faas-rs/faasd
1
0
Fork 0
mirror of https://github.com/openfaas/faasd.git synced 2025-06-09 00:16:46 +00:00
Code Issues Packages Projects Releases Wiki Activity
115 Commits 15 Branches 106 Tags
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
Alex Ellis eb369fbb16
Enable fix for secret support
2020-01-28 13:20:27 +00:00
.github
Add .github
2020-01-01 12:10:02 +00:00
cmd
Set all permissions to 0644 vs a mixture
2020-01-28 12:48:00 +00:00
hack
Move faas-containerd to faasd-provider unit file
2020-01-21 13:43:39 +00:00
pkg
Set all permissions to 0644 vs a mixture
2020-01-28 12:48:00 +00:00
vendor
Initial merge of faas-containerd
2020-01-21 13:43:39 +00:00
.DEREK.yml
Create .DEREK.yml
2019-12-21 10:09:55 +00:00
.gitignore
Add secrets support
2020-01-28 11:41:54 +00:00
.travis.yml
Tweak e2e tests
2020-01-03 18:58:37 +00:00
cloud-config.txt
Enable fix for secret support
2020-01-28 13:20:27 +00:00
Gopkg.lock
Initial merge of faas-containerd
2020-01-21 13:43:39 +00:00
Gopkg.toml
Initial merge of faas-containerd
2020-01-21 13:43:39 +00:00
LICENSE
Initial commit
2019-12-20 12:55:08 +00:00
main.go
Alteration for version passing
2019-12-31 12:30:14 +00:00
Makefile
Add cloud-config for use with multipass.run / VMs
2020-01-26 12:01:55 +00:00
prometheus.yml
Bind DNS names through /etc/hosts
2019-12-21 12:44:01 +00:00
README.md
Update README.md
2020-01-27 09:01:23 +00:00
resolv.conf
Enable NATS, speed-up restart
2019-12-23 20:43:00 +00:00

README.md

faasd - serverless with containerd

Build Status License: MIT OpenFaaS

faasd is a Golang supervisor that bundles OpenFaaS for use with containerd instead of a container orchestrator like Kubernetes or Docker Swarm.

About faasd:

  • faasd is a single Golang binary
  • faasd is multi-arch, so works on x86_64, armhf and arm64
  • faasd downloads, starts and supervises the core components to run OpenFaaS

demo

Demo of faasd running in KVM

What does faasd deploy?

You can use the standard faas-cli with faasd along with pre-packaged functions in the Function Store, or build your own with the template store.

faasd supports:

  • faas list
  • faas describe
  • faas deploy --update=true --replace=false
  • faas invoke
  • faas rm
  • faas login
  • faas store list/deploy/inspect
  • faas up
  • faas version
  • faas invoke --async
  • faas namespace

Scale from and to zero is also supported. On a Dell XPS with a small, pre-pulled image unpausing an existing task took 0.19s and starting a task for a killed function took 0.39s. There may be further optimizations to be gained.

Other operations are pending development in the provider such as:

  • faas logs
  • faas secret
  • faas auth

Pre-reqs

  • Linux

    PC / Cloud - any Linux that containerd works on should be fair game, but faasd is tested with Ubuntu 18.04

    For Raspberry Pi Raspbian Stretch or newer also works fine

    For MacOS users try multipass.run or Vagrant

    For Windows users, install Git Bash along with multipass or vagrant. You can also use WSL1 or WSL2 which provides a Linux environment.

    You will also need containerd v1.3.2 and the CNI plugins v0.8.5

    faas-cli is optional, but recommended.

Backlog

Pending:

  • Add support for using container images in third-party public registries
  • Add support for using container images in private third-party registries
  • Monitor and restart any of the core components at runtime if the container stops
  • Bundle/package/automate installation of containerd - see bootstrap from k3s
  • Provide ufw rules / example for blocking access to everything but a reverse proxy to the gateway container
  • Provide simple Caddyfile example in the README showing how to expose the faasd proxy on port 80/443 with TLS

Done:

  • Inject / manage IPs between core components for service to service communication - i.e. so Prometheus can scrape the OpenFaaS gateway - done via /etc/hosts mount
  • Add queue-worker and NATS
  • Create faasd.service and faasd-provider.service
  • Self-install / create systemd service via faasd install
  • Restart containers upon restart of faasd
  • Clear / remove containers and tasks with SIGTERM / SIGINT
  • Determine armhf/arm64 containers to run for gateway
  • Configure basic_auth to protect the OpenFaaS gateway and faasd-provider HTTP API
  • Setup custom working directory for faasd /var/lib/faasd/
  • Use CNI to create network namespaces and adapters

Tutorial: Get started on armhf / Raspberry Pi

You can run this tutorial on your Raspberry Pi, or adapt the steps for a regular Linux VM/VPS host.

Tutorial: Multipass & KVM for MacOS/Linux, or Windows (with cloud-config)

Tutorial: Manual installation

Get containerd

You have three options - binaries for PC, binaries for armhf, or build from source.

  • Install containerd x86_64 only
export VER=1.3.2
curl -sLSf https://github.com/containerd/containerd/releases/download/v$VER/containerd-$VER.linux-amd64.tar.gz > /tmp/containerd.tar.gz \
  && sudo tar -xvf /tmp/containerd.tar.gz -C /usr/local/bin/ --strip-components=1

containerd -version
  • Or get my containerd binaries for armhf

Building containerd on armhf is extremely slow.

curl -sSL https://github.com/alexellis/containerd-armhf/releases/download/v1.3.2/containerd.tgz | sudo tar -xvz --strip-components=2 -C /usr/local/bin/
  • Or clone / build / install containerd from source:
export GOPATH=$HOME/go/
mkdir -p $GOPATH/src/github.com/containerd
cd $GOPATH/src/github.com/containerd
git clone https://github.com/containerd/containerd
cd containerd
git fetch origin --tags
git checkout v1.3.2

make
sudo make install

containerd --version

Kill any old containerd version:

# Kill any old version
sudo killall containerd
sudo systemctl disable containerd

Start containerd in a new terminal:

sudo containerd &

Enable forwarding

This is required to allow containers in containerd to access the Internet via your computer's primary network interface.

sudo /sbin/sysctl -w net.ipv4.conf.all.forwarding=1

Make the setting permanent:

echo "net.ipv4.conf.all.forwarding=1" | sudo tee -a /etc/sysctl.conf

Hacking (build from source)

Get build packages

sudo apt update \
  && sudo apt install -qy \
    runc \
    bridge-utils

You may find alternatives for CentOS and other distributions.

Install Go 1.13 (x86_64)

curl -sSLf https://dl.google.com/go/go1.13.6.linux-amd64.tar.gz > go.tgz
sudo rm -rf /usr/local/go/
sudo mkdir -p /usr/local/go/
sudo tar -xvf go.tgz -C /usr/local/go/ --strip-components=1

export GOPATH=$HOME/go/
export PATH=$PATH:/usr/local/go/bin/

go version

Or on Raspberry Pi (armhf)

curl -SLsf https://dl.google.com/go/go1.13.6.linux-armv6l.tar.gz > go.tgz
sudo rm -rf /usr/local/go/
sudo mkdir -p /usr/local/go/
sudo tar -xvf go.tgz -C /usr/local/go/ --strip-components=1

export GOPATH=$HOME/go/
export PATH=$PATH:/usr/local/go/bin/

go version

Install the CNI plugins:

  • For PC run export ARCH=amd64
  • For RPi/armhf run export ARCH=arm
  • For arm64 run export ARCH=arm64

Then run:

export ARCH=amd64
export CNI_VERSION=v0.8.5

sudo mkdir -p /opt/cni/bin
curl -sSL https://github.com/containernetworking/plugins/releases/download/${CNI_VERSION}/cni-plugins-linux-${ARCH}-${CNI_VERSION}.tgz | sudo tar -xz -C /opt/cni/bin

Run or install faasd, which brings up the gateway and Prometheus as containers

cd $GOPATH/src/github.com/alexellis/faasd
go build

# Install with systemd
# sudo ./faasd install

# Or run interactively
# sudo ./faasd up

Build and run faasd (binaries)

# For x86_64
sudo curl -fSLs "https://github.com/alexellis/faasd/releases/download/0.6.2/faasd" \
    -o "/usr/local/bin/faasd" \
    && sudo chmod a+x "/usr/local/bin/faasd"

# armhf
sudo curl -fSLs "https://github.com/alexellis/faasd/releases/download/0.6.2/faasd-armhf" \
    -o "/usr/local/bin/faasd" \
    && sudo chmod a+x "/usr/local/bin/faasd"

# arm64
sudo curl -fSLs "https://github.com/alexellis/faasd/releases/download/0.6.2/faasd-arm64" \
    -o "/usr/local/bin/faasd" \
    && sudo chmod a+x "/usr/local/bin/faasd"

At run-time

Look in hosts in the current working folder or in /var/lib/faasd/ to get the IP for the gateway or Prometheus

127.0.0.1      localhost
10.62.0.1      faasd-provider

10.62.0.2      prometheus
10.62.0.3      gateway
10.62.0.4      nats
10.62.0.5      queue-worker

The IP addresses are dynamic and may change on every launch.

Since faasd-provider uses containerd heavily it is not running as a container, but as a stand-alone process. Its port is available via the bridge interface, i.e. openfaas0

  • Prometheus will run on the Prometheus IP plus port 8080 i.e. http://[prometheus_ip]:9090/targets

  • faasd-provider runs on 10.62.0.1:8081, i.e. directly on the host, and accessible via the bridge interface from CNI.

  • Now go to the gateway's IP address as shown above on port 8080, i.e. http://[gateway_ip]:8080 - you can also use this address to deploy OpenFaaS Functions via the faas-cli.

  • basic-auth

    You will then need to get the basic-auth password, it is written to /var/lib/faasd/secrets/basic-auth-password if you followed the above instructions. The default Basic Auth username is admin, which is written to /var/lib/faasd/secrets/basic-auth-user, if you wish to use a non-standard user then create this file and add your username (no newlines or other characters)

Installation with systemd

  • faasd install - install faasd and containerd with systemd, this must be run from $GOPATH/src/github.com/alexellis/faasd
  • journalctl -u faasd -f - faasd service logs
  • journalctl -u faasd-provider -f - faasd-provider service logs

Appendix

Links

31968e4b48/cmd/network.go

c4f62c86bd/catraia-net/network.go

https://github.com/containernetworking/plugins

https://github.com/containerd/go-cni

Description
Lightweight and portable version of OpenFaaS
apiarmcontainerdcontainersdeployedgefaasfaasdgolanghttpmicroservicesopenfaasremoterestserverlesswebhooks
Readme MIT 44 MiB
Languages
Go 90.6%
Shell 7.4%
Makefile 2%