You are here

You are here

An essential guide to the 2019 serverless ecosystem

Rafal Gancarz Principal Software Engineer, Callsign

Serverless computing has been maturing gradually. Large platform providers have released tons of new capabilities over the last few years, and small startups are offering new products that can help your organization start its serverless journey more easily. It's no wonder that more and more companies are exploring and investing in serverless technologies.

Here's a refresh of our essential guide to serverless for 2019.

Serverless platforms

The serverless landscape is still dominated by five major platform providers. These vendors offer a comprehensive set of services you can use to build serverless architectures, and their platforms provide the best foundation for creating full-fledged serverless systems. These vendors are the following.

Amazon Web Services

Amazon was the first major cloud provider to roll out functions-as-a-service (FaaS) capability, in the form of AWS Lambda. (In a serverless architecture, code is implemented as functions, or events.)

The power of a serverless platform is determined to a substantial degree by the number and quality of capabilities you can leverage within it. On AWS, an ever-expanding array of services can trigger functions. These include notifications from S3 buckets, HTTP requests from API Gateway and Application Load Balancer, record changes in DynamoDB tables, messages arriving on SQS queues, SNS topics, and Kinesis streams or emails received by Simple Email Service (SES).

You can use AWS Lambda functions to power IoT back ends, Alexa skills, conversational bots using Lex, and workflows with Step Functions. And the FaaS compute approach is pushing its way into other execution environments, such as in functions to augment the behavior of CloudFront, Amazon’s content delivery network, and even into IoT devices, with AWS Greengrass.

You can customize AWS CloudFormation by creating custom resource types, powered by Lambda functions, that can execute any special logic required to configure the infrastructure stack. AWS CodeCommit, the managed Git repository hosting service, can trigger functions when a branch or a tag is created, or when a push is made to an existing branch.

AWS CloudWatch

As with any other distributed system, building serverless architectures requires excellent support from IT operations. AWS Lambda integrates seamlessly with CloudWatch, AWS's monitoring and logging service. Besides providing out-of-the-box log aggregation and metric collection, CloudWatch lets you use Lambda functions to customize the platform's operational capabilities.

Functions can be triggered by:

  • CloudWatch events: Functions can react to events within an AWS account and/or be scheduled to execute periodically.
  • CloudWatch log streams: Functions can be used for log stream processing.
  • CloudWatch metric alarms: Functions can execute custom logic in response to alarms via Simple Notification Service (SNS).

Amazon's X-Ray, an analysis and debugging tool, supports AWS Lambda so you can monitor and trace complex data flows.

Amazon Cognito also leverages functions as means to enable triggers on some events, such as dataset synchronization. Similarly, AWS Config allows you to use functions to evaluate whether resource configurations comply with custom config rules. And Kinesis Data Firehose can use functions to perform additional, custom processing before the data is sent to downstream services.

The identity and access control service AWS IAM, which allows you to define fine-grained access and execution policies, also provides the security model for Lambda and other services used for building serverless architectures on AWS.

Microsoft Azure

With Azure, Microsoft has invested heavily in the serverless space over the last two years. For instance, it created a completely new function runtime engine that offers more flexibility and supports a wider range of language runtimes than the previous model.

Azure Functions can be triggered by Azure Storage Blob notifications; HTTP (REST or webhook) requests; record changes in Azure Cosmos DB; events from Microsoft Graph, Event Grid, Event Hubs, or IoT Hub; and messages from storage queues and service bus queues or topics. Alternately, triggers can be based on a schedule.

For more complex flows spanning multiple functions, you can leverage the Durable Functions extension, which lets you write stateful functions where the extension manages state, checkpoints, and restarts. You can also integrate functions into workflows defined in Logic Apps.

Compared with AWS, Azure adopts a more structured configuration model for its functions. It allows input and output bindings to be attached to the function, greatly simplifying—or completely removing—the code required to integrate with other services from within the function itself. Contrast this with AWS, where the SDK must be used for any form of integration.

Similarly, Azure enables a few external integrations out of the box. For example, you can send text messages via Twilio or email messages using SendGrid.

Monitoring functions are integrated with Azure Monitor, Azure's observability service, that collects and aggregates logs and metrics from function executions. Security is delivered by Azure Active Directory, which allows a system-assigned identity to be attached to functions when they are created. Using that identity, it's possible to create access policies, including for accessing Azure Key Vault, which you can use to store sensitive data.

Google Cloud Platform

Google Cloud Platform (GCP) has fallen somewhat behind AWS and Azure in terms of serverless capabilities on offer. You can trigger Google Functions with Cloud Storage bucket notifications, HTTP requests, Cloud Pub/Sub events, a few types of Firebase events (Firebase is Google’s mobile-back-end-as-a-service platform), and in response to log messages in Stackdriver Logging.

Operationally, GCP provides well-integrated support for the functions in Google's Stackdriver monitoring service. As with AWS, logs emitted from Google Functions are automatically stored, in this case by Stackdriver. Logging and metrics are recorded by Stackdriver Monitoring, and GCP offers a Stackdriver Debugger that you can use to investigate the behavior of a function's code. That's quite helpful when troubleshooting.

GCP's security model is somewhat different from that of AWS, however, and it doesn't yet support fine-grained security policies.

IBM Bluemix/OpenWhisk

IBM Bluemix is a platform-as-a-service (PaaS) offering that includes Apache OpenWhisk, an open-source FaaS/serverless platform with capabilities similar to the offerings from the big three public cloud providers.

Because OpenWhisk is an open-source project, you have complete visibility into the workings of the FaaS platform, and it's extensible and customizable. When running Bluemix, you can run OpenWhisk on premises, in the cloud, or as a fully managed platform.

You can trigger functions (called "actions" in OpenWhisk) by way of HTTP requests, messages from Apache Kafka or Message Hub topics, changes in Cloudant NoSQL DB tables, scheduled events, or virtually any type of external system—provided that you've created an integration for it.

Composer, IBM's function orchestration tool, supports JavaScript/JSON-based workflow definitions that can embed executable code. You turn those into functions using a component called Conductor.

From an IT operations point of view, OpenWhisk focuses mostly on the visual presentation of activities associated with function execution but also allows command-line-interface-based polling for activity logs. Sadly, metrics, logging collection, and storage are not yet available, and the security model is not well defined or well documented. Developers may need to manage it explicitly, without a great deal of support from the platform.


Alibaba Cloud has emerged as a major player when it comes to serverless capabilities. Its FaaS product, Function Compute, supports several triggers for functions, including HTTP endpoints, object store notifications, and events from a content delivery network (CDN). It also allows messages from the MNS messaging service, records changes in Table Store (NoSQL database) or relational database, and logs entries from the Log Service or schedule-based invocations.

The platform supports observability, automatically collecting and aggregating logs and metrics from function invocations. The security model is based on access polices defined in Resource Access Management (RAM). 

Other FaaS platform choices

Many other products and projects are competing for a place in the serverless space. Some offer only FaaS capabilities (optionally with HTTP access to functions), while others provide a few other services, such as messaging or storage. Most started as backend-as-a-service (BaaS) providers and have rebranded themselves as serverless products. A few of note include:

  • Oracle, which supports Fn Project, an open-source, container-native serverless platform.
  • Red Hat, which provides Knative as the basis for its own FaaS offering, Openshift Cloud Functions.
  • Huawei Cloud, which offers a FaaS with several triggers, including notifications from object storage and messages from queues, topics, and streams—or from an API gateway. 
  • Binaris' FaaS platform, which supports Node.js and Python runtimes.
  •, which offers a FaaS product called IronWorker, as well as the IronMQ distributed queue service and IronCache caching service.
  • Cloudflare Workers provides a lightweight JavaScript execution environment on its global cloud network.
  • PubNub, which allows for arbitrary code, called blocks, to execute within real-time messaging flows while it takes care of managing the scalability of the compute stack.
  • Kitsune, which favors simple developer experience and lets you create dynamic websites or chatbots using HTML.
  • Zeit, which offers a platform for running single-page applications without the need to manage servers.
  • Twilio, which is beta-testing its own FaaS capability that supports a JavaScript runtime.
  •, a mobile BaaS platform that you can use for running arbitrary code. It's packaged as "webtasks" and offers good support for creating Slack bots.
  •, which is similar to in that it offers its own key-value data store, as well as integrations with many cloud storage services.

Run your own FaaS

If you are interested in using a FaaS abstraction but don't want to depend on third-party-managed platforms, you can choose from several tools that let you run your own FaaS on a container orchestration platform such as Kubernetes. These include:

  • Fission, the framework for serverless functions on Kubernetes. It supports any runtime (Python, Node.js, Go, C#, PHP out of the box) and HTTP, time, or message queue triggers. And Fission Worklows lets you create more complex flows that span many functions.
  • Fn Project, a container-native serverless platform, written in Go, that supports all runtimes and can run anywhere. Currently it supports triggering functions only via HTTP endpoint.
  • Funktion, another FaaS on top of Kubernetes, but keep in mind that it's been sandboxed and is no longer actively maintained. 
  • Microcule, a SDK/CLI that supports running arbitrary function code in 20 programming languages, in response to HTTP requests, by spawning Linux processes on demand. The platform doesn't run on Kubernetes and requires explicit compute resource management.
  • Knative, a Kubernetes-based platform to build, deploy, and manage serverless workloads, originally created by Google. The platform focuses on higher-level abstractions and supports pluggable components for logging, monitoring, and networking.
  • Kubeless, a Kubernetes-native FaaS framework that supports Python, Node.js, Ruby, PHP, Golang, .NET, Ballerina, and custom runtimes. It allows functions to be triggered by the Kafka messaging system and by HTTP events.
  • OpenFaaS, which allows you to turn any process for Linux or Windows into a function that can be run in containers through Docker Swarm and Kubernetes and which can be triggered via an HTTP endpoint.

Frameworks, libraries, and tools

The Serverless Framework, the most popular option, offers integrations with all major platform providers. Others to consider include (in alphabetical order): Architect (Node, AWS), Chalice (Python, AWS), Claudia.js (Node, AWS), Dawson (Node, AWS), DEEP (Node, AWS), Flogo (Go, AWS), Lambada Framework (Java, AWS), Python-Lambda (Python, AWS), Pulumi (Node/Python/Go, AWS/Azure/GCP/Kubernetes), Shep (Node, AWS), Sparta (Go, AWS), Spring Cloud Function (Java, AWS/Azure/OpenWhisk), and Zappa (Python, AWS).

Besides frameworks, there are many tools that can help you build and deploy functions or serverless architectures. For example, you can use HashiCorp Terraform as an alternative to your provider's own infrastructure-provisioning capabilities (such as AWS CloudFormation). Other popular tools for resource management include Apex, Gordon, and Kappa.


Several new products in the serverless space aim to help organizations adopt serverless technologies by supporting more streamlined development and deployment. These products also have more comprehensive capabilities around system observability and security that may heavily augment—or completely replace—the functionality that major platform providers offer.

Development and deployment

SLAppForge offers a web-based IDE for authoring serverless applications. It combines support for editing function code with configuring cloud resources that functions depend on.

Stakery focuses on infrastructure management. It lets you create and configure infrastructure stacks using a drag-and-drop UI editor, while generating Serverless Application Model (SAM) stack configuration files in the background.


Dashbird integrates with AWS CloudWatch and AWS X-Ray to fetch logs, metrics, and traces. It provides visualization dashboards designed for serverless architectures as well as analytics, failure detection, and log searching and tailing.

Epsagon has created its own distributed tracing capability as an alternative to AWS X-Ray. It visualizes data flows and provides an architecture view and the means to drill down into individual function invocations.

IOpipe has built a bespoke observability platform that combines logging, metrics, and tracing. It focuses on offering fine-grained and near-real-time visibility into serverless architectures.

Thundra has also developed a complete observability product for the AWS serverless platform, as a replacement for CloudWatch and X-Ray. It provides high-level summaries and detailed analysis views for functions and entire architectures.


Protego is an application security platform that offers cloud account scanning; an analytics engine that uses machine learning to detect threats, anomalies, and attacks; and runtime protection that inspects and filters a function's input data.

The PureSec security platform scans a function's library dependencies for known vulnerabilities and misconfigurations. It also provides runtime protection, scanning input data for injection attacks, and has a behavioral protection engine to detect unauthorized interactions.

Much more to choose from

The serverless ecosystem is showing signs of reaching maturity. Major vendors are now focusing more on enhancing existing capabilities and plugging gaps in their serverless platforms. Meanwhile, more of the proprietary elements in those platforms are being open-sourced and made available to the wider community.

Other players are trying to speed up standardization efforts by promoting vendor-agnostic solutions. Finally, a growing number of startups have taken on the big guys and now offer alternatives—and, often, superior products—providing yet more choice, driving more competition, and helping customers get off the ground with serverless technologies quicker. The list above gives you all of the resources you need to get started.

That's my list for serverless. What's in yours? If there's a tool I missed, please post it, along with your comments, below.

Keep learning

Read more articles about: Enterprise ITCloud