faasd - Serverless for everyone else

faasd is built for everyone else, for those who have no desire to manage expensive infrastructure.

faasd is OpenFaaS reimagined, but without the cost and complexity of Kubernetes. It runs on a single host with very modest requirements, making it fast and easy to manage. Under the hood it uses containerd and Container Networking Interface (CNI) along with the same core OpenFaaS components from the main project.

When should you use faasd over OpenFaaS on Kubernetes?

You have a cost sensitive project - run faasd on a 5-10 USD VPS or on your Raspberry Pi
When you just need a few functions or microservices, without the cost of a cluster
When you don't have the bandwidth to learn or manage Kubernetes
To deploy embedded apps in IoT and edge use-cases
To shrink-wrap applications for use with a customer or client

faasd does not create the same maintenance burden you'll find with maintaining, upgrading, and securing a Kubernetes cluster. You can deploy it and walk away, in the worst case, just deploy a new VM and deploy your functions again.

About faasd

is a single Golang binary
uses the same core components and ecosystem of OpenFaaS
is multi-arch, so works on Intel x86_64 and ARM out the box
can be set-up and left alone to run your applications

Demo of faasd running in KVM

Tutorials

Get started on DigitalOcean, or any other IaaS

If your IaaS supports user_data aka "cloud-init", then this guide is for you. If not, then checkout the approach and feel free to run each step manually.

Build a Serverless appliance with faasd

Run locally on MacOS, Linux, or Windows with multipass

Get up and running with your own faasd installation on your Mac/Ubuntu or Windows with cloud-config

Get started on armhf / Raspberry Pi

You can run this tutorial on your Raspberry Pi, or adapt the steps for a regular Linux VM/VPS host.

faasd - lightweight Serverless for your Raspberry Pi

Terraform for DigitalOcean

Automate everything within < 60 seconds and get a public URL and IP address back. Customise as required, or adapt to your preferred cloud such as AWS EC2.

Operational concerns

A note on private repos / registries

To use private image repos, ~/.docker/config.json needs to be copied to /var/lib/faasd/.docker/config.json.

If you'd like to set up your own private registry, see this tutorial.

Beware that running docker login on MacOS and Windows may create an empty file with your credentials stored in the system helper.

Alternatively, use you can use the registry-login command from the OpenFaaS Cloud bootstrap tool (ofc-bootstrap):

curl -sLSf https://raw.githubusercontent.com/openfaas-incubator/ofc-bootstrap/master/get.sh | sudo sh

ofc-bootstrap registry-login --username <your-registry-username> --password-stdin
# (the enter your password and hit return)

The file will be created in ./credentials/

Note for the GitHub container registry, you should use ghcr.io Container Registry and not the previous generation of "Docker Package Registry". See notes on migrating

Logs for functions

You can view the logs of functions using journalctl:

journalctl -t openfaas-fn:FUNCTION_NAME


faas-cli store deploy figlet
journalctl -t openfaas-fn:figlet -f &
echo logs | faas-cli invoke figlet

Logs for the core services

Core services as defined in the docker-compose.yaml file are deployed as containers by faasd.

View the logs for a component by giving its NAME:

journalctl -t default:NAME

journalctl -t default:gateway

journalctl -t default:queue-worker

You can also use -f to follow the logs, or --lines to tail a number of lines, or --since to give a timeframe.

Exposing core services

The OpenFaaS stack is made up of several core services including NATS and Prometheus. You can expose these through the docker-compose.yaml file located at /var/lib/faasd.

Expose the gateway to all adapters:

  gateway:
    ports:
       - "8080:8080"

Expose Prometheus only to 127.0.0.1:

  prometheus:
    ports:
       - "127.0.0.1:9090:9090"

Upgrading faasd

To upgrade faasd either re-create your VM using Terraform, or simply replace the faasd binary with a newer one.

systemctl stop faasd-provider
systemctl stop faasd

# Replace /usr/local/bin/faasd with the desired release

# Replace /var/lib/faasd/docker-compose.yaml with the matching version for
# that release.
# Remember to keep any custom patches you make such as exposing additional 
# ports, or updating timeout values

systemctl start faasd
systemctl start faasd-provider

You could also perform this task over SSH, or use a configuration management tool.

Note: if you are using Caddy or Let's Encrypt for free SSL certificates, that you may hit rate-limits for generating new certificates if you do this too often within a given week.

Memory limits for functions

Memory limits for functions are supported. When the limit is exceeded the function will be killed.

Example:

functions:
  figlet:
    skip_build: true
    image: functions/figlet:latest
    limits:
      memory: 20Mi

What does faasd deploy?

faasd - itself, and its faas-provider for containerd - CRUD for functions and services, implements the OpenFaaS REST API
Prometheus - for monitoring of services, metrics, scaling and dashboards
OpenFaaS Gateway - the UI portal, CLI, and other OpenFaaS tooling can talk to this.
OpenFaaS queue-worker for NATS - run your invocations in the background without adding any code. See also: asynchronous invocations
NATS for asynchronous processing and queues

You'll also need:

You can use the standard faas-cli along with pre-packaged functions from the Function Store, or build your own using any OpenFaaS template.

Manual / developer instructions

See here for manual / developer instructions

Getting help

Docs

The OpenFaaS docs provide a wealth of information and are kept up to date with new features.

Function and template store

For community functions see faas-cli store --help

For templates built by the community see: faas-cli template store list, you can also use the dockerfile template if you just want to migrate an existing service without the benefits of using a template.

Training and courses

LinuxFoundation training course

The founder of faasd and OpenFaaS has written a training course for the LinuxFoundation which also covers how to use OpenFaaS on Kubernetes. Much of the same concepts can be applied to faasd, and the course is free:

Introduction to Serverless on Kubernetes

Community workshop

The OpenFaaS workshop is a set of 12 self-paced labs and provides a great starting point for learning the features of openfaas. Not all features will be available or usable with faasd.

Community support

An active community of almost 3000 users awaits you on Slack. Over 250 of those users are also contributors and help maintain the code.

Join Slack

Roadmap

Supported operations

faas login
faas up
faas list
faas describe
faas deploy --update=true --replace=false
faas invoke --async
faas invoke
faas rm
faas store list/deploy/inspect
faas version
faas namespace
faas secret
faas logs

Scale from and to zero is also supported. On a Dell XPS with a small, pre-pulled image unpausing an existing task took 0.19s and starting a task for a killed function took 0.39s. There may be further optimizations to be gained.

Other operations are pending development in the provider such as:

faas auth - supported for Basic Authentication, but OAuth2 & OIDC require a patch

Backlog

Store and retrieve annotations in function spec - in progress
Offer live rolling-updates, with zero downtime - requires moving to IDs vs. names for function containers
An installer for faasd and dependencies - runc, containerd
Monitor and restart any of the core components at runtime if the container stops
Provide ufw rules / example for blocking access to everything but a reverse proxy to the gateway container
Provide simple Caddyfile example in the README showing how to expose the faasd proxy on port 80/443 with TLS

Known-issues

containerd can't pull image from Github Docker Package Registry

Completed

WIP:

Annotation support (PR ready)
Hard memory limits for functions (PR ready)

klpanagi/faasd