Serverless On Your Own Terms Using Knative Mark Chmarny Serverless, Google @mchmarny
ServerlessOn Your Own TermsUsing Knative
Mark ChmarnyServerless, Google
@mchmarny
Context
Serverless more than Function
Operator
No Infra Management Managed Security Pay only for usage
Service-based Event-driven Open
Serverless Models
Developer
Serverless and Container
.js .rb .go
.py .sh …
0 1 0 1 0 0 1 1 1
Containers
• Any Language, Library, Binary
• Granular version control
• Ecosystem of base images
Common unit of workload description (Dockerfile) and delivery (Container Image)
Serverless with Portability
Portability
KubernetesOffered by virtually all
Cloud Service Providers
KnativeCodifies serverless, broad
contributor/user community
TektonKubernetes-native [build] pipeline, industry leading CI/CD partners
What is Knative?
Knative“Open source building blocks for
serverless on Kubernetes”
knative.dev[kay-native]
Knative Primitives (Launched Sep 2018)
Developer-facing Products
Build Serving
Kubernetes
Events ...
Knative Today
ProductsGoogle Cloud Run Red Hat OpenShift SAP Kyma
Google Cloud Run on GKE IBM Cloud Kubernetes Service TriggerMesh
Build TektonServing
KubernetesPlatform
Primitives Events ...
Knative Serving
Functionality
● Activates/scales workload based on request (up/down to 0 pods)
● Manages revision code/config (update, rollback, split traffic)
● Request path/services access control (manage service mesh)
● Granular metrics/logging, Custom domains, TLS support...
Integration
● Connect with other services like GCP Cloud Build and Stackdriver
● Extend with partner integrations like Solo.io, GitLab, Datadog
Knative Eventing
Functionality
● Orchestrates on/off cluster event sources
● Declaratively binds importers, brokers, triggers, and services
● Scales from just few events to live streaming pipelines
● Uses standard CloudEvents(CNCF Project)
Integration
● Use existing event sources available or build your own (e.g. Apache Camel, AWS SQS, GCP PubSub)
● Plugable channel provisioners (e.g. PubSub. Kafka, NATS, In-Memory)
Knative Community
60+ ContributingCompanies
>7K Pull Requests
~450IndividualContributors
9WorkingGroups
v0.9Predictable Releases
source: knative.teststats.cncf.io/d/8/dashboards
How to get Knative
# latest releases docs: # https://knative.dev/docs/install/
$ kubectl apply \ -f https://github.com/knative/serving/releases/.../serving.yaml \ -f https://github.com/knative/eventing/releases/.../eventing.yaml \ -f https://github.com/knative/monitoring/releases/.../monitoring.yaml
Install
Install
$ gcloud beta container \clusters create my-cluster \--addons CloudRun
Also available for:● AKS● Docker● Gardener● IKS● Minikube● OpenShift/Minishift● PCS
Quick start: bit.ly/cr-gke
Config
$: kubectl get nsNAME STATUSdefault Activeistio-system Activeknative-eventing Activeknative-monitoring Activeknative-serving Activeknative-sources Activekube-public Activekube-system Active
$: kubectl get cm -n knative-servingNAME DATAconfig-autoscaler 1 config-defaults 1 config-deployment 2 config-domain 1 config-gc 1 config-istio 1 config-logging 1 config-network 6 config-observability 1 config-tracing 1
How to use Knative
Deployment (CLI)
# Knative Client:# github.com/knative/client
kn service create my-service \ --image registry/image-name
# Result: # my-service.namespace.domain.dev
Deployment (YAML)kubectl apply -f service.yaml
# simple-service.yamlapiVersion: serving.knative.dev/v1kind: Servicemetadata: name: service-namespec: template: spec: containers: - image: registry/image-name
Deployment (Google)
gcloud beta run deploy service-name \ --image gcr.io/project/image-name
Other providers:knctl , os, ibmcloud
Autoscaling
watch kubectl get pods -n demo -l serving.knative.dev/service=scale
https://scale.demo.knative.tech/v1/prime/9876543containerConcurrency: 1
Local build/push using Dockerfiledocker build -t user/app:version; docker push ...
Build Service (Cloud Build, GitHub Actions, GitLab, Jenkins…)git tag ...; git push origin ...; # Cloud Build: github.com/mchmarny/maxprime
On-cluster Build using Tekton Pipelineskubectl apply -f task.yaml# Maven (tekton-jib-build): github.com/mchmarny/knative-demos
ko, quick iteration, no Dockerfile, golang onlyko apply -f config.yamlgithub.com/google/ko
Build Options
(╯°□°)╯︵ ┬─┬
Kf (Knative + Cloud Foundry)
Knative Tekton
Kf
Feels like Cloud Foundry
Runs on Kubernetes
Powered by Knative
Supports logs, buildpacks, app manifests, routing,
service brokers, and injected services…
all on Kubernetes using Knative, Istio, and Tekton.
github.com/google/kf
Service Configuration
Knative Serving Usage Patterns
Public Service• Website• API endpoint
Internal Service • Backing Microservices• Eventing Targets
• Mobile backend• Webhook
Request Path
Kubernetes Cluster
Knative
Logo Service Vision API
User
HTTPS
HTTPS
curl -H "Content-Type: application/json" \
-d '{"id":"test","url":"https://storage.googleapis.com/kdemo-logos/google.png"}' \
https://logo.demo.knative.tech/
Request Path
Kubernetes Cluster
Knative
Frontend UI
Logo Service
User Service
Vision API
Firestore APIUser
HTTPS
demo
OAuth
HTTPSHTTPS
Request Path
Kubernetes Cluster
Knative
Frontend UI
Logo Service
User Service
Vision API
Firestore APIUser
HTTPS
demo
OAuth
HTTPSHTTPS
apiVersion: serving.knative.dev/v1kind: Servicemetadata: name: logo labels: serving.knative.dev/visibility: cluster-local...# service.yaml
Request Path
github.com/mchmarny/kdemo
Request Path
Kubernetes Cluster
Knative
Frontend UI
Internal Logo Service
InternalUser Service
Vision API
Firestore APIUser
HTTPS
demo
OAuth
HTTPSHTTPS
Day 2-n
Service
v2
v1Active Usage
Users
Knative Object Model
Revision 1
Revision 2
Revision 3
ConfigurationRoute
ServiceRoute - named endpoint and a mechanism for routing traffic
Revisions - immutable snapshots of code + config
Configuration - stream of environments for Revisions
Service - top-level wrapper for managing Route/Configurations sets
# List current revisions in the namespace (filter on service name)
kubectl get revisions -n demo -l serving.knative.dev/service=maxprime
NAME SERVICE NAME GENERATION READY
maxprime-vq25k maxprime-vq25k-service 3 True
maxprime-wtz1g maxprime-wtz1g-service 2 True
maxprime-qtz5p maxprime-qtz5p-service 1 True
# Edit revision in service traffic section# (status/traffic[n]/revisionName)
kubectl edit ksvc maxprime -n demo
Simple Revision Management
Blue/Green Revision Management
Traffic
Live Service
Traffic# Initial state
# Spin up “Blue” # version with# new code/features
Live Service
Traffic
# Shift traffic over# from “Green” version# to new “Blue” version
New Revision
Live Service Old Revision (or Rollback)
apiVersion: serving.knative.dev/v1
kind: Service
metadata:
name: bg
namespace: demo
spec:
template:
spec:
containers:
- image: gcr.io/knative-samples/knative-route-demo
Blue/Green (deployment)
Service100%
Revision
Source: github.com/mchmarny/knative-demos
spec:
template:
metadata:
name: bg-2
...
traffic:
- tag: current
revisionName: bg-1
percent: 100
- tag: candidate
revisionName: bg-2
percent: 0
- tag: latest
latest Revision: true
percent: 0
Blue/Green (update)
Service
Revision (bg-2)
Revision (bg-1)
0% - bg-candidate.demo.knative.tech
100% - bg.demo.knative.tech
...
traffic:
- tag: current
revisionName: bg-1
percent: 50
- tag: candidate
revisionName: bg-2
percent: 50
- tag: latest
latest Revision: true
percent: 0
Blue/Green (traffic split)
Service
Revision (bg-1)
Revision (bg-2)
90%80%70%60%50%40%
60%50%40%30%20%10%
...
traffic:
- tag: previous
revisionName: bg-1
percent: 100
- tag: current
revisionName: bg-2
percent: 0
- tag: latest
latestRevision: true
percent: 0
Blue/Green (rollback)
Service
Revision (bg-1)
Revision (bg-2)
100%
0%
gcloud alpha run services set-traffic maxprime \
--to-revision maxprime-v1=90,maxprime-v2=10
# Split traffic
# across multiple
# revisions
Simpler Traffic Management
source:github.com/mchmarny/ab-test-demo
Name Description
Apache Camel Allows to use Apache Camel components for pushing events into Knative
Apache Kafka Brings Apache Kafka messages into Knative
AWS SQS Brings AWS Simple Queue Service messages into Knative
Cron Job Uses an in-memory timer to produce events on the specified Cron schedule.
GCP PubSub Brings GCP PubSub messages into Knative
GitHub Brings GitHub organization/repository events into Knative
GitLab Brings GitLab repository events into Knative.
Google Cloud Scheduler Google Cloud Scheduler events in Knative when jobs are triggered
Google Cloud Storage Brings Google Cloud Storage bucket/object events into Knative
Kubernetes Brings Kubernetes cluster/infrastructure events into Knative
source: https://github.com/knative/docs/tree/master/docs/eventing/sources
Knative Event Importers (aka Sources)
CloudEvents
{"specversion": "0.2","type": "com.github.pull.create","source": "https://github.com/cloudevents/spec/pull/123","id": "A234-1234-1234","time": "2019-04-08T17:31:00Z","datacontenttype": "application/json","data": "{ GitHub Payload... }"
}
FTP
GitHub
GCS
Broker
FTP Event Importer
GitHub Event Importer
GCS Event Importer
CloudEvent
Namespace
subscribeTrigger Service(Callable)
Broker
Trigger Service(Callable)
subscribefilter=
filter=
Importer
Events
Importer
Events
ingress
ingress
publ
ish
✓
✓ ✓
Knative Eventing Objects
Knative Event Broker
apiVersion: eventing.knative.dev/v1alpha1kind: Brokermetadata: name: b1 namespace: demospec: {}status: address: hostname: b1-broker.demo.svc.cluster.local
Simple Broker
- 1-n per NS by default
- Discoverable endpoint
- Manages
● Channels
● Ingress filter/policy
Knative Event Trigger
apiVersion: eventing.knative.dev/v1alpha1kind: Triggermetadata: name: build-status-slack-notifierspec: filter: sourceAndType: type: com.google.build.status subscriber: ref: apiVersion: serving.knative.dev/v1 kind: Service name: slack-sender
Simple Trigger- Uses CloudEvents
- Supports Filtering
- Can produce new events
Build status Slack notifications demo: https://github.com/mchmarny/knative-build-status-notifs
EventingPipeline
Twitter Event Importer query: knative type: com.twitter
Broker (default)
Triggertype filter:
com.twitter.negative
Slack Publishing
Service
SlackChannel
(#twitterback)
Triggertype filter:
com.twitter
Sentiment Scoring Service
Triggertype filter:
com.twitter
Event StoreService
FireStore Collection
knative-tweets
Triggertype filter:
com.twitter. positive
Event Viewer (WebSocket)
1. Save all tweets for reference
2. Classify tweets based on sentiment
4. Send negative to Slack for review
5. Display positive tweets in UI
1 2 4 5
bit.ly/kn-tw-event
Natural Language API
repl
ay����
Triggertype filter:
com.twitter.noneng
Sentiment Scoring Service
3. Translatenon-English tweets
3
TranslationAPI
* Cron job importer to wire up weekly report
* Process IoT Core events
* GCP PubSub (connector to many other GCP event sources)
* Actuate on Kubernetes events (beyond webhook)
* Declarative GitHub webhook processing
...
# samplesbit.ly/kn-event-samples
Knative Eventing Use-cases
In Closing
Serverless more than Function
Serverless and Container
Serverless with Portability
Knative Layers
Infrastructure
Primitives Knative
Kubernetes
Knative-based ProductsOptimized Experience
Docs, Blog, Communityknative.dev
Quick Startbit.ly/cr-gke
Source & Samplesgithub.com/knative
Questions?slack.knative.dev
Anything else@mchmarny