deep dive cncf serverless wg cloudevents agenda
play

Deep Dive: CNCF Serverless WG/ CloudEvents Agenda CloudEvents - PowerPoint PPT Presentation

Deep Dive: CNCF Serverless WG/ CloudEvents Agenda CloudEvents demo Deployment pipeline CloudEvents best practices Demo Vlad Ionescu, Independent Ownzones 75 cloud e 75 c engineers wi with 100+ years s of accumulated exp


  1. Deep Dive: CNCF Serverless WG/ CloudEvents

  2. Agenda • CloudEvents demo • Deployment pipeline • CloudEvents best practices

  3. Demo Vlad Ionescu, Independent

  4. Ownzones 75 cloud e 75 c engineers wi with 100+ years s of accumulated exp xperience AB ABOUT Cl Cloud-ba base sed d vide deo suppl supply cha hain n so solut utions ns OW OWNZO ZONES pr provide ded d with h di disr srup uptive “pa pay-as as-yo you-go go” model Co Component-ba base sed vid video-wo workflow system OWNZONES OW PA PARTNERS

  5. Ownzones PR PRODUCTS TS DI DIGITAL SUPPLY CHAIN SOLUTION OW OWNZO ZONES CONNECT CO Ge Get fu full ll control l of f your dig igit ital al supply ly chain ain. § Me Media logisti tics § Wo Workflow automation § St Studio in the cloud

  6. Ownzones PR PRODUCTS TS REACH AND RE D MONETIZATION OWNZO OW ZONES DISCOVER DIS Cu Customizable, sc scalable turnkey y wh white label OT OTT platform. § Ri Rich CMS MS § Bu Built-in in customiz mizatio ion tools ls § “Click-to “C to-de depl ploy” rapi pid d appl pplication n de depl ployment system

  7. Ownzones PR PRODUCTS TS AI-PO AI POWERED DIGITA TAL SUPPL PPLY CHAIN SOLUTI TION OW OWNZO ZONES FRAME D FR DNA Improve Imp e an and au automa mate e your supply ly chain ain. § AI-ba AI base sed d tool withi hin n Conne nnect § Reduction in manual work Re § Massive cost Ma t savings

  8. Ownzones • Startup • Focus on reliability

  9. Deployment pipeline • Observable • Compliant • Fast • Scalable

  10. Deployment pipeline Feature speci fi c SQS Feature speci fi c SQS GitHub events SNS Feature speci fi c SQS

  11. Deployment pipeline Feature speci fi c SQS Feature speci fi c SQS CircleCI events SNS Feature speci fi c SQS

  12. Deployment pipeline CircleCI events SNS GitHub events SNS AWS Lambda AWS Lambda AWS Lambda AutoDeploy AWS Lambda DynamoDB Stream Amazon Elastic Container SNS DynamoDB Service for Kubernetes

  13. Deployment pipeline - DynamoDB CircleCI events SNS GitHub events SNS AWS Lambda AWS Lambda AWS Lambda AutoDeploy AWS Lambda DynamoDB Stream Amazon Elastic Container SNS DynamoDB Service for Kubernetes

  14. Deployment pipeline - DynamoDB CircleCI events SNS GitHub events SNS AWS Lambda AWS Lambda AWS Lambda AutoDeploy AWS Lambda DynamoDB Stream Amazon Elastic Container SNS DynamoDB Service for Kubernetes

  15. Deployment pipeline - DynamoDB CircleCI events SNS GitHub events SNS AWS Lambda AWS Lambda AWS Lambda AutoDeploy AWS Lambda DynamoDB Stream Amazon Elastic Container SNS DynamoDB Service for Kubernetes

  16. Deployment pipeline - DynamoDB CircleCI events SNS GitHub events SNS AWS Lambda AWS Lambda AWS Lambda AutoDeploy AWS Lambda DynamoDB Stream Amazon Elastic Container SNS DynamoDB Service for Kubernetes

  17. Deployment pipeline Amazon API Gateway CircleCI events AWS Lambda GitHub events SNS SNS Automation CircleCI Automation GitHub SQS SQS AWS Lambda AWS Lambda AutoDeploy AWS Lambda DynamoDB Stream AWS Lambda Amazon Elastic Container SNS DynamoDB Service for Kubernetes

  18. Event design

  19. Event design

  20. Event design

  21. Event design

  22. Event design

  23. Demo time? • Special thanks: • Ileana Andreea Preda • Queue for demo

  24. Demo

  25. CloudEvents experience • Simplified design process • Encoding/ decoding are taken care of • SDKs • Sane defaults • Does not restrict data in any way!

  26. CloudEvents experience CloudEvents They’re here, they’re boring, use them!

  27. CloudEvents experience But…

  28. Architectural considerations Clemens Vasters, Microsoft

  29. CloudEvents is Eventing • Carry facts: “Something happened” • Publish/subscribe distribution P I • Subscribe at source or distributor P I • Some publish/subscribe principles: Inter- Inter- Pub- medi- medi- ce ce • Publishers don’t know/care who will lisher ary ary subscribe or is currently subscribed P I ce ce ce • Subscribers might tap into single- sourced or consolidated event streams Sub- Sub- Sub- scriber scriber scriber • Event flow is unidirectional • network or disk • one or more routing intermediaries • radio broadcast • …

  30. Eventing vs. Messaging • Events and messages are both mailing envelopes for data, decorated by metadata – but they are different. • Events carry facts. They report things that have happened. • State transitions, observed conditions, objects having been created, … • Messages carry intents. The sender expects something to happen. • Command execution, job handling, workflow progress, … • Events are published as an information option for interested subscribers. Audience size may be zero or many. • Messages are directed to handlers. There may be delivery and handling status feedback, replies, conversations, or complex control flows like Workflows and Sagas. Audience size is often one handler per message.

  31. Attributes CloudEvents does not define • “to” • There’s no “to” attribute because events aren’t aimed at and routed to a specific consumer. Subscribers get to decide which events they pick. • “reply-to” • There’s no “reply-to” attribute because events aren’t job assignments that ought to require a reply and because a subscriber can’t be expected to be capable of reaching any given reply destination • “topic” / “queue” • CloudEvents defines the origin context as “source”, but does not include the name of any specific intermediary construct in the event metadata because events might travel through multiple intermediary hops

  32. Things that are harder than they appear Signatures Symmetric: Who holds the signing keys? Asymmetric: Who distributes the verification keys? Whose directory/directories/vaults is the subscriber trusting? Which subscribers does a directory/vault grant access? How/when does who rotate signing keys? How do subscribers know? How to keep track of key history (archived events, events in logs)? End-to-End Encryption Same as above but with encryption keys Encrypting/signing multicast datagrams doesn’t allow for peer-to-peer session keys, which means that “master” keys must be rotated far more frequently than when those are only used for session-key exchange Hardest: Agree on ONE WAY OF DOING ALL THIS: APIs, Algos, Hints, Versioning

Recommend


More recommend