Automating IT Ops with Dispatch ServerlessAutomating IT Ops with Dispatch Serverless Framework Alan Renouf, VMware, Inc. Berndt Jung, VMware, Inc. DEV2828BU. VMworld ... container

#vmworld

Automating IT Ops with Dispatch Serverless

FrameworkAlan Renouf, VMware, Inc.Berndt Jung, VMware, Inc.

DEV2828BU

#DEV2828BUVMworld 2018 Content: Not for publication or distribution

Disclaimer

2©2018 VMware, Inc.

This presentation may contain product features orfunctionality that are currently under development.

This overview of new technology represents no commitment from VMware to deliver these features in any generally available product.

Features are subject to change, and must not be included in contracts, purchase orders, or sales agreements of any kind.

Technical feasibility and market demand will affect final delivery.

Pricing and packaging for any new features/functionality/technology discussed or presented, have not been determined.

VMworld 2018 Content: Not for publication or distribution

Agenda


Serverless, FaaS, Functions, and Use cases

Dispatch + Demo of setup

What about PowerCLI?

Demo of Dispatch using PowerCLI

Wrapping up & next steps

Q&A



Why Functions?

Faster start-up times

Better resource utilization

Finer-grained management

Splitting up the monolith

Incr

easin

g fo

cus o

n bu

sines

s log

ic

Decreasing concern (and control) over infrastructure implementation

Virtual machines

Functions

Containers

Bare Metal



What is a Function?

Auto-scaled Lower Cost

Event Driven Stateless Short Duration



Use Cases

• RESTful services• Stateless apps• Bursting

workloads• Parallel

processing

• Edge computing• Mobile app

backends

• Log analysis• Job queues• ETL• Machine Learning

• CI/CD pipelines• Notifications• Chat Ops

• Periodic jobs• Monitoring and

alerting• Provisioning• Automation

ƒ(x)

Micro-services IoT Stream-processing DevOps IT Operations



• Functions for the Enterprise

• Built on Kubernetes

• Integrates with existing services across clouds

• CloudEvents native

• Open source

• Focus on simplicity for the developer and operator

• Independent project with active community (100+ contributors)

• Top rated FaaS for Kubernetes by stars

• Open source

• Partnership with AWS

• Run AWS Greengrass and IoT on vSphere

• Prebuilt OVA with Greengrass code included

• Ease setup and configuration for customers

Current VMware FaaS/serverless initiativesConsistent set of tooling across all clouds

VMware Project Dispatch OpenFaaS AWS Greengrass on

vSphere



DispatchBatteries-included production functions



What is Dispatch?Enterprise Functions Stack

FaaS

Cloud events native

Integrate almost any IDP

Production-ready API-gateway

Integrate services via

Open Service Broker APIVMworld 2018 Content: Not for publication or distribution


Dispatch Architecture

Custo

mers

Ad

ministrato

rs

Develo

pers

External Events

Inbound data

Dispatch component

Dispatch dependency

Image Registry (Harbor)

Postgres

IDP/AD

Kubernetes (PKS)

Control Plane

Event Bus

API Gateway (KONG)IAM

FaaS (OpenFaaS) FaaS (RiFF) Service Catalog External Services

Secrets



Tightly control Dispatch API access

Integrate into existing OIDC compatible identity providers or AD/LDAP directly

Organization as a tenancy construct

IT controls infrastructure, VMs, OS, container images

Dispatch provides full application visibility including an inventory of all system and runtime libraries installed on a per-function granularity

No more web servers

Dispatch fully manages an integrated KONG API Gateway

Control endpoint access via authentication

Manage and apply certificates

Dispatch for AdministratorsFocus on Security

IAM style roles and permissions

Deep infrastructure and application controls

Function ingress and egress via API Gateway



Postgres for configuration and state

Kafka or RabbitMQ for events

Docker for images

OIDC for authorization

Open Service Broker for services integration

Integrate any external resource

"Import" external events making them actionable by Dispatch

Installs on Kubernetes 1.8+

Works with PKS, VKE, GKE, EKS, Minikube, etc.

FaaS interface supports container based FaaS

• OpenFaaS• Riff• Kubeless

Dispatch for Administrators

Familiar technology stack Extensible via Event Drivers

Deploys on any cloud (with any FaaS)

Flexible Integration



"Batteries-included" means developers can build more with a consistent Dispatch API

Build REST-based web-applications in minutes via the included API Gateway

Group functions and API endpoints into "applications"

Developers may build their own runtime images and include the libraries they need for the application

Self-service without the risk

Built in logging and tracing makes debugging easy without infrastructure access

Run Dispatch on a laptop, the public cloud, private cloud or hybrid cloud

Leverage features specific to clouds or FaaS on a per function basis

Dispatch for Developers

Enable rich function backed applications Empower developers Develop anywhere

Developer Focused



Register service brokers to organizations to provide per-organization service catalogs

Provision and bind services via the Dispatch API

Bindings (credentials) injected securely into functions at runtime

Dispatch supports a wide variety of function languages

• Python3• NodeJS• Java (+Spring)• Powershell• Clojure

Easily extend the list of supported languages based on need

Common eventing format developed by the CNCF serverless working group

Push CloudEvents directly to Dispatch

Dispatch for Developers

Integration with Open Service Broker Develop in any language CloudEvents native

Bring Your Own Services



Deploys on Kubernetes• PKS, VKE, GKE, EKS, etc.

Multiple FaaS Support• OpenFaaS, Kubeless, Riff

Broad Set of Language Packs• Python3, Nodejs, Java, Powershell

Kong backed API Gateway• Full HTTP context available to functions

Let's Encrypt Support for all public endpoints

OpenTracing enabled

Summary of Current Dispatch FeaturesServerless with the Enterprise in Mind

Multiple IDP Support• Google, Auth0, vIDM, GitHub

Organization based tenanacy

Per-User RBAC Policies

CloudEvents Native

Extensible Event Drivers• vCenter, AWS, Azure

Open Service Broker Integration



DemoChat-ops with Dispatch and Slack

1

API-Gateway: POST /cloudmaster

Execute: cloudmaster.py

Vmomi: Create server based on template

Event-Driver: Listen for vCenter events

Execute: status.py

2 3

5 4



What about PowerCLI?How can I use the scripts I already have?



Not Open Source (yet)• Idea exists• Same modules on PSGallery

– Come with the 2 .Net flavours

Based on .Net Core• Some Windows .Net calls missing

PowerCLI Multi-PlatformVMware PowerCLI 10.*

https://powercli.ideas.aha.io/ideas/PCLI-I-145


19Confidential │ ©2018 VMware, Inc.

PowerCLIWhere are we now?

PowerCLI 10.1• Support for vSphere 6.7• Support for NSX-T 2.1• New Module VMware.Vim

– No cmdlets here?– This helps us release vSphere support updates FASTER!

• New Autodeploy cmdlets – Set-ScriptBundleAssociation– Remove-ScriptBundle

6.5R111/17

6.5.14/20

6.5.28/8

6.5.310/10

6.5.412/17

10.02/28

10.14/26

10.1.16/18

10.28/20

PowerCLI 10.1.1• Updated Support for Horizon View 7.5

PowerCLI 10.2• Support for NSX-T 2.2

2017 2018



PowerCLI DifferencesWhich modules do I have?

Cis.Core

Nsxt Vds

Core

Sdk Vmc

StorageUtility

Storage Common

Deploy Automation ImageBuilder

HA License

HorizonViewPCloud

Srm

vROps

VumAutomation

Cloud

= Available in PowerCLI Multi-Platform

= Available in PowerCLI

Deprecated in future release

Deprecated in future release

Vim



DemoSecurity Hardening a VM with PowerCLI and Dispatch

12

43

Using an existing community script:

https://github.com/vmware/PowerCLI-Example-Scripts/blob/master/Modules/apply-hardening/apply-hardening.psm1

1. Use Slack to trigger a Dispatch PyvMomi Script

2. Dispatch will call PyVMomi to deploy a VM

3. Dispatch will be subscribed to the VM.Deploy event

4. Dispatch will trigger the Hardening PowerCLI script

5. PowerCLI will harden the VM

6. PowerCLI will send a message to slack



Use yours (and others) existing scriptsDon’t reinvent the wheel

What do you already have scripts for?

What do you run as a scheduled task?

What use cases do you have?

Think outside the box – PowerShell is a big wide world of automation

Dispatch and PowerCLI works with On-Premises VC and VMware Cloud on AWS



http://vmwa.re/vmc1host

Starter Single Host SDDC

PROMO: 20% off for 3 months*

Please visit https://cloud.vmware.com/vmc-aws/pricing for promotion details

* Limited time Offer – T&C’s apply.

Production 3 Host SDDC


PROMO: For price of 2 Hosts*offer starts Sep 10, 2018 till Nov 2, 2018

Get started with VMware Cloud on AWS now!



https://cloud.vmware.com/vmc-aws/pricing



What's Next for Dispatch?Dispatch + Knative



Open sourced by Google with partners (Pivotal, IBM, RedHat, etc)

Serverless building blocks for Kubernetes• Building

– Pluggable framework for building container images on Kubernetes• Serving

– Auto-scaling containers from 0 (not just functions)– Istio based routing with support for traffic splitting and canary deployments

• Eventing– Manage event sources and subscriptions– Pluggable bus (Kafka, GCP pub/sub)– CloudEvents based

What is Knative?



Dispatch Architecture Today

Custo

mers

Ad

ministrato

rs

Develo

pers

External Events

Inbound data

Dispatch component

Dispatch dependency


Postgres

IDP/AD

Kubernetes (PKS)

Control Plane

Event Bus

API Gateway (KONG)IAM

FaaS (OpenFaaS) FaaS (RiFF) Service Catalog External Services

Secrets



Dispatch Architecture Future

Custo

mers

Ad

ministrato

rs

Develo

pers

External Events

Inbound data

Dispatch component

Knative component


IDP/AD

Kubernetes (PKS)

Knative Eventing

API Gateway (Istio)IAM

Knative Serving Service Catalog External OSB Services

Dispatch API

Dispatch Operators

Knative Building

Dispatch dependency



Maintain Dispatch functionality and value proposition• IAM and multi-tenancy• User/Developer centric API• Integrated configurable API Gateway - Istio based• Extensible event bus

"Leaner" Dispatch• Reduce Dependencies (Kong, Postgres, FaaS)• Deeply integrate with Kubernetes and Knative (CRDs)

Dispatch + Knative



Serverless across the industry & community

Re-use existing PowerCLI scripts

Want to get involved? code.vmware.com#dispatch

Let us know your use-cases

Wrapping up & next steps

http://dispatchframework.io

https://www.openfaas.com

https://knative.dev


http://dispatchframework.io/

https://www.openfaas.com/

https://knative.dev/

PLEASE FILL OUTYOUR SURVEY.Take a survey and enter a drawingfor a VMware company store gift card.

#vmworld #DEV2828BUVMworld 2018 Content: Not for publication or distribution

THANK YOU!

#vmworld #DEV2828BUVMworld 2018 Content: Not for publication or distribution

Documents

Automating IT Ops with Dispatch ServerlessAutomating IT Ops with Dispatch Serverless Framework Alan Renouf, VMware, Inc. Berndt Jung, VMware, Inc. DEV2828BU. VMworld ... container