Module 1 of 4

Introduction to Knative

Serverless on Kubernetes

What if your containers could scale to zero when nobody's using them, and spring back to life in milliseconds?

Welcome to serverless on Kubernetes...

The Serverless Promise

"Pay only for what you use. No traffic? No cost. A million requests? We'll handle it. You just write code."

No server management or provisioning
Automatic scaling -- including to zero
Event-driven execution model
Pay-per-use billing model

The Serverless Landscape

Cloud providers each built their own serverless:

AWS Lambda

First mover (2014). Massive ecosystem. Deeply tied to AWS services.

Azure Functions

Microsoft's offering. Good .NET integration. Tied to Azure.

But what if you want serverless without vendor lock-in?

The Lock-In Problem

"We built 200 Lambda functions. Migrating to another cloud? That's a rewrite, not a migration."

Proprietary APIs and event formats
Vendor-specific deployment tooling
Limited local development experience
Hard to test, hard to move

What if serverless ran on standard Kubernetes?

What is Knative?

An open-source platform that brings serverless capabilities to Kubernetes.

Originally created by Google, with contributions from IBM, Red Hat, VMware, and others
Now a CNCF Incubating project
Runs on any Kubernetes cluster -- AKS, EKS, GKE, on-prem
Uses standard containers -- no proprietary runtime

Knative vs. Lambda vs. Azure Functions

Feature	AWS Lambda	Azure Functions	Knative
Runtime	Proprietary	Proprietary	Any container
Vendor Lock-in	High	High	None
Runs on	AWS only	Azure only	Any K8s
Scale to Zero	Yes	Yes (Consumption)	Yes
Max Duration	15 min	Varies	No limit
Local Dev	SAM/emulation	Core Tools	Real K8s

Knowledge Check

1. What is Knative's current status within the CNCF?

A) Sandbox project

B) Incubating project

C) Graduated project

Correct: B. Knative was accepted as a CNCF Incubating project in March 2022.

2. What is the main advantage of Knative over AWS Lambda?

A) Faster cold starts

B) No vendor lock-in -- runs on any Kubernetes cluster

C) Built-in database support

Correct: B. Knative runs on any Kubernetes cluster, giving you portability across clouds and on-premises.

3. Which company originally created Knative?

A) Microsoft

B) Google

C) Amazon

Correct: B. Google originally created Knative in 2018, with contributions from IBM, Red Hat, VMware, and others.

Knative Components

Knative is made up of two main components:

Knative Serving

Deploy and auto-scale your containers. Handles request routing, revisions, and scale-to-zero.

HTTP workloads

Knative Eventing

Event-driven architecture. Produce, route, and consume events using CloudEvents.

Async workloads

Knative Architecture

         Developer
            |
      [kubectl / kn CLI]
            |
  +---------+---------+
  |                   |
  v                   v
Knative Serving   Knative Eventing
  |                   |
  v                   v
Activator         Broker/Trigger
Queue-Proxy       Sources/Sinks
Autoscaler        Channels
  |                   |
  +------- K8s -------+
  |   Networking Layer  |
  |  (Kourier / Istio)  |
  +---------------------+

Networking Layer

Knative needs a networking layer for traffic routing:

Kourier -- Lightweight, Knative-specific ingress (recommended for simplicity)
Istio -- Full service mesh with mTLS, observability
Contour -- Envoy-based ingress controller

For AKS, Kourier is the simplest starting point. Upgrade to Istio when you need mTLS or advanced traffic policies.

Prerequisites for AKS

Before installing Knative on AKS, you need:

An AKS cluster (Kubernetes 1.26+)
kubectl configured to access the cluster
kn CLI (optional but recommended)
A container registry (ACR recommended)

# Verify cluster access
kubectl cluster-info
kubectl get nodes

# Install kn CLI
brew install knative/client/kn   # macOS

Installing Knative on AKS

Step 1: Install Knative Serving

# Install Knative Serving CRDs
kubectl apply -f https://github.com/knative/serving/releases/download/knative-v1.14.0/serving-crds.yaml

# Install Knative Serving core components
kubectl apply -f https://github.com/knative/serving/releases/download/knative-v1.14.0/serving-core.yaml

# Install Kourier networking layer
kubectl apply -f https://github.com/knative/net-kourier/releases/download/knative-v1.14.0/kourier.yaml

# Configure Knative to use Kourier
kubectl patch configmap/config-network \
  --namespace knative-serving \
  --type merge \
  --patch '{"data":{"ingress-class":"kourier.ingress.networking.knative.dev"}}'

Installing Knative on AKS

Step 2: Install Knative Eventing

# Install Knative Eventing CRDs
kubectl apply -f https://github.com/knative/eventing/releases/download/knative-v1.14.0/eventing-crds.yaml

# Install Knative Eventing core
kubectl apply -f https://github.com/knative/eventing/releases/download/knative-v1.14.0/eventing-core.yaml

# Install In-Memory Channel (for dev/testing)
kubectl apply -f https://github.com/knative/eventing/releases/download/knative-v1.14.0/in-memory-channel.yaml

# Install MT-Channel-Based Broker
kubectl apply -f https://github.com/knative/eventing/releases/download/knative-v1.14.0/mt-channel-broker.yaml

Verify the Installation

# Check Serving components
kubectl get pods -n knative-serving
NAME                                      READY   STATUS
activator-abcdef1234-xxxxx                1/1     Running
autoscaler-abcdef1234-xxxxx               1/1     Running
controller-abcdef1234-xxxxx               1/1     Running
webhook-abcdef1234-xxxxx                  1/1     Running

# Check Eventing components
kubectl get pods -n knative-eventing
NAME                                      READY   STATUS
eventing-controller-abcdef1234-xxxxx      1/1     Running
eventing-webhook-abcdef1234-xxxxx         1/1     Running

# Check Kourier
kubectl get pods -n kourier-system

Knowledge Check

1. What are the two main components of Knative?

A) Serving and Eventing

B) Routing and Scaling

C) Gateway and Functions

Correct: A. Knative consists of Serving (request-driven compute) and Eventing (event-driven architecture).

2. Which networking layer is recommended as the simplest option for Knative on AKS?

A) Istio

B) Kourier

C) Nginx Ingress

Correct: B. Kourier is a lightweight, Knative-specific ingress that is the simplest option. Istio provides more features but adds complexity.

3. What minimum Kubernetes version is recommended for Knative?

A) 1.22+

B) 1.26+

C) 1.30+

Correct: B. Knative 1.14 requires Kubernetes 1.26 or newer.

Your First Knative Service

"In traditional Kubernetes, you need a Deployment, a Service, and an Ingress. With Knative, you need one thing: a Knative Service."

apiVersion: serving.knative.dev/v1
kind: Service
metadata:
  name: hello-world
  namespace: default
spec:
  template:
    spec:
      containers:
        - image: gcr.io/knative-samples/helloworld-go
          ports:
            - containerPort: 8080
          env:
            - name: TARGET
              value: "World"

Deploy and Access

# Deploy the service
kubectl apply -f hello-world.yaml

# Or use the kn CLI
kn service create hello-world \
  --image gcr.io/knative-samples/helloworld-go \
  --env TARGET=World

# Check the service
kn service list
NAME          URL                                        READY
hello-world   http://hello-world.default.example.com     True

# Access the service
curl -H "Host: hello-world.default.example.com" \
  http://$(kubectl get svc kourier -n kourier-system \
    -o jsonpath='{.status.loadBalancer.ingress[0].ip}')

Watch It Scale to Zero

"Wait 60 seconds with no traffic, and watch the magic happen..."

# Watch pods in real-time
kubectl get pods -w

NAME                                          READY   STATUS
hello-world-00001-deployment-abc123-xyz       2/2     Running

# ... 60 seconds of no traffic later ...
hello-world-00001-deployment-abc123-xyz       2/2     Terminating
hello-world-00001-deployment-abc123-xyz       0/2     Terminating

# Zero pods! Zero cost!

# Send another request...
curl http://hello-world.default.example.com
# Pod spins up automatically!
hello-world-00001-deployment-abc123-new       0/2     Pending
hello-world-00001-deployment-abc123-new       2/2     Running

How Scale-to-Zero Works

Request arrives at Kourier
        |
  [Is there a running pod?]
     /         \
   Yes          No
    |            |
  Route to   Route to Activator
   Pod        (holds request)
    |            |
  Response    Activator tells
              Autoscaler to
              scale up from 0
                 |
              Pod starts (cold start)
                 |
              Request forwarded to pod
                 |
              Response

The kn CLI

A developer-friendly CLI for Knative operations:

# Create a service
kn service create hello --image myregistry/hello:v1

# Update a service
kn service update hello --env TARGET=Knative

# List services
kn service list

# Describe a service
kn service describe hello

# Delete a service
kn service delete hello

# List revisions
kn revision list

# Show traffic routes
kn route list

Revisions: Snapshots of Your App

"Every time you change a Knative Service, Knative creates a new Revision. Think of it like a Git commit for your deployment."

Each Revision is an immutable snapshot of your code + config
Named automatically: hello-world-00001, hello-world-00002, etc.
Old revisions are kept (can be scaled to zero)
Traffic can be split across revisions

Creating Revisions

# Update the service -- creates a new revision automatically
kn service update hello-world --env TARGET=Knative

# Check revisions
kn revision list
NAME                  SERVICE       TRAFFIC   READY
hello-world-00002     hello-world   100%      True
hello-world-00001     hello-world             True

# Each update = new revision
kn service update hello-world --env TARGET=Universe
kn revision list
NAME                  SERVICE       TRAFFIC   READY
hello-world-00003     hello-world   100%      True
hello-world-00002     hello-world             True
hello-world-00001     hello-world             True

Knowledge Check

1. What happens when a Knative Service receives no traffic for ~60 seconds (with default settings)?

A) The service is deleted

B) The pods scale to zero

C) The service enters a paused state

Correct: B. The Knative autoscaler scales pods to zero. The service still exists and will scale back up when traffic arrives.

2. What component handles requests when a Knative Service is scaled to zero?

A) The Autoscaler

B) The Activator

C) The Controller

Correct: B. The Activator buffers requests while the autoscaler scales up pods from zero. Once a pod is ready, the request is forwarded.

3. What is a Knative Revision?

A) A rollback operation

B) A code review stage

C) An immutable snapshot of your code and configuration

Correct: C. Each change to a Knative Service creates a new immutable Revision, capturing the container image, environment variables, and other settings.

Traffic Management Basics

Knative lets you split traffic between revisions:

# Send 80% to latest, 20% to previous revision
kn service update hello-world \
  --traffic hello-world-00003=80 \
  --traffic hello-world-00002=20

# Tag a revision for direct access
kn service update hello-world \
  --tag hello-world-00002=staging

# Access tagged revision directly:
# http://staging-hello-world.default.example.com

Traffic Splitting in YAML

apiVersion: serving.knative.dev/v1
kind: Service
metadata:
  name: hello-world
spec:
  template:
    spec:
      containers:
        - image: myregistry/hello:v3
  traffic:
    - latestRevision: true
      percent: 80
    - revisionName: hello-world-00002
      percent: 20
    - revisionName: hello-world-00001
      percent: 0
      tag: legacy

Tagged revisions get their own URLs even with 0% traffic -- great for testing!

Common Traffic Patterns

Canary Release

New revision: 10%
Current revision: 90%
Gradually increase
Roll back if errors

Blue/Green

Tag new revision (green)
Test via tagged URL
Switch 100% instantly
Instant rollback

Knative Service Lifecycle

    Developer updates Service
            |
    Controller creates new Revision
            |
    Route updated with traffic rules
            |
    Pods created for new Revision
            |
    Health check passes
            |
    Traffic shifts to new Revision
            |
    Old Revision pods scale to zero
            |
    (Old Revision still exists for rollback)

Knative vs. Standard K8s Deployments

Capability	K8s Deployment	Knative Service
Scale to zero	No (min 1 replica)	Yes
Traffic splitting	Needs Istio/mesh	Built-in
Revisions	Manual (ReplicaSets)	Automatic
Auto-scaling	HPA (CPU-based)	Request-based (KPA)
Networking	Service + Ingress	Built-in routing
Resources needed	3+ YAML files	1 YAML file

What's Coming Next

In the next module, we'll take a deep dive into Knative Serving:

Service anatomy -- Configuration, Revision, Route
Autoscaling deep dive -- KPA, concurrency, burst capacity
Traffic splitting patterns -- canary, blue/green
Custom domains and TLS
Private services and container configuration

Module 2: Knative Serving Deep Dive

Key Takeaways

Knative brings serverless to Kubernetes without vendor lock-in
Two components: Serving (HTTP workloads) and Eventing (async events)
Automatic scale-to-zero saves resources and costs
Revisions give you immutable snapshots and easy rollbacks
Traffic management is built-in -- canary and blue/green for free
One YAML replaces Deployment + Service + Ingress

Your containers now have superpowers.