Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Build Observability, Reliability, and Security Service Mesh using Istio on Amazon EKS

Ananda Dwi Ae
June 06, 2023
Technology
0
15

Build Observability, Reliability, and Security Service Mesh using Istio on Amazon EKS

Ananda Dwi Ae

June 06, 2023
Tweet

More Decks by Ananda Dwi Ae

See All by Ananda Dwi Ae
Cloud Surfing with GCP: A Beginner's Adventure
misskecupbung
0
12
Simplifying GKE Multi-Cluster for Disaster Recovery and Failover
misskecupbung
0
7
Secure, Reliable, and Observable Service Mesh on Microservices-based Architecture using Anthos Mesh
misskecupbung
0
8
Journey to Success: Building a Professional Career in Cloud Computing with Linux
misskecupbung
0
9
EKS Autoscaling with Karpenter
misskecupbung
0
23
IAC: Mudahnya setup Server dengan Kode
misskecupbung
0
24
Introduction to AWS Step Functions
misskecupbung
0
55
Upgrade Your GKE Cluster using Blue-Green Strategy
misskecupbung
0
36
Building Observability for Microservices Workloads on Google Cloud
misskecupbung
0
32

Other Decks in Technology

See All in Technology
How to do well in consulting–Balkan Ruby 2024
irinanazarova
0
130
LLM開発・活用の舞台裏@2024.04.25
yushin_n
3
1.2k
AWSに詳しくない人でも始められるコスト最適化ガイド
yuhta28
2
370
Cloud Service Mesh に触れ合う
phaya72
1
180
【NW X Security JAWS#3】L3-4:AWS環境のIPv6移行に向けて知っておきたいこと
shotashiratori
1
620
Max out Local LLM in Challenging Environments
sashimimochi
1
100
コードや知識を組み込む / Incorporate Code and knowledge
ks91
PRO
0
150
「スニダン」開発組織の構造に込めた意図 ~組織作りはパッションや政治ではない!~
rinchsan
4
610
LangSmith入門―トレース/評価/プロンプト管理などを担うLLMアプリ開発プラットフォーム
os1ma
5
710
GrafanaMeetup_AmazonManagedGrafanaのアクセス制御機能とマルチテナント環境下でのアクセス制御について
daitak
0
400
web-application-security
matsuihidetoshi
1
190
On Your Data を超えていく!
hirotomotaguchi
2
750

Featured

See All Featured
The Success of Rails: Ensuring Growth for the Next 100 Years
eileencodes
33
6k
Automating Front-end Workflow
addyosmani
1357
200k
A better future with KSS
kneath
231
16k
XXLCSS - How to scale CSS and keep your sanity
sugarenia
242
1.2M
Design and Strategy: How to Deal with People Who Don’t "Get" Design
morganepeng
117
18k
Designing on Purpose - Digital PM Summit 2013
jponch
111
6.5k
Adopting Sorbet at Scale
ufuk
69
8.6k
The Psychology of Web Performance [Beyond Tellerrand 2023]
tammyeverts
14
1.5k
Understanding Cognitive Biases in Performance Measurement
bluesmoon
11
1k
The Illustrated Children's Guide to Kubernetes
chrisshort
32
46k
Templates, Plugins, & Blocks: Oh My! Creating the theme that thinks of everything
marktimemedia
20
1.7k
Happy Clients
brianwarren
92
6.4k

Transcript

  1. © 2023, Amazon Web Services, Inc. or its affiliates. All

    rights reserved.

  2. © 2023, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. © 2023, Amazon Web Services, Inc. or its affiliates. All rights reserved. Observability, Reliability, and Security with Service Mesh: Istio on Amazon EKS Ananda Dwi Rahmawati (she/her) C O M 2 0 4 Sr. Cloud Engineer AWS Container Hero

  3. © 2023, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. Gain greater observability and reliability, reduce complexity, and ensuring high availability and fault tolerance communication between containerized application with service mesh using Istio on Amazon EKS Key Takeaway

  4. © 2023, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. Challenges in Microservices Service Mesh – What and Why? Istio on Amazon EKS Demo Today’s Agenda

  5. © 2023, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. © 2023, Amazon Web Services, Inc. or its affiliates. All rights reserved. Challenges in Managing Microservices

  6. © 2023, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. Challenges in Microservices • Interaction between services • Traffic management at each service endpoint • Communication security • Timeout and communication failures Service Service Service Service Service Service Service Services need to communicate with each other

  7. © 2023, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. © 2023, Amazon Web Services, Inc. or its affiliates. All rights reserved. Service Mesh

  8. © 2023, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. Service Mesh – What? Agnostic programmable framework that has policies and controls to govern how microservices interact App1 Proxy App2 Proxy Control Plane

  9. © 2023, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. Service Mesh Behaviors • Traffic shaping with dynamic routing controls • Resiliency support for service communication • Observability of traffic • Tracing of communication flows • Secure communication

  10. © 2023, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. Service Mesh Implementations Istio Linkerd Consul AWS App Mesh Workloads Kubernetes + VMs Kubernetes Kubernetes + VMs AWS Fargate, Amazon EC2, Amazon ECS, Amazon EKS, Kubernetes Supported Ingress Controller Istio Ingress Any Envoy AWS ALB Ingress Controller Traffic Management Feature Yes Yes Yes Yes Monitoring Grafana + Prometheus Grafana + Prometheus Grafana + Prometheus AWS X-Ray Multicluster Yes No Yes Yes Deployment Helm and Operator Helm Helm Helm Complexity High Low Medium Medium

  11. © 2023, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. © 2023, Amazon Web Services, Inc. or its affiliates. All rights reserved. Istio

  12. © 2023, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. Istio Istio will break down the complexity of distributed cloud native deployments Features: observability, traffic management, security

  13. © 2023, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. Istio on Amazon EKS

  14. © 2023, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. © 2023, Amazon Web Services, Inc. or its affiliates. All rights reserved. DEMO

  15. © 2023, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. https://s.id/1FtQ7 Demo

  16. © 2023, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. © 2023, Amazon Web Services, Inc. or its affiliates. All rights reserved. References

  17. © 2023, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. References •https://aws.amazon.com/blogs/opensource/getting-started-istio-eks/ •https://github.com/aws-samples/istio-on-amazon-eks •https://istio.io/latest/docs/setup/install/helm/ •https://istio.io/latest/docs/examples/bookinfo/

  18. © 2023, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. © 2023, Amazon Web Services, Inc. or its affiliates. All rights reserved. Your time is now Build in-demand cloud skills your way skillbuilder.aws

  19. © 2023, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. © 2023, Amazon Web Services, Inc. or its affiliates. All rights reserved. Thank you for attending AWS Summit Online ASEAN 2023. Please complete the session survey to help us improve your Summit experience in the future. [email protected] twitter.com/AWSCloudSEAsia linkedin.com/company/amazon-web-services facebook.com/AmazonWebServices instagram.com/amazonwebservices youtube.com/user/AmazonWebServices twitch.tv/aws

  20. © 2023, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. Thank you! © 2023, Amazon Web Services, Inc. or its affiliates. All rights reserved. Please complete the session survey in the mobile app Ananda Dwi Rahmawati @misskecupbung linkedin.com/in/anandadwir