Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Production ready tooling for microservices on kubernetes

630 views

Published on

I presented this talk on Container conf 18.

Published in: Engineering
  • Be the first to comment

  • Be the first to like this

Production ready tooling for microservices on kubernetes

  1. 1. Production ready tooling for microservices on Kubernetes Chandresh Pancholi
  2. 2. Source: http://www.rafaelhart.com/2018/03/18/monolith-or-microservices.html
  3. 3. Service discovery ● Kubernetes supports DNS based service discovery ● Kubernetes supports Kube-DNS & CoreDNS based discovery ● Kube-DNS uses SkyDNS which is written by author of CoreDNS ● CoreDNS, that is built with a more modular, extensible framework ● Kube DNS uses dnsmq for caching but CoreDNS has caching a middleware
  4. 4. Request routing & load balancing ● Kubernetes services ● Kubernetes ingress ● External load balancer ● Kubernetes NodePort
  5. 5. Monitoring & Visualization ● Prometheus ● Prometheus operator ● cAdvisor ● Grafana
  6. 6. Edge server ● Ingress ○ Nginx ○ Kong ○ GCE ○ Traefik ● Ingress resource → The Ingress resource is a set of rules that map to Kubernetes services. ● Ingress controller → Ingress controllers are applications that watch Ingresses in the cluster and configure a balancer to apply those rules.
  7. 7. Configuration managements ● Config maps ● Secrets ● Etcd ● Hashicorp vault
  8. 8. Security ● RBAC ● Service account ● Istio ● Oauth 2.0/OpenId Connect
  9. 9. Centralised logging ● Fluentd ● Fluent bit ● Elasticsearch ● Kibana ● Elastalert
  10. 10. helm It’s a package manager for Kubernetes. Helm helps you manage Kubernetes applications — Helm Charts helps you define, install, and upgrade even the most complex Kubernetes application. Source: https://thomasmodeneis.files.wordpress.com/2017/06/screenshot_20170623_194919.png
  11. 11. Prometheus ● Node monitoring ● Pod monitoring ● Cluster monitoring ● Container monitoring ● Application monitoring ● Alerting
  12. 12. Source: https://prometheus.io/
  13. 13. Prometheus operator Source: https://coreos.com/blog/the-prometheus-operator.html
  14. 14. Fluentd Fluentd is an open source data collector, which lets you unify the data collection and consumption for a better use and understanding of data. ● Unified logging with Json ● Pluggable Architecture ● Minimum resources required ● Built-in reliability
  15. 15. Source: https://www.fluentd.org/architecture
  16. 16. Source: https://www.fluentd.org/architecture
  17. 17. Jaeger/Open tracing Jaeger, inspired by Dapper and OpenZipkin, is a distributed tracing system released as open source by Uber Technologies. It is used for monitoring and troubleshooting microservices-based distributed systems. ● Distributed context propagation ● Distributed transaction monitoring ● Root cause analysis ● Service dependency analysis ● Performance / latency optimization
  18. 18. Source: https://www.jaegertracing.io/
  19. 19. Kubeless Kubeless is a Kubernetes-native serverless framework that lets you deploy small bits of code (functions) without having to worry about the underlying infrastructure. ● Support for Python, Node.js, Ruby, PHP, Golang, .NET, Ballerina and custom runtimes ● CLI compliant with AWS Lambda CLI ● Event triggers using Kafka messaging system and HTTP events ● Prometheus monitoring of functions calls and function latency by default
  20. 20. Source: https://blog.cloudboost.io/kubeless-is-more-9f20fb443b5a
  21. 21. Istio Istio makes it easy to create a network of deployed services with load balancing, service-to-service authentication, monitoring, and more, without any changes in service code. You add Istio support to services by deploying a special sidecar proxy throughout your environment that intercepts all network communication between microservices, then configure and manage Istio using its control plane functionality.
  22. 22. Source: https://istio.io/docs/concepts/what-is-istio/arch.svg
  23. 23. Kubewatch kubewatch is a Kubernetes watcher that currently publishes notification to Slack. Run it in your k8s cluster, and you will get event notifications in a slack channel. Resources to watch ● Daemonsets ● Deployment ● Pod ● Replica sets ● Replication controller ● Services ● Secrets ● Config maps
  24. 24. Kube-monkey An implementation of Netflix's Chaos Monkey for Kubernetes clusters.It randomly deletes Kubernetes (k8s) pods in the cluster encouraging and validating the development of failure-resilient services.
  25. 25. Questions?

×