Why Kubernetes for Serverless? by Krishna Kumar, Huawei India

CNCF Ambassador

Content

Evolution of Serverless world

& then…

Kubernetes Features towards Serverless…..

Containers – The History Highlights

1979

UNIX

chroot provide an

isolated disk space for each

process. Later in 1982 this was added to BSD

FreeBSD Jails

additional process

sandboxing features for isolating the

filesystem, users, networking, etc

2000 2001

Linux VServer

securely partition resources on a

computer system (file system, CPU

time, network addresses and

memory)

2004

Solaris Containers combination of

system resource controls and the

boundary separation provided by

zones

2005

OpenVZ

isolated file system, users

and user groups, a process tree,

network, devices, and IPC objects.

2006

Process Containers

limiting, accounting, and

isolating resource usage (CPU,

memory, disk I/O, network, etc.) of a

collection of processes

2007

Control Groups

Control Groups AKA cgroups was

implemented by Google and added to the Linux Kernel in

2007

2011

Warden Warden was

implemented by CloudFoundry in

year 2011 by using LXC at the

initial stage

2013

LMCTFY lmctfy stands for “Let Me Contain

That For You”. It is the open source

version of Google’s container stack

LXC

LXC stands for LinuX Containers and it is the first, most complete

implementation of Linux container

manager

2008 2013

Docker Docker is the

most popular and widely used container

management system as of January 2016

2014

Rocket Rocket is a much similar initiative to Docker started by CoreOS for fixing

some of the drawbacks

2016

Windows Containers

Run Docker containers on

Windows natively without having to

run a virtual machine to run

Docker

Virtual Machines, Containers and Unikernels

Evolution of Applications Development

MainFrame Client/Server SOA MSA Serverless

Serverless Evolution

2014-11 2015-10 2016-01 2016-2 2016-4 2016-5

Serverless

2016-6

OpenLambda

2016-7

DC/OS serverless Apcera AWS Lambda

2016-3

https://www.cncf.io/

Serverless From BIG Players

• AWS lambda - https://aws.amazon.com/lambda/

• Azure Functions - https://azure.microsoft.com/en-in/services/functions/

• Google Cloud Functions - https://cloud.google.com/functions/

• IBM OpenWhisk - https://www.ibm.com/cloud-computing/bluemix/openwhisk

• Oracle Fn - https://blogs.oracle.com/emeapartnerweblogic/serverless-architecture-on-the-oracle-paas-cloud-by-lucas-jellema

Serverless Implementations - Others

Fission.io (https://github.com/fission/fission)

Kubeless (https://github.com/bitnami/kubeless)

Iron Functions (https://github.com/iron-io/functions)

Fabric8’s (https://github.com/funktionio/funktion)

Alex’s (https://github.com/alexellis/faas) (Use Docker Swarm)

Galactic fog (https://github.com/GalacticFog)

Ovrclk.com (not open source)

Lightbend - www.lightbend.com

Iceroad www.iceroad.io

AuthO Webtasks - https://auth0.com/blog/building-serverless-apps-with-webtask/

https://github.com/anaibol/awesome-serverless

A Severless Architecture (Amazon Lambda)

Severless Architecture Benefits & Drawback (From AWS)

Serverless is misnormal…...

It is Functions as a Service (FaaS)

Why Kubernetes for FaaS?

Kubernetes Orchestration Engine 1

Setup • On Cloud infrastructure

• Google

• AWS

• Azure

• IBM Blue Mix

• On local machine

• MiniKube

• Ubuntu on LXD

• Kubeadm

• IBM Cloud Private CE

Kubernetes – AutoScale with custom metrics

• With Horizontal Pod Autoscaling, Kubernetes automatically scales the number of pods in a replication controller, deployment or replica set based on observed CPU utilization (or, with custom metrics support, on some other application-provided metrics).

• Needs Heapster and Cadvisor (already a part of Kubernetes)

• Resource Metric Source (CPU or Memory). Per-pod resource metrics (like CPU),

• The key operational difference between FaaS and PaaS is scaling. With most PaaS’s you still need to think about scale.

• FaaS needs infrastructure and k8s supports that well. From Function it creates services and manage its life cycle.

• https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/

2

Kubernetes – Workloads • StatefulSet - Stateful Application that needs reasonable handling

• Like Database

• In-memory Cache

• Peer – Peer applications that needs storage

• Any application that needs network identity

• Stateless - For stateless application to deal with complex workflow

• Like webservers

• Are stateless in nature that needs on-demand scale

• Needs rolling update

• Jobs - Run once type of workloads

• Useful for running scripts, reports and batch jobs

• Like DB-Query

• Like Spark / Hadoop processing

• CornJobs – Run once type of Jobs by repeat in a frequency

• Just like unix CornJob

• Runs a job at a given schedule

• DaemonSet – Run on all the Nodes as much as possible

• Runs in every node in the cluster.

• For starting monitoring applications on every node.

• ReplicaSet – Run and manage multiple Pods lifecycle.

• Elementry Controller for managing PODs

• Used by Deployment.

FaaS Workloads • Time based processing/CRON job

• Time based recurring jobs, clean up etc.

• Event processing • Servicing SaaS & cloud events like changes is

Storage, DB, etc. and to display it in graphical way

• Web applications

• Single web page apps, that manage user data store/display/customization.

• Mobile backend

• Mobile client can use HTTP APIs to store/process, eg. Photos

• Real-time stream processing

• IoT devices can send messages for stream analytics

• Real-time bot messaging

• Chat/Message bots

• Answer questions using AI (Cortana)

FaaS functions are stateless. The ‘Twelve-Factor App’ concept is also same.

3

12 factors (solid principle for Cloud Software Architecture)

Codebase One codebase tracked in revision control, many deploys

Dependencies Explicitly declare and isolate dependencies

Config Store configuration in the environment

Backing Services Treat backing services as attached resources

Build, release, run Strictly separate build and run stages

Processes Execute the app as one or more stateless processes

Port binding Export services via port binding

Concurrency Scale out via the process model

Disposability Maximize robustness with fast startup and graceful shutdown

Dev/prod parity Keep development, staging, and production as similar as possible

Logs Treat logs as event streams

Admin processes Run admin/management tasks as one-off processes

K8s Cloud Native and Serverless has same Workload Characteristics

Expose Service from Function 4

A Service in Kubernetes is an abstraction which defines a logical set of Pods and a

policy by which to access them. Services enable a loose coupling between dependent Pods. A Service is defined using

YAML (preferred) or JSON, like all Kubernetes objects. The set of Pods targeted by a Service is usually determined by a LabelSelector Although each Pod has a unique IP address, those IPs are not exposed outside the

cluster without a Service. Services allow your applications to receive traffic. Services can be exposed in different ways by specifying a type in the ServiceSpec (ClusterIP, NodePort, LoadBalancer, External Name)

HTTP services from k8s from functions very easy to create. API based calls – deal with event handlers (notification from other services)

Idle function only use storage and consume only CPU/memory when at use – trigger

fires.

Function can run at source level, or as buildpack or as docker images. https://kubernetes.io/docs/tutorials/kubernetes-basics/expose-intro/

Associate functions with k8s watches, triggers, HTTP routes 5

Watch resource from k8s API – Native integration with k8s •POD problem •Other events •Do something

Create function and add them using CLI/etc.. Then associate functions with k8s watches, triggers, HTTP routes.

Issue a watch request using normal http request - the API consumes and returns JSON messages.

Labels can be used to organize and to select subsets of objects. Labels can be attached to objects at creation time and subsequently added and modified at any time.

Funktion – Apache Camel Connector (some thing happens do something) Step Functions – One after another events. Call in sequence order. https://stackoverflow.com/questions/35192712/kubernetes-watch-pod-events-with-api

Init Container 6

A Pod can have multiple Containers running apps within it, but it can also have one or more Init Containers, which are run before the app Containers are started. Init Containers are exactly like regular Containers, except: •They always run to completion. •Each one must complete successfully before the next one is started. They all must run to completion before the Pod can be ready. https://kubernetes.io/docs/concepts/workloads/pods/init-containers/

Init Containers Can be used for - Sleep - Register Pod - Clone a git - Place value to config file

Kuberntes Config Map 7

Config map to inject function's code to the runtime pod. The ConfigMap API resource provides mechanisms to inject containers with configuration data while keeping containers agnostic of Kubernetes ConfigMaps allow you to decouple configuration artifacts from image content to keep application portable. ConfigMap is similar to Secrets, but provides a means of working with strings that don’t contain sensitive information The ConfigMap’s data field contains the configuration data. As shown in the example, this can be simple – like individual properties defined using --from-literal – or complex – like configuration files or JSON blobs defined using --from-file. There is size limitations exists. https://kubernetes.io/docs/tasks/configure-pod-container/configmap/

Custom Resource Definitions (CRD) to simulate function's metadata 8

From Kubeless documents (how they run):

•There is a CRD endpoint being deploy called function.k8s.io: •Then function custom objects will be created under this CRD endpoint. •function.spec contains function's metadata including code, handler, runtime, type (http or pubsub) and probably its dependency file. •Custom controller watch changes of function objects and react accordingly to deploy/delete K8S deployment/svc/configmap. These containers fetch all the dependencies and share them with the function runtimes using volumes. •The runtimes are pre-built docker images that wrap the functions in an HTTP server or in a Kafka consumer. Indeed, to be able to trigger functions via events we currently use Kafka. •There are currently two type of functions supported in Kubeless: http-based and pubsub-based. A set of Kafka and Zookeeper is installed into the kubeless namespace to handle the pubsub-based functions. https://github.com/kubeless/kubeless/blob/master/docs/architecture.md May be useful in some implementations………

Volume mount / storage for custom source load 9

On-disk files in a container are ephemeral, which presents some problems for non-trivial applications when running in containers. First, when a container crashes, kubelet will restart it, but the files will be lost - the container starts with a clean state. Second, when running containers together in a Pod it is often necessary to share files between those containers. The Kubernetes Volume abstraction solves both of these problems. https://kubernetes.io/docs/concepts/storage/volumes/

Runtime Source/Function

Everything is API Driven

Serverless Architecture Kubernetes is API Driven Model

Functions in FaaS are triggered by event types defined by the

provider.

Functions to be triggered as a response to inbound http requests, typically in some kind of API gateway. (e.g. AWS API Gateway, Webtask)

Fundamentally FaaS is about running back end code without

managing your own server systems or your own server applications. That is the key difference when comparing with other modern architectural trends like containers and PaaS (Platform as a Service.)

FaaS is seen as a better choice for event driven style with few event types per application component, and containers are seen as a better choice for synchronous-request driven components with many entry points.

https://martinfowler.com/articles/serverless.html - Must read article!

10

Kubernetes properties for FaaS!

1) Automatic orchestration - Seemless Deployments of Install and remove.

2) Horizontal Autoscale - Custom metrics can be pulled out easily for scaling.

3) K8s Cloud Native and serverless has same Workload Characteristics.

4) Expose service from function - HTTP services from k8s functions very easy to create.

5) Associate functions with k8s watches, triggers, HTTP routes.

6) Init container to load the dependencies that function might have.

7) ConfigMap for runtime load.

8) Custom Resource Definitions (CRD) to simulate function's metadata.

9) Volume mount / storage for custom source load.

10)Everything Remote API Driven!

Fission on K8S

Put together you get - Kubernetes Serverless Architecture Models

Custom Commercial Deployments

Open Source Serverless comparison

Commercial Serverless Feature comparison

https://cloudacademy.com/blog/microsoft-azure-functions-vs-google-cloud-functions-fight-for-serverless-cloud-domination-continues/

Container Orchestration Comparison

Container Orchestration Comparison

https://apprenda.com/white-papers/container-orchestration-comparison-guide

Container Orchestration Comparison

Astonishing growth

Kubernetes still lead the pack in comparison to other container orchestration!

Some of the materials used in this presentation are taken from web. Its used here just for educational purpose only. Thanks to all for those wonderful contents.

Thanks……