Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Welcome to the service mesh era!

Alex Khaerov
April 25, 2019
Programming
1
400

Welcome to the service mesh era!

Adopting a microservices architecture brings a host of benefits, including increased autonomy, flexibility, and modularity. But the process of decoupling a single-tier monolithic application into smaller services introduces new obstacles: what's running, how to roll out updates, how to secure and monitor all such fleet? To address these challenges, you can use a service mesh. With this talk, we are going to refresh basic knowledge and pillars of the "service mesh" and share our experience and concerns about the most popular one - Istio. Welcome to the service mesh era!

Alex Khaerov

April 25, 2019
Tweet

More Decks by Alex Khaerov

See All by Alex Khaerov
Cloud-native pipeline with Tekton
hayorov
0
47
Container security
hayorov
0
220
"Family budget" in minutes 
with Chainstack
hayorov
0
400
Bye, bye Virtual Environments?
hayorov
0
330
Quorum in minutes 
with Chainstack
hayorov
0
410
Securing Helm
hayorov
0
80
Entangled In Dependencies: Pipenv&Poetry
hayorov
0
410
To Helm Or Not To Helm
hayorov
0
520
TheURBN game #highload2017
hayorov
0
42

Other Decks in Programming

See All in Programming
プロフェッショナルとしての成長「問題の深掘り」が導く真のスキルアップ / issue-analysis-and-skill-up
minodriven
8
1.6k
個人開発の学生アプリが企業譲渡されるまで
akidon0000
0
900
「”誤った使い方をすることが困難”な設計」で良いコードの基礎を固めよう / phpcon-odawara-2025
taniguhey
0
170
Road to RubyKaigi: Making Tinny Chiptunes with Ruby
makicamel
4
440
AI時代の開発者評価について
ayumuu
0
190
Sharing features among Android applications: experience feedback
jbvincey
0
110
AIコーディングワークフローの試行 〜AIエージェント×ワークフローでの自動化を目指して〜
rkaga
3
3.7k
Being an ethical software engineer
xgouchet
PRO
0
210
ウォンテッドリーの「ココロオドル」モバイル開発 / Wantedly's "kokoro odoru" mobile development
kubode
1
170
Kamal 2 – Get Out of the Cloud
aleksandrov
1
200
fieldalignmentから見るGoの構造体
kuro_kurorrr
0
110
Java 24まとめ / Java 24 summary
kishida
3
500

Featured

See All Featured
The Straight Up "How To Draw Better" Workshop
denniskardys
232
140k
Java REST API Framework Comparison - PWX 2021
mraible
30
8.5k
Optimizing for Happiness
mojombo
377
70k
It's Worth the Effort
3n
184
28k
JavaScript: Past, Present, and Future - NDC Porto 2020
reverentgeek
47
5.3k
Writing Fast Ruby
sferik
628
61k
Become a Pro
speakerdeck
PRO
27
5.3k
Keith and Marios Guide to Fast Websites
keithpitt
411
22k
Rails Girls Zürich Keynote
gr2m
94
13k
Why Our Code Smells
bkeepers
PRO
336
57k
Put a Button on it: Removing Barriers to Going Fast.
kastner
60
3.8k
Optimising Largest Contentful Paint
csswizardry
36
3.2k

Transcript

  1. Alex Khaerov @hayorov Welcome to the service mesh era!

  2. @hayorov Hello!

  3. @hayorov company who I am

  4. @hayorov Alex Khaerov company who I am @hayorov

  5. @hayorov Alex Khaerov company who I am @hayorov doing software

    development for 9+ years active in the Python and K8s developer communities organises Moscow Python Conf, Helm Summit 2019 a huge fan of laptop stickers

  6. @hayorov Chainstack Multi-cloud and multi-blockchain Platform as a Service Alex

    Khaerov company who I am @hayorov doing software development for 9+ years active in the Python and K8s developer communities organises Moscow Python Conf, Helm Summit 2019 a huge fan of laptop stickers

  7. @hayorov Chainstack Multi-cloud and multi-blockchain Platform as a Service Alex

    Khaerov company who I am @hayorov doing software development for 9+ years active in the Python and K8s developer communities organises Moscow Python Conf, Helm Summit 2019 a huge fan of laptop stickers We are based in Singapore "

  8. @hayorov Frontend Backend Infrastructure Blockchains We use and love

  9. @hayorov Frontend Backend Infrastructure Blockchains We use and love

  10. @hayorov Frontend Backend Infrastructure Blockchains We use and love

  11. @hayorov Frontend Backend Infrastructure Blockchains We use and love

  12. @hayorov Frontend Backend Infrastructure Blockchains We use and love

  13. @hayorov Frontend Backend Infrastructure Blockchains We are hiring: careers.chainstack.com We

    use and love

  14. @hayorov Frontend Backend Infrastructure Blockchains We use and love DevOps,

    SRE wanted!

  15. @hayorov September 11 - 12, 2019 
 Pakhuis de Zwijger


    Amsterdam, The Netherlands https://events.linuxfoundation.org/events/helm-summit-2019/ CFP is open – Apply now! | #helmsummit

  16. @hayorov @hayorov Agenda Background What is Istio? Core features Operating

    principle Our experience

  17. @hayorov Monolithic app +

  18. @hayorov Monolithic app + “Bear Metal”

  19. @hayorov Monolithic app + Monolithic app + Virtualization “Bear Metal”

  20. @hayorov Monolithic app + Monolithic app + Virtualization Microservices +

    Containers “Bear Metal”

  21. @hayorov Monolithic app + Monolithic app + Virtualization Microservices +

    Containers In fact, this is how your Minikube cluster looks like, haha! “Bear Metal”

  22. @hayorov All you knows

  23. ->

  24. @hayorov All you knows

  25. @hayorov -> -> ?

  26. @hayorov @hayorov Istio

  27. @hayorov From assess to trial. Source: Technology Radar, April 2019,

    thoughtworks.com

  28. @hayorov From assess to trial. Source: Technology Radar, April 2019,

    thoughtworks.com 24

  29. @hayorov @hayorov Istio service mesh technology. Wait! What technology?

  30. @hayorov @hayorov service mesh provides a transparent and language-independent way

    to flexibly and easily automate application network functions.

  31. @hayorov @hayorov Istio service mesh technology abstraction level to the

    network intercepts all traffic executes a set of operations

  32. @hayorov Istio Value Proposition

  33. @hayorov

  34. @hayorov Data plane

  35. @hayorov Data plane Control plane

  36. @hayorov

  37. @hayorov

  38. @hayorov

  39. @hayorov

  40. @hayorov

  41. @hayorov

  42. @hayorov

  43. @hayorov

  44. @hayorov

  45. @hayorov

  46. @hayorov

  47. @hayorov

  48. @hayorov

  49. @hayorov

  50. @hayorov

  51. @hayorov

  52. @hayorov @hayorov • Telemetry. • Single common load balancer for

    all the services (HTTP, path based). • Traffic shifting (v1/v2) with simple YAML configuration. • Circuit breaking, traffic mirroring, retries. What Chainstack have been waiting from Istio

  53. @hayorov @hayorov 1.1 Performance 0.2 (Oct, 2017) the first touch

    1.0 (Oct, 2018) major release 1.1.x Milestones

  54. @hayorov @hayorov Fact 1: Simple installation Official helm charts Install

    with Helm via helm template or with Helm and Tiller using helm install Istio on GKE Extra checkbox in gconsole. In beta status.

  55. @hayorov @hayorov Fact 2: We cannot easily get network interaction

    data on network traffic Istio comes with a precompiled and preconfigured envoy proxy, supporting only the zipkin protocol. Only bytes metrics, no RPS or request latencies. Zipkin protocol is much verbose than Jaeger == less effective.

  56. @hayorov @hayorov By default, Istio comes with plain TCP configured

    for all ports, which means that no traces are sent. Fact 3: No magic, need to configure Solution: Name all the ports of the kubernetes service entities. Composite names can be used, like http-magic (proto-extra format). Dirty workaround: Patch the Pilot component.

  57. @hayorov  Fact 4: High compute resource consumption  •150 pods; •50

    services; •25 virtualservices; •30 destination rules. “Pilote” CPU consumption •Envoy degrades at big scale (>5k rps); •Side-car consumes ~600Mb RAM (each instance).

  58. @hayorov @hayorov Despite all of this… Istio is a great

    tool and performance is getting better.

  59. Thank you questions… @hayorov

  60. Thank you questions… Alex Khaerov @hayorov