Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Serhiy Kalinets "Building Service Mesh with .NET Core"


Published on

There is a lot of hype around service mesh happening right now. It’s a new concept that solves common problems related to microservices: observability, traffic management, security and so on.

In this session Serhiy will introduce the idea of service mesh and show how to use it with the latest release of .NET Core to build lightweight microservices with minimal efforts. And of course, we will see how it works in action.

Published in: Technology
  • Be the first to comment

  • Be the first to like this

Serhiy Kalinets "Building Service Mesh with .NET Core"

  1. 1. Building Service Mesh with .NET Core Serhiy Kalinets Playtika
  2. 2. Every .NET Developer Abstract class vs interface Generations of Garbage Collector Mutex vs Semaphor ThreadPool … I can write code and will get a job of my dream
  3. 3. About Me 18 years in the business Love to code System Architect @
  4. 4. Kyiv ALT.NET
  5. 5. A service mesh •is a configurable, low-latency infrastructure layer designed to handle a high volume of network-based inter-process communication among application infrastructure services using application programming interfaces (APIs)
  6. 6. A service mesh •ensures that communication among containerized and often ephemeral application infrastructure services is fast, reliable, and secure. •provides critical capabilities including service discovery, load balancing, encryption, observability, traceability, authentication and authorization, and support for the circuit breaker pattern.
  7. 7. The network should be transparent to applications. When network and application problems do occur it should be easy to determine the source of the problem.
  8. 8. Sidecars injection Injects envoy container to every pod All traffic is being routed via envoy instances kubectl label namespace default istio- injection=enabled
  9. 9. Service Discovery
  10. 10. Lookup service in code
 Resolve via registry … Just take it from ENV
  11. 11. HttpClientFactory services.AddHttpClient("rg", _ => {     _.BaseAddress = new Uri(Configuration["RG_HOST"]                                 ?? "http://localhost: 3333");      }); var response = await clientFactory.CreateClient("rg")     .GetAsync("/");
  12. 12. Configuration appsettings.json deployment.yaml         env:         - name: "RG_HOST"           value: "http://game-rg:3333"         - name: "Logging__LogLevel__Default"           value: "Debug" {   "Logging": {     "LogLevel": {       "Default": "Warning"     }   },   "RG_HOST": "http:// localhost:3333", } 

  13. 13. Release
  14. 14. Dockerfile FROM microsoft/dotnet:2.2-sdk AS build-env WORKDIR /app 
 # Copy csproj and restore as distinct layers COPY *.csproj ./ RUN dotnet restore 
 # Copy everything else and build COPY . ./ RUN dotnet publish -c Release -o out 
 # Build runtime image FROM microsoft/dotnet:2.2-aspnetcore-runtime WORKDIR /app COPY --from=build-env /app/out . ENTRYPOINT ["dotnet", "math.dll"]
  15. 15. apiVersion: networking.istio. v1alpha3 kind: DestinationRule metadata:   name: reviews spec:   host: reviews   subsets:   - name: v1     labels:       version: v1   - name: v2     labels:       version: v2   - name: v3     labels:       version: v3 apiVersion: extensions/v1beta1 kind: Deployment metadata:   name: reviews-v1 spec:   replicas: 1   template:     metadata:       labels:         app: reviews         version: v1     spec:       containers:       - name: reviews         image: /istio/reviews-v1
  16. 16. Traffic Management
  17. 17. A/B Testing apiVersion: v1alpha3 kind: VirtualService metadata:   name: reviews spec:   hosts:     - reviews   http:   - route:     - destination:         host: reviews         subset: v1       weight: 80     - destination:         host: reviews         subset: v2 weight: 20
  18. 18. Conditional Routing   http:   - match:     - headers:         end-user:           exact: jason     route:     - destination:         host: reviews         subset: v2   - route:     - destination:         host: reviews         subset: v3 

  19. 19. Silent Launch http:   - route:     - destination:         host: httpbin         subset: v1       weight: 100     mirror:       host: httpbin       subset: v2
  20. 20. Fault Tolerance Anything may (and will) fail Timeouts, internal errors, outages Broken part can break the whole system
  21. 21. Crack Propagation
  22. 22. Crack Propagation Service faults Long requests Never responding services
  23. 23. Circuit Breaker
  24. 24. Circuit Breaker : Polly var policy = Policy     .HandleResult<HttpResponseMessage>(r =>         r.StatusCode == HttpStatusCode.InternalServerError)     .OrResult(r => r.StatusCode == HttpStatusCode.BadGateway)     .CircuitBreaker(2, TimeSpan.FromMinutes(1)); services.AddHttpClient(/* etc */).AddPolicyHandler(policy);
  25. 25. Circuit Breaker spec:   host: httpbin   trafficPolicy:     connectionPool:       tcp:         maxConnections: 1       http:         http1MaxPendingRequests: 1         maxRequestsPerConnection: 1     outlierDetection:       consecutiveErrors: 1       interval: 1s       baseEjectionTime: 3m       maxEjectionPercent: 100
  26. 26. Request Timeout apiVersion: kind: VirtualService metadata:   name: reviews spec:   hosts:   - reviews   http:   - route:     - destination:         host: reviews         subset: v2     timeout: 0.5s
  27. 27. Fault Injection spec:   hosts:   - ratings   http:   - match:     - headers:         end-user:           exact: jason     fault:       delay:         percent: 100         fixedDelay: 7s JASON
  28. 28. Fault Injection   http:   - match:     - headers:         end-user:           exact: jason     fault:       abort:         percent: 100         httpStatus: 500     route:     - destination:         host: ratings         subset: v1
  29. 29. Telemetry and Instrumenting Many services on different hosts Centralized logs Health monitoring Alerts
  30. 30. The only change for Istio… WebHost.CreateDefaultBuilder(args)     .UseStartup<Startup>()     .PropagateIstioHeaders();
  31. 31. Security
  32. 32. No HTTPS in the code app.UseHttpsRedirection(); trafficPolicy: tls: mode: ISTIO_MUTUAL Do it in service.yaml
  33. 33. DEMO
  34. 34. Thanks! twitter, github: @skalinets