Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Welcome to the service mesh era!

Alex Khaerov
April 25, 2019
Programming
1
230

Welcome to the service mesh era!

Adopting a microservices architecture brings a host of benefits, including increased autonomy, flexibility, and modularity. But the process of decoupling a single-tier monolithic application into smaller services introduces new obstacles: what's running, how to roll out updates, how to secure and monitor all such fleet? To address these challenges, you can use a service mesh. With this talk, we are going to refresh basic knowledge and pillars of the "service mesh" and share our experience and concerns about the most popular one - Istio. Welcome to the service mesh era!

Alex Khaerov

April 25, 2019
Tweet

More Decks by Alex Khaerov

See All by Alex Khaerov
Cloud-native pipeline with Tekton
hayorov
0
30
Container security
hayorov
0
150
"Family budget" in minutes 
with Chainstack
hayorov
0
250
Bye, bye Virtual Environments?
hayorov
0
160
Quorum in minutes 
with Chainstack
hayorov
0
240
Securing Helm
hayorov
0
23
Entangled In Dependencies: Pipenv&Poetry
hayorov
0
230
To Helm Or Not To Helm
hayorov
0
400
TheURBN game #highload2017
hayorov
0
19

Other Decks in Programming

See All in Programming
OAuth for Java Developers - IntelliJ IDEA Live Stream 2023
mraible
PRO
0
240
一緒にスクラム開発___GPT-4と人間が共創するプロダクトの進化.pdf
itohiro73
6
6.6k
Spring Modulithで始めるモジュラモノリス開発
yutootsuka
2
320
VersionCatalogを撫でる
akari317017
0
100
Laravelへの異常な愛情 または私は如何にして心配するのを止めてEloquentを愛するようになったか
kentaroutakeda
8
3.7k
Run Your Firebase for Web App Locally Using Firebase Emulator Suite
dicoding
0
610
推測するな、計測せよ New Relic × Laravel 実践
mpyw
2
260
Structure for Enterprise-Scale Angular Applications: Nx Monorepos, Micro Frontends, and Module Federation
manfredsteyer
PRO
0
160
例外を投げるな、値を返せ
okuzawats
2
1.3k
特徴、魅力を知って、各PHPフレームワークを使いこなそう! / PHPerkaigi 2023
hitoshi_a0
0
270
面倒なのは嫌なのでコンテナのマネージドサービスの極振りしたいと思います。
n1215
PRO
1
190
Babylon.js書籍出版の裏側。ツイートから始まった奇跡の1年を振り返る
iwaken71
0
120

Featured

See All Featured
What the flash - Photography Introduction
edds
64
10k
The Power of CSS Pseudo Elements
geoffreycrofte
54
4.4k
"I'm Feeling Lucky" - Building Great Search Experiences for Today's Users (#IAC19)
danielanewman
217
21k
Keith and Marios Guide to Fast Websites
keithpitt
407
21k
Distributed Sagas: A Protocol for Coordinating Microservices
caitiem20
318
19k
How New CSS Is Changing Everything About Graphic Design on the Web
jensimmons
214
12k
Templates, Plugins, & Blocks: Oh My! Creating the theme that thinks of everything
marktimemedia
16
1.3k
Support Driven Design
roundedbygravity
88
8.9k
Responsive Adventures: Dirty Tricks From The Dark Corners of Front-End
smashingmag
239
19k
Optimizing for Happiness
mojombo
366
65k
We Have a Design System, Now What?
morganepeng
38
6k
Documentation Writing (for coders)
carmenintech
52
3k

Transcript

  1. Alex Khaerov
    @hayorov
    Welcome to the service mesh era!

    View Slide

  2. @hayorov
    Hello!

    View Slide

  3. @hayorov
    company
    who I am

    View Slide

  4. @hayorov
    Alex Khaerov
    company
    who I am
    @hayorov

    View Slide

  5. @hayorov
    Alex Khaerov
    company
    who I am
    @hayorov
    doing software development for 9+ years
    active in the Python and K8s developer communities
    organises Moscow Python Conf, Helm Summit 2019
    a huge fan of laptop stickers

    View Slide

  6. @hayorov
    Chainstack
    Multi-cloud and multi-blockchain Platform as a Service
    Alex Khaerov
    company
    who I am
    @hayorov
    doing software development for 9+ years
    active in the Python and K8s developer communities
    organises Moscow Python Conf, Helm Summit 2019
    a huge fan of laptop stickers

    View Slide

  7. @hayorov
    Chainstack
    Multi-cloud and multi-blockchain Platform as a Service
    Alex Khaerov
    company
    who I am
    @hayorov
    doing software development for 9+ years
    active in the Python and K8s developer communities
    organises Moscow Python Conf, Helm Summit 2019
    a huge fan of laptop stickers
    We are based in Singapore "

    View Slide

  8. @hayorov
    Frontend Backend Infrastructure Blockchains
    We use and love

    View Slide

  9. @hayorov
    Frontend Backend Infrastructure Blockchains
    We use and love

    View Slide

  10. @hayorov
    Frontend Backend Infrastructure Blockchains
    We use and love

    View Slide

  11. @hayorov
    Frontend Backend Infrastructure Blockchains
    We use and love

    View Slide

  12. @hayorov
    Frontend Backend Infrastructure Blockchains
    We use and love

    View Slide

  13. @hayorov
    Frontend Backend Infrastructure Blockchains
    We are hiring:
    careers.chainstack.com
    We use and love

    View Slide

  14. @hayorov
    Frontend Backend Infrastructure Blockchains
    We use and love
    DevOps, SRE wanted!

    View Slide

  15. @hayorov
    September 11 - 12, 2019

    Pakhuis de Zwijger

    Amsterdam,
    The Netherlands
    https://events.linuxfoundation.org/events/helm-summit-2019/
    CFP is open – Apply now! | #helmsummit

    View Slide

  16. @hayorov
    @hayorov
    Agenda
    Background
    What is Istio?
    Core features
    Operating principle
    Our experience

    View Slide

  17. @hayorov
    Monolithic app
    +



    View Slide

  18. @hayorov
    Monolithic app
    +



    “Bear Metal”

    View Slide

  19. @hayorov
    Monolithic app
    +
    Monolithic app
    +
    Virtualization



    “Bear Metal”

    View Slide

  20. @hayorov
    Monolithic app
    +
    Monolithic app
    +
    Virtualization
    Microservices
    +
    Containers



    “Bear Metal”

    View Slide

  21. @hayorov
    Monolithic app
    +
    Monolithic app
    +
    Virtualization
    Microservices
    +
    Containers



    In fact, this is how your Minikube
    cluster looks like, haha!
    “Bear Metal”

    View Slide

  22. @hayorov
    All you knows

    View Slide

  23. ->

    View Slide

  24. @hayorov
    All you knows

    View Slide

  25. @hayorov
    -> -> ?

    View Slide

  26. @hayorov
    @hayorov
    Istio

    View Slide

  27. @hayorov
    From assess to trial.
    Source: Technology Radar, April 2019, thoughtworks.com

    View Slide

  28. @hayorov
    From assess to trial.
    Source: Technology Radar, April 2019, thoughtworks.com
    24

    View Slide

  29. @hayorov
    @hayorov
    Istio
    service mesh technology.
    Wait! What technology?

    View Slide

  30. @hayorov
    @hayorov
    service mesh
    provides a transparent and
    language-independent way to flexibly
    and easily automate application network
    functions.

    View Slide

  31. @hayorov
    @hayorov
    Istio
    service mesh technology
    abstraction level to the network
    intercepts all traffic
    executes a set of operations

    View Slide

  32. @hayorov
    Istio Value Proposition

    View Slide

  33. @hayorov

    View Slide

  34. @hayorov
    Data plane

    View Slide

  35. @hayorov
    Data plane
    Control plane

    View Slide

  36. @hayorov

    View Slide

  37. @hayorov

    View Slide

  38. @hayorov

    View Slide

  39. @hayorov

    View Slide

  40. @hayorov

    View Slide

  41. @hayorov

    View Slide

  42. @hayorov

    View Slide

  43. @hayorov

    View Slide

  44. @hayorov

    View Slide

  45. @hayorov

    View Slide

  46. @hayorov

    View Slide

  47. @hayorov

    View Slide

  48. @hayorov

    View Slide

  49. @hayorov

    View Slide

  50. @hayorov

    View Slide

  51. @hayorov

    View Slide

  52. @hayorov
    @hayorov
    • Telemetry.
    • Single common load balancer for all the services (HTTP, path based).
    • Traffic shifting (v1/v2) with simple YAML configuration.
    • Circuit breaking, traffic mirroring, retries.
    What Chainstack have been waiting from Istio

    View Slide

  53. @hayorov
    @hayorov
    1.1
    Performance
    0.2 (Oct, 2017)
    the first touch
    1.0 (Oct, 2018)
    major release
    1.1.x
    Milestones

    View Slide

  54. @hayorov
    @hayorov
    Fact 1: Simple installation
    Official helm charts
    Install with Helm via helm template
    or with Helm and Tiller using helm install
    Istio on GKE
    Extra checkbox in gconsole.
    In beta status.

    View Slide

  55. @hayorov
    @hayorov
    Fact 2: We cannot easily get network interaction
    data on network traffic
    Istio comes with a precompiled and preconfigured envoy proxy,
    supporting only the zipkin protocol.
    Only bytes metrics, no RPS or request latencies.
    Zipkin protocol is much verbose than Jaeger == less effective.

    View Slide

  56. @hayorov
    @hayorov
    By default, Istio comes with plain TCP configured for all ports,
    which means that no traces are sent.
    Fact 3: No magic, need to configure
    Solution: Name all the ports of the kubernetes service entities.
    Composite names can be used, like http-magic (proto-extra format).
    Dirty workaround: Patch the Pilot component.

    View Slide

  57. @hayorov
     Fact 4: High compute resource
    consumption 
    •150 pods;
    •50 services;
    •25 virtualservices;
    •30 destination rules.
    “Pilote” CPU consumption
    •Envoy degrades at big scale (>5k rps);
    •Side-car consumes ~600Mb RAM (each instance).

    View Slide

  58. @hayorov
    @hayorov
    Despite all of this…
    Istio is a great tool
    and performance is getting better.

    View Slide

  59. Thank you
    questions…

    @hayorov

    View Slide

  60. Thank you
    questions…

    Alex Khaerov
    @hayorov

    View Slide