Following last week's post on Knative, I thought I should check out one of the other popular serverless framework for k8s, fission.io.  Fission, unlike KNative just focuses on the code.  This means you are not deploying 'serverless' containers, rather, pushing code like one might do with AWS Lambda.  While the core is written in Go, it supports many 'environments' including NodejS, Python, Ruby, Go, PHP, Bash and pretty much anything else that runs on Linux.

Getting Started

Let’s create a resource group and service principal

$ az group create --name idjfssnrg --location centralus
{
  "id": "/subscriptions/2d07208f-3cda-40cf-b54c-f28a6e8b0bf6/resourceGroups/idjfssnrg",
  "location": "centralus",
  "managedBy": null,
  "name": "idjfssnrg",
  "properties": {
    "provisioningState": "Succeeded"
  },
  "tags": null,
  "type": "Microsoft.Resources/resourceGroups"
}

Creating the SP:

$ az ad sp create-for-rbac -n idjfssnrg --skip-assignment --output json > my_sp_fs_aks.json
Changing "idjfssnrg" to a valid URI of "http://idjfssnrg", which is the required format used for service principal names

$ export SP_PASS=`cat my_sp_fs_aks.json | jq -r .password`
$ export SP_ID=`cat my_sp_fs_aks.json | jq -r .appId`

Next, we can create the K8s cluster

$ az aks create --resource-group idjfssnrg --name idjfssnaks --location centralus --node-cou
nt 3 --enable-cluster-autoscaler --min-count 2 --max-count 4 --generate-ssh-keys --network-plugin azure --network-policy azure --service-principal $SP_ID --client-secret $SP_PASS
{
  "aadProfile": null,
  "addonProfiles": {
    "kubedashboard": {
      "config": null,
      "enabled": true,
      "identity": null
    }
  },
  "agentPoolProfiles": [
    {
      "availabilityZones": null,
      "count": 3,
      "enableAutoScaling": true,
      "enableNodePublicIp": null,
      "maxCount": 4,
      "maxPods": 30,
      "minCount": 2,
      "name": "nodepool1",
      "nodeLabels": null,
      "nodeTaints": null,
      "orchestratorVersion": "1.16.13",
      "osDiskSizeGb": 128,
      "osType": "Linux",
      "provisioningState": "Succeeded",
      "scaleSetEvictionPolicy": null,
      "scaleSetPriority": null,
      "tags": null,
      "type": "VirtualMachineScaleSets",
      "vmSize": "Standard_DS2_v2",
      "vnetSubnetId": null
    }
  ],
  "apiServerAccessProfile": null,
  "dnsPrefix": "idjfssnaks-idjfssnrg-70b42e",
  "enablePodSecurityPolicy": null,
  "enableRbac": true,
  "fqdn": "idjfssnaks-idjfssnrg-70b42e-f6790523.hcp.centralus.azmk8s.io",
  "id": "/subscriptions/2d07208f-3cda-40cf-b54c-f28a6e8b0bf6/resourcegroups/idjfssnrg/providers/Microsoft.ContainerService/managedClusters/idjfssnaks",
  "identity": null,
  "identityProfile": null,
  "kubernetesVersion": "1.16.13",
  "linuxProfile": {
    "adminUsername": "azureuser",
    "ssh": {
      "publicKeys": [
        {
          "keyData": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDHZ3iOnMMLkiltuikXSjqudfCHmQvIjBGMOuGk6wedwG8Xai3uv0M/X3Z2LS6Ac8tComKEKg7Zje2KFBnvBJvU5JqkTwNHnmp682tXf15EYgn4tB7MDz5DUARpcUXJbYfUg8yPUDveYHw8PEm1n+1MvLJN0ftvdORG5CQQEl/m7jErbJJQI70xg7C8/HG5GmJpIQjDl7UVsJANKab/2/bbUlG1Sqp4cQ/LwxKxQ6/QK/HVauxDkudoTkFLqukLWVjHvNZD37MC/wygSsEVYF+yrkNJySlNbMk4ZNmMwva1yLX8Shhr8G4wWe8QI9Ska8B0keSIu8fzRWxXAv2gB3xB"
        }
      ]
    }
  },
  "location": "centralus",
  "maxAgentPools": 10,
  "name": "idjfssnaks",
  "networkProfile": {
    "dnsServiceIp": "10.0.0.10",
    "dockerBridgeCidr": "172.17.0.1/16",
    "loadBalancerProfile": {
      "allocatedOutboundPorts": null,
      "effectiveOutboundIps": [
        {
          "id": "/subscriptions/2d07208f-3cda-40cf-b54c-f28a6e8b0bf6/resourceGroups/MC_idjfssnrg_idjfssnaks_centralus/providers/Microsoft.Network/publicIPAddresses/40e09eb5-0971-4d0c-bdcb-24b873ea8d3c",
          "resourceGroup": "MC_idjfssnrg_idjfssnaks_centralus"
        }
      ],
      "idleTimeoutInMinutes": null,
      "managedOutboundIps": {
        "count": 1
      },
      "outboundIpPrefixes": null,
      "outboundIps": null
    },
    "loadBalancerSku": "Standard",
    "networkPlugin": "azure",
    "networkPolicy": "azure",
    "outboundType": "loadBalancer",
    "podCidr": null,
    "serviceCidr": "10.0.0.0/16"
  },
  "nodeResourceGroup": "MC_idjfssnrg_idjfssnaks_centralus",
  "privateFqdn": null,
  "provisioningState": "Succeeded",
  "resourceGroup": "idjfssnrg",
  "servicePrincipalProfile": {
    "clientId": "f969704b-b745-45b3-9f7f-5af97fe49cfa",
    "secret": null
  },
  "tags": null,
  "type": "Microsoft.ContainerService/ManagedClusters",
  "windowsProfile": {
    "adminPassword": null,
    "adminUsername": "azureuser"
  }
}

Verification

$ rm ~/.kube/config && az aks get-credentials -n idjfssnaks -g idjfssnrg --admin
Merged "idjfssnaks-admin" as current context in /home/builder/.kube/config
$ kubectl get nodes
NAME                                STATUS   ROLES   AGE     VERSION
aks-nodepool1-46349218-vmss000000   Ready    agent   3m34s   v1.16.13
aks-nodepool1-46349218-vmss000001   Ready    agent   3m38s   v1.16.13
aks-nodepool1-46349218-vmss000002   Ready    agent   3m36s   v1.16.13

Lastly, as I've mentioned before, I dance between helm and kubectl versions so let's verify we have helm 3 and a recent kubectl:

$ helm version
version.BuildInfo{Version:"v3.2.3", GitCommit:"8f832046e258e2cb800894579b1b3b50c2d83492", GitTreeState:"clean", GoVersion:"go1.13.12"}
$ kubectl version
Client Version: version.Info{Major:"1", Minor:"16", GitVersion:"v1.16.3", GitCommit:"b3cbbae08ec52a7fc73d334838e18d17e8512749", GitTreeState:"clean", BuildDate:"2019-11-13T11:23:11Z", GoVersion:"go1.12.12", Compiler:"gc", Platform:"linux/amd64"}
Server Version: version.Info{Major:"1", Minor:"16", GitVersion:"v1.16.13", GitCommit:"1da71a35d52fa82847fd61c3db20c4f95d283977", GitTreeState:"clean", BuildDate:"2020-07-15T21:59:26Z", GoVersion:"go1.13.9", Compiler:"gc", Platform:"linux/amd64"}

Setting up Fission

Next we need to create a namespace and install Fission.io from the Helm chart.

$ export FISSION_NAMESPACE="fission"
$ kubectl create namespace $FISSION_NAMESPACE
namespace/fission created
$ helm install --namespace $FISSION_NAMESPACE --name-template fission \
>     https://github.com/fission/fission/releases/download/1.10.0/fission-all-1.10.0.tgz
NAME: fission
LAST DEPLOYED: Thu Sep  3 18:45:11 2020
NAMESPACE: fission
STATUS: deployed
REVISION: 1
TEST SUITE: None
NOTES:
1. Install the client CLI.

Mac:
  $ curl -Lo fission https://github.com/fission/fission/releases/download/1.10.0/fission-cli-osx && chmod +x fission && sudo mv fission /usr/local/bin/

Linux:
  $ curl -Lo fission https://github.com/fission/fission/releases/download/1.10.0/fission-cli-linux && chmod +x fission && sudo mv fission /usr/local/bin/

Windows:
  For Windows, you can use the linux binary on WSL. Or you can download this windows executable: https://github.com/fission/fission/releases/download/1.10.0/fission-cli-windows.exe

2. You're ready to use Fission!

  # Create an environment
  $ fission env create --name nodejs --image fission/node-env

  # Get a hello world
  $ curl https://raw.githubusercontent.com/fission/fission/master/examples/nodejs/hello.js > hello.js

  # Register this function with Fission
  $ fission function create --name hello --env nodejs --code hello.js

  # Run this function
  $ fission function test --name hello
  Hello, world!

Following those instructions, let’s install the fission CLI

$ curl -Lo fission https://github.com/fission/fission/releases/download/1.10.0/fission-cli-linux && chmod +x fission && sudo mv fission /usr/local/bin/

Validation

We can verify fission is running by checking the version of the client and server component.

$ fission version
client:
  fission/core:
    BuildDate: "2020-06-29T16:26:41Z"
    GitCommit: e85d77bbce719fb898084c0ddb4ba37b199bf667
    Version: 1.10.0
server:
  fission/core:
    BuildDate: "2020-06-29T16:26:41Z"
    GitCommit: e85d77bbce719fb898084c0ddb4ba37b199bf667
    Version: 1.10.0

Hello World

Let’s start with the hello world example.

One of the key concepts to understand is that you need to create an "environment" first. This tells fission what type of base container you are running for particular code.

Create a NodeJS Fission 1.10 env:

$ fission env create --name nodejs --image fission/node-env:1.10.0
environment 'nodejs' created

Next we can download the hello world js (or you can copy from below):

$ curl -LO https://raw.githubusercontent.com/fission/fission/master/examples/nodejs/hello.js
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100   119  100   119    0     0    237      0 --:--:-- --:--:-- --:--:--   237
$ cat hello.js

module.exports = async function(context) {
    return {
        status: 200,
        body: "hello, world!\n"
    };
}

Now we "create a function" to deploy the code. For a simple js file, this works just fine

$ fission function create --name hello --env nodejs --code hello.js
Package 'hello-a2d6a378-3852-43d1-9546-9985dd7e9b20' created
function 'hello' created
$ fission function test --name hello
hello, world!

We can also package a folder of NodeJS code.

Here I cloned their git repo and used some examples: https://github.com/fission/fission

When we zip some contents and deploy, we are creating a "package".  To refer to a function within a "package", we'll reference the package name on our function create step.

Creating a package:

/fission/fission/examples$ zip -jr nodejs.zip nodejs/
  adding: multi-entry.js (deflated 54%)
  adding: kubeEventsSlack.js (deflated 54%)
  adding: package.json (deflated 49%)
  adding: README.md (deflated 62%)
  adding: README_V1.md (deflated 60%)
  adding: index.js (stored 0%)
  adding: hello.js (deflated 18%)
  adding: hello-callback.js (deflated 13%)
  adding: weather.js (deflated 57%)
/fission/fission/examples$ fission pkg create --sourcearchive nodejs.zip --env nodeenv
Warning: --name will be soon marked as required flag, see 'help' for details
Package 'nodejs-zip-ipzv' created

We can now install functions referencing that package (nodejs-zip-ipzv)

/fission/fission/examples$ fission fn create --name index --pkg nodejs-zip-ipzv
Warning: Function's environment is different than package's environment, package's environment will be used for creating function
function 'index' created

And while we can test on the command line still:

/fission/fission/examples$ fission fn test --name index
hello, world!

Exposing Functions

We can also expose it through the "router"

/fission/fission/examples$ fission route create --method GET --url /hello-index --function index
Warning: --name will be soon marked as required flag, see 'help' for details
trigger 'bd3e48d9-aaf4-4db4-bf80-ab296bfa47b7' created

You could now setup DNS to the router pod if you wanted

Summary:

At this point, this is a good introduction to Fission.io.  I did attempt to secure TLS on the Nginx Ingress (using this guide) but could not seem to get it to work with LetsEncrypt.  I do plan to circle back.  

However, I could really see a use for scheduled cleanup tasks.  I have seen in the past examples of creating persistent containers with crontabs for service work in clusters.  Instead, one could launch a function with a "timer". From docs:

$ fission timer create --name minute --function hello --cron "@every 1m"
trigger 'minute' created
Current Server Time: 	2019-12-17T08:33:43Z
Next 1 invocation: 	2019-12-17T08:34:43Z

They also have a native Message Queue trigger that supports standards like Kafka.