ServerlessOn Your Own TermsUsing Knative

Mark ChmarnyServerless, Google

@mchmarny

Context

Serverless more than Function

Operator

No Infra Management Managed Security Pay only for usage

Service-based Event-driven Open

Serverless Models

Developer

Serverless and Container

.js .rb .go

.py .sh …

0 1 0 1 0 0 1 1 1

Containers

• Any Language, Library, Binary

• Granular version control

• Ecosystem of base images

Common unit of workload description (Dockerfile) and delivery (Container Image)

Serverless with Portability

Portability

KubernetesOffered by virtually all

Cloud Service Providers

KnativeCodifies serverless, broad

contributor/user community

TektonKubernetes-native [build] pipeline, industry leading CI/CD partners

What is Knative?

Knative“Open source building blocks for

serverless on Kubernetes”

knative.dev[kay-native]

Knative Primitives (Launched Sep 2018)

Developer-facing Products

Build Serving

Kubernetes

Events ...

Knative Today

ProductsGoogle Cloud Run Red Hat OpenShift SAP Kyma

Google Cloud Run on GKE IBM Cloud Kubernetes Service TriggerMesh

Build TektonServing

KubernetesPlatform

Primitives Events ...

Knative Serving

Functionality

● Activates/scales workload based on request (up/down to 0 pods)

● Manages revision code/config (update, rollback, split traffic)

● Request path/services access control (manage service mesh)

● Granular metrics/logging, Custom domains, TLS support...

Integration

● Connect with other services like GCP Cloud Build and Stackdriver

● Extend with partner integrations like Solo.io, GitLab, Datadog

Knative Eventing

Functionality

● Orchestrates on/off cluster event sources

● Declaratively binds importers, brokers, triggers, and services

● Scales from just few events to live streaming pipelines

● Uses standard CloudEvents(CNCF Project)

Integration

● Use existing event sources available or build your own (e.g. Apache Camel, AWS SQS, GCP PubSub)

● Plugable channel provisioners (e.g. PubSub. Kafka, NATS, In-Memory)

Knative Community

60+ ContributingCompanies

>7K Pull Requests

~450IndividualContributors

9WorkingGroups

v0.9Predictable Releases

source: knative.teststats.cncf.io/d/8/dashboards

How to get Knative

# latest releases docs: # https://knative.dev/docs/install/

$ kubectl apply \ -f https://github.com/knative/serving/releases/.../serving.yaml \ -f https://github.com/knative/eventing/releases/.../eventing.yaml \ -f https://github.com/knative/monitoring/releases/.../monitoring.yaml

Install

Install

$ gcloud beta container \clusters create my-cluster \--addons CloudRun

Also available for:● AKS● Docker● Gardener● IKS● Minikube● OpenShift/Minishift● PCS

Quick start: bit.ly/cr-gke

Config

$: kubectl get nsNAME STATUSdefault Activeistio-system Activeknative-eventing Activeknative-monitoring Activeknative-serving Activeknative-sources Activekube-public Activekube-system Active

$: kubectl get cm -n knative-servingNAME DATAconfig-autoscaler 1 config-defaults 1 config-deployment 2 config-domain 1 config-gc 1 config-istio 1 config-logging 1 config-network 6 config-observability 1 config-tracing 1

How to use Knative

Deployment (CLI)

# Knative Client:# github.com/knative/client

kn service create my-service \ --image registry/image-name

# Result: # my-service.namespace.domain.dev

Deployment (YAML)kubectl apply -f service.yaml

# simple-service.yamlapiVersion: serving.knative.dev/v1kind: Servicemetadata: name: service-namespec: template: spec: containers: - image: registry/image-name

Deployment (Google)

gcloud beta run deploy service-name \ --image gcr.io/project/image-name

Other providers:knctl , os, ibmcloud

Autoscaling

watch kubectl get pods -n demo -l serving.knative.dev/service=scale

https://scale.demo.knative.tech/v1/prime/9876543containerConcurrency: 1

Local build/push using Dockerfiledocker build -t user/app:version; docker push ...

Build Service (Cloud Build, GitHub Actions, GitLab, Jenkins…)git tag ...; git push origin ...; # Cloud Build: github.com/mchmarny/maxprime

On-cluster Build using Tekton Pipelineskubectl apply -f task.yaml# Maven (tekton-jib-build): github.com/mchmarny/knative-demos

ko, quick iteration, no Dockerfile, golang onlyko apply -f config.yamlgithub.com/google/ko

Build Options

(╯°□°)╯︵ ┬─┬

Kf (Knative + Cloud Foundry)

Knative Tekton

Kf

Feels like Cloud Foundry

Runs on Kubernetes

Powered by Knative

Supports logs, buildpacks, app manifests, routing,

service brokers, and injected services…

all on Kubernetes using Knative, Istio, and Tekton.

github.com/google/kf

Service Configuration

Knative Serving Usage Patterns

Public Service• Website• API endpoint

Internal Service • Backing Microservices• Eventing Targets

• Mobile backend• Webhook

Request Path

Kubernetes Cluster

Knative

Logo Service Vision API

User

HTTPS

HTTPS

curl -H "Content-Type: application/json" \

-d '{"id":"test","url":"https://storage.googleapis.com/kdemo-logos/google.png"}' \

https://logo.demo.knative.tech/

Request Path

Kubernetes Cluster

Knative

Frontend UI

Logo Service

User Service

Vision API

Firestore APIUser

HTTPS

demo

OAuth

HTTPSHTTPS

Request Path

Kubernetes Cluster

Knative

Frontend UI

Logo Service

User Service

Vision API

Firestore APIUser

HTTPS

demo

OAuth

HTTPSHTTPS

apiVersion: serving.knative.dev/v1kind: Servicemetadata: name: logo labels: serving.knative.dev/visibility: cluster-local...# service.yaml

Request Path

github.com/mchmarny/kdemo

Request Path

Kubernetes Cluster

Knative

Frontend UI

Internal Logo Service

InternalUser Service

Vision API

Firestore APIUser

HTTPS

demo

OAuth

HTTPSHTTPS

Day 2-n

Service

v2

v1Active Usage

Users

Knative Object Model

Revision 1

Revision 2

Revision 3

ConfigurationRoute

ServiceRoute - named endpoint and a mechanism for routing traffic

Revisions - immutable snapshots of code + config

Configuration - stream of environments for Revisions

Service - top-level wrapper for managing Route/Configurations sets

# List current revisions in the namespace (filter on service name)

kubectl get revisions -n demo -l serving.knative.dev/service=maxprime

NAME SERVICE NAME GENERATION READY

maxprime-vq25k maxprime-vq25k-service 3 True

maxprime-wtz1g maxprime-wtz1g-service 2 True

maxprime-qtz5p maxprime-qtz5p-service 1 True

# Edit revision in service traffic section# (status/traffic[n]/revisionName)

kubectl edit ksvc maxprime -n demo

Simple Revision Management

Blue/Green Revision Management

Traffic

Live Service

Traffic# Initial state

# Spin up “Blue” # version with# new code/features

Live Service

Traffic

# Shift traffic over# from “Green” version# to new “Blue” version

New Revision

Live Service Old Revision (or Rollback)

apiVersion: serving.knative.dev/v1

kind: Service

metadata:

name: bg

namespace: demo

spec:

template:

spec:

containers:

- image: gcr.io/knative-samples/knative-route-demo

Blue/Green (deployment)

Service100%

Revision

Source: github.com/mchmarny/knative-demos

spec:

template:

metadata:

name: bg-2

...

traffic:

- tag: current

revisionName: bg-1

percent: 100

- tag: candidate

revisionName: bg-2

percent: 0

- tag: latest

latest Revision: true

percent: 0

Blue/Green (update)

Service

Revision (bg-2)

Revision (bg-1)

0% - bg-candidate.demo.knative.tech

100% - bg.demo.knative.tech

...

traffic:

- tag: current

revisionName: bg-1

percent: 50

- tag: candidate

revisionName: bg-2

percent: 50

- tag: latest

latest Revision: true

percent: 0

Blue/Green (traffic split)

Service

Revision (bg-1)

Revision (bg-2)

90%80%70%60%50%40%

60%50%40%30%20%10%

...

traffic:

- tag: previous

revisionName: bg-1

percent: 100

- tag: current

revisionName: bg-2

percent: 0

- tag: latest

latestRevision: true

percent: 0

Blue/Green (rollback)

Service

Revision (bg-1)

Revision (bg-2)

100%

0%

gcloud alpha run services set-traffic maxprime \

--to-revision maxprime-v1=90,maxprime-v2=10

# Split traffic

# across multiple

# revisions

Simpler Traffic Management

source:github.com/mchmarny/ab-test-demo

Name Description

Apache Camel Allows to use Apache Camel components for pushing events into Knative

Apache Kafka Brings Apache Kafka messages into Knative

AWS SQS Brings AWS Simple Queue Service messages into Knative

Cron Job Uses an in-memory timer to produce events on the specified Cron schedule.

GCP PubSub Brings GCP PubSub messages into Knative

GitHub Brings GitHub organization/repository events into Knative

GitLab Brings GitLab repository events into Knative.

Google Cloud Scheduler Google Cloud Scheduler events in Knative when jobs are triggered

Google Cloud Storage Brings Google Cloud Storage bucket/object events into Knative

Kubernetes Brings Kubernetes cluster/infrastructure events into Knative

source: https://github.com/knative/docs/tree/master/docs/eventing/sources

Knative Event Importers (aka Sources)

CloudEvents

{"specversion": "0.2","type": "com.github.pull.create","source": "https://github.com/cloudevents/spec/pull/123","id": "A234-1234-1234","time": "2019-04-08T17:31:00Z","datacontenttype": "application/json","data": "{ GitHub Payload... }"

}

FTP

GitHub

GCS

Broker

FTP Event Importer

GitHub Event Importer

GCS Event Importer

CloudEvent

Namespace

subscribeTrigger Service(Callable)

Broker

Trigger Service(Callable)

subscribefilter=

filter=

Importer

Events

Importer

Events

ingress

ingress

publ

ish

✓

✓ ✓

Knative Eventing Objects

Knative Event Broker

apiVersion: eventing.knative.dev/v1alpha1kind: Brokermetadata: name: b1 namespace: demospec: {}status: address: hostname: b1-broker.demo.svc.cluster.local

Simple Broker

- 1-n per NS by default

- Discoverable endpoint

- Manages

● Channels

● Ingress filter/policy

Knative Event Trigger

apiVersion: eventing.knative.dev/v1alpha1kind: Triggermetadata: name: build-status-slack-notifierspec: filter: sourceAndType: type: com.google.build.status subscriber: ref: apiVersion: serving.knative.dev/v1 kind: Service name: slack-sender

Simple Trigger- Uses CloudEvents

- Supports Filtering

- Can produce new events

Build status Slack notifications demo: https://github.com/mchmarny/knative-build-status-notifs

EventingPipeline

Twitter Event Importer query: knative type: com.twitter

Broker (default)

Triggertype filter:

com.twitter.negative

Slack Publishing

Service

SlackChannel

(#twitterback)

Triggertype filter:

com.twitter

Sentiment Scoring Service

Triggertype filter:

com.twitter

Event StoreService

FireStore Collection

knative-tweets

Triggertype filter:

com.twitter. positive

Event Viewer (WebSocket)

1. Save all tweets for reference

2. Classify tweets based on sentiment

4. Send negative to Slack for review

5. Display positive tweets in UI

1 2 4 5

bit.ly/kn-tw-event

Natural Language API

repl

ay����

Triggertype filter:

com.twitter.noneng

Sentiment Scoring Service

3. Translatenon-English tweets

3

TranslationAPI

* Cron job importer to wire up weekly report

* Process IoT Core events

* GCP PubSub (connector to many other GCP event sources)

* Actuate on Kubernetes events (beyond webhook)

* Declarative GitHub webhook processing

...

# samplesbit.ly/kn-event-samples

Knative Eventing Use-cases

In Closing

Serverless more than Function

Serverless and Container

Serverless with Portability

Knative Layers

Infrastructure

Primitives Knative

Kubernetes

Knative-based ProductsOptimized Experience

Docs, Blog, Communityknative.dev

Quick Startbit.ly/cr-gke

Source & Samplesgithub.com/knative

Questions?slack.knative.dev

Anything else@mchmarny