Migration of an Enterprise UI Microservice System from Cloud Foundry to Kubernetes

Tony Erwin
Tony ErwinSenior Technical Staff Member at IBM
Migration of an Enterprise UI Microservice System from Cloud Foundry to Kubernetes Tony Erwin, IBM Jonathan Schweikhart, IBM
Agenda • Overview of IBM Cloud Console Architecture • What is Cloud Foundry? What is Kubernetes? Why Switch? • Experiences And Lessons Learned During Migration • Conclusion
Overview of IBM Cloud Console Architecture
IBM Cloud Console • Large UI serving as front-end to the IBM Cloud • Lets users create, view, and manage PaaS/IaaS resources: – Cloud Foundry apps & services – Kubernetes clusters – Virtual servers – Bare metal • Provides additional functionality for: – Registration/onboarding – Identity and Access Management (IAM) – Billing/usage – Docs
IBM Cloud Console Architecture • Started life about 5 years ago as a monolithic Java app • Now composed of about 40 Node.js, cloud-native microservices + more than 20 external plugins • Originally deployed as apps to Cloud Foundry • Currently deployed as containers on Kubernetes uService 1 uService 2 … uService nuService n-1 Backend APIs (CF, Containers, VMs, IAM, Billing/Usage, etc.) Console Client Proxy Core Deployment Watson IoT Funcs Clusters Mobile … (External Plugins)
What is Cloud Foundry? What is Kubernetes? Why Switch?
What is Cloud Foundry*? • Provides a PaaS with an abstraction at the application level – Developers can focus on code rather than underlying infrastructure • Leverages the Open Service Broker API to make it easy to use services from apps • Manages apps as Diego containers (internally) * Technically describing the Cloud Foundry Application Runtime which is one of the two open source components from the CF Foundation.
What is Kubernetes? • Abstracts at the container level • Provides many of the benefits of PaaS with the flexibility of IaaS – Often referred to as IaaS+ • Orchestrates computing, networking, and storage infrastructure on behalf of user workloads • Enables portability across infrastructure providers
Why Did We Switch? • Nothing “wrong” with CF – Very easy to get apps running, relatively low learning curve, etc. – Used in some way by at least half of the Fortune 500 • Kubernetes offers several advantages for our use case – More granular control to better manage our large, complex microservice system – Dedicated clusters to avoid performance/availability problems from friendly fire • In fairness, CF can be installed in a dedicated manner as well (even on Kubernetes!) – Simpler “front door” stack with built-in Ingress proxy to avoid extra network hops – Private host names • All apps in CF have public host names, so not possible to have a “private” microservice – Private networking • Calls between microservices in CF require going out over the public internet – Improved memory and CPU usage (dynamic allocation) – Ability to run our own services (like Redis) – Integrated monitoring with Prometheus
Experiences And Lessons Learned During Migration
Need to Dockerize Node Application cf push Diego Container Node Application helm install Docker Image CF Flow Kube Flow
Migrating Manifest to Helm • Helm - Deployment – Docker image – CPU & memory – Environment variables • Helm – Service – Single alias for the deployment • Helm – Ingress – Hostname/URL mapping to service
Deployment Configuration • Cloud Foundry – Configuration per deployment environment • Kubernetes – Helm cli makes hierarchical simple – Global – Global-<Environment> – Cluster – Cluster-<namespace>
Exposure of Microservices • Cloud Foundry – Public URL per microservice – Each microservice has to protect against direct access • Security concerns • Common code repeated • Kubernetes – Microservice gets to choose exposure • Service – Allows an internal only route to the application • Ingress – Allows external routes to be defined to map to Services – Protections take place at a higher level to allow microservices to ignore exposure issues
Common Code Migration Problems • Cloud Foundry assumptions – Environment variable assumptions • VCAP_SERVICES • PORT • Invalid OS name characters like hyphens – URL format for intra-microservice communication • CF: https://ace-common-production.us-south.bluemix.net • Kubernetes: http://common • URL construction vs URL variables
Installing a Local Redis with Stateful Sets Redis 1 Redis 2 Redis 3 Cloud Foundry Kubernetes Redis 1 Worker Node 1 Redis 2 Worker Node 2 Redis 3 Worker Node 3
Worker Nodes Kubernetes Cluster Worker Nodes cadvisor Nginx-logger Prometheus Monitoring in Kubernetes Worker Nodes Kubernetes Cluster Worker Nodes cadvisor Nginx-logger Prometheus Worker Nodes Kubernetes Cluster Prometheus • CPU • Memory • Network • File system • Status Filter
Monitoring NGINX Ingress • Nginx logs contain invaluable metrics about incoming calls – Timestamp – HTTP method – HTTP status codes – Headers – URI – Response time • Implemented custom solution for accessing those metrics – Configure nginx to log to syslog – Create microservice that scrapes the syslog and exposes the data to Prometheus – Filter, monitor, and alert
Red/Black Deployments Live URL Ondeck URL Red Ingress Black Ingress Proxy Ingress Live URL Ondeck URL Red Ingress Black Ingress Proxy Ingress
Built-in Liveness/Readiness Checks • /readiness – ”I am ready to accept traffic” – One time initialization checks • Connections to resources (URLs, DBs, etc..) – Periodic checks • Circuit breakers • Current status • Content Throttling • /liveness – “I should keep living“ – Unrecoverable situations/Unexpected Failures – “Have you tried turning it off and on again?”
Rolling Out Kubernetes
Geo Load Balancing and Failover (CF) • One global URL (https://console.bluemix.net) • Use Dyn geo load balancing to serve UI from the nearest healthy region • If healthcheck in a region shows a problem, Dyn routes to the next closest healthy region • Odds of all regions being down at the same time much less than one region being down • Reduces regional latency
Geo Load Balancing and Failover (Migration) • Needed to verify stability of Kube clusters before turning off CF deployments in production • Solution: Add Kube clusters to Dyn rotation and run CF deployments side-by-side with Kube deployments
Geo Load Balancing and Failover (Final) • Once satisfied, removed CF deployments from rotation and only Kube deployments remained
Conclusion
Conclusion • CF is a great technology, but Kubernetes better meets the needs of our microservice system • Nothing is free, and we had to solve several new problems along the way • Allowed us to achieve greater performance, scalability, reliability, and security than we had before
Questions? • Tony Erwin – Email: aerwin@us.ibm.com – Twitter: @tonyerwin • Jonathan Schweikhart – Email: jschweik@us.ibm.com
The End
1 of 28

Migration of an Enterprise UI Microservice System from Cloud Foundry to Kubernetes

Download to read offline
Software

Presented at Open Source Summit Japan with Jonathan Schweikhart on June 21, 2018. Abstract: The 40 Node.js microservices making up the IBM Cloud UI historically have been deployed as apps on Cloud Foundry (CF), an open source PaaS. But, recently, this enterprise microservice system has been migrated to run on Kubernetes to take advantage of improved orchestration, higher availability, and better performance. Tony Erwin & Jonathan Schweikhart will discuss their team's journey and provide you with insights into the advantages of Kube over CF. Even more importantly, they will describe approaches to solving new problems that took the place of old ones, such as: 1) adapting PaaS apps to run as containers on Kube, 2) enabling geo load balancing between the different runtimes (to vette Kube before completely turning off CF), 3) integrating tools like Prometheus into existing monitoring systems, and more! Their team's first-hand experiences will help you avoid pitfalls as you prepare your own migrations to Kube! Link to Info on Talk: https://ossalsjp18.sched.com/event/EaYj/migration-of-an-enterprise-ui-microservice-system-from-cloud-foundry-to-kubernetes-tony-erwin-jonathan-schweikhart-ibm?iframe=no NOTE: CF is always evolving and the limitations on private networking and private host names mentioned in the slides are no longer current. If you have access to CF API 2.115.0 or higher (released on June 25, 2018), you can leverage CF's service discovery feature (see https://docs.cloudfoundry.org/devguide/deploy-apps/cf-networking.html#discovery ).

Tony Erwin
Tony ErwinSenior Technical Staff Member at IBM

Recommended

Migrating Enterprise Microservices From Cloud Foundry to Kubernetes by
Migrating Enterprise Microservices From Cloud Foundry to KubernetesMigrating Enterprise Microservices From Cloud Foundry to Kubernetes
Migrating Enterprise Microservices From Cloud Foundry to KubernetesTony Erwin
333 views28 slides
Kube journey 2017-04-19 by
Kube journey 2017-04-19Kube journey 2017-04-19
Kube journey 2017-04-19Doug Davis
128 views22 slides
Introduction to container mangement by
Introduction to container mangementIntroduction to container mangement
Introduction to container mangementMartin Marcher
759 views38 slides
Evolution of the IBM Cloud Console: From Monolith to Microservices and Beyond by
Evolution of the IBM Cloud Console: From Monolith to Microservices and BeyondEvolution of the IBM Cloud Console: From Monolith to Microservices and Beyond
Evolution of the IBM Cloud Console: From Monolith to Microservices and BeyondTony Erwin
423 views22 slides
Creating a Kubernetes Operator in Java by
Creating a Kubernetes Operator in JavaCreating a Kubernetes Operator in Java
Creating a Kubernetes Operator in JavaRudy De Busscher
140 views14 slides
Make Java Microservices Resilient with Istio - Mangesh - IBM - CC18 by
Make Java Microservices Resilient with Istio - Mangesh - IBM - CC18Make Java Microservices Resilient with Istio - Mangesh - IBM - CC18
Make Java Microservices Resilient with Istio - Mangesh - IBM - CC18CodeOps Technologies LLP
9.1K views47 slides

More Related Content

What's hot

Build your First IoT Application with IBM Watson IoT by
Build your First IoT Application with IBM Watson IoTBuild your First IoT Application with IBM Watson IoT
Build your First IoT Application with IBM Watson IoTJanakiram MSV
420 views14 slides
Developing Enterprise Applications for the Cloud, from Monolith to Microservices by
Developing Enterprise Applications for the Cloud, from Monolith to MicroservicesDeveloping Enterprise Applications for the Cloud, from Monolith to Microservices
Developing Enterprise Applications for the Cloud, from Monolith to MicroservicesDavid Currie
2.2K views29 slides
Streaming with Spring Cloud Stream and Apache Kafka - Soby Chacko by
Streaming with Spring Cloud Stream and Apache Kafka - Soby ChackoStreaming with Spring Cloud Stream and Apache Kafka - Soby Chacko
Streaming with Spring Cloud Stream and Apache Kafka - Soby ChackoVMware Tanzu
2.3K views28 slides
K8s vs Cloud Foundry by
K8s vs Cloud FoundryK8s vs Cloud Foundry
K8s vs Cloud FoundryIvan Borshukov
468 views44 slides
Using Red Hat JBoss Fuse on OpenShift by
Using Red Hat JBoss Fuse on OpenShiftUsing Red Hat JBoss Fuse on OpenShift
Using Red Hat JBoss Fuse on OpenShiftKenneth Peeples
3.3K views47 slides
Introduction to Microservices and Cloud Native Application Architecture by
Introduction to Microservices and Cloud Native Application ArchitectureIntroduction to Microservices and Cloud Native Application Architecture
Introduction to Microservices and Cloud Native Application ArchitectureDavid Currie
20K views42 slides

What's hot(20)

Build your First IoT Application with IBM Watson IoT by Janakiram MSV
Build your First IoT Application with IBM Watson IoTBuild your First IoT Application with IBM Watson IoT
Build your First IoT Application with IBM Watson IoT
Janakiram MSV420 views
Developing Enterprise Applications for the Cloud, from Monolith to Microservices by David Currie
Developing Enterprise Applications for the Cloud, from Monolith to MicroservicesDeveloping Enterprise Applications for the Cloud, from Monolith to Microservices
Developing Enterprise Applications for the Cloud, from Monolith to Microservices
David Currie2.2K views
Streaming with Spring Cloud Stream and Apache Kafka - Soby Chacko by VMware Tanzu
Streaming with Spring Cloud Stream and Apache Kafka - Soby ChackoStreaming with Spring Cloud Stream and Apache Kafka - Soby Chacko
Streaming with Spring Cloud Stream and Apache Kafka - Soby Chacko
VMware Tanzu2.3K views
K8s vs Cloud Foundry by Ivan Borshukov
K8s vs Cloud FoundryK8s vs Cloud Foundry
K8s vs Cloud Foundry
Ivan Borshukov468 views
Using Red Hat JBoss Fuse on OpenShift by Kenneth Peeples
Using Red Hat JBoss Fuse on OpenShiftUsing Red Hat JBoss Fuse on OpenShift
Using Red Hat JBoss Fuse on OpenShift
Kenneth Peeples3.3K views
Introduction to Microservices and Cloud Native Application Architecture by David Currie
Introduction to Microservices and Cloud Native Application ArchitectureIntroduction to Microservices and Cloud Native Application Architecture
Introduction to Microservices and Cloud Native Application Architecture
David Currie20K views
Event-driven Applications with Kafka, Micronaut, and AWS Lambda | Dave Klein,... by HostedbyConfluent
Event-driven Applications with Kafka, Micronaut, and AWS Lambda | Dave Klein,...Event-driven Applications with Kafka, Micronaut, and AWS Lambda | Dave Klein,...
Event-driven Applications with Kafka, Micronaut, and AWS Lambda | Dave Klein,...
HostedbyConfluent349 views
Container Patterns by Matthias Luebken
Container PatternsContainer Patterns
Container Patterns
Matthias Luebken7.8K views
WSO2Con USA 2017: Scalable Real-time Complex Event Processing at Uber by WSO2
WSO2Con USA 2017: Scalable Real-time Complex Event Processing at UberWSO2Con USA 2017: Scalable Real-time Complex Event Processing at Uber
WSO2Con USA 2017: Scalable Real-time Complex Event Processing at Uber
WSO25.7K views
Kubernetes on OpenStack @eBay by Sriram Subramanian
Kubernetes on OpenStack @eBayKubernetes on OpenStack @eBay
Kubernetes on OpenStack @eBay
Sriram Subramanian1.8K views
The Good, the Bad and the Ugly of Migrating Hundreds of Legacy Applications ... by Josef Adersberger
The Good, the Bad and the Ugly of Migrating Hundreds of Legacy Applications ... The Good, the Bad and the Ugly of Migrating Hundreds of Legacy Applications ...
The Good, the Bad and the Ugly of Migrating Hundreds of Legacy Applications ...
Josef Adersberger672 views
Everything You Need to Know About Docker and Storage by Ryan Wallner, ClusterHQ by Docker, Inc.
Everything You Need to Know About Docker and Storage by Ryan Wallner, ClusterHQ Everything You Need to Know About Docker and Storage by Ryan Wallner, ClusterHQ
Everything You Need to Know About Docker and Storage by Ryan Wallner, ClusterHQ
Docker, Inc.769 views
Encrypting Kafka messages at rest to secure applications | Robert Barnes, Has... by HostedbyConfluent
Encrypting Kafka messages at rest to secure applications | Robert Barnes, Has...Encrypting Kafka messages at rest to secure applications | Robert Barnes, Has...
Encrypting Kafka messages at rest to secure applications | Robert Barnes, Has...
HostedbyConfluent9.6K views
20120317 CloudFoundry #pyfes by Yohei Sasaki
20120317 CloudFoundry #pyfes20120317 CloudFoundry #pyfes
20120317 CloudFoundry #pyfes
Yohei Sasaki2.1K views
introduction to micro services by Spyros Lambrinidis
introduction to micro servicesintroduction to micro services
introduction to micro services
Spyros Lambrinidis1.1K views
Confluent Operations Training for Apache Kafka by confluent
Confluent Operations Training for Apache KafkaConfluent Operations Training for Apache Kafka
Confluent Operations Training for Apache Kafka
confluent680 views
K8S in prod by Mageshwaran Rajendran
K8S in prodK8S in prod
K8S in prod
Mageshwaran Rajendran1.7K views
OSDC 2018 | Three years running containers with Kubernetes in Production by T... by NETWAYS
OSDC 2018 | Three years running containers with Kubernetes in Production by T...OSDC 2018 | Three years running containers with Kubernetes in Production by T...
OSDC 2018 | Three years running containers with Kubernetes in Production by T...
NETWAYS246 views
Spring cloud by Milan Ashara
Spring cloudSpring cloud
Spring cloud
Milan Ashara109 views
MuleSoft Deployment Strategies (RTF vs Hybrid vs CloudHub) by Prashanth Kurimella
MuleSoft Deployment Strategies (RTF vs Hybrid vs CloudHub)MuleSoft Deployment Strategies (RTF vs Hybrid vs CloudHub)
MuleSoft Deployment Strategies (RTF vs Hybrid vs CloudHub)
Prashanth Kurimella2.3K views

Similar to Migration of an Enterprise UI Microservice System from Cloud Foundry to Kubernetes

20191201 kubernetes managed weblogic revival - part 1 by
20191201 kubernetes managed weblogic revival - part 120191201 kubernetes managed weblogic revival - part 1
20191201 kubernetes managed weblogic revival - part 1makker_nl
100 views33 slides
The Kubernetes WebLogic revival (part 1) by
The Kubernetes WebLogic revival (part 1)The Kubernetes WebLogic revival (part 1)
The Kubernetes WebLogic revival (part 1)Simon Haslam
305 views33 slides
Building a PaaS Platform like Bluemix on OpenStack by
Building a PaaS Platform like Bluemix on OpenStackBuilding a PaaS Platform like Bluemix on OpenStack
Building a PaaS Platform like Bluemix on OpenStackAnimesh Singh
6.3K views54 slides
Flying to clouds - can it be easy? Cloud Native Applications by
Flying to clouds - can it be easy? Cloud Native ApplicationsFlying to clouds - can it be easy? Cloud Native Applications
Flying to clouds - can it be easy? Cloud Native ApplicationsJacek Bukowski
329 views27 slides
JDD 2016 - Jacek Bukowski - "Flying To Clouds" - Can It Be Easy? by
JDD 2016 - Jacek Bukowski - "Flying To Clouds" - Can It Be Easy?JDD 2016 - Jacek Bukowski - "Flying To Clouds" - Can It Be Easy?
JDD 2016 - Jacek Bukowski - "Flying To Clouds" - Can It Be Easy?PROIDEA
104 views26 slides
To Kill a Monolith: Slaying the Demons of a Monolith with Node.js Microservic... by
To Kill a Monolith: Slaying the Demons of a Monolith with Node.js Microservic...To Kill a Monolith: Slaying the Demons of a Monolith with Node.js Microservic...
To Kill a Monolith: Slaying the Demons of a Monolith with Node.js Microservic...Tony Erwin
561 views19 slides

Similar to Migration of an Enterprise UI Microservice System from Cloud Foundry to Kubernetes (20)

20191201 kubernetes managed weblogic revival - part 1 by makker_nl
20191201 kubernetes managed weblogic revival - part 120191201 kubernetes managed weblogic revival - part 1
20191201 kubernetes managed weblogic revival - part 1
makker_nl100 views
The Kubernetes WebLogic revival (part 1) by Simon Haslam
The Kubernetes WebLogic revival (part 1)The Kubernetes WebLogic revival (part 1)
The Kubernetes WebLogic revival (part 1)
Simon Haslam305 views
Building a PaaS Platform like Bluemix on OpenStack by Animesh Singh
Building a PaaS Platform like Bluemix on OpenStackBuilding a PaaS Platform like Bluemix on OpenStack
Building a PaaS Platform like Bluemix on OpenStack
Animesh Singh6.3K views
Flying to clouds - can it be easy? Cloud Native Applications by Jacek Bukowski
Flying to clouds - can it be easy? Cloud Native ApplicationsFlying to clouds - can it be easy? Cloud Native Applications
Flying to clouds - can it be easy? Cloud Native Applications
Jacek Bukowski329 views
JDD 2016 - Jacek Bukowski - "Flying To Clouds" - Can It Be Easy? by PROIDEA
JDD 2016 - Jacek Bukowski - "Flying To Clouds" - Can It Be Easy?JDD 2016 - Jacek Bukowski - "Flying To Clouds" - Can It Be Easy?
JDD 2016 - Jacek Bukowski - "Flying To Clouds" - Can It Be Easy?
PROIDEA104 views
To Kill a Monolith: Slaying the Demons of a Monolith with Node.js Microservic... by Tony Erwin
To Kill a Monolith: Slaying the Demons of a Monolith with Node.js Microservic...To Kill a Monolith: Slaying the Demons of a Monolith with Node.js Microservic...
To Kill a Monolith: Slaying the Demons of a Monolith with Node.js Microservic...
Tony Erwin561 views
VMworld 2013: Three Advantages of Running Cloud Foundry in a VMware Private C... by VMworld
VMworld 2013: Three Advantages of Running Cloud Foundry in a VMware Private C...VMworld 2013: Three Advantages of Running Cloud Foundry in a VMware Private C...
VMworld 2013: Three Advantages of Running Cloud Foundry in a VMware Private C...
VMworld696 views
Netflix0SS Services on Docker by Docker, Inc.
Netflix0SS Services on DockerNetflix0SS Services on Docker
Netflix0SS Services on Docker
Docker, Inc.2.1K views
Ibm cloud nativenetflixossfinal by aspyker
Ibm cloud nativenetflixossfinalIbm cloud nativenetflixossfinal
Ibm cloud nativenetflixossfinal
aspyker2.7K views
Introduction to Kubernetes by Vishal Biyani
Introduction to KubernetesIntroduction to Kubernetes
Introduction to Kubernetes
Vishal Biyani601 views
Microservices and Best Practices by Weaveworks
Microservices and Best Practices Microservices and Best Practices
Microservices and Best Practices
Weaveworks541 views
To Kill a Monolith: Slaying the Demons of a Monolith with Node.js Microservic... by Tony Erwin
To Kill a Monolith: Slaying the Demons of a Monolith with Node.js Microservic...To Kill a Monolith: Slaying the Demons of a Monolith with Node.js Microservic...
To Kill a Monolith: Slaying the Demons of a Monolith with Node.js Microservic...
Tony Erwin5.6K views
Cloudstack for beginners by Joseph Amirani
Cloudstack for beginnersCloudstack for beginners
Cloudstack for beginners
Joseph Amirani596 views
.NET microservices with Azure Service Fabric by Davide Benvegnù
.NET microservices with Azure Service Fabric.NET microservices with Azure Service Fabric
.NET microservices with Azure Service Fabric
Davide Benvegnù494 views
Cloud stack for_beginners by Radhika Puthiyetath
Cloud stack for_beginnersCloud stack for_beginners
Cloud stack for_beginners
Radhika Puthiyetath10.1K views
NetflixOSS for Triangle Devops Oct 2013 by aspyker
NetflixOSS for Triangle Devops Oct 2013NetflixOSS for Triangle Devops Oct 2013
NetflixOSS for Triangle Devops Oct 2013
aspyker2.2K views
Migrating Java EE applications to IBM Bluemix Platform-as-a-Service by David Currie
Migrating Java EE applications to IBM Bluemix Platform-as-a-ServiceMigrating Java EE applications to IBM Bluemix Platform-as-a-Service
Migrating Java EE applications to IBM Bluemix Platform-as-a-Service
David Currie21.7K views
Un-clouding the cloud by Davinder Kohli
Un-clouding the cloudUn-clouding the cloud
Un-clouding the cloud
Davinder Kohli1K views
Migrating Java EE applications to IBM Bluemix platform as-a-service (CloudFou... by Jack-Junjie Cai
Migrating Java EE applications to IBM Bluemix platform as-a-service (CloudFou...Migrating Java EE applications to IBM Bluemix platform as-a-service (CloudFou...
Migrating Java EE applications to IBM Bluemix platform as-a-service (CloudFou...
Jack-Junjie Cai1K views
Presentation citrix cloud platform for infrastructure as a service by xKinAnx
Presentation citrix cloud platform for infrastructure as a servicePresentation citrix cloud platform for infrastructure as a service
Presentation citrix cloud platform for infrastructure as a service
xKinAnx863 views

Recently uploaded

Dev-HRE-Ops - Addressing the _Last Mile DevOps Challenge_ in Highly Regulated... by
Dev-HRE-Ops - Addressing the _Last Mile DevOps Challenge_ in Highly Regulated...Dev-HRE-Ops - Addressing the _Last Mile DevOps Challenge_ in Highly Regulated...
Dev-HRE-Ops - Addressing the _Last Mile DevOps Challenge_ in Highly Regulated...TomHalpin9
6 views29 slides
predicting-m3-devopsconMunich-2023.pptx by
predicting-m3-devopsconMunich-2023.pptxpredicting-m3-devopsconMunich-2023.pptx
predicting-m3-devopsconMunich-2023.pptxTier1 app
8 views24 slides
.NET Deserialization Attacks by
.NET Deserialization Attacks.NET Deserialization Attacks
.NET Deserialization AttacksDharmalingam Ganesan
5 views50 slides
EV Charging App Case by
EV Charging App Case EV Charging App Case
EV Charging App Case iCoderz Solutions
9 views1 slide
predicting-m3-devopsconMunich-2023-v2.pptx by
predicting-m3-devopsconMunich-2023-v2.pptxpredicting-m3-devopsconMunich-2023-v2.pptx
predicting-m3-devopsconMunich-2023-v2.pptxTier1 app
12 views33 slides
Using Qt under LGPL-3.0 by
Using Qt under LGPL-3.0Using Qt under LGPL-3.0
Using Qt under LGPL-3.0Burkhard Stubert
13 views11 slides

Recently uploaded(20)

Dev-HRE-Ops - Addressing the _Last Mile DevOps Challenge_ in Highly Regulated... by TomHalpin9
Dev-HRE-Ops - Addressing the _Last Mile DevOps Challenge_ in Highly Regulated...Dev-HRE-Ops - Addressing the _Last Mile DevOps Challenge_ in Highly Regulated...
Dev-HRE-Ops - Addressing the _Last Mile DevOps Challenge_ in Highly Regulated...
TomHalpin96 views
predicting-m3-devopsconMunich-2023.pptx by Tier1 app
predicting-m3-devopsconMunich-2023.pptxpredicting-m3-devopsconMunich-2023.pptx
predicting-m3-devopsconMunich-2023.pptx
Tier1 app8 views
.NET Deserialization Attacks by Dharmalingam Ganesan
.NET Deserialization Attacks.NET Deserialization Attacks
.NET Deserialization Attacks
Dharmalingam Ganesan5 views
EV Charging App Case by iCoderz Solutions
EV Charging App Case EV Charging App Case
EV Charging App Case
iCoderz Solutions9 views
predicting-m3-devopsconMunich-2023-v2.pptx by Tier1 app
predicting-m3-devopsconMunich-2023-v2.pptxpredicting-m3-devopsconMunich-2023-v2.pptx
predicting-m3-devopsconMunich-2023-v2.pptx
Tier1 app12 views
Using Qt under LGPL-3.0 by Burkhard Stubert
Using Qt under LGPL-3.0Using Qt under LGPL-3.0
Using Qt under LGPL-3.0
Burkhard Stubert13 views
Introduction to Maven by John Valentino
Introduction to MavenIntroduction to Maven
Introduction to Maven
John Valentino6 views
Flask-Python.pptx by Triloki Gupta
Flask-Python.pptxFlask-Python.pptx
Flask-Python.pptx
Triloki Gupta9 views
Quality Assurance by interworksoftware2
Quality Assurance Quality Assurance
Quality Assurance
interworksoftware25 views
The Path to DevOps by John Valentino
The Path to DevOpsThe Path to DevOps
The Path to DevOps
John Valentino5 views
Agile 101 by John Valentino
Agile 101Agile 101
Agile 101
John Valentino12 views
Unlocking the Power of AI in Product Management - A Comprehensive Guide for P... by NimaTorabi2
Unlocking the Power of AI in Product Management - A Comprehensive Guide for P...Unlocking the Power of AI in Product Management - A Comprehensive Guide for P...
Unlocking the Power of AI in Product Management - A Comprehensive Guide for P...
NimaTorabi216 views
Transport Management System - Shipment & Container Tracking by Freightoscope
Transport Management System - Shipment & Container TrackingTransport Management System - Shipment & Container Tracking
Transport Management System - Shipment & Container Tracking
Freightoscope 5 views
Understanding HTML terminology by artembondar5
Understanding HTML terminologyUnderstanding HTML terminology
Understanding HTML terminology
artembondar57 views
tecnologia18.docx by nosi6702
tecnologia18.docxtecnologia18.docx
tecnologia18.docx
nosi67025 views
The Era of Large Language Models.pptx by AbdulVahedShaik
The Era of Large Language Models.pptxThe Era of Large Language Models.pptx
The Era of Large Language Models.pptx
AbdulVahedShaik7 views
Bootstrapping vs Venture Capital.pptx by Zeljko Svedic
Bootstrapping vs Venture Capital.pptxBootstrapping vs Venture Capital.pptx
Bootstrapping vs Venture Capital.pptx
Zeljko Svedic15 views
AI and Ml presentation .pptx by FayazAli87
AI and Ml presentation .pptxAI and Ml presentation .pptx
AI and Ml presentation .pptx
FayazAli8714 views
Ports-and-Adapters Architecture for Embedded HMI by Burkhard Stubert
Ports-and-Adapters Architecture for Embedded HMIPorts-and-Adapters Architecture for Embedded HMI
Ports-and-Adapters Architecture for Embedded HMI
Burkhard Stubert33 views
How to build dyanmic dashboards and ensure they always work by Wiiisdom
How to build dyanmic dashboards and ensure they always workHow to build dyanmic dashboards and ensure they always work
How to build dyanmic dashboards and ensure they always work
Wiiisdom14 views

Migration of an Enterprise UI Microservice System from Cloud Foundry to Kubernetes

  • 1. Migration of an Enterprise UI Microservice System from Cloud Foundry to Kubernetes Tony Erwin, IBM Jonathan Schweikhart, IBM
  • 2. Agenda • Overview of IBM Cloud Console Architecture • What is Cloud Foundry? What is Kubernetes? Why Switch? • Experiences And Lessons Learned During Migration • Conclusion
  • 3. Overview of IBM Cloud Console Architecture
  • 4. IBM Cloud Console • Large UI serving as front-end to the IBM Cloud • Lets users create, view, and manage PaaS/IaaS resources: – Cloud Foundry apps & services – Kubernetes clusters – Virtual servers – Bare metal • Provides additional functionality for: – Registration/onboarding – Identity and Access Management (IAM) – Billing/usage – Docs
  • 5. IBM Cloud Console Architecture • Started life about 5 years ago as a monolithic Java app • Now composed of about 40 Node.js, cloud-native microservices + more than 20 external plugins • Originally deployed as apps to Cloud Foundry • Currently deployed as containers on Kubernetes uService 1 uService 2 … uService nuService n-1 Backend APIs (CF, Containers, VMs, IAM, Billing/Usage, etc.) Console Client Proxy Core Deployment Watson IoT Funcs Clusters Mobile … (External Plugins)
  • 6. What is Cloud Foundry? What is Kubernetes? Why Switch?
  • 7. What is Cloud Foundry*? • Provides a PaaS with an abstraction at the application level – Developers can focus on code rather than underlying infrastructure • Leverages the Open Service Broker API to make it easy to use services from apps • Manages apps as Diego containers (internally) * Technically describing the Cloud Foundry Application Runtime which is one of the two open source components from the CF Foundation.
  • 8. What is Kubernetes? • Abstracts at the container level • Provides many of the benefits of PaaS with the flexibility of IaaS – Often referred to as IaaS+ • Orchestrates computing, networking, and storage infrastructure on behalf of user workloads • Enables portability across infrastructure providers
  • 9. Why Did We Switch? • Nothing “wrong” with CF – Very easy to get apps running, relatively low learning curve, etc. – Used in some way by at least half of the Fortune 500 • Kubernetes offers several advantages for our use case – More granular control to better manage our large, complex microservice system – Dedicated clusters to avoid performance/availability problems from friendly fire • In fairness, CF can be installed in a dedicated manner as well (even on Kubernetes!) – Simpler “front door” stack with built-in Ingress proxy to avoid extra network hops – Private host names • All apps in CF have public host names, so not possible to have a “private” microservice – Private networking • Calls between microservices in CF require going out over the public internet – Improved memory and CPU usage (dynamic allocation) – Ability to run our own services (like Redis) – Integrated monitoring with Prometheus
  • 11. Need to Dockerize Node Application cf push Diego Container Node Application helm install Docker Image CF Flow Kube Flow
  • 12. Migrating Manifest to Helm • Helm - Deployment – Docker image – CPU & memory – Environment variables • Helm – Service – Single alias for the deployment • Helm – Ingress – Hostname/URL mapping to service
  • 13. Deployment Configuration • Cloud Foundry – Configuration per deployment environment • Kubernetes – Helm cli makes hierarchical simple – Global – Global-<Environment> – Cluster – Cluster-<namespace>
  • 14. Exposure of Microservices • Cloud Foundry – Public URL per microservice – Each microservice has to protect against direct access • Security concerns • Common code repeated • Kubernetes – Microservice gets to choose exposure • Service – Allows an internal only route to the application • Ingress – Allows external routes to be defined to map to Services – Protections take place at a higher level to allow microservices to ignore exposure issues
  • 15. Common Code Migration Problems • Cloud Foundry assumptions – Environment variable assumptions • VCAP_SERVICES • PORT • Invalid OS name characters like hyphens – URL format for intra-microservice communication • CF: https://ace-common-production.us-south.bluemix.net • Kubernetes: http://common • URL construction vs URL variables
  • 16. Installing a Local Redis with Stateful Sets Redis 1 Redis 2 Redis 3 Cloud Foundry Kubernetes Redis 1 Worker Node 1 Redis 2 Worker Node 2 Redis 3 Worker Node 3
  • 17. Worker Nodes Kubernetes Cluster Worker Nodes cadvisor Nginx-logger Prometheus Monitoring in Kubernetes Worker Nodes Kubernetes Cluster Worker Nodes cadvisor Nginx-logger Prometheus Worker Nodes Kubernetes Cluster Prometheus • CPU • Memory • Network • File system • Status Filter
  • 18. Monitoring NGINX Ingress • Nginx logs contain invaluable metrics about incoming calls – Timestamp – HTTP method – HTTP status codes – Headers – URI – Response time • Implemented custom solution for accessing those metrics – Configure nginx to log to syslog – Create microservice that scrapes the syslog and exposes the data to Prometheus – Filter, monitor, and alert
  • 19. Red/Black Deployments Live URL Ondeck URL Red Ingress Black Ingress Proxy Ingress Live URL Ondeck URL Red Ingress Black Ingress Proxy Ingress
  • 20. Built-in Liveness/Readiness Checks • /readiness – ”I am ready to accept traffic” – One time initialization checks • Connections to resources (URLs, DBs, etc..) – Periodic checks • Circuit breakers • Current status • Content Throttling • /liveness – “I should keep living“ – Unrecoverable situations/Unexpected Failures – “Have you tried turning it off and on again?”
  • 22. Geo Load Balancing and Failover (CF) • One global URL (https://console.bluemix.net) • Use Dyn geo load balancing to serve UI from the nearest healthy region • If healthcheck in a region shows a problem, Dyn routes to the next closest healthy region • Odds of all regions being down at the same time much less than one region being down • Reduces regional latency
  • 23. Geo Load Balancing and Failover (Migration) • Needed to verify stability of Kube clusters before turning off CF deployments in production • Solution: Add Kube clusters to Dyn rotation and run CF deployments side-by-side with Kube deployments
  • 24. Geo Load Balancing and Failover (Final) • Once satisfied, removed CF deployments from rotation and only Kube deployments remained
  • 26. Conclusion • CF is a great technology, but Kubernetes better meets the needs of our microservice system • Nothing is free, and we had to solve several new problems along the way • Allowed us to achieve greater performance, scalability, reliability, and security than we had before
  • 27. Questions? • Tony Erwin – Email: aerwin@us.ibm.com – Twitter: @tonyerwin • Jonathan Schweikhart – Email: jschweik@us.ibm.com

Editor's Notes

  1. IBM Cloud Console: https://console.bluemix.net/
  2. Cloud Foundry Foundation: https://www.cloudfoundry.org/ CF Application Runtime: https://www.cloudfoundry.org/application-runtime/ Open Service Broker API: https://www.openservicebrokerapi.org/
  3. Kubernetes: https://kubernetes.io/
  4. IBM Cloud Console: https://console.bluemix.net/