Knative is integrated with Function Compute (FC). This allows you to use functions to deploy services based on code, Object Storage Service (OSS) objects, and images. This topic describes how to use functions to deploy a service in Knative.

Use code to deploy a service

  1. Create the coffee.yaml file.
    apiVersion: serving.knative.dev/v1
    kind: Service
    metadata:
      name: coffee
      annotations:
        workload.serving.knative.aliyun.com/class: "fc"
    spec:
      template:
        metadata:
          annotations:
            fc.revision.serving.knative.aliyun.com/code-space: "inline"
        spec:
          containers:
            - image: nodejs8
              command:
              - |
                var getRawBody = require('raw-body')
                var version = 'coffee-default'
                module.exports.handler = function (request, response, context) {
                    var respBody = new Buffer('Hello ' + version + '\n')
                    response.setStatusCode(200)
                    response.setHeader('content-type', 'application/json')
                    response.send(respBody)
                };

    The image and command parameters specify that the Node.js code is used to deploy a service. The code varies based on the service that you want to deploy.

  2. Deploy the service.
    kubectl apply -f coffee.yaml

Use an OSS object submitted to FC to deploy a service

You can use FC to download function code from OSS and deploy a service.

  1. Create the coffee-oss.yaml file.
    apiVersion: serving.knative.dev/v1
    kind: Service
    metadata:
      name: coffee
      annotations:
        workload.serving.knative.aliyun.com/class: "fc"
    spec:
      template:
        metadata:
          annotations:
            fc.revision.serving.knative.aliyun.com/code-space: "oss"
        spec:
          containers:
            - image: nodejs8
              command:
              - fc-zip
              - knative-demo/node-demo.zip

    The image and command parameters specify that an OSS object is submitted to FC to deploy a service. The following list describes the image and command parameters:

    • The image parameter specifies the runtime environment. In this example, the parameter is set to nodejs8.
    • The command parameter is an array that consists of BucketName and ObjectName.
  2. Deploy the service.
    kubectl apply -f coffee-oss.yaml

Deploy a service based on an image submitted to FC

FC provides a custom container runtime to simplify developer experience and improve the development and delivery efficiency. Developers can access FC over HTTP and push container images to FC. For information about how to push a container image to FC, see Overview.

Limits

Configuration item Limit
Image size
  • If the memory required to run a function is less than 1 GB, the size of the image before decompression cannot exceed 256 MB.
  • If the memory required to run a function is 1 GB or greater, the size of the image before decompression cannot exceed 1,024 MB.
Image repository Only the image repositories in Container Registry Default Instance Edition are supported. Other image repositories will be supported later. For more information about Container Registry Default Instance Edition, see What is Container Registry Default Instance Edition?.
Supported images Only the images in a private image repository that belongs to the same account and region as the service are supported. Public images will be supported later.
Read and write permissions on container files The run-as-user UID of the service is randomly selected from the range of 10000 to 10999. By default, a service is granted the write permission on the /tmp directory. The ACL rules of the image file system determine the read and write permissions on other directories. If a UID has no permissions to read or write a file, you can configure the permissions in the Dockerfile.
Storage space limit of the writable layers of a container The data that is generated by the writable layers of a container cannot exceed 512 MB.
Permission policy When you create a service, you must attach the AliyunContainerRegistryReadOnlyAccess or AliyunContainerRegistryFullAccess permission policy to the service. You must create a RAM role and attach the AliyunContainerRegistryReadOnlyAccess or AliyunContainerRegistryFullAccess permission policy to the RAM role. In the Basic Information section on the RAM Roles page, you can obtain the ARN. For more information, see Grant permissions to a RAM role and RAM role overview.
  1. Create the coffee-image.yaml file.
    apiVersion: serving.knative.dev/v1
    kind: Service
    metadata:
      name: coffee
      annotations:
        workload.serving.knative.aliyun.com/class: "fc"
    spec:
      template:
        metadata:
          annotations:
            fc.revision.serving.knative.aliyun.com/code-space: "image"
            fc.revision.serving.knative.aliyun.com/role-arm: "acs:ram::1041208914252405:role/fc-yuanyi-test"
        spec:
          containers:
            - image: registry.cn-shenzhen.aliyuncs.com/aliknative/nodejs-express:v3.0

    The values of annotations and image specify that an image is submitted to FC to deploy a service. The following list describes the parameters:

    • fc.revision.serving.knative.aliyun.com/code-space: image: specifies the type of the image.
    • fc.revision.serving.knative.aliyun.com/role-arm: specifies the ARN that is used to attach the AliyunContainerRegistryReadOnlyAccess or AliyunContainerRegistryFullAccess permission policy.
    • image: specifies the name of the image.
  2. Deploy the service.
    kubectl apply -f coffee-oss.yaml

Verify the result

You can verify that the service is deployed. The following example describes how to verify the result of code-based service deployment.

  1. Check the service deployment status.
    kubectl get ksvc

    Expected output:

    NAME     URL                                                                                                                  LATESTCREATED   LATESTREADY    READY   REASON
    coffee   https://198639303048****.cn-beijing.fc.aliyuncs.com/2016-08-15/proxy/kn_default_coffee.http-prd/kn_default_coffee/   coffee-5bqdr    coffee-5bqdr   True
  2. Run the curl command to access the service.
    curl https://198639303048****.cn-beijing.fc.aliyuncs.com/2016-08-15/proxy/kn_default_coffee.http-prd/kn_default_coffee/

    Expected output:

    Hello coffee-default
  3. Check the service and the function that is used to deploy the service in the FC console.
    1. Log on to the Function Compute console.
    2. In the top navigation bar, select a region.
    3. In the left-side navigation pane, click Service/Function. On the Service/Function page, the kn_default_coffee service is displayed.
    4. Click kn_default_coffee. On the Functions tab, the kn_default_coffee function is displayed.