1:50 Introduction and Welcome

1:50 Hello. Welcome to today's episode of Rawkode live. I am your host, Rawkode. Before we begin, I wanna take just a moment to say thank you to Equinix Metal. They are my employer and they allow me the time and the resources to put this the show together and, you know, make sure that we have quite high quality cloud native content that we can all learn together with. If you wanna try out Equinix metal, you can use the code Rawkode live. This will give you $50 in credit. You can get about a hundred hours of compute of our

2:19 smallest instance, or you can, you know, use that money a little bit less wisely and go for some of the bigger beefier hardware. It's definitely much more fun. If you wanna chat to us, there is a discord community where you can join and ask questions or even suggest new episodes and new technologies that you want to see us cover. Please remember to subscribe to the YouTube channel and thumbs up the video if that helps other people discover the content too. And finally, we are gonna be looking at OpenFaaS, specifically, FASD today as well as Inlets. And

2:44 Introducing faasd, Inlets, and Guest Alex Ellis

2:50 to do that, I am joined by Alex Ellis, the founder of OpenFaaS and Inlets. Hi, David. How are you? Yeah. I'm doing very well. Thank you. Yeah. It's Excellent. Not a bad day, actually. How are I just found out about the free credits with Packet. How do you get those? I say Equinix metal. How do you get those? You can use the code Rawkode live. Let me let's see. I have this all prepared. $50 coupon. So you just use Rawkode dash live as a coupon on metal.does that incidentally, this has to do with our talk talk

3:24 today we're covering. How long would that last on the cheapest node? One hundred hours. One hundred hours. So there's smallest machine 50 in a month, isn't it? If you think about your Amazon Free Tier, it'd be about seven fifty hours for a whole month. Yeah. I think so. Yeah. So it's about the seventh of a month you get. And you could run an Inlets exit server. Yes. You definitely could. We're gonna take a look at that today and see. But, yeah, the 50 credit the $50 of credit allows you to kinda see what bare metal is

3:58 all about, see the you know, it's much more powerful than running on a virtualization there and people can just go and play with that, check it out, and see how they get on. Now we're gonna take a look at one of your projects today. So should we just take a minute? We'll cover both of them, what they are, what problem they're solving, and then we'll we'll take it from there. So in fact, first, why don't you tell us a little bit about yourself, Alex? Yeah. So I I live in England in The UK. I've been

4:22 Guest Introduction: Alex Ellis & Open Source Journey

4:30 working with open source technology for quite a few years, but more recently with containers and things like that since about 2035. I've written a lot of blog posts about containers. Probably, if folks have googled for something, they might have found one of my posts. Or if you've ever set up a a Raspberry Pi cluster with Docker and Kubernetes, you might have come into my materials. So today, what we're gonna look at is a couple of projects. One of them is a bit more niche and a bit more it started off as an experiment that's called FASD.

4:54 Introducing faasd: A Lightweight Serverless Platform

5:03 That is where we took OpenFaaS, a platform for building serverless applications that are portable, run on containers. And we shrunk it down and took all of the clustering out of it, all of the networking so that the only thing it does is runs a single function container on a single node, and and that's that. And the reason for doing it is it just simply makes it much easier to manage. Many people don't need an auto scaling multi node, multi AZ cluster just to run a few webhooks or deploy their first application or you might even find that there's a path where

5:46 you can start out in the world with FASD and one VM. When you actually get popular with your product, you can look at Kubernetes and start to go go on from there and upgrade yourself without actually having to rework your code. Nice. So it's funny that you talk about your blogging. I I I'm gonna coin a term now. You know how you get, like, the six degrees of Kevin Bacon? I'm I'm pretty sure there's some law here about one degree of Alex Ellis where every time I Google for something in the cloud native landscape, there's always always an article on

6:03 Community Engagement and Contributions

6:18 your blog. Like, it's consistently invaluable to me. So I'll just give you a little bit of credit there. That was all. Oh, thank you very much. Obviously, if one of the things that that I have done, because you asked about about myself, is to set out my own. I've got a company that I founded three years ago. I've been working independently for eighteen months now building up this this company. A lot of what what I'm doing is developer brand consulting, technical marketing, developer advocacy for brands, even like Equinix metal. So think about project that launched and recently be donated to the

6:54 CNCF sandbox project before you joined the team. I was working with the guys very early on, helping them figure out some of the teething problems, writing about bare metal automation and and networking, low level networking, stuff like that. So that that part that's a big part of what I'm doing, but, really, it's this open source projects like OpenFaaS and Inlets that that I want to be working on. And I couldn't find a job that would pay me to work on these open source projects. So I basically created that job, and my clients pay me for helping them with what I know

7:38 best. And then that money, use to fund my development on open source projects. Awesome. Well, we've already had our first comment. A mutual friend has said hello. So, hey, Alistair. Nice to see you. Hi, Alistair. Alistair is somebody that contributes to both Inlets and OpenFaaS and a bunch of other projects, and it's been very active over the last year. There are quite a few people that have contributed to OpenFaaS itself over 300. Probably has about 10 or 15 now, a bit more specialist, but there are a few people that helped me with that. Once I had the idea

8:18 and proved it out, they come came on board and really just pushed it forward. So it'd be kind it'd be cool to to look at that today. Yeah. Just actually quickly looking for a tweet. I'm pretty sure you posted it the other day and I was like, how it started or how we are now? And I was like, a list of all your You can look at the pinned tweet of OpenFaaS OpenFaaS. On Twitter. Well, let's get that up. Perfect. Okay. Let me drag that there and then pop this on. So That was your DockerCon talk in 2017 and

8:27 OpenFaaS Community Growth

8:54 then, you know, what what are we? Three years later and look just look at all those faces. Definitely. I can see you on that. I can see Stefan Froden. I can see Paula Lopez from from Red Hat. And the funny thing is that I know a lot of these avatars, and exactly I can tell you the name of these people. I can see Johan Siebens. I can see Phil from Research. There's a whole bunch of faces on there. Dan, I see Simon. Nick Nick is on there as well from HashiCorp. There's so many faces. Some people sort of came

9:30 on four years ago in 2016 when it was the first code was uploaded. I've been around. Some people came in in the last sort of month, like, there. That's something that I that I really like about the community. Just people attracted to it, get a sense of belonging and a bigger purpose than just themselves. And recently, we've been converting all of our repos from Travis to GitHub actions. It's been really hard and tedious work, but there's been about eight different people that have come alongside and have really helped with that. Nice. That's awesome to hear. Alright.

10:12 Addressing Viewer Comments & Plan Overview

10:12 Let's get this closed. So we've got a couple more comments. Let's run through those and then you and I will actually get started on what we plan to do today. So we have a hello from Johan. Nice to meet you, Johan. Hello, Nice to see you again. More hellos, Vivek. And our first question, is this a one zero one session on OpenFaaS? Not so much. We're gonna be taking a look at one way to run OpenFaaS, which is FASD. And I guess you may learn a few things about OpenFaaS as we call. But definitely not the specifics of what we're

10:15 Installing faasd with cloud-init on Equinix Metal

10:45 gonna enter today. But we'll see how it goes. Now my screen's already shared, so I'm just gonna leave this up. The only thing like, there's something I always try to do in a show is never to do anything upfront or at least to do very little upfront as possible. So the only thing I've done is spin up some bare metal. We have a CT medium here on Equinix metal. I have an SSH terminal, and that is all that I have prepared up front. Yep. So that is a way that we can set up FASD if we start off

11:10 Setting up faasd via Cloud-Init

11:15 with that. The other way is if you click new server, we do maybe we just actually do both and pick whatever you want, a small one, whatever's gonna come up quickly. Yeah. We'll just stick with this this easy one. I use the OpenTOS because I don't generally spend a lot of time on that for once. And then there's cloud in it. Can you see where that is? User data. Uh-huh. We can drop in some clouds in it here. Yep. Definitely. And what you wanna do is if you go to the inlets the FaaSD repo and

11:59 see that cloud config file dot text. Is this some cloud and a configuration to spin up FaaS So we do both. Copy and paste that in and then put your SSH key in as well. Okay. Let's grab that. We drop this in and we swap out the SSH key. Alright. So s e key. See if I can know where I had to do this. Is this an RSA key? It will be. This is she's in the secure enclave of the Mac. So the fingerprint scanner Nice. As my SSH key. Just grab that. Okay. So what this is doing is saying

12:56 update the package list. It's gonna install run c. It's gonna pull down container d from a release. Is what we're using instead of Docker and instead of Kubernetes. Alright. In fact, let's look at this on the GitHub just so it's a bit bigger for people to see. Yeah. Then it's gonna restart system d. It's going to pull down a c and I plug in. Yeah. That's right. And then it clones FaaS d, so it's building from source? No. It's not building from source. It's basically, there's some metadata that defines what services should be deployed, and it's pulling down the specific

13:03 Examining the faasd Cloud-Init Script

13:37 files that go with that binary release, then pulls the binary release down. And when you run FaaS d install line 22, that takes whatever's in the current working directory and overlays it in varlib FaaS d. And then the other commands after that simply just debug information. So if something went wrong and you look at your cloud and it logs later, you could see what's gone wrong. Okay. Perfect. I love it when I see a sleep 60 in a script. But this is just installing You won't need a sleep 60 on bare metal. Yeah. It is pretty pretty snappy.

14:15 Alright. Let's get this run. So we're just gonna go with that. Now we did have another comment from Chris who's saying, does my SSH key need SSH tars a at the beginning? It actually doesn't. This is a different protocol, different cipher. This is an elliptic curve. RSA generally, because that's a little bit less secure these days. So you can swap them out based on when you generate the key. And then I left another comment, which I think is a little reference to you there, Alex. Mhmm. Will it be a nice arcade game? Well, we'll looking We might touch arcade

14:49 later on when we come to look at Inlets. Okay. Cool. Nice. And one final hi from Emery. Hi, Emery. Alright. Let's get this spot up so we can Yeah. So let's deploy that, and we'll pretty much forget about it and just check it later to see what happened. Now on the other terminal that you had open, what what we can do and this is something that Johan is on the call. He helped with this. He just took all of those steps and put them in a batch file. So what we'll do is clone the fast d repo. I ran

15:05 Setting up faasd with the Install Script

15:20 this yesterday on a couple of different machines. But you don't have git. Yeah. K. Get code httpsgithub.com. OpenFaaS FaaS. FaaS d. And that has got a batch script that we can So if you've c d into that, and then from there, dot forward slash hack. Don't c d. Stay where you were. And then dot forward slash hack install. And you can fire that away, and we can we could have a look at it in the in GitHub while it's going in if you want. Yeah. Let's do it. And it's effectively gonna be very, very similar

16:06 to what we saw in the cloud in it, except Containerd doesn't the team upstream team won't build binaries for ARM, and they won't build them for for Raspberry Pi either. So I've built binaries and published them, and this script will figure out what system you're on and pull those binaries in. It does seem to have YUM support, but I haven't tested that. I'll have to ask Johan about it. I don't use Fedora or Chorus or anything like that. The CNI plug ins again are pulling off the correct architecture. So this if you look at my longer version, was set this variable

16:47 export x 64, set it to this, that, or the other. So we're just automating it all. Containerd goes in. CNI goes in. Run c goes in, and then the fast d binary, and that's pretty much it. Okay. So let's let's try and break down what fast d is then for the people that are tuning in today. Right? They may be familiar with OpenFaaS. It is a functions as a service platform that runs in Docker Swarm and Kubernetes where you can schedule your functions and it has some sort of eventing for triggering them and lots of cool stuff like that. Right?

17:03 Deep Dive: Understanding faasd's Lightweight Architecture

17:23 What is different with FASD to the traditional OpenFaaS? So for one, there is no docker on the computer at all, and there's no Kubernetes. There's no networking in terms of multi host networking, and there's no clustering at all. So it's just one node. And what that means is that there's a there was a a discussion at the at the software circus, not the last one, but the one just before that. And Adrian basically said, I worry that when people use something like Knative that they're deploying sort of eight or nine layers of control plane before they even get to deploy a

18:13 single function that might, you know, be very efficient and very small. And yet you've got all of this over overhead. And what I had I've got it up on my screen, is I just want to run one function. Sure. All you need is three to four VMs, Kubernetes, CNI networking driver, a container registry, Ingress NGINX, a load balancer, cert manager, Helm, Flux, CI server, Docker, Prometheus, Grafana, k native or OpenFaaS, Istio, your code, and then a team to operate it. Right? And I just want you just wanna run away at that point. And Adrian's right.

18:18 Comparing faasd to Complex Kubernetes Deployments

18:56 He says I worry about the amount of control plane there. Not only if you got Kubernetes, Istio, potentially Knative for OpenFaaS, and your app, but everything else that's involved. All of that infrastructure is actually really expensive if you think about EKS or even running on Equinix. It's gonna cost you huge amount of money. And so then the cost per invocation compared to something like Lambda is ridiculous. Like, it's so much cheaper to use your million free requests until it isn't, right, or until you need a longer run time or until you have a bigger image or

19:08 faasd Use Cases and Benefits of Simplicity

19:31 your team is more used to using containers. And so, really, FaaS just gets away, gets rid of all of that, but it has some constraints that come in. So you can't have a trade off without losing something, and what you what you lose is, well, that can only run on a single node. You can only have a single replica of a function, and it's being orchestrated through system d rather than Kubernetes multi nodes. Some people are like, well, that means that you can't have You can't have failover, but I don't think that's true. You can still deploy three FaaS d appliances

20:07 and deploy the same function on all of them and put a l four load balancer in front of it. Yeah. Exactly. Single single replicas. Okay. Well, in OpenFaaS, I might deploy five replicas of my website. In FASD, you could just deploy it five times with five different names and have a load balance. So it introduces some interesting constraints. And what I found quite interesting is that people are already putting in to production. There's a company called Sprucey in China. They do machine learning. They're deploying their models in FaaS d like an appliance. So they build it out using something like

20:47 Kubeflow. They push it into a docker image, and then they just deploy that to FaaS d, and it's super low maintenance. As you saw with that script we just ran In a very short period of time, you just have everything working or you cloud in it or terraform it up and you're good to go. Yeah. I mean, I definitely see the appeal of of this approach, you know. For some of use cases, like, thinking if I wanna react to get a web hooks and it's a really simple thing. I just wanna write something to influx to be or to

21:18 Prometheus or anyone like that for some basic metrics. Then a fast d setup is gonna be much more cost effective to me than running a Kubernetes cluster. Cluster. Now, of course, if I have a Kubernetes cluster, that that's fine. Like, you know, go down that path. Use OpenFaaS. But there's I can see loads of use cases for me having a small machine running all the time with PaaS d and doing some really cool automation stuff like that. There's a guy from Puppet that's using it as well, and he emailed he emailed in and said, we're using it in our church. Basically,

21:38 faasd on Raspberry Pi & Personal Use Cases

21:45 there's a sermon that's going on live broadcast a bit like this, but they're they're preaching instead of talking about technology and tools. And people can text a number. You could even use this with your show. You can text in your question, and it comes into Slack, and then the staff can reply on a thread. And if they reply in the thread, it texts the person back. It's completely automated, and it all runs on FaaS d. He's got the source up on GitHub. It's in the adopters file for it. And I just thought that was so such

22:17 a creative use. And I would not want to maintain or run a Kubernetes cluster just to have that. No. Definitely not. No. This is definitely I mean, this runs on a Raspberry Pi as well. I could have this running in my house constantly. But you know that the the treasure trove, have you accessed that recently? Last month, perhaps? Did it work for you? The last time I went on to it, did work for me. Yes. If you go to that, that is actually running on my Raspberry Pi. Oh, is it? Nice. Nice. In in my house downstairs,

22:50 plugged in by the TV. Exposed via Inlets, I guess? It is firing less. Right. Well, I think let let's show people how that's all works then. I think let's let's So do do the do that last command that it's told you to do there. Alrighty. Well, I don't need to sit at all. I'm I'm And now we now we basically connected, so FaaS CLI list We'll show you what functions are deployed. There aren't any. And then you can do, like, FaaS CLI version, and it'll tell you what provider we're using. So if you are using Kubernetes or

23:01 Verifying faasd Installation with faas-cli

23:30 container that you've forgotten, you could try that now, FaaS CLI version. And it's telling you it's using container d and it's version zero nine eight. Okay. So by default, when I install and run FaaS d, I'm getting a gateway listening on port eighty eighty for me to receive requests. You get that. You also get Prometheus. You also have NATs. And if you look at OpenVim, for instance, and take a look at var fuzz d. Just yeah. Prometheus NATs. Okay. Var fuzz d. Varlib. Sorry. Fuzz d. Varlib. Correct. Gotcha. Yep. So we've got fuzz d and fuzz d

23:53 Core faasd Components (Gateway, Prometheus, NATS)

24:24 provider. They're two separate processes that run on the host. FASD is the basic container orchestrator that starts all the core services for OpenFaaS. FASD provider, its only job is to do CRUD and invocations on functions. And we've gotten split out. There are two different processes that are running. If you look in FaaS d hosts is that showing up? Open that one up if you like. What we've got here is the CNI plug in IP addresses for all of the services that we've started through FASD, and that then allows us to mount that host file into Prometheus, into the key worker, and then

25:08 the key worker can say, I wanna talk to the gateway, and it's able to, and vice versa. So it's a basic service discovery. Okay. And these are all running via container d as well. Right? These are not native processes on my host. Correct. Now let's look at the Docker Compose file in that re in that folder. Now this isn't actually running with Docker or Docker Compose, but we were able to use the Compose format. This was something that was open sourced very recently, and there was a nice Golang library for it. And as I say, many

25:25 Adding containers to faasd

25:48 people have helped with OpenFaaS. Lucas Rose did the work for this, and he converted it from being hard coded in Go because it started as an experiment as a proof of concept, and that was fine. And now not only can you just sort of go in here and hack on the variables or update the Docker image from 18 to 20, You can also add in extra stuff. So if you want to run caddy and have a reverse proxy to terminate TLS, you simply just add it at the end. If you wanna run influx because you're using

26:21 it with your functions or MySQL, you can add it at the end. You can add stuff like the Chrome Connect. In fact, I did that at home just before we got on this call on my my server. And this is something that has made it even more powerful because you only need this one file. FASD will will run and manage the containers for you, and then FASD provider runs the the other bits for you. K. So I can just add stuff to here? Yeah. You need to follow the exact sort of format that we've got here.

26:51 Adding a Custom Service (InfluxDB) to faasd

27:04 Now what else do you need? Now I just wanna expose the port. That's it? Just check one of the other ones to make sure that you've done that right. And you might need do you need a command on that container, or does it have it built in? Yeah. It's all built in. All I just wanna do is run that image as is. Just look at that example. Stop scrolling. There you are. You probably need net cap raw on it. I would just copy and paste those two lines. Yep. Looks about right to me. And then it's because it's in system d,

27:42 Restarting and Debugging the faasd Service

27:42 do a system d daemon reload and then a restart FaaS d. Now, again, one of the benefits of having this in the journal is that and and why this is taking a few seconds is it's shutting down all those containers that are running. It's not just deleting them or or kill nining them. We would do a journal CTL dash u FaaS d and put a dash f on it, and that would allow us to watch the logs as they're coming up, and you'll see various bits getting exposed. Yep. The other reason that that took slightly longer

28:26 is because we actually had to pull down the image for influx. I would imagine Unless I got the image name wrong, which is also very possible. Yeah. Have a look at the looks. Okay. Let's do that. Let's do the this way. Hit there. I guess I'll just filter. You didn't change the right file. Sorry. I'm changing the get checker. I'm not changing the one. Just do a c p of that. C p into the location. That's that's the Yeah. There you go. Yeah. That was that would have been quite a magic Do every start with an and

29:16 at the end and then get the logs up with an f and then we can watch it spinning around. Put it in the background. So, actually, ampersand. Yeah. Ampersand. Yeah. Right. Dash f. Alright. So currently, it's just shutting down some containers by the looks of it. Because it's shutting down all the core containers. So NATs runs, which means you can actually do asynchronous processing. One of the things about NAT the NATs and the way we've used it is that you can do an invocation. Let's say, I know you've got your git series project. You are gonna scan a repo, and you've

29:57 gotta check it, not only check it out, but also run a bunch of other stuff on it afterwards. Yeah. Maybe maybe that isn't correct. Yeah. I'm just double checking it now. You can have the function run-in an async way, and then at the end, it will post the result of that either to another function or to a request bin or wherever you want it to go. So it's a v two zero, and the latest is 2. So let's just do that. Alright. Journal. There we go. No damage that time. Okay. So that just means that

30:41 there's no added that container to my FaaS setup yet. It's running. Yeah. So Now here's something. Why don't we get the logs for that? Command? No. On the repo, it would tell you how to get the logs for a core service. So that's for a function. And, also, we have FaaS CLI logs, and this is for a core component. And the default there is the namespace. So probably you're gonna change the the namespace to OpenFaaS in the future, but for now, it's just default and then a colon and then the name as you put it

31:23 in compose. Oh, okay. Cool. Yes. Seems to be running. Now it's that that's HTTP, isn't it? So what's the IP address of your machine? Let me see if I you read it out to me. The 147. Yeah. But let me set up the off first before someone else does. Okay. No. That's all I want you to see. Now what you might might wanna do is just actually only expose it on local host instead of on all adapters. I'll set this up first and then I'll do that. Alright. Cool. Done. Okay. Okay. Now in fact, if you go back if

31:37 Verifying Added Services (InfluxDB, Prometheus)

32:13 you just leave it as it is and go back to that URL again and go to port ninety ninety. And this is gonna be our Prometheus. Now Prometheus is only exposed on loopback. And if we like, we could just take it off completely. Now that means if you want to connect to it, you can do an SSH tunnel to it and then look at it from local host, or you could use Inlets and bring it back to computer or use Inlets and expose it somewhere else on the Internet. Why is that the case? Well, Prometheus doesn't

32:48 tend to have authentication on it. It's just one of those things that you probably don't want the world being able to access. So this is again part of the power of having that declarative file is we can just say how we want things to look. This instance, we're just saying it's only on loopback. So if you go back to your computer, you should be able to do curl on Okay. Curl on local host ninety ninety. And there's your Prometheus. There we go. Yep. Okay. So this is why I was interested in doing a a livestream with you because we get to talk

33:31 about, specifically talk about, these things. I find I find them particularly interesting. Now the other thing we can do is let's see if I can turn this camera on and off again. Is we can put in It's not happy. Okay. I'll sort my camera out. The other thing we can do is we can there we go. Deploy something like a cron connector or an SQS connector or NATS connector just by editing that file. And then let's say if it was a cron expression for five minutes, you could have it go off and pull your repo down every five minutes, run a

34:00 Building our first FaaS function

34:11 command on it, and then post the results somewhere. But we should probably just start at the beginning. This is a 64 bit Intel computer. It doesn't have Docker on it. So if you want to build a container on your server, that is normally just a bad idea anyway. And if you install k three s, you'll see that you don't get Docker on there either, and so you can't do builds. So you can still use something like Canico or the build kit daemon on here, but I would suggest you build it on your computer using your local Docker

34:16 Building & Deploying Functions Locally to faasd

34:43 or on another machine, push it to registry, and then deploy to the gateway address of this. Do you have Docker somewhere? I do. Yeah. Yeah. I'll just take thirty seconds. Good. Alright. We'll have a let's open a terminal on your client computer. Know when should be developing on production. Do you have here? In Brew? It will be in Brew, but it'll be trailing behind a little bit because they they take a while to update PRs. I just get it from OpenFaaS on GitHub slash FaaS CLI. Okay. I'll just do it on the visible screen. So we're gonna go to GitHub.

35:20 Setting up faas-cli on Client Machine

35:38 We're gonna go to open FaaS CLI. FaaS CLI. FaaS CLI. Typing fail. It's okay. There we go. And we're just gonna download the latest release? Yeah. That's the easiest easiest way to get it if unless you wanna actually run the bash installer. Right. And then copy the link address. I'll just let it so we're gonna sudo and beat and launch OpenFinisher. Fast CLI. Right? Fast CLI. Exputable. Okay. I would normally rename it, but you can you can use it with that name if you want. And this is something you can get from the installers the installer script.

36:42 Oh, where did it go? It's there. Local. You just make sure. Membeads. We go. Okay. So user Before you do that, do you know the trick that if you go back and delete that up to Darwin? It's just a little bash trick. Okay. Now put a squiggly bracket like a the the bracket. Yeah. That one. Then put dash Darwin and then a comma and close it. Try that. You might have to go into your preferences just to enable that. You're on Big Sur. That another go. Yeah. You can open it this time. Yeah. I should be able to do it

37:48 from here. Okay. Right. So all workloads on OpenFaaS start life as a Docker container. You can just write a Docker file and put a server in it and put eighty eighty, deploy that. But part of the beauty of using serverless approach is you just write a handler. And so if you do fast CLI template store list, you can see a number of different templates that are available from the community. Some of them are more official ones. Because you and I are both familiar with Go, let's do template store pull, and then we'll write golang dash middleware.

38:25 Using Function Templates (faas-cli template store)

38:35 This is one of my favorite ones. That's getting it from a Git repo, and it's brought two down. Fast UI template list, I believe it is. Oh, yeah. I'm sorry. I'm getting ahead of myself, aren't I? Yeah. Let's see. So no. New dash dash list. There we are. Without the template. Yeah. And it just shows you what's in your current directory now. So we could do a new one with the Golang middleware. This is effectively just like a HTTP request and receive a response. So new dash dash lang and then Golang middleware. Yep. Then we wanna put a name. So we

39:07 Creating a New Function (Golang Middleware)

39:23 were talking about webhooks. We just call this hooks. And then what's your GitHub what's your Docker Hub username? Rawkode. So put space dash dash prefix, and you can put Rawkode. All that does is effectively creates a new function by taking the top level bits of it, put some in place. And if you do a cat on hooks, YAML, you'll see that your username would just got inserted there. So that saves you a job by going in and editing it. Now this file is a stack YAML file. It can be used to configure build time and deployment time configuration.

39:57 Examining the Function Stack.yml and Code

40:05 Build time is what's the template if there is one, where's the code, what image does it go to, what build arcs do we want? Do we want go lang modules on, for instance? The other thing you then get is run time. So do we want a number of secrets? Do we want environmental variables? So you have environment variable if you wanna add debugging or the DB host URL. This is how I think of it. If it's confidential, put it in a secret. If it's configuration non confidential, put it in an environment variable. Okay. I just pop this open and code, which

40:45 is on the wrong screen. And this is our handler function. Yes. Under under the covers in the template folder, you will see the original version of this up on the right. Yeah. In the function folder. So that's what the user gets to see, but there's way more going on. There's a main dot go. There's a Dockerfile. There's a go mod, and this is what you don't have to see and don't have to deal with. You don't have to configure a safe shutdown. You don't have to configure the timeouts. You don't have to bind TCP ports.

41:27 Okay. So you're now in on your machine, and you're doing developer and test. You want to get this code onto your FASD box. Just like we did the login before, you need to log in from here. So I would suggest you open your Versus code terminal, fast CLI login, and put the parameters from the other machine in. Okay. So FaaS CLI login. I hear you right? Still there? Yep. Sorry. Can you repeat that? I was just logging in to my I think if you do dash dash help, it might give us some parameters. Yeah. So there's a few examples.

41:32 Logging into the Remote faasd Gateway (faas-cli login)

42:19 What you could do is you could why don't you s can you SCP down the password file so we don't have to put it on the screen? Use SFTP or SCP to pull it in. Farlib. Oh, Farlib. Okay. Secrets. Basic auth password. Got it. Okay. Now if you don't get that okay. That's okay. Look at the help command again because it gives you an example. You can effectively use cat as part of the thing. So cat the password file, pipe it into FastCLI login. Okay. FastCLIlogin. Can you see the command above? So it's dash s, which is short for password standard

43:35 in. Yep. And then you need your gateway URL after that. Gateway. Okay. Yep. Let's just grab the IP address one more time, and that'll be 8080. Right? Yes. Do I need a username? Well, that's in the file too. No? It's it's just always admin unless you've offered to change it, so we just automate that. Done. Okay. Now it's saying you should consider setting up TLS with let's encrypt. If we had more time, there's a Terraform that works with DigitalOcean that installs caddy that then terminates the TLS. You could migrate that for Equinix metal or you could just go in afterwards and install

44:07 Security Considerations: Gateway TLS

44:21 caddy on the host. So that password's been sent in plain text over the Internet. It's just for testing, but, generally, I would always recommend setting up a TLS if well, I would say you must set up TLS if you're gonna do this sort of thing. Okay. Now you can see that gateway dash dash. We could keep typing that in on every command. There's always also an environmental variable that we can use. OpenFaaS, I believe it's you either gateway or URL. It's gateway, I think. It's a both. 758765. How can I confirm if it's that? Can

45:00 Setting FaaS Gateway URL Environment Variable

45:08 I do a FaaS CLI, like, kind of what what would what would go to the gateway and give me some information back? FaaS CLI version. Alright. So that's just a c l I. So let's export that again as you're It's open fuzz underscore url. Yeah. Is. That's better. There you go. Great. So we're connected now. We're connected to your server, and we're now ready to do fast c l I up and dash f with the file that you created. Dot yaml? Yep. L? That's the one. Oh, this is building build kit. Have you set docker build kit in your environmental variables?

45:31 Deploying the Function to faasd

45:56 I do have build kit enabled by default. Yes. Yeah. Okay. Well, that's a cool thing here because I open fast because it just literally execs Docker for the build. Can make use of that. So this is building that image with the code that we just generated from the Golang middleware template. It's gonna push that image to the docker registry and then deploy it to OpenFaaS on a remote server. Is that right? Yep. Cool. There was actually someone who was asking me about this. I think it was a Akos or Akos. He said, I've got this

46:30 API. It's written in Go. It's running on a server, single node. I use it for some stuff, but I don't know how to deploy to it. He said, it's only Docker. So I can't use Flux. I can't use this, that, and the other. It's just a single node running a HTTP API. How do I update it from the Internet? My GitHub actions are building and pushing an image, but I don't know how to do that last mile. Well, you can do this. So if you deploy FASDs, we've seen you can put influx DB in your stack. You can put all sorts

46:55 Deployment Process (Build, Push, Deploy) Explained

47:02 in there. That then gives you a public API that you can have HTTPS and auth on. That can be logged into and deployed to via your PC or via GitHub action. So that's a good way of then being able to update code and host these APIs. K. Now when we go to this, just take off that suffix, OpenFaaS f n, because we have it. We don't have multiple namespaces in FASD yet. Yep. Then just browse to this? Yeah. Hello, world. Right. So let's just change the text and then run up again. The text in the Golang.

47:38 Modifying Function Code and Redeploying

47:44 Alright. So let's do Harlow Metal. I think I've got MODN as well then, don't we? There we go. Yeah. And then just run up again? Yeah. Now because you're just exacting out to to Docker here. Like, it's gonna leverage all my build cache and stuff as well, which is really nice. Yep. There's a blog post that I wrote today. There's a new command called publish. And what that does, it uses build x instead of build. And if you give it a list of platforms, can build for your Raspberry Pi. It can build for your ARM server.

48:24 In your basement. It can build for your Raspberry Pis. You can even run that on a GitHub action or Travis. You then get a multi arch image. And when that's deployed, the cluster, Kubernetes cluster or FaaS d just knows which is the actual binary image to pull down and run for you. You see we have a little bit of a lag here. Normally, on Kubernetes, the operations are all asynchronous. With FASD, they're synchronous. So you've got the exact duration until it's ready. Yeah. Easy. Yeah. And we can make this even faster. You can if you think about it,

49:00 Super fast cold starts with faasd

49:02 you can cache that build. We could do a few fewer things there. We could do the build on a server that's close to that machine. Maybe in a few seconds, we could just have that updated with some new code. Okay. So that's FASD. One thing that you get with containerd is you get to potentially pause containers. So you could have a thousand of them all paused using almost no resources, and they get unpaused as they're needed. And the cold stop for a pause container is ridiculously fast. We just go and pause one now back on the the shell

49:21 Containerd Pause Feature for Fast Cold Starts

49:43 of the server, and it's c t r dash n for namespace, OpenFaaS f n, t for tasks, l s. Dash t l s? No. No. Just a normal t or or write the word tasks. L s. Yeah. Alright. Okay. Got it. So we got our hooks there. Now you should just be able to pause it. Yeah. I'm just guessing, though. But Yeah. And now do an LS. So before we invoke it, let's go to our OpenFaaS gateway. You're gonna need to move your terminal down off off the screen. It's on eighty eighty. Cap the password, copy it to clipboard. I

49:45 Manually Pausing a Function Container (ctr)

50:28 think you actually copied it anyway, didn't you? And we'll paste it into the login dialogue that comes up, but just don't do that on the screen. Yeah. That's not your Mac. Oh, no. Yeah. Yeah. Yeah. But we have got the file on your Mac. Yeah. Yeah. So we're just gonna go to this directly here. Yeah. And then always admin. And you zoom out a little bit. Bit more. We'll see the sidebar when you're ready. Okay. Click on hooks. It should say not ready because it's paused. So if you copy that URL and we put that in a new browser

50:57 Cold Start Demonstration via Browser Invocation

51:14 tab, that was a cold start. Nice. Nice. That was a cold start. So it is ridiculously fast to unpause a container. And this, you can't really do with with Kubernetes. It just doesn't have the mechanisms for it. It's a distributed system. So even if you unpause the container, it's gonna take, like, three seconds for all the nodes to figure out that that happened. Okay. Alright. Let's invoke this asynchronously. Okay. How do we do The easiest way is probably just to do it on the command line. We've already got that URL. So curl space without the f n yet.

51:50 Asynchronous Function Invocation

52:09 And then just change function to async dash function. Yeah. And then we wanna put a message in because we can take a body and put dash d and hello, whatever you wanna put. Hit enter. Now that hasn't waited to execute because it's been asynchronous. My camera's put on that blink. What we can do is we can look at the logs for the queue work. I remember how we got the logs before. We did. So that would be general d dash t by default, and then one then the name of my function, so hooks. Yeah. That will give you the the function

52:38 Checking Queue Worker Logs for Async Events

53:01 for the logs, but what let's get the functions logs the logs for the queue worker itself. Queue worker. I'm just switching over to my webcam while you're doing that. Open up pager. And we can see the indication there and how it was run. Yes. We can. And the complete body that you passed into it is also there. Yep. It's there somewhere. Now let's see if we can post that off somewhere on the Internet instead. Okay. You want So have you you used anything like request bin recently? I use Rbox. Rawkode Yeah. That sounds like the same sort of thing.

53:31 Configuring Callback URL for Asynchronous Results

53:55 K. So we have an endpoint that can receive traffic. So are we gonna update our Go code? Or what's your what's your thoughts here of what we're doing? My thoughts are just go ahead and set up one of these endpoints on the Internet. Alright. As I say, I've used request bin in the past. What we're gonna do is invoke the function asynchronously and have it post back to your request bin or whatever listener you've set up. Okay. And are we doing that by modifying the go code or something else? No. You're just gonna set request bin for me now.

54:07 Using a Request Bin to Receive Callbacks

54:38 Can you do that? I have a I have a bin. Great. Okay. Now the next part is to go back to the terminal. Yep. And the one that we have on your machine where you're invoking it. Yep. Just one more header. So same again. One more header at the end or at the beginning. X dash callback dash URL colon space. Yep. There you go. Enter. Oh, okay. So we can pass in a callback URL for the asynchronous function, and it's gonna whatever the output is, it's gonna send it there. Yep. And if I refresh this, there we

55:21 Verifying Asynchronous Callback Result

55:23 go. Now, unfortunately, I can't get my camera back on and I've I've switched over to my Logitech stream cam, and it it's not getting picked up. So we'll just have to leave it off for now. Okay. So we got the call. We also got the duration in seconds of how long it took. And you remember how we paused it earlier? We could pause it again, and then we could invoke it in the same way. And the queue work will simply wake it up to do the work. Or if we're using a Chrome connector and this function was getting put into sleep,

55:55 we had, I don't know, 200 for different customers all on the same machine. We could pause them all or we could scale them all down even with FASTD. And then later on, as they need it, they can just get scaled up again and as you saw how fast it was. Okay. So we're seeing a response time here of what is that? Like, nine hundred milliseconds? I I don't know. Yeah. Maybe. Because Nine hundred milliseconds. Well, one thousand milliseconds is a second. So I think it's Oh, yeah. A faster than that. Yeah. Alright. Thousand times faster than a second.

56:06 Scaling Down and Pausing Functions for Efficiency

56:34 Yeah. Let's pause that again. That's what you're saying. Millisecond. Just under a millisecond by the looks of it. Okay. I'll fix your your judgment rather than me. That's for sure. So Yeah. Do it again if you want. That's paused now. So let's hit that again and then refresh this page. So it took a little bit longer. Yeah. But still fast. Still very, very fast. So we got a couple of questions there. So first, Alistair said that was a cool start low. Yeah. Marcus, yep, really fast. Nice to see you, Marcus. No. S container d using a freezer secret

57:04 Q&A: Pausing Mechanism

57:16 for the pausing. I would have to look into that. It's u it's using it might be doing that. I can't I couldn't say for sure. We can find out later, and we'll we'll get back to find the code. It's com it's it is open source, so you can go and look at it on GitHub later on. Alright. So that's really, really cool. What what what do we do next then, Alex? So we talked about Inlets. I think we should we should show people Inlets. Let's do it. Now we talked a little bit about the use

57:52 Inlets Use Cases (Developer, Hybrid Cloud, Secure Access)

57:54 cases for this, didn't we, together? And I think there's a few there's a few use cases. Right? The first one is I I'm just developing something on my computer, and I want someone on the Internet to be able to access it. Maybe you've got a local k three s cluster. Maybe it's just a normal go binary. The second use case is that you are a company running SQL on premises or active directory on premises. And then in the cloud, you have a Kubernetes cluster, and the two need to talk to each other. You may think about using a Direct Connect

58:31 or a BlackLine. Come and have Azure drill a hole through your floor and put a fiber cable in. Very expensive. Even setting up a VPN, I've had customers tell me that it can cost them a thousand euros a day just to have someone go and connect to VPN for a client. Inlets instead just runs a HTTPS tunnel and then we can put TCP traffic over it. There's a free version of it that can do HTTP traffic. And so that hybrid cloud use case is really popular. If you actually go to inlets.dev, we can show you a quote from one of the

59:10 users. It's just about halfway down the page from to buy us at Fission. So they they've really regulated customers that they work with. The VPC doesn't allow for incoming connections. They can set allowed egress. And so what they do is they run-inlets in the VPC of customer right next to the OpenShift API server that then allows them to build a managed OpenShift product and to talk to that API server, list containers, and do whatever operations they need to do. Nice. Very nice. So do you want me to download the binary? So I was thinking what could we do? So I sent you

1:00:00 Exposing a service with inlets and the inlets operator with arkade

1:00:09 a trial for the Inlets Pro earlier. That's a bit more interesting. Do you have Kubernetes running on your on your computer? You say you use Docker desktop, don't you? Yeah. Docker for Mac has Kubernetes enabled. Yes. So if you open the tab that terminal again, can you show me kubectl get nodes? While we do that, I can also say that null looked at the code and it does on Linux use the free search secret. So Cool. So we don't have Kubernetes. So Nuno was asking about Arcade. Arcade is a tool that I was trying to think of how to

1:00:40 Introducing Arcade: A Marketplace for Kubernetes

1:00:48 talk about this. It's basically a marketplace for Kubernetes. I think that's probably what we need to put in the readme file because that's what it is. It's a marketplace for CLIs. It's a marketplace for Helm charts. It's the easiest way we can do the next step. So let's say if you go to get arcade.dev with a dash, I did want arcade.dev. Somebody at at Versa was sitting on it. If you're listening, I'd I'd like it. And, again, you can download the binary if you like doing it, the sort of slower way or the slash. And, you know, there's a trusting option,

1:01:21 Installing Arcade CLI

1:01:32 and there's a a less trusting option. You get to pick what you want. Well David and I were friends. Oh, dear. Oh. I'll tell you what I did to that on we were doing sick sick Fridays in Europe, and I had about 20 Kubernetes experts watching me type my Git password in. It's only a password I use for my local machine, so I'm not Well, there you go. Now I don't know how to sort this out for ZSH. So okay. Great. So we got arcade now. We type in arcade. Yep. Yeah. Alright. What we want to do is Arcade install

1:02:18 Installing Inlets Operator with Arcade

1:02:18 inlets dash operator dash dash help. The inlets operator is a Kubernetes operator that runs inlets for us. Oh, space operator. Inlets dash. Yeah. And so if we scroll up a little bit, we've got various options because what the operator can do is it it can set up a server for you on your favorite cloud, DigitalOcean, Azure, whatever it may be. And then excuse me. We use the public IP, and we route the traffic. So any traffic and bytes that hit that public IP on that server, they go into the Inlets server. It's got a permanent WebSocket established and it

1:02:40 How the Inlets Operator Works

1:03:09 just forwards it onto a client running inside your cluster. And then the client knows where that data goes. So in the in the example of I don't know. Let's say we had a load balancer in an ingress NGINX. The operator would see that it wants a load balancer, creates the host on the Internet. Then whenever it receives any traffic, it sends it to the client. The client says, I send all of data on +1 8443 to a service, a service called Ingress Controller, and then it all just works. And because you've got TCP for four four three, you

1:03:50 can even use cert manager as well. I think we can do this easier if I send you a tutorial because I know you don't you're not as keen on doing things ahead of time, but this is something that we can paste and chat about. I'll put it on this one. See if you can get that open. Yep. Copy that. There's actually a few people came to me recently, and they're saying, well, you know, what to expose a k three s cluster? Zoom in a little bit. Can I use the open source version? And there's various ways that you can do that,

1:04:00 Following Inlets Pro Tutorial with Equinix Metal

1:04:30 but the the pro version that we're using here just makes it so much easier. There we go. So you need to set up your access token for packet for Equinix metal, and that's the file. That's not the actual value. So have you got a a file on your disk with an API key in it? I can get one. Let's do that. So over on your dashboard under your account, sure you know where to get it. Yeah. I've done that once or twice. Alright. Let's see. There is a code there. So let me just pop open one more

1:04:40 Setting up Equinix Metal Credentials

1:05:15 terminal. Open window, please. Here. Secrets. So them dot access. Now each provider on the Internet could take different options. Packet, the packet providers, it's still called that, It's relatively straightforward. The only extra thing we need above in this command is the the project ID. Yeah. The region can be left blank and it would default. What can I ask a question quickly? See the license fail, is that the entire thing you sent me or just the key? It's just the job at the end. Alright. Got it. Okay. Let me get that. Alright. Okay. So we got

1:06:02 oh, and let's put that in it. Alright. So I've got two files. So I need to export this. Computer. Yeah. Okay. And this is going to be what's last dot oh, I zoomed in. That's what it was. Got it. Is it in that temporary directory? Is that where you have it? Yeah. I've got it here. So Okay. Access and my license file is very similar. It about slash and Just do an l s if you can. Access button that's Yeah. Looks good. Okay. So now we can run this command here. I would not run that because it's

1:06:09 Running Inlets Operator Install Command (Provider Config)

1:07:00 wrong for you. Maybe put it in a text file. We'll edit it and then run it. Yeah. So we're gonna run with the packet provider Yep. AM six. I would get rid of the region because I it will default to Europe anyway. Yep. Token files, correct. License file, correct. The other thing you're gonna need is your project ID. That is project ID, like And that isn't confidential. So you I don't know. Should just be able to paste that on. Well, I mean, I've already flashed my, you know, machine's password. What's a few more things? At least you have the secure

1:07:42 enclave for your SSH key. Okay. So let's I don't know if that needs quoting. We'll find out. What's happening there? Well, it's downloading Helm Helm three because it's just easier if it's one command rather than telling you download Helm at this repo, update it, now apply the CRD. All of that's done for you, and it's done in a temporary directory so it doesn't interfere with your stuff. Have you got any services in the cluster? If you get kubectl get service dash capital a, what have you got? There there won't be anything. Let's see. No. You don't have anything. You want me

1:08:19 Installing Ingress NGINX with Arcade

1:08:32 to deploy something? We wanna deploy something that has a load balancer on it. You mean a service or an actual load balancer? About a load balancer service. How about we install Ingress NGINX? Okay. Can we do that with Arcade? We can. Alright. Show me the magic. Arcade install Ingress NGINX, and we don't need any parameters for this one. Someone asked me, well, what about if I want to go actually, we've got the tutorial. I don't know why I'm talking you through this. We should go back to the tutorial. There we are. So install nginx, install cert manager.

1:09:17 Installing Cert Manager with Arcade

1:09:20 Get that one ready. I don't know if Martha's gonna be watching this later. Okay. So let's go over this review. I have installed an nginx ingress. We got the endless operator, and we got cert manager. So does that means I mean, in theory here, I can expose that NGINX Ingress to you. You It's already getting exposed right now. Have a look on your packet dashboard. Let's see if we've got the server getting created. Is this the right project ID? Do you need to refresh? I'm pretty sure that's the right project ID, ED10. Interesting. Okay. Let's do arcade info inlets operator.

1:09:46 Checking for Server Provisioning (Debugging Region Issue)

1:10:17 Arcade info inlets. I might have told you wrong earlier about the region, and then let's get the logs of the operator to see if there's anything going wrong with it. The thing about Arcade is anything that you install, you also get a help message that you can pull back at any time, whether that's OpenFaaS or otherwise. Yeah. It's just in Lan 1 London 1 by default, which isn't a. No. So we just need to do an install again, same command. And then at the end, just put region. And I don't think it's with a space.

1:10:45 Correcting Install Command with Proper Region

1:10:59 Yeah. Is it a m six? Yeah. I use a m six pretty pretty insclusively. The code is okay. Well, we should see something spin up here. Right? Yeah. We should do. And let's get the logs of the operator again. Just have a watch of that. No. You don't have any a any t one smalls there. I use use one smalls for them. T one smalls are mostly deprecated. Can we overwrite the machine It's hard coded. We use the cheapest one that we could find. I'm actually surprised. Let me see what region I was using then

1:11:07 Server Provisioning Starts (Correct Region)

1:11:37 because this is the first one that I added to it. It should be in OpenFaaS only Inlets docs as well. Let's see if I can find a t one small then. Yeah. A m's one has it, which is a Yeah. That's one I use. A m s one. That's the older data centers. Oh, cool. Requests are welcome. Okay. On that, don't you worry? Okay. So now that we're using a data center that has a t one small available, we should see our server. There we go. Yeah. There it is. And it's got the name of

1:12:15 the service it's been exposed for. We've got the IP. We're using an older version of it been to because packet I don't know if it's still the case, but it used to have, like, accelerations for certain images. They were precached on the hosts. Okay. I don't know. And 16 o four was what what's the image? The guy the other guys will will know Jacob or Ed. So Yeah. That's a that should be fast. It should be under a minute roughly for that. Yeah. Now on other clouds, like DigitalOcean, you're not looking at bare metal. You're looking

1:12:56 at literally just AVM running with QMU. That's lightning fast. So you'll get one of these in ten, twenty seconds. Now if you aren't used to the speed of Amazon or something like that, you know, you can be waiting ten minutes, I often am. It's normally a lot faster than that. We got our IP anyway. And what's gonna happen once this starts up is it's just gonna run Cloudinit on the host. It's going to pull down the Inlets Pro binary. It's gonna install a system to unit file, start the service, configure it with the auth token that was

1:13:07 Server Provisioned and Inlets Client Connecting

1:13:31 generated by the operator, and it will be listening for requests. Inside your cluster, you should see a pod in the default namespace called something like tunnel. Maybe it's a deployment in case the pod isn't starting yet. Interesting. What about other namespaces? I don't see a tunnel. No. I don't see it. So you should have a client get scheduled. Let's look at the logs again of the operator just as that host is coming up. Anything further up? Yeah. It says it's syncing the default Ingress NGINX controller tunnel. Yeah. That's that should be the deployment. Yeah. What else

1:14:31 have we got in the logs? A great deal. Okay. So There we go. We got it Yeah. You can look at the logs of that if you want. You see it's connected now. Ports 18443 are getting forwarded. Now I'm gonna try it from my computer. 1477584223. Yeah. And it's giving me exactly what I would expect to see from NGINX if I'd exposed it from an ALB on Amazon. Can you click on what I sent you? Yep. So not found because we haven't got any ingress records yet. We're not looking at a domain. The next thing in the tutorial

1:15:30 Exposing Applications & TLS with Inlets Operator (Tutorial Walkthrough)

1:15:38 will allow you and we could have a browse of it, decide if we wanna actually do it now or not. We'll allow you to deploy an application, define an ingress for it, use set managers ingress shim, so you just put at the top this needs certificate. And then it gets you a TLS certificate that just works. And if you click it getting production certificate, it should show you what that looks like. So you just simply create production issue instead. You would then go down a little further, a bit more, and you end up just getting something that

1:16:21 works like that. Nice. So you're only a couple of steps away from that, really. The only things you need to do is the IP address that we had in the browser that said not found. That's the IP that you would associate with your domain. So it might be rawcode.com or Alex's example dot raw code dot com. Create your c c name or your a record for it. Deploy the issuer. Create an ingress, and cert manager will get a TLS certificate, terminate that inside your Docker desktop, and cert will be stored on your computer. So if you shut the lid on your

1:16:59 laptop and went to Costa's, opened it again or Starbucks, you wouldn't have to do anything, And it would work exactly the same as it is now. Just reconnect, and it will it will go around with you. Ah, that's pretty cool. I do like that. The things that I like to do with it, you see under underneath that real world application is these are the commands to get OpenFaaS, for instance. So you don't have to create an issuer. You don't have to create an ingress because that one command just does everything. So empty cluster, we do the three commands we did earlier,

1:17:16 Using Arcade to Install OpenFaaS & Other Tools (Example)

1:17:38 then those two, and suddenly you have OpenFaaS with TLS. Or as it's quite popular at the moment, there's a lot of talk of Docker registries. If you look a little bit lower down, again, two commands and you get a docker registry for yourself with auth on it and TLS. Very cool. I like that. Quite a lot of flexibility, quite a lot of power mixing all of the all of these tools that you're working on together, you know, using Arcade and OpenFaaS and Endless. This seems to be solving a lot of common developer frustrations and challenges,

1:18:16 which I like. Yeah. I mean, I'm reading this book called Start With Why. Have you read that? I have by Simon Sinek. Yeah. By Simon Sinek. And whilst I haven't got very far into the book, just that one premise of starting with why got me thinking, and I wrote down. I've got my journal in front of me here. Why did I create each project? And is it still something that I want to contribute to and work on, or is this something that is surplus to requirements? And, really, the the one example there for the registry,

1:18:20 The Philosophy Behind Project Creation ("Start With Why")

1:18:52 as I said, I was doing consulting for clients writing technical blog posts. Sivo wanted to build a bit of technical chops, a bit of sort of credibility with k three s, and I wrote them a tutorial, installing a Docker registry with a TLS certificate and authentication. And it was literally 5,000 words. And today, because Arcade exists, it's those two commands plus the command for Ingress Engine X and the one that we did for cert manager. So four commands. Nice. And it would be the same for anything else. So I don't know. Let's say New Relic or Sysdig had an agent that they

1:19:29 Arcade Simplifies Installation of Kubernetes Ecosystem Tools

1:19:37 wanted to get a bit more traction for. First of all, you generally need to have all these base things in place to make the cluster usable anyway. If you're then gonna go and install, you know, like an agent or something at the end of that, why not have everything all in one place? Super easy. And then when it comes to production and you're saying, right. I'm gonna I'm gonna use GitOps, one thing and another, you're probably not gonna sit there running arcade. You're probably gonna take your time and mirror the repositories, mirror the charts, set everything up with GitOps, and and, you

1:20:11 know, spend weeks and weeks on it. But this is something that can really accelerate adoption. The time to actually taste and see what something is like is so much faster when you have something like this. Yeah. Definitely. I can see that. Now I I realized that we're kind of approaching the end of the time we had scheduled for this. So, you know, is there anything that you wanna show off before we we we wrap up for today? I just wanted to see what questions people might have about what we've looked at so far. Yeah. If you're watching and you have any

1:20:44 questions you'd like us to tackle in the next few minutes, please drop them into the chat, and we'll do our best to get them answered. So what else like like, Arcade is is open source as well. Right? It's on GitHub. Yeah. Based on what I see when I installed the n NGINX ingress operator there, it's wrapping the helm charts and providing sensible defaults. Is that how it's working? Yeah. It is. So but but here's where it gets trickier as a as a developer. Kubernetes dashboard, it's not a helm chart for that. It's just a manifest.

1:21:21 Breaks a lot. The version changes. You then have to create a token for it and run a proxy, and it'll always get it wrong. So we created an arcade app for it. It's now one command, and those gnarly commands you can never remember find arcade info Kubernetes dashboard. And that's completely gone away, that problem and that that friction. For Linkerd, there's about six commands that you need to run. You download their CLI, then you run six commands, then you get Linkerd. We've just made it Arcade install Linkerd. Yep. It downloads the CLI for you. It makes

1:22:02 sure that it's a suitable version. There are a couple of overrides that you can pass in. And then, yes, rightly so, OpenFaaS is a helm chart. Mongo is a Helm chart. Istio is currently a Helm chart. The Inlets operator is currently a Helm chart. But with Arcade, the the glow the glorious thing is is you can hide all of that. So whatever is available upstream, the developer doesn't have to care about it. Just one command and they've got it. And can people submit new packages to that just by I mean, is it relatively trivial but people to get involved and add other

1:22:32 Contributing Packages to Arcade

1:22:39 applications to Arcade? Oh, Alistair, if you're still listening, I know we've got a few of the contributors on there. What do you think you can put a comment into the chat? Yeah. We'll just need to get some a little bit of time. I think there's roughly around lag. Thirty second lag. Whilst you're doing that, I'm just taking a look. There's 32 contributors so far to this project. So that probably goes some way to answering the question. Yeah. And one of the things that we've done more recently is just to to make the code, like, a little bit

1:23:21 more expressive like an API. I'm just gonna dig one out and point you at it actually. Yeah. Go for it. Because I guess the OpenFaaS one is a nice one. That's a bit more for both. Yeah. The sealed secrets one. So if you have a look at this, it's like a fluent API. That's how you would install sealed secrets. And then for overrides that you wanna pass in, I don't think this one actually has any, but you can use dash dash set or we have aliases. So it might be like dash dash load balancer if you're changing the service type or

1:24:14 dash dash authentication mode. Those kinds of things are typically hard to discover in the chart, readme file, and now bubbled up as flags just like you saw when you did Inlets operator dash dash help. Yeah. It showed you the different providers and the names of them. Okay. Yeah. That doesn't look too difficult at all to try, you know, to to get involved and and add. And I'm assuming if I just click on apps here, I'm gonna get a list of Yeah. All the apps supported by our There's about 40 now. And then there's the CLIs.

1:24:40 Listing Available Arcade Apps and CLIs

1:24:50 So if you think about it, when you start a tutorial, if you've got no Kubernetes knowledge, you've gotta get kubectl, get kind, maybe get fast CLI. All of those are now behind arcade get. So you get arcade get kubectl. You can even pass in a version to that. And I I think you want quite a cutting edge version on yours. But if you wanted to test one seventeen or you wanted to test the new patch of one nineteen, you can just put dash dash version, and it will pull down the binary for you. And compared to updating Broom waiting for it,

1:25:11 Using Arcade Get for Specific CLI Versions

1:25:29 it's super fast. Alright. Cool. Well, I think that gives people a good idea of having involved in ARC it too. So Yeah. So let's just open one more thing. This is how people can get in touch. If they go to openfaz.com/blog, We have a whole bunch of tutorials, always looking for people to write them and contribute. This is where you get a lot of news, a lot of new features. There's a new post that came out today. You've also got the store there and the new Christmas jumper. Just a bit of fun. If you're interested in getting anything, it helps

1:25:33 Getting Involved & Project Resources

1:26:16 support the project, and you can wear it on Zoom. And then the other link is the community link in the docs. And if you go there, you can join our Slack, and that's where conversation happens for catch up and arcade, and and there's an Inlets channel as well. Sweet. Perfect. Nice. Alright. Well, I don't think we're gonna get any comments. So I think with that, I'll just say thank you very much for joining me today. It was really nice and great to take a look at Well, we looked at a lot, didn't we? So we've got FASD and Inlets and then

1:26:38 Wrap-up and Thank You

1:26:54 we even brought in a little bit of Arcade as well. So thank you for your time today. Thank you for your continued work on these awesome open source projects as well. And I hope you have a great day, Alex. Thanks. Alright. Thank you for watching. I'll speak to you all soon. Until next time. Bye bye.