OpenFaas Setup: Serverless Functions Made Simple

Why Openfaas ?

So the goal was to find an opensource function as a service (FAAS) tool to replace AWS lambda , to reduce the costs and reduce the boot timing of AWS lambda , as cold start takes lot of time . So we are tryin to setup OpenFaaS on EC2 Ubuntu AMI for k3s and also on Windows for AKS. ⁠ ⁠We are using k3S and AKS as managed kubernetes services for both platforms respectively.

⁠ ⁠1: From AWS console , setup an EC2 instance by clicking on launch instance in EC2 service.

NOTE : Step 6 in these steps below is important (Configuring Security Group )

Step 1 - Choose AMI as Ubuntu (here I am selecting version 18.04 LTS , you can choose any other version too)

Step 2 - Choose any storage type as per requirements ( here I have selected t3.xlarge )

Step 3 - In configure instance step everything can be left as it is for now

Step 4 - Add storage for your EC2 instance , 8gb is the root volume by default but here I have used 16gb as per my requirement (while building docker images of size more than 2gb it requires more buffer space )

Step 5 - Add Tags, so that finding and tracking resource is easier.

Step 6 - In Security Group , add a rule with type Custom TCP and set source anywhere , and map port 3389 (later in this we will map our RDP to port 3389 from our local machine)

Now Review and Launch , your EC2 instance.

Save the pem format key file (it will be used to connect with SSH)

2: Connect to EC2 instance

Now open list of running instances and check instance with your tag, select it and click on connect button.

Now here , if you connect using EC2 Instance connect method , your Ubuntu instance will start running in a terminal in console itself ( if you have all permissions to connect ).

However, we need a GUI to work on Ubuntu easily, for that we will connect instance using SSH client and then install ubuntu-desktop package and xrdp package in the ubuntu machine to connect it with RDP so that a desktop comes instead of terminal.

Step 1: Open SSH client tab , and copy the command mention in example

"ssh -i "ubuntu.pem" ubuntu@ec2-65-0-118-110.ap-south-1.compute.amazonaws.com

Here ubuntu.pem is your key file name , make sure it matches with yours.

Step 2: Open command prompt and navigate to folder where your key file is located and then run this command copied above

After running this , when it connects you get something like this

Now you are connected to your Ubuntu Instance from your local machine via SSH.

Now run the below commands in same order to install ubuntu-desktop package and xrdp package and then set port 3389 that we passed in security group to RDP.

sudo su

sudo apt update

sudo apt install ubuntu-desktop

sudo apt install xrdp

sudo systemctl status xrdp

sudo adduser xrdp ssl-cert

sudo ufw allow 3389 

sudo ufw reload

Now set password for the user ubuntu in which you are right now with command

sudo passwd ubuntu

3. Connect RDP with EC2 Instance

Now that all packages are installed in Linux machine , it is ready to connect to the Remote Desktop Client.

Go to the AWS console where instance is running and click on instance to grab its info and copy the Public IP Address.

Open Remote Desktop Client in Windows and enter the Public IP Address to connect with your Linux machine running on AWS EC2 instance.

You can enter the user name at this step and then connect and then enter password that you had set for ubuntu user

or

click connect and then enter the username and password in the screen that shows up something like this

Now once you enter it correctly , you will connect to the Ubuntu OS where you can proceed with setup and work 🎉

Note

Alternatively if SSH client method is not working you can also run all commands in ubuntu terminal that opens in AWS console only on browser after clicking on connect under ' EC2 Instance connect ' tab.

4: Setting up Docker on Ubuntu

Now before setting up k3s ,kubernetes and openfaas , we should create a docker environment .

Steps for Installing Docker:

1. Open the terminal on Ubuntu.

2. Remove any Docker files that are running in the system, using the following command:

$ sudo apt-get remove docker docker-engine docker.io

After entering the above command, you will need to enter the password of the root and press enter.

3. Check if the system is up-to-date using the following command:

$ sudo apt-get update

4. Install Docker using the following command:

$ sudo apt install docker.io

You’ll then get a prompt asking you to choose between y/n - choose y

5. Install all the dependency packages using the following command:

$ sudo snap install docker

6. Before testing Docker, check the version installed using the following command:

$ docker --version

7. Pull an image from the Docker hub using the following command:

$ sudo docker run hello-world

Here, hello-world is the docker image present on the Docker hub.

8. Check if the docker image has been pulled and is present in your system using the following command:

$ sudo docker images

9. To display all the containers pulled, use the following command:

$ sudo docker ps -a

10. To check for containers in a running state, use the following command:

$ sudo docker ps

You’ve just successfully installed Docker on Ubuntu 🎉

Now to deploy openfaas you can use your existing Kubernetes cluster or you might want to setup a new one with k3s

5: Setting up Openfaas on k3s cluster

Install curl on your ubuntu machine first

sudo apt install curl

Now we will setup k3s using follwing curl command

curl -sfL https://get.k3s.io | sh -

Master should be available, please check with:

kubectl get nodes

Checkout OpenFaaS:

git clone https://github.com/openfaas/faas-netes

cd faas-netes

Create Namespaces:

kubectl apply -f ./namespaces.yml

Create secret and store user and new random password (required for UI):

PASSWORD=$(head -c 12 /dev/urandom | shasum| cut -d' ' -f1)

kubectl -n openfaas create secret generic basic-auth --from-literal=basic-auth-user=admin --from-literal=basic-auth-password="$PASSWORD"

Now check the password with this command, copy it and save it somewhere, we will need it later

echo $PASSWORD

NOTE: ⁠If after creating a namespace you are stuck in any step due to any reason like-some resource is not working , you forgot password and trying to reset password but error comes basic-auth already exists ,some error with registry and you want to create it again but error comes registry already exists or anything else

Use this command in faas-netes directory to delete namespace

kubectl delete -f ./namespaces.yaml

and run

⁠kubectl apply -f ./namespaces.yml

again

Deploy OpenFaaS:

kubectl apply -f ./yaml

Confirm if everything is deployed correctly:

kubectl get deployments --namespace openfaas

Normally OpenFaaS is using Dockerhub, but we want to use our own private registry, so we have to deploy it and expose the port:

kubectl run registry --image=registry:latest --port=5000 --namespace openfaas

kubectl expose pod registry --namespace openfaas --type=LoadBalancer --port=5000 --target-port=5000

Done — Web-UI should be available:

Let’s deploy a function:

CLI Login:

Before cli login we need to install faas-cli using follwing curl command

curl -sSL https://cli.openfaas.com | sudo -E sh

Now here in below command replace <pwd> with password you saved above

faas-cli login --gateway http://localhost:31112 --password <pwd>

Create a new function from a template — choose a language (more available):

faas-cli new --lang python hello-python

faas-cli new --lang java8 hello-java8

faas-cli new --lang node hello-node

Mostly the templates will be available but if some template you need is not available and present in faas-cli store you can pull from store with this command

faas-cli template store pull node16

Now before deploying function we need to change a few things in functions yml file.

For that we can either use VS Code or do with command line text editor- Nano

Method 1- Using Nano

Open yaml file using nano like this

Now the file will open in terminal and you can edit the yaml file

In gateway key inside provider change it from local IP address to

http://localhost:31112

And in image key inside function add localhost:5000 before the image name as on port 5000 our local pod is running where image will be made.

If we will not add localhost:5000 , it will search image on dockerhub and error out as we are using private registry

image: localhost:5000/hello-java8:latest

image: localhost:5000/hello-node:latest

Press ctrl o to write out all these changes to file.

Your file name will come , press enter and then press Ctrl X to exit from text editor.

Now your changes are done.

Method 2- Using VS Code

For that install VS Code for debian from here https://code.visualstudio.com/download

Note : In my setup version 1.6 of VS Code worked fine in Ubuntu 18.04 LTS

So preferably download same if you are on Ubuntu 18 from here

Open the faas-netes directory we are working in inside VS Code.

Now since we were working as root user till now as we ran sudo su command in the beginning only , the contents created in faas-netes folder won't be accessible inside VS Code unless you run it as super user with this command

code  --user-data-dir --no-sandbox

which is not recommended

Hence we will change the permission of all files inside faas-netes directory for ease of access. Though ideally we should just change access of files we want to edit but for now I am changing for all.

Go one directory up from faas-netes using cd .. commad and run

chmod -R 777 ./faas-netes

This recursively (-R) add read , write , execute permission (777) to all files and files inside directories till last level.

Now you can normally edit your yml file.

Open yml file and change gateway and image as we want to use our own private registry:

gateway: http://localhost:31112

image: localhost:5000/hello-python:latest

image: localhost:5000/hello-java8:latest

image: localhost:5000/hello-node:latest

Now we have to build, push and deploy the function, this could be done with one command:

faas-cli up -f ./hello-python.yml

faas-cli up -f ./hello-java8.yml

faas-cli up -f ./hello-node.yml

Congratulations 🎉 — now checkout and test your function in UI.

Additional Information:

Instead of using the up command you can do it step-by-step:

faas-cli build -f ./hello-python.yml

faas-cli build -f ./hello-java8.yml

faas-cli build -f ./hello-node.ymlfaas-cli push -f ./hello-python.yml

faas-cli push -f ./hello-java8.yml

faas-cli push -f ./hello-node.ymlfaas-cli deploy -f ./hello-python.yml

faas-cli deploy -f ./hello-java8.yml

faas-cli deploy -f ./hello-node.yml

6: Setting up Openfaas on Azure Kubernetes Service cluster

First we need to create a resource of Kubernetes Cluster on Azure portal.

So login to https://portal.azure.com/

and then click on create resource button which will land you to page where you have multiple resources to choose from

Now click on create under Kubernetes Service .

Now configure all 6 steps of this resource as per your requirements and checking the pricing for azure cluster and create a resource.

To see how to create cluster you can refer this video ->

To check pricing for resources you can use Azure's pricing calculator

https://azure.microsoft.com/en-in/pricing/calculator/

Now once all this is done.

Step 1- Install Azure CLI

Use this link to install Azure CLI on windows ->

Once the azure cli is installed try to run az in command prompt to check if its working.

Step 2 - Azure Login

Once cli is setup we need to login to our Azure account from CLI to perform all tasks from cli.

Run command

az login 

in terminal and it will open browser from where it will automatically login otherwise if browser does not open you have to run command

az login --use-device-code

Then open the link provided and entire device code to login,

Follow this link for more explanation

Step 3 - Set subscription ID and connect to cluster

Now once login is done you need to run this command to set the subscription ID for your account

az account set --subscription <your-subscription-id>

And then setup the cluster

az aks get-credentials --resource-group <resource-group-name>  --name <cluster-name>

You can get these details from portal , open kubernetes service and click on your cluster , then click on connect , there you will get these for your cluster

Step 4 - Setup Openfaas on AKS

Now once all setup till now is done correctly you will be able to access your cluster from AKS and depluy Openfass over it.

Just like we did in k3s first checkout openfaas github repo and then follow all steps as written in Setting up Openfaas on k3s cluster section above with two changes discussed below.

1-) Since we are working on a cluster that is on Azure rather than our local machine now we will have to change some port of our openfaas gateway ( which open dashboard UI) and path of docker image ( it will not be localhost:5000/image-name:latest now)

If you will check nodes after deploying openfaas and exposing registry , you will get something like this

Here the gateway-external is running on 8080 port of Cluster-IP , we don't have External-IP to access this as it is not of type LoadBalancer.

So we will use Kubernetes port-forwarding to use it on our localhost

Run the following command so that we can access the gateway at our port 31112 of localhost

kubectl port-forward -n openfaas svc/gateway-external 31112:8080

Now port 8080 of source is forwarded to 31112 of target.

2-) To deploy private docker regsitry to AKS we need to login into Azure container registry.

Open container registries on portal

From here you can check your registry name and replace it with <registry-name> and run in your CLI where you were on your cluster

az acr login --name <registry-name>

If you get message Logged in successfully , you can push your docker images to ACR.

Open portal and inside container registries open your container registry

Here find the login server name and add it in front of you image in function's yml file instead of localhost:5000 that we were using earlier.

Like here login server name is craksdevtest1.azurecr.io

So my yaml file will look like

Now you can easily use faas-cli up command as earlier and it will work perfectly.

CHEERS 🎉