Cloud Native Conference - Warsaw - Sep 9th, 2019

Transcript

1. Serverless On Your Own Terms Using Knative Mark Chmarny Serverless

   at Google @mchmarny

2. Context

3. Serverless more than Function

4. Operator No Infra Management Managed Security Pay only for usage

   Service-based Event-driven Open Serverless Models Developer

5. Serverless and Container

6. .js .rb .go .py .sh … 0 1 0 1

   0 0 1 1 1 Containers • Any Language, Library, Binary • Granular version control • Ecosystem of base images Common unit of workload description (Dockerfile) and delivery (Container Image)

7. Serverless with Portability

8. Portability Kubernetes Offered by virtually all Cloud Service Providers Knative

   Codifies serverless, broad contributor/user community

9. What is Knative?

10. Knative “Open source building blocks for serverless on Kubernetes” knative.dev

    [kay-native]

11. Confidential & Proprietary Knative Stack Build Serving Kubernetes Platform Products

    Primitives Events ... Serverless Containers on GCF GKE Serverless Add-on SAP Kyma Pivotal Function Service IBM Cloud Functions Red Hat Cloud Functions Pivotal riff OpenFaaS T-mobile Jazz Istio Service Mesh Knative Primitives Developer-facing Products Build Serving Kubernetes Events ...

12. Confidential & Proprietary Knative Stack Serverless Containers on GCF GKE

    Serverless Add-on SAP Kyma Knative Community 55+ Contributing Companies >6K Pull Requests ~450 Individual Contributors 9 Working Groups v0.8 Predictable Releases source: knative.teststats.cncf.io/d/8/dashboards

13. Confidential & Proprietary Knative Stack Serverless Containers on GCF GKE

    Serverless Add-on SAP Kyma Knative Today Products Google Cloud Run Red Hat OpenShift SAP Kyma Google Cloud Run on GKE IBM Cloud Kubernetes Service TriggerMesh Build Tekton Serving Kubernetes Platform Primitives Events ...

14. How to get Knative

15. Confidential & Proprietary Knative Stack Build Serving Kubernetes Platform Products

    Primitives Events ... Serverless Containers on GCF GKE Serverless Add-on SAP Kyma Pivotal Function Service IBM Cloud Functions Red Hat Cloud Functions Pivotal riff OpenFaaS T-mobile Jazz Istio Service Mesh # latest releases: https://knative.dev/docs/install/ $ kubectl apply \ -f https://github.com/knative/serving/releases/.../serving.yaml \ -f https://github.com/knative/eventing/releases/.../eventing.yaml \ -f https://github.com/knative/monitoring/releases/.../monitoring.yaml \ -f https://github.com/knative/build/releases/.../build.yaml Install

16. Confidential & Proprietary Install $ gcloud beta container \ clusters

    create my-cluster \ --addons=CloudRun Also available for: • AKS • Docker • Gardener • IKS • Minikube • OpenShift/Minishift • PCS Quick start: bit.ly/cr-gke

17. Confidential & Proprietary Config $: kubectl get ns NAME STATUS

    default Active istio-system Active knative-build Active knative-eventing Active knative-monitoring Active knative-serving Active knative-sources Active kube-public Active kube-system Active $: kubectl get cm -n knative-serving NAME DATA config-autoscaler 1 config-defaults 1 config-deployment 2 config-domain 1 config-gc 1 config-istio 1 config-logging 1 config-network 6 config-observability 1 config-tracing 1

18. How to use Knative

19. Knative Serving Functionality • Activates/scales workload based on request (up/down

    to 0 pods) • Manages revision code/config (update, rollback, split traffic) • Request path/services access control (manage service mesh) • Granular metrics, Custom domains, SSL support... Integration • Connect with other services like GCP Cloud Build and Stackdriver • Extend with partner integrations like Solo.io, GitLab, Datadog

20. Deployment (CLI) Knative CLI: github.com/knative/client kn service create service-name \

    --image registry/image-name Result: service-name.namespace.domain.dev

21. Deployment (YAML) kubectl apply -f service.yaml # service.yaml apiVersion: serving.knative.dev/v1beta1

    kind: Service metadata: name: service-name spec: template: spec: containers: - image: registry/image-name

22. Deployment (Google) gcloud beta run deploy service-name \ --image=gcr.io/project/image-name Other

    providers: knctl, os, ibmcloud

23. Autoscaling

24. GitOps using Cloud Build, GitLab, Jenkins git tag ...; git

    push origin ...; # branch or release trigger to build/push (github.com/mchmarny/maxprime) Local Build using Dockerfile, deploy using kn or gcloud docker build -t ...; docker push ... kn service create my-service --image=user:image:sha On-cluster Build using Tekton Pipelines (github.com/tektoncd/pipeline) kubectl apply -f task.yaml ko for quick iteration, no Dockerfile, golang only - github.com/google/ko ko apply -f config.yaml Deployment Options

25. Knative Serving Usage Patterns Public Service • Website • API

    endpoint Internal Service • Backing Microservices • Eventing Targets • Mobile backend • Webhook

26. Request Path Kubernetes Cluster Knative Logo Service Vision API User

    HTTPS HTTPS curl -H "Content-Type: application/json" \ -d '{"id":"test","url":"https://storage.googleapis.com/kdemo-logos/google.png"}' \ -X POST https://klogo.demo.knative.tech/

27. Request Path Kubernetes Cluster Knative Frontend UI Logo Service User

    Service Vision API Firestore API User HTTPS demo OAuth HTTPS HTTPS

28. Request Path Kubernetes Cluster Knative Frontend UI Logo Service User

    Service Vision API Firestore API User HTTPS demo OAuth HTTPS HTTPS

29. # service.yaml apiVersion: serving.knative.dev/v1alpha1 kind: Service metadata: name: klogo labels:

    serving.knative.dev/visibility: cluster-local ... Request Path github.com/mchmarny/kdemo

30. Request Path Kubernetes Cluster Knative Frontend UI Internal Logo Service

    Internal User Service Vision API Firestore API User HTTPS demo OAuth HTTPS HTTPS

31. Day 2-n Service v2 v1 Initial deployment Traffic

32. Knative Object Model Revision 1 Revision 2 Revision 3 Configuration

    Route Service Route - named endpoint and a mechanism for routing traffic Revisions - immutable snapshots of code + config Configuration - stream of environments for Revisions Service - top-level wrapper for managing Route/Configurations sets

33. # List current revisions in demo namespace (filter on service

    name) kubectl get revisions -n demo -l serving.knative.dev/service=maxprime NAME SERVICE NAME GENERATION READY maxprime-vq25k maxprime-vq25k-service 3 True maxprime-wtz1g maxprime-wtz1g-service 2 True maxprime-qtz5p maxprime-qtz5p-service 1 True # Edit revision in service traffic section # (status/traffic[n]/revisionName) kubectl edit ksvc maxprime -n demo Simple Revision Management

34. Blue/Green Revision Management Traffic Live Service Traffic # Initial state

    # Spin up “Blue” # version with # new code/features Live Service Traffic # Shift traffic over # from “Green” version # to new “Blue” version New Revision Live Service Old Revision (or Rollback)

35. apiVersion: serving.knative.dev/v1beta1 kind: Service metadata: name: bg namespace: demo spec:

    template: spec: containers: - image: gcr.io/knative-samples/knative-route-demo Blue/Green (deployment) Service 100% Revision Source: github.com/mchmarny/knative-demos

36. spec: template: metadata: name: bg-2 ... traffic: - tag: current

    revisionName: bg-1 percent: 100 - tag: candidate revisionName: bg-2 percent: 0 - tag: latest latest Revision: true percent: 0 Blue/Green (update) Service Revision (bg-2) Revision (bg-1) 0% - bg-candidate.demo.knative.tech 100% - bg.demo.knative.tech

37. ... traffic: - tag: current revisionName: bg-1 percent: 50 -

    tag: candidate revisionName: bg-2 percent: 50 - tag: latest latest Revision: true percent: 0 Blue/Green (traffic split) Service Revision (bg-1) Revision (bg-2) 90% 80% 70% 60% 50% 40% 60% 50% 40% 30% 20% 10%

38. ... traffic: - tag: previous revisionName: bg-1 percent: 100 -

    tag: current revisionName: bg-2 percent: 0 - tag: latest latestRevision: true percent: 0 Blue/Green (rollback) Service Revision (bg-1) Revision (bg-2) 100% 0%

39. gcloud alpha run services set-traffic maxprime \ --to-revision maxprime-v1=90,maxprime-v2=10 #

    Split traffic # across multiple # revisions Simpler Traffic Management source: github.com/mchmarny/ab-test-demo

40. Knative Eventing Functionality • Orchestrates on/off cluster event sources •

    Declaratively binds importers, brokers, triggers, and services • Scales from just few events to live streaming pipelines • Uses standard CloudEvents (CNCF Project) Integration • Use existing event sources available or build your own • Plugable channel provisioners (e.g. PubSub. Kafka, NATS, In-Memory)

41. Name Description Apache Camel Allows to use Apache Camel components

    for pushing events into Knative Apache Kafka Brings Apache Kafka messages into Knative AWS SQS Brings AWS Simple Queue Service messages into Knative Cron Job Uses an in-memory timer to produce events on the specified Cron schedule. GCP PubSub Brings GCP PubSub messages into Knative GitHub Brings GitHub organization/repository events into Knative GitLab Brings GitLab repository events into Knative. Google Cloud Scheduler Google Cloud Scheduler events in Knative when jobs are triggered Google Cloud Storage Brings Google Cloud Storage bucket/object events into Knative Kubernetes Brings Kubernetes cluster/infrastructure events into Knative source: https://github.com/knative/docs/tree/master/docs/eventing/sources Knative Event Importers (aka Sources)

42. CloudEvents { "specversion": "0.2", "type": "com.github.pull.create", "source": "https://github.com/cloudevents/spec/pull/123", "id": "A234-1234-1234",

    "time": "2019-04-08T17:31:00Z", "datacontenttype": "application/json", "data": "{ GitHub Payload... }" } FTP GitHub GCS Broker FTP Event Importer GitHub Event Importer GCS Event Importer CloudEvent

43. Namespace subscribe Trigger Service (Callable) Broker Trigger Service (Callable) subscribe

    filter= filter= Importer Events Importer Events ingress ingress publish ✓ ✓ ✓ Knative Eventing Objects

44. Knative Event Broker apiVersion: eventing.knative.dev/v1alpha1 kind: Broker metadata: name: b1

    namespace: demo spec: {} status: address: hostname: b1-broker.demo.svc.cluster.local Simple Broker - 1-n per NS by default - Discoverable endpoint - Manages • Channels • Ingress filter/policy

45. Knative Event Trigger apiVersion: eventing.knative.dev/v1alpha1 kind: Trigger metadata: name: build-status-slack-notifier

    spec: filter: sourceAndType: type: com.google.build.status subscriber: ref: apiVersion: serving.knative.dev/v1alpha1 kind: Service name: slack-sender Simple Trigger - Uses CloudEvents - Supports Filtering - Can produce new events Build status Slack notifications demo: https://github.com/mchmarny/knative-build-status-notifs

46. Knative Eventing Demo Twitter Event Importer query: knative type: com.twitter

    Broker (default) Trigger type filter: com.twitter .negative Slack Publishing Service Slack Channel (#twitterback) Trigger type filter: com.twitter Sentiment Scoring Service Trigger type filter: com.twitter Event Store Service FireStore Collection knative-tweets Trigger type filter: com.twitter. positive Event Viewer (WebSocket) 1. Save all tweets for reference 2. Classify tweets based on sentiment 4. Send negative to Slack for review 5. Display positive tweets in UI 1 2 4 5 bit.ly/kn-tw-event Natural Language API replay Trigger type filter: com.twitter .noneng Sentiment Scoring Service 3. Translate non-English tweets 3 Translation API

47. * Cron job importer to wire up weekly report *

    Process IoT Core events * GCP PubSub (connector to many other GCP event sources) * Actuate on Kubernetes events (beyond webhook) * Declarative GitHub webhook processing ... # samples bit.ly/kn-event-samples Knative Eventing Use-cases

48. In Closing Infrastructure Primitives Knative Kubernetes Knative-based Products Optimized Experience

49. Docs, Blog, Community knative.dev Quick Start bit.ly/cr-gke Source & Samples

    github.com/knative Questions? slack.knative.dev Anything else @mchmarny