Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Welcome to the service mesh era!

Alex Khaerov
April 25, 2019
Programming
1
310

Welcome to the service mesh era!

Adopting a microservices architecture brings a host of benefits, including increased autonomy, flexibility, and modularity. But the process of decoupling a single-tier monolithic application into smaller services introduces new obstacles: what's running, how to roll out updates, how to secure and monitor all such fleet? To address these challenges, you can use a service mesh. With this talk, we are going to refresh basic knowledge and pillars of the "service mesh" and share our experience and concerns about the most popular one - Istio. Welcome to the service mesh era!

Alex Khaerov

April 25, 2019
Tweet

More Decks by Alex Khaerov

See All by Alex Khaerov
Cloud-native pipeline with Tekton
hayorov
0
34
Container security
hayorov
0
200
"Family budget" in minutes 
with Chainstack
hayorov
0
330
Bye, bye Virtual Environments?
hayorov
0
250
Quorum in minutes 
with Chainstack
hayorov
0
320
Securing Helm
hayorov
0
49
Entangled In Dependencies: Pipenv&Poetry
hayorov
0
310
To Helm Or Not To Helm
hayorov
0
460
TheURBN game #highload2017
hayorov
0
26

Other Decks in Programming

See All in Programming
コードレビューで学ぶ!Kotlinオブジェクト指向デザインパターン
akkie76
2
190
[技育CAMPアカデミア]アイディアを形に!【超入門】スマホアプリ開発〜リリースまでの流れをご紹介
teamlab
PRO
0
350
CQRS/ES avec Symfony, c’est (trop) bien !
jeremyfreeagent
1
640
Goのエラースタックトレースの歴史と今後
sonatard
6
590
二郎系ラーメンのコールで学ぶ AST 解析
memory1994
PRO
7
1.7k
Build Apps for iOS, Android & Desktop in 100% Kotlin With Compose Multiplatform (mDevCamp 2024)
zsmb
0
130
Site Reliability Engineering for GMO
pyama86
7
1k
MetricKitで予期せぬ終了を検知する話 / Detect unexpected termination with MetricKit
nekowen
0
180
今、知っておきたい! 生成AIエージェントの世界
elith
3
350
MicrosoftのPlatform Engineeringガイドを読んで実際になにかやってみた
ymd65536
1
250
PHPの次期バージョンはこの時期どうなっているのか - Internalsの開発体制について - PHPカンファレンス小田原
youkidearitai
PRO
1
190
雑に思考を整理する技術と効能
konifar
58
28k

Featured

See All Featured
[RailsConf 2023] Rails as a piece of cake
palkan
22
3.9k
Web Components: a chance to create the future
zenorocha
305
41k
Rebuilding a faster, lazier Slack
samanthasiow
72
8.2k
Making Projects Easy
brettharned
108
5.5k
Designing for humans not robots
tammielis
248
25k
Stop Working from a Prison Cell
hatefulcrawdad
266
19k
Optimising Largest Contentful Paint
csswizardry
7
2.3k
Designing for Performance
lara
601
67k
Gamification - CAS2011
davidbonilla
76
4.6k
The Straight Up "How To Draw Better" Workshop
denniskardys
227
130k
RailsConf & Balkan Ruby 2019: The Past, Present, and Future of Rails at GitHub
eileencodes
124
32k
Clear Off the Table
cherdarchuk
83
310k

Transcript

  1. Alex Khaerov @hayorov Welcome to the service mesh era!

  2. @hayorov Hello!

  3. @hayorov company who I am

  4. @hayorov Alex Khaerov company who I am @hayorov

  5. @hayorov Alex Khaerov company who I am @hayorov doing software

    development for 9+ years active in the Python and K8s developer communities organises Moscow Python Conf, Helm Summit 2019 a huge fan of laptop stickers

  6. @hayorov Chainstack Multi-cloud and multi-blockchain Platform as a Service Alex

    Khaerov company who I am @hayorov doing software development for 9+ years active in the Python and K8s developer communities organises Moscow Python Conf, Helm Summit 2019 a huge fan of laptop stickers

  7. @hayorov Chainstack Multi-cloud and multi-blockchain Platform as a Service Alex

    Khaerov company who I am @hayorov doing software development for 9+ years active in the Python and K8s developer communities organises Moscow Python Conf, Helm Summit 2019 a huge fan of laptop stickers We are based in Singapore "

  8. @hayorov Frontend Backend Infrastructure Blockchains We use and love

  9. @hayorov Frontend Backend Infrastructure Blockchains We use and love

  10. @hayorov Frontend Backend Infrastructure Blockchains We use and love

  11. @hayorov Frontend Backend Infrastructure Blockchains We use and love

  12. @hayorov Frontend Backend Infrastructure Blockchains We use and love

  13. @hayorov Frontend Backend Infrastructure Blockchains We are hiring: careers.chainstack.com We

    use and love

  14. @hayorov Frontend Backend Infrastructure Blockchains We use and love DevOps,

    SRE wanted!

  15. @hayorov September 11 - 12, 2019 
 Pakhuis de Zwijger


    Amsterdam, The Netherlands https://events.linuxfoundation.org/events/helm-summit-2019/ CFP is open – Apply now! | #helmsummit

  16. @hayorov @hayorov Agenda Background What is Istio? Core features Operating

    principle Our experience

  17. @hayorov Monolithic app +

  18. @hayorov Monolithic app + “Bear Metal”

  19. @hayorov Monolithic app + Monolithic app + Virtualization “Bear Metal”

  20. @hayorov Monolithic app + Monolithic app + Virtualization Microservices +

    Containers “Bear Metal”

  21. @hayorov Monolithic app + Monolithic app + Virtualization Microservices +

    Containers In fact, this is how your Minikube cluster looks like, haha! “Bear Metal”

  22. @hayorov All you knows

  23. ->

  24. @hayorov All you knows

  25. @hayorov -> -> ?

  26. @hayorov @hayorov Istio

  27. @hayorov From assess to trial. Source: Technology Radar, April 2019,

    thoughtworks.com

  28. @hayorov From assess to trial. Source: Technology Radar, April 2019,

    thoughtworks.com 24

  29. @hayorov @hayorov Istio service mesh technology. Wait! What technology?

  30. @hayorov @hayorov service mesh provides a transparent and language-independent way

    to flexibly and easily automate application network functions.

  31. @hayorov @hayorov Istio service mesh technology abstraction level to the

    network intercepts all traffic executes a set of operations

  32. @hayorov Istio Value Proposition

  33. @hayorov

  34. @hayorov Data plane

  35. @hayorov Data plane Control plane

  36. @hayorov

  37. @hayorov

  38. @hayorov

  39. @hayorov

  40. @hayorov

  41. @hayorov

  42. @hayorov

  43. @hayorov

  44. @hayorov

  45. @hayorov

  46. @hayorov

  47. @hayorov

  48. @hayorov

  49. @hayorov

  50. @hayorov

  51. @hayorov

  52. @hayorov @hayorov • Telemetry. • Single common load balancer for

    all the services (HTTP, path based). • Traffic shifting (v1/v2) with simple YAML configuration. • Circuit breaking, traffic mirroring, retries. What Chainstack have been waiting from Istio

  53. @hayorov @hayorov 1.1 Performance 0.2 (Oct, 2017) the first touch

    1.0 (Oct, 2018) major release 1.1.x Milestones

  54. @hayorov @hayorov Fact 1: Simple installation Official helm charts Install

    with Helm via helm template or with Helm and Tiller using helm install Istio on GKE Extra checkbox in gconsole. In beta status.

  55. @hayorov @hayorov Fact 2: We cannot easily get network interaction

    data on network traffic Istio comes with a precompiled and preconfigured envoy proxy, supporting only the zipkin protocol. Only bytes metrics, no RPS or request latencies. Zipkin protocol is much verbose than Jaeger == less effective.

  56. @hayorov @hayorov By default, Istio comes with plain TCP configured

    for all ports, which means that no traces are sent. Fact 3: No magic, need to configure Solution: Name all the ports of the kubernetes service entities. Composite names can be used, like http-magic (proto-extra format). Dirty workaround: Patch the Pilot component.

  57. @hayorov  Fact 4: High compute resource consumption  •150 pods; •50

    services; •25 virtualservices; •30 destination rules. “Pilote” CPU consumption •Envoy degrades at big scale (>5k rps); •Side-car consumes ~600Mb RAM (each instance).

  58. @hayorov @hayorov Despite all of this… Istio is a great

    tool and performance is getting better.

  59. Thank you questions… @hayorov

  60. Thank you questions… Alex Khaerov @hayorov