Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Kubernetes and serverless technologies for high-performance applications

Kubernetes and serverless technologies for high-performance applications


Michael Hausenblas

November 06, 2018

More Decks by Michael Hausenblas

Other Decks in Technology


  1. Kubernetes and serverless technologies
 for high-performance applications Michael Hausenblas, Developer

    Advocate at Red Hat
 2018-11-06, OpenADx workshop, Stuttgart
  2. Hit me up on Twitter: @mhausenblas 2 admin SRE developer

    info sec architect PM PHB
  3. From monoliths to functions

  4. Hit me up on Twitter: @mhausenblas 4 Some terminology …

    boringis.cool/#lets-talk-about-serverless serverless query
 BigQuery, Amazon Athena, etc. databases & datastores
 Redshift, Azure Data Lake, etc. object storage
 S3, Google Cloud Storage, etc. Function-as-a-Service (FaaS)
 AWS Lambda, knative, etc. message queues
 SQS, Azure Service Bus, etc
  5. Hit me up on Twitter: @mhausenblas 5 The compute evolution

  6. Hit me up on Twitter: @mhausenblas 6 Function-as-a-Service concept

  7. Hit me up on Twitter: @mhausenblas 7 Function-as-a-Service concept •

    event-driven (i.e. needs trigger) • short-running (practically minutes) • stateless (externalize state/integrations) • cold start characteristics very important
  8. Hit me up on Twitter: @mhausenblas 8 Latency vs access

  9. Hit me up on Twitter: @mhausenblas 9 • cron job

    replacements • backup & restore jobs • short-running ETL jobs • sensor readings • image processing/conversion • bots (Slack, Twitter, etc.) 
 Sources: AWS Lambda, IBM, serverless framework, 
 Contino, TNS, programmableweb.com Use case categories twitter.com/patrickdebois/status/734459440603275264
  10. Hit me up on Twitter: @mhausenblas 10 Use case examples

    • Migration of an email marketing tool for small business • Continuous Deployments • A ticketing system • The iRobots IoT service • Replacing cron jobs with AWS Lambda • Fetching nearby Pokemon Go data • Teletext.io • Calculating lineups for a fantasy game
  11. Landscape

  12. Hit me up on Twitter: @mhausenblas 12 Overview Source: landscape.cncf.io

  13. Hit me up on Twitter: @mhausenblas 13 AWS Lambda Source:

  14. Hit me up on Twitter: @mhausenblas 14 Azure Functions Source:

  15. Hit me up on Twitter: @mhausenblas 15 Google Cloud Functions

    Source: cloud.google.com/functions/docs/
  16. Hit me up on Twitter: @mhausenblas 16 FaaS on Kubernetes

    landscape project backed by claim to fame started in Apache OpenWhisk ASF, Adobe, IBM, Red Hat large community, mature 2015 Azure Functions Runtime Microsoft ease of use late 2017 Dispatch VMware meta-framework late 2017 Fission Platform9 performance 2016 Fn Oracle supported languages/envs late 2017 Funktion Red Hat/Fabric8 integration 2017 Kubeless Bitnami UX, monitoring 2017 Nuclio iguazio performance mid 2017 OpenFaaS VMware large community, UX late 2016 Project Riff Pivotal event-centric late 2017
  17. Hit me up on Twitter: @mhausenblas 17 Kubernetes kubernetes.io •

    Container lifecycle management • Declarative API + control loops • Robust, flexible, scalable • Extensible through plug-ins and custom resources/controllers Kudos to Lucas Käldström for this figure (source)
  18. Hit me up on Twitter: @mhausenblas 18 • Extension to

    Kubernetes • Provides low-level building blocks: • knative/build: pluggable model for building artifacts from source code • knative/serving: event-driven compute model for serving containers • knative/eventing: universal subscription, delivery and management of events (triggers) Knative Kubernetes service mesh & operators Knative FaaS Kubeless, OpenWhisk, OpenFaaS, Azure Functions, Riff,… github.com/knative
  19. Hit me up on Twitter: @mhausenblas 19 • CloudEvents (specification

    by the CNCF Serverless Working Group) • TriggerMesh (lifecycle management) • Gloo (function gateway) Other ecosystem components
  20. Observability

  21. Hit me up on Twitter: @mhausenblas 21 Metrics node container

    runtime app alerts dashboards storage event router
  22. Hit me up on Twitter: @mhausenblas 22 kudos to demo.robustperception.io

  23. Hit me up on Twitter: @mhausenblas 23 kudos to linkerd.io/2

  24. Hit me up on Twitter: @mhausenblas 24 kudos to linkerd.io/2

    and grafana.com
  25. Hit me up on Twitter: @mhausenblas 25 Distributed tracing and

    debugging • Roots: need to overcome limitations of “time-synced logs” • Specifications: OpenCensus and OpenTracing • Tooling: Zipkin, Jaeger, Stackdriver • A must-have in a microservices and/or FaaS setup
  26. Hit me up on Twitter: @mhausenblas

  27. Challenges and opportunities

  28. Hit me up on Twitter: @mhausenblas 28 Does non-public cloud

    FaaS make sense? Most of production deployments currently using proprietary (public cloud) offerings: • New Relic survey 11/2017 • TNS blog post 12/2017
  29. Hit me up on Twitter: @mhausenblas 29 Uptake thenewstack.io/serverless-roadmaps-platforms/

  30. Hit me up on Twitter: @mhausenblas 30 Uptake thenewstack.io/serverless-roadmaps-platforms/

  31. Hit me up on Twitter: @mhausenblas 31 Developers on call!?

    Serverless: who's on call now?
 Medium post, 2018 ServerlessOps
 O'Reilly book, 2016
  32. Hit me up on Twitter: @mhausenblas 32 Handling many functions

    • A handful of functions? No problem • Breaking up a monolith into 200 functions? Hmmm … • So far, a rather under-developed space (e.g. ibm-functions/composer, TriggerMesh)
  33. Hit me up on Twitter: @mhausenblas 33 • Platform-level •

    Kubernetes • public cloud providers • on-premises • Framework level (leaks, authn/authz) • DoS attacks • Integrations/data leaks Security considerations
  34. Hit me up on Twitter: @mhausenblas 34 • Function-as-a-Service (FaaS)

    gives you • high development velocity • auto-scaling • pay-what-you-use • One tool in the toolbox, not a silver bullet (know your use cases) • Tradeoffs: convenience (lock-in) vs. control (effort) • Consider Function-as-a-Service as the “VBA of cloud native computing”? Summing up
  35. Resources

  36. Hit me up on Twitter: @mhausenblas 36 • The CNCF

    takes steps toward serverless computing • CNCF Serverless Working Group • FaaS on Kubernetes inventory • The State of OpenWhisk • Knative: Serving your Serverless Services • Many-faced threats to Serverless security
  37. Hit me up on Twitter: @mhausenblas 37

  38. plus.google.com/+RedHat linkedin.com/company/red-hat youtube.com/user/RedHatVideos facebook.com/redhatinc twitter.com/RedHatNews learn.openshift.com