This document provides an overview of various production-ready tools for building and managing microservices on Kubernetes, including tools for service discovery, request routing and load balancing, monitoring and visualization, configuration management, security, centralized logging, package management, and more. It discusses common tools like Prometheus, Kubernetes Ingress, ConfigMaps, and Istio, and also introduces tools like Kubeless, Kubewatch, and Kube-monkey.

1. Production ready tooling for
microservices on
Kubernetes
Chandresh Pancholi

2. Source: http://www.rafaelhart.com/2018/03/18/monolith-or-microservices.html

4. Service discovery
● Kubernetes supports DNS based service discovery
● Kubernetes supports Kube-DNS & CoreDNS based discovery
● Kube-DNS uses SkyDNS which is written by author of CoreDNS
● CoreDNS, that is built with a more modular, extensible framework
● Kube DNS uses dnsmq for caching but CoreDNS has caching a middleware

5. Request routing & load balancing
● Kubernetes services
● Kubernetes ingress
● External load balancer
● Kubernetes NodePort

6. Monitoring & Visualization
● Prometheus
● Prometheus operator
● cAdvisor
● Grafana

7. Edge server
● Ingress
○ Nginx
○ Kong
○ GCE
○ Traefik
● Ingress resource → The Ingress resource is a set of rules that map to Kubernetes
services.
● Ingress controller → Ingress controllers are applications that watch Ingresses in
the cluster and configure a balancer to apply those rules.

8. Configuration managements
● Config maps
● Secrets
● Etcd
● Hashicorp vault

9. Security
● RBAC
● Service account
● Istio
● Oauth 2.0/OpenId Connect

10. Centralised logging
● Fluentd
● Fluent bit
● Elasticsearch
● Kibana
● Elastalert

11. helm
It’s a package manager for Kubernetes. Helm helps you manage Kubernetes
applications — Helm Charts helps you define, install, and upgrade even the most
complex Kubernetes application.
Source: https://thomasmodeneis.files.wordpress.com/2017/06/screenshot_20170623_194919.png

12. Prometheus
● Node monitoring
● Pod monitoring
● Cluster monitoring
● Container monitoring
● Application monitoring
● Alerting

13. Source: https://prometheus.io/

14. Prometheus operator
Source: https://coreos.com/blog/the-prometheus-operator.html

15. Fluentd
Fluentd is an open source data collector, which lets you unify the data collection and
consumption for a better use and understanding of data.
● Unified logging with Json
● Pluggable Architecture
● Minimum resources required
● Built-in reliability

16. Source: https://www.fluentd.org/architecture

17. Source: https://www.fluentd.org/architecture

18. Jaeger/Open tracing
Jaeger, inspired by Dapper and OpenZipkin, is a distributed tracing system released as
open source by Uber Technologies. It is used for monitoring and troubleshooting
microservices-based distributed systems.
● Distributed context propagation
● Distributed transaction monitoring
● Root cause analysis
● Service dependency analysis
● Performance / latency optimization

19. Source: https://www.jaegertracing.io/

20. Kubeless
Kubeless is a Kubernetes-native serverless framework that lets you deploy small bits of
code (functions) without having to worry about the underlying infrastructure.
● Support for Python, Node.js, Ruby, PHP, Golang, .NET, Ballerina and custom
runtimes
● CLI compliant with AWS Lambda CLI
● Event triggers using Kafka messaging system and HTTP events
● Prometheus monitoring of functions calls and function latency by default

21. Source: https://blog.cloudboost.io/kubeless-is-more-9f20fb443b5a

22. Istio
Istio makes it easy to create a network of deployed services with load balancing,
service-to-service authentication, monitoring, and more, without any changes in
service code. You add Istio support to services by deploying a special sidecar proxy
throughout your environment that intercepts all network communication between
microservices, then configure and manage Istio using its control plane functionality.

23. Source: https://istio.io/docs/concepts/what-is-istio/arch.svg

24. Kubewatch
kubewatch is a Kubernetes watcher that currently publishes notification to Slack. Run
it in your k8s cluster, and you will get event notifications in a slack channel.
Resources to watch
● Daemonsets
● Deployment
● Pod
● Replica sets
● Replication controller
● Services
● Secrets
● Config maps

25. Kube-monkey
An implementation of Netflix's Chaos Monkey for Kubernetes clusters.It randomly
deletes Kubernetes (k8s) pods in the cluster encouraging and validating the
development of failure-resilient services.

26. Questions?