Interview: Google’s Kelsey Hightower on making sense of back-end vs front-end vs Edge

The Vercel-sponsored Next.js conference was on last week, and DevClass caught up with Kelsey Hightower, a Google Distinguished Engineer, and co-author (with Brendan Burns and Joe Beda) of Kubernetes Up and Running, now in its third edition. He is currently working on Cloud Run at Google, among other things. “My goal is to make serverless have the optionality of doing everything a VM can do, but all the benefits of serverless,” he tells us.

What was a Kubernetes guy doing at a front-end conference?

“It’s all connected,” Hightower says. “I’m an advisor to the Vercel team. When they first approached me about this, I said, what does a back-end guy have to do with front-end? But when I looked at their architecture, it’s not just another JavaScript framework. There’s this question of where do you put that customer experience in the web, do you put it all in the browser? Single page web apps? Or do you put it all in the back end and have this big long connection between the two to fetch the data? Since Vercel has this infrastructure component now, my worlds are colliding.”

This “infrastructure component” is the Edge Runtime, based on the V8 JavaScript engine also used in the Google Chrome browser, as well as an Edge content delivery network (CDN). The original Jamstack concept was to have static web pages which get dynamic content from microservices called from JavaScript. That has now evolved, to a multi-tier architecture, with some code running in the browser, some in serverless Edge functions, and some in more distant back end services. The idea is not unique to Vercel: CloudFlare Workers is similar and now open source, Node.js alternative Deno has its Deploy service, and Netlify has Edge Functions, for example. All use V8.

The concept is powerful, but also gives developers potentially difficult choices about how to design and secure their applications. What guides the decision about what code belongs in the browser, what to put in middleware, what to put in the back end?

“The thing that you can’t do in the back end is experience,” Hightower says. “It’s just not fast enough. When I log into that site, I want recommendation, I want personalizations, I want my profile, I want my color scheme to be respected. I can’t go all the way to the server and have it render another page. So now that logic has to be split.

“We went too far with single page web apps where everyone said, just throw in a bunch of JavaScript with as much logic as you can, and just leave the database to the back-end API. That got too heavy, too gnarly. Now people are saying, ‘maybe we overdid it. Maybe there should be an intermediate layer’. What we’re really talking about is caching logic.”

The back end though is still necessary for business-critical functions. “You want to buy something from an ecommerce site? We’re not doing that on the edge. I need to go back to my system of record, consult my inventory, make a decision. But maybe we push the order history to the edge,” says Hightower.

In this new web stack, what is the role of WebAssembly (Wasm) and V8 Isolates, V8 instances which have some of the characteristics of lightweight containers?

“I remember browsers before we had tabs,” Hightower tells Dev Class. “Browsers were dangerous because one browser session can mess with another and people started to exploit that and steal data. Chrome comes along and now we get V8 that creates a strong sandbox, and more important, rules for engagement. You can still do arbitrary things on your website, but these are the things we think are unsafe.

“So if you take that logic, and if the web is becoming the computer, and most of this stuff is just HTTP interactions, then we don’t need a whole computer to do that any more. You can take V8 out of Chrome and stick it in the CDN, and take that web request, and let people run Wasm instances in a shared context without them violating each other. It’s a natural progression.

“I think V8 is not going to take over containers, because containers are containing something different. Things that can talk generically to kernels and custom hardware like TPUs [Tensor Processing Unit] for machine learning. But for 90% of the stuff we’re doing, let’s be honest. We don’t need a whole computer to do it. This is why people are excited about Wasm. It solves some of the security concerns, it’s had about 20 years of proving safety in the browser context, and now we’re about to experience it on the server side.”

All that said, there was a lot of talk at Next.js conf about the developer experience and how poor it can be. Dealing with the components of a modern web application, CSS, JavaScript, images, HTML, is “one of the worst developer experiences in the world,” Hightower says. Another common question from developers was how to debug these new multi-tier applications.

Security is another issue. “Most developers have no idea how to create credentials, manage credentials, rotate those credentials, so we end up carrying ticking time bombs throughout our systems … we are trying to move to new identity standards, where identity is part of the application deployment,” he says.

It is early days for this new style of multi-tier application, and developers can expect some bumps along the way.