Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Serverless with Knative and Cloud Run

Serverless with Knative and Cloud Run

When you build an app, you typically need to choose agility with serverless or flexibility with containers but not both. But why does it have to be that way? Wouldn’t it be nice to have the best of both worlds?

In this talk, we’ll explore the open source project Knative and its managed version Cloud Run. Through a series of demos, we’ll see how these projects enable you to deploy and manage containers in a serverless way on wherever you want, on-prem or in the cloud.

Mete Atamel

March 27, 2020
Tweet

More Decks by Mete Atamel

Other Decks in Technology

Transcript

  1. Serverless Containers with Knative & Cloud Run Mete Atamel Developer

    Advocate at Google @meteatamel speakerdeck.com/meteatamel
  2. Operational Model Programming Model No Infra Management Managed Security Pay

    only for usage Service-based Event-driven Stateless Serverless
  3. Cloud Run Fully managed, deploy your workloads and don’t see

    the cluster. Cloud Run on Anthos Deploy into Anthos, run serverless side-by-side with your existing workloads. Knative Everywhere Use the same APIs and tooling anywhere you run Kubernetes with Knative. Serverless containers with Knative and Cloud Run
  4. Confidential & Proprietary What is Knative? Kubernetes based open source

    building blocks for serverless github.com/knative
  5. Confidential & Proprietary Knative Serving What is it? Rapid deployment

    of serverless containers Automatic (0-n) scaling Configuration and revision management Traffic splitting between revisions Pluggable Connect to your own logging and monitoring platform, or use the built-in system Auto-scaler can be tuned or swapped out for custom code
  6. Confidential & Proprietary Knative Serving Knative Service High level abstraction

    for the application Configuration Current/desired state of an application Code & configuration separated (a la 12-factor) Revision Point in time snapshots for your code and configuration Route Maps traffic to revisions
  7. Confidential & Proprietary Knative Eventing What is it? For loosely

    coupled, event-driven services with on/off cluster event sources Bind declaratively event sources, triggers and services Scales from just few events to live streams Uses standard CloudEvents Event type Flow Event source Event type Event type Event consumer(s)
  8. Confidential & Proprietary Knative Eventing Delivery Models Simple Delivery Event

    Source → Service, 1:1 Complex Delivery with optional reply Event Source → Channels → Subscription → Services, 1:N Broker Trigger Delivery Event Source → Broker → Triggeer → Services, 1:N
  9. Confidential & Proprietary Knative Eventing Namespace subscribe Trigger Service (Callable)

    Broker Trigger Service (Callable) subscribe filter= filter= ✓ ✓ ✓ Source Events Source Events ingress ingress publish
  10. Confidential & Proprietary Knative Event Sources Name Description Apache Camel

    Allows to use Apache Camel components for pushing events into Knative Apache Kafka Brings Apache Kafka messages into Knative AWS SQS Brings AWS Simple Queue Service messages into Knative Cron Job Uses an in-memory timer to produce events on the specified Cron schedule. GCP PubSub Brings GCP PubSub messages into Knative GitHub Brings GitHub organization/repository events into Knative GitLab Brings GitLab repository events into Knative. Google Cloud Scheduler Google Cloud Scheduler events in Knative when jobs are triggered Google Cloud Storage Brings Google Cloud Storage bucket/object events into Knative Kubernetes Brings Kubernetes cluster/infrastructure events into Knative https://github.com/knative/docs/tree/master/docs/eventing/sources
  11. Confidential & Proprietary Knative Events { "specversion": "0.2", "type": "com.github.pull.create",

    "source": "https://github.com/cloudevents/spec/pull/123", "id": "A234-1234-1234", "time": "2019-04-08T17:31:00Z", "datacontenttype": "application/json", "data": "{ GitHub Payload... }" } FTP GitHub GCS Broker FTP Receive Adapter GitHub Receive Adapter GCS Receive Adapter CloudEvent
  12. Confidential & Proprietary Cloud Storage Events to Vision API Cloud

    Storage Bucket Cloud Storage -> Cloud PubSub -> Knative -> Vision API Cloud PubSub Topic Knative Eventing Knative Service Cloud Vision API Labels 1 2 3 4 5 6
  13. Container to production in seconds Natively Serverless One experience, where

    you want it Cloud Run Bringing serverless to containers
  14. Natively serverless Focus on writing code Scale up fast Scale

    down to zero Pay for exact usage No servers to manage
  15. HTTPS Endpoint Public • Website • API endpoint Private •

    Internal services • Async tasks • Mobile backend • Webhook
  16. Container contract Listen on 0.0.0.0 on port $PORT (default 8080)

    HTTP server must start < 4 min (timeout → 504) Request time < 15 min (default → 5 min) Stateless (in-memory file system, doesn’t persist) Computation only within request (No background activity)
  17. Container resources 1 vCPU per container instance (configurable to 2vCPU)

    256 MiB of memory up to a max of 2 GiB (configurable) 80 concurrent requests per container (configurable 1-80) 1000 max containers by default (configurable 1-1000) Access to a Metadata Server Sandboxed by gVisor
  18. Billable time Instance Billable Time Request 1 Start Request 1

    End Request 2 Start Request 2 End Instance Time Billable Non-billable
  19. Impact of Concurrency Fewer Cold Starts More requests per instance

    means fewer instances for the same QPS Faster Scale Up Fewer new instances (and cold starts) means faster response to traffic spikes Better Utilization Instances spend less time with idle resources, which is a more efficient use of machine resources Code may need to change! Global scope and race condition cautions are back
  20. Services part of async tasks Cloud Tasks user_registration user_levelcompleted user_inapppurchase

    user_statechange Daily activity metrics service User profile service Payment processing service Game state service
  21. Confidential & Proprietary Cloud Storage to Cloud Run via Cloud

    PubSub Cloud Storage Bucket Cloud PubSub Topic Cloud Run
  22. Confidential & Proprietary Tekton Pipelines What is it? Kubernetes style

    resources for declaring CI/CD-style pipelines Go from source code to container images on repositories Build pipelines can have multiple steps and can push to different registries Builds run in containers in the cluster. No need for Docker locally Primitives Task: Represents the work to be executed with 1 or more steps TaskRun: Runs the Task with supplied parameters Pipeline: A list of Tasks to execute in order ServiceAccount: For authentication with DockerHub etc.