SlideShare a Scribd company logo

Building a FaaS with pulsar

StreamNative
StreamNative

At Clever Cloud, we are working on extremely light virtual machines to run WebAssembly binaries. As it’s WASM, we can write code using a lot of languages. We use a custom unikernel to run this WASM as Function-as-a-Service, using one VM per function execution. These VM can run on events from messages coming through Pulsar, or from HTTP invocation, the run is on-demand as only the consumers stay up. This can be a new model: Pulsar functions for real isolation in multi-tenancy use cases. This talk will show the use case, explain the virtualization underneath and demonstrate the multi-tenancy use case.

Internet
1 of 57
Download to read offline
Building a Function as a Service with Pulsar
Alexandre DUVAL @kannarfr IT Engineer @CleverCloud Logs systems Automatic Add-ons migration systems Stuff around Biscuit Pulsar Add-on (alpha through support) PaaS On-Call human (not today :D)
Geoffroy COUPRIE @gcouprie Security Engineer @CleverCloud Sozu HTTP reverse proxy Function as a Service Biscuit authorization tokens Working on the Pulsar Rust client 1.0
Function as a Service
Function as a Service? - Run code on demand 1@gcouprie
Function as a Service? - Run code on demand - Without caring about keeping infrastructure up 1@gcouprie
Function as a Service? - Run code on demand - Without caring about keeping infrastructure up - Or scaling 1@gcouprie
Function as a Service? - Run code on demand - Without caring about keeping infrastructure up - Or scaling - Billed on consumption 1@gcouprie
FaaS by Clever Cloud - Build your functions in a language that can generate Web Assembly 2@gcouprie
FaaS by Clever Cloud - Build your functions in a language that can generate Web Assembly - That will be compiled to machine code 2@gcouprie
FaaS by Clever Cloud - Build your functions in a language that can generate Web Assembly - That will be compiled to machine code - Loaded and executed in ephemeral virtual machines without operating systems 2@gcouprie
FaaS by Clever Cloud - Build your functions in a language that can generate Web Assembly - That will be compiled to machine code - Loaded and executed in ephemeral virtual machines without operating systems - That boot on the fly for each request or message on a topic 2@gcouprie
Web Assembly - Good compilation target (supported by various languages) 3@gcouprie
Web Assembly - Good compilation target (supported by various languages) - Designed for sandboxing 3@gcouprie
Web Assembly - Good compilation target (supported by various languages) - Designed for sandboxing - Not limited to browsers! 3@gcouprie
One Virtual Machine per request - Virtual machines are cheap: 1 to 10MB RAM 4@gcouprie
One Virtual Machine per request - Virtual machines are cheap: 1 to 10MB RAM - Fast: boot in 1ms 4@gcouprie
One Virtual Machine per request - Virtual machines are cheap: 1 to 10MB RAM - Fast: boot in 1ms - Great isolation: very limited host API, no hardware emulation 4@gcouprie
Infrastructure based on Pulsar - Compilation service gets compilation requests from a topic 5@gcouprie
Infrastructure based on Pulsar - Compilation service gets compilation requests from a topic - FaaS host gets configuration information (new apps, new code) from a topic 5@gcouprie
Infrastructure based on Pulsar - Compilation service gets compilation requests from a topic - FaaS host gets configuration information (new apps, new code) from a topic - Metrics and logs are sent via another topic 5@gcouprie
Pulsar Functions
Building Pulsar Functions - No need to start one process per function 6@gcouprie
Building Pulsar Functions - No need to start one process per function - The Faas host has 1000s of consumers 6@gcouprie
Building Pulsar Functions - No need to start one process per function - The FaaS host has 1000s of consumers - Starts a function when a message arrives on a topic 6@gcouprie
Multi-Tenancy Challenges - Functions can subscribe to topics from various clients 7@gcouprie
Multi-Tenancy Challenges - Functions can subscribe to topics from various clients - But there’s only one authentication context per connection 7@gcouprie
Multi-Tenancy Challenges - Functions can subscribe to topics from various clients - But there’s only one authentication context per connection - Should we have one TCP connection per consumer? 7@gcouprie
Biscuit
Biscuit New authentication & authorization token Specifications github.com/CleverCloud/biscuit Java Library mvnrepository.com/artifact/com.clever-cloud/biscuit-java Rust Crate crates.io/crates/biscuit-auth 8@kannarfr
Biscuit New authentication & authorization token Powerful authorization rules Based on a Datalog variant facts, rules, caveats 8@kannarfr
Biscuit New authentication & authorization token Powerful authorization rules Decentralized Verification & attenuation are decentralized 8@kannarfr
Biscuit New authentication & authorization token Powerful authorization rules Decentralized Biscuit-Pulsar plugins! Biscuit-Pulsar authorization plugin github.com/CleverCloud/biscuit-pulsar 8@kannarfr
Biscuit Example Applied to Pulsar
- Start from a token with full access to a namespace Attenuation 9@kannarfr
- Start from a token with full access to a namespace - A team needs Pulsar access: reduce access to lookup/produce/consume on a topic name prefix Attenuation 9@kannarfr
- Start from a token with full access to a namespace - A team needs Pulsar access: reduce access to lookup/produce/consume on a topic name prefix - Application specific token: reduce team token to subscribe only, on a fixed topic, with a fixed subscription name Attenuation 9@kannarfr
Authorization life cycle on FaaS
- A function comes with its Biscuit token Authorizing Pulsar Function 10@gcouprie
- A function comes with its Biscuit token - The FaaS host can authorize the token with the same rules as the Biscuit-Pulsar plugin Authorizing Pulsar Function 10@gcouprie
Authorizing Pulsar Function - A function comes with its Biscuit token - The FaaS host can authorize the token with the same rules as the Biscuit-Pulsar plugin - The FaaS host subscribes and produces with only one authentication token, on a reduced number of connections 10@gcouprie
Needs in Pulsar
Biscuit Pulsar Requirements Boolean allowNamespacePolicyOperation(NamespaceName namespaceName, PolicyName policy, PolicyOperation operation, String originalRole, String role, AuthenticationDataSource authData) {} Issue #5720: fixed. Put granularity in Pulsar’s AuthorizationService 11@kannarfr
Pulsar Needs: wishlist - PIP-51: tenant policy support (and topics) 12@kannarfr
- PIP-51: tenant policy support (and topics) - Pulsar Proxy for protocols handlers Pulsar Needs: wishlist 12@kannarfr
- PIP-51: tenant policy support (and topics) - Pulsar Proxy for protocols handlers - Topic compaction on the fly Pulsar Needs: wishlist 12@kannarfr
- PIP-51: tenant policy support (and topics) - Pulsar Proxy for protocols handlers - Topic compaction on the fly - Pattern implementation as Exchanges, FanOuts, … at broker level Pulsar Needs: wishlist 12@kannarfr
- PIP-51: tenant policy support (and topics) - Pulsar Proxy for protocols handlers - Topic compaction on the fly - Pattern implementation as Exchanges, FanOuts, … at broker level - Metrics: enable pulsar to send its metrics itself to as timeseries Pulsar Needs: wishlist 12@kannarfr
clever-cloud.com
Annex 1: Biscuit Example Applied to Pulsar
authority: Block[0] { symbols: [admin] context: facts: [ revocation_id("af136428-b9c3-4360-8535-3a147ce80d99"), // good practice right(#authority, #admin) ] rules: [] caveats: [] } Authority (block 0) Facts are basically data used by verifier.
blocks: [ Block[1] { symbols: [limited_right, topic_operation] context: facts: [] rules: [] caveats: [ *limited_right("tenantTest", "namespaceTest", $2, $3) <- topic_operation(#ambient, "tenantTest", "namespaceTest", $2, $3) ] } ] Attenuated (block 1) $2 is a slot for topic name, $3 for consume, producer & lookup
blocks: [ Block[1] { symbols: [limited_right, topic_operation, namespace_operation] context: facts: [] rules: [] caveats: [ *limited_right("tenantTest", "namespaceTest", $2, $3) <- topic_operation(#ambient, "tenantTest", "namespaceTest", $2, $3) || (OR) *limited_right("tenantTest", "namespaceTest", $2) <- namespace_operation(#ambient, "tenantTest", "namespaceTest", $2) ] } ] Attenuated (block 1) Here $2 is a slot for namespace operation (#offload_write)
Verifier built from Biscuit token facts: [ revocation_id("af136428-b9c3-4360-8535-3a147ce80d99"), right(#authority, #admin) ], rules: [], caveats: [ *limited_right("tenantTest", "namespaceTest", $2) <- namespace_operation(#ambient, "tenantTest", "namespaceTest", $2) // || topic_operation query which is unused here is the final example. ] Verifier facts, rules, caveats are computed from biscuit token.
Verifier add contextual facts facts: [ revocation_id("af136428-b9c3-4360-8535-3a147ce80d99"), right(#authority, #admin), namespace(#ambient, "tenantTest", "namespaceTest") namespace_operation(#ambient, "tenantTest", "namespaceTest", #offload_write) ], rules: [], caveats: [ *limited_right("tenantTest", "namespaceTest", $2) <- namespace_operation(#ambient, "tenantTest", "namespaceTest", $2) // || topic_operation query which is unused here is the final example. ] Then authorization check adds its context.
Verifier add rules & caveats facts: [ revocation_id("af136428-b9c3-4360-8535-3a147ce80d99"), right(#authority, #admin), namespace(#ambient, "tenantTest", "namespaceTest"), namespace_operation(#ambient, "tenantTest", "namespaceTest", #offload_write) ], rules: [ *right(#authority, $0, $1, $2) <- right(#authority, #admin), namespace_operation(#ambient, $0, $1, $2) @ $2 in [offload_write, ...] ], caveats: [ *limited_right("tenantTest", "namespaceTest", $2) <- namespace_operation(#ambient, "tenantTest", "namespaceTest", $2), // || topic_operation query which is unused here is the final example. *authorized() <- (#authority, $0, $1, $2), namespace_operation(#ambient, $0, $1, $2) @ $2 in [offload_write, ...] ]
Verify life cycle - Add biscuit token facts & verifier’s facts (ambient ones) - Add rules from biscuit and verifier - Generate all the facts - Ensure that token and verifier’s caveats pass and authorize

Recommended

Transaction preview of Apache Pulsar
Transaction preview of Apache PulsarTransaction preview of Apache Pulsar
Transaction preview of Apache Pulsar
StreamNative
 
Pulsar Architectural Patterns for CI/CD Automation and Self-Service_Devin Bost
Pulsar Architectural Patterns for CI/CD Automation and Self-Service_Devin BostPulsar Architectural Patterns for CI/CD Automation and Self-Service_Devin Bost
Pulsar Architectural Patterns for CI/CD Automation and Self-Service_Devin Bost
StreamNative
 
Lessons from managing a Pulsar cluster (Nutanix)
Lessons from managing a Pulsar cluster (Nutanix)Lessons from managing a Pulsar cluster (Nutanix)
Lessons from managing a Pulsar cluster (Nutanix)
StreamNative
 
Pulsarctl & Pulsar Manager
Pulsarctl & Pulsar ManagerPulsarctl & Pulsar Manager
Pulsarctl & Pulsar Manager
StreamNative
 
Query Pulsar Streams using Apache Flink
Query Pulsar Streams using Apache FlinkQuery Pulsar Streams using Apache Flink
Query Pulsar Streams using Apache Flink
StreamNative
 
Open keynote_carolyn&matteo&sijie
Open keynote_carolyn&matteo&sijieOpen keynote_carolyn&matteo&sijie
Open keynote_carolyn&matteo&sijie
StreamNative
 
Integrating Apache Pulsar with Big Data Ecosystem
Integrating Apache Pulsar with Big Data EcosystemIntegrating Apache Pulsar with Big Data Ecosystem
Integrating Apache Pulsar with Big Data Ecosystem
StreamNative
 
Exactly-Once Made Easy: Transactional Messaging in Apache Pulsar - Pulsar Sum...
Exactly-Once Made Easy: Transactional Messaging in Apache Pulsar - Pulsar Sum...Exactly-Once Made Easy: Transactional Messaging in Apache Pulsar - Pulsar Sum...
Exactly-Once Made Easy: Transactional Messaging in Apache Pulsar - Pulsar Sum...
StreamNative
 

Recommended

Transaction preview of Apache Pulsar
Transaction preview of Apache PulsarTransaction preview of Apache Pulsar
Transaction preview of Apache Pulsar
StreamNative
 
Pulsar Architectural Patterns for CI/CD Automation and Self-Service_Devin Bost
Pulsar Architectural Patterns for CI/CD Automation and Self-Service_Devin BostPulsar Architectural Patterns for CI/CD Automation and Self-Service_Devin Bost
Pulsar Architectural Patterns for CI/CD Automation and Self-Service_Devin Bost
StreamNative
 
Lessons from managing a Pulsar cluster (Nutanix)
Lessons from managing a Pulsar cluster (Nutanix)Lessons from managing a Pulsar cluster (Nutanix)
Lessons from managing a Pulsar cluster (Nutanix)
StreamNative
 
Pulsarctl & Pulsar Manager
Pulsarctl & Pulsar ManagerPulsarctl & Pulsar Manager
Pulsarctl & Pulsar Manager
StreamNative
 
Query Pulsar Streams using Apache Flink
Query Pulsar Streams using Apache FlinkQuery Pulsar Streams using Apache Flink
Query Pulsar Streams using Apache Flink
StreamNative
 
Open keynote_carolyn&matteo&sijie
Open keynote_carolyn&matteo&sijieOpen keynote_carolyn&matteo&sijie
Open keynote_carolyn&matteo&sijie
StreamNative
 
Integrating Apache Pulsar with Big Data Ecosystem
Integrating Apache Pulsar with Big Data EcosystemIntegrating Apache Pulsar with Big Data Ecosystem
Integrating Apache Pulsar with Big Data Ecosystem
StreamNative
 
Exactly-Once Made Easy: Transactional Messaging in Apache Pulsar - Pulsar Sum...
Exactly-Once Made Easy: Transactional Messaging in Apache Pulsar - Pulsar Sum...Exactly-Once Made Easy: Transactional Messaging in Apache Pulsar - Pulsar Sum...
Exactly-Once Made Easy: Transactional Messaging in Apache Pulsar - Pulsar Sum...
StreamNative
 
Getting Pulsar Spinning_Addison Higham
Getting Pulsar Spinning_Addison HighamGetting Pulsar Spinning_Addison Higham
Getting Pulsar Spinning_Addison Higham
StreamNative
 
Apache Pulsar at Yahoo! Japan
Apache Pulsar at Yahoo! JapanApache Pulsar at Yahoo! Japan
Apache Pulsar at Yahoo! Japan
StreamNative
 
Scaling customer engagement with apache pulsar
Scaling customer engagement with apache pulsarScaling customer engagement with apache pulsar
Scaling customer engagement with apache pulsar
StreamNative
 
Pulsar Functions Deep Dive_Sanjeev kulkarni
Pulsar Functions Deep Dive_Sanjeev kulkarniPulsar Functions Deep Dive_Sanjeev kulkarni
Pulsar Functions Deep Dive_Sanjeev kulkarni
StreamNative
 
Stream-Native Processing with Pulsar Functions
Stream-Native Processing with Pulsar FunctionsStream-Native Processing with Pulsar Functions
Stream-Native Processing with Pulsar Functions
Streamlio
 
Introducing Kafka-on-Pulsar: bring native Kafka protocol support to Apache Pu...
Introducing Kafka-on-Pulsar: bring native Kafka protocol support to Apache Pu...Introducing Kafka-on-Pulsar: bring native Kafka protocol support to Apache Pu...
Introducing Kafka-on-Pulsar: bring native Kafka protocol support to Apache Pu...
StreamNative
 
Apache Bookkeeper and Apache Zookeeper for Apache Pulsar
Apache Bookkeeper and Apache Zookeeper for Apache PulsarApache Bookkeeper and Apache Zookeeper for Apache Pulsar
Apache Bookkeeper and Apache Zookeeper for Apache Pulsar
Enrico Olivelli
 
Serverless Event Streaming with Pulsar Functions
Serverless Event Streaming with Pulsar FunctionsServerless Event Streaming with Pulsar Functions
Serverless Event Streaming with Pulsar Functions
StreamNative
 
Kafka on Pulsar
Kafka on Pulsar Kafka on Pulsar
Kafka on Pulsar
StreamNative
 
Introducing HerdDB - a distributed JVM embeddable database built upon Apache ...
Introducing HerdDB - a distributed JVM embeddable database built upon Apache ...Introducing HerdDB - a distributed JVM embeddable database built upon Apache ...
Introducing HerdDB - a distributed JVM embeddable database built upon Apache ...
StreamNative
 
Introduction Apache Kafka
Introduction Apache KafkaIntroduction Apache Kafka
Introduction Apache Kafka
Joe Stein
 
Interactive querying of streams using Apache Pulsar_Jerry peng
Interactive querying of streams using Apache Pulsar_Jerry pengInteractive querying of streams using Apache Pulsar_Jerry peng
Interactive querying of streams using Apache Pulsar_Jerry peng
StreamNative
 
Strata London 2018: Multi-everything with Apache Pulsar
Strata London 2018: Multi-everything with Apache PulsarStrata London 2018: Multi-everything with Apache Pulsar
Strata London 2018: Multi-everything with Apache Pulsar
Streamlio
 
No Surprises Geo Replication - Pulsar Virtual Summit Europe 2021
No Surprises Geo Replication - Pulsar Virtual Summit Europe 2021No Surprises Geo Replication - Pulsar Virtual Summit Europe 2021
No Surprises Geo Replication - Pulsar Virtual Summit Europe 2021
StreamNative
 
Building a Messaging Solutions for OVHcloud with Apache Pulsar_Pierre Zemb
Building a Messaging Solutions for OVHcloud with Apache Pulsar_Pierre ZembBuilding a Messaging Solutions for OVHcloud with Apache Pulsar_Pierre Zemb
Building a Messaging Solutions for OVHcloud with Apache Pulsar_Pierre Zemb
StreamNative
 
Kafka on Pulsar:bringing native Kafka protocol support to Pulsar_Sijie&Pierre
Kafka on Pulsar:bringing native Kafka protocol support to Pulsar_Sijie&PierreKafka on Pulsar:bringing native Kafka protocol support to Pulsar_Sijie&Pierre
Kafka on Pulsar:bringing native Kafka protocol support to Pulsar_Sijie&Pierre
StreamNative
 
A Unified Platform for Real-time Storage and Processing
A Unified Platform for Real-time Storage and ProcessingA Unified Platform for Real-time Storage and Processing
A Unified Platform for Real-time Storage and Processing
StreamNative
 
Large scale log pipeline using Apache Pulsar_Nozomi
Large scale log pipeline using Apache Pulsar_NozomiLarge scale log pipeline using Apache Pulsar_Nozomi
Large scale log pipeline using Apache Pulsar_Nozomi
StreamNative
 
Kafka blr-meetup-presentation - Kafka internals
Kafka blr-meetup-presentation - Kafka internalsKafka blr-meetup-presentation - Kafka internals
Kafka blr-meetup-presentation - Kafka internals
Ayyappadas Ravindran (Appu)
 
How Orange Financial combat financial frauds over 50M transactions a day usin...
How Orange Financial combat financial frauds over 50M transactions a day usin...How Orange Financial combat financial frauds over 50M transactions a day usin...
How Orange Financial combat financial frauds over 50M transactions a day usin...
JinfengHuang3
 
Introducing Gridiron Security and Compliance Management Platform and Enclave ...
Introducing Gridiron Security and Compliance Management Platform and Enclave ...Introducing Gridiron Security and Compliance Management Platform and Enclave ...
Introducing Gridiron Security and Compliance Management Platform and Enclave ...
Aptible
 
Extending Piwik At R7.com
Extending Piwik At R7.comExtending Piwik At R7.com
Extending Piwik At R7.com
Leo Lorieri
 

More Related Content

What's hot

Getting Pulsar Spinning_Addison Higham
Getting Pulsar Spinning_Addison HighamGetting Pulsar Spinning_Addison Higham
Getting Pulsar Spinning_Addison Higham
StreamNative
 
Apache Pulsar at Yahoo! Japan
Apache Pulsar at Yahoo! JapanApache Pulsar at Yahoo! Japan
Apache Pulsar at Yahoo! Japan
StreamNative
 
Scaling customer engagement with apache pulsar
Scaling customer engagement with apache pulsarScaling customer engagement with apache pulsar
Scaling customer engagement with apache pulsar
StreamNative
 
Pulsar Functions Deep Dive_Sanjeev kulkarni
Pulsar Functions Deep Dive_Sanjeev kulkarniPulsar Functions Deep Dive_Sanjeev kulkarni
Pulsar Functions Deep Dive_Sanjeev kulkarni
StreamNative
 
Stream-Native Processing with Pulsar Functions
Stream-Native Processing with Pulsar FunctionsStream-Native Processing with Pulsar Functions
Stream-Native Processing with Pulsar Functions
Streamlio
 
Introducing Kafka-on-Pulsar: bring native Kafka protocol support to Apache Pu...
Introducing Kafka-on-Pulsar: bring native Kafka protocol support to Apache Pu...Introducing Kafka-on-Pulsar: bring native Kafka protocol support to Apache Pu...
Introducing Kafka-on-Pulsar: bring native Kafka protocol support to Apache Pu...
StreamNative
 
Apache Bookkeeper and Apache Zookeeper for Apache Pulsar
Apache Bookkeeper and Apache Zookeeper for Apache PulsarApache Bookkeeper and Apache Zookeeper for Apache Pulsar
Apache Bookkeeper and Apache Zookeeper for Apache Pulsar
Enrico Olivelli
 
Serverless Event Streaming with Pulsar Functions
Serverless Event Streaming with Pulsar FunctionsServerless Event Streaming with Pulsar Functions
Serverless Event Streaming with Pulsar Functions
StreamNative
 
Kafka on Pulsar
Kafka on Pulsar Kafka on Pulsar
Kafka on Pulsar
StreamNative
 
Introducing HerdDB - a distributed JVM embeddable database built upon Apache ...
Introducing HerdDB - a distributed JVM embeddable database built upon Apache ...Introducing HerdDB - a distributed JVM embeddable database built upon Apache ...
Introducing HerdDB - a distributed JVM embeddable database built upon Apache ...
StreamNative
 
Introduction Apache Kafka
Introduction Apache KafkaIntroduction Apache Kafka
Introduction Apache Kafka
Joe Stein
 
Interactive querying of streams using Apache Pulsar_Jerry peng
Interactive querying of streams using Apache Pulsar_Jerry pengInteractive querying of streams using Apache Pulsar_Jerry peng
Interactive querying of streams using Apache Pulsar_Jerry peng
StreamNative
 
Strata London 2018: Multi-everything with Apache Pulsar
Strata London 2018: Multi-everything with Apache PulsarStrata London 2018: Multi-everything with Apache Pulsar
Strata London 2018: Multi-everything with Apache Pulsar
Streamlio
 
No Surprises Geo Replication - Pulsar Virtual Summit Europe 2021
No Surprises Geo Replication - Pulsar Virtual Summit Europe 2021No Surprises Geo Replication - Pulsar Virtual Summit Europe 2021
No Surprises Geo Replication - Pulsar Virtual Summit Europe 2021
StreamNative
 
Building a Messaging Solutions for OVHcloud with Apache Pulsar_Pierre Zemb
Building a Messaging Solutions for OVHcloud with Apache Pulsar_Pierre ZembBuilding a Messaging Solutions for OVHcloud with Apache Pulsar_Pierre Zemb
Building a Messaging Solutions for OVHcloud with Apache Pulsar_Pierre Zemb
StreamNative
 
Kafka on Pulsar:bringing native Kafka protocol support to Pulsar_Sijie&Pierre
Kafka on Pulsar:bringing native Kafka protocol support to Pulsar_Sijie&PierreKafka on Pulsar:bringing native Kafka protocol support to Pulsar_Sijie&Pierre
Kafka on Pulsar:bringing native Kafka protocol support to Pulsar_Sijie&Pierre
StreamNative
 
A Unified Platform for Real-time Storage and Processing
A Unified Platform for Real-time Storage and ProcessingA Unified Platform for Real-time Storage and Processing
A Unified Platform for Real-time Storage and Processing
StreamNative
 
Large scale log pipeline using Apache Pulsar_Nozomi
Large scale log pipeline using Apache Pulsar_NozomiLarge scale log pipeline using Apache Pulsar_Nozomi
Large scale log pipeline using Apache Pulsar_Nozomi
StreamNative
 
Kafka blr-meetup-presentation - Kafka internals
Kafka blr-meetup-presentation - Kafka internalsKafka blr-meetup-presentation - Kafka internals
Kafka blr-meetup-presentation - Kafka internals
Ayyappadas Ravindran (Appu)
 
How Orange Financial combat financial frauds over 50M transactions a day usin...
How Orange Financial combat financial frauds over 50M transactions a day usin...How Orange Financial combat financial frauds over 50M transactions a day usin...
How Orange Financial combat financial frauds over 50M transactions a day usin...
JinfengHuang3
 

What's hot (20)

Getting Pulsar Spinning_Addison Higham
Getting Pulsar Spinning_Addison HighamGetting Pulsar Spinning_Addison Higham
Getting Pulsar Spinning_Addison Higham
 
Apache Pulsar at Yahoo! Japan
Apache Pulsar at Yahoo! JapanApache Pulsar at Yahoo! Japan
Apache Pulsar at Yahoo! Japan
 
Scaling customer engagement with apache pulsar
Scaling customer engagement with apache pulsarScaling customer engagement with apache pulsar
Scaling customer engagement with apache pulsar
 
Pulsar Functions Deep Dive_Sanjeev kulkarni
Pulsar Functions Deep Dive_Sanjeev kulkarniPulsar Functions Deep Dive_Sanjeev kulkarni
Pulsar Functions Deep Dive_Sanjeev kulkarni
 
Stream-Native Processing with Pulsar Functions
Stream-Native Processing with Pulsar FunctionsStream-Native Processing with Pulsar Functions
Stream-Native Processing with Pulsar Functions
 
Introducing Kafka-on-Pulsar: bring native Kafka protocol support to Apache Pu...
Introducing Kafka-on-Pulsar: bring native Kafka protocol support to Apache Pu...Introducing Kafka-on-Pulsar: bring native Kafka protocol support to Apache Pu...
Introducing Kafka-on-Pulsar: bring native Kafka protocol support to Apache Pu...
 
Apache Bookkeeper and Apache Zookeeper for Apache Pulsar
Apache Bookkeeper and Apache Zookeeper for Apache PulsarApache Bookkeeper and Apache Zookeeper for Apache Pulsar
Apache Bookkeeper and Apache Zookeeper for Apache Pulsar
 
Serverless Event Streaming with Pulsar Functions
Serverless Event Streaming with Pulsar FunctionsServerless Event Streaming with Pulsar Functions
Serverless Event Streaming with Pulsar Functions
 
Kafka on Pulsar
Kafka on Pulsar Kafka on Pulsar
Kafka on Pulsar
 
Introducing HerdDB - a distributed JVM embeddable database built upon Apache ...
Introducing HerdDB - a distributed JVM embeddable database built upon Apache ...Introducing HerdDB - a distributed JVM embeddable database built upon Apache ...
Introducing HerdDB - a distributed JVM embeddable database built upon Apache ...
 
Introduction Apache Kafka
Introduction Apache KafkaIntroduction Apache Kafka
Introduction Apache Kafka
 
Interactive querying of streams using Apache Pulsar_Jerry peng
Interactive querying of streams using Apache Pulsar_Jerry pengInteractive querying of streams using Apache Pulsar_Jerry peng
Interactive querying of streams using Apache Pulsar_Jerry peng
 
Strata London 2018: Multi-everything with Apache Pulsar
Strata London 2018: Multi-everything with Apache PulsarStrata London 2018: Multi-everything with Apache Pulsar
Strata London 2018: Multi-everything with Apache Pulsar
 
No Surprises Geo Replication - Pulsar Virtual Summit Europe 2021
No Surprises Geo Replication - Pulsar Virtual Summit Europe 2021No Surprises Geo Replication - Pulsar Virtual Summit Europe 2021
No Surprises Geo Replication - Pulsar Virtual Summit Europe 2021
 
Building a Messaging Solutions for OVHcloud with Apache Pulsar_Pierre Zemb
Building a Messaging Solutions for OVHcloud with Apache Pulsar_Pierre ZembBuilding a Messaging Solutions for OVHcloud with Apache Pulsar_Pierre Zemb
Building a Messaging Solutions for OVHcloud with Apache Pulsar_Pierre Zemb
 
Kafka on Pulsar:bringing native Kafka protocol support to Pulsar_Sijie&Pierre
Kafka on Pulsar:bringing native Kafka protocol support to Pulsar_Sijie&PierreKafka on Pulsar:bringing native Kafka protocol support to Pulsar_Sijie&Pierre
Kafka on Pulsar:bringing native Kafka protocol support to Pulsar_Sijie&Pierre
 
A Unified Platform for Real-time Storage and Processing
A Unified Platform for Real-time Storage and ProcessingA Unified Platform for Real-time Storage and Processing
A Unified Platform for Real-time Storage and Processing
 
Large scale log pipeline using Apache Pulsar_Nozomi
Large scale log pipeline using Apache Pulsar_NozomiLarge scale log pipeline using Apache Pulsar_Nozomi
Large scale log pipeline using Apache Pulsar_Nozomi
 
Kafka blr-meetup-presentation - Kafka internals
Kafka blr-meetup-presentation - Kafka internalsKafka blr-meetup-presentation - Kafka internals
Kafka blr-meetup-presentation - Kafka internals
 
How Orange Financial combat financial frauds over 50M transactions a day usin...
How Orange Financial combat financial frauds over 50M transactions a day usin...How Orange Financial combat financial frauds over 50M transactions a day usin...
How Orange Financial combat financial frauds over 50M transactions a day usin...
 

Similar to Building a FaaS with pulsar

Introducing Gridiron Security and Compliance Management Platform and Enclave ...
Introducing Gridiron Security and Compliance Management Platform and Enclave ...Introducing Gridiron Security and Compliance Management Platform and Enclave ...
Introducing Gridiron Security and Compliance Management Platform and Enclave ...
Aptible
 
Extending Piwik At R7.com
Extending Piwik At R7.comExtending Piwik At R7.com
Extending Piwik At R7.com
Leo Lorieri
 
Azure Functions @ global azure day 2017
Azure Functions @ global azure day 2017Azure Functions @ global azure day 2017
Azure Functions @ global azure day 2017
Sean Feldman
 
10 Lessons Learned from using Kafka in 1000 microservices - ScalaUA
10 Lessons Learned from using Kafka in 1000 microservices - ScalaUA10 Lessons Learned from using Kafka in 1000 microservices - ScalaUA
10 Lessons Learned from using Kafka in 1000 microservices - ScalaUA
Natan Silnitsky
 
Puppet Camp Tokyo 2014: Keynote
Puppet Camp Tokyo 2014: KeynotePuppet Camp Tokyo 2014: Keynote
Puppet Camp Tokyo 2014: Keynote
Puppet
 
Juniper Network Automation for KrDAG
Juniper Network Automation for KrDAGJuniper Network Automation for KrDAG
Juniper Network Automation for KrDAG
KwonSun Bae
 
10 Lessons Learned from using Kafka with 1000 microservices - java global summit
10 Lessons Learned from using Kafka with 1000 microservices - java global summit10 Lessons Learned from using Kafka with 1000 microservices - java global summit
10 Lessons Learned from using Kafka with 1000 microservices - java global summit
Natan Silnitsky
 
Automation Suite PPT (2).pptx
Automation Suite PPT (2).pptxAutomation Suite PPT (2).pptx
Automation Suite PPT (2).pptx
RohitRadhakrishnan8
 
OSDN: Serverless technologies with Kubernetes
OSDN: Serverless technologies with Kubernetes OSDN: Serverless technologies with Kubernetes
OSDN: Serverless technologies with Kubernetes
Provectus
 
What is serveless?
What is serveless? What is serveless?
What is serveless?
Provectus
 
VMworld 2013: Deploying vSphere with OpenStack: What It Means to Your Cloud E...
VMworld 2013: Deploying vSphere with OpenStack: What It Means to Your Cloud E...VMworld 2013: Deploying vSphere with OpenStack: What It Means to Your Cloud E...
VMworld 2013: Deploying vSphere with OpenStack: What It Means to Your Cloud E...
VMworld
 
Tuning Apache Ambari performance for Big Data at scale with 3000 agents
Tuning Apache Ambari performance for Big Data at scale with 3000 agentsTuning Apache Ambari performance for Big Data at scale with 3000 agents
Tuning Apache Ambari performance for Big Data at scale with 3000 agents
DataWorks Summit
 
Tuning Apache Ambari Performance for Big Data at Scale with 3,000 Agents
Tuning Apache Ambari Performance for Big Data at Scale with 3,000 AgentsTuning Apache Ambari Performance for Big Data at Scale with 3,000 Agents
Tuning Apache Ambari Performance for Big Data at Scale with 3,000 Agents
Alejandro Fernandez
 
Final terraform
Final terraformFinal terraform
Final terraform
Gourav Varma
 
Monitoring and tuning your chef server - chef conf talk
Monitoring and tuning your chef server - chef conf talk Monitoring and tuning your chef server - chef conf talk
Monitoring and tuning your chef server - chef conf talk
Andrew DuFour
 
Taking devops to the Next Level - Max Martin
Taking devops to the Next Level - Max MartinTaking devops to the Next Level - Max Martin
Taking devops to the Next Level - Max MartinDevopsdays
 
Wireless Developing Wireless Monitoring and Control devices
Wireless Developing Wireless Monitoring and Control devicesWireless Developing Wireless Monitoring and Control devices
Wireless Developing Wireless Monitoring and Control devicesAidan Venn MSc
 
clara-rules
clara-rulesclara-rules
clara-rules
Ikuru Kanuma
 
Decoupling Decisions with Apache Kafka
Decoupling Decisions with Apache KafkaDecoupling Decisions with Apache Kafka
Decoupling Decisions with Apache Kafka
Grant Henke
 

Similar to Building a FaaS with pulsar (20)

Introducing Gridiron Security and Compliance Management Platform and Enclave ...
Introducing Gridiron Security and Compliance Management Platform and Enclave ...Introducing Gridiron Security and Compliance Management Platform and Enclave ...
Introducing Gridiron Security and Compliance Management Platform and Enclave ...
 
Extending Piwik At R7.com
Extending Piwik At R7.comExtending Piwik At R7.com
Extending Piwik At R7.com
 
Azure Functions @ global azure day 2017
Azure Functions @ global azure day 2017Azure Functions @ global azure day 2017
Azure Functions @ global azure day 2017
 
10 Lessons Learned from using Kafka in 1000 microservices - ScalaUA
10 Lessons Learned from using Kafka in 1000 microservices - ScalaUA10 Lessons Learned from using Kafka in 1000 microservices - ScalaUA
10 Lessons Learned from using Kafka in 1000 microservices - ScalaUA
 
Puppet Camp Tokyo 2014: Keynote
Puppet Camp Tokyo 2014: KeynotePuppet Camp Tokyo 2014: Keynote
Puppet Camp Tokyo 2014: Keynote
 
Juniper Network Automation for KrDAG
Juniper Network Automation for KrDAGJuniper Network Automation for KrDAG
Juniper Network Automation for KrDAG
 
10 Lessons Learned from using Kafka with 1000 microservices - java global summit
10 Lessons Learned from using Kafka with 1000 microservices - java global summit10 Lessons Learned from using Kafka with 1000 microservices - java global summit
10 Lessons Learned from using Kafka with 1000 microservices - java global summit
 
Automation Suite PPT (2).pptx
Automation Suite PPT (2).pptxAutomation Suite PPT (2).pptx
Automation Suite PPT (2).pptx
 
OSDN: Serverless technologies with Kubernetes
OSDN: Serverless technologies with Kubernetes OSDN: Serverless technologies with Kubernetes
OSDN: Serverless technologies with Kubernetes
 
What is serveless?
What is serveless? What is serveless?
What is serveless?
 
VMworld 2013: Deploying vSphere with OpenStack: What It Means to Your Cloud E...
VMworld 2013: Deploying vSphere with OpenStack: What It Means to Your Cloud E...VMworld 2013: Deploying vSphere with OpenStack: What It Means to Your Cloud E...
VMworld 2013: Deploying vSphere with OpenStack: What It Means to Your Cloud E...
 
Shareplex Presentation
Shareplex PresentationShareplex Presentation
Shareplex Presentation
 
Tuning Apache Ambari performance for Big Data at scale with 3000 agents
Tuning Apache Ambari performance for Big Data at scale with 3000 agentsTuning Apache Ambari performance for Big Data at scale with 3000 agents
Tuning Apache Ambari performance for Big Data at scale with 3000 agents
 
Tuning Apache Ambari Performance for Big Data at Scale with 3,000 Agents
Tuning Apache Ambari Performance for Big Data at Scale with 3,000 AgentsTuning Apache Ambari Performance for Big Data at Scale with 3,000 Agents
Tuning Apache Ambari Performance for Big Data at Scale with 3,000 Agents
 
Final terraform
Final terraformFinal terraform
Final terraform
 
Monitoring and tuning your chef server - chef conf talk
Monitoring and tuning your chef server - chef conf talk Monitoring and tuning your chef server - chef conf talk
Monitoring and tuning your chef server - chef conf talk
 
Taking devops to the Next Level - Max Martin
Taking devops to the Next Level - Max MartinTaking devops to the Next Level - Max Martin
Taking devops to the Next Level - Max Martin
 
Wireless Developing Wireless Monitoring and Control devices
Wireless Developing Wireless Monitoring and Control devicesWireless Developing Wireless Monitoring and Control devices
Wireless Developing Wireless Monitoring and Control devices
 
clara-rules
clara-rulesclara-rules
clara-rules
 
Decoupling Decisions with Apache Kafka
Decoupling Decisions with Apache KafkaDecoupling Decisions with Apache Kafka
Decoupling Decisions with Apache Kafka
 

More from StreamNative

Is Using KoP (Kafka-on-Pulsar) a Good Idea? - Pulsar Summit SF 2022
Is Using KoP (Kafka-on-Pulsar) a Good Idea? - Pulsar Summit SF 2022Is Using KoP (Kafka-on-Pulsar) a Good Idea? - Pulsar Summit SF 2022
Is Using KoP (Kafka-on-Pulsar) a Good Idea? - Pulsar Summit SF 2022
StreamNative
 
Building an Asynchronous Application Framework with Python and Pulsar - Pulsa...
Building an Asynchronous Application Framework with Python and Pulsar - Pulsa...Building an Asynchronous Application Framework with Python and Pulsar - Pulsa...
Building an Asynchronous Application Framework with Python and Pulsar - Pulsa...
StreamNative
 
Blue-green deploys with Pulsar & Envoy in an event-driven microservice ecosys...
Blue-green deploys with Pulsar & Envoy in an event-driven microservice ecosys...Blue-green deploys with Pulsar & Envoy in an event-driven microservice ecosys...
Blue-green deploys with Pulsar & Envoy in an event-driven microservice ecosys...
StreamNative
 
Distributed Database Design Decisions to Support High Performance Event Strea...
Distributed Database Design Decisions to Support High Performance Event Strea...Distributed Database Design Decisions to Support High Performance Event Strea...
Distributed Database Design Decisions to Support High Performance Event Strea...
StreamNative
 
Simplify Pulsar Functions Development with SQL - Pulsar Summit SF 2022
Simplify Pulsar Functions Development with SQL - Pulsar Summit SF 2022Simplify Pulsar Functions Development with SQL - Pulsar Summit SF 2022
Simplify Pulsar Functions Development with SQL - Pulsar Summit SF 2022
StreamNative
 
Towards a ZooKeeper-less Pulsar, etcd, etcd, etcd. - Pulsar Summit SF 2022
Towards a ZooKeeper-less Pulsar, etcd, etcd, etcd. - Pulsar Summit SF 2022Towards a ZooKeeper-less Pulsar, etcd, etcd, etcd. - Pulsar Summit SF 2022
Towards a ZooKeeper-less Pulsar, etcd, etcd, etcd. - Pulsar Summit SF 2022
StreamNative
 
Validating Apache Pulsar’s Behavior under Failure Conditions - Pulsar Summit ...
Validating Apache Pulsar’s Behavior under Failure Conditions - Pulsar Summit ...Validating Apache Pulsar’s Behavior under Failure Conditions - Pulsar Summit ...
Validating Apache Pulsar’s Behavior under Failure Conditions - Pulsar Summit ...
StreamNative
 
Cross the Streams! Creating Streaming Data Pipelines with Apache Flink + Apac...
Cross the Streams! Creating Streaming Data Pipelines with Apache Flink + Apac...Cross the Streams! Creating Streaming Data Pipelines with Apache Flink + Apac...
Cross the Streams! Creating Streaming Data Pipelines with Apache Flink + Apac...
StreamNative
 
Message Redelivery: An Unexpected Journey - Pulsar Summit SF 2022
Message Redelivery: An Unexpected Journey - Pulsar Summit SF 2022Message Redelivery: An Unexpected Journey - Pulsar Summit SF 2022
Message Redelivery: An Unexpected Journey - Pulsar Summit SF 2022
StreamNative
 
Unlocking the Power of Lakehouse Architectures with Apache Pulsar and Apache ...
Unlocking the Power of Lakehouse Architectures with Apache Pulsar and Apache ...Unlocking the Power of Lakehouse Architectures with Apache Pulsar and Apache ...
Unlocking the Power of Lakehouse Architectures with Apache Pulsar and Apache ...
StreamNative
 
Understanding Broker Load Balancing - Pulsar Summit SF 2022
Understanding Broker Load Balancing - Pulsar Summit SF 2022Understanding Broker Load Balancing - Pulsar Summit SF 2022
Understanding Broker Load Balancing - Pulsar Summit SF 2022
StreamNative
 
Building an Asynchronous Application Framework with Python and Pulsar - Pulsa...
Building an Asynchronous Application Framework with Python and Pulsar - Pulsa...Building an Asynchronous Application Framework with Python and Pulsar - Pulsa...
Building an Asynchronous Application Framework with Python and Pulsar - Pulsa...
StreamNative
 
Pulsar's Journey in Yahoo!: On-prem, Cloud and Hybrid - Pulsar Summit SF 2022
Pulsar's Journey in Yahoo!: On-prem, Cloud and Hybrid - Pulsar Summit SF 2022Pulsar's Journey in Yahoo!: On-prem, Cloud and Hybrid - Pulsar Summit SF 2022
Pulsar's Journey in Yahoo!: On-prem, Cloud and Hybrid - Pulsar Summit SF 2022
StreamNative
 
Event-Driven Applications Done Right - Pulsar Summit SF 2022
Event-Driven Applications Done Right - Pulsar Summit SF 2022Event-Driven Applications Done Right - Pulsar Summit SF 2022
Event-Driven Applications Done Right - Pulsar Summit SF 2022
StreamNative
 
Pulsar @ Scale. 200M RPM and 1K instances - Pulsar Summit SF 2022
Pulsar @ Scale. 200M RPM and 1K instances - Pulsar Summit SF 2022Pulsar @ Scale. 200M RPM and 1K instances - Pulsar Summit SF 2022
Pulsar @ Scale. 200M RPM and 1K instances - Pulsar Summit SF 2022
StreamNative
 
Data Democracy: Journey to User-Facing Analytics - Pulsar Summit SF 2022
Data Democracy: Journey to User-Facing Analytics - Pulsar Summit SF 2022Data Democracy: Journey to User-Facing Analytics - Pulsar Summit SF 2022
Data Democracy: Journey to User-Facing Analytics - Pulsar Summit SF 2022
StreamNative
 
Beam + Pulsar: Powerful Stream Processing at Scale - Pulsar Summit SF 2022
Beam + Pulsar: Powerful Stream Processing at Scale - Pulsar Summit SF 2022Beam + Pulsar: Powerful Stream Processing at Scale - Pulsar Summit SF 2022
Beam + Pulsar: Powerful Stream Processing at Scale - Pulsar Summit SF 2022
StreamNative
 
Welcome and Opening Remarks - Pulsar Summit SF 2022
Welcome and Opening Remarks - Pulsar Summit SF 2022Welcome and Opening Remarks - Pulsar Summit SF 2022
Welcome and Opening Remarks - Pulsar Summit SF 2022
StreamNative
 
Log System As Backbone – How We Built the World’s Most Advanced Vector Databa...
Log System As Backbone – How We Built the World’s Most Advanced Vector Databa...Log System As Backbone – How We Built the World’s Most Advanced Vector Databa...
Log System As Backbone – How We Built the World’s Most Advanced Vector Databa...
StreamNative
 
MoP(MQTT on Pulsar) - a Powerful Tool for Apache Pulsar in IoT - Pulsar Summi...
MoP(MQTT on Pulsar) - a Powerful Tool for Apache Pulsar in IoT - Pulsar Summi...MoP(MQTT on Pulsar) - a Powerful Tool for Apache Pulsar in IoT - Pulsar Summi...
MoP(MQTT on Pulsar) - a Powerful Tool for Apache Pulsar in IoT - Pulsar Summi...
StreamNative
 

More from StreamNative (20)

Is Using KoP (Kafka-on-Pulsar) a Good Idea? - Pulsar Summit SF 2022
Is Using KoP (Kafka-on-Pulsar) a Good Idea? - Pulsar Summit SF 2022Is Using KoP (Kafka-on-Pulsar) a Good Idea? - Pulsar Summit SF 2022
Is Using KoP (Kafka-on-Pulsar) a Good Idea? - Pulsar Summit SF 2022
 
Building an Asynchronous Application Framework with Python and Pulsar - Pulsa...
Building an Asynchronous Application Framework with Python and Pulsar - Pulsa...Building an Asynchronous Application Framework with Python and Pulsar - Pulsa...
Building an Asynchronous Application Framework with Python and Pulsar - Pulsa...
 
Blue-green deploys with Pulsar & Envoy in an event-driven microservice ecosys...
Blue-green deploys with Pulsar & Envoy in an event-driven microservice ecosys...Blue-green deploys with Pulsar & Envoy in an event-driven microservice ecosys...
Blue-green deploys with Pulsar & Envoy in an event-driven microservice ecosys...
 
Distributed Database Design Decisions to Support High Performance Event Strea...
Distributed Database Design Decisions to Support High Performance Event Strea...Distributed Database Design Decisions to Support High Performance Event Strea...
Distributed Database Design Decisions to Support High Performance Event Strea...
 
Simplify Pulsar Functions Development with SQL - Pulsar Summit SF 2022
Simplify Pulsar Functions Development with SQL - Pulsar Summit SF 2022Simplify Pulsar Functions Development with SQL - Pulsar Summit SF 2022
Simplify Pulsar Functions Development with SQL - Pulsar Summit SF 2022
 
Towards a ZooKeeper-less Pulsar, etcd, etcd, etcd. - Pulsar Summit SF 2022
Towards a ZooKeeper-less Pulsar, etcd, etcd, etcd. - Pulsar Summit SF 2022Towards a ZooKeeper-less Pulsar, etcd, etcd, etcd. - Pulsar Summit SF 2022
Towards a ZooKeeper-less Pulsar, etcd, etcd, etcd. - Pulsar Summit SF 2022
 
Validating Apache Pulsar’s Behavior under Failure Conditions - Pulsar Summit ...
Validating Apache Pulsar’s Behavior under Failure Conditions - Pulsar Summit ...Validating Apache Pulsar’s Behavior under Failure Conditions - Pulsar Summit ...
Validating Apache Pulsar’s Behavior under Failure Conditions - Pulsar Summit ...
 
Cross the Streams! Creating Streaming Data Pipelines with Apache Flink + Apac...
Cross the Streams! Creating Streaming Data Pipelines with Apache Flink + Apac...Cross the Streams! Creating Streaming Data Pipelines with Apache Flink + Apac...
Cross the Streams! Creating Streaming Data Pipelines with Apache Flink + Apac...
 
Message Redelivery: An Unexpected Journey - Pulsar Summit SF 2022
Message Redelivery: An Unexpected Journey - Pulsar Summit SF 2022Message Redelivery: An Unexpected Journey - Pulsar Summit SF 2022
Message Redelivery: An Unexpected Journey - Pulsar Summit SF 2022
 
Unlocking the Power of Lakehouse Architectures with Apache Pulsar and Apache ...
Unlocking the Power of Lakehouse Architectures with Apache Pulsar and Apache ...Unlocking the Power of Lakehouse Architectures with Apache Pulsar and Apache ...
Unlocking the Power of Lakehouse Architectures with Apache Pulsar and Apache ...
 
Understanding Broker Load Balancing - Pulsar Summit SF 2022
Understanding Broker Load Balancing - Pulsar Summit SF 2022Understanding Broker Load Balancing - Pulsar Summit SF 2022
Understanding Broker Load Balancing - Pulsar Summit SF 2022
 
Building an Asynchronous Application Framework with Python and Pulsar - Pulsa...
Building an Asynchronous Application Framework with Python and Pulsar - Pulsa...Building an Asynchronous Application Framework with Python and Pulsar - Pulsa...
Building an Asynchronous Application Framework with Python and Pulsar - Pulsa...
 
Pulsar's Journey in Yahoo!: On-prem, Cloud and Hybrid - Pulsar Summit SF 2022
Pulsar's Journey in Yahoo!: On-prem, Cloud and Hybrid - Pulsar Summit SF 2022Pulsar's Journey in Yahoo!: On-prem, Cloud and Hybrid - Pulsar Summit SF 2022
Pulsar's Journey in Yahoo!: On-prem, Cloud and Hybrid - Pulsar Summit SF 2022
 
Event-Driven Applications Done Right - Pulsar Summit SF 2022
Event-Driven Applications Done Right - Pulsar Summit SF 2022Event-Driven Applications Done Right - Pulsar Summit SF 2022
Event-Driven Applications Done Right - Pulsar Summit SF 2022
 
Pulsar @ Scale. 200M RPM and 1K instances - Pulsar Summit SF 2022
Pulsar @ Scale. 200M RPM and 1K instances - Pulsar Summit SF 2022Pulsar @ Scale. 200M RPM and 1K instances - Pulsar Summit SF 2022
Pulsar @ Scale. 200M RPM and 1K instances - Pulsar Summit SF 2022
 
Data Democracy: Journey to User-Facing Analytics - Pulsar Summit SF 2022
Data Democracy: Journey to User-Facing Analytics - Pulsar Summit SF 2022Data Democracy: Journey to User-Facing Analytics - Pulsar Summit SF 2022
Data Democracy: Journey to User-Facing Analytics - Pulsar Summit SF 2022
 
Beam + Pulsar: Powerful Stream Processing at Scale - Pulsar Summit SF 2022
Beam + Pulsar: Powerful Stream Processing at Scale - Pulsar Summit SF 2022Beam + Pulsar: Powerful Stream Processing at Scale - Pulsar Summit SF 2022
Beam + Pulsar: Powerful Stream Processing at Scale - Pulsar Summit SF 2022
 
Welcome and Opening Remarks - Pulsar Summit SF 2022
Welcome and Opening Remarks - Pulsar Summit SF 2022Welcome and Opening Remarks - Pulsar Summit SF 2022
Welcome and Opening Remarks - Pulsar Summit SF 2022
 
Log System As Backbone – How We Built the World’s Most Advanced Vector Databa...
Log System As Backbone – How We Built the World’s Most Advanced Vector Databa...Log System As Backbone – How We Built the World’s Most Advanced Vector Databa...
Log System As Backbone – How We Built the World’s Most Advanced Vector Databa...
 
MoP(MQTT on Pulsar) - a Powerful Tool for Apache Pulsar in IoT - Pulsar Summi...
MoP(MQTT on Pulsar) - a Powerful Tool for Apache Pulsar in IoT - Pulsar Summi...MoP(MQTT on Pulsar) - a Powerful Tool for Apache Pulsar in IoT - Pulsar Summi...
MoP(MQTT on Pulsar) - a Powerful Tool for Apache Pulsar in IoT - Pulsar Summi...
 

Recently uploaded

History+of+E-commerce+Development+in+China-www.cfye-commerce.shop
History+of+E-commerce+Development+in+China-www.cfye-commerce.shopHistory+of+E-commerce+Development+in+China-www.cfye-commerce.shop
History+of+E-commerce+Development+in+China-www.cfye-commerce.shop
laozhuseo02
 
原版仿制(uob毕业证书)英国伯明翰大学毕业证本科学历证书原版一模一样
原版仿制(uob毕业证书)英国伯明翰大学毕业证本科学历证书原版一模一样原版仿制(uob毕业证书)英国伯明翰大学毕业证本科学历证书原版一模一样
原版仿制(uob毕业证书)英国伯明翰大学毕业证本科学历证书原版一模一样
3ipehhoa
 
1.Wireless Communication System_Wireless communication is a broad term that i...
1.Wireless Communication System_Wireless communication is a broad term that i...1.Wireless Communication System_Wireless communication is a broad term that i...
1.Wireless Communication System_Wireless communication is a broad term that i...
JeyaPerumal1
 
Latest trends in computer networking.pptx
Latest trends in computer networking.pptxLatest trends in computer networking.pptx
Latest trends in computer networking.pptx
JungkooksNonexistent
 
JAVIER LASA-EXPERIENCIA digital 1986-2024.pdf
JAVIER LASA-EXPERIENCIA digital 1986-2024.pdfJAVIER LASA-EXPERIENCIA digital 1986-2024.pdf
JAVIER LASA-EXPERIENCIA digital 1986-2024.pdf
Javier Lasa
 
一比一原版(LBS毕业证)伦敦商学院毕业证成绩单专业办理
一比一原版(LBS毕业证)伦敦商学院毕业证成绩单专业办理一比一原版(LBS毕业证)伦敦商学院毕业证成绩单专业办理
一比一原版(LBS毕业证)伦敦商学院毕业证成绩单专业办理
eutxy
 
一比一原版(CSU毕业证)加利福尼亚州立大学毕业证成绩单专业办理
一比一原版(CSU毕业证)加利福尼亚州立大学毕业证成绩单专业办理一比一原版(CSU毕业证)加利福尼亚州立大学毕业证成绩单专业办理
一比一原版(CSU毕业证)加利福尼亚州立大学毕业证成绩单专业办理
ufdana
 
How to Use Contact Form 7 Like a Pro.pptx
How to Use Contact Form 7 Like a Pro.pptxHow to Use Contact Form 7 Like a Pro.pptx
How to Use Contact Form 7 Like a Pro.pptx
Gal Baras
 
This 7-second Brain Wave Ritual Attracts Money To You.!
This 7-second Brain Wave Ritual Attracts Money To You.!This 7-second Brain Wave Ritual Attracts Money To You.!
This 7-second Brain Wave Ritual Attracts Money To You.!
nirahealhty
 
Multi-cluster Kubernetes Networking- Patterns, Projects and Guidelines
Multi-cluster Kubernetes Networking- Patterns, Projects and GuidelinesMulti-cluster Kubernetes Networking- Patterns, Projects and Guidelines
Multi-cluster Kubernetes Networking- Patterns, Projects and Guidelines
Sanjeev Rampal
 
APNIC Foundation, presented by Ellisha Heppner at the PNG DNS Forum 2024
APNIC Foundation, presented by Ellisha Heppner at the PNG DNS Forum 2024APNIC Foundation, presented by Ellisha Heppner at the PNG DNS Forum 2024
APNIC Foundation, presented by Ellisha Heppner at the PNG DNS Forum 2024
APNIC
 
Comptia N+ Standard Networking lesson guide
Comptia N+ Standard Networking lesson guideComptia N+ Standard Networking lesson guide
Comptia N+ Standard Networking lesson guide
GTProductions1
 
test test test test testtest test testtest test testtest test testtest test ...
test test test test testtest test testtest test testtest test testtest test ...test test test test testtest test testtest test testtest test testtest test ...
test test test test testtest test testtest test testtest test testtest test ...
Arif0071
 
Bridging the Digital Gap Brad Spiegel Macon, GA Initiative.pptx
Bridging the Digital Gap Brad Spiegel Macon, GA Initiative.pptxBridging the Digital Gap Brad Spiegel Macon, GA Initiative.pptx
Bridging the Digital Gap Brad Spiegel Macon, GA Initiative.pptx
Brad Spiegel Macon GA
 
guildmasters guide to ravnica Dungeons & Dragons 5...
guildmasters guide to ravnica Dungeons & Dragons 5...guildmasters guide to ravnica Dungeons & Dragons 5...
guildmasters guide to ravnica Dungeons & Dragons 5...
Rogerio Filho
 
1比1复刻(bath毕业证书)英国巴斯大学毕业证学位证原版一模一样
1比1复刻(bath毕业证书)英国巴斯大学毕业证学位证原版一模一样1比1复刻(bath毕业证书)英国巴斯大学毕业证学位证原版一模一样
1比1复刻(bath毕业证书)英国巴斯大学毕业证学位证原版一模一样
3ipehhoa
 
The+Prospects+of+E-Commerce+in+China.pptx
The+Prospects+of+E-Commerce+in+China.pptxThe+Prospects+of+E-Commerce+in+China.pptx
The+Prospects+of+E-Commerce+in+China.pptx
laozhuseo02
 
一比一原版(SLU毕业证)圣路易斯大学毕业证成绩单专业办理
一比一原版(SLU毕业证)圣路易斯大学毕业证成绩单专业办理一比一原版(SLU毕业证)圣路易斯大学毕业证成绩单专业办理
一比一原版(SLU毕业证)圣路易斯大学毕业证成绩单专业办理
keoku
 
急速办(bedfordhire毕业证书)英国贝德福特大学毕业证成绩单原版一模一样
急速办(bedfordhire毕业证书)英国贝德福特大学毕业证成绩单原版一模一样急速办(bedfordhire毕业证书)英国贝德福特大学毕业证成绩单原版一模一样
急速办(bedfordhire毕业证书)英国贝德福特大学毕业证成绩单原版一模一样
3ipehhoa
 
BASIC C++ lecture NOTE C++ lecture 3.pptx
BASIC C++ lecture NOTE C++ lecture 3.pptxBASIC C++ lecture NOTE C++ lecture 3.pptx
BASIC C++ lecture NOTE C++ lecture 3.pptx
natyesu
 

Recently uploaded (20)

History+of+E-commerce+Development+in+China-www.cfye-commerce.shop
History+of+E-commerce+Development+in+China-www.cfye-commerce.shopHistory+of+E-commerce+Development+in+China-www.cfye-commerce.shop
History+of+E-commerce+Development+in+China-www.cfye-commerce.shop
 
原版仿制(uob毕业证书)英国伯明翰大学毕业证本科学历证书原版一模一样
原版仿制(uob毕业证书)英国伯明翰大学毕业证本科学历证书原版一模一样原版仿制(uob毕业证书)英国伯明翰大学毕业证本科学历证书原版一模一样
原版仿制(uob毕业证书)英国伯明翰大学毕业证本科学历证书原版一模一样
 
1.Wireless Communication System_Wireless communication is a broad term that i...
1.Wireless Communication System_Wireless communication is a broad term that i...1.Wireless Communication System_Wireless communication is a broad term that i...
1.Wireless Communication System_Wireless communication is a broad term that i...
 
Latest trends in computer networking.pptx
Latest trends in computer networking.pptxLatest trends in computer networking.pptx
Latest trends in computer networking.pptx
 
JAVIER LASA-EXPERIENCIA digital 1986-2024.pdf
JAVIER LASA-EXPERIENCIA digital 1986-2024.pdfJAVIER LASA-EXPERIENCIA digital 1986-2024.pdf
JAVIER LASA-EXPERIENCIA digital 1986-2024.pdf
 
一比一原版(LBS毕业证)伦敦商学院毕业证成绩单专业办理
一比一原版(LBS毕业证)伦敦商学院毕业证成绩单专业办理一比一原版(LBS毕业证)伦敦商学院毕业证成绩单专业办理
一比一原版(LBS毕业证)伦敦商学院毕业证成绩单专业办理
 
一比一原版(CSU毕业证)加利福尼亚州立大学毕业证成绩单专业办理
一比一原版(CSU毕业证)加利福尼亚州立大学毕业证成绩单专业办理一比一原版(CSU毕业证)加利福尼亚州立大学毕业证成绩单专业办理
一比一原版(CSU毕业证)加利福尼亚州立大学毕业证成绩单专业办理
 
How to Use Contact Form 7 Like a Pro.pptx
How to Use Contact Form 7 Like a Pro.pptxHow to Use Contact Form 7 Like a Pro.pptx
How to Use Contact Form 7 Like a Pro.pptx
 
This 7-second Brain Wave Ritual Attracts Money To You.!
This 7-second Brain Wave Ritual Attracts Money To You.!This 7-second Brain Wave Ritual Attracts Money To You.!
This 7-second Brain Wave Ritual Attracts Money To You.!
 
Multi-cluster Kubernetes Networking- Patterns, Projects and Guidelines
Multi-cluster Kubernetes Networking- Patterns, Projects and GuidelinesMulti-cluster Kubernetes Networking- Patterns, Projects and Guidelines
Multi-cluster Kubernetes Networking- Patterns, Projects and Guidelines
 
APNIC Foundation, presented by Ellisha Heppner at the PNG DNS Forum 2024
APNIC Foundation, presented by Ellisha Heppner at the PNG DNS Forum 2024APNIC Foundation, presented by Ellisha Heppner at the PNG DNS Forum 2024
APNIC Foundation, presented by Ellisha Heppner at the PNG DNS Forum 2024
 
Comptia N+ Standard Networking lesson guide
Comptia N+ Standard Networking lesson guideComptia N+ Standard Networking lesson guide
Comptia N+ Standard Networking lesson guide
 
test test test test testtest test testtest test testtest test testtest test ...
test test test test testtest test testtest test testtest test testtest test ...test test test test testtest test testtest test testtest test testtest test ...
test test test test testtest test testtest test testtest test testtest test ...
 
Bridging the Digital Gap Brad Spiegel Macon, GA Initiative.pptx
Bridging the Digital Gap Brad Spiegel Macon, GA Initiative.pptxBridging the Digital Gap Brad Spiegel Macon, GA Initiative.pptx
Bridging the Digital Gap Brad Spiegel Macon, GA Initiative.pptx
 
guildmasters guide to ravnica Dungeons & Dragons 5...
guildmasters guide to ravnica Dungeons & Dragons 5...guildmasters guide to ravnica Dungeons & Dragons 5...
guildmasters guide to ravnica Dungeons & Dragons 5...
 
1比1复刻(bath毕业证书)英国巴斯大学毕业证学位证原版一模一样
1比1复刻(bath毕业证书)英国巴斯大学毕业证学位证原版一模一样1比1复刻(bath毕业证书)英国巴斯大学毕业证学位证原版一模一样
1比1复刻(bath毕业证书)英国巴斯大学毕业证学位证原版一模一样
 
The+Prospects+of+E-Commerce+in+China.pptx
The+Prospects+of+E-Commerce+in+China.pptxThe+Prospects+of+E-Commerce+in+China.pptx
The+Prospects+of+E-Commerce+in+China.pptx
 
一比一原版(SLU毕业证)圣路易斯大学毕业证成绩单专业办理
一比一原版(SLU毕业证)圣路易斯大学毕业证成绩单专业办理一比一原版(SLU毕业证)圣路易斯大学毕业证成绩单专业办理
一比一原版(SLU毕业证)圣路易斯大学毕业证成绩单专业办理
 
急速办(bedfordhire毕业证书)英国贝德福特大学毕业证成绩单原版一模一样
急速办(bedfordhire毕业证书)英国贝德福特大学毕业证成绩单原版一模一样急速办(bedfordhire毕业证书)英国贝德福特大学毕业证成绩单原版一模一样
急速办(bedfordhire毕业证书)英国贝德福特大学毕业证成绩单原版一模一样
 
BASIC C++ lecture NOTE C++ lecture 3.pptx
BASIC C++ lecture NOTE C++ lecture 3.pptxBASIC C++ lecture NOTE C++ lecture 3.pptx
BASIC C++ lecture NOTE C++ lecture 3.pptx
 

Building a FaaS with pulsar

  • 1. Building a Function as a Service with Pulsar
  • 2. Alexandre DUVAL @kannarfr IT Engineer @CleverCloud Logs systems Automatic Add-ons migration systems Stuff around Biscuit Pulsar Add-on (alpha through support) PaaS On-Call human (not today :D)
  • 3. Geoffroy COUPRIE @gcouprie Security Engineer @CleverCloud Sozu HTTP reverse proxy Function as a Service Biscuit authorization tokens Working on the Pulsar Rust client 1.0
  • 4. Function as a Service
  • 5. Function as a Service? - Run code on demand 1@gcouprie
  • 6. Function as a Service? - Run code on demand - Without caring about keeping infrastructure up 1@gcouprie
  • 7. Function as a Service? - Run code on demand - Without caring about keeping infrastructure up - Or scaling 1@gcouprie
  • 8. Function as a Service? - Run code on demand - Without caring about keeping infrastructure up - Or scaling - Billed on consumption 1@gcouprie
  • 9. FaaS by Clever Cloud - Build your functions in a language that can generate Web Assembly 2@gcouprie
  • 10. FaaS by Clever Cloud - Build your functions in a language that can generate Web Assembly - That will be compiled to machine code 2@gcouprie
  • 11. FaaS by Clever Cloud - Build your functions in a language that can generate Web Assembly - That will be compiled to machine code - Loaded and executed in ephemeral virtual machines without operating systems 2@gcouprie
  • 12. FaaS by Clever Cloud - Build your functions in a language that can generate Web Assembly - That will be compiled to machine code - Loaded and executed in ephemeral virtual machines without operating systems - That boot on the fly for each request or message on a topic 2@gcouprie
  • 13. Web Assembly - Good compilation target (supported by various languages) 3@gcouprie
  • 14. Web Assembly - Good compilation target (supported by various languages) - Designed for sandboxing 3@gcouprie
  • 15. Web Assembly - Good compilation target (supported by various languages) - Designed for sandboxing - Not limited to browsers! 3@gcouprie
  • 16. One Virtual Machine per request - Virtual machines are cheap: 1 to 10MB RAM 4@gcouprie
  • 17. One Virtual Machine per request - Virtual machines are cheap: 1 to 10MB RAM - Fast: boot in 1ms 4@gcouprie
  • 18. One Virtual Machine per request - Virtual machines are cheap: 1 to 10MB RAM - Fast: boot in 1ms - Great isolation: very limited host API, no hardware emulation 4@gcouprie
  • 19. Infrastructure based on Pulsar - Compilation service gets compilation requests from a topic 5@gcouprie
  • 20. Infrastructure based on Pulsar - Compilation service gets compilation requests from a topic - FaaS host gets configuration information (new apps, new code) from a topic 5@gcouprie
  • 21. Infrastructure based on Pulsar - Compilation service gets compilation requests from a topic - FaaS host gets configuration information (new apps, new code) from a topic - Metrics and logs are sent via another topic 5@gcouprie
  • 23. Building Pulsar Functions - No need to start one process per function 6@gcouprie
  • 24. Building Pulsar Functions - No need to start one process per function - The Faas host has 1000s of consumers 6@gcouprie
  • 25. Building Pulsar Functions - No need to start one process per function - The FaaS host has 1000s of consumers - Starts a function when a message arrives on a topic 6@gcouprie
  • 26. Multi-Tenancy Challenges - Functions can subscribe to topics from various clients 7@gcouprie
  • 27. Multi-Tenancy Challenges - Functions can subscribe to topics from various clients - But there’s only one authentication context per connection 7@gcouprie
  • 28. Multi-Tenancy Challenges - Functions can subscribe to topics from various clients - But there’s only one authentication context per connection - Should we have one TCP connection per consumer? 7@gcouprie
  • 30. Biscuit New authentication & authorization token Specifications github.com/CleverCloud/biscuit Java Library mvnrepository.com/artifact/com.clever-cloud/biscuit-java Rust Crate crates.io/crates/biscuit-auth 8@kannarfr
  • 31. Biscuit New authentication & authorization token Powerful authorization rules Based on a Datalog variant facts, rules, caveats 8@kannarfr
  • 32. Biscuit New authentication & authorization token Powerful authorization rules Decentralized Verification & attenuation are decentralized 8@kannarfr
  • 33. Biscuit New authentication & authorization token Powerful authorization rules Decentralized Biscuit-Pulsar plugins! Biscuit-Pulsar authorization plugin github.com/CleverCloud/biscuit-pulsar 8@kannarfr
  • 35. - Start from a token with full access to a namespace Attenuation 9@kannarfr
  • 36. - Start from a token with full access to a namespace - A team needs Pulsar access: reduce access to lookup/produce/consume on a topic name prefix Attenuation 9@kannarfr
  • 37. - Start from a token with full access to a namespace - A team needs Pulsar access: reduce access to lookup/produce/consume on a topic name prefix - Application specific token: reduce team token to subscribe only, on a fixed topic, with a fixed subscription name Attenuation 9@kannarfr
  • 39. - A function comes with its Biscuit token Authorizing Pulsar Function 10@gcouprie
  • 40. - A function comes with its Biscuit token - The FaaS host can authorize the token with the same rules as the Biscuit-Pulsar plugin Authorizing Pulsar Function 10@gcouprie
  • 41. Authorizing Pulsar Function - A function comes with its Biscuit token - The FaaS host can authorize the token with the same rules as the Biscuit-Pulsar plugin - The FaaS host subscribes and produces with only one authentication token, on a reduced number of connections 10@gcouprie
  • 43. Biscuit Pulsar Requirements Boolean allowNamespacePolicyOperation(NamespaceName namespaceName, PolicyName policy, PolicyOperation operation, String originalRole, String role, AuthenticationDataSource authData) {} Issue #5720: fixed. Put granularity in Pulsar’s AuthorizationService 11@kannarfr
  • 44. Pulsar Needs: wishlist - PIP-51: tenant policy support (and topics) 12@kannarfr
  • 45. - PIP-51: tenant policy support (and topics) - Pulsar Proxy for protocols handlers Pulsar Needs: wishlist 12@kannarfr
  • 46. - PIP-51: tenant policy support (and topics) - Pulsar Proxy for protocols handlers - Topic compaction on the fly Pulsar Needs: wishlist 12@kannarfr
  • 47. - PIP-51: tenant policy support (and topics) - Pulsar Proxy for protocols handlers - Topic compaction on the fly - Pattern implementation as Exchanges, FanOuts, … at broker level Pulsar Needs: wishlist 12@kannarfr
  • 48. - PIP-51: tenant policy support (and topics) - Pulsar Proxy for protocols handlers - Topic compaction on the fly - Pattern implementation as Exchanges, FanOuts, … at broker level - Metrics: enable pulsar to send its metrics itself to as timeseries Pulsar Needs: wishlist 12@kannarfr
  • 50. Annex 1: Biscuit Example Applied to Pulsar
  • 51. authority: Block[0] { symbols: [admin] context: facts: [ revocation_id("af136428-b9c3-4360-8535-3a147ce80d99"), // good practice right(#authority, #admin) ] rules: [] caveats: [] } Authority (block 0) Facts are basically data used by verifier.
  • 52. blocks: [ Block[1] { symbols: [limited_right, topic_operation] context: facts: [] rules: [] caveats: [ *limited_right("tenantTest", "namespaceTest", $2, $3) <- topic_operation(#ambient, "tenantTest", "namespaceTest", $2, $3) ] } ] Attenuated (block 1) $2 is a slot for topic name, $3 for consume, producer & lookup
  • 53. blocks: [ Block[1] { symbols: [limited_right, topic_operation, namespace_operation] context: facts: [] rules: [] caveats: [ *limited_right("tenantTest", "namespaceTest", $2, $3) <- topic_operation(#ambient, "tenantTest", "namespaceTest", $2, $3) || (OR) *limited_right("tenantTest", "namespaceTest", $2) <- namespace_operation(#ambient, "tenantTest", "namespaceTest", $2) ] } ] Attenuated (block 1) Here $2 is a slot for namespace operation (#offload_write)
  • 54. Verifier built from Biscuit token facts: [ revocation_id("af136428-b9c3-4360-8535-3a147ce80d99"), right(#authority, #admin) ], rules: [], caveats: [ *limited_right("tenantTest", "namespaceTest", $2) <- namespace_operation(#ambient, "tenantTest", "namespaceTest", $2) // || topic_operation query which is unused here is the final example. ] Verifier facts, rules, caveats are computed from biscuit token.
  • 55. Verifier add contextual facts facts: [ revocation_id("af136428-b9c3-4360-8535-3a147ce80d99"), right(#authority, #admin), namespace(#ambient, "tenantTest", "namespaceTest") namespace_operation(#ambient, "tenantTest", "namespaceTest", #offload_write) ], rules: [], caveats: [ *limited_right("tenantTest", "namespaceTest", $2) <- namespace_operation(#ambient, "tenantTest", "namespaceTest", $2) // || topic_operation query which is unused here is the final example. ] Then authorization check adds its context.
  • 56. Verifier add rules & caveats facts: [ revocation_id("af136428-b9c3-4360-8535-3a147ce80d99"), right(#authority, #admin), namespace(#ambient, "tenantTest", "namespaceTest"), namespace_operation(#ambient, "tenantTest", "namespaceTest", #offload_write) ], rules: [ *right(#authority, $0, $1, $2) <- right(#authority, #admin), namespace_operation(#ambient, $0, $1, $2) @ $2 in [offload_write, ...] ], caveats: [ *limited_right("tenantTest", "namespaceTest", $2) <- namespace_operation(#ambient, "tenantTest", "namespaceTest", $2), // || topic_operation query which is unused here is the final example. *authorized() <- (#authority, $0, $1, $2), namespace_operation(#ambient, $0, $1, $2) @ $2 in [offload_write, ...] ]
  • 57. Verify life cycle - Add biscuit token facts & verifier’s facts (ambient ones) - Add rules from biscuit and verifier - Generate all the facts - Ensure that token and verifier’s caveats pass and authorize