IBM Cloud Docs
Application workloads

Application workloads

IBM Cloud® Code Engine is designed to address the needs of developers who want their code to run. Code Engine abstracts the operational burden of building, deploying, and managing workloads in Kubernetes so that developers can focus on what matters most to them: the source code. Developers can deploy and scale their applications, which are written in any framework or language, by delegating the complexity of building and managing their workloads to Code Engine. Learn about working with applications in IBM Cloud® Code Engine.

What are application workloads?

An application, or app, runs your code to serve HTTP requests. In addition to traditional HTTP requests, IBM Cloud® Code Engine also supports applications that use WebSockets as their communications protocol. The number of running instances of an app are automatically scaled up or down (to zero) based on incoming requests and your configuration settings. An app contains one or more revisions. A revision represents an immutable version of the configuration properties of the app. Each update of an app configuration property creates a new revision of the app.

How do apps compare to jobs and functions?

Comparing Code Engine apps, jobs, and functions
Characteristic App Job Function
Execution time (duration) Long-running (10 minutes per request) Long-running (up to 24 hours) Short-running (2 minutes or less)
Startup latency Medium Scheduled start Low
Termination Run-continuously Run-to-completion Run-to-completion
Invocation On request or permanently running Scheduled On request, instant
Programming Model Container-based build and execution Container-based build and execution Language-specific source code files and dependency metadata
Parallelism Parallel execution, flexible Low to medium parallel execution High parallel execution
Scale-out Based on number of requests Based on job workload definition Based on events or direct invocations
Optimized for Long running, highly complex workload and on-demand scale-out Scheduled or planned workloads with high resource demands Startup time and rapid scale-out

For more information, see Planning for Code Engine.

What are the key features of working with Code Engine applications?

Review the following topics to learn more about working with applications in Code Engine.

Isolation

Code Engine is a multi-tenant, regional service where tenants share the same network and compute infrastructure. In particular, the network and compute infrastructure are shared resources and some management components are common to all tenants. However, tenants and their workloads are isolated from each other by using Code Engine projects. Code Engine prevents communication between projects, providing isolation to your applications inside a multi-tenant environment. In addition, there are access controls that are performed on a resource level to only allow authorized users to perform certain operations on project resources, such as applications or other Code Engine workloads.

For more information about workload isolation, see Code Engine workload isolation.

Logging

When you work with Code Engine applications with the console and with logging enabled, logs are forwarded to an IBM Cloud Logs service instance that is associated with your Code Engine project. In the IBM Cloud Logs service instance, the logs are indexed, enabling full-text search through all generated messages and convenient querying based on specific fields. See Getting logs for applications.

System event information can also be helpful to troubleshoot problems when you run jobs. You can view system event information with the CLI. See Getting system event information for applications.

For more information about logging, see Viewing logs.

Running applications

Whether your code exists as source in a local file or in a Git repository, or your code is a container image that exists in a public or private registry, Code Engine provides you with a streamlined way to run your code as an app.

You can deploy and run applications in Code Engine in the following ways:

  • Run from an existing container image. Create an application and provide a reference to your image to use when you deploy your app with Code Engine.

  • Run from existing source code without any container image. If you are starting with source code that is located in a Git repository or on your local workstation, you can point to the location of your source and Code Engine takes care of building the image for you. Code Engine supports building from a Dockerfile and Cloud Native Buildpacks, which inspects your source code to determine how it must be built and packaged as a container image.

For more information about deploying and running applications, see Working with apps in Code Engine.

Scaling

Code Engine applications scale up or down depending on the incoming requests. Applications follow the scale-to-zero model, where no instances are created in the absence of traffic, leading to cost optimization. When there is an incoming request, an app automatically scales up from zero to accommodate the workload.

With Code Engine, you can control autoscaling by setting the minimum and maximum number of instances. You can also specify the concurrency of the application by specifying the number of requests to run in parallel for a specific application instance to help determine when a new instance is provisioned.

For more information about scaling your app, see Configuring application scaling.

Security

Code Engine provides immediate DDOS protection for your application. Code Engine's DDOS protection is provided by Cloud Internet Services (CIS) at no additional cost to you. DDoS protection covers System Interconnection (OSI) Layer 3 and Layer 4 (TCP/IP) protocol attacks, but not Layer 7 (HTTP) attacks. See DDoS protection.

Code Engine also provides a service mesh to use its networking layer, which enables mutual Transport Layer Security (TLS) traffic on applications, thus securing service-to-service and user-to-service communication.

For more information about security, see Code Engine and security.

Triggering applications with events

You can configure your Code Engine applications to receive cron events, IBM Cloud Object Storage events, or Kafka topics. When you subscribe to an event producer, you must specify the name of your destination application to receive the events.

For more information about working with event producers, see Getting started with subscriptions.

Visibility

With Code Engine, you can determine the right level of visibility for your application by defining the endpoints, or system domain mappings that are available for receiving requests. An application can be exposed to the internet, to the IBM Cloud private network or scoped only to other resources in the same Code Engine project.

By default, every running application gets its own TLS secured endpoint, which you can map to your own domain.

In addition, you can map your own custom domain to a Code Engine application to route requests from your custom URL to your application. If you want to target your application with a domain that you own, you can use a custom domain mapping. When you set a custom domain mapping in Code Engine, you define a 1-to-1 mapping between your fully qualified domain name (FQDN) and a Code Engine application in your project.

For more information about visibility, see Options for visibility for a Code Engine application and Configuring custom domain mappings for your application.

How can I get started with applications?

To deploy a simple Code Engine application with the icr.io/codeengine/helloworld sample image, see Creating your first Code Engine app.

Also, you can try an application tutorial, see Deploying and scaling applications.

To dive deeper into working with applications, see Working with apps in Code Engine.