Four years ago, Amazon Web Services (AWS) launched a revolution with the debut of its Lambda service. Rather than being an expansion of existing virtual machine services that provide cloud based servers, Lambda offered users a different promise: the promise of “serverless” computing.
What Is Serverless?
While Lambda is often referred to as a serverless service, what it actually delivers is functions-as-a-service. That is, users can execute a function without the need to first spin up their own server, container or virtual machine.
“What we’re actually seeing is that large enterprises are the ones that are really embracing serverless technology,” Werner Vogels, CTO of AWS, said during the aws:reinvent 2018 event. “The whole notion of only having to build business logic and nobody has to think about anything else, has truly driven the evolution of serverless.”
At the same event, Holly Mesrobian, Director of Engineering for AWS Lambda, provided a deep dive into how Lambda actually works. She explained that AWS Lambda is an event-driven service for code execution that is currently available in all 18 AWS regions. As a foundational service, she emphasized that Lambda is launched in every new region AWS launches.
“We build our systems behind the scenes to distribute load, scale up and down and detect and route around failures, so your engineers don’t have to,” Mesrobian said. “And of course, as we do that, we must preserve isolation and maximize utilization.”
Mesrobian said AWS Lambda already processes trillions of requests every month for hundreds of thousands of active customers.
One of the primary systems in the Lambda architecture is called a worker. It’s where AWS provisions a secure environment and enables the customer code execution.
Mesrobian explained that what the worker does is create and manage a collection of sandboxes and set limits on those boxes, such as memory and CPU available for function execution.
The worker downloads the customer code, announces it for execution, and also manages multiple language runtimes. The worker additionally executes the customer code through initialization and invocation, and finally it manages agents for monitoring and operational controls like AWS CloudWatch.
In order to help promote more isolation and security, AWS created the open-source Firecracker project, which provides a lightweight hypervisor isolation layer around Lambda functions.
At the top of the logical view of a worker host is customer code, which is what Lambda runs for its customers. Mesrobian commented that Lambda supports a number of languages and different runtimes including node, Python, Java, C# and more. Underneath the runtime is a sandbox that hosts the runtime, and underneath that is a guest operating system running Amazon Linux.
Underneath the guest operating system is a hypervisor and host operating system that the hypervisor runs in. And finally, AWS has the physical system hardware on which it all runs.
“So we have many accounts, each with their own micro VM running a single function,” Mesrobian said. “With this architecture, we’re able to run as many functions as we can provision on a worker and these functions can be from a single or multiple accounts.”
AWS Lambda is optimized on the AWS infrastructure for maximum utilization. Mesrobian said Lambda gathers a variety of workloads to drive higher utilization rates.
“The most efficient placement strategy is to pick the workloads that pack well together and minimize contention,” she said. “So it’s all about putting the workloads where we can get optimum hardware utilization.”
Sean Michael Kerner is a senior editor at ServerWatch and InternetNews.com. Follow him on Twitter @TechJournalist.