Microsoft's most useful open-source project for Kubernetes, Dapr hits the 1.0 primetime

API now stable, more on the way


Microsoft has released version 1.0 of its Distributed Application Runtime (Dapr), aimed at providing building blocks to simplify application development for Kubernetes.

Dapr is one of several Microsoft-sponsored open-source projects around Kubernetes, and perhaps the most immediately useful. Others include Open Service Mesh (OSM), which uses Envoy (like Istio) but is lighter weight (like Linkerd); and KEDA, in association with Red Hat, which supports serverless, event-driven containers on Kubernetes. Dapr was first announced in October 2019 and has been developed on GitHub.

The purpose of Dapr is to provide services, accessed via HTTP or gRPC, that can be called from any application, and meet some common requirements that can otherwise be tricky to implement. Specifically, Dapr provides:

  • Service-to-service invocation
  • State management: save and retrieve key/value pairs from a variety of stores such as Redis, CosmosDB, SQL Server or PostgreSQL
  • Publish and subscribe
  • Resource binding: Send, receive, and respond to events
  • Virtual actors: Use actor pattern for stateless and stateful objects
  • Distributed tracing: Uses W3C Trace Context standard to feed events to tracing and monitoring systems
  • Secrets management: Safe storage and retrieval of credentials
Since the first preview Dapr has added secrets management as well as new security features

Since the first preview Dapr has added secrets management as well as new security features

Although it most often runs there, Dapr does not depend on Kubernetes and can be run as a self-hosted binary or in a container. There are SDKs for Go, Java, JavaScript, Python, .NET, Rust, C++, and PHP, as well as integrations with frameworks like ASP.NET Core and Java Spring Boot. Dapr itself is written in Go. According to Microsoft's post today, "the community has stepped up to contribute Dapr components that integrate with Azure, AWS, Alibaba and Google clouds."

The company said that "Dapr is now running in several production and pre-production environments" and that security features have been added over the period since first preview. There are now nearly 700 contributors including HashiCorp and Alibaba. There is a technical steering committee and the company intends "to have Dapr join an open software foundation in the near future."

Zeiss is using several features of Dapr as part of a solution deployed to Azure

Zeiss is using several features of Dapr as part of a solution deployed to Azure

The 1.0 release is significant as it means that the API has been declared stable and that future changes will go through a versioning mechanism. Breaking changes are possible but "will be indicated several releases ahead," Microsoft promised.

On the security side, Dapr now uses x.509 certificates, automatically renewed and rolled over, to prevent man-in-the-middle attacks, and provides access control lists using the spiffe framework.

There are plans for additional APIs including ones for application configuration data, creating singleton object instances, routing messages based on URLs, and resiliency APIs for things like circuit breakers and timeouts. ®


Keep Reading

Biting the hand that feeds IT © 1998–2021