Microservices the right way: an introduction to Istio

•Download as PPTX, PDF•

0 likes•245 views

Istio is a platform that provides traffic management, security, and observability for microservices. It addresses challenges of transitioning monolithic applications to distributed microservices. Istio uses Envoy proxies as sidecars to mediate network communication between services and Mixer for policy enforcement and telemetry collection. The control plane manages and configures proxies and Mixers. Istio enables features like traffic management, discovery, policies, security and telemetry collection.

Technology

#sunnytech
Microservices the
right way: an
introduction to Istio
Sunny-tech 2018
Laurent Grangeau @laurentgrangeau
1

# whoami
Hello
Laurent Grangeau - CSA@Sogeti
I love to automate things and run apps at scale
You can find me at @laurentgrangeau
Laurent Grangeau
@laurentgran
geau
Cloud Solution
Architect

Istio
Istio addresses many of the challenges faced by
developers and operators as monolithic applications
transition towards a distributed microservice
architecture

Concepts
Split into a dataplane and a controlplane
- The data plane is composed of a set of intelligent
proxies (Envoy) deployed as sidecars that mediate and
control all network communication between
microservices, along with a general-purpose policy and
telemetry hub (Mixer).
- The control plane is responsible for managing and
configuring proxies to route traffic, and configuring
Mixers to enforce policies and collect telemetry.

Core components
- Envoy
- Sidecar proxies per microservice to handle ingress/egress traffic between
services in the cluster and from a service to external services.
- Mixer
- Central component that is leveraged by the proxies and microservices to
enforce policies.
- Pilot
- A component responsible for configuring the proxies at runtime.
- Citadel
- A centralized component responsible for certificate issuance and rotation.
- Node agent
- A per-node component responsible for certificate issuance and rotation.
- Broker
- A component implementing the Open Service Broker API for Istio-based
services. (WIP)

Concepts
Enables:
- Traffic management
- Discovery, Rich layer-7 routing, Circuit breaker
- Policies and controls
- Policy enforcement
- Metrics, logs and traces
- Request tracing, Telemetry recording/reporting
- Security
- Authorization, Authentication, Rate limit, Quotas

The current landscape of Internet of Things (IoT) applications is extremely fragmented because we are still experimenting to discover the correct mix for our respective markets. Unfortunately in the IoT world, one solution does not fit all.We need much more clarity in understanding the challenges of IoT application development, both in terms of technical feasibility as well as business opportunities. In our talk we present a toolkit approach towards accelerating IoT applications by leveraging modular components that can effectively accelerate go to market for end solutions.

Webinar on 2nd Open Call - Applications and Trials - slideset

symbiote-h2020

IRJET- IoT based Multi Sensory System to Enhance Railway Safety

IRJET Journal

IRJET- Traffic Prediction Techniques: Comprehensive analysis

IRJET Journal

Its architecturemohanad jaafar talib al-jandeel

APIdays Paris 2019 - Cloud native API Management for Microservices on a Servi...

apidays

Building an Enterprise Fiber Network for a Local Government, An Architectural...

The University of Texas (UTRGV)

Iit 1782 designing for the internet of things (io t) v4 gb

Graham Bleakley

IRJET- Improve Client Performance in Client Server Mobile Computing System us...

IRJET Journal

Ttg leaflet

Mehmet Beyaz

Entrepreneurship Strategies and Business Opportunities in Future Cities - CEL...

Future Cities Project

IRJET - Automobile Enhanced Security System using LabVIEW based on IoT

IRJET Journal

IRJET- Image Processing based Intelligent Traffic Control and Monitoring ...

IRJET Journal

Deployment of Intelligent Transport Systems Based on User Mobility to be Endo...

ijcnes

The emerging increase in vehicles and very high traffic, demands the need for improved Intelligent Transport Systems (ITS). The available ITSs do not meet all the requirements of the present day situation in providing safetravels and avoidance of congestionin spite of its limitations on road. Intelligent Transport Systemsrequiremore research and implementation of better solutions on the traffic network with increased mobility and more rapid acquisition of data by sense network technology. In this paper a review is made on the present ITS where research is required so that improvement in the course of implementing reality mining can enhance the behavior of ITS. This will breed a forward leap in the improvement of safety and convenience of personal and commercial travel and in turn guarantee an ultimate drop in fatality in the society.

A REVIEW ON IOT IN TRANSPORTATION SECTOR

Nancy Ideker

Software application architecture

anwitat

Network Monitoring and Traffic Reduction using Multi-Agent Technology

Eswar Publications

In this paper the algorithms which could improve Transmission band and Network Traffic reduction for computer network has been shown. Problem solving is an area with which many Multiagent-based applications are concerned. Multiagent systems are computational systems in which several agents interact or work together to achieve some purposes. It includes distributed solutions to problems, solving distributed problems and distributed techniques for problem solving. Multiagent using for maximizing group performance with planning, execution, monitoring, communication and coordination. This paper also addresses some critical issues in developing Multi agent-based traffic control and monitoring systems, such as interoperability, flexibility, and extendibility. Finally, several future research directions toward the successful deployment of Multiagent technology in traffic control and monitoring systems are discussed.

Securing the 5G growth story with NFVi (1).pdf

Security Gen

2020 became the year of 5G proliferation (as per Qualcomm study), while 2021 is about a rapid 5G rollout, vertical expansion, and advancing 5G systems with new capabilities. The same gets reflected in an August 2021 Gartner forecast that estimates 5G coverage in tier-1 cities across the US by 2024 will be 60%, besides predicting a revenue growth from $794 million to $1.6 billion in western Europe, by the year-end.

Understanding the Risks: Exploring 5G Vulnerabilities with SecurityGen

SecurityGen1

SecurityGen delves deep into the intricacies of 5G technology to uncover potential vulnerabilities that may compromise network security and data integrity. Our dedicated team of cybersecurity experts conducts rigorous assessments and threat analyses to identify and prioritize vulnerabilities across the 5G ecosystem. From protocol vulnerabilities to infrastructure weaknesses, SecurityGen offers comprehensive insights and solutions to address the diverse array of risks associated with 5G deployment.

Securing the 5G growth story with NFVi.pdf

Security Gen

DockerCon - The missing piece : when Docker networking unleashes software arc...

Laurent Grangeau

Meetup Openstack : At the heart of IT revolution

Laurent Grangeau

Similar to Microservices the right way: an introduction to Istio

Innovating with IoT: A Toolkit Approach

Atanu Roy Chowdhury

Webinar on 2nd Open Call - Applications and Trials - slideset

symbiote-h2020

IRJET- IoT based Multi Sensory System to Enhance Railway Safety

IRJET Journal

IRJET- Traffic Prediction Techniques: Comprehensive analysis

IRJET Journal

Its architecturemohanad jaafar talib al-jandeel

APIdays Paris 2019 - Cloud native API Management for Microservices on a Servi...

apidays

Building an Enterprise Fiber Network for a Local Government, An Architectural...

The University of Texas (UTRGV)

Iit 1782 designing for the internet of things (io t) v4 gb

Graham Bleakley

IRJET- Improve Client Performance in Client Server Mobile Computing System us...

IRJET Journal

Ttg leaflet

Mehmet Beyaz

Entrepreneurship Strategies and Business Opportunities in Future Cities - CEL...

Future Cities Project

IRJET - Automobile Enhanced Security System using LabVIEW based on IoT

IRJET Journal

IRJET- Image Processing based Intelligent Traffic Control and Monitoring ...

IRJET Journal

Deployment of Intelligent Transport Systems Based on User Mobility to be Endo...

ijcnes

A REVIEW ON IOT IN TRANSPORTATION SECTOR

Nancy Ideker

Software application architecture

anwitat

Network Monitoring and Traffic Reduction using Multi-Agent Technology

Eswar Publications

Securing the 5G growth story with NFVi (1).pdf

Security Gen

Understanding the Risks: Exploring 5G Vulnerabilities with SecurityGen

SecurityGen1

Securing the 5G growth story with NFVi.pdf

Security Gen

Similar to Microservices the right way: an introduction to Istio (20)

Innovating with IoT: A Toolkit Approach

Webinar on 2nd Open Call - Applications and Trials - slideset

IRJET- IoT based Multi Sensory System to Enhance Railway Safety

IRJET- Traffic Prediction Techniques: Comprehensive analysis

Its architecture

APIdays Paris 2019 - Cloud native API Management for Microservices on a Servi...

Building an Enterprise Fiber Network for a Local Government, An Architectural...

Iit 1782 designing for the internet of things (io t) v4 gb

IRJET- Improve Client Performance in Client Server Mobile Computing System us...

Ttg leaflet

Entrepreneurship Strategies and Business Opportunities in Future Cities - CEL...

IRJET - Automobile Enhanced Security System using LabVIEW based on IoT

IRJET- Image Processing based Intelligent Traffic Control and Monitoring ...

Deployment of Intelligent Transport Systems Based on User Mobility to be Endo...

A REVIEW ON IOT IN TRANSPORTATION SECTOR

Software application architecture

Network Monitoring and Traffic Reduction using Multi-Agent Technology

Securing the 5G growth story with NFVi (1).pdf

Understanding the Risks: Exploring 5G Vulnerabilities with SecurityGen

Securing the 5G growth story with NFVi.pdf

Recently uploaded

20240607 QFM018 Elixir Reading List May 2024

Matthew Sinclair

Uni Systems Copilot event_05062024_C.Vlachos.pdf

Uni Systems S.M.S.A.

UiPath Test Automation using UiPath Test Suite series, part 5

DianaGray10

GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024

Neo4j

みなさんこんにちはこれ何文字まで入るの？40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの？えこ...

名前です男

Epistemic Interaction - tuning interfaces to provide information for AI support

Alan Dix

Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024 https://alandix.com/academic/papers/synergy2024-epistemic/ As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.

Elizabeth Buie - Older adults: Are we really designing for our future selves?

Nexer Digital

zkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex Proofs

Alex Pruden

This paper presents Reef, a system for generating publicly verifiable succinct non-interactive zero-knowledge proofs that a committed document matches or does not match a regular expression. We describe applications such as proving the strength of passwords, the provenance of email despite redactions, the validity of oblivious DNS queries, and the existence of mutations in DNA. Reef supports the Perl Compatible Regular Expression syntax, including wildcards, alternation, ranges, capture groups, Kleene star, negations, and lookarounds. Reef introduces a new type of automata, Skipping Alternating Finite Automata (SAFA), that skips irrelevant parts of a document when producing proofs without undermining soundness, and instantiates SAFA with a lookup argument. Our experimental evaluation confirms that Reef can generate proofs for documents with 32M characters; the proofs are small and cheap to verify (under a second). Paper: https://eprint.iacr.org/2023/1886

GraphRAG is All You need? LLM & Knowledge Graph

Guy Korland

Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs. 1. Unifying Large Language Models and Knowledge Graphs: A Roadmap. https://arxiv.org/abs/2306.08302 2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs: https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/

Video Streaming: Then, Now, and in the Future

Alpen-Adria-Universität

In his public lecture, Christian Timmerer provides insights into the fascinating history of video streaming, starting from its humble beginnings before YouTube to the groundbreaking technologies that now dominate platforms like Netflix and ORF ON. Timmerer also presents provocative contributions of his own that have significantly influenced the industry. He concludes by looking at future challenges and invites the audience to join in a discussion.

How to Get CNIC Information System with Paksim Ga.pptx

danishmna97

Removing Uninteresting Bytes in Software Fuzzing

Aftab Hussain

Imagine a world where software fuzzing, the process of mutating bytes in test seeds to uncover hidden and erroneous program behaviors, becomes faster and more effective. A lot depends on the initial seeds, which can significantly dictate the trajectory of a fuzzing campaign, particularly in terms of how long it takes to uncover interesting behaviour in your code. We introduce DIAR, a technique designed to speedup fuzzing campaigns by pinpointing and eliminating those uninteresting bytes in the seeds. Picture this: instead of wasting valuable resources on meaningless mutations in large, bloated seeds, DIAR removes the unnecessary bytes, streamlining the entire process. In this work, we equipped AFL, a popular fuzzer, with DIAR and examined two critical Linux libraries -- Libxml's xmllint, a tool for parsing xml documents, and Binutil's readelf, an essential debugging and security analysis command-line tool used to display detailed information about ELF (Executable and Linkable Format). Our preliminary results show that AFL+DIAR does not only discover new paths more quickly but also achieves higher coverage overall. This work thus showcases how starting with lean and optimized seeds can lead to faster, more comprehensive fuzzing campaigns -- and DIAR helps you find such seeds. - These are slides of the talk given at IEEE International Conference on Software Testing Verification and Validation Workshop, ICSTW 2022.

Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!

SOFTTECHHUB

As the digital landscape continually evolves, operating systems play a critical role in shaping user experiences and productivity. The launch of Nitrux Linux 3.5.0 marks a significant milestone, offering a robust alternative to traditional systems such as Windows 11. This article delves into the essence of Nitrux Linux 3.5.0, exploring its unique features, advantages, and how it stands as a compelling choice for both casual users and tech enthusiasts.

Introduction to CHERI technology - Cybersecurity

mikeeftimakis1

20240609 QFM020 Irresponsible AI Reading List May 2024

Matthew Sinclair

Pushing the limits of ePRTC: 100ns holdover for 100 days

Adtran

Artificial Intelligence for XMLDevelopment

Octavian Nadolu

In the rapidly evolving landscape of technologies, XML continues to play a vital role in structuring, storing, and transporting data across diverse systems. The recent advancements in artificial intelligence (AI) present new methodologies for enhancing XML development workflows, introducing efficiency, automation, and intelligent capabilities. This presentation will outline the scope and perspective of utilizing AI in XML development. The potential benefits and the possible pitfalls will be highlighted, providing a balanced view of the subject. We will explore the capabilities of AI in understanding XML markup languages and autonomously creating structured XML content. Additionally, we will examine the capacity of AI to enrich plain text with appropriate XML markup. Practical examples and methodological guidelines will be provided to elucidate how AI can be effectively prompted to interpret and generate accurate XML markup. Further emphasis will be placed on the role of AI in developing XSLT, or schemas such as XSD and Schematron. We will address the techniques and strategies adopted to create prompts for generating code, explaining code, or refactoring the code, and the results achieved. The discussion will extend to how AI can be used to transform XML content. In particular, the focus will be on the use of AI XPath extension functions in XSLT, Schematron, Schematron Quick Fixes, or for XML content refactoring. The presentation aims to deliver a comprehensive overview of AI usage in XML development, providing attendees with the necessary knowledge to make informed decisions. Whether you’re at the early stages of adopting AI or considering integrating it in advanced XML development, this presentation will cover all levels of expertise. By highlighting the potential advantages and challenges of integrating AI with XML development tools and languages, the presentation seeks to inspire thoughtful conversation around the future of XML development. We’ll not only delve into the technical aspects of AI-powered XML development but also discuss practical implications and possible future directions.

GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...

Neo4j

Sudheer Mechineni, Head of Application Frameworks, Standard Chartered Bank Discover how Standard Chartered Bank harnessed the power of Neo4j to transform complex data access challenges into a dynamic, scalable graph database solution. This keynote will cover their journey from initial adoption to deploying a fully automated, enterprise-grade causal cluster, highlighting key strategies for modelling organisational changes and ensuring robust disaster recovery. Learn how these innovations have not only enhanced Standard Chartered Bank’s data infrastructure but also positioned them as pioneers in the banking sector’s adoption of graph technology.

GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...

Neo4j

Dr. Sean Tan, Head of Data Science, Changi Airport Group Discover how Changi Airport Group (CAG) leverages graph technologies and generative AI to revolutionize their search capabilities. This session delves into the unique search needs of CAG’s diverse passengers and customers, showcasing how graph data structures enhance the accuracy and relevance of AI-generated search results, mitigating the risk of “hallucinations” and improving the overall customer journey.

20240605 QFM017 Machine Intelligence Reading List May 2024

Matthew Sinclair

Recently uploaded (20)

20240607 QFM018 Elixir Reading List May 2024

Uni Systems Copilot event_05062024_C.Vlachos.pdf

UiPath Test Automation using UiPath Test Suite series, part 5

GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024

Epistemic Interaction - tuning interfaces to provide information for AI support

Elizabeth Buie - Older adults: Are we really designing for our future selves?

zkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex Proofs

GraphRAG is All You need? LLM & Knowledge Graph

Video Streaming: Then, Now, and in the Future

How to Get CNIC Information System with Paksim Ga.pptx

Removing Uninteresting Bytes in Software Fuzzing

Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!

Introduction to CHERI technology - Cybersecurity

20240609 QFM020 Irresponsible AI Reading List May 2024

Pushing the limits of ePRTC: 100ns holdover for 100 days

Artificial Intelligence for XMLDevelopment

GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...

GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...

20240605 QFM017 Machine Intelligence Reading List May 2024

Microservices the right way: an introduction to Istio

1. #sunnytech Microservices the right way: an introduction to Istio Sunny-tech 2018 Laurent Grangeau @laurentgrangeau 1

2. # whoami Hello Laurent Grangeau - CSA@Sogeti I love to automate things and run apps at scale You can find me at @laurentgrangeau Laurent Grangeau @laurentgran geau Cloud Solution Architect

3. Monolithics vs microservices

4. The Big Four

5. Istio

6. Istio Istio addresses many of the challenges faced by developers and operators as monolithic applications transition towards a distributed microservice architecture

7. Concepts Split into a dataplane and a controlplane - The data plane is composed of a set of intelligent proxies (Envoy) deployed as sidecars that mediate and control all network communication between microservices, along with a general-purpose policy and telemetry hub (Mixer). - The control plane is responsible for managing and configuring proxies to route traffic, and configuring Mixers to enforce policies and collect telemetry.

8. Core components - Envoy - Sidecar proxies per microservice to handle ingress/egress traffic between services in the cluster and from a service to external services. - Mixer - Central component that is leveraged by the proxies and microservices to enforce policies. - Pilot - A component responsible for configuring the proxies at runtime. - Citadel - A centralized component responsible for certificate issuance and rotation. - Node agent - A per-node component responsible for certificate issuance and rotation. - Broker - A component implementing the Open Service Broker API for Istio-based services. (WIP)

9. Architecture

10. Concepts Enables: - Traffic management - Discovery, Rich layer-7 routing, Circuit breaker - Policies and controls - Policy enforcement - Metrics, logs and traces - Request tracing, Telemetry recording/reporting - Security - Authorization, Authentication, Rate limit, Quotas

11. Traffic management

12. Request routing

13. Discovery & load balancing

14. Authentication

15. Authentication

16. Istio RBAC

17. Policies & Telemetry

18. App example

19. App example w/ istio

20. Demo Live coding !

21. Questions ?