SlideShare a Scribd company logo

David Kirk_Local Microservice Development in EKS.pdf

AWS Chicago
AWS Chicago

This document describes a hybrid approach to local microservice development against an EKS cluster. The key points are: - Developing locally but against an EKS cluster is challenging due to differences in environments. - The proposed solution is to run all services in the EKS cluster except the one being developed locally, replacing it with a proxy that redirects traffic to the local machine. - This allows using local development tools while still interacting with the full production environment in the cluster. It can be done through exclusion, scaling the local service to 0, or interception using an nginx proxy to redirect traffic. - A case study is provided of how this approach is implemented at NTWRK using Tail

Technology
1 of 21
Download to read offline
Local Microservice Development in EKS David Kirk
About Me - 10 years as a Dev, 8 of which in DevOps - Staff Engineer at NTWRK - AWS & Kubernetes have been main focuses for 6 years - d@vidkirk.com or endlessbreadsticks@thankgoodnessitisifridays.com
What’re we talkin’ about? - Describe the problem - how do we develop against EKS? - Attempted & Potential Solutions - Hybrid Environments - the solution we’re using at NTWRK - Case-study of how it’s implemented at NTWRK - Suggestions of quick wins w/ this technique
I’ve done a talk like this before - I’ve learned lessons since then about how to do this better - That talk proposed something that took 6+ months to fully build - The goal here is to describe the solution and give practical wins you can bring home
The Problem - Developing against EKS - Most development happens locally - Tools are designed with this in mind - Debuggers, profilers, build tools, etc - Developers are used to this mental framework - EKS is not running locally - But it’s where production is running - How do we bridge this gap? - Ideal solution is one that allows us to use EKS and local tools
Why is this worth solving? - Reduce cognitive overhead - There’s a barrier to entry here - Worth it in the long run - fewer variations to consider - Minimize internal tooling & configuration complexity - The fewer environmental variations, the less work to align them - Devs get Ops experience - Hey look, it’s DevOps! - If devs gain k8s experience while dev-ing, they know better how to work with k8s in prod
Summary of Goals - Easy to use & implement - Useful - Devs can tie their local machine into EKS - Ideally vice-versa as well
High Level Solution - Redirect Traffic to Local - This is the basis for all proposed solutions - Run the thing you’re developing locally - Run everything else somewhere else - Send traffic that would go to the thing you’re developing to localhost Everything Else Runs Here Your Laptop Service A Service B Dummy Service C Actual Service C - Dummy service replaces yours in the cluster - Receives traffic like normal - Routes all traffic to your localhost Network Traffic
Potential Solution: docker-compose - Pro: Simple to configure - It’s entry-level deployment yaml, IMO - Very readable, and in one file - Con: It’s not kubernetes - Duplicating configuration - effort to maintain - Devs aren’t exposed to kubernetes - Run everything not being actively developed in docker-compose - Substitute the thing you’re developing w/ an nginx container - Forward all traffic it gets to `host.docker.internal` - Run the thing you’re developing locally
Potential Solution: Minikube - Pro: It’s kubernetes! - You get some kubernetes experience - But also you don’t get multi-node kubernetes - Con: Configuration complexity - All of your charts/definitions need to support both minikube & EKS - That’s gonna be some complex charts - Run everything not being actively developed in Minikube - Substitute the thing you’re developing w/ an nginx container - Redirect its traffic to `host.minikube.internal` - Run the thing you’re developing locally
Running Everything Locally Has Limits - Things will get slow - You’re better at creating stuff for your CPU to do than Intel & Apple are at making CPUs that can do stuff fast - Even beefy machines will slow down - This slows down everything else around development - You can deploy subsets of services - Again introducing configuration complexity - Hard to maintain, prone to issues
Proposed Solution - Hybrid EKS Development - Run everything in EKS except what you’re developing - Substitute the thing you’re developing w/ an nginx container - Forward all traffic it gets to your IP address - Run the thing you’re developing locally - Use a VPN to access the cluster - Reach into cluster w/ it - use k8s DNS for your cluster’s CIDR - Reach out of the cluster w/ it - use VPN IP addresses to talk to dev machines
Exclusion & Interception - Two modes of network traffic interaction - These cover all of the use cases we’ve seen internally - Exclusion - Scale the deployment you’re developing to 0 - Run it locally, and use k8s DNS through the VPN to interact w/ cluster - Used if it doesn’t receive requests - e.g. Kafka Consumers & Cronjobs - Interception - Replace the pod you’re developing w/ nginx - Redirect that traffic to your laptop’s VPN IP address - Run it locally, again use k8s DNS through the VPN
Exclusion & Interception Examples EKS Cluster Your Laptop Kafka Broker Service A Service B nginx Service C Actual Service C Network Traffic over VPN Consumer D - Exclude D - It doesn’t receive requests - it consumes from Kafka - Intercept C - Capture requests & send to local machine
Case Study: Using this at NTWRK - We have “personal environments” - Single centralized helm repo defines everything that’s deployed - `make build-dev` builds all containers - `make deploy-dev` takes helm and deploys it into personal namespace - Intercept & Exclude at deploy time - `make deploy-dev-tailscale INTERCEPT=[chart_name]` - `make deploy-dev-tailscale EXCLUDE=[chart_name]` - Can intercept & exclude in one deployment
Interception Details - How do we route that traffic to the VPN IP address? - We use Tailscale as our VPN - All examples will reference those specifics, but concepts can be tweaked based upon your needs - Replace containers in intercepted pod - nginx routes traffic to VPN IP address - set at deploy time - Tailscale side car gives nginx access to VPN over pod’s localhost
Interception Details: Actual Code Edition Use this template if intercepting Default deployment configuration
Interception Details: Actual Code Edition pt 2 Internal Traffic External Traffic Send it to local machine’s VPN IP
Interception Details: Actual Code Edition pt 3 nginx container nginx configuration Tailscale sidecar grants VPN access
Potential Quick Wins - You don’t need personal environments - Run command locally to intercept static environment - Could be staging or UAT - Be careful about collisions - Team-specific long-lived environments - Less concern about collisions
That’s it! Questions

Recommended

AWS Community Day 2022 David Kirk_Hybrid Local Development Environments with...
AWS Community Day 2022 David Kirk_Hybrid Local Development Environments with...AWS Community Day 2022 David Kirk_Hybrid Local Development Environments with...
AWS Community Day 2022 David Kirk_Hybrid Local Development Environments with...
AWS Chicago
 
[BarCamp2018][20180915][Tips for Virtual Hosting on Kubernetes]
[BarCamp2018][20180915][Tips for Virtual Hosting on Kubernetes][BarCamp2018][20180915][Tips for Virtual Hosting on Kubernetes]
[BarCamp2018][20180915][Tips for Virtual Hosting on Kubernetes]
Wong Hoi Sing Edison
 
DevEx | there’s no place like k3s
DevEx | there’s no place like k3sDevEx | there’s no place like k3s
DevEx | there’s no place like k3s
Haggai Philip Zagury
 
Continuous Integration with Docker on AWS
Continuous Integration with Docker on AWSContinuous Integration with Docker on AWS
Continuous Integration with Docker on AWS
Andrew Heifetz
 
Cassandra and Docker Lessons Learned
Cassandra and Docker Lessons LearnedCassandra and Docker Lessons Learned
Cassandra and Docker Lessons Learned
DataStax Academy
 
Docker Online Meetup #3: Docker in Production
Docker Online Meetup #3: Docker in ProductionDocker Online Meetup #3: Docker in Production
Docker Online Meetup #3: Docker in Production
Docker, Inc.
 
SQL Server in DevOps Town Hall Webinar
SQL Server in DevOps Town Hall WebinarSQL Server in DevOps Town Hall Webinar
SQL Server in DevOps Town Hall Webinar
Travis Wright
 
Kubernetes Kops - Automation Night
Kubernetes Kops - Automation NightKubernetes Kops - Automation Night
Kubernetes Kops - Automation Night
Kasper Nissen
 

Recommended

AWS Community Day 2022 David Kirk_Hybrid Local Development Environments with...
AWS Community Day 2022 David Kirk_Hybrid Local Development Environments with...AWS Community Day 2022 David Kirk_Hybrid Local Development Environments with...
AWS Community Day 2022 David Kirk_Hybrid Local Development Environments with...
AWS Chicago
 
[BarCamp2018][20180915][Tips for Virtual Hosting on Kubernetes]
[BarCamp2018][20180915][Tips for Virtual Hosting on Kubernetes][BarCamp2018][20180915][Tips for Virtual Hosting on Kubernetes]
[BarCamp2018][20180915][Tips for Virtual Hosting on Kubernetes]
Wong Hoi Sing Edison
 
DevEx | there’s no place like k3s
DevEx | there’s no place like k3sDevEx | there’s no place like k3s
DevEx | there’s no place like k3s
Haggai Philip Zagury
 
Continuous Integration with Docker on AWS
Continuous Integration with Docker on AWSContinuous Integration with Docker on AWS
Continuous Integration with Docker on AWS
Andrew Heifetz
 
Cassandra and Docker Lessons Learned
Cassandra and Docker Lessons LearnedCassandra and Docker Lessons Learned
Cassandra and Docker Lessons Learned
DataStax Academy
 
Docker Online Meetup #3: Docker in Production
Docker Online Meetup #3: Docker in ProductionDocker Online Meetup #3: Docker in Production
Docker Online Meetup #3: Docker in Production
Docker, Inc.
 
SQL Server in DevOps Town Hall Webinar
SQL Server in DevOps Town Hall WebinarSQL Server in DevOps Town Hall Webinar
SQL Server in DevOps Town Hall Webinar
Travis Wright
 
Kubernetes Kops - Automation Night
Kubernetes Kops - Automation NightKubernetes Kops - Automation Night
Kubernetes Kops - Automation Night
Kasper Nissen
 
Docker dev ops for cd meetup 12-14
Docker dev ops for cd meetup 12-14Docker dev ops for cd meetup 12-14
Docker dev ops for cd meetup 12-14
Simon Storm
 
Introduction to Docker - Vellore Institute of Technology
Introduction to Docker - Vellore Institute of TechnologyIntroduction to Docker - Vellore Institute of Technology
Introduction to Docker - Vellore Institute of Technology
Ajeet Singh Raina
 
A Shift from Monolith to Microservice using Docker
A Shift from Monolith to Microservice using DockerA Shift from Monolith to Microservice using Docker
A Shift from Monolith to Microservice using Docker
Ajeet Singh Raina
 
Telepresence - Fast Development Workflows for Kubernetes
Telepresence - Fast Development Workflows for KubernetesTelepresence - Fast Development Workflows for Kubernetes
Telepresence - Fast Development Workflows for Kubernetes
Ambassador Labs
 
Using ansible to core os & kubernetes clusters
Using ansible to core os & kubernetes clustersUsing ansible to core os & kubernetes clusters
Using ansible to core os & kubernetes clusters
magicmarkup
 
ContainerDayVietnam2016: Dockerize a small business
ContainerDayVietnam2016: Dockerize a small businessContainerDayVietnam2016: Dockerize a small business
ContainerDayVietnam2016: Dockerize a small business
Docker-Hanoi
 
Introduction to Docker - VIT Campus
Introduction to Docker - VIT CampusIntroduction to Docker - VIT Campus
Introduction to Docker - VIT Campus
Ajeet Singh Raina
 
Developing Microservices Directly in AKS/Kubernetes
Developing Microservices Directly in AKS/KubernetesDeveloping Microservices Directly in AKS/Kubernetes
Developing Microservices Directly in AKS/Kubernetes
Chakradhar Rao Jonagam
 
Introduction to Kubernetes
Introduction to KubernetesIntroduction to Kubernetes
Introduction to Kubernetes
Vishal Biyani
 
Local development using telepresence
Local development using telepresenceLocal development using telepresence
Local development using telepresence
Irvi Aini
 
Containers, Docker, and Microservices: the Terrific Trio
Containers, Docker, and Microservices: the Terrific TrioContainers, Docker, and Microservices: the Terrific Trio
Containers, Docker, and Microservices: the Terrific Trio
Jérôme Petazzoni
 
[HKOSCON][20180616][Containerized High Availability Virtual Hosting Deploymen...
[HKOSCON][20180616][Containerized High Availability Virtual Hosting Deploymen...[HKOSCON][20180616][Containerized High Availability Virtual Hosting Deploymen...
[HKOSCON][20180616][Containerized High Availability Virtual Hosting Deploymen...
Wong Hoi Sing Edison
 
Laravel, docker, kubernetes
Laravel, docker, kubernetesLaravel, docker, kubernetes
Laravel, docker, kubernetes
Peter Mein
 
Deploying Windows Apps to Kubernetes with Draft and Helm
Deploying Windows Apps to Kubernetes with Draft and HelmDeploying Windows Apps to Kubernetes with Draft and Helm
Deploying Windows Apps to Kubernetes with Draft and Helm
Jessica Deen
 
Introduction to Docker at the Azure Meet-up in New York
Introduction to Docker at the Azure Meet-up in New YorkIntroduction to Docker at the Azure Meet-up in New York
Introduction to Docker at the Azure Meet-up in New York
Jérôme Petazzoni
 
From monolith to microservice with containers.
From monolith to microservice with containers.From monolith to microservice with containers.
From monolith to microservice with containers.
Marcel Dempers
 
Kubernetes and Local Dvelopment
Kubernetes and Local DvelopmentKubernetes and Local Dvelopment
Kubernetes and Local Dvelopment
Jeffrey Sica
 
11thDockerMeetupSwitzerland
11thDockerMeetupSwitzerland11thDockerMeetupSwitzerland
11thDockerMeetupSwitzerland
Michael Mueller
 
2016 - Easing Your Way Into Docker: Lessons From a Journey to Production
2016 - Easing Your Way Into Docker: Lessons From a Journey to Production2016 - Easing Your Way Into Docker: Lessons From a Journey to Production
2016 - Easing Your Way Into Docker: Lessons From a Journey to Production
devopsdaysaustin
 
Shipping NodeJS with Docker and CoreOS
Shipping NodeJS with Docker and CoreOSShipping NodeJS with Docker and CoreOS
Shipping NodeJS with Docker and CoreOS
Ross Kukulinski
 
AWS reInvent 2023 recaps from Chicago AWS user group
AWS reInvent 2023 recaps from Chicago AWS user groupAWS reInvent 2023 recaps from Chicago AWS user group
AWS reInvent 2023 recaps from Chicago AWS user group
AWS Chicago
 
Chicago AWS Solutions Architect Mehdy Haghy recaps the new AI/ML releases and...
Chicago AWS Solutions Architect Mehdy Haghy recaps the new AI/ML releases and...Chicago AWS Solutions Architect Mehdy Haghy recaps the new AI/ML releases and...
Chicago AWS Solutions Architect Mehdy Haghy recaps the new AI/ML releases and...
AWS Chicago
 

More Related Content

Similar to David Kirk_Local Microservice Development in EKS.pdf

Containers, Docker, and Microservices: the Terrific Trio
Containers, Docker, and Microservices: the Terrific TrioContainers, Docker, and Microservices: the Terrific Trio
Containers, Docker, and Microservices: the Terrific Trio
Jérôme Petazzoni
 

Similar to David Kirk_Local Microservice Development in EKS.pdf (20)

Docker dev ops for cd meetup 12-14
Docker dev ops for cd meetup 12-14Docker dev ops for cd meetup 12-14
Docker dev ops for cd meetup 12-14
 
Introduction to Docker - Vellore Institute of Technology
Introduction to Docker - Vellore Institute of TechnologyIntroduction to Docker - Vellore Institute of Technology
Introduction to Docker - Vellore Institute of Technology
 
A Shift from Monolith to Microservice using Docker
A Shift from Monolith to Microservice using DockerA Shift from Monolith to Microservice using Docker
A Shift from Monolith to Microservice using Docker
 
Telepresence - Fast Development Workflows for Kubernetes
Telepresence - Fast Development Workflows for KubernetesTelepresence - Fast Development Workflows for Kubernetes
Telepresence - Fast Development Workflows for Kubernetes
 
Using ansible to core os & kubernetes clusters
Using ansible to core os & kubernetes clustersUsing ansible to core os & kubernetes clusters
Using ansible to core os & kubernetes clusters
 
ContainerDayVietnam2016: Dockerize a small business
ContainerDayVietnam2016: Dockerize a small businessContainerDayVietnam2016: Dockerize a small business
ContainerDayVietnam2016: Dockerize a small business
 
Introduction to Docker - VIT Campus
Introduction to Docker - VIT CampusIntroduction to Docker - VIT Campus
Introduction to Docker - VIT Campus
 
Developing Microservices Directly in AKS/Kubernetes
Developing Microservices Directly in AKS/KubernetesDeveloping Microservices Directly in AKS/Kubernetes
Developing Microservices Directly in AKS/Kubernetes
 
Introduction to Kubernetes
Introduction to KubernetesIntroduction to Kubernetes
Introduction to Kubernetes
 
Local development using telepresence
Local development using telepresenceLocal development using telepresence
Local development using telepresence
 
Containers, Docker, and Microservices: the Terrific Trio
Containers, Docker, and Microservices: the Terrific TrioContainers, Docker, and Microservices: the Terrific Trio
Containers, Docker, and Microservices: the Terrific Trio
 
[HKOSCON][20180616][Containerized High Availability Virtual Hosting Deploymen...
[HKOSCON][20180616][Containerized High Availability Virtual Hosting Deploymen...[HKOSCON][20180616][Containerized High Availability Virtual Hosting Deploymen...
[HKOSCON][20180616][Containerized High Availability Virtual Hosting Deploymen...
 
Laravel, docker, kubernetes
Laravel, docker, kubernetesLaravel, docker, kubernetes
Laravel, docker, kubernetes
 
Deploying Windows Apps to Kubernetes with Draft and Helm
Deploying Windows Apps to Kubernetes with Draft and HelmDeploying Windows Apps to Kubernetes with Draft and Helm
Deploying Windows Apps to Kubernetes with Draft and Helm
 
Introduction to Docker at the Azure Meet-up in New York
Introduction to Docker at the Azure Meet-up in New YorkIntroduction to Docker at the Azure Meet-up in New York
Introduction to Docker at the Azure Meet-up in New York
 
From monolith to microservice with containers.
From monolith to microservice with containers.From monolith to microservice with containers.
From monolith to microservice with containers.
 
Kubernetes and Local Dvelopment
Kubernetes and Local DvelopmentKubernetes and Local Dvelopment
Kubernetes and Local Dvelopment
 
11thDockerMeetupSwitzerland
11thDockerMeetupSwitzerland11thDockerMeetupSwitzerland
11thDockerMeetupSwitzerland
 
2016 - Easing Your Way Into Docker: Lessons From a Journey to Production
2016 - Easing Your Way Into Docker: Lessons From a Journey to Production2016 - Easing Your Way Into Docker: Lessons From a Journey to Production
2016 - Easing Your Way Into Docker: Lessons From a Journey to Production
 
Shipping NodeJS with Docker and CoreOS
Shipping NodeJS with Docker and CoreOSShipping NodeJS with Docker and CoreOS
Shipping NodeJS with Docker and CoreOS
 

More from AWS Chicago

More from AWS Chicago (20)

AWS reInvent 2023 recaps from Chicago AWS user group
AWS reInvent 2023 recaps from Chicago AWS user groupAWS reInvent 2023 recaps from Chicago AWS user group
AWS reInvent 2023 recaps from Chicago AWS user group
 
Chicago AWS Solutions Architect Mehdy Haghy recaps the new AI/ML releases and...
Chicago AWS Solutions Architect Mehdy Haghy recaps the new AI/ML releases and...Chicago AWS Solutions Architect Mehdy Haghy recaps the new AI/ML releases and...
Chicago AWS Solutions Architect Mehdy Haghy recaps the new AI/ML releases and...
 
WilliamCollins_Road-to-Transit-Gateway.pptx
WilliamCollins_Road-to-Transit-Gateway.pptxWilliamCollins_Road-to-Transit-Gateway.pptx
WilliamCollins_Road-to-Transit-Gateway.pptx
 
Suresh Poopandi_Generative AI On AWS-MidWestCommunityDay-Final.pdf
Suresh Poopandi_Generative AI On AWS-MidWestCommunityDay-Final.pdfSuresh Poopandi_Generative AI On AWS-MidWestCommunityDay-Final.pdf
Suresh Poopandi_Generative AI On AWS-MidWestCommunityDay-Final.pdf
 
Streamlined Entitlements with AWS Lake Formation - Anusha Dwivedula
Streamlined Entitlements with AWS Lake Formation - Anusha DwivedulaStreamlined Entitlements with AWS Lake Formation - Anusha Dwivedula
Streamlined Entitlements with AWS Lake Formation - Anusha Dwivedula
 
Steve Seaney_AWS Control Tower - 2023 Midwest Community Day - Final.pptx
Steve Seaney_AWS Control Tower - 2023 Midwest Community Day - Final.pptxSteve Seaney_AWS Control Tower - 2023 Midwest Community Day - Final.pptx
Steve Seaney_AWS Control Tower - 2023 Midwest Community Day - Final.pptx
 
Saurabh_Shanbhag - Building_SaaS_on_AWS.pptx
Saurabh_Shanbhag - Building_SaaS_on_AWS.pptxSaurabh_Shanbhag - Building_SaaS_on_AWS.pptx
Saurabh_Shanbhag - Building_SaaS_on_AWS.pptx
 
Sanket_Nasre_Simplify Modernization.pdf
Sanket_Nasre_Simplify Modernization.pdfSanket_Nasre_Simplify Modernization.pdf
Sanket_Nasre_Simplify Modernization.pdf
 
Ross Stuart_Using ML to Solve Lifes Problems.pptx
Ross Stuart_Using ML to Solve Lifes Problems.pptxRoss Stuart_Using ML to Solve Lifes Problems.pptx
Ross Stuart_Using ML to Solve Lifes Problems.pptx
 
robsable_Enhancing DevOps Practices with CloudWatch APM FINAL.pdf
robsable_Enhancing DevOps Practices with CloudWatch APM FINAL.pdfrobsable_Enhancing DevOps Practices with CloudWatch APM FINAL.pdf
robsable_Enhancing DevOps Practices with CloudWatch APM FINAL.pdf
 
Sanket_Nasre_Simplify Modernization.pdf
Sanket_Nasre_Simplify Modernization.pdfSanket_Nasre_Simplify Modernization.pdf
Sanket_Nasre_Simplify Modernization.pdf
 
Mohamed Wali_AWS Security Reference Architecture.pptx
Mohamed Wali_AWS Security Reference Architecture.pptxMohamed Wali_AWS Security Reference Architecture.pptx
Mohamed Wali_AWS Security Reference Architecture.pptx
 
Nick-Walter-HOB_Migrating_Dinosaurs.pptx
Nick-Walter-HOB_Migrating_Dinosaurs.pptxNick-Walter-HOB_Migrating_Dinosaurs.pptx
Nick-Walter-HOB_Migrating_Dinosaurs.pptx
 
Pat_Davies_AWSCostOptimization_Final.pdf
Pat_Davies_AWSCostOptimization_Final.pdfPat_Davies_AWSCostOptimization_Final.pdf
Pat_Davies_AWSCostOptimization_Final.pdf
 
MARK GAMBLE_ASC For Really Remote Edge Computing - AWS Community Day Chicago ...
MARK GAMBLE_ASC For Really Remote Edge Computing - AWS Community Day Chicago ...MARK GAMBLE_ASC For Really Remote Edge Computing - AWS Community Day Chicago ...
MARK GAMBLE_ASC For Really Remote Edge Computing - AWS Community Day Chicago ...
 
MichaelSoule-UsingJupyterNotebooks.pptx
MichaelSoule-UsingJupyterNotebooks.pptxMichaelSoule-UsingJupyterNotebooks.pptx
MichaelSoule-UsingJupyterNotebooks.pptx
 
Michal Brygidyn_CloudHackingScenarios.pdf
Michal Brygidyn_CloudHackingScenarios.pdfMichal Brygidyn_CloudHackingScenarios.pdf
Michal Brygidyn_CloudHackingScenarios.pdf
 
Kamil Kolodziejski_Structura-AWS.pptx
Kamil Kolodziejski_Structura-AWS.pptxKamil Kolodziejski_Structura-AWS.pptx
Kamil Kolodziejski_Structura-AWS.pptx
 
John Merline AWS Certification FAQ.pptx
John Merline AWS Certification FAQ.pptxJohn Merline AWS Certification FAQ.pptx
John Merline AWS Certification FAQ.pptx
 
JuliaFMorgado_Breaking_bad_habits.pptx
JuliaFMorgado_Breaking_bad_habits.pptxJuliaFMorgado_Breaking_bad_habits.pptx
JuliaFMorgado_Breaking_bad_habits.pptx
 

Recently uploaded

JMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and GrafanaJMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and Grafana
RTTS
 
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered QualitySoftware Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
Inflectra
 
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
Tobias Schneck
 
Future Visions: Predictions to Guide and Time Tech Innovation, Peter Udo Diehl
Future Visions: Predictions to Guide and Time Tech Innovation, Peter Udo DiehlFuture Visions: Predictions to Guide and Time Tech Innovation, Peter Udo Diehl
Future Visions: Predictions to Guide and Time Tech Innovation, Peter Udo Diehl
Peter Udo Diehl
 
Essentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with ParametersEssentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with Parameters
Safe Software
 

Recently uploaded (20)

Accelerate your Kubernetes clusters with Varnish Caching
Accelerate your Kubernetes clusters with Varnish CachingAccelerate your Kubernetes clusters with Varnish Caching
Accelerate your Kubernetes clusters with Varnish Caching
 
JMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and GrafanaJMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and Grafana
 
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered QualitySoftware Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
 
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
 
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
 
IOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptx
IOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptxIOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptx
IOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptx
 
Future Visions: Predictions to Guide and Time Tech Innovation, Peter Udo Diehl
Future Visions: Predictions to Guide and Time Tech Innovation, Peter Udo DiehlFuture Visions: Predictions to Guide and Time Tech Innovation, Peter Udo Diehl
Future Visions: Predictions to Guide and Time Tech Innovation, Peter Udo Diehl
 
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
 
Mission to Decommission: Importance of Decommissioning Products to Increase E...
Mission to Decommission: Importance of Decommissioning Products to Increase E...Mission to Decommission: Importance of Decommissioning Products to Increase E...
Mission to Decommission: Importance of Decommissioning Products to Increase E...
 
Key Trends Shaping the Future of Infrastructure.pdf
Key Trends Shaping the Future of Infrastructure.pdfKey Trends Shaping the Future of Infrastructure.pdf
Key Trends Shaping the Future of Infrastructure.pdf
 
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdfSmart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
 
ODC, Data Fabric and Architecture User Group
ODC, Data Fabric and Architecture User GroupODC, Data Fabric and Architecture User Group
ODC, Data Fabric and Architecture User Group
 
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
 
The Future of Platform Engineering
The Future of Platform EngineeringThe Future of Platform Engineering
The Future of Platform Engineering
 
"Impact of front-end architecture on development cost", Viktor Turskyi
"Impact of front-end architecture on development cost", Viktor Turskyi"Impact of front-end architecture on development cost", Viktor Turskyi
"Impact of front-end architecture on development cost", Viktor Turskyi
 
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
 
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
 
The Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and SalesThe Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and Sales
 
Essentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with ParametersEssentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with Parameters
 
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
 

David Kirk_Local Microservice Development in EKS.pdf

  • 2. About Me - 10 years as a Dev, 8 of which in DevOps - Staff Engineer at NTWRK - AWS & Kubernetes have been main focuses for 6 years - d@vidkirk.com or endlessbreadsticks@thankgoodnessitisifridays.com
  • 3. What’re we talkin’ about? - Describe the problem - how do we develop against EKS? - Attempted & Potential Solutions - Hybrid Environments - the solution we’re using at NTWRK - Case-study of how it’s implemented at NTWRK - Suggestions of quick wins w/ this technique
  • 4. I’ve done a talk like this before - I’ve learned lessons since then about how to do this better - That talk proposed something that took 6+ months to fully build - The goal here is to describe the solution and give practical wins you can bring home
  • 5. The Problem - Developing against EKS - Most development happens locally - Tools are designed with this in mind - Debuggers, profilers, build tools, etc - Developers are used to this mental framework - EKS is not running locally - But it’s where production is running - How do we bridge this gap? - Ideal solution is one that allows us to use EKS and local tools
  • 6. Why is this worth solving? - Reduce cognitive overhead - There’s a barrier to entry here - Worth it in the long run - fewer variations to consider - Minimize internal tooling & configuration complexity - The fewer environmental variations, the less work to align them - Devs get Ops experience - Hey look, it’s DevOps! - If devs gain k8s experience while dev-ing, they know better how to work with k8s in prod
  • 7. Summary of Goals - Easy to use & implement - Useful - Devs can tie their local machine into EKS - Ideally vice-versa as well
  • 8. High Level Solution - Redirect Traffic to Local - This is the basis for all proposed solutions - Run the thing you’re developing locally - Run everything else somewhere else - Send traffic that would go to the thing you’re developing to localhost Everything Else Runs Here Your Laptop Service A Service B Dummy Service C Actual Service C - Dummy service replaces yours in the cluster - Receives traffic like normal - Routes all traffic to your localhost Network Traffic
  • 9. Potential Solution: docker-compose - Pro: Simple to configure - It’s entry-level deployment yaml, IMO - Very readable, and in one file - Con: It’s not kubernetes - Duplicating configuration - effort to maintain - Devs aren’t exposed to kubernetes - Run everything not being actively developed in docker-compose - Substitute the thing you’re developing w/ an nginx container - Forward all traffic it gets to `host.docker.internal` - Run the thing you’re developing locally
  • 10. Potential Solution: Minikube - Pro: It’s kubernetes! - You get some kubernetes experience - But also you don’t get multi-node kubernetes - Con: Configuration complexity - All of your charts/definitions need to support both minikube & EKS - That’s gonna be some complex charts - Run everything not being actively developed in Minikube - Substitute the thing you’re developing w/ an nginx container - Redirect its traffic to `host.minikube.internal` - Run the thing you’re developing locally
  • 11. Running Everything Locally Has Limits - Things will get slow - You’re better at creating stuff for your CPU to do than Intel & Apple are at making CPUs that can do stuff fast - Even beefy machines will slow down - This slows down everything else around development - You can deploy subsets of services - Again introducing configuration complexity - Hard to maintain, prone to issues
  • 12. Proposed Solution - Hybrid EKS Development - Run everything in EKS except what you’re developing - Substitute the thing you’re developing w/ an nginx container - Forward all traffic it gets to your IP address - Run the thing you’re developing locally - Use a VPN to access the cluster - Reach into cluster w/ it - use k8s DNS for your cluster’s CIDR - Reach out of the cluster w/ it - use VPN IP addresses to talk to dev machines
  • 13. Exclusion & Interception - Two modes of network traffic interaction - These cover all of the use cases we’ve seen internally - Exclusion - Scale the deployment you’re developing to 0 - Run it locally, and use k8s DNS through the VPN to interact w/ cluster - Used if it doesn’t receive requests - e.g. Kafka Consumers & Cronjobs - Interception - Replace the pod you’re developing w/ nginx - Redirect that traffic to your laptop’s VPN IP address - Run it locally, again use k8s DNS through the VPN
  • 14. Exclusion & Interception Examples EKS Cluster Your Laptop Kafka Broker Service A Service B nginx Service C Actual Service C Network Traffic over VPN Consumer D - Exclude D - It doesn’t receive requests - it consumes from Kafka - Intercept C - Capture requests & send to local machine
  • 15. Case Study: Using this at NTWRK - We have “personal environments” - Single centralized helm repo defines everything that’s deployed - `make build-dev` builds all containers - `make deploy-dev` takes helm and deploys it into personal namespace - Intercept & Exclude at deploy time - `make deploy-dev-tailscale INTERCEPT=[chart_name]` - `make deploy-dev-tailscale EXCLUDE=[chart_name]` - Can intercept & exclude in one deployment
  • 16. Interception Details - How do we route that traffic to the VPN IP address? - We use Tailscale as our VPN - All examples will reference those specifics, but concepts can be tweaked based upon your needs - Replace containers in intercepted pod - nginx routes traffic to VPN IP address - set at deploy time - Tailscale side car gives nginx access to VPN over pod’s localhost
  • 17. Interception Details: Actual Code Edition Use this template if intercepting Default deployment configuration
  • 18. Interception Details: Actual Code Edition pt 2 Internal Traffic External Traffic Send it to local machine’s VPN IP
  • 19. Interception Details: Actual Code Edition pt 3 nginx container nginx configuration Tailscale sidecar grants VPN access
  • 20. Potential Quick Wins - You don’t need personal environments - Run command locally to intercept static environment - Could be staging or UAT - Be careful about collisions - Team-specific long-lived environments - Less concern about collisions