SlideShare a Scribd company logo

Service Mesh Introduction - CloudNative Meetup Karlsruhe

TEC Campus
TEC Campus

This is a talk held at the CloudNative and Kubernetes Meetup Karlsruhe in August 2019. It introduces service meshed and their features in general and Istio specially.

Software
1 of 27
Download to read offline
Stephan Fudeus SERVICE MESH INTRODUCTION Cloud Native and Kubernetes Karlsruhe Meetup
1&1 Mail & Media Development & Technology GmbH2 Speaker 29.08.19 Stephan Fudeus § Joined 1&1 in 2005 § Long-term experience in building highly scalable multi- tenant applications § Product Owner and Technology Lead for Kubernetes Clusters of 1&1 Mail & Media § Twitter: @der_sfu
¢ Motivation ¢ Service Mesh in general ¢ Istio £ Beyond a single cluster £ Configuration samples £ Observability £ Performance 1&1 Mail & Media Development & Technology GmbH3 Agenda 29.08.19
SOA & Microservices 29.08.194 1&1 Mail & Media Development & Technology GmbH Source: https://www.redhat.com/de/topics/microservices/what-are-microservices
Advantages of Microservices 29.08.195 1&1 Mail & Media Development & Technology GmbH § Decoupling § Less local complexity § Faster development cycles § Focus on single purpose § Reusability § Scalability § …
Microservices 29.08.196 1&1 Mail & Media Development & Technology GmbH Source: https://hackernoon.com/capture-and-forward-correlation-ids-through-different-lambda-event-sources-220c227c65f5
Networks in Container Platforms 29.08.197 1&1 Mail & Media Development & Technology GmbH § Physical network insufficient § Take care of basic routing and firewalling § Software Defined Networks § flexible § Usually „flat“ / „unstructured“ within a single cluster § Some infrastructural enhancements, e.g. network policies § Container Orchestrator functionalities § Rollout processes § Simple Request Routing / Load Balancing
Gap Between Network and Applications 29.08.198 1&1 Mail & Media Development & Technology GmbH § SDN offers basic functionality § Applications need further cross-cutting network functions § Encryption: TLS § Identification & Authentication: TLS client certificates § Loadbalancing, Routing (blue/green, canary, …) § Request Tracing (incl. Timing) § Monitoring § Rate limiting § Request mirroring, Retries § Circuit Breaking § Tests: e.g. fault injection
Solution so far 29.08.199 1&1 Mail & Media Development & Technology GmbH § Implementation as part of the application § language specific details § Inconsistent throughout the full landscape § High risk of errors § Re-inventing the wheel § Highly redundant § Use of frameworks § Still language-specific, thus incompatible
But …. 29.08.1910 1&1 Mail & Media Development & Technology GmbH Service 1 Actual service Ribbon Hystrix Metrics Tracing Service 2 Actual service Ribbon Hystrix Metrics Tracing Service 3 Actual service Ribbon Hystrix Metrics Tracing
Solution: Service Mesh 29.08.1911 1&1 Mail & Media Development & Technology GmbH § Idea: Enhance functionality in an infrastructural component § Central implementation § Easier to maintain § Language agnostic
Control Plane Data Plane Service Mesh Architecture 29.08.1912 1&1 Mail & Media Development & Technology GmbH Pod 1 Service A Pod 2 Service B Proxy Proxy Configuration Management Policies & Telemetry Certificate Management
Major Implementations 29.08.1913 1&1 Mail & Media Development & Technology GmbH § Istio (1.2.x) § Linkerd2 (2.5.x) § Consul connect § …
Example: Istio 29.08.1914 1&1 Mail & Media Development & Technology GmbH Control Plane Data Plane 29.08.1914 Pod 1 Service A Pod 2 Service B Pilot Mixer Citadel
General External Connectivity 29.08.1915 1&1 Mail & Media Development & Technology GmbH
Flexible Request Routing 29.08.1916 1&1 Mail & Media Development & Technology GmbH
Mesh Expansion 29.08.1917 1&1 Mail & Media Development & Technology GmbH Cluster A Host A Host B Pod 1 Service A App A App A Istio Control Plane
Multi Cluster 29.08.1918 1&1 Mail & Media Development & Technology GmbH Cluster A Pod 1 Service A Istio Control Plane Cluster B Pod 2 Service B Istio Control Plane Root CA Gateway
Configuration Objects 29.08.1919 1&1 Mail & Media Development & Technology GmbH VirtualService DestinationRuleClient Pod Destination Pod Relevant features • Routing • Timeouts • Retries • Fault injection • Aborts • Delays • Mirroring Relevant features • Circuit breaking • Routing • Load balancing
Configuration Objects 29.08.1920 1&1 Mail & Media Development & Technology GmbH Client Pod ServiceEntry External Service
Configuration Samples - Routing 29.08.1921 1&1 Mail & Media Development & Technology GmbH
Configuration Samples – Fault/Delay Injection 29.08.1922 1&1 Mail & Media Development & Technology GmbH
Configuration Samples – Mirroring / Timeouts 29.08.1923 1&1 Mail & Media Development & Technology GmbH
Configuration Samples – Circuit Breaking 29.08.1924 1&1 Mail & Media Development & Technology GmbH
Additional Aspects 29.08.1925 1&1 Mail & Media Development & Technology GmbH § Security policies § Transport security § Authentication / Authorization § Policies and Telemetry § Whitelists and Blacklists § Rate limiting § Header rewrites and redirects
Observability with Kiali 29.08.1926 1&1 Mail & Media Development & Technology GmbH
Overhead 29.08.1927 1&1 Mail & Media Development & Technology GmbH § Official numbers § The Envoy proxy adds 8ms to the 90th percentile latency. § The Envoy proxy uses 0.6 vCPU and 50 MB memory per 1000 requests per second going through the proxy.

Recommended

Towards Quality-Aware Development of Big Data Applications with DICE
Towards Quality-Aware Development of Big Data Applications with DICETowards Quality-Aware Development of Big Data Applications with DICE
Towards Quality-Aware Development of Big Data Applications with DICE
Pooyan Jamshidi
 
„GitOps with Flux and Flagger“
„GitOps with Flux and Flagger“„GitOps with Flux and Flagger“
„GitOps with Flux and Flagger“
ConSol Consulting & Solutions Software GmbH
 
Meetup talk about the Red Hat OpenShift Service Mesh
Meetup talk about the Red Hat OpenShift Service MeshMeetup talk about the Red Hat OpenShift Service Mesh
Meetup talk about the Red Hat OpenShift Service Mesh
ConSol Consulting & Solutions Software GmbH
 
MongoDB Linux Porting, Performance Measurements and and Scaling Advantage usi...
MongoDB Linux Porting, Performance Measurements and and Scaling Advantage usi...MongoDB Linux Porting, Performance Measurements and and Scaling Advantage usi...
MongoDB Linux Porting, Performance Measurements and and Scaling Advantage usi...
MongoDB
 
Vanalstine Soq 2012
Vanalstine Soq 2012Vanalstine Soq 2012
Vanalstine Soq 2012
tomvanalstine
 
Cics Connectivity
Cics ConnectivityCics Connectivity
Cics Connectivity
CICS ROADSHOW
 
Hybrid and Multi-Cloud Strategies for Kubernetes with GitOps
Hybrid and Multi-Cloud Strategies for Kubernetes with GitOpsHybrid and Multi-Cloud Strategies for Kubernetes with GitOps
Hybrid and Multi-Cloud Strategies for Kubernetes with GitOps
Sonja Schweigert
 
Hybrid and Multi-Cloud Strategies for Kubernetes with GitOps
Hybrid and Multi-Cloud Strategies for Kubernetes with GitOpsHybrid and Multi-Cloud Strategies for Kubernetes with GitOps
Hybrid and Multi-Cloud Strategies for Kubernetes with GitOps
Weaveworks
 

Recommended

Towards Quality-Aware Development of Big Data Applications with DICE
Towards Quality-Aware Development of Big Data Applications with DICETowards Quality-Aware Development of Big Data Applications with DICE
Towards Quality-Aware Development of Big Data Applications with DICE
Pooyan Jamshidi
 
„GitOps with Flux and Flagger“
„GitOps with Flux and Flagger“„GitOps with Flux and Flagger“
„GitOps with Flux and Flagger“
ConSol Consulting & Solutions Software GmbH
 
Meetup talk about the Red Hat OpenShift Service Mesh
Meetup talk about the Red Hat OpenShift Service MeshMeetup talk about the Red Hat OpenShift Service Mesh
Meetup talk about the Red Hat OpenShift Service Mesh
ConSol Consulting & Solutions Software GmbH
 
MongoDB Linux Porting, Performance Measurements and and Scaling Advantage usi...
MongoDB Linux Porting, Performance Measurements and and Scaling Advantage usi...MongoDB Linux Porting, Performance Measurements and and Scaling Advantage usi...
MongoDB Linux Porting, Performance Measurements and and Scaling Advantage usi...
MongoDB
 
Vanalstine Soq 2012
Vanalstine Soq 2012Vanalstine Soq 2012
Vanalstine Soq 2012
tomvanalstine
 
Cics Connectivity
Cics ConnectivityCics Connectivity
Cics Connectivity
CICS ROADSHOW
 
Hybrid and Multi-Cloud Strategies for Kubernetes with GitOps
Hybrid and Multi-Cloud Strategies for Kubernetes with GitOpsHybrid and Multi-Cloud Strategies for Kubernetes with GitOps
Hybrid and Multi-Cloud Strategies for Kubernetes with GitOps
Sonja Schweigert
 
Hybrid and Multi-Cloud Strategies for Kubernetes with GitOps
Hybrid and Multi-Cloud Strategies for Kubernetes with GitOpsHybrid and Multi-Cloud Strategies for Kubernetes with GitOps
Hybrid and Multi-Cloud Strategies for Kubernetes with GitOps
Weaveworks
 
Kubernetes in a grown environment and integration into continuous delivery
Kubernetes in a grown environment and integration into continuous deliveryKubernetes in a grown environment and integration into continuous delivery
Kubernetes in a grown environment and integration into continuous delivery
TEC Campus
 
Confluent Partner Tech Talk with QLIK
Confluent Partner Tech Talk with QLIKConfluent Partner Tech Talk with QLIK
Confluent Partner Tech Talk with QLIK
confluent
 
Innovation in the network – Adding value to voice OpenCloud Bouygues
Innovation in the network – Adding value to voice OpenCloud BouyguesInnovation in the network – Adding value to voice OpenCloud Bouygues
Innovation in the network – Adding value to voice OpenCloud Bouygues
Alan Quayle
 
Building a CI/CD driven infrastructure for managing kubernetes clusters on ba...
Building a CI/CD driven infrastructure for managing kubernetes clusters on ba...Building a CI/CD driven infrastructure for managing kubernetes clusters on ba...
Building a CI/CD driven infrastructure for managing kubernetes clusters on ba...
TEC Campus
 
Customer Highleveloverview
Customer HighleveloverviewCustomer Highleveloverview
Customer Highleveloverview
rehanf5
 
Patterns and Pains of Migrating Legacy Applications to Kubernetes
Patterns and Pains of Migrating Legacy Applications to KubernetesPatterns and Pains of Migrating Legacy Applications to Kubernetes
Patterns and Pains of Migrating Legacy Applications to Kubernetes
QAware GmbH
 
Patterns and Pains of Migrating Legacy Applications to Kubernetes
Patterns and Pains of Migrating Legacy Applications to KubernetesPatterns and Pains of Migrating Legacy Applications to Kubernetes
Patterns and Pains of Migrating Legacy Applications to Kubernetes
Josef Adersberger
 
What is expected from Chief Cloud Officers?
What is expected from Chief Cloud Officers?What is expected from Chief Cloud Officers?
What is expected from Chief Cloud Officers?
Bernard Paques
 
Open Hardware for All - Webinar March 25, 2015
Open Hardware for All - Webinar March 25, 2015Open Hardware for All - Webinar March 25, 2015
Open Hardware for All - Webinar March 25, 2015
Cumulus Networks
 
Considering Bare Metal
Considering Bare MetalConsidering Bare Metal
Considering Bare Metal
Satish Hemachandran
 
Daimler’s Community Approach to TAS Platform Monitoring
Daimler’s Community Approach to TAS Platform MonitoringDaimler’s Community Approach to TAS Platform Monitoring
Daimler’s Community Approach to TAS Platform Monitoring
VMware Tanzu
 
Confluent Partner Tech Talk with Reply
Confluent Partner Tech Talk with ReplyConfluent Partner Tech Talk with Reply
Confluent Partner Tech Talk with Reply
confluent
 
Miami in touch-amdocs-lte-2011-05-16-handout
Miami in touch-amdocs-lte-2011-05-16-handoutMiami in touch-amdocs-lte-2011-05-16-handout
Miami in touch-amdocs-lte-2011-05-16-handout
Arthur Sanchez
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
WSO2
 
RayRansdell_ITSupportSpecialistPDF
RayRansdell_ITSupportSpecialistPDFRayRansdell_ITSupportSpecialistPDF
RayRansdell_ITSupportSpecialistPDF
Ray Ransdell
 
Fuji Overview
Fuji OverviewFuji Overview
Fuji Overview
Eduardo Pelegri-Llopart
 
SharePoint Best Practices Conference 2013
SharePoint Best Practices Conference 2013SharePoint Best Practices Conference 2013
SharePoint Best Practices Conference 2013
Mike Brannon
 
130424 bitkom ucc_cloud_v06
130424 bitkom ucc_cloud_v06130424 bitkom ucc_cloud_v06
130424 bitkom ucc_cloud_v06
Michael Burian
 
Plnog 3: Zbigniew Skurczyński - Wirtualizacja i optymalizacja infrastruktury
Plnog 3: Zbigniew Skurczyński - Wirtualizacja i optymalizacja infrastrukturyPlnog 3: Zbigniew Skurczyński - Wirtualizacja i optymalizacja infrastruktury
Plnog 3: Zbigniew Skurczyński - Wirtualizacja i optymalizacja infrastruktury
PROIDEA
 
Anypoint Tools and MuleSoft Automation (DRAFT).pptx
Anypoint Tools and MuleSoft Automation (DRAFT).pptxAnypoint Tools and MuleSoft Automation (DRAFT).pptx
Anypoint Tools and MuleSoft Automation (DRAFT).pptx
Akshata Sawant
 
Test Automation Design Patterns_ A Comprehensive Guide.pdf
Test Automation Design Patterns_ A Comprehensive Guide.pdfTest Automation Design Patterns_ A Comprehensive Guide.pdf
Test Automation Design Patterns_ A Comprehensive Guide.pdf
kalichargn70th171
 
architecting-ai-in-the-enterprise-apis-and-applications.pdf
architecting-ai-in-the-enterprise-apis-and-applications.pdfarchitecting-ai-in-the-enterprise-apis-and-applications.pdf
architecting-ai-in-the-enterprise-apis-and-applications.pdf
WSO2
 

More Related Content

Similar to Service Mesh Introduction - CloudNative Meetup Karlsruhe

Customer Highleveloverview
Customer HighleveloverviewCustomer Highleveloverview
Customer Highleveloverview
rehanf5
 
Patterns and Pains of Migrating Legacy Applications to Kubernetes
Patterns and Pains of Migrating Legacy Applications to KubernetesPatterns and Pains of Migrating Legacy Applications to Kubernetes
Patterns and Pains of Migrating Legacy Applications to Kubernetes
QAware GmbH
 
Miami in touch-amdocs-lte-2011-05-16-handout
Miami in touch-amdocs-lte-2011-05-16-handoutMiami in touch-amdocs-lte-2011-05-16-handout
Miami in touch-amdocs-lte-2011-05-16-handout
Arthur Sanchez
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
WSO2
 
RayRansdell_ITSupportSpecialistPDF
RayRansdell_ITSupportSpecialistPDFRayRansdell_ITSupportSpecialistPDF
RayRansdell_ITSupportSpecialistPDF
Ray Ransdell
 
130424 bitkom ucc_cloud_v06
130424 bitkom ucc_cloud_v06130424 bitkom ucc_cloud_v06
130424 bitkom ucc_cloud_v06
Michael Burian
 

Similar to Service Mesh Introduction - CloudNative Meetup Karlsruhe (20)

Kubernetes in a grown environment and integration into continuous delivery
Kubernetes in a grown environment and integration into continuous deliveryKubernetes in a grown environment and integration into continuous delivery
Kubernetes in a grown environment and integration into continuous delivery
 
Confluent Partner Tech Talk with QLIK
Confluent Partner Tech Talk with QLIKConfluent Partner Tech Talk with QLIK
Confluent Partner Tech Talk with QLIK
 
Innovation in the network – Adding value to voice OpenCloud Bouygues
Innovation in the network – Adding value to voice OpenCloud BouyguesInnovation in the network – Adding value to voice OpenCloud Bouygues
Innovation in the network – Adding value to voice OpenCloud Bouygues
 
Building a CI/CD driven infrastructure for managing kubernetes clusters on ba...
Building a CI/CD driven infrastructure for managing kubernetes clusters on ba...Building a CI/CD driven infrastructure for managing kubernetes clusters on ba...
Building a CI/CD driven infrastructure for managing kubernetes clusters on ba...
 
Customer Highleveloverview
Customer HighleveloverviewCustomer Highleveloverview
Customer Highleveloverview
 
Patterns and Pains of Migrating Legacy Applications to Kubernetes
Patterns and Pains of Migrating Legacy Applications to KubernetesPatterns and Pains of Migrating Legacy Applications to Kubernetes
Patterns and Pains of Migrating Legacy Applications to Kubernetes
 
Patterns and Pains of Migrating Legacy Applications to Kubernetes
Patterns and Pains of Migrating Legacy Applications to KubernetesPatterns and Pains of Migrating Legacy Applications to Kubernetes
Patterns and Pains of Migrating Legacy Applications to Kubernetes
 
What is expected from Chief Cloud Officers?
What is expected from Chief Cloud Officers?What is expected from Chief Cloud Officers?
What is expected from Chief Cloud Officers?
 
Open Hardware for All - Webinar March 25, 2015
Open Hardware for All - Webinar March 25, 2015Open Hardware for All - Webinar March 25, 2015
Open Hardware for All - Webinar March 25, 2015
 
Considering Bare Metal
Considering Bare MetalConsidering Bare Metal
Considering Bare Metal
 
Daimler’s Community Approach to TAS Platform Monitoring
Daimler’s Community Approach to TAS Platform MonitoringDaimler’s Community Approach to TAS Platform Monitoring
Daimler’s Community Approach to TAS Platform Monitoring
 
Confluent Partner Tech Talk with Reply
Confluent Partner Tech Talk with ReplyConfluent Partner Tech Talk with Reply
Confluent Partner Tech Talk with Reply
 
Miami in touch-amdocs-lte-2011-05-16-handout
Miami in touch-amdocs-lte-2011-05-16-handoutMiami in touch-amdocs-lte-2011-05-16-handout
Miami in touch-amdocs-lte-2011-05-16-handout
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
 
RayRansdell_ITSupportSpecialistPDF
RayRansdell_ITSupportSpecialistPDFRayRansdell_ITSupportSpecialistPDF
RayRansdell_ITSupportSpecialistPDF
 
Fuji Overview
Fuji OverviewFuji Overview
Fuji Overview
 
SharePoint Best Practices Conference 2013
SharePoint Best Practices Conference 2013SharePoint Best Practices Conference 2013
SharePoint Best Practices Conference 2013
 
130424 bitkom ucc_cloud_v06
130424 bitkom ucc_cloud_v06130424 bitkom ucc_cloud_v06
130424 bitkom ucc_cloud_v06
 
Plnog 3: Zbigniew Skurczyński - Wirtualizacja i optymalizacja infrastruktury
Plnog 3: Zbigniew Skurczyński - Wirtualizacja i optymalizacja infrastrukturyPlnog 3: Zbigniew Skurczyński - Wirtualizacja i optymalizacja infrastruktury
Plnog 3: Zbigniew Skurczyński - Wirtualizacja i optymalizacja infrastruktury
 
Anypoint Tools and MuleSoft Automation (DRAFT).pptx
Anypoint Tools and MuleSoft Automation (DRAFT).pptxAnypoint Tools and MuleSoft Automation (DRAFT).pptx
Anypoint Tools and MuleSoft Automation (DRAFT).pptx
 

Recently uploaded

Abortion Pills For Sale WhatsApp[[+27737758557]] In Birch Acres, Abortion Pil...
Abortion Pills For Sale WhatsApp[[+27737758557]] In Birch Acres, Abortion Pil...Abortion Pills For Sale WhatsApp[[+27737758557]] In Birch Acres, Abortion Pil...
Abortion Pills For Sale WhatsApp[[+27737758557]] In Birch Acres, Abortion Pil...
drm1699
 
The mythical technical debt. (Brooke, please, forgive me)
The mythical technical debt. (Brooke, please, forgive me)The mythical technical debt. (Brooke, please, forgive me)
The mythical technical debt. (Brooke, please, forgive me)
Roberto Bettazzoni
 
[GeeCON2024] How I learned to stop worrying and love the dark silicon apocalypse
[GeeCON2024] How I learned to stop worrying and love the dark silicon apocalypse[GeeCON2024] How I learned to stop worrying and love the dark silicon apocalypse
[GeeCON2024] How I learned to stop worrying and love the dark silicon apocalypse
Tomasz Kowalczewski
 
From Theory to Practice: Utilizing SpiraPlan's REST API
From Theory to Practice: Utilizing SpiraPlan's REST APIFrom Theory to Practice: Utilizing SpiraPlan's REST API
From Theory to Practice: Utilizing SpiraPlan's REST API
Inflectra
 
Effective Strategies for Wix's Scaling challenges - GeeCon
Effective Strategies for Wix's Scaling challenges - GeeConEffective Strategies for Wix's Scaling challenges - GeeCon
Effective Strategies for Wix's Scaling challenges - GeeCon
Natan Silnitsky
 

Recently uploaded (20)

Test Automation Design Patterns_ A Comprehensive Guide.pdf
Test Automation Design Patterns_ A Comprehensive Guide.pdfTest Automation Design Patterns_ A Comprehensive Guide.pdf
Test Automation Design Patterns_ A Comprehensive Guide.pdf
 
architecting-ai-in-the-enterprise-apis-and-applications.pdf
architecting-ai-in-the-enterprise-apis-and-applications.pdfarchitecting-ai-in-the-enterprise-apis-and-applications.pdf
architecting-ai-in-the-enterprise-apis-and-applications.pdf
 
UNI DI NAPOLI FEDERICO II - Il ruolo dei grafi nell'AI Conversazionale Ibrida
UNI DI NAPOLI FEDERICO II - Il ruolo dei grafi nell'AI Conversazionale IbridaUNI DI NAPOLI FEDERICO II - Il ruolo dei grafi nell'AI Conversazionale Ibrida
UNI DI NAPOLI FEDERICO II - Il ruolo dei grafi nell'AI Conversazionale Ibrida
 
Abortion Clinic In Springs ](+27832195400*)[ 🏥 Safe Abortion Pills in Springs...
Abortion Clinic In Springs ](+27832195400*)[ 🏥 Safe Abortion Pills in Springs...Abortion Clinic In Springs ](+27832195400*)[ 🏥 Safe Abortion Pills in Springs...
Abortion Clinic In Springs ](+27832195400*)[ 🏥 Safe Abortion Pills in Springs...
 
Abortion Pills For Sale WhatsApp[[+27737758557]] In Birch Acres, Abortion Pil...
Abortion Pills For Sale WhatsApp[[+27737758557]] In Birch Acres, Abortion Pil...Abortion Pills For Sale WhatsApp[[+27737758557]] In Birch Acres, Abortion Pil...
Abortion Pills For Sale WhatsApp[[+27737758557]] In Birch Acres, Abortion Pil...
 
Encryption Recap: A Refresher on Key Concepts
Encryption Recap: A Refresher on Key ConceptsEncryption Recap: A Refresher on Key Concepts
Encryption Recap: A Refresher on Key Concepts
 
GraphSummit Milan - Visione e roadmap del prodotto Neo4j
GraphSummit Milan - Visione e roadmap del prodotto Neo4jGraphSummit Milan - Visione e roadmap del prodotto Neo4j
GraphSummit Milan - Visione e roadmap del prodotto Neo4j
 
The Evolution of Web App Testing_ An Ultimate Guide to Future Trends.pdf
The Evolution of Web App Testing_ An Ultimate Guide to Future Trends.pdfThe Evolution of Web App Testing_ An Ultimate Guide to Future Trends.pdf
The Evolution of Web App Testing_ An Ultimate Guide to Future Trends.pdf
 
Abortion Pill Prices Germiston ](+27832195400*)[ 🏥 Women's Abortion Clinic in...
Abortion Pill Prices Germiston ](+27832195400*)[ 🏥 Women's Abortion Clinic in...Abortion Pill Prices Germiston ](+27832195400*)[ 🏥 Women's Abortion Clinic in...
Abortion Pill Prices Germiston ](+27832195400*)[ 🏥 Women's Abortion Clinic in...
 
OpenChain Webinar: AboutCode and Beyond - End-to-End SCA
OpenChain Webinar: AboutCode and Beyond - End-to-End SCAOpenChain Webinar: AboutCode and Beyond - End-to-End SCA
OpenChain Webinar: AboutCode and Beyond - End-to-End SCA
 
The mythical technical debt. (Brooke, please, forgive me)
The mythical technical debt. (Brooke, please, forgive me)The mythical technical debt. (Brooke, please, forgive me)
The mythical technical debt. (Brooke, please, forgive me)
 
GraphSummit Milan - Neo4j: The Art of the Possible with Graph
GraphSummit Milan - Neo4j: The Art of the Possible with GraphGraphSummit Milan - Neo4j: The Art of the Possible with Graph
GraphSummit Milan - Neo4j: The Art of the Possible with Graph
 
[GeeCON2024] How I learned to stop worrying and love the dark silicon apocalypse
[GeeCON2024] How I learned to stop worrying and love the dark silicon apocalypse[GeeCON2024] How I learned to stop worrying and love the dark silicon apocalypse
[GeeCON2024] How I learned to stop worrying and love the dark silicon apocalypse
 
Abortion Pill Prices Turfloop ](+27832195400*)[ 🏥 Women's Abortion Clinic in ...
Abortion Pill Prices Turfloop ](+27832195400*)[ 🏥 Women's Abortion Clinic in ...Abortion Pill Prices Turfloop ](+27832195400*)[ 🏥 Women's Abortion Clinic in ...
Abortion Pill Prices Turfloop ](+27832195400*)[ 🏥 Women's Abortion Clinic in ...
 
Abortion Pill Prices Jane Furse ](+27832195400*)[ 🏥 Women's Abortion Clinic i...
Abortion Pill Prices Jane Furse ](+27832195400*)[ 🏥 Women's Abortion Clinic i...Abortion Pill Prices Jane Furse ](+27832195400*)[ 🏥 Women's Abortion Clinic i...
Abortion Pill Prices Jane Furse ](+27832195400*)[ 🏥 Women's Abortion Clinic i...
 
From Theory to Practice: Utilizing SpiraPlan's REST API
From Theory to Practice: Utilizing SpiraPlan's REST APIFrom Theory to Practice: Utilizing SpiraPlan's REST API
From Theory to Practice: Utilizing SpiraPlan's REST API
 
Abortion Pill Prices Mthatha (@](+27832195400*)[ 🏥 Women's Abortion Clinic In...
Abortion Pill Prices Mthatha (@](+27832195400*)[ 🏥 Women's Abortion Clinic In...Abortion Pill Prices Mthatha (@](+27832195400*)[ 🏥 Women's Abortion Clinic In...
Abortion Pill Prices Mthatha (@](+27832195400*)[ 🏥 Women's Abortion Clinic In...
 
Effective Strategies for Wix's Scaling challenges - GeeCon
Effective Strategies for Wix's Scaling challenges - GeeConEffective Strategies for Wix's Scaling challenges - GeeCon
Effective Strategies for Wix's Scaling challenges - GeeCon
 
The Strategic Impact of Buying vs Building in Test Automation
The Strategic Impact of Buying vs Building in Test AutomationThe Strategic Impact of Buying vs Building in Test Automation
The Strategic Impact of Buying vs Building in Test Automation
 
Your Ultimate Web Studio for Streaming Anywhere | Evmux
Your Ultimate Web Studio for Streaming Anywhere | EvmuxYour Ultimate Web Studio for Streaming Anywhere | Evmux
Your Ultimate Web Studio for Streaming Anywhere | Evmux
 

Service Mesh Introduction - CloudNative Meetup Karlsruhe

  • 1. Stephan Fudeus SERVICE MESH INTRODUCTION Cloud Native and Kubernetes Karlsruhe Meetup
  • 2. 1&1 Mail & Media Development & Technology GmbH2 Speaker 29.08.19 Stephan Fudeus § Joined 1&1 in 2005 § Long-term experience in building highly scalable multi- tenant applications § Product Owner and Technology Lead for Kubernetes Clusters of 1&1 Mail & Media § Twitter: @der_sfu
  • 3. ¢ Motivation ¢ Service Mesh in general ¢ Istio £ Beyond a single cluster £ Configuration samples £ Observability £ Performance 1&1 Mail & Media Development & Technology GmbH3 Agenda 29.08.19
  • 4. SOA & Microservices 29.08.194 1&1 Mail & Media Development & Technology GmbH Source: https://www.redhat.com/de/topics/microservices/what-are-microservices
  • 5. Advantages of Microservices 29.08.195 1&1 Mail & Media Development & Technology GmbH § Decoupling § Less local complexity § Faster development cycles § Focus on single purpose § Reusability § Scalability § …
  • 6. Microservices 29.08.196 1&1 Mail & Media Development & Technology GmbH Source: https://hackernoon.com/capture-and-forward-correlation-ids-through-different-lambda-event-sources-220c227c65f5
  • 7. Networks in Container Platforms 29.08.197 1&1 Mail & Media Development & Technology GmbH § Physical network insufficient § Take care of basic routing and firewalling § Software Defined Networks § flexible § Usually „flat“ / „unstructured“ within a single cluster § Some infrastructural enhancements, e.g. network policies § Container Orchestrator functionalities § Rollout processes § Simple Request Routing / Load Balancing
  • 8. Gap Between Network and Applications 29.08.198 1&1 Mail & Media Development & Technology GmbH § SDN offers basic functionality § Applications need further cross-cutting network functions § Encryption: TLS § Identification & Authentication: TLS client certificates § Loadbalancing, Routing (blue/green, canary, …) § Request Tracing (incl. Timing) § Monitoring § Rate limiting § Request mirroring, Retries § Circuit Breaking § Tests: e.g. fault injection
  • 9. Solution so far 29.08.199 1&1 Mail & Media Development & Technology GmbH § Implementation as part of the application § language specific details § Inconsistent throughout the full landscape § High risk of errors § Re-inventing the wheel § Highly redundant § Use of frameworks § Still language-specific, thus incompatible
  • 10. But …. 29.08.1910 1&1 Mail & Media Development & Technology GmbH Service 1 Actual service Ribbon Hystrix Metrics Tracing Service 2 Actual service Ribbon Hystrix Metrics Tracing Service 3 Actual service Ribbon Hystrix Metrics Tracing
  • 11. Solution: Service Mesh 29.08.1911 1&1 Mail & Media Development & Technology GmbH § Idea: Enhance functionality in an infrastructural component § Central implementation § Easier to maintain § Language agnostic
  • 12. Control Plane Data Plane Service Mesh Architecture 29.08.1912 1&1 Mail & Media Development & Technology GmbH Pod 1 Service A Pod 2 Service B Proxy Proxy Configuration Management Policies & Telemetry Certificate Management
  • 13. Major Implementations 29.08.1913 1&1 Mail & Media Development & Technology GmbH § Istio (1.2.x) § Linkerd2 (2.5.x) § Consul connect § …
  • 14. Example: Istio 29.08.1914 1&1 Mail & Media Development & Technology GmbH Control Plane Data Plane 29.08.1914 Pod 1 Service A Pod 2 Service B Pilot Mixer Citadel
  • 15. General External Connectivity 29.08.1915 1&1 Mail & Media Development & Technology GmbH
  • 16. Flexible Request Routing 29.08.1916 1&1 Mail & Media Development & Technology GmbH
  • 17. Mesh Expansion 29.08.1917 1&1 Mail & Media Development & Technology GmbH Cluster A Host A Host B Pod 1 Service A App A App A Istio Control Plane
  • 18. Multi Cluster 29.08.1918 1&1 Mail & Media Development & Technology GmbH Cluster A Pod 1 Service A Istio Control Plane Cluster B Pod 2 Service B Istio Control Plane Root CA Gateway
  • 19. Configuration Objects 29.08.1919 1&1 Mail & Media Development & Technology GmbH VirtualService DestinationRuleClient Pod Destination Pod Relevant features • Routing • Timeouts • Retries • Fault injection • Aborts • Delays • Mirroring Relevant features • Circuit breaking • Routing • Load balancing
  • 20. Configuration Objects 29.08.1920 1&1 Mail & Media Development & Technology GmbH Client Pod ServiceEntry External Service
  • 21. Configuration Samples - Routing 29.08.1921 1&1 Mail & Media Development & Technology GmbH
  • 22. Configuration Samples – Fault/Delay Injection 29.08.1922 1&1 Mail & Media Development & Technology GmbH
  • 23. Configuration Samples – Mirroring / Timeouts 29.08.1923 1&1 Mail & Media Development & Technology GmbH
  • 24. Configuration Samples – Circuit Breaking 29.08.1924 1&1 Mail & Media Development & Technology GmbH
  • 25. Additional Aspects 29.08.1925 1&1 Mail & Media Development & Technology GmbH § Security policies § Transport security § Authentication / Authorization § Policies and Telemetry § Whitelists and Blacklists § Rate limiting § Header rewrites and redirects
  • 26. Observability with Kiali 29.08.1926 1&1 Mail & Media Development & Technology GmbH
  • 27. Overhead 29.08.1927 1&1 Mail & Media Development & Technology GmbH § Official numbers § The Envoy proxy adds 8ms to the 90th percentile latency. § The Envoy proxy uses 0.6 vCPU and 50 MB memory per 1000 requests per second going through the proxy.