Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Connecting and Migrating Applications with Consul Service Mesh

Luke Kysow
November 18, 2019
Programming
2
42

Connecting and Migrating Applications with Consul Service Mesh

Presented at ServiceMeshCon during KubeCon 2019.
GitHub: https://github.com/lkysow/servicemeshcon-demo
Video: https://www.youtube.com/watch?v=v-ZYkGYi3jQ

Abstract:
Without question, systems are moving to a highly decoupled distributed approach running on modern schedulers like Kubernetes. There are two challenges which practitioners are often faced with while on this journey. How do you migrate legacy applications safely and without interruption to the new world? Once you have migrated, how do you ensure the connectivity and security of applications, potentially running in multiple Kubernetes clusters?
This talk takes a demo driven approach to how the service mesh can solve both of these problems. You will learn how Consul Service Mesh can help to seamlessly and safely migrate an application from Virtual Machines to Kubernetes. Also, how Consul Service Mesh can help connect and secure heterogeneous applications running in multiple Kubernetes clusters.

Luke Kysow

November 18, 2019
Tweet

More Decks by Luke Kysow

See All by Luke Kysow
Migration 101: From VMs to Kubernetes
lkysow
0
140
Terraform, Collaboration and DevOps (San Diego Meetup)
lkysow
0
150
Terraform, Collaboration and DevOps
lkysow
0
140
Touring the Terraform Journey and Atlantis
lkysow
1
330
Production Grade Kubernetes Clusters on AWS with Kops
lkysow
0
150
Your App on Kubernetes
lkysow
0
65
Akka Cluster on Kubernetes
lkysow
2
710
Monolith to Microservices: Lessons From The Trenches
lkysow
1
33

Other Decks in Programming

See All in Programming
PostmanでAPIの動作確認が楽になった話
h455h1
0
180
AWS CDKコントリビュートTIPS / aws-cdk-contribution-tips
gotok365
4
380
Snowflakeで眠ったデータを起こそう!
estie
0
140
DMMプラットフォームがTiDB Cloudを採用した背景
pospome
9
4.2k
スクラムガイドのスプリントレトロスペクティブを改めて読みかえしてみた / Re-reading the Sprint Retrospective Section in the Scrum Guide
mackey0225
3
480
Code Reviews
bkuhlmann
4
900
Go製Webアプリケーションのエラーとの向き合い方大全、あるいはやっぱりスタックトレース欲しいやん / Kyoto.go #50
utgwkk
6
1.8k
Git Lint
bkuhlmann
4
760
GitHub Copilotのススメ
marcy731
1
220
CREってこういうこと? 体験入社 - 提案資料 - / what-is-cre-trial-employment
shinden
1
510
try! Swift Tokyo 初参加報告LT
hinakko2
0
230
Three ways to use AI on Android: The Good, the Bad and the Ugly
marxallski
0
110

Featured

See All Featured
In The Pink: A Labor of Love
frogandcode
138
21k
The Pragmatic Product Professional
lauravandoore
26
5.8k
StorybookのUI Testing Handbookを読んだ
zakiyama
13
4.6k
Debugging Ruby Performance
tmm1
70
11k
The Cost Of JavaScript in 2023
addyosmani
20
3.9k
The Power of CSS Pseudo Elements
geoffreycrofte
62
5k
Making the Leap to Tech Lead
cromwellryan
125
8.5k
Six Lessons from altMBA
skipperchong
22
3k
Being A Developer After 40
akosma
66
580k
10 Git Anti Patterns You Should be Aware of
lemiorhan
649
58k
Exploring the Power of Turbo Streams & Action Cable | RailsConf2023
kevinliebholz
7
3.4k
Rebuilding a faster, lazier Slack
samanthasiow
74
8.2k

Transcript

  1. Connecting and Migrating Applications with Consul Service Mesh Luke Kysow

    @lkysow Consul Engineer at HashiCorp Copyright © 2019 HashiCorp
  2. None
  3. None

  4. Secure By Default All traffic is mTLS encrypted / SPIFFE

    identity Multi Platform Connect Kube clusters, VMs, bare metal Layer 7 Traffic Management Control traffic via config Consul Service Mesh

  5. Service Migration VMs <San Diego> AKS <Los Angeles> chargers NFL

  6. Service Migration VMs <San Diego> AKS <Los Angeles> NFL chargers

  7. Service Migration Step 1 - Deploy to Kubernetes VMs <San

    Diego> AKS <Los Angeles> NFL chargers chargers

  8. VMs <San Diego> AKS <Los Angeles> NFL chargers chargers Service

    Migration Step 2 - Test that routing works $ curl -H \ "X-datacenter: kubernetes"

  9. VMs <San Diego> AKS <Los Angeles> NFL chargers chargers Service

    Migration Step 3 - Split traffic 50% 50%

  10. VMs <San Diego> AKS <Los Angeles> NFL chargers chargers Service

    Migration Step 4 - Fully switch over 0% 100%

  11. Demo Time!

  12. Architecture VMs <San Diego> AKS <Los Angeles> NFL chargers

  13. Architecture VMs <San Diego> AKS <Los Angeles> NFL Consul Server

    Consul Server Federation chargers

  14. Architecture VMs <San Diego> AKS <Los Angeles> chargers NFL Consul

    Server Consul Server Federation Mesh Gateway Mesh Gateway

  15. Architecture VMs <San Diego> AKS <Los Angeles> chargers NFL Consul

    Server Consul Server Federation Mesh Gateway Mesh Gateway sidecar sidecar

  16. Architecture VMs <San Diego> AKS <Los Angeles> chargers NFL Consul

    Server Consul Server Federation Mesh Gateway Mesh Gateway $ curl \ localhost:1234

  17. Architecture VMs <San Diego> AKS <Los Angeles> chargers NFL Consul

    Server Consul Server Federation Mesh Gateway Mesh Gateway

  18. Architecture VMs <San Diego> AKS <Los Angeles> chargers NFL Consul

    Server Consul Server Federation Mesh Gateway Mesh Gateway

  19. Architecture VMs <San Diego> AKS <Los Angeles> chargers NFL Consul

    Server Consul Server Federation Mesh Gateway Mesh Gateway

  20. Architecture VMs <San Diego> AKS <Los Angeles> chargers NFL Consul

    Server Consul Server Federation Mesh Gateway Mesh Gateway

  22. ?

  23. Helm Install TERMINAL $ kubectl config use-context london $ helm

    install ./consul-helm --name=consul

  24. Installation $ helm install --name consul Observability Integration with Prometheus,

    Datadog, etc. Intentions $ consul intention create -allow nfl chargers External Certificate Authorities E.g. HashiCorp Vault, AWS PCA Not Covered

  25. Thank You! @lkysow 25