FaaS and Furious - 0 to Serverless in 60 Seconds, Anywhere - Alex Ellis, ADP

Video Statistics and Information

Video
Captions Word Cloud
Reddit Comments
Captions
welcome to my talk fast and furious zero to service in 60 seconds anywhere now I want to talk to you about what service is what you can use it for and also how you can deploy it in 60 seconds and then we'll move on and look at some cool demos and talk about how some of our users are going on a journey to production with it - now when we talk about service what we're really looking at is a new architectural pattern a way of designing systems so we're all familiar with the monolith we used to build these three tier application x' they had a database they were very slow to test very hard to deploy they did far too many things and we broke those down into micro services now those micro services had more constrained responsibilities but at the same time they're actually quite hard to manage and you look at something like st or open tracing that have come along to kind of bridge the gap more functions are the next step in the evolution and your function is even more specialized it tends to do one thing and one thing really well it's a discrete reusable piece of code we can be deployed and you can pretty much forget about it so when we're looking at functions it's that next step in the evolution now they do not replace your existing micro service and monoliths in fact they work best as an integration as a kind of connected tissue to bring them together okay and you'll see how you can build an event-driven architecture quite easily an example might be a event from a payment gateway they needs to go into a larger part of your system and I'm actually going to show you a real-life example of that later on so this is a cloud native landscape and we're all quite familiar with this we've been seeing it every morning and evening and open-face is actually on here now I think somebody's heads and in the way they're so open faces on now and really practice the that this is its kind of the the chart of all the technology and upcoming projects and what's kind of hard is knowing how to navigate it okay and so you'll find many of these projects work together to create new value we make use of Prometheus and some other technologies they're like container D to add value I'm just going to specialize on open fast today I just want to talk first a little bit about something from the industry from a cloud provider about AWS now have an echo dot upon the stage this is a voice assistant and it's a great example of service applied to an IOT device you speak to it your voice is uploaded to the cloud probably a monolith we'll pass that and then it will invoke a function shortly function and that's it okay and we'll see it makes use of a weather service is probably Yahoo weather another monolith and the way this works is you upload a zip file you maybe install dependencies on your local laptop and then that's it you upload it and Amazon will look after the billing for you but there's some restrictions here and that model of editing code in a web editor or throwing a zip file across the wall is it's kind of falling short of what we've come to you understand as cloud native now you can actually replace lambda with open fires and docker and then you can get that whole ecosystem that we've seen on that landscape and bring that in alongside your existing applications but why would that matter we should be able to write functions in whatever programming language suits your business and your team you should be able to run them for however long it's necessary and that means more than 5 minutes and you should be able to run them whatever hardware you have available now when you come to use confidential data is often really important to run the code where the data already lives we've opened fires you can do that today now let's take a quick look at a skill that I built out and the Wi-Fi is actually being a bit patchy here so let's keep your fingers crossed at a teepee I have to go through around 20 klicks to be able to book a day off maybe similar story for you guys and I'm built a skill to make that easier okay Alexa asked self-service how many days I've got off nine days okay Alexa asked self-service but a day off there's an error Alexa asked self-service book vacation sure which day would you like Friday got it I will book our Friday right now Alexa asked HR how many days I've got we'll come back to that later what you can now see is a new interface and we're able to completely swap out that code and build a conversational UI now you may be thinking what are the use cases for serverless and this is a very common question it comes up a lot now when you look at open files you can actually make any binary even a C++ binary from 25 years ago into a service function without changing it in any way any binary file in Windows or Linux will actually work that way but I want to talk about some specific use cases and then go into them so machine learning you may have seen colorized bots in a closing keynote with we've yesterday and we're able to take a black-and-white photo and turn it to color just by packaging it up as a function batch jobs many of us will be having our payroll processed at the end of the month again that will often be done with a batch job if you have a function we've opened fires you get batching for free and asynchronous invitations you don't have to build that yourself image and video conversion is a very popular workload and you'll find things like image magic are still being used widely in the industry today you can take that binary without writing any code and package it as a function this is a perfect example of a mobile backend and then chatbots and I'm going to show you really exciting collaboration with the mobi project around that now any function you create automatically gets a HTTP API it gets metrics through Prometheus so you have observability a little bit about the story so far I started this project by looking at how to build skills for the Alexa and I found the experience somewhat lacking uploading text uploading a zip file some dependencies locally that is not the container native way I was a docker captain and I thought well you know let's try it to do something I wrote a POC it was quite popular and I I figured out that I hadn't done everything right and heard about the docker conchal hacks contest which was actually in Austin and you needed to push docker beyond what it had been designed to do now I ended up pivoting the whole project and rewriting ingo and they accepted it and this is a bit of a homecoming so I was actually here on the keynote in May so it's great to be back here but since May I've carried on going and it's become the top trending project on github overall for about a day gained over 8,000 stars and best cloud computing software from infoworld along with docker and kubernetes very just humbled by that there are people taking this to production and then we have the Cuban 80 support which came in a few months ago along with Nomad DCOs and Cattle now this project would not have the the it would not have this much traction it would never have grown as big as it has unless we had a community behind it and that's a key difference of this project so we have over 65 contributors and I've got some of the highlighted ones here and top influencers so up on the left here we have or on my left we have Stefan from we've works and he came along to try and do a cool demos okay be actually like the project so much he stayed and he's contributing finian with the sunglasses there you may have seen him in the keynote is 17 and he helped me build colorize bot and have a story for each one of these guys including Burton who's a local here and we actually got to meet face to face the community is a very important part of this project we've got over 1400 commits and a lot of momentum right now so just to go into that a little bit more we built this Twitter bot myself finian and Ollie over there and this is I said Dokic on a couple of months ago staying up late helping them add error-handling to the bot making sure that it was productionize ready to go and this is an example of what it can do and that's just been a great experience I met finian in February this year he'd seen one of my Raspberry Pi clusters and I advocated for him with docker and managed to get his expenses paid so that he could come and present in community theater and then he came to Copenhagen and spoke again and so I think on open fires and personally I just love to invest in people and see them grow so let's talk about the stack and now this really comes in one flavor cloud native the API gateway is written in go line that is the central point where all of your functions are defined and all your traffic is routed it's like a load balancer if you like there's a restful api and every function you deploy will get a route prometheus is baked into that which means you don't have to do that yourself so as each of your functions are being called we're actually tracking statistics on that and we can use them then to call the swarm QB Nettie's api natively to horizontally scale the demand Dockers image format I think we'll all agree is a way we should be building and shipping software we don't want to be going back to dropping JavaScript files into a black box if we've learned from that and the function watchdog is a component which we stick inside a container as a shim a sidecar if you like in a similar way to sto which allows it to come service your application doesn't actually have to know anything about it now this is the function in watchdog it works a little bit like CGI it becomes the entry point for your container and as we get a web request Wilfork a process and push all of the body in through standard in so something that every application can work with and read a response through standard out in this example I'm saying Python and main three well normally you would have had to build an entire flask application build your own Prometheus metrics you get it all for free and allows us to do some really smart stuff now even fathers actually approach is more than just an open source project another faz framework we have a values that we use to kind of drive where the project should go so this is developer first it should be unsurprising we do not want magic in widgets people come to this project and they say we tried the alternatives and we just didn't know how to debug it when things went wrong we have a CLI in a UI and now actually really treasured by the community most of our contributions have come around the CLI because it's where the developers come first is the first touch point for them we have operation operational simplicity which means it's very easy to deploy in 60 seconds it's portable it can run on an arm it can run on the cloud we even looking at technologies like aks and a CI by Microsoft to allow you to run open FAR's and very easily in a managed kubernetes environment and then because this is an open platform the community can come around it and add things that they need which has led to developer love now Burton one of the guys who is a local here he actually has been working in his own time to do a POC because he so into the project and functions and he paren presents that back to his architects within the team and they're really excited about moving forward with functions and that reminds me of the story of docker where I did the same thing at ADP now this is the rough architectural diagram if you like ten thousand feet we have the CLI the UI or any web service coming into the gateway and then you have your functions on the other side now the key difference between open files and other projects is actually you can swap the orchestration framework out everything else works exactly the same and that's what enabled me to make a really tight native integration with kubernetes in just a few days now we've been running that for a few months now we have support for our back helm charts we use services deployments and keeping a few secrets so there's nothing surprising it's native integration so let's look at deploying this it's going to take 60 seconds and I'm going to show you that just right now there's two other demos that you'll see the first one will be a collaboration with a movie project and this is where we've built a store that can create you a Linux kit VM and we'll pick which ones we want and we'll have several functions that will then talk to Linux kit and a database and eventually deploy to you packet or net alive VM the other demo that I'm going to show you is how we've as a project scaled community and being able to address some flaws in github permission system so let's go into that now so over here I have a terminal and I'm logged into cluster and you can see there are no pods let's get back into that now I just have the llamo here and I'm going to run the Yamal in using and I think we've got the consensus it's now called cube CTL heard it from Kelsey and if we take a look at these pods cube CT I'll get pods we're good to go now I can show you the open files UI and we see we've got no functions yet now this is brand-new we actually have a function store and the community is creating this I can click on a function this is the inception function it will tell you what's in a photo and hit deploy and then going to pick another one that I really like again this is from weave and this is an SSL checker so what I'm going to do is I'm not sure if I have automation on my certificate I'm typing in the request body at the bottom I'm going to hit invoke and we now got a response back from this sir checker it's telling me that I've got to the 1st of the 4th of January - Ari - Ari register my certificate now you can imagine how you can build a pipeline out of this where that is data that's programmatically used and sent to slack or JIRA ticket or something similar okay the inception function is what we've packaged with tensorflow and what we can do is take an image and paste the URL here hit invoke and we get back a categorization this is 48 percent C line ok now it might not be right the whole time but actually what we've been able to do is take something very complex and in a few lines of code just package it as a function and you can imagine how you could then commoditize this so let's move on to the demo of the mobi store now a B in the front here has worked on this with me and what we're going to do is select a couple of containers and is it Redis for instance it's quite a quick one to build and I've added that to the cart can now click on the cart and I can see that Redis is listed there up at the top now the concept of Linux kit is that you will build multiple V containers into an immutable virtual machine and so when you come to upgrade your server you just replace the entire virtual machine there's no upgrades there's no vulnerabilities I'm going to hit build and deploy and I believe this takes about 30 seconds and an over on my packet project 30 seconds we'll see that pop up so let's just go on to the next demo now does anyone recognize this github repository do we know what's in there no this is Dockers code base and the bot that we built for open fires to help our contributors manage the code without actually having full write access is now running on the mobi mobi organization now I can take I can create a new issue here test for cube con and because I'm a docker captain I've actually been put in a special file that says that I'm allowed to curate these issues and like as a derrick add a label invalid and the bot will pick up that via epoch you'll then apply the label that you can see that and then I can do things like Derrick closed now he also does smarter stuff for our project like checking that people have signed off for their licenses so he won't allow us to merge a pull request until they've said yes I agree this can be licensed under MIT because he's closed the issue there let's take a look at the packet okay it's actually popped up we can see root Linux kit and it has an IP address there as well and that's booting up now on their infrastructure now the demo that we built the mobi store you see the cart will be empty now is actually a no js' application and we were able to build this very fast by putting functions together that rat Linux kit and talk to my sequel and that's what that architectural diagram was about okay now one tenant of a servlet system is the ability to scale for demand now this is figler it will give you an ASCII logo what I'm actually going to do is I'm going to call into this and with Apache bench and I'm going to try to give it significant amount of traffic what we should see is because our metrics are being tracked by Prometheus we'll start to see some data appearing within our graphs and there we go in a function rate has it's a bit faint it's just shot up here and the replicas or on the right-hand side and as that traffic continues to be monitored and observed we'll actually see the function scale up and that's a horizontal pod scaling okay and we've just gone up to five replicas there and now we have more capacity to process that more compute when that finishes it will back off and it will go back to one replicas again so you may be wondering how would I actually write a function myself well we have a CLI that can make it really easy for you and we're not going to put you into any boxes you can actually use a full docker file and put the watchdog in manually but we have some templates that make it very easy this says fast CLI new bash - language Python and we have the name of the function docker con generate two files for you your handler and your requirements file that's used by PIP will then combine that with a best practices Python template that has an alpine Linux base and a non wrote user and anything else that we think is necessary for your image will then combine them and build the image which can be stored in something like harbor twistlock docker registry even key and from that point you have an immutable artifact and this is a key difference between other projects that can be deployed into dev QA staging and production and you know you've got exactly the same thing once you actually start to get a few of these functions you can put them in a Yama file and we generate this for you so here I've got something that will ping in URL and something that will notify me to slack I can also specify my secrets here so we're using cuban NT secrets to keep your API token secure we can put constraints here we can set memory limits and then faster you'll I build push deploy that's your workflow okay so let's talk about how you might invoke a function and you might be surprised by the simplicity of this we have a route for a resize image since we've deployed the function we have our data our binary on the client side and then we'll just call the Gateway with the URL posting the binary it will look up the function in the service catalog with DNS post to the watchdog shim and then it will respond immediately synchronously with a TCP connection with your data that's it there's a very simple this will probably be enough for most people we don't need Kafka we don't need to involve complex systems however sometimes you may want a deferred execution and this is where you can use an asynchronous way of running your code it talked about batch jobs earlier in fact our colorized bot takes around 8 seconds to run so we don't want a persistent connection we run it in the background so your image comes in to the gateway and it will be queued somewhere our default implementation uses in that streaming which is a very lightweight fast message bus a key worker will then call the function for you but then how do you get the result back well normally it would just be lost or you'd have to code something to store it somewhere we have a built-in mechanism x-callback URL that you could pass with your original call and then when it's finished it will come back to you and that can either be to a function or it could be to an external website so if you want to play with this later a great example is to use the inception function in the store and request bin or something with egg rock and you'll be able to get the result coming back to you soon as it's ready we also have a Kafka connector that's been built by the community a connector for a vent grid and we're looking into AWS SNS as well so I just want it to tell you a little bit about colorize bot because it's kind of great to get the theory but when you put a system together you learn a lot of things very fast we have a tweet listener here now that's actually a micro service because the API will not allow you to keep connecting you need to have something persistent and that's fine don't use service functions for everything please do not you then have that invoke the Gateway but we don't send the image in we actually store it in object storage in Mineo now that black and white image will be there we'll send the URL into the Gateway the Gateway will asynchronously invoke colorize because it takes 8 seconds you really can't afford to have that transaction open and then once it's invoked it will pull the picture from Mineo will then tweet the picture for you ok and if we needed to do anything else like notify slack we could do that we're being able to build a dashboard out of it - because the metrics are just that and you can try this later on the spelling is a little bit odd it's American color and English eyes so one thing that you can do once you start to build functions I think that's where the value comes is cookie-cut things so I spoke earlier about a payment gateway right well Dan Cohen in his keynote said that there's this cycle that makes open source project so successful he says you have a project creates a product generates profit that goes back to the project again now we haven't quite figured that out yet but one thing we have done is created a patreon campaign where people come back the project ten fifteen dollars and just help with stickers and bits and pieces like that so I created this function that takes a web hook from patreon every time somebody submits a payment we verified the origin of the message using H Mac which is the same as what Gipper github uses and then tweet using the API token that I've stored in a queue Bonetti secret and you could take that and you can modify that however you like in fact if you star the open files repository the same sort of code will tweet your avatar to my Twitter feed just kind of fun fun as well and you see there Wesley kindly helped us out so this is more than just a POC when it was launched in May there were very grand ideas now we're actually getting much more feedback from people who want to take to production I talked about the University of Calgary we still have around 10 minutes University of Calgary has H our system and they also have a research management system now when a paper gets approved they need to link that to their HR system they actually have AK Africa cluster there already and already have events that are generated they use serverless functions to connect them together and do transformations now we didn't have a connector at the time and they just wrote 90 lines of Python code and it just worked and that goes back to what I said earlier about having this open platform I think you'll find the same for yourselves Conte Amma has started out of Berlin and they do a lot of data science they would take something like a jupiter notebook and they will build it deploy it and run it as an open fast function and give you the results back adp have been experimenting with machine learning to see if we can detect customer churn and what we were able to do was figure out the Python code of scikit-learn that we needed in a console app and then just wrap it in a function and it just worked it took about five minutes so it's very very quick to get that experience to build things up and to start going to production with it now there are a lot of integrations over on the other side of the screen some of these have been done by the community and some are actually done by the project so Hashi Corps has spent a developer resource their developer advocate Nick Jackson has really helped the project and he's created a nomad back-end so I said you can swap the orchestration layer hyper shì believer here to created a back-end for their cloud which gives you per second billing you're kind of exciting and then rancher and DCOs came from the community and we have some other integrations that are happening there too now I've put Qualcomm on here because they've actually got a really cool demo with a very big elixir over on their booth and you can ask it about open fires and it will show you a slide show it's very cool to go and check that out later so what's next for the project and we have a few minutes for questions - well the function of thought has actually launched it launched so quick I didn't have enough time to update this slide so go and check it out there's no more searching through github we said serverless functions made simple and that actually challenged us to deliver on it and so now you can one click and get a really useful function Derek as a public github app is now installed on Moby Moby and I hope that it will be able to install on other projects too so you can start leveraging the benefits fine-grain permissions we have a documentation site here's a little preview of it just ironing ironing that out and then on a technical level the things that they're kind of really interesting and also some things that are really helpful so integrating with cloud events SNS cues from AWS you push to s3 you get an event it's currently quite hard to do but I think we can build a connector for it multi-tenancy is something that people ask time and time again how can we create secure isolation between functions well I think some of the technologies that we've seen in the keynote could really make that very easy observability we've open tracing again could allow you to build up a very detailed picture of all these functions that you're now managing where are the bottlenecks and then scaling to zero and I think this is largely overcooked people look at serverless and they say we'll look doesn't lambda scale to zero you should do that too well I don't have hundreds of thousands of concurrent users over an over provision cluster I have a team with a payment gateway that needs to run 24/7 and have high availability perhaps it's okay if we have one replica running the whole time it's only ten Meg of RAM right so I think we need to apply some common sense but these are things that we're looking at this is a direction that we're moving in and of course we're open to contributors and I've met some of you here today and had great conversations with you really open on the project whenever one whenever anyone wants to join slack will give them a warm welcome will introduce you to the community and help you get your first pour requests matched whether that's code or just helping in some other way so thank you very much for listening really appreciate it and I think we may have some time for a few questions [Applause] he's fast okay um Abby can you run can you run the mic thank you sir can the functions can they be developing your other languages is there a way to to plug to create a plug-in or something there you can write your language in you can write your function in any language any binary for Windows or Linux can be made into a function we have templates for about eight common languages that just make it even easier for you yeah okay the question at the back yep so open fast looks to provide back implementations for a number of different providers if I'm looking at this as kubernetes first and running a service flatworm on it does open fast support rbac or execution and different namespaces can you repeat does open fast support kouhei's rbac for limit limiting access or say yeah or Beck yeah we use we use our back and you can choose what namespaces to deploy into so you could have two concurrent deployments okay so I deploy two different instances open fast then into namespaces alright one instance and it can point to multiple namespaces you could do two instances in different namespaces at the moment but if that's something that is interesting to you you know please get in touch we see if there's another way of doing it okay question up the front as well do you just wanna shout it like repeat it you wish yourself yep is a sample which one yes so it's a sample for ffmpeg available there are lots of samples available ffmpeg is there we have a community repository called fast and furious and that's where a lot of the store images are so yeah you can get hold of it and you can actually get the gift maker you put a YouTube URL in and it will give you a gift from it okay well look I think people are trying to get off to other sessions but if you want to come up to the front and ask me anything else I'll be here and tomorrow as well my github account is Alex Ellis UK and open files welcome thank you [Applause]
Info
Channel: CNCF [Cloud Native Computing Foundation]
Views: 3,865
Rating: 5 out of 5
Keywords:
Id: XgsxqHQvMnM
Channel Id: undefined
Length: 34min 20sec (2060 seconds)
Published: Fri Dec 15 2017
Related Videos
Note
Please note that this website is currently a work in progress! Lots of interesting data and statistics to come.