Microk8s with OpenFaas and local docker repository

set up k8s configuration

Kubernetes stores if configuration data in $HOME/.kube/config. Start by saving the microk8s.config there

cd $HOME/.kube
microk8s.config > config

Install helm with --classic option

sudo snap install helm --classic

Install tiller with the recommedned max history depth

helm init --history-max 200
Creating /home/jscharber/.helm 
Creating /home/jscharber/.helm/repository 
Creating /home/jscharber/.helm/repository/cache 
Creating /home/jscharber/.helm/repository/local 
Creating /home/jscharber/.helm/plugins 
Creating /home/jscharber/.helm/starters 
Creating /home/jscharber/.helm/cache/archive 
Creating /home/jscharber/.helm/repository/repositories.yaml 
Adding stable repo with URL: https://kubernetes-charts.storage.googleapis.com 
Adding local repo with URL: http://127.0.0.1:8879/charts 
$HELM_HOME has been configured at /home/jscharber/.helm.

Tiller (the Helm server-side component) has been installed into your Kubernetes Cluster.

Please note: by default, Tiller is deployed with an insecure 'allow unauthenticated users' policy.
To prevent this, run `helm init` with the --tiller-tls-verify flag.
For more information on securing your installation see: https://docs.helm.sh/using_helm/#securing-your-helm-installation

Add open_faas repo

helm repo add openfaas https://openfaas.github.io/faas-netes/
"openfaas" has been added to your repositories

Add openfaas namespace

wget https://raw.githubusercontent.com/openfaas/faas-netes/master/namespaces.yml
kubectl apply -f namespace.yml

generate a random password

PASSWORD=$(head -c 12 /dev/urandom | shasum| cut -d' ' -f1)

or not, I just set my to something I can remember

mkdir $HOME/.faas
cat $PASSWORD > ~$HOME/.faas/$USER

Create secret, this allows basic authentication for the gateway

kubectl -n openfaas create secret generic basic-auth --from-literal=basic-auth-user=admin --from-literal=basic-auth-password="$PASSWORD"

Let kube-dns talk to external servers and then save the new rule

sudo iptables -P FORWARD ACCEPT
sudo netfilter-persistent save

Install OpenFass

helm repo update \
 && helm upgrade openfaas --install openfaas/openfaas \
    --namespace openfaas  \
    --set basic_auth=true \
    --set functionNamespace=openfaas-fn
    
kubectl get svc -n openfaas gateway-external -o wide 
NAME               TYPE           CLUSTER-IP       EXTERNAL-IP   PORT(S)          AGE   SELECTOR
gateway-external   LoadBalancer   10.152.183.172   <pending>     8080:32508/TCP   69s   app=gateway

.bashrc Aliases

export OPENFAAS_URL=http://localhost:31112
alias fl='cat $HOME/.faas/$USER | faas-cli login --password-stdin'
alias fc='faas-cli'

To take effect in the current shell

souce ~username/.bashrc

Make a directory to write your functions

mkdir -p eng/faas
cd eng/faas

Download the templates

bashfaas-cli template pull

Create a new fucntion: faas-cli new hello-world --lang go

faas-cli new hello-world --lang go
Folder: hello-world created.
  ___                   _____           ____
 / _ \ _ __   ___ _ __ |  ___|_ _  __ _/ ___|
| | | | '_ \ / _ \ '_ \| |_ / _` |/ _` \___ \
| |_| | |_) |  __/ | | |  _| (_| | (_| |___) |
 \___/| .__/ \___|_| |_|_|  \__,_|\__,_|____/
      |_|


Function created in folder: hello-world
Stack file written: hello-world.yml

Notes:
You have created a new function which uses Golang 1.10.10
To include third-party dependencies, use a vendoring tool like dep:
dep documentation: https://github.com/golang/dep#installation

Change the image to use our local repository server

Make sure you have it enabled: microk8s.enable respository

Edit the hello-world.yml

provider:
  name: openfaas
  gateway: http://localhost:31112
functions:
  hello-world:
    lang: go
    handler: ./hello-world
    image: hello-world:latest

Changed file

functions:
  hello-world:
    lang: go
    handler: ./hello-world
    image: **localhost:32000/**hello-world:latest

Build your function

faas-cli build -f hello-world.yml

version: 1.0version: 1.0
provider:
  name: openfaas
  gateway: http://localhost:31112faas-cli build -f hello-world.yml 
[0] > Building hello-world.
Clearing temporary build folder: ./build/hello-world/
Preparing ./hello-world/ ./build/hello-world//function
Building: localhost:32000/hello-world:latest with go template. Please wait..
Sending build context to Docker daemon  6.656kB
Step 1/24 : FROM openfaas/classic-watchdog:0.13.4 as watchdog
 ---> 87a67378670c
Step 2/24 : FROM golang:1.10.8-alpine3.9 as builder
 ---> 7b53e4a31d21
Step 3/24 : ARG ADDITIONAL_PACKAGE
 ---> Using cache
 ---> 8328a58ee1db
Step 4/24 : ARG CGO_ENABLED=0
 ---> Using cache
 ---> fbc3ee5d3c4d
Step 5/24 : COPY --from=watchdog /fwatchdog /usr/bin/fwatchdog
 ---> Using cache
 ---> 9ebbecbd8464
Step 6/24 : RUN chmod +x /usr/bin/fwatchdog
 ---> Using cache
 ---> de56edbc6198
Step 7/24 : WORKDIR /go/src/handler
 ---> Using cache
 ---> 0a559fb89c23
Step 8/24 : COPY . .
 ---> Using cache
 ---> 6942e455bcef
Step 9/24 : RUN test -z "$(gofmt -l $(find . -type f -name '*.go' -not -path "./vendor/*" -not -path "./function/vendor/*"))" || { echo "Run \"gofmt -s -w\" on your Golang code"; exit 1; }
 ---> Using cache
 ---> dc56dcf3ff56
Step 10/24 : RUN CGO_ENABLED=${CGO_ENABLED} GOOS=linux     go build --ldflags "-s -w" -a -installsuffix cgo -o handler . &&     go test $(go list ./... | grep -v /vendor/) -cover
 ---> Using cache
 ---> 8385e5699477
Step 11/24 : FROM alpine:3.9
 ---> 055936d39205
Step 12/24 : RUN apk --no-cache add     ca-certificates
 ---> Using cache
 ---> a8b1afff9834
Step 13/24 : RUN addgroup -S app && adduser -S -g app app
 ---> Using cache
 ---> f1250f9ece8d
Step 14/24 : RUN mkdir -p /home/app
 ---> Using cache
 ---> 4409f33606d4
Step 15/24 : WORKDIR /home/app
 ---> Using cache
 ---> 62522283f192
Step 16/24 : COPY --from=builder /usr/bin/fwatchdog         .
 ---> Using cache
 ---> 4dd68c025e7c
Step 17/24 : COPY --from=builder /go/src/handler/function/  .
 ---> Using cache
 ---> 4d3cac239f07
Step 18/24 : COPY --from=builder /go/src/handler/handler    .
 ---> Using cache
 ---> fd5791af6521
Step 19/24 : RUN chown -R app /home/app
 ---> Using cache
 ---> 7027a0f7bf2f
Step 20/24 : USER app
 ---> Using cache
 ---> c7094b5a8038
Step 21/24 : ENV fprocess="./handler"
 ---> Using cache
 ---> dd997af4299c
Step 22/24 : EXPOSE 8080
 ---> Using cache
 ---> 55f8adc6e18f
Step 23/24 : HEALTHCHECK --interval=3s CMD [ -e /tmp/.lock ] || exit 1
 ---> Using cache
 ---> d1bd3569c63c
Step 24/24 : CMD ["./fwatchdog"]
 ---> Using cache
 ---> 96fea3ed2464
Successfully built 96fea3ed2464
Successfully tagged localhost:32000/hello-world:latest
Image: localhost:32000/hello-world:latest built.
[0] < Building hello-world done.
[0] worker done.

Push it to the local repository

faas-cli push -f hello-world.yml 
[0] > Pushing hello-world [localhost:32000/hello-world:latest].
The push refers to repository [localhost:32000/hello-world]
4c68a3f1dbaa: Mounted from test1 
7944c7f2be41: Mounted from test1 
6ad564cec0dc: Mounted from test1 
eb74010d1647: Mounted from test1 
6a5ea42a7358: Mounted from test1 
d934e029c9b7: Mounted from test1 
f1b5933fe4b5: Mounted from test1 
latest: digest: sha256:3cc47b7fd29f10ed5d3a76646f3fddaefc787dda35f92e56297f575468a991db size: 1785
[0] < Pushing hello-world [localhost:32000/hello-world:latest] done.
[0] worker done.

Deploy it to your cluster

faas-cli deploy -f hello-world.yml 
Deploying: hello-world.
WARNING! Communication is not secure, please consider using HTTPS. Letsencrypt.org offers free SSL/TLS certificates.

Deployed. 202 Accepted.
URL: http://localhost:31112/function/hello-world

Test it

echo "hi" | faas-cli invoke hello-world
Hello, Go. You said: hi

Use the ui

http://127.0.0.1:31112/ui/