What's new in Serverless on Google Cloud Platform — DataXDay 2019

What's new in Serverless on Google Cloud Platform — DataXDay 2019

Quick introduction to Google Cloud Platform
The attributes of Serverless
The Serverless spectrum across the 3 key serverless comute products on GCP
Showcasing the demo application
Novelties around the new App Engine runtimes
New features of Cloud Functions
Introducing Cloud Run and Cloud Run on Google Kubernetes Engine
Cloud Run underpinned by the Knative open source building blocks for Kubernetes
Beyond serverless compute with Cloud Tasks and Cloud Scheduler

137d3908243acfc30e126615d59d4e6d?s=128

Guillaume Laforge

June 27, 2019
Tweet

Transcript

  1. What’s new in Serverless on Google Cloud Platform

  2. Guillaume Laforge Developer Advocate Google Cloud @glaforge

  3. @glaforge Google Cloud Platform

  4. @glaforge A big global network of data centers https://cloud.google.com/about/locations/

  5. @glaforge Machine Learning Cloud ML Platform Vision API Video Intelligence

    API Speech API Translate API NLP API Compute Compute Engine App Engine Kubernetes Engine Container Registry Cloud Run Cloud Functions Networking Cloud Virtual Network Cloud Load Balancing Cloud CDN Cloud Interconnect Cloud DNS Storage & Databases Cloud Storage Cloud Bigtable Cloud Datastore Cloud SQL Cloud Spanner Big Data BigQuery Cloud Dataflow Cloud Dataproc Cloud Dataprep Cloud Datalab Cloud Pub/Sub Genomics Management Stackdriver Overview Monitoring Logging Error Reporting Debugger Deployment Manager Developer Cloud SDK Deployment Manager Cloud Source Repositories Cloud Endpoints Cloud Tools for Android Studio Cloud Tools for IntelliJ Google Plugin for Eclipse Cloud Test Lab Cloud Container Builder Identity & Security Cloud IAM Cloud IAP Cloud KMS Cloud Resource Manager Cloud Security Scanner Cloud Platform Security Overview Panorama
  6. @glaforge Not Google’s new serverless data center

  7. @glaforge Serverless model(s) Operational Model Programming Model No Infra Management

    Managed Security Pay only for usage Service-based Event-driven Open
  8. @glaforge The Serverless spectrum

  9. @glaforge Serverless operational spectrum Managed by your cloud Container orchestration

    (k8s) Not serverless for programming or ops Container focused Infra managed by you Hosted FaaS/compute Easiest dev experience Code focused Limited runtime options Managed by your team Serverless anywhere Knative / Cloud Run on GKE On prem or multi-cloud Code or containers Custom hardware (GPU, TPU, IoT, etc) Offline You manage infra Serverless containers Custom languages & runtimes Infra still cloud-managed
  10. @glaforge Serverless “compute” on Cloud Platform App Engine Standard Highly

    scalable, serverless web applications. Deploy and scale Applications that react to Requests Cloud Functions Event-driven serverless compute platform. Deploy and scale Functions that react to Events Cloud Run Highly scalable, serverless stateless containers. Deploy and scale Containers that react to Requests
  11. @glaforge Demo: Sharing pictures

  12. @glaforge Demo: Sharing pictures pic-a-daily.appspot.com

  13. @glaforge Demo: Sharing pictures Event-driven logic Data storage User facing

    Frontend Web + API Admin app Picture files Picture metadata & most frequent tags Vision API annotations: Labels, color, filtering Via Pub/sub Compute most popular tags pic-a-daily.appspot.com
  14. @glaforge So what did we launch?

  15. @glaforge New idiomatic App Engine runtimes ◦ Python 3.7 (GA)

    ◦ PHP 7.3 (GA) ◦ Go 1.12 (GA) ◦ Node.js 10 (GA) ◦ Java 8 (11 in beta) ◦ Ruby 2.5 (in alpha)
  16. @glaforge Double the memory! 2x

  17. @glaforge App Engine Java 11 (beta) • Executable JAR support

    ◦ Servlet containers not required ◦ Choose your favorite web framework & libs • Custom entrypoint ◦ Full control on how to start your application ◦ Graal VM executables possible • More idiomatic ◦ No more class whitelist ◦ Runs in a gVisor based secured sandbox
  18. @glaforge ◦ General Availability with SLA ◦ Go, Node &

    Python ▪ Java in alpha ◦ Security & scaling controls ◦ Environment Variables Cloud Functions
  19. @glaforge New Go 1.11 runtime (1.12 in alpha)

  20. @glaforge Go 1.11, vendor & module friendly package hello import

    ( "fmt" "net/http" ) func HelloWorld(w http.ResponseWriter, r *http.Request) { fmt.Fprintf(w, "Hello, World!") } $ gcloud beta functions deploy hello --entry-point HelloWorld --runtime go111 --trigger-http
  21. @glaforge Node 8 with async / await const PubSub =

    require('@google-cloud/pubsub'); exports.helloPubSub = async (data, context) => { let ps = new PubSub(); try { const topicName = context.resource.name; const topic = ps.topic(topicName); const data = await topic.getMetadata(); const metadata = data[0]; console.log(`Metadata: ${JSON.stringify(metadata)}`); } catch(err) { console.error(err); } };
  22. @glaforge Java HTTP functions import javax.servlet.http.*; import java.io.*; public class

    Example { public void helloWorld(HttpServletRequest req, HttpServletResponse resp) throws IOException { PrintWriter writer = resp.getWriter(); writer.write("Hello world!"); }
  23. @glaforge Java background functions — Pub/Sub import java.util.*; import java.util.logging.Logger;

    public class Example { public void helloPubSub(PubSubMessage message) throws Exception { String data = new String(Base64.getDecoder() .decode(message.data.getBytes("UTF-8"))); // do something with data } class PubSubMessage { String data; Map<String, String> attributes; String messageId; String publishTime; }
  24. @glaforge Environment variables $ gcloud beta functions deploy fnNAme --set-env-vars

    FOO=bar $ gcloud beta functions deploy fnNAme --env-vars-file .env.yaml --update-env-vars FOO=baz --remove-env-vars FOO --clear-env-vars
  25. @glaforge Function scaling control Limit scaling on a per-function basis

    Prevents DoSing resources with different scalability $ gcloud functions deploy --max-instances=100
  26. @glaforge Security controls Control access to function invocation using IAM

    • Developers • Other functions or GCP services • End-users using Google Sign-In Set IAM policies on individual functions Private by default
  27. @glaforge Security controls $ gcloud functions add-iam-policy-binding fnOne \ --member='allUsers'

    \ --role='roles/cloudfunctions.invoker' $ gcloud functions add-iam-policy-binding fnTwo \ --member='fnOne@projectid.iam.gserviceaccount.com' \ --role='roles/cloudfunctions.invoker'
  28. @glaforge Per function identities By default, all functions share the

    same identity Identity can be set on a per-function basis to provide least privilege access
  29. @glaforge Per function identities $ gcloud iam service-accounts create fnOne

    $ gcloud iam service-accounts add-iam-policy-binding \ fnOne@projectid.gserviceaccount.com \ --member='serviceAccount:fnOne@projectid.gserviceaccount.com' \ --role='roles/cloudfunctions.invoker' $ gcloud functions deploy fnOne \ --service-account fnOne@projectid.gserviceaccount.com
  30. @glaforge Per function identities $ gcloud iam service-accounts create fnTwo

    $ gcloud iam service-accounts add-iam-policy-binding \ fnTwo@projectid.gserviceaccount.com \ --member='serviceAccount:fnTwo@projectid.gserviceaccount.com' \ --role='roles/cloudsql.client' $ gcloud functions deploy fnTwo \ --service-account fnTwo@projectid.gserviceaccount.com
  31. @glaforge Cloud Run Serverless Containers

  32. @glaforge Everything at Google runs in containers: Gmail, Web Search,

    Maps, ... MapReduce, batch, ... GFS, Colossus, ... Even GCE itself: VMs in containers Google launches 4 billion containers per week.
  33. @glaforge Serverless operational spectrum Managed by your cloud Container orchestration

    (k8s) Not serverless for programming or ops Container focused Infra managed by you Hosted FaaS/compute Easiest dev experience Code focused Limited runtime options Managed by your team Serverless anywhere Knative / Cloud Run on GKE On prem or multi-cloud Code or containers Custom hardware (GPU, TPU, IoT, etc) Offline You manage infra Serverless containers Custom languages & runtimes Infra still cloud-managed Serverless containers Custom languages & runtimes Infra still cloud-managed New!
  34. Serverless agility for containerized apps Cloud Run One experience, where

    you want it One developer experience Fully managed or Your GKE cluster Consistent APIs & tooling Portable with Knative Without vendor lock-in Natively Serverless No servers to manage Focus on writing code Scale up fast Scale down to zero Pay for exact usage Container to production in seconds Just "deploy" Any stateless container Any language, any library URL in seconds
  35. Cloud Run — Container contract • Stateless ◦ Don’t store

    data in a database ◦ Only an in-memory file system • HTTP payloads ◦ Listen on 0.0.0.0 on port $PORT ◦ Start an HTTP in < 4 minutes • Concurrency ◦ Up to 80 concurrent requests • Linux 64 bit binaries ◦ x86_64 ABI format
  36. Cloud Run — Pay per use CPU / Memory /

    Requests 100ms
  37. @glaforge Knative Cloud Run on GKE

  38. @glaforge Serverless operational spectrum Managed by your cloud Container orchestration

    (k8s) Not serverless for programming or ops Container focused Infra managed by you Hosted FaaS/compute Easiest dev experience Code focused Limited runtime options Managed by your team Serverless anywhere Knative / Cloud Run on GKE On prem or multi-cloud Code or containers Custom hardware (GPU, TPU, IoT, etc) Offline You manage infra Serverless containers Custom languages & runtimes Infra still cloud-managed New! Serverless anywhere Knative / GKE serverless addon On prem or multi-cloud Code or containers Custom hardware (GPU, TPU, IoT, etc) Offline You manage infra
  39. Cloud Run — Managed vs on GKE Cloud Run (fully

    managed) • Fully serverless • No cluster to manage, minimal ops • Pay for what you use • Limited instance sizes Cloud Run on GKE • Serverless developer experience • Runs in your GKE cluster, K8S ops • Custom machine types (CPU/GPU/Mem)
  40. @glaforge Knative — Serverless building blocks on Kubernetes Kubernetes-based building

    blocks for serverless workloads Build Serving Events
  41. @glaforge Knative — Partners

  42. @glaforge Cloud Run on GKE with Knative

  43. @glaforge $ gcloud run deploy --image gcr.io/... Deploy on Cloud

    Run
  44. @glaforge $ gcloud run deploy --image gcr.io/... --cluster my-cluster Deploy

    on Cloud Run on GKE
  45. @glaforge Icing on the planet cake

  46. @glaforge Cloud Tasks • Manage distributed task queues • Decouple

    and scale microservices • Manage resource consumption • Handle releases gracefully cloud.google.com/tasks/ New!
  47. @glaforge Cloud Scheduler • Enterprise grade cron job scheduler •

    Schedule batch, big data jobs, cloud infra ops... ◦ Invoke Cloud Functions over HTTPS or Pub/Sub ◦ Invoke App Engine on a relative url handler • Manage all your jobs from one place cloud.google.com/scheduler New!
  48. @glaforge Q & A Serverless on Google Cloud Platform cloud.google.com/serverless

    App Engine Java 11 cloud.google.com/appengine/docs/standard/java11/ Cloud Functions Java beta bit.ly/gcf-java Cloud Run cloud.run Knative github.com/knative
  49. @glaforge Serverless on Google Cloud Platform cloud.google.com/serverless App Engine Java

    11 cloud.google.com/appengine/docs/standard/java11/ Cloud Functions Java beta bit.ly/gcf-java Cloud Run cloud.run Knative github.com/knative Thank you / Q & A