SlideShare a Scribd company logo
A Comparison of Service Mesh
Options
Looking at Istio, Linkerd, Consul-connect
Syed Ahmed - CloudOps Inc
Introduction
About Me
• Cloud Software Architect @ CloudOps
• PMC for Apache CloudStack
• Worked on network modules in Openstack
and CloudStack
• Previously worked on the Netscaler LB
• Part of the DevOps team @ Yahoo!
About CloudOps
• We Design, Build and Operate Clouds
• Help customer own their destiny in the Cloud
• Vender/Cloud Agnostic
A Case for
Service Mesh
Monolithic Architecture
● Strong Coupling between different modules
causing anti-patterns in communicating
between different modules
● Difficulties in Scaling
● Updating to new version requires complete
re-install
● Problem in one module can cause the
whole application to crash
● Difficult to move to a new framework or
technology
Microservices Architecture
● API contract between different
modules/service ensures that each module
can be developed and maintained
independently
● Each service can be scaled independently
● Updating to new version requires only
updates to a specific services
● Allows for easier CI/CD
Evolution of the Ecosystem
Challenges with the Microservices Architecture
Challenges with the Microservices Architecture
Challenges with the Microservices Architecture
Challenges with the Microservices Architecture
Challenges with the Microservices Architecture
Challenges with the Microservices Architecture
Service Mesh as a Solution
A Service Mesh is the substrate between different
microservices that makes connectivity between different
microservices possible. In addition to providing
networking, a Service Mesh can also provide other
features like Service Discovery, Authentication and
Authorization, Monitoring, Tracing and Traffic Shaping.
Sidecar Pattern
Istio
Istio
● Open Sourced by
Google, IBM & Lyft in
May 2017
● Service Mesh designed
to connect, secure and
monitor microservices
Istio Features
● Automatic load balancing for HTTP, gRPC, WebSocket,
and TCP traffic.
● Fine-grained control of traffic behavior with rich routing
rules, retries, failovers, and fault injection.
● A pluggable policy layer and configuration API supporting
access controls, rate limits and quotas.
● Automatic metrics, logs, and traces for all traffic within a
cluster, including cluster ingress and egress.
● Secure service-to-service communication in a cluster with
strong identity-based authentication and authorization.
Istio Architecture
Istio Architecture
● Envoy: high-performance proxy developed in C++ provides Dynamic service discovery, Load
balancing, TLS termination, HTTP/2 and gRPC proxies, Circuit breakers, Health checks, Staged
rollouts with %-based traffic split, Fault injection, Rich metrics
● Pilot: The core component used for traffic management in Istio is Pilot, which manages and configures
all the Envoy proxy instances deployed in a particular Istio service mesh
● Mixer: Mixer is a platform-independent component. Mixer enforces access control and usage policies
across the service mesh, and collects telemetry data from the Envoy proxy and other services. The
proxy extracts request level attributes, and sends them to Mixer for evaluation
● Citadel: Citadel provides strong service-to-service and end-user authentication with built-in identity
and credential management. You can use Citadel to upgrade unencrypted traffic in the service mesh.
Using Citadel, operators can enforce policies based on service identity rather than on network controls
Istio Gateway
apiVersion: networking.istio.io/v1alpha3
kind: Gateway
metadata:
name: httpbin-gateway
spec:
selector:
istio: ingressgateway
servers:
- port:
number: 80
name: http
protocol: HTTP
hosts:
- "httpbin.example.com"
Gateway describes a load
balancer operating at the
edge of the mesh
receiving incoming or
outgoing HTTP/TCP
connections.
Istio VirtualService
apiVersion: networking.istio.io/v1alpha3
kind: VirtualService
metadata:
name: reviews-route
spec:
- route:
- destination:
host: reviews.prod.svc.cluster.local
subset: v2
weight: 25
- destination:
host: reviews.prod.svc.cluster.local
subset: v1
weight: 75
A VirtualService defines a
set of traffic routing rules to
apply when a host is
addressed. Each routing rule
defines matching criteria for
traffic of a specific protocol. If
the traffic is matched, then it
is sent to a named destination
service (or subset/version of
it) defined in the registry.
Istio DestinationRule
apiVersion: networking.istio.io/v1alpha3
kind: DestinationRule
metadata:
name: bookinfo-ratings
spec:
host: ratings.prod.svc.cluster.local
trafficPolicy:
loadBalancer:
simple: LEAST_CONN
DestinationRule defines policies
that apply to traffic intended for a
service after routing has
occurred. These rules specify
configuration for load balancing,
connection pool size from the
sidecar, and outlier detection
settings to detect and evict
unhealthy hosts from the load
balancing pool.
Linkerd
Linkerd
● Initially started as a
network proxy (v1.0)
for enabling service
mesh
● Merged with Conduit to
form Linkerd 2.0 in
Sept 2018
Linkerd Architecture
● Controller: The controller consists of multiple containers (public-api, proxy-api,
destination, tap) that provide the bulk of the control plane’s functionality
● Web: The web deployment provides the Linkerd dashboard
● Prometheus: All of the metrics exposed by Linkerd are scraped via
Prometheus and stored. An instance of Prometheus that has been configured
to work specifically with the data that Linkerd generates is deployed
● Grafana: Linkerd comes with many dashboards out of the box. The Grafana
component is used to render and display these dashboards. You can reach
these dashboards via links in the Linkerd dashboard itself.
Linkerd Architecture
● Linkerd’s philosophy is to be a very lightweight addition on
top of existing platform
● No need to be a Platform admin to use linkerd
● Simple installation and CLI tools to get started
● Small sidecar proxy written in Rust
● Can do end-to-end encryption and automatic proxy
injection
● Lacks complex routing and tracing capabilities
Linkerd Capabilities
Linkerd Commands
Install:
linkerd check --pre
linkerd install | kubectl apply -f -
Inject:
kubectl get -n emojivoto deploy -o yaml 
| linkerd inject - 
| kubectl apply -f -
Inspect:
linkerd -n emojivoto stat deploy
linkerd -n emojivoto top deploy
linkerd -n emojivoto tap deploy/web
Consul
Connect
Consul Connect
● Consul is a highly available
and distributed service
discovery and KV store
● Consul Connect augments
Consul and adds Service Mesh
Capabilities and was added in
July 2018
Consul Connect Features
● Provides secure service-to-service communication with
automatic TLS encryption and identity-based authorization.
● Uses envoy proxy sidecar as the dataplane
● Integration with Vault for certificate and secret management
● Service discovery already provided by Consul
● Useful if you want to use services outside Kubernetes as
Consul can do a 2 way sync between k8s services and
Consul services
● No routing features. Main focus on service discovery and
Service Identity management
Conclusion
Conclusion
Feature Istio Linkerd Consul Connect
Traffic Redirection
(Blue/Green deployment)
Yes No No
Traffic Splitting
(Canary deployment)
Yes No No
Attribute based routing Yes No No
Service Identification Yes No Yes
Auto Proxy Injection Yes Yes Yes
Non-Admin installation No Yes No
Built-in Dashboard Yes Yes No
Certificate Management Yes No Yes
Conclusion
Feature Istio Linkerd Consul Connect
Metrics Collection Yes Yes No
Built-In Dashboard Yes Yes No
TLS Yes Yes Yes
External Service Support Yes No Yes
Rate Limiting Yes No No
Tracing Yes No No
Appendix (BookInfo App)
Appendix (Emojivoto App)
Open Source Networking Days- Service Mesh

More Related Content

What's hot

Layer 7 Observability and Centralized Configuration with Consul Service Mesh
Layer 7 Observability and Centralized Configuration with Consul Service MeshLayer 7 Observability and Centralized Configuration with Consul Service Mesh
Layer 7 Observability and Centralized Configuration with Consul Service Mesh
Mitchell Pronschinske
 
Service-mesh options with Linkerd, Consul, Istio and AWS AppMesh
Service-mesh options with Linkerd, Consul, Istio and AWS AppMeshService-mesh options with Linkerd, Consul, Istio and AWS AppMesh
Service-mesh options with Linkerd, Consul, Istio and AWS AppMesh
Christian Posta
 
Leveraging Envoy Proxy and GraphQL to Lower the Risk of Monolith to Microserv...
Leveraging Envoy Proxy and GraphQL to Lower the Risk of Monolith to Microserv...Leveraging Envoy Proxy and GraphQL to Lower the Risk of Monolith to Microserv...
Leveraging Envoy Proxy and GraphQL to Lower the Risk of Monolith to Microserv...
Christian Posta
 
The Truth About the Service Mesh Data Plane
The Truth About the Service Mesh Data PlaneThe Truth About the Service Mesh Data Plane
The Truth About the Service Mesh Data Plane
Christian Posta
 
Consul: Service Mesh for Microservices
Consul: Service Mesh for MicroservicesConsul: Service Mesh for Microservices
Consul: Service Mesh for Microservices
ArmonDadgar
 
API World: The service-mesh landscape
API World: The service-mesh landscapeAPI World: The service-mesh landscape
API World: The service-mesh landscape
Christian Posta
 
Multicluster Kubernetes and Service Mesh Patterns
Multicluster Kubernetes and Service Mesh PatternsMulticluster Kubernetes and Service Mesh Patterns
Multicluster Kubernetes and Service Mesh Patterns
Christian Posta
 
Microservices for Enterprises
Microservices for Enterprises Microservices for Enterprises
Microservices for Enterprises
Kasun Indrasiri
 
Connecting All Abstractions with Istio
Connecting All Abstractions with IstioConnecting All Abstractions with Istio
Connecting All Abstractions with Istio
VMware Tanzu
 
Do You Need A Service Mesh?
Do You Need A Service Mesh?Do You Need A Service Mesh?
Do You Need A Service Mesh?
NGINX, Inc.
 
microXchg 2018: "What is a Service Mesh? Do I Need One When Developing 'Cloud...
microXchg 2018: "What is a Service Mesh? Do I Need One When Developing 'Cloud...microXchg 2018: "What is a Service Mesh? Do I Need One When Developing 'Cloud...
microXchg 2018: "What is a Service Mesh? Do I Need One When Developing 'Cloud...
Daniel Bryant
 
Integration Microservices
Integration MicroservicesIntegration Microservices
Integration Microservices
Kasun Indrasiri
 
Managing microservices with Istio Service Mesh
Managing microservices with Istio Service MeshManaging microservices with Istio Service Mesh
Managing microservices with Istio Service Mesh
Rafik HARABI
 
The Role of Enterprise Integration in Digital Transformation
The Role of Enterprise Integration in Digital TransformationThe Role of Enterprise Integration in Digital Transformation
The Role of Enterprise Integration in Digital Transformation
Kasun Indrasiri
 
Bridging Microservices, APIs and Integration
Bridging Microservices, APIs and IntegrationBridging Microservices, APIs and Integration
Bridging Microservices, APIs and Integration
Kasun Indrasiri
 
Microservice architecture
Microservice architectureMicroservice architecture
Microservice architecture
Touraj Ebrahimi
 
Microservices Integration Patterns with Kafka
Microservices Integration Patterns with KafkaMicroservices Integration Patterns with Kafka
Microservices Integration Patterns with Kafka
Kasun Indrasiri
 
ISTIO Deep Dive
ISTIO Deep DiveISTIO Deep Dive
ISTIO Deep Dive
Yong Feng
 
The Internet of things for integration people - UKCSUG - public version
The Internet of things for integration people - UKCSUG - public versionThe Internet of things for integration people - UKCSUG - public version
The Internet of things for integration people - UKCSUG - public version
Sam Vanhoutte
 
Evolution of integration and microservices patterns with service mesh
Evolution of integration and microservices patterns with service meshEvolution of integration and microservices patterns with service mesh
Evolution of integration and microservices patterns with service mesh
Christian Posta
 

What's hot (20)

Layer 7 Observability and Centralized Configuration with Consul Service Mesh
Layer 7 Observability and Centralized Configuration with Consul Service MeshLayer 7 Observability and Centralized Configuration with Consul Service Mesh
Layer 7 Observability and Centralized Configuration with Consul Service Mesh
 
Service-mesh options with Linkerd, Consul, Istio and AWS AppMesh
Service-mesh options with Linkerd, Consul, Istio and AWS AppMeshService-mesh options with Linkerd, Consul, Istio and AWS AppMesh
Service-mesh options with Linkerd, Consul, Istio and AWS AppMesh
 
Leveraging Envoy Proxy and GraphQL to Lower the Risk of Monolith to Microserv...
Leveraging Envoy Proxy and GraphQL to Lower the Risk of Monolith to Microserv...Leveraging Envoy Proxy and GraphQL to Lower the Risk of Monolith to Microserv...
Leveraging Envoy Proxy and GraphQL to Lower the Risk of Monolith to Microserv...
 
The Truth About the Service Mesh Data Plane
The Truth About the Service Mesh Data PlaneThe Truth About the Service Mesh Data Plane
The Truth About the Service Mesh Data Plane
 
Consul: Service Mesh for Microservices
Consul: Service Mesh for MicroservicesConsul: Service Mesh for Microservices
Consul: Service Mesh for Microservices
 
API World: The service-mesh landscape
API World: The service-mesh landscapeAPI World: The service-mesh landscape
API World: The service-mesh landscape
 
Multicluster Kubernetes and Service Mesh Patterns
Multicluster Kubernetes and Service Mesh PatternsMulticluster Kubernetes and Service Mesh Patterns
Multicluster Kubernetes and Service Mesh Patterns
 
Microservices for Enterprises
Microservices for Enterprises Microservices for Enterprises
Microservices for Enterprises
 
Connecting All Abstractions with Istio
Connecting All Abstractions with IstioConnecting All Abstractions with Istio
Connecting All Abstractions with Istio
 
Do You Need A Service Mesh?
Do You Need A Service Mesh?Do You Need A Service Mesh?
Do You Need A Service Mesh?
 
microXchg 2018: "What is a Service Mesh? Do I Need One When Developing 'Cloud...
microXchg 2018: "What is a Service Mesh? Do I Need One When Developing 'Cloud...microXchg 2018: "What is a Service Mesh? Do I Need One When Developing 'Cloud...
microXchg 2018: "What is a Service Mesh? Do I Need One When Developing 'Cloud...
 
Integration Microservices
Integration MicroservicesIntegration Microservices
Integration Microservices
 
Managing microservices with Istio Service Mesh
Managing microservices with Istio Service MeshManaging microservices with Istio Service Mesh
Managing microservices with Istio Service Mesh
 
The Role of Enterprise Integration in Digital Transformation
The Role of Enterprise Integration in Digital TransformationThe Role of Enterprise Integration in Digital Transformation
The Role of Enterprise Integration in Digital Transformation
 
Bridging Microservices, APIs and Integration
Bridging Microservices, APIs and IntegrationBridging Microservices, APIs and Integration
Bridging Microservices, APIs and Integration
 
Microservice architecture
Microservice architectureMicroservice architecture
Microservice architecture
 
Microservices Integration Patterns with Kafka
Microservices Integration Patterns with KafkaMicroservices Integration Patterns with Kafka
Microservices Integration Patterns with Kafka
 
ISTIO Deep Dive
ISTIO Deep DiveISTIO Deep Dive
ISTIO Deep Dive
 
The Internet of things for integration people - UKCSUG - public version
The Internet of things for integration people - UKCSUG - public versionThe Internet of things for integration people - UKCSUG - public version
The Internet of things for integration people - UKCSUG - public version
 
Evolution of integration and microservices patterns with service mesh
Evolution of integration and microservices patterns with service meshEvolution of integration and microservices patterns with service mesh
Evolution of integration and microservices patterns with service mesh
 

Similar to Open Source Networking Days- Service Mesh

Managing Microservices With The Istio Service Mesh on Kubernetes
Managing Microservices With The Istio Service Mesh on KubernetesManaging Microservices With The Istio Service Mesh on Kubernetes
Managing Microservices With The Istio Service Mesh on Kubernetes
Iftach Schonbaum
 
All About Microservices and OpenSource Microservice Frameworks
All About Microservices and OpenSource Microservice FrameworksAll About Microservices and OpenSource Microservice Frameworks
All About Microservices and OpenSource Microservice Frameworks
Mohammad Asif Siddiqui
 
Istio Triangle Kubernetes Meetup Aug 2019
Istio Triangle Kubernetes Meetup Aug 2019Istio Triangle Kubernetes Meetup Aug 2019
Istio Triangle Kubernetes Meetup Aug 2019
Ram Vennam
 
Introduction to Istio for APIs and Microservices meetup
Introduction to Istio for APIs and Microservices meetupIntroduction to Istio for APIs and Microservices meetup
Introduction to Istio for APIs and Microservices meetup
Daniel Ciruli
 
Comparison of Current Service Mesh Architectures
Comparison of Current Service Mesh ArchitecturesComparison of Current Service Mesh Architectures
Comparison of Current Service Mesh Architectures
Mirantis
 
The what, why and how of knative
The what, why and how of knativeThe what, why and how of knative
The what, why and how of knative
Mofizur Rahman
 
KrakenD API Gateway
KrakenD API GatewayKrakenD API Gateway
KrakenD API Gateway
Albert Lombarte
 
'How to build efficient backend based on microservice architecture' by Anton ...
'How to build efficient backend based on microservice architecture' by Anton ...'How to build efficient backend based on microservice architecture' by Anton ...
'How to build efficient backend based on microservice architecture' by Anton ...
OdessaJS Conf
 
Service Meshes with Istio
Service Meshes with IstioService Meshes with Istio
Service Meshes with Istio
RandyGupta
 
Sumo Logic Cert Jam - Advanced Metrics with Kubernetes
Sumo Logic Cert Jam - Advanced Metrics with KubernetesSumo Logic Cert Jam - Advanced Metrics with Kubernetes
Sumo Logic Cert Jam - Advanced Metrics with Kubernetes
Sumo Logic
 
Service mesh
Service meshService mesh
Service mesh
Arnab Mitra
 
Mumbai MuleSoft Meetup 12
Mumbai MuleSoft Meetup 12Mumbai MuleSoft Meetup 12
Mumbai MuleSoft Meetup 12
Akshata Sawant
 
[Workshop] API Management in Microservices Architecture
[Workshop] API Management in Microservices Architecture[Workshop] API Management in Microservices Architecture
[Workshop] API Management in Microservices Architecture
WSO2
 
Openstack Overview
Openstack OverviewOpenstack Overview
Openstack Overview
rajdeep
 
Kubernetes: Dive into the Future of Infrastructure
Kubernetes: Dive into the Future of InfrastructureKubernetes: Dive into the Future of Infrastructure
Kubernetes: Dive into the Future of Infrastructure
GlobalLogic Ukraine
 
Hyperledger Fabric update Meetup 20181101
Hyperledger Fabric update Meetup 20181101Hyperledger Fabric update Meetup 20181101
Hyperledger Fabric update Meetup 20181101
Arnaud Le Hors
 
Microservices
MicroservicesMicroservices
Microservices
Ramesh (@Mavuluri)
 
Fundamentals of microservices
Fundamentals of microservicesFundamentals of microservices
Fundamentals of microservices
NGINX, Inc.
 
Make Java Microservices Resilient with Istio - Mangesh - IBM - CC18
Make Java Microservices Resilient with Istio - Mangesh - IBM - CC18Make Java Microservices Resilient with Istio - Mangesh - IBM - CC18
Make Java Microservices Resilient with Istio - Mangesh - IBM - CC18
CodeOps Technologies LLP
 
Cloud native microservices for systems and applications ieee rev2
Cloud native microservices for systems and applications ieee rev2Cloud native microservices for systems and applications ieee rev2
Cloud native microservices for systems and applications ieee rev2
Prem Sankar Gopannan
 

Similar to Open Source Networking Days- Service Mesh (20)

Managing Microservices With The Istio Service Mesh on Kubernetes
Managing Microservices With The Istio Service Mesh on KubernetesManaging Microservices With The Istio Service Mesh on Kubernetes
Managing Microservices With The Istio Service Mesh on Kubernetes
 
All About Microservices and OpenSource Microservice Frameworks
All About Microservices and OpenSource Microservice FrameworksAll About Microservices and OpenSource Microservice Frameworks
All About Microservices and OpenSource Microservice Frameworks
 
Istio Triangle Kubernetes Meetup Aug 2019
Istio Triangle Kubernetes Meetup Aug 2019Istio Triangle Kubernetes Meetup Aug 2019
Istio Triangle Kubernetes Meetup Aug 2019
 
Introduction to Istio for APIs and Microservices meetup
Introduction to Istio for APIs and Microservices meetupIntroduction to Istio for APIs and Microservices meetup
Introduction to Istio for APIs and Microservices meetup
 
Comparison of Current Service Mesh Architectures
Comparison of Current Service Mesh ArchitecturesComparison of Current Service Mesh Architectures
Comparison of Current Service Mesh Architectures
 
The what, why and how of knative
The what, why and how of knativeThe what, why and how of knative
The what, why and how of knative
 
KrakenD API Gateway
KrakenD API GatewayKrakenD API Gateway
KrakenD API Gateway
 
'How to build efficient backend based on microservice architecture' by Anton ...
'How to build efficient backend based on microservice architecture' by Anton ...'How to build efficient backend based on microservice architecture' by Anton ...
'How to build efficient backend based on microservice architecture' by Anton ...
 
Service Meshes with Istio
Service Meshes with IstioService Meshes with Istio
Service Meshes with Istio
 
Sumo Logic Cert Jam - Advanced Metrics with Kubernetes
Sumo Logic Cert Jam - Advanced Metrics with KubernetesSumo Logic Cert Jam - Advanced Metrics with Kubernetes
Sumo Logic Cert Jam - Advanced Metrics with Kubernetes
 
Service mesh
Service meshService mesh
Service mesh
 
Mumbai MuleSoft Meetup 12
Mumbai MuleSoft Meetup 12Mumbai MuleSoft Meetup 12
Mumbai MuleSoft Meetup 12
 
[Workshop] API Management in Microservices Architecture
[Workshop] API Management in Microservices Architecture[Workshop] API Management in Microservices Architecture
[Workshop] API Management in Microservices Architecture
 
Openstack Overview
Openstack OverviewOpenstack Overview
Openstack Overview
 
Kubernetes: Dive into the Future of Infrastructure
Kubernetes: Dive into the Future of InfrastructureKubernetes: Dive into the Future of Infrastructure
Kubernetes: Dive into the Future of Infrastructure
 
Hyperledger Fabric update Meetup 20181101
Hyperledger Fabric update Meetup 20181101Hyperledger Fabric update Meetup 20181101
Hyperledger Fabric update Meetup 20181101
 
Microservices
MicroservicesMicroservices
Microservices
 
Fundamentals of microservices
Fundamentals of microservicesFundamentals of microservices
Fundamentals of microservices
 
Make Java Microservices Resilient with Istio - Mangesh - IBM - CC18
Make Java Microservices Resilient with Istio - Mangesh - IBM - CC18Make Java Microservices Resilient with Istio - Mangesh - IBM - CC18
Make Java Microservices Resilient with Istio - Mangesh - IBM - CC18
 
Cloud native microservices for systems and applications ieee rev2
Cloud native microservices for systems and applications ieee rev2Cloud native microservices for systems and applications ieee rev2
Cloud native microservices for systems and applications ieee rev2
 

More from CloudOps2005

Defense in Depth: Securing your new Kubernetes cluster from the challenges th...
Defense in Depth: Securing your new Kubernetes cluster from the challenges th...Defense in Depth: Securing your new Kubernetes cluster from the challenges th...
Defense in Depth: Securing your new Kubernetes cluster from the challenges th...
CloudOps2005
 
Human No, Machine Yes: Welcome to the CDF with Incremental Confidence
Human No, Machine Yes: Welcome to the CDF with Incremental ConfidenceHuman No, Machine Yes: Welcome to the CDF with Incremental Confidence
Human No, Machine Yes: Welcome to the CDF with Incremental Confidence
CloudOps2005
 
The Salmon Algorithm Spawning with Kubernetes
The Salmon Algorithm Spawning with KubernetesThe Salmon Algorithm Spawning with Kubernetes
The Salmon Algorithm Spawning with Kubernetes
CloudOps2005
 
Own your Destiny in the Cloud - Ian Rae - Cloud Native Day Montreal 2019
Own your Destiny in the Cloud - Ian Rae - Cloud Native Day Montreal 2019Own your Destiny in the Cloud - Ian Rae - Cloud Native Day Montreal 2019
Own your Destiny in the Cloud - Ian Rae - Cloud Native Day Montreal 2019
CloudOps2005
 
Plateformes et infrastructure infonuagique natif de ville de Montréall
Plateformes et infrastructure infonuagique natif de ville de MontréallPlateformes et infrastructure infonuagique natif de ville de Montréall
Plateformes et infrastructure infonuagique natif de ville de Montréall
CloudOps2005
 
Using Rook to Manage Kubernetes Storage with Ceph
Using Rook to Manage Kubernetes Storage with CephUsing Rook to Manage Kubernetes Storage with Ceph
Using Rook to Manage Kubernetes Storage with Ceph
CloudOps2005
 
Kafka on Kubernetes
Kafka on KubernetesKafka on Kubernetes
Kafka on Kubernetes
CloudOps2005
 
Kubernetes: Crossing the Chasm
Kubernetes: Crossing the ChasmKubernetes: Crossing the Chasm
Kubernetes: Crossing the Chasm
CloudOps2005
 
Distributed Logging with Kubernetes
Distributed Logging with KubernetesDistributed Logging with Kubernetes
Distributed Logging with Kubernetes
CloudOps2005
 
Kubernetes Security with Calico and Open Policy Agent
Kubernetes Security with Calico and Open Policy AgentKubernetes Security with Calico and Open Policy Agent
Kubernetes Security with Calico and Open Policy Agent
CloudOps2005
 
Advanced Deployment Strategies with Kubernetes and Istio
Advanced Deployment Strategies with Kubernetes and IstioAdvanced Deployment Strategies with Kubernetes and Istio
Advanced Deployment Strategies with Kubernetes and Istio
CloudOps2005
 
GitOps with ArgoCD
GitOps with ArgoCDGitOps with ArgoCD
GitOps with ArgoCD
CloudOps2005
 
Kubernetes Services are sooo Yesterday!
Kubernetes Services are sooo Yesterday!Kubernetes Services are sooo Yesterday!
Kubernetes Services are sooo Yesterday!
CloudOps2005
 
Amazon EKS: the good, the bad, and the ugly
Amazon EKS: the good, the bad, and the uglyAmazon EKS: the good, the bad, and the ugly
Amazon EKS: the good, the bad, and the ugly
CloudOps2005
 
Kubernetes, Terraform, Vault, and Consul
Kubernetes, Terraform, Vault, and ConsulKubernetes, Terraform, Vault, and Consul
Kubernetes, Terraform, Vault, and Consul
CloudOps2005
 
SIG Multicluster and the Path to Federation
SIG Multicluster and the Path to FederationSIG Multicluster and the Path to Federation
SIG Multicluster and the Path to Federation
CloudOps2005
 
To Russia with Love: Deploying Kubernetes in Exotic Locations On Prem
To Russia with Love: Deploying Kubernetes in Exotic Locations On PremTo Russia with Love: Deploying Kubernetes in Exotic Locations On Prem
To Russia with Love: Deploying Kubernetes in Exotic Locations On Prem
CloudOps2005
 
Operator SDK for K8s using Go
Operator SDK for K8s using GoOperator SDK for K8s using Go
Operator SDK for K8s using Go
CloudOps2005
 
How to Handle your Kubernetes Upgrades
How to Handle your Kubernetes UpgradesHow to Handle your Kubernetes Upgrades
How to Handle your Kubernetes Upgrades
CloudOps2005
 
Kubernetes and Cloud Native Meetup - March, 2019
Kubernetes and Cloud Native Meetup - March, 2019Kubernetes and Cloud Native Meetup - March, 2019
Kubernetes and Cloud Native Meetup - March, 2019
CloudOps2005
 

More from CloudOps2005 (20)

Defense in Depth: Securing your new Kubernetes cluster from the challenges th...
Defense in Depth: Securing your new Kubernetes cluster from the challenges th...Defense in Depth: Securing your new Kubernetes cluster from the challenges th...
Defense in Depth: Securing your new Kubernetes cluster from the challenges th...
 
Human No, Machine Yes: Welcome to the CDF with Incremental Confidence
Human No, Machine Yes: Welcome to the CDF with Incremental ConfidenceHuman No, Machine Yes: Welcome to the CDF with Incremental Confidence
Human No, Machine Yes: Welcome to the CDF with Incremental Confidence
 
The Salmon Algorithm Spawning with Kubernetes
The Salmon Algorithm Spawning with KubernetesThe Salmon Algorithm Spawning with Kubernetes
The Salmon Algorithm Spawning with Kubernetes
 
Own your Destiny in the Cloud - Ian Rae - Cloud Native Day Montreal 2019
Own your Destiny in the Cloud - Ian Rae - Cloud Native Day Montreal 2019Own your Destiny in the Cloud - Ian Rae - Cloud Native Day Montreal 2019
Own your Destiny in the Cloud - Ian Rae - Cloud Native Day Montreal 2019
 
Plateformes et infrastructure infonuagique natif de ville de Montréall
Plateformes et infrastructure infonuagique natif de ville de MontréallPlateformes et infrastructure infonuagique natif de ville de Montréall
Plateformes et infrastructure infonuagique natif de ville de Montréall
 
Using Rook to Manage Kubernetes Storage with Ceph
Using Rook to Manage Kubernetes Storage with CephUsing Rook to Manage Kubernetes Storage with Ceph
Using Rook to Manage Kubernetes Storage with Ceph
 
Kafka on Kubernetes
Kafka on KubernetesKafka on Kubernetes
Kafka on Kubernetes
 
Kubernetes: Crossing the Chasm
Kubernetes: Crossing the ChasmKubernetes: Crossing the Chasm
Kubernetes: Crossing the Chasm
 
Distributed Logging with Kubernetes
Distributed Logging with KubernetesDistributed Logging with Kubernetes
Distributed Logging with Kubernetes
 
Kubernetes Security with Calico and Open Policy Agent
Kubernetes Security with Calico and Open Policy AgentKubernetes Security with Calico and Open Policy Agent
Kubernetes Security with Calico and Open Policy Agent
 
Advanced Deployment Strategies with Kubernetes and Istio
Advanced Deployment Strategies with Kubernetes and IstioAdvanced Deployment Strategies with Kubernetes and Istio
Advanced Deployment Strategies with Kubernetes and Istio
 
GitOps with ArgoCD
GitOps with ArgoCDGitOps with ArgoCD
GitOps with ArgoCD
 
Kubernetes Services are sooo Yesterday!
Kubernetes Services are sooo Yesterday!Kubernetes Services are sooo Yesterday!
Kubernetes Services are sooo Yesterday!
 
Amazon EKS: the good, the bad, and the ugly
Amazon EKS: the good, the bad, and the uglyAmazon EKS: the good, the bad, and the ugly
Amazon EKS: the good, the bad, and the ugly
 
Kubernetes, Terraform, Vault, and Consul
Kubernetes, Terraform, Vault, and ConsulKubernetes, Terraform, Vault, and Consul
Kubernetes, Terraform, Vault, and Consul
 
SIG Multicluster and the Path to Federation
SIG Multicluster and the Path to FederationSIG Multicluster and the Path to Federation
SIG Multicluster and the Path to Federation
 
To Russia with Love: Deploying Kubernetes in Exotic Locations On Prem
To Russia with Love: Deploying Kubernetes in Exotic Locations On PremTo Russia with Love: Deploying Kubernetes in Exotic Locations On Prem
To Russia with Love: Deploying Kubernetes in Exotic Locations On Prem
 
Operator SDK for K8s using Go
Operator SDK for K8s using GoOperator SDK for K8s using Go
Operator SDK for K8s using Go
 
How to Handle your Kubernetes Upgrades
How to Handle your Kubernetes UpgradesHow to Handle your Kubernetes Upgrades
How to Handle your Kubernetes Upgrades
 
Kubernetes and Cloud Native Meetup - March, 2019
Kubernetes and Cloud Native Meetup - March, 2019Kubernetes and Cloud Native Meetup - March, 2019
Kubernetes and Cloud Native Meetup - March, 2019
 

Recently uploaded

Columbus Data & Analytics Wednesdays - June 2024
Columbus Data & Analytics Wednesdays - June 2024Columbus Data & Analytics Wednesdays - June 2024
Columbus Data & Analytics Wednesdays - June 2024
Jason Packer
 
Serial Arm Control in Real Time Presentation
Serial Arm Control in Real Time PresentationSerial Arm Control in Real Time Presentation
Serial Arm Control in Real Time Presentation
tolgahangng
 
“Temporal Event Neural Networks: A More Efficient Alternative to the Transfor...
“Temporal Event Neural Networks: A More Efficient Alternative to the Transfor...“Temporal Event Neural Networks: A More Efficient Alternative to the Transfor...
“Temporal Event Neural Networks: A More Efficient Alternative to the Transfor...
Edge AI and Vision Alliance
 
GraphRAG for Life Science to increase LLM accuracy
GraphRAG for Life Science to increase LLM accuracyGraphRAG for Life Science to increase LLM accuracy
GraphRAG for Life Science to increase LLM accuracy
Tomaz Bratanic
 
Fueling AI with Great Data with Airbyte Webinar
Fueling AI with Great Data with Airbyte WebinarFueling AI with Great Data with Airbyte Webinar
Fueling AI with Great Data with Airbyte Webinar
Zilliz
 
Public CyberSecurity Awareness Presentation 2024.pptx
Public CyberSecurity Awareness Presentation 2024.pptxPublic CyberSecurity Awareness Presentation 2024.pptx
Public CyberSecurity Awareness Presentation 2024.pptx
marufrahmanstratejm
 
June Patch Tuesday
June Patch TuesdayJune Patch Tuesday
June Patch Tuesday
Ivanti
 
Overcoming the PLG Trap: Lessons from Canva's Head of Sales & Head of EMEA Da...
Overcoming the PLG Trap: Lessons from Canva's Head of Sales & Head of EMEA Da...Overcoming the PLG Trap: Lessons from Canva's Head of Sales & Head of EMEA Da...
Overcoming the PLG Trap: Lessons from Canva's Head of Sales & Head of EMEA Da...
saastr
 
leewayhertz.com-AI in predictive maintenance Use cases technologies benefits ...
leewayhertz.com-AI in predictive maintenance Use cases technologies benefits ...leewayhertz.com-AI in predictive maintenance Use cases technologies benefits ...
leewayhertz.com-AI in predictive maintenance Use cases technologies benefits ...
alexjohnson7307
 
How to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdf
How to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdfHow to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdf
How to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdf
Chart Kalyan
 
Dandelion Hashtable: beyond billion requests per second on a commodity server
Dandelion Hashtable: beyond billion requests per second on a commodity serverDandelion Hashtable: beyond billion requests per second on a commodity server
Dandelion Hashtable: beyond billion requests per second on a commodity server
Antonios Katsarakis
 
Digital Banking in the Cloud: How Citizens Bank Unlocked Their Mainframe
Digital Banking in the Cloud: How Citizens Bank Unlocked Their MainframeDigital Banking in the Cloud: How Citizens Bank Unlocked Their Mainframe
Digital Banking in the Cloud: How Citizens Bank Unlocked Their Mainframe
Precisely
 
Nordic Marketo Engage User Group_June 13_ 2024.pptx
Nordic Marketo Engage User Group_June 13_ 2024.pptxNordic Marketo Engage User Group_June 13_ 2024.pptx
Nordic Marketo Engage User Group_June 13_ 2024.pptx
MichaelKnudsen27
 
Trusted Execution Environment for Decentralized Process Mining
Trusted Execution Environment for Decentralized Process MiningTrusted Execution Environment for Decentralized Process Mining
Trusted Execution Environment for Decentralized Process Mining
LucaBarbaro3
 
GNSS spoofing via SDR (Criptored Talks 2024)
GNSS spoofing via SDR (Criptored Talks 2024)GNSS spoofing via SDR (Criptored Talks 2024)
GNSS spoofing via SDR (Criptored Talks 2024)
Javier Junquera
 
zkStudyClub - LatticeFold: A Lattice-based Folding Scheme and its Application...
zkStudyClub - LatticeFold: A Lattice-based Folding Scheme and its Application...zkStudyClub - LatticeFold: A Lattice-based Folding Scheme and its Application...
zkStudyClub - LatticeFold: A Lattice-based Folding Scheme and its Application...
Alex Pruden
 
Main news related to the CCS TSI 2023 (2023/1695)
Main news related to the CCS TSI 2023 (2023/1695)Main news related to the CCS TSI 2023 (2023/1695)
Main news related to the CCS TSI 2023 (2023/1695)
Jakub Marek
 
Introduction of Cybersecurity with OSS at Code Europe 2024
Introduction of Cybersecurity with OSS  at Code Europe 2024Introduction of Cybersecurity with OSS  at Code Europe 2024
Introduction of Cybersecurity with OSS at Code Europe 2024
Hiroshi SHIBATA
 
Best 20 SEO Techniques To Improve Website Visibility In SERP
Best 20 SEO Techniques To Improve Website Visibility In SERPBest 20 SEO Techniques To Improve Website Visibility In SERP
Best 20 SEO Techniques To Improve Website Visibility In SERP
Pixlogix Infotech
 
Skybuffer AI: Advanced Conversational and Generative AI Solution on SAP Busin...
Skybuffer AI: Advanced Conversational and Generative AI Solution on SAP Busin...Skybuffer AI: Advanced Conversational and Generative AI Solution on SAP Busin...
Skybuffer AI: Advanced Conversational and Generative AI Solution on SAP Busin...
Tatiana Kojar
 

Recently uploaded (20)

Columbus Data & Analytics Wednesdays - June 2024
Columbus Data & Analytics Wednesdays - June 2024Columbus Data & Analytics Wednesdays - June 2024
Columbus Data & Analytics Wednesdays - June 2024
 
Serial Arm Control in Real Time Presentation
Serial Arm Control in Real Time PresentationSerial Arm Control in Real Time Presentation
Serial Arm Control in Real Time Presentation
 
“Temporal Event Neural Networks: A More Efficient Alternative to the Transfor...
“Temporal Event Neural Networks: A More Efficient Alternative to the Transfor...“Temporal Event Neural Networks: A More Efficient Alternative to the Transfor...
“Temporal Event Neural Networks: A More Efficient Alternative to the Transfor...
 
GraphRAG for Life Science to increase LLM accuracy
GraphRAG for Life Science to increase LLM accuracyGraphRAG for Life Science to increase LLM accuracy
GraphRAG for Life Science to increase LLM accuracy
 
Fueling AI with Great Data with Airbyte Webinar
Fueling AI with Great Data with Airbyte WebinarFueling AI with Great Data with Airbyte Webinar
Fueling AI with Great Data with Airbyte Webinar
 
Public CyberSecurity Awareness Presentation 2024.pptx
Public CyberSecurity Awareness Presentation 2024.pptxPublic CyberSecurity Awareness Presentation 2024.pptx
Public CyberSecurity Awareness Presentation 2024.pptx
 
June Patch Tuesday
June Patch TuesdayJune Patch Tuesday
June Patch Tuesday
 
Overcoming the PLG Trap: Lessons from Canva's Head of Sales & Head of EMEA Da...
Overcoming the PLG Trap: Lessons from Canva's Head of Sales & Head of EMEA Da...Overcoming the PLG Trap: Lessons from Canva's Head of Sales & Head of EMEA Da...
Overcoming the PLG Trap: Lessons from Canva's Head of Sales & Head of EMEA Da...
 
leewayhertz.com-AI in predictive maintenance Use cases technologies benefits ...
leewayhertz.com-AI in predictive maintenance Use cases technologies benefits ...leewayhertz.com-AI in predictive maintenance Use cases technologies benefits ...
leewayhertz.com-AI in predictive maintenance Use cases technologies benefits ...
 
How to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdf
How to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdfHow to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdf
How to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdf
 
Dandelion Hashtable: beyond billion requests per second on a commodity server
Dandelion Hashtable: beyond billion requests per second on a commodity serverDandelion Hashtable: beyond billion requests per second on a commodity server
Dandelion Hashtable: beyond billion requests per second on a commodity server
 
Digital Banking in the Cloud: How Citizens Bank Unlocked Their Mainframe
Digital Banking in the Cloud: How Citizens Bank Unlocked Their MainframeDigital Banking in the Cloud: How Citizens Bank Unlocked Their Mainframe
Digital Banking in the Cloud: How Citizens Bank Unlocked Their Mainframe
 
Nordic Marketo Engage User Group_June 13_ 2024.pptx
Nordic Marketo Engage User Group_June 13_ 2024.pptxNordic Marketo Engage User Group_June 13_ 2024.pptx
Nordic Marketo Engage User Group_June 13_ 2024.pptx
 
Trusted Execution Environment for Decentralized Process Mining
Trusted Execution Environment for Decentralized Process MiningTrusted Execution Environment for Decentralized Process Mining
Trusted Execution Environment for Decentralized Process Mining
 
GNSS spoofing via SDR (Criptored Talks 2024)
GNSS spoofing via SDR (Criptored Talks 2024)GNSS spoofing via SDR (Criptored Talks 2024)
GNSS spoofing via SDR (Criptored Talks 2024)
 
zkStudyClub - LatticeFold: A Lattice-based Folding Scheme and its Application...
zkStudyClub - LatticeFold: A Lattice-based Folding Scheme and its Application...zkStudyClub - LatticeFold: A Lattice-based Folding Scheme and its Application...
zkStudyClub - LatticeFold: A Lattice-based Folding Scheme and its Application...
 
Main news related to the CCS TSI 2023 (2023/1695)
Main news related to the CCS TSI 2023 (2023/1695)Main news related to the CCS TSI 2023 (2023/1695)
Main news related to the CCS TSI 2023 (2023/1695)
 
Introduction of Cybersecurity with OSS at Code Europe 2024
Introduction of Cybersecurity with OSS  at Code Europe 2024Introduction of Cybersecurity with OSS  at Code Europe 2024
Introduction of Cybersecurity with OSS at Code Europe 2024
 
Best 20 SEO Techniques To Improve Website Visibility In SERP
Best 20 SEO Techniques To Improve Website Visibility In SERPBest 20 SEO Techniques To Improve Website Visibility In SERP
Best 20 SEO Techniques To Improve Website Visibility In SERP
 
Skybuffer AI: Advanced Conversational and Generative AI Solution on SAP Busin...
Skybuffer AI: Advanced Conversational and Generative AI Solution on SAP Busin...Skybuffer AI: Advanced Conversational and Generative AI Solution on SAP Busin...
Skybuffer AI: Advanced Conversational and Generative AI Solution on SAP Busin...
 

Open Source Networking Days- Service Mesh

  • 1. A Comparison of Service Mesh Options Looking at Istio, Linkerd, Consul-connect Syed Ahmed - CloudOps Inc
  • 3. About Me • Cloud Software Architect @ CloudOps • PMC for Apache CloudStack • Worked on network modules in Openstack and CloudStack • Previously worked on the Netscaler LB • Part of the DevOps team @ Yahoo!
  • 4. About CloudOps • We Design, Build and Operate Clouds • Help customer own their destiny in the Cloud • Vender/Cloud Agnostic
  • 6. Monolithic Architecture ● Strong Coupling between different modules causing anti-patterns in communicating between different modules ● Difficulties in Scaling ● Updating to new version requires complete re-install ● Problem in one module can cause the whole application to crash ● Difficult to move to a new framework or technology
  • 7. Microservices Architecture ● API contract between different modules/service ensures that each module can be developed and maintained independently ● Each service can be scaled independently ● Updating to new version requires only updates to a specific services ● Allows for easier CI/CD
  • 8. Evolution of the Ecosystem
  • 9. Challenges with the Microservices Architecture
  • 10. Challenges with the Microservices Architecture
  • 11. Challenges with the Microservices Architecture
  • 12. Challenges with the Microservices Architecture
  • 13. Challenges with the Microservices Architecture
  • 14. Challenges with the Microservices Architecture
  • 15. Service Mesh as a Solution A Service Mesh is the substrate between different microservices that makes connectivity between different microservices possible. In addition to providing networking, a Service Mesh can also provide other features like Service Discovery, Authentication and Authorization, Monitoring, Tracing and Traffic Shaping.
  • 17. Istio
  • 18. Istio ● Open Sourced by Google, IBM & Lyft in May 2017 ● Service Mesh designed to connect, secure and monitor microservices
  • 19. Istio Features ● Automatic load balancing for HTTP, gRPC, WebSocket, and TCP traffic. ● Fine-grained control of traffic behavior with rich routing rules, retries, failovers, and fault injection. ● A pluggable policy layer and configuration API supporting access controls, rate limits and quotas. ● Automatic metrics, logs, and traces for all traffic within a cluster, including cluster ingress and egress. ● Secure service-to-service communication in a cluster with strong identity-based authentication and authorization.
  • 21. Istio Architecture ● Envoy: high-performance proxy developed in C++ provides Dynamic service discovery, Load balancing, TLS termination, HTTP/2 and gRPC proxies, Circuit breakers, Health checks, Staged rollouts with %-based traffic split, Fault injection, Rich metrics ● Pilot: The core component used for traffic management in Istio is Pilot, which manages and configures all the Envoy proxy instances deployed in a particular Istio service mesh ● Mixer: Mixer is a platform-independent component. Mixer enforces access control and usage policies across the service mesh, and collects telemetry data from the Envoy proxy and other services. The proxy extracts request level attributes, and sends them to Mixer for evaluation ● Citadel: Citadel provides strong service-to-service and end-user authentication with built-in identity and credential management. You can use Citadel to upgrade unencrypted traffic in the service mesh. Using Citadel, operators can enforce policies based on service identity rather than on network controls
  • 22. Istio Gateway apiVersion: networking.istio.io/v1alpha3 kind: Gateway metadata: name: httpbin-gateway spec: selector: istio: ingressgateway servers: - port: number: 80 name: http protocol: HTTP hosts: - "httpbin.example.com" Gateway describes a load balancer operating at the edge of the mesh receiving incoming or outgoing HTTP/TCP connections.
  • 23. Istio VirtualService apiVersion: networking.istio.io/v1alpha3 kind: VirtualService metadata: name: reviews-route spec: - route: - destination: host: reviews.prod.svc.cluster.local subset: v2 weight: 25 - destination: host: reviews.prod.svc.cluster.local subset: v1 weight: 75 A VirtualService defines a set of traffic routing rules to apply when a host is addressed. Each routing rule defines matching criteria for traffic of a specific protocol. If the traffic is matched, then it is sent to a named destination service (or subset/version of it) defined in the registry.
  • 24. Istio DestinationRule apiVersion: networking.istio.io/v1alpha3 kind: DestinationRule metadata: name: bookinfo-ratings spec: host: ratings.prod.svc.cluster.local trafficPolicy: loadBalancer: simple: LEAST_CONN DestinationRule defines policies that apply to traffic intended for a service after routing has occurred. These rules specify configuration for load balancing, connection pool size from the sidecar, and outlier detection settings to detect and evict unhealthy hosts from the load balancing pool.
  • 26. Linkerd ● Initially started as a network proxy (v1.0) for enabling service mesh ● Merged with Conduit to form Linkerd 2.0 in Sept 2018
  • 28. ● Controller: The controller consists of multiple containers (public-api, proxy-api, destination, tap) that provide the bulk of the control plane’s functionality ● Web: The web deployment provides the Linkerd dashboard ● Prometheus: All of the metrics exposed by Linkerd are scraped via Prometheus and stored. An instance of Prometheus that has been configured to work specifically with the data that Linkerd generates is deployed ● Grafana: Linkerd comes with many dashboards out of the box. The Grafana component is used to render and display these dashboards. You can reach these dashboards via links in the Linkerd dashboard itself. Linkerd Architecture
  • 29. ● Linkerd’s philosophy is to be a very lightweight addition on top of existing platform ● No need to be a Platform admin to use linkerd ● Simple installation and CLI tools to get started ● Small sidecar proxy written in Rust ● Can do end-to-end encryption and automatic proxy injection ● Lacks complex routing and tracing capabilities Linkerd Capabilities
  • 30. Linkerd Commands Install: linkerd check --pre linkerd install | kubectl apply -f - Inject: kubectl get -n emojivoto deploy -o yaml | linkerd inject - | kubectl apply -f - Inspect: linkerd -n emojivoto stat deploy linkerd -n emojivoto top deploy linkerd -n emojivoto tap deploy/web
  • 32. Consul Connect ● Consul is a highly available and distributed service discovery and KV store ● Consul Connect augments Consul and adds Service Mesh Capabilities and was added in July 2018
  • 33. Consul Connect Features ● Provides secure service-to-service communication with automatic TLS encryption and identity-based authorization. ● Uses envoy proxy sidecar as the dataplane ● Integration with Vault for certificate and secret management ● Service discovery already provided by Consul ● Useful if you want to use services outside Kubernetes as Consul can do a 2 way sync between k8s services and Consul services ● No routing features. Main focus on service discovery and Service Identity management
  • 35. Conclusion Feature Istio Linkerd Consul Connect Traffic Redirection (Blue/Green deployment) Yes No No Traffic Splitting (Canary deployment) Yes No No Attribute based routing Yes No No Service Identification Yes No Yes Auto Proxy Injection Yes Yes Yes Non-Admin installation No Yes No Built-in Dashboard Yes Yes No Certificate Management Yes No Yes
  • 36. Conclusion Feature Istio Linkerd Consul Connect Metrics Collection Yes Yes No Built-In Dashboard Yes Yes No TLS Yes Yes Yes External Service Support Yes No Yes Rate Limiting Yes No No Tracing Yes No No