SlideShare a Scribd company logo

Get Started Service Mesh with Kubernetes and Istio

Download as PPTX, PDF
Larry Cai
Larry Cai

it is the slides for public meetup https://www.meetup.com/stockholm-hug/events/262285559/

Presentations & Public Speaking
1 of 21
Get Started Service Mesh with Kubernetes and Istio by Larry Cai Open Big Data Architecture by Rockie Yang Jun 27th Thursday 6:00PM Hammarby Kaj 10D, Stockholm
Profile — An open source, collaboration & Agile evangelist. Software practice pioneering, aims to discover the best suitable methods and tools to improve the efficiency of software development. — Competence — CI & Automation & Cloud — Lead the technical changes — Agile, CI, Git, docker Linkedin: https://www.linkedin.com/in/larrycaiyu/ Materials and all demos https://gitlab.com/larrycai/istio-meetup
Agenda • Docker, Kubernetes and Microservice .. • What are Istio and service mesh/sidecar • Demo (use istio for canary deployment) • Summary img: https://en.wikipedia.org/wiki/Rolf_Steinhausen
• Size: VM 1G -> Docker 100M • Speed (start time): VM 1 min -> Docker 1 sec • … What is docker? — Package SW inside container and deliver & deploy into cloud — Docker (container) is similar to VM, cloud technology
app1 (docker) app1 (docker) What is Kubernetes • Kubernetes: container platform Docker container kubernetes app1 (docker) HW Infra
What is Service/Microservices • Microservices or microservice architecture, is an approach to application development in which a large application is built as a suite of modular components or services. Microservices
What can support services better in kubernetes • One pod contains one container? • When do we use one pod to have several containers • How can I just focus on service? • Log, monitor, traffic flow … • Are there any layer/framework to simplify … A service mesh is a dedicated infrastructure layer for making service-to- service communication safe, fast, and reliable. Istio is one service mesh framework
What is Istio • Istio : an open source service mesh designed to make it easier to connect, manage and secure traffic between, and obtain telemetry about microservices running in containers. • logically split into a data plane and a control plane • Sidecar is injected into pod with real service source https://glasnostic.com/blog/kubernetes-service-mesh-what-is-istio https://istio.io/blog/2019/data-plane-setup/ https://en.wikipedia.org/wiki/Rolf_Steinhausen Data traffic 1 Pod has 2 containers (service + sidecar)
• http://meet.up portal (web application) v1, planned to deploy to v2 • The docker images for v1, v2 are ready in advance • larrycai/istio-meetup:v1 • larrycai/istio-meetup:v2 Use case: Service deployment using istio
Canary deployment with strategy • Canary deployment choose sample sets to deploy and gain more validation/feedback to continue • Sample sets strategy example • User type based: Normal user vs, VIP • Geography based: Kista -> Sweden -> EU .. • …. • Monitor strategy • Use k8s grafana/prometheus • AI connected • Istio service mesh More in youtube: https://www.youtube.com/watch?v=uxiTzwjf7Eg
• http://meet.up portal (web application) v1, planned to deploy to v2 • The docker image for v1, v2 are ready in advance, plan to do canary deployment using istio • Deployment strategy (simulated in simple): • Only Firefox browser will access v2 • Other browsers still access v1 Use case: Service deployment using istio
Demo steps in high-level • Install istio packages into existing k8s environment (all needed service) • Use traditional way to deploy v1 and access it • Use istio way to deploy v1 and access it • Canary deploy the v2 • Complete the deployment (switch all traffic to v2) • Monitor in istio platform (kiali/Grafana)
Demo environment • Minikube/Virtualbox @ Windows 10 • All the tools (helm, kubectl, istio are installed inside VM) • Codes are shared from Windows to VM • Port forwarding to access the internal port (VPN issue) • MobaXterm • Version • Istio 1.1.6 • Kubernetes 1.14.0 • Minikube 1.0.0 Materials and all demos https://gitlab.com/larrycai/istio-meetup
Install Istio • Install istio binary directly from https://github.com/istio/istio/releases • $ curl -L -O https://github.com/istio/istio/releases/download/1.1.6/istio-1.1.6-linux.tar.gz $ gunzip < istio-1.1.6-linux.tar.gz | tar xvf - # windows minikube doesn't have gnu tar with -z $ sudo cp istio-1.1.6/bin/istioctl /usr/bin # or other folder in your path • $ kubectl apply -f install/kubernetes/istio-demo.yaml namespace/istio-system created • $ kubectl get svc -n istio-system .. grafana ClusterIP 10.110.242.119 <none> 3000/TCP istio-citadel ClusterIP 10.107.79.4 <none> 8060/TCP,15014/TCP istio-egressgateway ClusterIP 10.106.150.99 <none> 80/TCP,443/TCP,15443/TCP istio-galley ClusterIP 10.96.7.103 <none> 443/TCP,15014/TCP,9901/TCP istio-pilot ClusterIP 10.111.223.158 <none> 15010/TCP,15011/TCP,8080/TCP,15014/TCP istio-policy ClusterIP 10.99.92.37 <none> 9091/TCP,15004/TCP,15014/TCP ... istio-ingressgateway LoadBalancer 10.108.74.19 <pending> 15020:30551/TCP,80:31380/TCP,.. ... kiali ClusterIP 10.111.53.120 <none> 20001/TCP • The components in istio can be customized
Install meet.up web app v1 • Simple deployment and expose as nodeport for testing • $ kubectl apply -f istio/meetup-v1.yaml $ kubectl apply -f istio/meetup-nodeport.yaml
Demo steps in high-level • Install istio packages into existing k8s environment (all needed service) • Use traditional way to deploy v1 and access it • Use istio way to deploy v1 and access it • Canary deploy the v2 • Complete the deployment (switch all traffic to v2) • Monitor in istio platform (kiali/Grafana)
Using istio way to install service • Inject the istio sidecar into original deployment • Orig: kubectl create -f istio/meetup-v1.yaml • New: kubectl create -f <(istioctl kube-inject -f istio/meetup-v1.yaml) • Create DestinationRule, Gateway for virtualservice • $ kubectl apply -f istio/meetup-destination-v1.yaml $ kubectl apply -f istio/meetup-gateway.yaml $ kubectl apply -f istio/meetup-service-all-v1.yaml Old traffic flow Istio traffic flow
Canary deployment • Deploy v2 version and route traffic from Firefox to v2 • Both v1,v2 service are deployed • $ kubectl apply -f <(istioctl kube-inject -f istio/meetup-v2.yaml) $ kubectl apply -f istio/meetup-destination-all.yaml $ kubectl apply -f istio/meetup-service-firefox-v2.yaml
What happens and benefit • Istio let service to focus on the business, leave the common things to the framework • Traffic control, Load balance, authentication, Monitoring • No/Less extra coding inside original service Sidecar (injected) Original service (stay in same pod)
Summary • Docker/kubernetes provides flexible deployment for your services • Istio (one of the nice tool in k8s) makes it easy to create a network of deployed services with load balancing, service-to-service authentication, monitoring, and more, with few or no code changes in service code. • More features or tools (like istio) will come out in kubernetes • Using Service Mesh will be much more simple for end-user
Profile — An open source, collaboration & Agile evangelist. Software practice pioneering, aims to discover the best suitable methods and tools to improve the efficiency of software development. — Competence — CI & Automation & Cloud — Lead the technical changes — Agile, CI, Git, docker Linkedin: https://www.linkedin.com/in/larrycaiyu/ Materials and all demos https://gitlab.com/larrycai/istio-meetup

Recommended

Learn kubernetes in 90 minutes
Learn kubernetes in 90 minutesLearn kubernetes in 90 minutes
Learn kubernetes in 90 minutes
Larry Cai
 
Learn jobDSL for Jenkins
Learn jobDSL for JenkinsLearn jobDSL for Jenkins
Learn jobDSL for Jenkins
Larry Cai
 
Learn RabbitMQ with Python in 90mins
Learn RabbitMQ with Python in 90minsLearn RabbitMQ with Python in 90mins
Learn RabbitMQ with Python in 90mins
Larry Cai
 
Learn flask in 90mins
Learn flask in 90minsLearn flask in 90mins
Learn flask in 90mins
Larry Cai
 
Learn ELK in docker
Learn ELK in dockerLearn ELK in docker
Learn ELK in docker
Larry Cai
 
Software Engineer Talk
Software Engineer TalkSoftware Engineer Talk
Software Engineer Talk
Larry Cai
 
Learn nginx in 90mins
Learn nginx in 90minsLearn nginx in 90mins
Learn nginx in 90mins
Larry Cai
 
Learn basic ansible using docker
Learn basic ansible using dockerLearn basic ansible using docker
Learn basic ansible using docker
Larry Cai
 

Recommended

Learn kubernetes in 90 minutes
Learn kubernetes in 90 minutesLearn kubernetes in 90 minutes
Learn kubernetes in 90 minutes
Larry Cai
 
Learn jobDSL for Jenkins
Learn jobDSL for JenkinsLearn jobDSL for Jenkins
Learn jobDSL for Jenkins
Larry Cai
 
Learn RabbitMQ with Python in 90mins
Learn RabbitMQ with Python in 90minsLearn RabbitMQ with Python in 90mins
Learn RabbitMQ with Python in 90mins
Larry Cai
 
Learn flask in 90mins
Learn flask in 90minsLearn flask in 90mins
Learn flask in 90mins
Larry Cai
 
Learn ELK in docker
Learn ELK in dockerLearn ELK in docker
Learn ELK in docker
Larry Cai
 
Software Engineer Talk
Software Engineer TalkSoftware Engineer Talk
Software Engineer Talk
Larry Cai
 
Learn nginx in 90mins
Learn nginx in 90minsLearn nginx in 90mins
Learn nginx in 90mins
Larry Cai
 
Learn basic ansible using docker
Learn basic ansible using dockerLearn basic ansible using docker
Learn basic ansible using docker
Larry Cai
 
Build service with_docker_in_90mins
Build service with_docker_in_90minsBuild service with_docker_in_90mins
Build service with_docker_in_90mins
Larry Cai
 
Learn docker in 90 minutes
Learn docker in 90 minutesLearn docker in 90 minutes
Learn docker in 90 minutes
Larry Cai
 
Learn Dashing Widget in 90 minutes
Learn Dashing Widget in 90 minutesLearn Dashing Widget in 90 minutes
Learn Dashing Widget in 90 minutes
Larry Cai
 
Learn REST API with Python
Learn REST API with PythonLearn REST API with Python
Learn REST API with Python
Larry Cai
 
Jenkins Scriptler in 90mins
Jenkins Scriptler in 90minsJenkins Scriptler in 90mins
Jenkins Scriptler in 90mins
Larry Cai
 
Python virtualenv & pip in 90 minutes
Python virtualenv & pip in 90 minutesPython virtualenv & pip in 90 minutes
Python virtualenv & pip in 90 minutes
Larry Cai
 
Lead changes in software development
Lead changes in software developmentLead changes in software development
Lead changes in software development
Larry Cai
 
Python in 90mins
Python in 90minsPython in 90mins
Python in 90mins
Larry Cai
 
Practical way to experience of Specification by Example
Practical way to experience of Specification by ExamplePractical way to experience of Specification by Example
Practical way to experience of Specification by Example
Larry Cai
 
Experience from specification_by_examples
Experience from specification_by_examplesExperience from specification_by_examples
Experience from specification_by_examples
Larry Cai
 
Write book in markdown
Write book in markdownWrite book in markdown
Write book in markdown
Larry Cai
 
Continuous Integration Introduction
Continuous Integration IntroductionContinuous Integration Introduction
Continuous Integration Introduction
Larry Cai
 
Agile & ALM tools
Agile & ALM toolsAgile & ALM tools
Agile & ALM tools
Larry Cai
 
Understanding Poverty: A Community Questionnaire
Understanding Poverty: A Community QuestionnaireUnderstanding Poverty: A Community Questionnaire
Understanding Poverty: A Community Questionnaire
bazilnaeem7
 
The Canoga Gardens Development Project. PDF
The Canoga Gardens Development Project. PDFThe Canoga Gardens Development Project. PDF
The Canoga Gardens Development Project. PDF
Rahsaan L. Browne
 
ServiceNow CIS-Discovery Exam Dumps 2024
ServiceNow CIS-Discovery Exam Dumps 2024ServiceNow CIS-Discovery Exam Dumps 2024
ServiceNow CIS-Discovery Exam Dumps 2024
SkillCertProExams
 
Cymulate (Breach and Attack Simulation).
Cymulate (Breach and Attack Simulation).Cymulate (Breach and Attack Simulation).
Cymulate (Breach and Attack Simulation).
luckyk1575
 
527598851-ppc-due-to-various-govt-policies.pdf
527598851-ppc-due-to-various-govt-policies.pdf527598851-ppc-due-to-various-govt-policies.pdf
527598851-ppc-due-to-various-govt-policies.pdf
rajpreetkaur75080
 
Oracle Database Administration I (1Z0-082) Exam Dumps 2024.pdf
Oracle Database Administration I (1Z0-082) Exam Dumps 2024.pdfOracle Database Administration I (1Z0-082) Exam Dumps 2024.pdf
Oracle Database Administration I (1Z0-082) Exam Dumps 2024.pdf
SkillCertProExams
 
The Influence and Evolution of Mogul Press in Contemporary Public Relations.docx
The Influence and Evolution of Mogul Press in Contemporary Public Relations.docxThe Influence and Evolution of Mogul Press in Contemporary Public Relations.docx
The Influence and Evolution of Mogul Press in Contemporary Public Relations.docx
Mogul Press
 
Writing Sample 2 -Bridging the Divide: Enhancing Public Engagement in Urban D...
Writing Sample 2 -Bridging the Divide: Enhancing Public Engagement in Urban D...Writing Sample 2 -Bridging the Divide: Enhancing Public Engagement in Urban D...
Writing Sample 2 -Bridging the Divide: Enhancing Public Engagement in Urban D...
Rahsaan L. Browne
 
Deciding The Topic of our Magazine.pptx.
Deciding The Topic of our Magazine.pptx.Deciding The Topic of our Magazine.pptx.
Deciding The Topic of our Magazine.pptx.
bazilnaeem7
 

More Related Content

More from Larry Cai

Learn REST API with Python
Learn REST API with PythonLearn REST API with Python
Learn REST API with Python
Larry Cai
 
Practical way to experience of Specification by Example
Practical way to experience of Specification by ExamplePractical way to experience of Specification by Example
Practical way to experience of Specification by Example
Larry Cai
 
Experience from specification_by_examples
Experience from specification_by_examplesExperience from specification_by_examples
Experience from specification_by_examples
Larry Cai
 

More from Larry Cai (13)

Build service with_docker_in_90mins
Build service with_docker_in_90minsBuild service with_docker_in_90mins
Build service with_docker_in_90mins
 
Learn docker in 90 minutes
Learn docker in 90 minutesLearn docker in 90 minutes
Learn docker in 90 minutes
 
Learn Dashing Widget in 90 minutes
Learn Dashing Widget in 90 minutesLearn Dashing Widget in 90 minutes
Learn Dashing Widget in 90 minutes
 
Learn REST API with Python
Learn REST API with PythonLearn REST API with Python
Learn REST API with Python
 
Jenkins Scriptler in 90mins
Jenkins Scriptler in 90minsJenkins Scriptler in 90mins
Jenkins Scriptler in 90mins
 
Python virtualenv & pip in 90 minutes
Python virtualenv & pip in 90 minutesPython virtualenv & pip in 90 minutes
Python virtualenv & pip in 90 minutes
 
Lead changes in software development
Lead changes in software developmentLead changes in software development
Lead changes in software development
 
Python in 90mins
Python in 90minsPython in 90mins
Python in 90mins
 
Practical way to experience of Specification by Example
Practical way to experience of Specification by ExamplePractical way to experience of Specification by Example
Practical way to experience of Specification by Example
 
Experience from specification_by_examples
Experience from specification_by_examplesExperience from specification_by_examples
Experience from specification_by_examples
 
Write book in markdown
Write book in markdownWrite book in markdown
Write book in markdown
 
Continuous Integration Introduction
Continuous Integration IntroductionContinuous Integration Introduction
Continuous Integration Introduction
 
Agile & ALM tools
Agile & ALM toolsAgile & ALM tools
Agile & ALM tools
 

Recently uploaded

Cymulate (Breach and Attack Simulation).
Cymulate (Breach and Attack Simulation).Cymulate (Breach and Attack Simulation).
Cymulate (Breach and Attack Simulation).
luckyk1575
 
527598851-ppc-due-to-various-govt-policies.pdf
527598851-ppc-due-to-various-govt-policies.pdf527598851-ppc-due-to-various-govt-policies.pdf
527598851-ppc-due-to-various-govt-policies.pdf
rajpreetkaur75080
 
Writing Sample 2 -Bridging the Divide: Enhancing Public Engagement in Urban D...
Writing Sample 2 -Bridging the Divide: Enhancing Public Engagement in Urban D...Writing Sample 2 -Bridging the Divide: Enhancing Public Engagement in Urban D...
Writing Sample 2 -Bridging the Divide: Enhancing Public Engagement in Urban D...
Rahsaan L. Browne
 
ACM CHT Best Inspection Practices Kinben Innovation MIC Slideshare.pdf
ACM CHT Best Inspection Practices Kinben Innovation MIC Slideshare.pdfACM CHT Best Inspection Practices Kinben Innovation MIC Slideshare.pdf
ACM CHT Best Inspection Practices Kinben Innovation MIC Slideshare.pdf
Kinben Innovation Private Limited
 

Recently uploaded (14)

Understanding Poverty: A Community Questionnaire
Understanding Poverty: A Community QuestionnaireUnderstanding Poverty: A Community Questionnaire
Understanding Poverty: A Community Questionnaire
 
The Canoga Gardens Development Project. PDF
The Canoga Gardens Development Project. PDFThe Canoga Gardens Development Project. PDF
The Canoga Gardens Development Project. PDF
 
ServiceNow CIS-Discovery Exam Dumps 2024
ServiceNow CIS-Discovery Exam Dumps 2024ServiceNow CIS-Discovery Exam Dumps 2024
ServiceNow CIS-Discovery Exam Dumps 2024
 
Cymulate (Breach and Attack Simulation).
Cymulate (Breach and Attack Simulation).Cymulate (Breach and Attack Simulation).
Cymulate (Breach and Attack Simulation).
 
527598851-ppc-due-to-various-govt-policies.pdf
527598851-ppc-due-to-various-govt-policies.pdf527598851-ppc-due-to-various-govt-policies.pdf
527598851-ppc-due-to-various-govt-policies.pdf
 
Oracle Database Administration I (1Z0-082) Exam Dumps 2024.pdf
Oracle Database Administration I (1Z0-082) Exam Dumps 2024.pdfOracle Database Administration I (1Z0-082) Exam Dumps 2024.pdf
Oracle Database Administration I (1Z0-082) Exam Dumps 2024.pdf
 
The Influence and Evolution of Mogul Press in Contemporary Public Relations.docx
The Influence and Evolution of Mogul Press in Contemporary Public Relations.docxThe Influence and Evolution of Mogul Press in Contemporary Public Relations.docx
The Influence and Evolution of Mogul Press in Contemporary Public Relations.docx
 
Writing Sample 2 -Bridging the Divide: Enhancing Public Engagement in Urban D...
Writing Sample 2 -Bridging the Divide: Enhancing Public Engagement in Urban D...Writing Sample 2 -Bridging the Divide: Enhancing Public Engagement in Urban D...
Writing Sample 2 -Bridging the Divide: Enhancing Public Engagement in Urban D...
 
Deciding The Topic of our Magazine.pptx.
Deciding The Topic of our Magazine.pptx.Deciding The Topic of our Magazine.pptx.
Deciding The Topic of our Magazine.pptx.
 
OC Streetcar Final Presentation-Downtown Santa Ana
OC Streetcar Final Presentation-Downtown Santa AnaOC Streetcar Final Presentation-Downtown Santa Ana
OC Streetcar Final Presentation-Downtown Santa Ana
 
05232024 Joint Meeting - Community Networking
05232024 Joint Meeting - Community Networking05232024 Joint Meeting - Community Networking
05232024 Joint Meeting - Community Networking
 
Breathing in New Life_ Part 3 05 22 2024.pptx
Breathing in New Life_ Part 3 05 22 2024.pptxBreathing in New Life_ Part 3 05 22 2024.pptx
Breathing in New Life_ Part 3 05 22 2024.pptx
 
art integrated project of computer applications
art integrated project of computer applicationsart integrated project of computer applications
art integrated project of computer applications
 
ACM CHT Best Inspection Practices Kinben Innovation MIC Slideshare.pdf
ACM CHT Best Inspection Practices Kinben Innovation MIC Slideshare.pdfACM CHT Best Inspection Practices Kinben Innovation MIC Slideshare.pdf
ACM CHT Best Inspection Practices Kinben Innovation MIC Slideshare.pdf
 

Get Started Service Mesh with Kubernetes and Istio

  • 1. Get Started Service Mesh with Kubernetes and Istio by Larry Cai Open Big Data Architecture by Rockie Yang Jun 27th Thursday 6:00PM Hammarby Kaj 10D, Stockholm
  • 2. Profile — An open source, collaboration & Agile evangelist. Software practice pioneering, aims to discover the best suitable methods and tools to improve the efficiency of software development. — Competence — CI & Automation & Cloud — Lead the technical changes — Agile, CI, Git, docker Linkedin: https://www.linkedin.com/in/larrycaiyu/ Materials and all demos https://gitlab.com/larrycai/istio-meetup
  • 3. Agenda • Docker, Kubernetes and Microservice .. • What are Istio and service mesh/sidecar • Demo (use istio for canary deployment) • Summary img: https://en.wikipedia.org/wiki/Rolf_Steinhausen
  • 4. • Size: VM 1G -> Docker 100M • Speed (start time): VM 1 min -> Docker 1 sec • … What is docker? — Package SW inside container and deliver & deploy into cloud — Docker (container) is similar to VM, cloud technology
  • 5. app1 (docker) app1 (docker) What is Kubernetes • Kubernetes: container platform Docker container kubernetes app1 (docker) HW Infra
  • 6. What is Service/Microservices • Microservices or microservice architecture, is an approach to application development in which a large application is built as a suite of modular components or services. Microservices
  • 7. What can support services better in kubernetes • One pod contains one container? • When do we use one pod to have several containers • How can I just focus on service? • Log, monitor, traffic flow … • Are there any layer/framework to simplify … A service mesh is a dedicated infrastructure layer for making service-to- service communication safe, fast, and reliable. Istio is one service mesh framework
  • 8. What is Istio • Istio : an open source service mesh designed to make it easier to connect, manage and secure traffic between, and obtain telemetry about microservices running in containers. • logically split into a data plane and a control plane • Sidecar is injected into pod with real service source https://glasnostic.com/blog/kubernetes-service-mesh-what-is-istio https://istio.io/blog/2019/data-plane-setup/ https://en.wikipedia.org/wiki/Rolf_Steinhausen Data traffic 1 Pod has 2 containers (service + sidecar)
  • 9. • http://meet.up portal (web application) v1, planned to deploy to v2 • The docker images for v1, v2 are ready in advance • larrycai/istio-meetup:v1 • larrycai/istio-meetup:v2 Use case: Service deployment using istio
  • 10. Canary deployment with strategy • Canary deployment choose sample sets to deploy and gain more validation/feedback to continue • Sample sets strategy example • User type based: Normal user vs, VIP • Geography based: Kista -> Sweden -> EU .. • …. • Monitor strategy • Use k8s grafana/prometheus • AI connected • Istio service mesh More in youtube: https://www.youtube.com/watch?v=uxiTzwjf7Eg
  • 11. • http://meet.up portal (web application) v1, planned to deploy to v2 • The docker image for v1, v2 are ready in advance, plan to do canary deployment using istio • Deployment strategy (simulated in simple): • Only Firefox browser will access v2 • Other browsers still access v1 Use case: Service deployment using istio
  • 12. Demo steps in high-level • Install istio packages into existing k8s environment (all needed service) • Use traditional way to deploy v1 and access it • Use istio way to deploy v1 and access it • Canary deploy the v2 • Complete the deployment (switch all traffic to v2) • Monitor in istio platform (kiali/Grafana)
  • 13. Demo environment • Minikube/Virtualbox @ Windows 10 • All the tools (helm, kubectl, istio are installed inside VM) • Codes are shared from Windows to VM • Port forwarding to access the internal port (VPN issue) • MobaXterm • Version • Istio 1.1.6 • Kubernetes 1.14.0 • Minikube 1.0.0 Materials and all demos https://gitlab.com/larrycai/istio-meetup
  • 14. Install Istio • Install istio binary directly from https://github.com/istio/istio/releases • $ curl -L -O https://github.com/istio/istio/releases/download/1.1.6/istio-1.1.6-linux.tar.gz $ gunzip < istio-1.1.6-linux.tar.gz | tar xvf - # windows minikube doesn't have gnu tar with -z $ sudo cp istio-1.1.6/bin/istioctl /usr/bin # or other folder in your path • $ kubectl apply -f install/kubernetes/istio-demo.yaml namespace/istio-system created • $ kubectl get svc -n istio-system .. grafana ClusterIP 10.110.242.119 <none> 3000/TCP istio-citadel ClusterIP 10.107.79.4 <none> 8060/TCP,15014/TCP istio-egressgateway ClusterIP 10.106.150.99 <none> 80/TCP,443/TCP,15443/TCP istio-galley ClusterIP 10.96.7.103 <none> 443/TCP,15014/TCP,9901/TCP istio-pilot ClusterIP 10.111.223.158 <none> 15010/TCP,15011/TCP,8080/TCP,15014/TCP istio-policy ClusterIP 10.99.92.37 <none> 9091/TCP,15004/TCP,15014/TCP ... istio-ingressgateway LoadBalancer 10.108.74.19 <pending> 15020:30551/TCP,80:31380/TCP,.. ... kiali ClusterIP 10.111.53.120 <none> 20001/TCP • The components in istio can be customized
  • 15. Install meet.up web app v1 • Simple deployment and expose as nodeport for testing • $ kubectl apply -f istio/meetup-v1.yaml $ kubectl apply -f istio/meetup-nodeport.yaml
  • 16. Demo steps in high-level • Install istio packages into existing k8s environment (all needed service) • Use traditional way to deploy v1 and access it • Use istio way to deploy v1 and access it • Canary deploy the v2 • Complete the deployment (switch all traffic to v2) • Monitor in istio platform (kiali/Grafana)
  • 17. Using istio way to install service • Inject the istio sidecar into original deployment • Orig: kubectl create -f istio/meetup-v1.yaml • New: kubectl create -f <(istioctl kube-inject -f istio/meetup-v1.yaml) • Create DestinationRule, Gateway for virtualservice • $ kubectl apply -f istio/meetup-destination-v1.yaml $ kubectl apply -f istio/meetup-gateway.yaml $ kubectl apply -f istio/meetup-service-all-v1.yaml Old traffic flow Istio traffic flow
  • 18. Canary deployment • Deploy v2 version and route traffic from Firefox to v2 • Both v1,v2 service are deployed • $ kubectl apply -f <(istioctl kube-inject -f istio/meetup-v2.yaml) $ kubectl apply -f istio/meetup-destination-all.yaml $ kubectl apply -f istio/meetup-service-firefox-v2.yaml
  • 19. What happens and benefit • Istio let service to focus on the business, leave the common things to the framework • Traffic control, Load balance, authentication, Monitoring • No/Less extra coding inside original service Sidecar (injected) Original service (stay in same pod)
  • 20. Summary • Docker/kubernetes provides flexible deployment for your services • Istio (one of the nice tool in k8s) makes it easy to create a network of deployed services with load balancing, service-to-service authentication, monitoring, and more, with few or no code changes in service code. • More features or tools (like istio) will come out in kubernetes • Using Service Mesh will be much more simple for end-user
  • 21. Profile — An open source, collaboration & Agile evangelist. Software practice pioneering, aims to discover the best suitable methods and tools to improve the efficiency of software development. — Competence — CI & Automation & Cloud — Lead the technical changes — Agile, CI, Git, docker Linkedin: https://www.linkedin.com/in/larrycaiyu/ Materials and all demos https://gitlab.com/larrycai/istio-meetup

Editor's Notes

  1. https://www.tokkoro.com/3072950-bench_camping_forest_green_greenery_tall_trees_woods.html