Azure Functions team is live again! This episode is presented by Jeff Hollan, Program Manager – Azure Functions team, Eduardo Laureano, Program Manager – Azure Functions team and Katy Shimizu, Developer at Azure Functions Team
The session started in a celebratory mood for the upcoming Christmas and the New Year season.
Jeff & Eduardo revisited the announcements made in the recent Microsoft Connect().
- Azure Functions Support to Python in Preview – Read more
- Key Vault Integration: Security considerations for Azure Functions has been a hot topic always. Key Vault has always been very high on the request list. The intention to use key vaults is to keep and manage the key secrets from one place and access them from Azure Functions.
- Key Vault References Feature – makes it so that your app can work as if it were using App Settings as they have been, meaning no code changes are required. There is no necessity to use any SDK anymore to access secrets. These Security Enhancements are discussed in detail in this blog by Matthew Henderson – Simplifying security for serverless and web apps with Azure Functions and App Service
- Azure Functions can be deployed on Kubernetes – Serverless like capabilities are being introduced with Kubernetes. You can now Scale down to zero when there is no usage and scale up when required.
- API Management supports management for Serverless APIs – considerations like request authentication and authorization, rate limit and quota enforcement, request and response transformation, logging and tracing, or version management can now be achieved through API Management as you build Serverless APIs
- Improvements in Monitoring pipelines – The capability to see exceptions, should they be addressed, what more telemetry need to be sent etc
- Serverless Community Library – Now community is encouraged to share some sample code for others to know how easily they can deploy functions. Deploying these code samples to Azure Function in your subscription is supported.
Katy Shimizu did a quick rundown on building Durable Functions with Java Script – Durable Functions is a way of orchestrating multiple Azure Functions together. There is an Orchestrator function which provides task parallelization, timeouts and implementation of complex workflow scenario.
The latest package version available through npm for durable-functions is 1.1.2 – this is a first GA version though.
Activity functions are called within Orchestrator function in the workflow. Yield keyword is used to wait for the async operation.
Orchestrator functions need to be deterministic than being async or awaitable.
Refreshed Durable Functions Documentation
Looking into it, but it has got its own challenges. It doesn’t naturally fall in other languages.
- Dependency Injection – what’s the update?
May be available in the first few months of next year. Jeff Hollan says he is closely following this.
- Connection Limits to Azure Functions, are there plans to increase?
Connections is now 600 in all regions, 1200 in most (will be 1200 in all by end of the month). We hope this will mean people won’t hit this exception ever again. 1200 *per instance* so when we scale out it becomes 1200 * instances.
- Will plain old .net core web apps get simpler keyvault access as well?
If using app services than yes. The feature of app settings
- Do Azure Functions have support for authentication and authorization for ServerlessAPI? We build HTTP trigger based serverless API
There are few options –
App Service Authentication – works for App Svc and Functions at Func app level. Configure that real tight integration with Azure AD. Create App in that environment and tasks to your resources to it.
Deal authentication using API Management layer – validate your requests using JWT Tokens.
At Function Level – use API Key
Custom Authorization – implanted using code. Maybe made easy with Dependency injection
- With API Management, for Serverless Consumption plan where there is per execution pricing, what are the plans for Azure Functions proxy?
Azure Functions has HTTP support by default. They can be used to create HTTP triggers. With proxies, we can do routing, re-routing intercept, and mock API. No plans to retire proxy for now. At some point, proxies and API Management may be integrated. Proxies are a feature of runtime whereas API Management Serverless is more powerful which can support custom policy, caching, rate limits, throttling – proxies don’t do any of these.
- Is it possible to pass a custom status back up from a sub orchestration? (the context of the parent orchestration isn’t available)
It is not possible now. Can be considered a feature request.
Passing back status to normal orchestrator is possible as the context is available.
There is a restriction on function apps i.e. it can be implemented only in a particular language. There are ways to have a cross-function app calling making use of HTTP endpoints. Cross function app communication is in beginning stages. More news to follow in the new year.
- Are there any architecture diagram showing a realistic serverless API (Mgmt Gateway + Functions Apps for API backends)
There are some artifacts work in progress with few samples that will discuss
Functions + API Management
Functions + Event Streams
Functions + Cosmos DB etc
- Any thoughts or plans around DevOps or CI/CD for deployment strategy for Functions?
There is some interesting work in progress. May be demonstrated soon in one of the future webcasts
Some of the blogs highlighted:
Making Sense of Azure Durable Functions – Mikhail Shilkov
Connect with Azure Functions team on twitter @AzureFunctions handle. Visit this link for the list of members: https://twitter.com/AzureFunctions/lists/azure-functions-team/members
- Ignite, The Tour – Jeff Hollan will be traveling to Sydney and probably New Zealand
- Microsoft Product Team will be representing at ServerlessDays conferences
- Next Webcast Live may happen in late Jan 2019.
Let us break for the vacations till then! Season’s Greetings!!