Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Welcome to the service mesh era!

Alex Khaerov
April 25, 2019
Programming
1
370

Welcome to the service mesh era!

Adopting a microservices architecture brings a host of benefits, including increased autonomy, flexibility, and modularity. But the process of decoupling a single-tier monolithic application into smaller services introduces new obstacles: what's running, how to roll out updates, how to secure and monitor all such fleet? To address these challenges, you can use a service mesh. With this talk, we are going to refresh basic knowledge and pillars of the "service mesh" and share our experience and concerns about the most popular one - Istio. Welcome to the service mesh era!

Alex Khaerov

April 25, 2019
Tweet

More Decks by Alex Khaerov

See All by Alex Khaerov
Cloud-native pipeline with Tekton
hayorov
0
36
Container security
hayorov
0
210
"Family budget" in minutes 
with Chainstack
hayorov
0
380
Bye, bye Virtual Environments?
hayorov
0
310
Quorum in minutes 
with Chainstack
hayorov
0
380
Securing Helm
hayorov
0
73
Entangled In Dependencies: Pipenv&Poetry
hayorov
0
370
To Helm Or Not To Helm
hayorov
0
490
TheURBN game #highload2017
hayorov
0
36

Other Decks in Programming

See All in Programming
Jakarta Concurrencyによる並行処理プログラミングの始め方 (JJUG CCC 2024 Fall)
tnagao7
1
280
Jakarta EE meets AI
ivargrimstad
0
510
Enabling DevOps and Team Topologies Through Architecture: Architecting for Fast Flow
cer
PRO
0
310
タクシーアプリ『GO』のリアルタイムデータ分析基盤における機械学習サービスの活用
mot_techtalk
4
1.3k
Duckdb-Wasmでローカルダッシュボードを作ってみた
nkforwork
0
120
RubyLSPのマルチバイト文字対応
notfounds
0
110
OSSで起業してもうすぐ10年 / Open Source Conference 2024 Shimane
furukawayasuto
0
100
距離関数を極める! / SESSIONS 2024
gam0022
0
280
Hotwire or React? ~アフタートーク・本編に含めなかった話~ / Hotwire or React? after talk
harunatsujita
1
120
C++でシェーダを書く
fadis
6
4.1k
Click-free releases & the making of a CLI app
oheyadam
2
110
Pinia Colada が実現するスマートな非同期処理
naokihaba
4
220

Featured

See All Featured
Automating Front-end Workflow
addyosmani
1366
200k
How to Create Impact in a Changing Tech Landscape [PerfNow 2023]
tammyeverts
47
2.1k
How STYLIGHT went responsive
nonsquared
95
5.2k
Art, The Web, and Tiny UX
lynnandtonic
297
20k
The Cult of Friendly URLs
andyhume
78
6k
RailsConf 2023
tenderlove
29
900
Rebuilding a faster, lazier Slack
samanthasiow
79
8.7k
Scaling GitHub
holman
458
140k
Side Projects
sachag
452
42k
Java REST API Framework Comparison - PWX 2021
mraible
PRO
28
8.2k
Understanding Cognitive Biases in Performance Measurement
bluesmoon
26
1.4k
Being A Developer After 40
akosma
86
590k

Transcript

  1. Alex Khaerov @hayorov Welcome to the service mesh era!

  2. @hayorov Hello!

  3. @hayorov company who I am

  4. @hayorov Alex Khaerov company who I am @hayorov

  5. @hayorov Alex Khaerov company who I am @hayorov doing software

    development for 9+ years active in the Python and K8s developer communities organises Moscow Python Conf, Helm Summit 2019 a huge fan of laptop stickers

  6. @hayorov Chainstack Multi-cloud and multi-blockchain Platform as a Service Alex

    Khaerov company who I am @hayorov doing software development for 9+ years active in the Python and K8s developer communities organises Moscow Python Conf, Helm Summit 2019 a huge fan of laptop stickers

  7. @hayorov Chainstack Multi-cloud and multi-blockchain Platform as a Service Alex

    Khaerov company who I am @hayorov doing software development for 9+ years active in the Python and K8s developer communities organises Moscow Python Conf, Helm Summit 2019 a huge fan of laptop stickers We are based in Singapore "

  8. @hayorov Frontend Backend Infrastructure Blockchains We use and love

  9. @hayorov Frontend Backend Infrastructure Blockchains We use and love

  10. @hayorov Frontend Backend Infrastructure Blockchains We use and love

  11. @hayorov Frontend Backend Infrastructure Blockchains We use and love

  12. @hayorov Frontend Backend Infrastructure Blockchains We use and love

  13. @hayorov Frontend Backend Infrastructure Blockchains We are hiring: careers.chainstack.com We

    use and love

  14. @hayorov Frontend Backend Infrastructure Blockchains We use and love DevOps,

    SRE wanted!

  15. @hayorov September 11 - 12, 2019 
 Pakhuis de Zwijger


    Amsterdam, The Netherlands https://events.linuxfoundation.org/events/helm-summit-2019/ CFP is open – Apply now! | #helmsummit

  16. @hayorov @hayorov Agenda Background What is Istio? Core features Operating

    principle Our experience

  17. @hayorov Monolithic app +

  18. @hayorov Monolithic app + “Bear Metal”

  19. @hayorov Monolithic app + Monolithic app + Virtualization “Bear Metal”

  20. @hayorov Monolithic app + Monolithic app + Virtualization Microservices +

    Containers “Bear Metal”

  21. @hayorov Monolithic app + Monolithic app + Virtualization Microservices +

    Containers In fact, this is how your Minikube cluster looks like, haha! “Bear Metal”

  22. @hayorov All you knows

  23. ->

  24. @hayorov All you knows

  25. @hayorov -> -> ?

  26. @hayorov @hayorov Istio

  27. @hayorov From assess to trial. Source: Technology Radar, April 2019,

    thoughtworks.com

  28. @hayorov From assess to trial. Source: Technology Radar, April 2019,

    thoughtworks.com 24

  29. @hayorov @hayorov Istio service mesh technology. Wait! What technology?

  30. @hayorov @hayorov service mesh provides a transparent and language-independent way

    to flexibly and easily automate application network functions.

  31. @hayorov @hayorov Istio service mesh technology abstraction level to the

    network intercepts all traffic executes a set of operations

  32. @hayorov Istio Value Proposition

  33. @hayorov

  34. @hayorov Data plane

  35. @hayorov Data plane Control plane

  36. @hayorov

  37. @hayorov

  38. @hayorov

  39. @hayorov

  40. @hayorov

  41. @hayorov

  42. @hayorov

  43. @hayorov

  44. @hayorov

  45. @hayorov

  46. @hayorov

  47. @hayorov

  48. @hayorov

  49. @hayorov

  50. @hayorov

  51. @hayorov

  52. @hayorov @hayorov • Telemetry. • Single common load balancer for

    all the services (HTTP, path based). • Traffic shifting (v1/v2) with simple YAML configuration. • Circuit breaking, traffic mirroring, retries. What Chainstack have been waiting from Istio

  53. @hayorov @hayorov 1.1 Performance 0.2 (Oct, 2017) the first touch

    1.0 (Oct, 2018) major release 1.1.x Milestones

  54. @hayorov @hayorov Fact 1: Simple installation Official helm charts Install

    with Helm via helm template or with Helm and Tiller using helm install Istio on GKE Extra checkbox in gconsole. In beta status.

  55. @hayorov @hayorov Fact 2: We cannot easily get network interaction

    data on network traffic Istio comes with a precompiled and preconfigured envoy proxy, supporting only the zipkin protocol. Only bytes metrics, no RPS or request latencies. Zipkin protocol is much verbose than Jaeger == less effective.

  56. @hayorov @hayorov By default, Istio comes with plain TCP configured

    for all ports, which means that no traces are sent. Fact 3: No magic, need to configure Solution: Name all the ports of the kubernetes service entities. Composite names can be used, like http-magic (proto-extra format). Dirty workaround: Patch the Pilot component.

  57. @hayorov  Fact 4: High compute resource consumption  •150 pods; •50

    services; •25 virtualservices; •30 destination rules. “Pilote” CPU consumption •Envoy degrades at big scale (>5k rps); •Side-car consumes ~600Mb RAM (each instance).

  58. @hayorov @hayorov Despite all of this… Istio is a great

    tool and performance is getting better.

  59. Thank you questions… @hayorov

  60. Thank you questions… Alex Khaerov @hayorov