Gotta Go FaaSt: Rapid Go RESTful development with fission.io

Transcript

1. Gotta Go FaaSt: Rapid Go RESTful Development with Fission.io Chris

   Donaher Senior Site Reliability Engineer at Endgame

2. What does this guy do at Endgame anyways? • Helped

   build our malware processing pipeline in Kubernetes • Ingest and processes millions of malware samples • Trains the Endgame MalwareScore classifier • Work on ensuring that Endgame’s Cloud and SMP efforts are stable and performant • Automate and standardize repeatable deployments as much as possible. Add monitoring and stats and stuff

3. This presentation will cover: • What is FaaS? • What

   makes a program a good candidate to run in FaaS? • What is Fission.io? • Walkthrough of Fission.io design • Example/Demo • Q&A

4. What’s All the FaaS About? • FaaS (or Functions as

   a Service) allows developers to abstract the deployment of small programs or functions away from the hardware on which they run • Resembles PaaS • Popularized by AWS Lambda -- “Run code without thinking about servers.” • Lowers the barrier of entry for developers to intuitively deploy and operationalize functions • People have opinions about Functions as a Service…

5. https://stackify.com/function-as-a-service-serverless-architecture/

6. https://serverless.com/

7. https://react-etc.net/entry/a-serverless-architecture-is-just-a-bunch-of-microservices-in-the-cloud

8. https://www.technologybreakingnews.com/2017/07/serverless-computing-what/

9. https://i1.wp.com/lukeangel.co/wp-content/uploads/2017/04/042617_1517_DockerServl3.png?w=1200

10. https://www.quora.com/What-are-some-good-uses-for-AWS-Lambda

11. So when should I use FaaS? • When your function

    is simple • When your function is stateless • When Throughput is more important than Latency • When Availability is more important than simplicity of deployment

12. Function is simple. What? • It has few dependencies •

    Its logic can be described in a quick sentence • It doesn’t require a complex environment

13. Function is stateless. What? • Doesn’t require shared access to

    database or cache* • Doesn’t require long-lived filesystem or process in environment

14. Throughput > Latency • Launching new functions can incur latency

    (cold start) • Throughput increases are achieved by launching more instances

15. Availability > Ease of Deployment • Compiling and running a

    program on a single machine is still easier than FaaS. (Anyone who tells you otherwise is lying.) • FaaS provides the ability to run your functions across many hosts without thinking about the underlying host stability.
16. None

17. What is Fission.io? • A framework for serverless functions on

    Kubernetes • Supports multiple target languages • As of writing: Golang, Nodejs, PHP, Python, Ruby, Perl, .NET, Binary via STDIN/STDOUT • FaaS-esque – builds containers at the function level, then keeps the containers up for multiple invocations • Closer to a PaaS than a true FaaS • Functions could be written to utilize statefulness between invocations

18. What is Fission.io? (Cont.) • Primary interaction method is RESTful

    functions • Also supports registering with Kubernetes events and queue tasking via NATS • Simple to set up and use • Easy to scale with a Kubernetes cluster, as well as to develop using minikube

19. http://fission.io/slides/fission-June2017-webinar.pdf

20. Simple to get started running fission (OSX) • Assumptions: •

    Helm – Used to install the charts that underpin the behavior shown in the previous slide • Minikube – Local Kubernetes instance to run Fission.io pods, deployments, etc. • Kubectl – CLI tool used to interact with Kubernetes
21. None

22. Golang functions in Fission.io • Built as golang plugin •

    https://golang.org/pkg/plugin/ • Defines a handler that is served via net/http • Compiled as *.so file and submitted as a package to Fission.io

23. 1 1 2 2 3 3

24. Demo • Will show an initial cold start as slow,

    then ab test the /hello endpoint • Will demonstrate building a new function as previously described, then upload it to fission in minikube

25. Miscellaneous Wrap-up • If you think steganography is cool, check

    out Amanda Rousseau’s talk on hiding malware in photos! • https://www.endgame.com/blog/technical-blog/instegogram-leveraging- instagram-c2-image-steganography • Fission.io is still fairly new, so I wouldn’t recommend it for production systems • The team is extremely responsive – I found an issue with the cli that impacted go functions, and they responded and PR’d the issue inside a couple of hours • https://github.com/fission/fission

26. Questions?