Apache OpenWhisk + Kubernetes- A Perfect Match

Serverless is a popular topic nowadays in cloud area. Some scenarios today, like IoT, web app or microservice based architecture, require using Serverless to handle requests. Apache OpenWhisk is a serverless, open source cloud platform that executes functions in response to events at any scale. Kubernetes is a well-known open-source system for automating deployment, scaling, and management of containerized applications. How well can Apache OpenWhisk and Kubernetes work together to build an enterprise level serverless platform? What are the best practices and gotchas? In this session, we will answer these questions. We will introduce how to design and deploy an Apache OpenWhisk based serverless solution over Kubernetes cluster. In addition, we want also to share some code patterns and demos

1.Apache OpenWhisk + Kubernetes: A Perfect Match for Your Serverless Platform Ying Chun Guo Zhou Xing guoyingc@cn.ibm.com xingzhou@qiyi.com

2.Agenda •  What is serverless? •  Kubernetes + Apache OpenWhisk •  Technical details •  Demo

3.What is serverless ?

4.What is serverless ? Functions as a Service Serverless= Backend as a Service Benefits •  Zero server ops –  No provisioning, updating, and managing server infrastructure. –  Flexible Scalability •  No compute cost when idle

5.Serverless landscape defined in CNCF

6.Kubernetes + Apache OpenWhisk

7. Kubernetes Introduction §  K8s is a production- grade container orchestration platform §  Declarative management of objects using configuration files. §  More introductions, go to •  K8s official document http://kubernetes.io •  Open Tech Mini Academy @ IBM http://ibm.biz/opentech-ma

8.Kubernetes Resource Model A common resource model can satisfy any deployment requirements §  Config Maps §  K8s通过这些资源模型构建应用程序 §  Daemon Sets §  Deployments §  每一种资源都可以被用户所创建并存储在K8s数 §  Events 据库中 §  Endpoints §  Ingress §  用户通过这些创建这些资源“描绘”应用程序在 K8s平台上部署后的样子,K8s会根据这些资源 §  Jobs 的描述尽可能完成对应用程序和服务的部署 §  Nodes §  Namespaces §  这其中,Pod包含了一组共享Linux Namespace §  Pods 的容器,是K8s平台所能调度的最小单元。其他 §  Persistent Volumes 多种资源,例如Deployment,Job等,都是构建 §  Replica Sets 在Pod的基础概念之上的。 §  Secrets §  Services §  用户可以通过kubectl配合描述资源的yaml文件 §  Stateful Sets… 创建这些资源

9.Helm •  The package manager for Kubernetes •  Easy to create, version, share, and publish — so start using Helm and stop the copy- and-paste madness. •  Help you define, install, and upgrade even the most complex Kubernetes application. •  Official community: https://helm.sh/

10.Core concepts in Helm Helm installs charts into Kubernetes, creating a new release for each installation. And to find new charts, you can search Helm chart repositories.

11.Apache OpenWhisk A serverless, open source cloud platform that executes functions in response to events at any scale. Apache OpenWhisk offers: •  Apache Software Foundation (ASF) •  True, community-driven open source (Apache 2 License) •  Proven on IBM Cloud •  Exact, same code in open source Source event Result Trigger Action Rule

12.Architecture of Apache OpenWhisk

13.Deploy Apache OpenWhisk on Kubernetes •  The architecture diagram of OpenWhisk components on Kubernetes, e.g. •  https://github.com/apache/incubator-openwhisk-deploy-kube

14.Technical details

15. Deployment •  A Deployment controller provides declarative updates for Pods and ReplicaSets. •  Stands for a long running task, can be exposed as K8s services •  In OpenWhisk, usually, we deploy those core components’ dependencies lib or tools as Deployment: –  CouchDB –  Redis –  Zookeeper –  Nginx

16. StatefulSet/DaemonSet •  StatefulSet is the workload API object used to manage stateful applications. Manages the deployment and scaling of a set of pods, and provides guarantees about the ordering and uniqueness of these Pods •  A DaemonSet ensures that all (or some) Nodes run a copy of a Pod •  In OpenWhisk, we deploy strictly mangaged objects as StatefulSet or DaemonSet: –  Controller –  Invoker –  Kafka

17.Jobs •  A job creates one or more pods and ensures that a specified number of them successfully terminate. •  Job stands for a short running task •  In OpenWhisk, we used to deploy package installation and tasks like catalog installation as Job: –  Package installation –  Catalog installation

18.Service •  A Kuberentes Servcie is an abstraction which defines a logical set of Pods and a policy by which to access them. •  Service provides a way for applications to communicate with each other on K8s platform •  In OpenWhisk, we deploy all the dependencies as service, usually, they are deployed as ClusterIP service: –  Controller –  Invoker –  Nginx –  Kafka –  Zookeeper –  Redis

19.Other objects used in OW charts •  ConfigMap: like nginx deployment configuration •  Secrets: like DB access credentials •  Ingress

20.Component Launch Sequence •  In Kubernetes, we can use the following mechanisms to handle the component launch sequence: –  Init Container: a pre-handling container to process staff which need to be done before the major costainer starts –  Probe: readiness probe and liveness probe

21.Component Deployment Topology •  Use affinity to make deployment topology policies for different component. E.g. controller node and DB node may not be assigned to the same K8s node •  Affinity type –  Node Affinity –  Pod Affinity


23.Steps 1.  Create a namespace 2.  Label worker nodes to execute user actions 3.  Create a mycluster.yaml file to customize the deployment 4.  Deploy with Helm 5.  Wait…and done