Slide 1

Slide 1 text

Routing Your Microservices Architecture To Ease DevOps Enterprise Transformation Devops Gathering 2020 1

Slide 2

Slide 2 text

Whoami Manuel Zapf Head of Product Open Source @ Maintainer on Containous Trae k  @mZapfDE  SantoDE 2

Slide 3

Slide 3 text

Containous We Believe in Open Source We Deliver Trae k, Trae k Enterprise Edition, Maesh Commercial Support 30 people distributed, 90% tech https://containo.us 3 . 1

Slide 4

Slide 4 text

3 . 2

Slide 5

Slide 5 text

The Premise Of Microservices… 3 . 3

Slide 6

Slide 6 text

… And What Happens 3 . 4

Slide 7

Slide 7 text

Where’s My Service? 3 . 5

Slide 8

Slide 8 text

Tools Of The Trade 3 . 6

Slide 9

Slide 9 text

Source: Twitter[] 3 . 7

Slide 10

Slide 10 text

What If I Told You? That You Don’t Have to Write This Con guration File… ? 3 . 8

Slide 11

Slide 11 text

Here Comes Traefik! 4 . 1

Slide 12

Slide 12 text

Traefik Project 4 . 2

Slide 13

Slide 13 text

Traefik 2.0 Quick Overview Revamped Documentation Clari ed Concepts Expressive Routing Rule Syntax Middlewares TCP Support Canary / Mirroring And so Much More… Learn more on the blog post 4 . 3

Slide 14

Slide 14 text

Traefik (V2.0) Core Concepts 5 . 1

Slide 15

Slide 15 text

Traefik Is An Edge Router 5 . 2

Slide 16

Slide 16 text

Dynamically Discovers Services 5 . 3

Slide 17

Slide 17 text

Architecture (V2.0) At A Glance 5 . 4

Slide 18

Slide 18 text

Entrypoints 5 . 5

Slide 19

Slide 19 text

Routers 5 . 6

Slide 20

Slide 20 text

Middlewares 5 . 7

Slide 21

Slide 21 text

Services 5 . 8

Slide 22

Slide 22 text

Architecture (Again) At A Glance 5 . 9

Slide 23

Slide 23 text

Static & Dynamic Configuration 5 . 10

Slide 24

Slide 24 text

Traefik And Let’s Encrypt 6 . 1

Slide 25

Slide 25 text

HTTPS & Let’s Encrypt 6 . 2

Slide 26

Slide 26 text

Traefik With ⎈ ⎈ Diagram from https://medium.com/@geraldcroes 7 . 1

Slide 27

Slide 27 text

Ingress Example With ⎈ ⎈ apiVersion: networking.k8s.io/v1beta1 kind: Ingress metadata: name: corporate-webapp annotations: kubernetes.io/ingress.class: 'traefik' spec: rules: - host: localhost http: paths: - backend: serviceName: corporate-webapp servicePort: 80 7 . 2

Slide 28

Slide 28 text

⎈ ⎈ CRD - Custom Resources Definition # File "webapp.yaml" apiVersion: traefik.containo.us/v1alpha1 kind: IngressRoute metadata: name: simpleingressroute spec: entryPoints: - web routes: - match: Host(`localhost`) && PathPrefix(`/whoami`) kind: Rule services: - name: webapp port: 80 $ kubectl apply -f webapp.yaml $ kubectl get ingressroute 7 . 3

Slide 29

Slide 29 text

⎈ ⎈ & TCP (With CRD) apiVersion: traefik.containo.us/v1alpha1 kind: IngressRouteTCP metadata: name: ingressroutetcpmongo.crd spec: entryPoints: - mongotcp routes: - match: HostSNI(`mongo-prod`) services: - name: mongo-prod port: 27017 7 . 4

Slide 30

Slide 30 text

East / West Traefik 8 . 1

Slide 31

Slide 31 text

Say Hello To Maesh 8 . 2

Slide 32

Slide 32 text

What Is Maesh? Maesh is a lightweight, easy to con gure, and non-invasive service mesh that allows visibility and management of the traf c ows inside any Kubernetes cluster. 8 . 3

Slide 33

Slide 33 text

Maesh Architecture 8 . 4

Slide 34

Slide 34 text

More On Maesh Built on top of Trae k, SMI (Service Mesh Interface speci cation) compliant, Opt-in by default. Maesh Website 8 . 5

Slide 35

Slide 35 text

Show Me The Code! Install Maesh (Helm Chart): Deploy Applications: Deploy SMI Objects to allow traf c in the mesh: helm repo add maesh https://containous.github.io/maesh/charts helm repo update helm install --name=maesh --namespace=maesh maesh/maesh --values=./maesh/values.yaml kubectl apply -f apps/0-namespace.yaml kubectl apply -f apps/1-svc-accounts.yaml kubectl apply -f apps/2-apps-client.yaml kubectl apply -f apps/3-apps-servers.yaml kubectl apply -f apps/4-ingressroutes.yaml kubectl apply -f apps/5-smi-http-route-groups.yaml kubectl apply -f apps/6-smi-traffic-targets.yaml 8 . 6

Slide 36

Slide 36 text

A Closer Look To SMI Objects apiVersion: specs.smi-spec.io/v1alpha1 kind: HTTPRouteGroup metadata: name: app-routes namespace: apps matches: - name: all pathRegex: "/" methods: ["*"] --- apiVersion: access.smi-spec.io/v1alpha1 kind: TrafficTarget metadata: name: client-apps namespace: apps destination: kind: ServiceAccount name: apps-server namespace: apps specs: - kind: HTTPRouteGroup name: app-routes matches: - all sources: - kind: ServiceAccount name: apps-client namespace: apps 8 . 7

Slide 37

Slide 37 text

That’s All Folks! 9 . 1

Slide 38

Slide 38 text

We Have Stickers! 9 . 2

Slide 39

Slide 39 text

We Are Hiring! docker run -it containous/jobs 9 . 3

Slide 40

Slide 40 text

Thank You!  @mZapfDE  SantoDE Slides (HTML): https://containous.github.io/slides/devops-gathering-2020 Slides (PDF): https://containous.github.io/slides/devops-gathering-2020/slides.pdf Source on : https://github.com/containous/slides/tree/devops-gathering-2020 10