The Blog

Parler’s New Serverless Architecture

Calendar Icon 01.13.2021
aws-section-divider aws-section-divider

(Full credit to Alice Goldfuss for the absolutely incredible title.)

So, AWS booted Parler off of their service on the grounds that “calling for the assassination of elected officials was well outside the bounds of AWS’s acceptable use policy,” and half of the internet is suddenly an expert on reverse cloud migrations.

I’m going to ignore all of the political aspects of this and instead focus on the things I have experience with: cloud migrations.

I’ve done a number of data center to data center migrations, cloud to cloud migrations, and data center to cloud migrations. I know what it takes to do these things successfully when you have months to plan and every vendor on the planet is trying to land your business as opposed to getting rid of you as fast as humanly possible.

It’s both expensive and takes ages, so let’s dive in!

‘We didn’t use any AWS-specific services!’

This is never, ever true.

Let’s assume you did your best and didn’t take reasonable shortcuts like “ElastiCache is basically Redis, so we’ll just use that” and instead built everything you use on top of Linux instances—or even inside of containers, so you’re super portable. After all, this is what Kubernetes promises in return for its Gordian knot of complexity, right?

Are you sure you didn’t slip and come to rely on Amazon’s load balancers, S3 buckets, ACM for certificates, or IAM for controlling access to the environment? Good for you! You avoided all of those traps (no you didn’t).

Next, have you accounted for your provisioning process speaking to freshly spun EC2 instances—but also needing to speak to brand new PXE-booted servers in a data center? Have you remembered that AWS’s network is basically magic and you can get line rate from basically any instance to any other, but this will cause your top of rack switches to melt in a data center?

Get the Newsletter!

Get the latest AWS news, opinions, and tools all lovingly sprinkled with a bit of snark.

  • This field is for validation purposes and should be left unchanged.
Billie Leaning on Mailbox

Now, the economics!

Have you forgotten that you pay for EC2 instances by the second and can scale up to serve peak traffic and then scale down, but in a data center you've gotta provision for that peak traffic? You remembered that you have to pay for data center rack space, connectivity to the internet (a cross-connect within 30 days is “lightning fast,” since most facilities require 60 to 90 days of lead time), and servers either all up-front or with multi-year leasing contracts, yes?

In the best of times (read as: not during a global pandemic) server order lead times for multi-million dollar purchases from Dell and HP see 60-plus day lead times. Oh, and remember as well that the past decade of hosting has seen massive consolidation in data center vendors (Equinix, CoreSite, and Digital Realty Trust are the big three players in this space) who absolutely don’t want to host actual Nazis, so it’s going to be tough to find a vendor that’s “independent” enough to take Parler and has sufficient connectivity to the internet backbone to handle their traffic level without being saturated.

What a lot of the folks advocating for this think of when going through non-mainstream providers is in fact colocated space in one of the big data center operator's buildings. To pull this off, you'd have to find a data center that is independently owned and operated. This isn’t impossible, but it’s getting harder every year. You might ask the Pirate Bay how this is working out for them; they constantly have to relocate to new hosting, and the worst thing they do is copyright infringement.

Now to the ongoing care and feeding of your data center: You've of course planned for things as banal as "hard drive failures" that in AWS are theoretical curiosities and not a potential production-downing emergency if left unhandled, right? You get that things like DDoS mitigation, for example, require massive resources, bandwidth, and experience that you almost certainly don't have and can no longer procure thanks to every reasonable anti-DDoS provider banning you or ignoring your calls, correct?

You have? Great!

Now we're beyond the territory of "who will host you" and into the next step of higher-level services that we’ve all come to rely upon.

You've decided that your business model is "giving an unfiltered megaphone to some of the worst people in the world," so the fact that you're any company's customer is going to cut across their branding so severely that there's a great chance that they'll swear you to secrecy before agreeing to take you on–if they do at all.

Everything that you'd normally outsource—from MFA text messages to provisioning authentication to your corporate email service? None of the usual vendors will take your calls because they don’t want to have to answer to their own customers' angry emails and tweets.

This means all the “undifferentiated heavy lifting" that AWS was doing for you is now squarely your responsibility—and you have to get your application up and running in addition to all of that stuff. Sure, in 1998 we all had to do some variant of this. In 1998, most websites absolutely sucked, and "Slashdotting" was a constant concern that went away entirely because of companies like AWS and Cloudflare making their services available (you know, the companies that just banned you).

There are two schools of thought on my observation that this is going to take Parler months to implement, and the clear dividing line between which side someone comes down on is "have they done a cloud migration before?"

Even migrating from a data center to AWS takes ages—and AWS is hurling technical resources at you to make the path easier. Everything you've got in your data center absolutely exists in AWS, and the migration case studies that are marketing pieces designed to show how easy it is to move to AWS have timelines measured in months or years—not the hours or days Parler is hoping for.

You're overstating the difficulty!

It's pretty easy to move a tiny site from one provider to another; you can design an architecture on a whiteboard that shows high degrees of portability.

The trouble is that—here in the real world—each segment of that diagram has to be able to handle massive traffic because this isn’t just a toy problem being used in a systems architecture job interview. Within minutes of their relaunch, Parler would have to be able to handle a few million concurrent users.

The thundering herd problem has gotten a lot easier to manage with cloud infrastructure once you get your systems architecture and codebase set up to handle it. But in a data center environment, you’ve got to provision for peak traffic all the time; autoscaling isn’t a thing that is available to you in that environment.

Even folks moving from one AWS account to another (or between AWS regions) find that it's a delicate process that takes months in most cases. There's nuance and sharp edges at every step of the process, and you don't realize that until you've been down this road at least once. Anyone with that kind of experience and the technical expertise to architect a successful migration at this scale has many other options with regard to "potential workplaces" that don't extend to…this.

Even then, you're not quite out of the woods

Let's say you get to this point—which is by no means assured. At some point, if your content is horrid/objectionable/illegal enough, your upstream provider(s) will pull the plug.

"You're violating the AUP we have for all of our customers," they’ll say before disabling a router port. Suddenly, your site is no longer on the internet. Host content that's illegal enough, and before you know it your entire data center has been raided and your servers seized by the FBI (at which point they will generally fail to serve traffic entirely).

Fundamentally all of this is a massively heavy lift, and the headwinds will be against you the entire time. Now then!

Isn't this an argument for avoiding the cloud entirely?

No. My god, what's wrong with you?

If your business model extends to "AWS might turn us off for how thoroughly we violate their Terms of Service," great—you get to ignore the last 20 years of technical advancement because you have no other choice.

But I don't see building for "every cloud provider decided we were too objectionable to host" as a reasonable precaution for any sensible business case.

And to be frank, I'd be extremely cautious to work with anyone who raised such a concern as a serious consideration in the first place.

TL;DR

Parler is an unpleasant company that I do not respect in an unpleasant position that I do not envy.

aws-section-divider