The document discusses the challenges, benefits, and complexities of microservices architecture, focusing on service mesh and Istio as a solution. It outlines key concepts such as service discovery, fault handling, security, and deployment strategies like blue-green and canary deployments. The presentation concludes with resources for further reading and emphasizes the importance of observability and technology choice in microservices deployment.

1. Microservices
the phantom menace
istio service mesh
the new hope

2. About me
Sergii Bishyr
Software engineer at Lohika
@BishyrS
seriybg@gmail.com
2

3. Agenda
• Challenges of Microservices
• Service Mesh
• Istio
• Demo
• Summary
3

4. Why Microservices?
• It’s a tend
• Make change less expensive
• Use right tool for the right task
• Scalability
• etc.
4

5. Why Microservices?
• It’s a tend
• Make change less expensive
• Use right tool for the right task
• Scalability
• etc.
5
Complexity it
introduces!

6. Microservices
6

7. Microservices
7

8. Service to Service communication
8

9. Service to Service communication
9

10. Service to Service communication
10

11. Service to Service communication
11

12. Service to Service communication
12

13. Service to Service communication
13

14. Service Discovery
14

15. Service Discovery
15
Service
Registry

16. Service Discovery
16
Service
Registry

17. Service Discovery
17
Service
Registry

18. Service Discovery
18
Service
Registry

19. Service Discovery
19
Service
Registry

20. Service Discovery
20
Service
Registry

21. Service Discovery
21
Service
Registry

22. Fault Handling
22

23. Fault Handling
23

24. Fault Handling
24

25. Fault Handling
25
Service A Service B

26. Fault Handling
26
Service A Service B

27. Fault Handling
Timeout
27
Service A Service B

28. Fault Handling
Timeout
Retry
28
Service A Service B

29. Fault Handling
29
Service A Service B

30. Fault Handling
30
Service A Service B

31. Fault Handling
31
Service A Service B

32. Fault Handling
32
Service A Service B

33. Circuit Breaker
33
Service A Service B

34. Testing
34

35. Testing
35

36. Testing
36

37. Testing
37

38. Testing
38

39. Chaos engineering
39

40. Chaos engineering
40

41. Chaos engineering
41

42. Release testing
42
Service A Service B v1

43. Release testing
43
Service A
Service B v1
Service B v2

44. Blue-Green Deployment
44
Service A
Service B v1
Service B v2
GREEN
BLUE

45. Blue-Green Deployment
45
TESTS
Service A
Service B v1
Service B v2
GREEN
BLUE

46. Blue-Green Deployment
46
Service A
Service B v1
Service B v2
GREEN
BLUE

47. Canary Deployment
47
Service A
Service B v1
Service B v2

48. Canary Deployment
48
Service A
Service B v1
Service B v2

49. Canary Deployment
49
Service A
Service B v1
Service B v2

50. Security
50

51. Security: Encryption
51
HTTPS

52. Security: Encryption
52
HTTPS

53. Security: Encryption
53
HTTPS
Certificate
Authority

54. Security: Encryption
54
HTTPS
Certificate
Authority

55. Security: Encryption
55
HTTPS
Certificate
Authority

56. Security: Identity
56
Service A Service B

57. Security: Identity
57
Service A Service B
Who are you?

58. Security: Identity
Auth
Service
58
Service A Service B

59. Security: Identity
Auth
Service
59
Service A Service B

60. Security: Identity
Auth
Service
60
Service A Service B

61. Security: Identity
Auth
Service
61
Service A Service B

62. Security: Identity
Auth
Service
62
Service A Service B
Hello C-3P0

63. Security: Identity
Auth
Service
63
Service A Service B

64. Security: Identity
Auth
Service
64
Service A Service B

65. Security: Identity
Auth
Service
65
Service A Service B

66. Security: Identity
Auth
Service
66
Service A Service B
Hello C-3P0

67. Troubleshooting
67

68. Troubleshooting
68

69. Troubleshooting
69

70. Troubleshooting
70

71. Troubleshooting
71
?
?
?
?
? ? ?
???

72. Distributed Tracing, Log Aggregation,
Monitoring
72

73. Let’s do this!
29

74. Client Library
74
Service
Discovery
Circuit
breaker
Tracing,
Metrics
etc.

75. Client Library
75
Service
Discovery
Circuit
breaker
Tracing,
Metrics
etc.

76. Client Library
76
Service
Discovery
Circuit breaker
Tracing,
Metrics
etc.

77. Polyglot architectures
77

78. Client Library
78

79. Sidecar Pattern
79

80. Sidecar Pattern
80

81. Sidecar Pattern
81

82. Service Mesh
82
Control Plane

83. Service Mesh
83
Control Plane
Configs

84. Service Mesh
84
Control Plane
Configs

85. ThoughtWorks Technology Radar
thoughtworks.com/radar/techniques/service-mesh 85

86. Meet Istio
istio.io
86

87. Istio Control Plane
Pilot Mixer Citadel
Configs Telemetry,
Policy checks
TLS certs
87

88. Istio Proxy
88

89. Istio
89
Pilot
Configs

90. ThoughtWorks Technology Radar
thoughtworks.com/radar/platforms/istio 90

91. Advanced routing
91
Service A
Service B v1

92. Advanced routing
92
Service A
Service B v1
Service B v2

93. Advanced routing
93
Service A
Service B v1
Service B v2

94. Advanced routing
94
Service A
Service B v1
Service B v2

95. Traffic mirroring
95
Service A
Service B v1

96. Traffic mirroring
96
Service A
Service B v1
Service B v2

97. Traffic mirroring
97
Service A
Service B v1
Service B v2

98. Resilience
Timeout: 1m, Retries: 5
98
Service A Service B

99. Resilience
Timeout: 1m, Retries: 5
Timeout: 15s, Retries: 3
99
Service A Service B

100. Fault injection
100

101. Fault injection
101

102. Fault injection
102

103. Circuit breaker
max connections
max pending requests
max requests
consecutive errors
103

104. Tracing, Logging, Metrics
Service Service Service
Istio Mixer
104

105. Tracing, Logging, Metrics
Service Service Service
Istio Mixer
Tracing
Metrics
Logging
etc.
105

106. Tracing, Logging, Metrics
Service Service Service
Istio Mixer
106

107. Security: mTLS
107
Istio Citadel

108. Security: mTLS
108
Istio Citadel

109. Security: mTLS
109
Istio Citadel

110. Security: mTLS
110
Istio Citadel

111. Security: JWT verification
Service
Identity
provider
111

112. Istio Key Concepts
112
The Cluster
SERVICE
SERVICE
SERVICEVIRTUAL
SERVICE
DESTINATION
RULE
GATEWAY SERVICE
ENTRY
POLICIES

113. Not so long time ago, in a company
far far away…
(DEMO TIME)
github.com/SeriyBg/starwars-istio 113

114. 114github.com/SeriyBg/starwars-istio
demo.javadayistio.com

115. 115
Summary
● Focus on business logic
● Freedom to choose any technology stack
● Observability out of the box
● Solve most of the microservices problems
(but not all of them)
Choose wisely.
You are responsible for your application!

116. Resources
• Official Istio blog
istio.io/blog
• “Istio in Action” by Christian Posta
manning.com/books/istio-in-action
• Christian Posta’s blog
blog.christianposta.com/tags/#istio
• Red Hat Developers blog
developers.redhat.com/topics/service-mesh
116

117. Thank You!
@BishyrS
seriybg@gmail.com
Any questions do you have?
117