How to design a serverless backend in 2026
How to design a serverless backend in 2026
To design a serverless backend in 2026, pick a runtime model first (functions-as-a-service, container-on-demand, or always-warm), match the platform to your traffic shape, and solve the database-connection problem before you ship a single endpoint. Cloudflare Workers, AWS Lambda, and Cloud Run each win different fights. The mistake most teams make is choosing by reputation instead of load profile.
Serverless used to mean Lambda. In 2026 it means a spectrum of execution models, and the right answer depends on three numbers: requests per second, p99 latency budget, and how many concurrent database connections you can afford.
What "serverless" actually means in 2026
The word covers three distinct architectures now, and conflating them is how teams end up with $40,000 monthly bills they did not plan for.
Functions-as-a-Service (FaaS). Per-invocation execution: AWS Lambda, Cloudflare Workers, Vercel Edge Functions, Google Cloud Functions, Azure Functions. You ship a handler, the platform spins up an environment per request (or reuses a warm one), and you pay per millisecond of compute.
Container-on-demand. You ship a Docker image, the platform scales it from zero to N replicas, and you pay per vCPU-second while traffic is live. Google Cloud Run and Fly Machines are the two serious options. This is the category that quietly ate most of FaaS's mindshare in 2025 because it removes the "edge runtime constraints" tax without giving up scale-to-zero.
Always-warm serverless. Lambda Provisioned Concurrency, Cloud Run min-instances, Fly Machines with auto_start_machines = false. Same billing model, but at least one instance is always running so you trade cost for sub-50ms p99.
When a junior engineer says "let's go serverless," ask which one they mean. The architectural and cost implications diverge fast.
The five platforms that matter
Most posts list 12 platforms. In practice, five of them carry 95% of new backends:
- AWS Lambda + API Gateway. The default for AWS-native shops. Deepest ecosystem (Step Functions, EventBridge, SQS, DynamoDB Streams), 15-minute max execution, broad language support.
- Cloudflare Workers. V8 isolates running on 310+ POPs. Fastest cold starts in the industry. Best for global APIs, edge auth, and middleware.
- Vercel Edge Functions. Tied to Next.js DX. Great for ISR, route handlers, and middleware. Less compelling as a standalone backend.
- Google Cloud Run. Container-on-demand, scales to zero in seconds, 60-minute max execution, brings any language or framework that runs in Docker.
- Fly Machines. Container-on-demand with persistent volumes and global Anycast. The pragmatic choice for WebSocket-heavy or stateful backends that still want serverless billing on the periphery.
Cold-start reality: the numbers, not the marketing
Cold starts are the single most over-discussed serverless topic. They matter for synchronous user-facing requests. They are mostly irrelevant for queue workers, webhooks, and scheduled jobs.
Real numbers we measured across customer accounts:
| Platform | Cold start (p99) | Max execution | Pricing (1M requests) | Best for |
|---|---|---|---|---|
| Cloudflare Workers | <5ms | 5 min CPU | $0.30 (after 10M free) | Global APIs, edge auth |
| AWS Lambda | 100-500ms | 15 min | $0.20 | AWS-native, heavy compute |
| Vercel Edge Functions | ~10ms | 30s | Bundled w/ Vercel plan | Next.js apps, ISR |
| Google Cloud Run | 1-3s | 60 min | Per vCPU-second | Containerized backends |
| Fly Machines | 300ms-2s | Unlimited | Per-second VM | Stateful, WebSocket, GPU |
The Workers number sounds too good to be true and it is, but only in a specific way. Workers cold-start a V8 isolate inside an already-running V8 process, which is genuinely sub-5ms. Lambda cold-starts a microVM (Firecracker), which is genuinely 100-500ms for Node and 1-3s for cold JVM. Lambda SnapStart cuts JVM cold starts to under 200ms but adds operational complexity.
If you are wondering why your "serverless" Cloud Run service feels slow on first request, that is the container pull plus app boot. Set --min-instances=1 and the cold start vanishes. So does scale-to-zero billing.
The cost crossover most posts hide
The honest version no SERP result writes: serverless is cheaper below roughly 10,000 sustained requests per second. Above that, containers on EC2 or Cloud Run with min-instances usually win on raw infrastructure spend.
The math comes down to billing models. Workers charges per CPU millisecond. Lambda charges per GB-second of wall-clock time, including the time your function sits waiting on a database call. For an I/O-heavy function with 170ms wall-clock and 5ms CPU, Workers is dramatically cheaper. For a CPU-bound function pegged at 100% for 200ms, the gap closes.
Above ~10k req/s sustained, you are running enough invocations that an always-on Kubernetes cluster (or even a few EC2 boxes) starts to undercut per-request pricing. This is the same story when teams migrate from Heroku to AWS: the platform tax disappears at a certain scale, but you absorb the operational tax instead.
The real cost is engineer time. A serverless setup that takes one senior engineer two weeks to build and zero to operate is cheaper than a Kubernetes cluster that takes one week to build and one day per week to babysit. Run that math before the infrastructure math.
The database-connection problem (and the fix)
This is where most serverless backends die in production. Every Lambda invocation can open a fresh Postgres connection. Postgres defaults to 100 max connections. Do the math: 200 concurrent Lambda executions and your database is refusing connections.
The fix is mandatory, not optional:
- Put a connection pooler between functions and Postgres. AWS RDS Proxy, Supabase Supavisor, or PgBouncer in front of self-managed Postgres. The pooler holds the real connections; functions get cheap pooled handles.
- Use a serverless-aware Postgres provider. Neon's serverless driver routes queries over WebSocket through a built-in pooler. Supabase ships Supavisor. Both eliminate the "manage your own pooler" step.
- Consider HTTP-based drivers. Neon, PlanetScale, and Turso all expose HTTP query endpoints. No connection pool, no socket lifecycle, just a REST call. This is the only sane path for Cloudflare Workers + Postgres unless you use Cloudflare Hyperdrive (their managed pooler that fronts any Postgres).
If you are running on Workers and reaching for raw pg, stop. Either Hyperdrive or an HTTP driver. The TCP socket API works but you will end up writing your own pooler eventually.
This problem compounds with multi-tenancy in SaaS, where a single tenant's traffic spike can monopolize the connection pool and starve every other tenant's queries.
Edge-compatible code: what you can and can't ship
Edge runtimes (Workers, Vercel Edge, Deno Deploy) run a constrained subset of Node. You get Web Standards APIs (fetch, Request, Response, crypto.subtle, URL, URLPattern) and lose most Node-only modules (fs, child_process, native bindings, anything that touches the OS).
Practical implications:
- No
pgraw. Use Neon serverless driver, Supabase JS client, or Hyperdrive. - No native crypto libraries.
crypto.subtlecovers AES, RSA, ECDSA, HMAC, SHA. If you need argon2, use a WASM build or move that route off the edge. - No file system. S3, R2, or in-memory only.
- Bundle size is real. Workers caps at 1MB on free, 10MB on paid (after compression). Heavy npm packages like Stripe SDK, AWS SDK v2, or Puppeteer will not fit.
The cleanest pattern in 2026 is Hono (or H3, or Elysia). One handler that runs on Workers, Bun, Deno, Node, and Lambda with zero changes. Pick your runtime later, swap when traffic shifts.
Observability that actually pays off
Serverless makes observability harder, not easier. You lose the ability to SSH into a box and grep logs. Three things you cannot ship without:
Per-invocation structured logs. CloudWatch for Lambda, Workers Logs (or Logpush to R2), Axiom, or Datadog. Use JSON, never plaintext. You will grep request_id 100 times this year.
Cost-per-route tracking. Baselime, Datadog Serverless, or roll-your-own from CloudWatch metrics. The single most useful chart in any serverless backend is "cost by route." It will reveal that one webhook endpoint eating 60% of your bill, every time.
Distributed tracing. OpenTelemetry from day one. Trace IDs propagate across Lambda invocations, Workers calls, and DB queries. Without this, debugging a "why is this request slow" issue across three services and a queue is impossible.
If you are still using console.log in 2026, your future self will hate you when traffic 10x's.
When NOT to go serverless
Serverless is the wrong tool for at least four workloads:
- Long-running jobs. Lambda caps at 15 minutes. Workers caps at 5 minutes of CPU. If your job is video transcoding, ML training, or a 30-minute report generation, run it on Cloud Run (60 min), Fly Machines (unlimited), or a worker fleet.
- WebSocket-native workloads. Lambda + API Gateway WebSockets technically works and is operationally painful. Use Cloudflare Durable Objects, Fly Machines, or a long-lived Node service on Cloud Run with min-instances.
- GPU workloads. Modal, Replicate, Banana, or RunPod. Lambda has no GPU. Workers has no GPU. Cloud Run has GPU SKUs as of 2025 but the cold start is brutal.
- Heavy stateful processing. Anything that benefits from a long-lived in-memory cache, an index in RAM, or sticky sessions runs better on a regular VM.
Be honest about your workload. The cargo-cult "everything is serverless" architecture is how teams end up debugging 14 services for what should be a 3-endpoint monolith on Render.
A 2026 decision tree you can actually follow
Stop reading platform marketing. Walk through this:
- Traffic shape. Spiky and unpredictable? FaaS or container-on-demand. Steady at >10k req/s? Always-warm or VMs.
- Latency budget. Sub-50ms p99 globally? Workers or Vercel Edge with cache. Sub-200ms regionally? Lambda is fine.
- Data tier. Postgres-heavy? Cloud Run or Lambda + RDS Proxy. Key-value heavy? Workers + KV / D1 / Durable Objects. Search? Lambda + OpenSearch or Workers + Algolia.
- Who maintains it. Two-founder team pre-PMF? Cloud Run. Twenty-engineer org with AWS depth? Lambda. Edge-native global product from day one? Workers.
Three reference architectures that work in 2026:
- API + Postgres SaaS: Cloud Run with Hono + Drizzle + Neon. One Docker image, scale to zero, HTTP driver kills the connection problem. Move to always-warm at $5k MRR.
- Edge auth + analytics: Workers + Hono + Hyperdrive in front of Supabase Postgres. Sub-20ms p99 globally, cents per million.
- Background jobs + webhooks: Lambda + SQS + EventBridge. Boring, cheap, near-zero ops. Pair with a Cloud Run service for the user-facing API if you want one place for product logic.
These patterns also apply when you scale an MVP to production: the architecture you ship at 100 users rarely survives at 100,000.
If you are choosing between hosting providers before you even pick a runtime, our writeup on the best deployment platforms for startups covers the same ground from the other direction. And if you are deciding between two specific edge platforms, our comparison of Vercel vs Cloudflare Pages is more useful than another marketing benchmark.
Common pitfalls
A short list of mistakes we see in production reviews every month:
- Cold-start panic. Optimizing Lambda boot time for a Slack webhook that fires twice an hour. Wasted week.
- Logging to stdout in plaintext. You cannot grep, filter, or alert. Always JSON, always with
request_id. - One giant Lambda. A 200-route Express app shoved into a single function. You lose per-route metrics, per-route memory tuning, and per-route IAM scope.
- Ignoring egress. Workers, Vercel, and Lambda all bill egress differently. A naive image-proxy can quintuple your bill in a month.
- No timeout discipline. Default Lambda timeout is 3 seconds. Default Workers CPU limit is 30 seconds on free. Set them explicitly.
How Cadence helps if you need hands
If you have read this far and you are eyeing a serverless migration without the headcount to run it, this is exactly the work a senior Cadence engineer handles inside a 48-hour trial. Senior tier at $1,500 per week covers architecture decisions, the runtime model choice, and the database-connection plumbing that breaks in production. Every engineer on the platform is AI-native by default (Cursor, Claude Code, and Copilot are baseline tools, vetted in the voice interview before they unlock bookings), so the typical pace is faster than a recruiter-sourced contractor.
We have a 12,800-engineer pool and a 27-hour median time to first commit, which means you can have someone running a serverless audit on your stack by Wednesday.
Want a no-pitch second opinion on your stack first? Audit it for free with Ship or Skip, our honest grader for backend architecture decisions. It tells you what to keep, what to rip out, and what to outsource.
FAQ
Is serverless cheaper than running my own servers in 2026?
Below roughly 10,000 sustained requests per second, yes. Above that, containers on EC2 or always-warm Cloud Run instances usually win on raw infrastructure spend. Factor in engineer time and the crossover moves higher for small teams.
What is the worst part of serverless backends?
Database connections. Stateless functions open a fresh connection per invocation, which exhausts Postgres pools fast. Use RDS Proxy, Neon, Supabase pooling, or an HTTP-based driver before you scale past a few hundred concurrent invocations.
Can I run Postgres with Cloudflare Workers?
Yes, via Hyperdrive (Cloudflare's managed connection pooler) or an HTTP-based driver like Neon's serverless driver. Direct TCP from Workers requires the TCP socket API, which works but means you write your own pooler eventually.
When should I avoid serverless entirely?
Long-running jobs over 15 minutes, WebSocket-heavy workloads with persistent state, GPU inference, and any latency-critical service where p99 cold starts cost you revenue. For these, reach for Cloud Run with min-instances, Fly Machines, or a regular VM.
FaaS or container-on-demand for a new SaaS in 2026?
Container-on-demand (Cloud Run or Fly Machines) is the safer default for most new SaaS backends in 2026. One Docker image, scales to zero, no edge-runtime constraints, and you can move hot routes to Workers later if latency demands it. FaaS first only makes sense if your traffic is genuinely event-driven (webhooks, queue workers, scheduled jobs).