Serverless on Your Own Terms Using Knative Context Serverless More Than Function Serverless Models

Serverless at Google @mchmarny

Serverless On Your Own Terms Using Knative Context Serverless more than Function Serverless Models

Operator

No Infra Management Managed Security Pay only for usage

Developer

Service-based Event-driven Open Serverless and Container Containers .js .rb .go

• Any Language

• Any Library .py .sh … • Any Binary

• Ecosystem of base images

0 1 0 1 0 0 1 1 1 Serverless with Portability Kubernetes

442 Years of effort* 5,500+ Contributors 55k+ GitHub stars Kubernetes for operators

Scheduling

Lifecycle and health

Naming and discovery

Load balancing

Storage volumes

Platform over Logging and monitoring underlying infrastructure i.e. GKE Identity and authorization Kubernetes for developers

Want to Have to Write code Build docker image locally Upload image to registry Deploy service Expose to the internet Setup logging & monitoring Scale workload... Knative Knative open source building blocks for serverless on Kubernetes

[kay-native] Knative Primitives

Developer-facing Products

Build Serving Events ...

Kubernetes Knative Momentum

v0.1 v0.3 v0.5 v0.7 Initial release Container resources spec Expanded Event API v1beta1 API Serving, Build Updated scale-to-zero strategy GRPC streaming HPA-based scaling Cluster-local services Non-root containers

July 18 Nov Jan 19 Feb Apr May July

Upgradable conﬁgs Serving Beta API Pluggable networking, Mounting Secrets Auto-TLS autoscaling, and caching GRPC, HTTP/2, WebSockets EventType CRD v0.2 v0.4 v0.6 Knative Community

v0.7 55+ >6K Predictable Contributing Pull Requests Releases Companies

~450 9 Individual Working Contributors Groups Knative Today

Google Cloud Run Red Hat OpenShift SAP Kyma Products Google Cloud Run on GKE IBM Cloud Kubernetes Service TriggerMesh

Primitives Serving Events Build Tekton ...

Platform Kubernetes Knative Install

Knative Stack Install Serverless Containers on GCF GKE Serverless Add-on SAP Kyma

LatestProducts releases: https://knative.dev/docs/install/Pivotal Function Service IBM Cloud Functions Red Hat Cloud Functions

Pivotal riff OpenFaaS T-mobile Jazz $ kubectl apply \ -f https://github.com/knative/serving/releases/.../serving.yaml \ -fPrimitives https://github.com/knative/eventing/releases/.../eventing.yamlBuild Serving Events ... \ -f https://github.com/knative/monitoring/releases/.../monitoring.yaml \ -f https://github.com/knative/build/releases/.../build.yaml Service Mesh Istio Optionally apply individual event sources and channel provisioners

Platform Kubernetes

Conﬁdential & Proprietary Install

$ gcloud beta container \ clusters create my-cluster \ --addons=Istio,CloudRun

Quick Start on GCP: bit.ly/cr-gke

Also available for: ● AKS ● Docker ● Gardener ● IKS ● Minikube ● OpenShift/Minishift ● PCS

Conﬁdential & Proprietary Config

$: kubectl get ns NAME STATUS default Active istio-system Active $: kubectl get cm -n knative-serving knative-build Active NAME DATA knative-eventing Active config-autoscaler 1 knative-monitoring Active config-defaults 1 knative-serving Active config-deployment 2 knative-sources Active config-domain 1 kube-public Active config-gc 1 kube-system Active config-istio 1

config-logging 1 config-network 6 config-observability 1 config-tracing 1 Conﬁdential & Proprietary Knative Features Knative Serving

Benefits Integrations

● Activates and scales based on ● Connect with other GCP request (up/down to 0 pods) services like Cloud Build and Stackdriver ● Manages code/configrevisions (updates, rollbacks, traffic splits) ● Extend with partner integrations like GitLab and ● Integrates service mesh Datadog (request path/services access control)

● Custom domains and SSL cert support Deployment

CLI release: github.com/knative/client kn service create service-name \ --image registry/image-name

Result: service-name.namespace.domain.dev Deployment kubectl apply -f service.yaml

# service.yaml apiVersion: serving.knative.dev/v1beta1 kind: Service metadata: name: service-name spec: template: spec: containers: - image: registry/image-name Deployment gcloud beta run deploy service-name \ --image=gcr.io/project/image-name

Other CLIs: knctl, os, ibmcloud Autoscaling Deployment Options

GitOps using Cloud Build, GitLab, Jenkins (e.g. branch or release triggers) github.com/mchmarny/maxprime/blob/master/deployments/cloudbuild.yaml

Local Build uses Dockerfile, deploy using gcloud docker build/tag/publish gcloud beta run deploy app --image=gcr.io/project/image

On-cluster Build (Build Templates or github.com/tektoncd/pipeline) kubectl apply -f build.yaml ko for quick iteration, no Dockerfile (golang only) github.com/google/ko ko apply -f config.yaml Day 2+

Service v1

v2 Knative Object Model

Service Route - named endpoint and a mechanism for routing traffic

Revisions - immutable snapshots

of code + config Route Configuration

Configuration - stream of environments for Revisions Revision 3

Service - top-level wrapper for managing Route/Configurations sets Revision 2

Revision 1 Simple Revision Management # List current revisions in demo namespace (filter on service name) kubectl get revisions -n demo -l serving.knative.dev/service=maxprime

NAME SERVICE NAME GENERATION READY maxprime-vq25k maxprime-vq25k-service 3 True maxprime-wtz1g maxprime-wtz1g-service 2 True maxprime-qtz5p maxprime-qtz5p-service 1 True

# Edit revision in service traffic section # (status/traffic[n]/revisionName) kubectl edit ksvc maxprime -n demo Blue/Green (deployment) apiVersion: serving.knative.dev/v1beta1 kind: Service metadata: name: bg namespace: demo 100% Service Revision spec: template: spec: containers: - image: gcr.io/knative-samples/knative-route-demo:blue

github.com/mchmarny/knative-demos/tree/master/blue-green-deploy Blue/Green (update) spec: template:

metadata: name: bg-2 100% - bg.demo.knative.tech ... Revision (bg-1) traffic: - tag: current Service revisionName: bg-1 Revision (bg-2) percent: 100 0% - bg-candidate.demo.knative.tech - tag: candidate revisionName: bg-2 percent: 0 - tag: latest latest Revision: true

percent: 0 github.com/mchmarny/knative-demos/tree/master/blue-green-deploy Blue/Green (traffic split)

...

traffic: 60% 50% - tag: current 40% 30% revisionName: bg-1 20% percent: 50 10% Revision (bg-2) - tag: candidate revisionName: bg-2 Service percent: 50 Revision (bg-1) - tag: latest 90% latest Revision: true 80% 70% percent: 0 60% 50% 40%

github.com/mchmarny/knative-demos/tree/master/blue-green-deploy Blue/Green (rollback)

... traffic: - tag: previous revisionName: bg-1 percent: 100 0% Revision (bg-2) - tag: current revisionName: bg-2 Service percent: 0 Revision (bg-1) - tag: latest 100% latestRevision: true percent: 0

github.com/mchmarny/knative-demos/tree/master/blue-green-deploy Usage Patterns

Public Service Internal Service • Website • Mobile backend • Backing Microservices • API endpoint • Webhook • Eventing Targets Request Path Demo

Kubernetes Cluster

Knative HTTPS Logo Service Vision API

HTTPS

User curl -H "Content-Type: application/json" \ -d '{"id":"test","url":"https://storage.googleapis.com/kdemo-logos/k8s.png"}' \ -X POST https://klogo.demo.knative.tech/ | jq "." Request Path Demo

Kubernetes Cluster

Knative HTTPS Logo Service Vision API HTTP HTTPS Frontend UI

HTTP User HTTPS User Service Firestore API

OAuth

demo Request Path Demo

Kubernetes Cluster

Knative HTTPS Logo Service Vision API HTTP HTTPS Frontend UI

HTTP User HTTPS User Service Firestore API

OAuth

github.com/mchmarny/kdemo Request Path Demo

Kubernetes Cluster

Knative Logo Service HTTPS Vision API HTTP (cluster-local) HTTPS Frontend UI (external) HTTP User User Service HTTPS Firestore API (cluster-local)

OAuth

github.com/mchmarny/kdemo Request Path

# github.com/mchmarny/klogo # service.yaml apiVersion: serving.knative.dev/v1alpha1 kind: Service metadata: name: klogo labels: serving.knative.dev/visibility: cluster-local ...

github.com/mchmarny/kdemo Knative Eventing

Benefits Loosely coupled

● Orchestrates on/off cluster ● Use existing event sources event sources available or build your own

● Binds declaratively event ● Plugable channel sources, triggers, and services provisioners (e.g. PubSub. Kafka, NATS, In-Memory) ● Scales from just few events to live streaming pipelines

● Uses standard CloudEvents (CNCF Project) Knative Event Sources

Name Description

Apache Camel Allows to use Apache Camel components for pushing events into Knative

Apache Kafka Brings Apache Kafka messages into Knative

AWS SQS Brings AWS Simple Queue Service messages into Knative

Cron Job Uses an in-memory timer to produce events on the specified Cron schedule.

GCP PubSub Brings GCP PubSub messages into Knative

GitHub Brings GitHub organization/repository events into Knative

GitLab Brings GitLab repository events into Knative.

Google Cloud Scheduler Google Cloud Scheduler events in Knative when jobs are triggered

Google Cloud Storage Brings Google Cloud Storage bucket/object events into Knative

Kubernetes Brings Kubernetes cluster/infrastructure events into Knative

Full lists: https://github.com/knative/docs/tree/master/docs/eventing/sources Knative Event Broker

- 1-n per NS by default Simple Broker

- Discoverable endpoint apiVersion: eventing.knative.dev/v1alpha1 - Manages kind: Broker metadata: ● Channels name: b1 ● Ingress ﬁlter/policy namespace: demo spec: {} status: address: hostname: b1-broker.demo.svc.cluster.local Knative Eventing Objects

Namespace

Source Trigger ingress subscribe Service (Callable) Events ﬁlter= ✓

Broker publish

Source Trigger ingress subscribe Service Events ﬁlter= (Callable) ✓ ✓ CloudEvents

FTP FTP Event Source

GitHub GitHub Event Source Broker

GCS GCS Event Source

CloudEvent { "specversion": "0.2", "type": "com.github.pull.create", "source": "https://github.com/cloudevents/spec/pull/123", "id": "A234-1234-1234", "time": "2019-04-08T17:31:00Z", "datacontenttype": "application/json", "data": "{ GitHub Payload... }" } Knative Event Trigger

Simple Trigger - Uses CloudEvents apiVersion: eventing.knative.dev/v1alpha1 - Supports Filtering kind: Trigger metadata: - Can produce new events name: build-status-slack-notifier spec: filter: sourceAndType: type: com.google.build.status subscriber: ref: apiVersion: serving.knative.dev/v1alpha1 kind: Service name: slack-sender

Build status Slack notifications demo: https://github.com/mchmarny/knative-build-status-notifs Twitter Broker (default) Event Source 1 2 3 4 query:knative type:com.twitter

Trigger Trigger Trigger Trigger e type filter: type filter: type filter: type filter: com.twitter com.twitter. com.twitter com.twitter .negative positive

Sentiment Slack Event Store om.twitter.positive

om.twitter.negativ Scoring Publishing c

Service c Service Service Event Viewer (WebSocket)

Knative

FireStore Slack Collection Channel Eventing (knative-tweets (#twitterback) )

Demo 1. Save all tweets 2. Classify tweets 3. Send negative to 4. Display positive for reference based on sentiment Slack for review tweets in UI bit.ly/kn-tw-event Knative Eventing Demos bit.ly/kn-event-samples

* Cron job source to wire up weekly report * Process IoT Core events (through PubSub) * GCP PubSub (connector to many other GCP event sources) * Actuate on Kubernetes events * GitHub Webhooks processing ... In Closing

Optimized Knative-based Products Experience

Primitives Knative

Infrastructure Kubernetes Docs, Blog, Community Source & Samples knative.dev github.com/knative

Quick Start Questions? bit.ly/cr-gke slack.knative.dev

Anything else @mchmarny Rate today's session, please

Session page on conference website O’Reilly Events App