[NDC 2019] Functions 2.0: Enterprise-Grade Serverless

2. Katy Shimizu Software Engineer II, Azure Functions @kashimizMSFT katy.shimizu@microsoft.com

5. Focus Efficiency Flexibility What are the benefits?

7. Azure Functions

8. Function Trigger public static class SimpleExampleWithOutput { [FunctionName("CopyQueueMessage")] public static void Run( [QueueTrigger("myqueue-items-source")] string myQueueItem, [Queue("myqueue-items-destination")] out string myQueueItemCopy, ILogger log) { // Business logic goes here. } } Output Binding { "generatedBy": "Microsoft.NET.Sdk.Functions-1.0.0.0", "configurationSource": "attributes", "bindings": [ { "type": "queueTrigger", "queueName": "%input-queue-name%", "name": "myQueueItem" } ], "disabled": false, "scriptFile": "..binFunctionApp1.dll", "entryPoint": "FunctionApp1.QueueTrigger.Run" } function.json

9. Sounds great, but I need.. automated testing to run on-premises custom dependencies custom hardware automated deploymentreal-time monitoring sub-second latency network isolation complex workflows long-running processes identity management secure credentials storage versioning strategy state managementto run in a VNET

10. Agenda • Hosting Options • Premium • KEDA • Monitoring and Diagnostics • Application Insights • Security • MSI and KeyVault Integration • Deployment • Azure DevOps • Workflows and State • Durable Functions and Entities

11. Platform App delivery OS ●●● ●●● ●●● + https://github.com/azure/azure-functions-host (+other repos) Azure Functions host runtime Azure Functions Core Tools Azure Functions base Docker image Azure Functions .NET Docker image Azure Functions Node Docker image ●●●

12. • Serverless scale with bigger, configurable instances • Up to 4 cores 12Gb of memory • Cold start controls • Min plan size • Pre-Warmed instances • VNET connectivity • Longer run duration • ~25 minutes • Predictable billing • Max plan size

13. 0 1 2 3 4 5 6 0 2 4 6 8 10 12 14 Load Consumption Instances

14. 0 1 2 3 4 5 6 0 2 4 6 8 10 12 14 Load Available Instances

15. 0 1 2 3 4 5 6 0 2 4 6 8 10 12 14 Load Premium Instances (1 Pre-Warmed)

16. 0 1 2 3 4 5 6 0 2 4 6 8 10 12 14 Load Premium Instances (1 Pre-Warmed)

19. • Secure inbound HTTP access to your App to one subnet in a VNET • Allow secure outbound calls to resources in a VNET • Dependencies that you add can be insecure Internet Functions Runtime HTTP Front-ends Virtual Network (VNET)

20. Virtual Network (VNET) • Leaving the multi-tenant world • Your entire app is contained within a VNET • Organizational controls over ingress / egress • Limited scaling speed Internet Functions Runtime HTTP Front-ends

21. Orchestrates containerized workloads and services. Provides a clean interface for managing distributed systems across many nodes, including replication, scaling, and state management. App App

23. Kubernetes cluster Function pods Horizontal pod autoscaler Kubernetes store KEDA Metrics adapter ScalerController CLI 1->n or n->1 0->1 or 1->0 Any events? Register + trigger and scaling definition External trigger source

24. When to consider KEDA Run functions on-premises / Intelligent edge Run functions alongside existing Kubernetes investments or requirements Run functions on a different platform or cloud Run functions with full control and management of scale and compute

25. Monitoring/Diagnostics Azure Functions integrates with Application Insights

27. Spot the vulnerability! module.exports = function (context, payload) { if (payload.action != "opened") { context.done(); return; } var comment = { "body": "Thank you for your contribution! We will get to it shortly." }; if (payload.pull_request) { var pr = payload.pull_request; context.log(pr.user.login, " submitted PR#", pr.number, ": ", pr.title); SendGitHubRequest(pr.comments_url, comment, context); // posting a comment } context.done(); }; function SendGitHubRequest(url, requestBody, context) { var request = require('request'); var githubCred = 'Basic ' + 'mattchenderson:8e254ed4'; request({ url: url, method: 'POST', headers: { 'User-Agent': 'mattchenderson', 'Authorization': githubCred }, json: requestBody }, function (error, response, body) { if (error) { context.log(error); } else { context.log(response.statusCode, body); } }); }

28. Secrets management const msRestAzure = require('ms-rest-azure'); const KeyVault = require('azure-keyvault'); const vaultUri = process.env['GITHUB_SECRET_URI']; // Value looks like: 'https://foo.vault.azure.net/secrets/gh' //... Getting the event let kvToken = msRestAzure.loginWithAppServiceMSI({ resource: 'https://vault.azure.net' }); let keyVaultClient = new KeyVault.KeyVaultClient(kvToken); keyVaultClient.getSecret(vaultUri).then(function (secret){ var githubHeader = 'Basic ' + secret; //... Call GitHub });

29. Managed identities for Azure Functions  Keep credentials out of code  Auto-managed identity in Azure AD for Azure resource  Use local token endpoint to get access tokens from Azure AD  Direct authentication with services, or retrieve creds from Azure Key Vault Azure Functions Azure Service (e.g., ARM, Key Vault) Your code Local token service Credentials 1 2 3 Azure (inject and roll credentials)

30. Gets secrets out of App Settings and into secrets management Leverages the managed identity of your function app Versions required for initial preview (goal of auto-rotation) @Microsoft.KeyVault(SecretUri=https://myvault.vault.azure.net/secrets/mysecret/mysecretversion) Foo: mysecret Foo: mysecret Foo: mysecret Foo: reference Foo: mysecret

32. Inner and Outer Loop Development

33. • GA of Functions Build task • Easily add Functions to a CI/CD pipeline • New streamlined CLI command • az functionapp devops-pipeline create • Automatically configures DevOps to build with new commits to your version control • Configures Github or Azure Repos automatically aka.ms/functions-azure-devops

35. What’s still hard?

36. Durable Functions: function types

37. // calls functions in sequence public static async Task<object> Run(DurableOrchestrationContext ctx) { try { var x = await ctx.CallFunctionAsync("F1"); var y = await ctx.CallFunctionAsync("F2", x); return await ctx.CallFunctionAsync("F3", y); } catch (Exception) { // global error handling/compensation goes here } } Orchestrator Function Activity Functions

38. public static async Task<object> Run(DurableOrchestrationContext context) { try { var x = await context.CallActivityAsync<object>("F1"); var y = await context.CallActivityAsync<object>("F2", x); var z = await context.CallActivityAsync<object>("F3", y); return await context.CallActivityAsync<object>("F4", z); } catch (Exception) { // Error handling or compensation goes here. } }

39. // An HTTP-triggered function starts a new orchestrator function instance. public static async Task<HttpResponseMessage> Run( HttpRequestMessage req, DurableOrchestrationClient starter, string functionName, ILogger log) { // The function name comes from the request URL. // The function input comes from the request content. dynamic eventData = await req.Content.ReadAsAsync<object>(); string instanceId = await starter.StartNewAsync(functionName, eventData); log.LogInformation($"Started orchestration with ID = '{instanceId}'."); return starter.CreateCheckStatusResponse(req, instanceId); }

40. public static async Task Run(DurableOrchestrationContext context) { int jobId = context.GetInput<int>(); int pollingInterval = GetPollingInterval(); DateTime expiryTime = GetExpiryTime(); while (context.CurrentUtcDateTime < expiryTime) { var jobStatus = await context.CallActivityAsync<string>("GetJobStatus", jobId); if (jobStatus == "Completed") { // Perform an action when a condition is met. await context.CallActivityAsync("SendAlert", machineId); break; } // Orchestration sleeps until this time. var nextCheck = context.CurrentUtcDateTime.AddSeconds(pollingInterval); await context.CreateTimer(nextCheck, CancellationToken.None); } // Perform more work here, or let the orchestration end. }

41. public static async Task Run(DurableOrchestrationContext context) { await context.CallActivityAsync("RequestApproval"); using (var timeoutCts = new CancellationTokenSource()) { DateTime dueTime = context.CurrentUtcDateTime.AddHours(72); Task durableTimeout = context.CreateTimer(dueTime, timeoutCts.Token); Task<bool> approvalEvent = context.WaitForExternalEvent<bool>("ApprovalEvent"); if (approvalEvent == await Task.WhenAny(approvalEvent, durableTimeout)) { timeoutCts.Cancel(); await context.CallActivityAsync("ProcessApproval", approvalEvent.Result); } else { await context.CallActivityAsync("Escalate"); } } }

42. “Hello MDC!”[“Hello MDC!”] Orchestrator Function Activity Function Execution History var outputs = new List<string>(); outputs.Add(await context.CallActivityAsync<string>(“Hello”, “MDC”)); return outputs; Orchestrator Function ? Activity Function “Hello MDC!” Orchestrator Started Execution Started Task Scheduled, Hello, “MDC” Orchestrator Completed Task Completed, “Hello MDC!” Orchestrator Started Execution Completed, ["Hello MDC!"] Orchestrator Completed History Table

43. public static async Task Counter([EntityTrigger(EntityClassName = "Counter")] IDurableEntityContext ctx) { int currentValue = ctx.GetState<int>(); int operand = ctx.GetInput<int>(); switch (ctx.OperationName) { case "add": currentValue += operand; break; case "subtract": currentValue -= operand; break; case "reset": await SendResetNotificationAsync(); currentValue = 0; break; } ctx.SetState(currentValue); }

44. • Entities process one operation at a time • An entity will be automatically created if it does not yet exist • Operations can be non-deterministic • Entity functions can perform external calls (preferably with async APIs) • Entities can invoke other entities, but only one-way communication Developing entity functions

47. Event-driven programming model with Kubernetes - KEDA Dependency injection support for .NET Extension bundles Durable Functions stateful patterns Streamlined Azure DevOps experience New Serverless Library experience Premium Functions hosting option Support for PowerShell Core 6 https://aka.ms/FunctionsBuild2019

48. Title Speakers Code Time Serverless web apps with Blazor, Azure Functions, and Azure Storage Jeff Hollan THR2003 Monday, May 6 4:30 PM - 4:50 PM Closing the key gaps of serverless with Azure Functions Alex Karcher Jeff Hollan BRK3042 Tuesday, May 7 10:00 AM - 11:00 AM 6 things you need to know about serverless Colby Tresness THR3009 Tuesday, May 7 2:00 PM - 2:20 PM Bring serverless apps to life with Azure SignalR Service Anthony Chu THR3008 Tuesday, May 7 4:00 PM - 4:20 PM Where should I host my code? Choosing between Kubernetes, Containers, and Serverless Jeff Hollan THR2005 Wednesday, May 8 10:00 AM - 10:20 AM Event-driven design patterns to enhance existing applications using Azure Functions Daria Grigoriu Eduardo Laureano BRK3041 Wednesday, May 8 2:00 PM - 3:00 PM The good, the bad and the ugly of Serverless Burke Holland Cecil Phillip CFS2025 Wednesday, May 8 3:30 PM - 4:30 PM Mixing Stateful and Serverless – workflow, orchestration, and actors Matthew Henderson THR3011 Wednesday, May 8 4:00 PM - 4:20 PM

49. • GitHub: Azure/Azure-Functions • Full Repository List • MSDN Forums • StackOverflow: • azure-functions • azure-durable-functions • Twitter: @AzureFunctions • UserVoice • YouTube

51. Available tools of Azure Functions

[NDC 2019] Functions 2.0: Enterprise-Grade Serverless

[NDC 2019] Functions 2.0: Enterprise-Grade Serverless

Recomendados

Más contenido relacionado

Was ist angesagt?

Was ist angesagt?(20)

Similar a [NDC 2019] Functions 2.0: Enterprise-Grade Serverless

Similar a [NDC 2019] Functions 2.0: Enterprise-Grade Serverless(20)

Último

Último(20)

[NDC 2019] Functions 2.0: Enterprise-Grade Serverless

Hinweis der Redaktion