto-scaling capabilities
  • setup load balancers, ingresses and DNS
  • design automated database recovery strategies
  • Configure the observability stack
  • install and manage event brokers and message queues for event based systems
  • design and deploy a scalable storage system with automated backups
  • manage server configurations with tools such as Ansible
  • and so much more…

This partial list shows just how complex it can be to build a custom platform having similar capabilities of serverless cloud services. The time investment to build such a platform is usually measurable in months.

IaaS gives you total control and flexibility over the infrastructure, demanding a deeper understanding of numerous components and requiring dedicated teams of experts to design, build and maintain. With IaaS you are now responsible for virtually every aspect of the infrastructure and the software running on it.

Conclusions

All-in-one services such as AWS Amplify or Cloudflare Workers provide a lot of convenience and greatly simplify the process of setting up production-grade JAMstack websites in minutes. This approach works very well for smaller organizations that need a low time-to-market, do not care about being tied to a single cloud provider and might find the pricing model of PaaS more convenient.

However, for larger organizations with stricter legal requirements, the increased control over a custom-built platform can be a more compelling alternative. When platforms are designed to be vendor-agnostic, it is possible to host them on any infrastructure provider or even in your own data centers.

While this approach demands a significant investment in time, usually months, and having large teams of specialists such as DevOps and Platform Engineers, it can ultimately represent a more strategic decision and a more cost-effective solution in the long term for very high traffic websites, as it allows you to avoid the higher costs associated with managed cloud services at high scale.

Ultimately, there’s no single “best” method for constructing JAMstack websites. Each approach, from all-in-one PaaS solutions to custom platforms built with IaaS or on-premise, comes with its own advantages and disadvantages. The optimal choice will depend on your available budget, time constraints, your team’s expertise and ultimately, the total cost of ownership (TCO).

Were you aware of the amount of complexity behind a serverless JAMStack website? Are you planning on moving to the cloud or start building your own scalable platform? I would love to hear from you and to talk about it.

Contact Me!