SlideShare una empresa de Scribd logo

Putting microservices on a diet with Istio

QAware GmbH
QAware GmbH

Software Architecture Conference 2018, London (UK): Talk by Mario-Leander Reimer (@LeanderReimer, Principal Software Architect at QAware) === Please download slides if blurred! === Abstract: In a microservice world, things become more complex. Platforms such as Kubernetes address a lot of the complexity; they handle resource isolation and utilization, networking, and deployments nicely. But a lot of the involved complexity such as load balancing, rollout scenarios, circuit breaking, retries, rate limiting, observability, tracing and transport security is still left up to the development teams. Of course, you can address all of these challenges in your microservices programmatically using popular open-source components such as Hystrix, Ribbon, Eureka, the EFK Stack, Prometheus or Jaeger. But, unfortunately, this approach can quickly lead to excessive library bloat and suddenly your microservices are not quite so micro anymore. All this might seem acceptable if you’re on a single, consistent development stack like Java EE or Spring Boot. But tackling these complexities becomes even more challenging if you’re dealing with multiple stacks and multiple frameworks, to say nothing about dealing with legacy applications that you can’t modify to retrofit these requirements. In comes Istio to the rescue. It is a so-called service mesh that addresses many of the cross-cutting communication concerns in a microservice architecture. Think of Istio as AOP (aspect-oriented programming) for microservice communication. Instead of implementing everything directly within your services, Istio transparently injects and decorates the desired concerns into the individual communication channels. Mario-Leander Reimer offers an overview of Istio and explains how it addresses the inherent complexities in microservice architectures. He briefly discusses the conceptual architecture and the main building blocks of Istio before diving into several examples deployed on a live Kubernetes cluster to demonstrate the different traffic management features, as well as diagnosability and security.

Datos y análisis
1 de 30
Descargar para leer sin conexión
Mario-Leander Reimer, QAware GmbH mario-leander.reimer@qaware.de Putting microservices on a diet with Istio London, 29th October 2018
Mario-Leander Reimer Principal Software Architect, QAware GmbH Mail: mario-leander.reimer@qaware.de Twitter: @LeanderReimer Github: https://github.com/lreimer/ Slides: https://speakerdeck.com/lreimer/ 29.10.2018 2 Developer && Architect 20+ years of experience #CloudNativeNerd Open Source Enthusiast Speaker && Author
Fork me on Github. https://github.com/lreimer/microservice-diet-with-istio
4 https://imgur.com/gallery/LGAZEqu The Early Code Monkey The Monolith
loosely coupled stateless bounded contexts makeameme.org
Essential Cloud-native Design Principles. 6 Design for Distribution: Containers; microservices; API driven development. Design for Configuration: One image, multiple environments. Design for Resiliency: Fault-tolerant and self-healing. Design for Elasticity: Scales dynamically and reacts to stimuli. Design for Delivery: Short roundtrips and automated provisioning. Design for Performance: Responsive; concurrent; resource efficient. Design for Automation: Automated Dev & Ops tasks. Design for Diagnosability: Cluster-wide logs, metrics and traces. Design for Security: Secure Endpoints, API-Gateways, E2E-Encryption
7 Atomic Architecture
Atomic Microservice Blueprint. 8
Concrete Blueprint Incarnation with Spring Cloud Netflix. 9 Some Facts: 58 MB Uberjar 192 Dependencies 3 KB Classes
A polyglot microservice architecture suffers from severe library bloat and bad maintainability in the long run. 10
Istio is like AOP, but for microservice communication.
Istio to the Rescue! 12
Conceptual View on a Kubernetes Cluster. 13
Demo
Pods are the smallest unit of compute in Kubernetes Labels are key/value pairs used to identify Kubernetes resources Replica Sets ensure that the desired number of pod replicas are running Deployments are an abstraction used to declare and update pods, RCs, … Services are an abstraction for a logical collection of pods providing DNS name Ingress routes traffic from outside the cluster to services and ports based on URL patterns and host Kubernetes Glossary. 15
GoF in the Cloud: Container Orchestration Patterns. 16http://blog.kubernetes.io/2015/06/the-distributed-system-toolkit-patterns.html 1. Sidecar Container: Extend container behaviour Log Extraction / Reformating (fluentd, logstash) Scheduling (cron, quartz) 2. Ambassador Container: Proxy communication TLS Tunnel (Stunnel, ghostunnel, Istio) Circuit Breaking (linkerd, Istio) Request Monitoring (linkerd, Istio) 3. Adapter Container: Provide a standardized interface Monitoring (Prometheus) Configuration (ConfigMaps, Secrets, …)
Conceptual Istio Architecture and Components. 17
18 Envoy: Sidecar proxy per microservice that handles inbound/outbound traffic within each Pod. Extended version of Envoy project. Gateway: Inbound gateway / ingress. Nothing more than a managed Envoy. Mixer: Policy / precondition checks and telemetry. Highly scalable. Envoy caches policy checks within the sidecar (level 1) and within envoy instances (level 2), buffers telemetry data locally and centrally, and can be run in multiple instances. Mixer includes a flexible plugin model. https://istio.io/blog/2017/mixer-spof-myth.html Pilot: Pilot converts high level routing rules that control traffic behavior into Envoy-specific configurations, and propagates them to the sidecars at runtime. Watches services and transforms this information in a canonical platform-agnostic model (abstracting away from k8s, Nomad, Consul etc). The envoy configuration is then derived from this canonical model. Exposes the Rules API to add traffic management rules. Citadel: CA for service-to-service authx and encryption. Certs are delivered as a secret volume mount. Workload identity is provided in SPIFFE format. https://istio.io/docs/concepts/security/mutual-tls.html
Demo
Gateway configures a load balancer for HTTP/TCP traffic, enables ingress traffic into the service mesh Virtual Service defines the rules that control how requests for a service are routed within the service mesh Destination Rule configures the set of policies to be applied to a request after VirtualService routing has occurred Service Version aka Subset allows to select a subset of pods based on labels Service Entry enables requests to services outside of the service mesh Istio Glossary. 20
apiVersion: networking.istio.io/v1alpha3 kind: Gateway metadata: name: hello-istio-gateway spec: selector: # use istio default controller istio: ingressgateway servers: - port: number: 80 name: http protocol: HTTP hosts: - "hello-istio.cloud" Example Istio Gateway and VirtualService Definitions. 21 apiVersion: networking.istio.io/v1alpha3 kind: VirtualService metadata: name: hello-istio spec: hosts: - "hello-istio.cloud" gateways: - hello-istio-gateway http: - match: - uri: exact: /api/hello route: - destination: host: hello-istio port: number: 8080 Exact URI Routing
Hello Istio Demo
Different release patterns can easily be applied. 23
Different release patterns can easily be applied. 24
apiVersion: networking.istio.io/v1alpha3 kind: VirtualService metadata: name: hello-istio spec: hosts: - "hello-istio.cloud" gateways: - hello-istio-gateway http: - route: - destination: host: hello-istio subset: v1 weight: 70 - destination: host: hello-istio subset: v2 weight: 30 Examples for different routing configurations. 25 apiVersion: networking.istio.io/v1alpha3 kind: VirtualService metadata: name: hello-istio spec: hosts: - "hello-istio.cloud" gateways: - hello-istio-gateway http: - match: - headers: user-agent: regex: ".*Chrome.*" route: - destination: host: hello-istio subset: v2 - route: - destination: host: hello-istio subset: v1 Weighted Traffic Routing Header basedTraffic Routing
Alphabet Demo
apiVersion: networking.istio.io/v1alpha3 kind: VirtualService metadata: name: alphabet-service spec: hosts: - alphabet-service http: - fault: delay: fixedDelay: 2s percent: 50 abort: httpStatus: 500 percent: 50 route: - destination: host: alphabet-service subset: v1 Examples for fault injection and circuit breaker policy. 27 apiVersion: networking.istio.io/v1alpha3 kind: DestinationRule metadata: name: alphabet-service spec: host: alphabet-service trafficPolicy: connectionPool: http: http1MaxPendingRequests: 1 maxRequestsPerConnection: 1 tcp: maxConnections: 1 outlierDetection: baseEjectionTime: 5.000s consecutiveErrors: 1 interval: 1.000s maxEjectionPercent: 100 subsets: - name: v1 labels: version: v1 Circuit Breaker Policy Fault Injection
Istio has built-in support for service mesh diagnosability. 28 Diagnosability Triangle Metrics LogsTraces
Not all Istio features are marked Stable yet, but Beta can already be used in Production. 29 Istio v1.0.3 is deemed production ready. Core: 4 Stable, 3 Beta, 6 Alpha Traffic Management: 1 Stable, 5 Beta, 1 Alpha Security and Policy Enforcement: 5 Stable, 2 Beta, 4 Alpha Telemetry: 4 Stable, 2 Beta, 7 Alpha Other Service Mesh technologies are emerging. Linkerd and Conduit Consul Connect See https://istio.io/about/feature-stages/
Mario-Leander Reimer mario-leander.reimer@qaware.de @LeanderReimer xing.com/companies/qawaregmbh linkedin.com/company/qaware-gmbh slideshare.net/qaware twitter.com/qaware youtube.com/qawaregmbh github.com/qaware

Recomendados

21st Docker Switzerland Meetup - ISTIO
21st Docker Switzerland Meetup - ISTIO21st Docker Switzerland Meetup - ISTIO
21st Docker Switzerland Meetup - ISTIONiklaus Hirt
 
A sail in the cloud
A sail in the cloudA sail in the cloud
A sail in the cloudKamesh Sampath
 
Microservice 4.0 Journey - From Spring NetFlix OSS to Istio Service Mesh and ...
Microservice 4.0 Journey - From Spring NetFlix OSS to Istio Service Mesh and ...Microservice 4.0 Journey - From Spring NetFlix OSS to Istio Service Mesh and ...
Microservice 4.0 Journey - From Spring NetFlix OSS to Istio Service Mesh and ...Daniel Oh
 
Communication Amongst Microservices: Kubernetes, Istio, and Spring Cloud - An...
Communication Amongst Microservices: Kubernetes, Istio, and Spring Cloud - An...Communication Amongst Microservices: Kubernetes, Istio, and Spring Cloud - An...
Communication Amongst Microservices: Kubernetes, Istio, and Spring Cloud - An...VMware Tanzu
 
Comprehensive container based service monitoring with kubernetes and istio
Comprehensive container based service monitoring with kubernetes and istioComprehensive container based service monitoring with kubernetes and istio
Comprehensive container based service monitoring with kubernetes and istioFred Moyer
 
From zero to hero with Kubernetes and Istio
From zero to hero with Kubernetes and IstioFrom zero to hero with Kubernetes and Istio
From zero to hero with Kubernetes and IstioSergii Bishyr
 
Connecting All Abstractions with Istio
Connecting All Abstractions with IstioConnecting All Abstractions with Istio
Connecting All Abstractions with IstioVMware Tanzu
 
A Hitchhiker's Guide to Cloud Native API Gateways
A Hitchhiker's Guide to Cloud Native API GatewaysA Hitchhiker's Guide to Cloud Native API Gateways
A Hitchhiker's Guide to Cloud Native API GatewaysQAware GmbH
 

Recomendados

21st Docker Switzerland Meetup - ISTIO
21st Docker Switzerland Meetup - ISTIO21st Docker Switzerland Meetup - ISTIO
21st Docker Switzerland Meetup - ISTIONiklaus Hirt
 
A sail in the cloud
A sail in the cloudA sail in the cloud
A sail in the cloudKamesh Sampath
 
Microservice 4.0 Journey - From Spring NetFlix OSS to Istio Service Mesh and ...
Microservice 4.0 Journey - From Spring NetFlix OSS to Istio Service Mesh and ...Microservice 4.0 Journey - From Spring NetFlix OSS to Istio Service Mesh and ...
Microservice 4.0 Journey - From Spring NetFlix OSS to Istio Service Mesh and ...Daniel Oh
 
Communication Amongst Microservices: Kubernetes, Istio, and Spring Cloud - An...
Communication Amongst Microservices: Kubernetes, Istio, and Spring Cloud - An...Communication Amongst Microservices: Kubernetes, Istio, and Spring Cloud - An...
Communication Amongst Microservices: Kubernetes, Istio, and Spring Cloud - An...VMware Tanzu
 
Comprehensive container based service monitoring with kubernetes and istio
Comprehensive container based service monitoring with kubernetes and istioComprehensive container based service monitoring with kubernetes and istio
Comprehensive container based service monitoring with kubernetes and istioFred Moyer
 
From zero to hero with Kubernetes and Istio
From zero to hero with Kubernetes and IstioFrom zero to hero with Kubernetes and Istio
From zero to hero with Kubernetes and IstioSergii Bishyr
 
Connecting All Abstractions with Istio
Connecting All Abstractions with IstioConnecting All Abstractions with Istio
Connecting All Abstractions with IstioVMware Tanzu
 
A Hitchhiker's Guide to Cloud Native API Gateways
A Hitchhiker's Guide to Cloud Native API GatewaysA Hitchhiker's Guide to Cloud Native API Gateways
A Hitchhiker's Guide to Cloud Native API GatewaysQAware GmbH
 
The Good, the Bad and the Ugly of Migrating Hundreds of Legacy Applications ...
The Good, the Bad and the Ugly of Migrating Hundreds of Legacy Applications ... The Good, the Bad and the Ugly of Migrating Hundreds of Legacy Applications ...
The Good, the Bad and the Ugly of Migrating Hundreds of Legacy Applications ...Josef Adersberger
 
Sailing into 2018 with Kubernetes and Istio
Sailing into 2018 with Kubernetes and IstioSailing into 2018 with Kubernetes and Istio
Sailing into 2018 with Kubernetes and IstioFernand Galiana
 
Mastering Microservices with Kong (CodeMotion 2019)
Mastering Microservices with Kong (CodeMotion 2019)Mastering Microservices with Kong (CodeMotion 2019)
Mastering Microservices with Kong (CodeMotion 2019)Maarten Mulders
 
Micro Service Architecture
Micro Service ArchitectureMicro Service Architecture
Micro Service ArchitectureEduards Sizovs
 
betterCode Workshop: Effizientes DevOps-Tooling mit Go
betterCode Workshop: Effizientes DevOps-Tooling mit GobetterCode Workshop: Effizientes DevOps-Tooling mit Go
betterCode Workshop: Effizientes DevOps-Tooling mit GoQAware GmbH
 
Communication Amongst Microservices: Kubernetes, Istio, and Spring Cloud with...
Communication Amongst Microservices: Kubernetes, Istio, and Spring Cloud with...Communication Amongst Microservices: Kubernetes, Istio, and Spring Cloud with...
Communication Amongst Microservices: Kubernetes, Istio, and Spring Cloud with...VMware Tanzu
 
Kubernetes Multi-cluster without Federation - Kubecon EU 2018
Kubernetes Multi-cluster without Federation - Kubecon EU 2018Kubernetes Multi-cluster without Federation - Kubecon EU 2018
Kubernetes Multi-cluster without Federation - Kubecon EU 2018Rob Szumski
 
Canadian CNCF: "Emissary-ingress 101: An introduction to the CNCF incubation-...
Canadian CNCF: "Emissary-ingress 101: An introduction to the CNCF incubation-...Canadian CNCF: "Emissary-ingress 101: An introduction to the CNCF incubation-...
Canadian CNCF: "Emissary-ingress 101: An introduction to the CNCF incubation-...Daniel Bryant
 
Continuous (Non)-Functional Testing of Microservices on k8s
Continuous (Non)-Functional Testing of Microservices on k8s Continuous (Non)-Functional Testing of Microservices on k8s
Continuous (Non)-Functional Testing of Microservices on k8s QAware GmbH
 
Istio - A Service Mesh for Microservices as Scale
Istio - A Service Mesh for Microservices as ScaleIstio - A Service Mesh for Microservices as Scale
Istio - A Service Mesh for Microservices as ScaleRam Vennam
 
Kubernetes overview 101
Kubernetes overview 101Kubernetes overview 101
Kubernetes overview 101Boskey Savla
 
Managing traffic routing with istio and envoy workshop
Managing traffic routing with istio and envoy workshopManaging traffic routing with istio and envoy workshop
Managing traffic routing with istio and envoy workshopOpsta
 
12 Factor App
12 Factor App12 Factor App
12 Factor AppErkan Erol
 
Container security within Cisco Container Platform
Container security within Cisco Container PlatformContainer security within Cisco Container Platform
Container security within Cisco Container PlatformSanjeev Rampal
 
NYC Kubernetes Meetup: Ambassador and Istio - Flynn, Datawire
NYC Kubernetes Meetup: Ambassador and Istio - Flynn, DatawireNYC Kubernetes Meetup: Ambassador and Istio - Flynn, Datawire
NYC Kubernetes Meetup: Ambassador and Istio - Flynn, DatawireAmbassador Labs
 
Ich brauche einen Abstraktions-Layer für meine Cloud
Ich brauche einen Abstraktions-Layer für meine CloudIch brauche einen Abstraktions-Layer für meine Cloud
Ich brauche einen Abstraktions-Layer für meine CloudQAware GmbH
 
Kubernetes 1.16 and rancher 2.3 enhancements
Kubernetes 1.16 and rancher 2.3 enhancementsKubernetes 1.16 and rancher 2.3 enhancements
Kubernetes 1.16 and rancher 2.3 enhancementsSaiyam Pathak
 
Gatekeeper: API gateway
Gatekeeper: API gatewayGatekeeper: API gateway
Gatekeeper: API gatewayChengHui Weng
 
Kubernetes: від знайомства до використання у CI/CD
Kubernetes: від знайомства до використання у CI/CDKubernetes: від знайомства до використання у CI/CD
Kubernetes: від знайомства до використання у CI/CDStfalcon Meetups
 
Spring Boot on Kubernetes/OpenShift
Spring Boot on Kubernetes/OpenShiftSpring Boot on Kubernetes/OpenShift
Spring Boot on Kubernetes/OpenShiftKamesh Sampath
 
Putting microservices on a diet with istio
Putting microservices on a diet with istioPutting microservices on a diet with istio
Putting microservices on a diet with istioQAware GmbH
 
Putting Microservices on a Diet: with Istio!
Putting Microservices on a Diet: with Istio!Putting Microservices on a Diet: with Istio!
Putting Microservices on a Diet: with Istio!QAware GmbH
 

Más contenido relacionado

La actualidad más candente

The Good, the Bad and the Ugly of Migrating Hundreds of Legacy Applications ...
The Good, the Bad and the Ugly of Migrating Hundreds of Legacy Applications ... The Good, the Bad and the Ugly of Migrating Hundreds of Legacy Applications ...
The Good, the Bad and the Ugly of Migrating Hundreds of Legacy Applications ...Josef Adersberger
 
Sailing into 2018 with Kubernetes and Istio
Sailing into 2018 with Kubernetes and IstioSailing into 2018 with Kubernetes and Istio
Sailing into 2018 with Kubernetes and IstioFernand Galiana
 
Mastering Microservices with Kong (CodeMotion 2019)
Mastering Microservices with Kong (CodeMotion 2019)Mastering Microservices with Kong (CodeMotion 2019)
Mastering Microservices with Kong (CodeMotion 2019)Maarten Mulders
 
Micro Service Architecture
Micro Service ArchitectureMicro Service Architecture
Micro Service ArchitectureEduards Sizovs
 
betterCode Workshop: Effizientes DevOps-Tooling mit Go
betterCode Workshop: Effizientes DevOps-Tooling mit GobetterCode Workshop: Effizientes DevOps-Tooling mit Go
betterCode Workshop: Effizientes DevOps-Tooling mit GoQAware GmbH
 
Communication Amongst Microservices: Kubernetes, Istio, and Spring Cloud with...
Communication Amongst Microservices: Kubernetes, Istio, and Spring Cloud with...Communication Amongst Microservices: Kubernetes, Istio, and Spring Cloud with...
Communication Amongst Microservices: Kubernetes, Istio, and Spring Cloud with...VMware Tanzu
 
Kubernetes Multi-cluster without Federation - Kubecon EU 2018
Kubernetes Multi-cluster without Federation - Kubecon EU 2018Kubernetes Multi-cluster without Federation - Kubecon EU 2018
Kubernetes Multi-cluster without Federation - Kubecon EU 2018Rob Szumski
 
Canadian CNCF: "Emissary-ingress 101: An introduction to the CNCF incubation-...
Canadian CNCF: "Emissary-ingress 101: An introduction to the CNCF incubation-...Canadian CNCF: "Emissary-ingress 101: An introduction to the CNCF incubation-...
Canadian CNCF: "Emissary-ingress 101: An introduction to the CNCF incubation-...Daniel Bryant
 
Continuous (Non)-Functional Testing of Microservices on k8s
Continuous (Non)-Functional Testing of Microservices on k8s Continuous (Non)-Functional Testing of Microservices on k8s
Continuous (Non)-Functional Testing of Microservices on k8s QAware GmbH
 
Istio - A Service Mesh for Microservices as Scale
Istio - A Service Mesh for Microservices as ScaleIstio - A Service Mesh for Microservices as Scale
Istio - A Service Mesh for Microservices as ScaleRam Vennam
 
Kubernetes overview 101
Kubernetes overview 101Kubernetes overview 101
Kubernetes overview 101Boskey Savla
 
Managing traffic routing with istio and envoy workshop
Managing traffic routing with istio and envoy workshopManaging traffic routing with istio and envoy workshop
Managing traffic routing with istio and envoy workshopOpsta
 
Container security within Cisco Container Platform
Container security within Cisco Container PlatformContainer security within Cisco Container Platform
Container security within Cisco Container PlatformSanjeev Rampal
 
NYC Kubernetes Meetup: Ambassador and Istio - Flynn, Datawire
NYC Kubernetes Meetup: Ambassador and Istio - Flynn, DatawireNYC Kubernetes Meetup: Ambassador and Istio - Flynn, Datawire
NYC Kubernetes Meetup: Ambassador and Istio - Flynn, DatawireAmbassador Labs
 
Ich brauche einen Abstraktions-Layer für meine Cloud
Ich brauche einen Abstraktions-Layer für meine CloudIch brauche einen Abstraktions-Layer für meine Cloud
Ich brauche einen Abstraktions-Layer für meine CloudQAware GmbH
 
Kubernetes 1.16 and rancher 2.3 enhancements
Kubernetes 1.16 and rancher 2.3 enhancementsKubernetes 1.16 and rancher 2.3 enhancements
Kubernetes 1.16 and rancher 2.3 enhancementsSaiyam Pathak
 
Gatekeeper: API gateway
Gatekeeper: API gatewayGatekeeper: API gateway
Gatekeeper: API gatewayChengHui Weng
 
Kubernetes: від знайомства до використання у CI/CD
Kubernetes: від знайомства до використання у CI/CDKubernetes: від знайомства до використання у CI/CD
Kubernetes: від знайомства до використання у CI/CDStfalcon Meetups
 
Spring Boot on Kubernetes/OpenShift
Spring Boot on Kubernetes/OpenShiftSpring Boot on Kubernetes/OpenShift
Spring Boot on Kubernetes/OpenShiftKamesh Sampath
 

La actualidad más candente (20)

The Good, the Bad and the Ugly of Migrating Hundreds of Legacy Applications ...
The Good, the Bad and the Ugly of Migrating Hundreds of Legacy Applications ... The Good, the Bad and the Ugly of Migrating Hundreds of Legacy Applications ...
The Good, the Bad and the Ugly of Migrating Hundreds of Legacy Applications ...
 
Sailing into 2018 with Kubernetes and Istio
Sailing into 2018 with Kubernetes and IstioSailing into 2018 with Kubernetes and Istio
Sailing into 2018 with Kubernetes and Istio
 
Mastering Microservices with Kong (CodeMotion 2019)
Mastering Microservices with Kong (CodeMotion 2019)Mastering Microservices with Kong (CodeMotion 2019)
Mastering Microservices with Kong (CodeMotion 2019)
 
Micro Service Architecture
Micro Service ArchitectureMicro Service Architecture
Micro Service Architecture
 
betterCode Workshop: Effizientes DevOps-Tooling mit Go
betterCode Workshop: Effizientes DevOps-Tooling mit GobetterCode Workshop: Effizientes DevOps-Tooling mit Go
betterCode Workshop: Effizientes DevOps-Tooling mit Go
 
Communication Amongst Microservices: Kubernetes, Istio, and Spring Cloud with...
Communication Amongst Microservices: Kubernetes, Istio, and Spring Cloud with...Communication Amongst Microservices: Kubernetes, Istio, and Spring Cloud with...
Communication Amongst Microservices: Kubernetes, Istio, and Spring Cloud with...
 
Kubernetes Multi-cluster without Federation - Kubecon EU 2018
Kubernetes Multi-cluster without Federation - Kubecon EU 2018Kubernetes Multi-cluster without Federation - Kubecon EU 2018
Kubernetes Multi-cluster without Federation - Kubecon EU 2018
 
Canadian CNCF: "Emissary-ingress 101: An introduction to the CNCF incubation-...
Canadian CNCF: "Emissary-ingress 101: An introduction to the CNCF incubation-...Canadian CNCF: "Emissary-ingress 101: An introduction to the CNCF incubation-...
Canadian CNCF: "Emissary-ingress 101: An introduction to the CNCF incubation-...
 
Continuous (Non)-Functional Testing of Microservices on k8s
Continuous (Non)-Functional Testing of Microservices on k8s Continuous (Non)-Functional Testing of Microservices on k8s
Continuous (Non)-Functional Testing of Microservices on k8s
 
Istio - A Service Mesh for Microservices as Scale
Istio - A Service Mesh for Microservices as ScaleIstio - A Service Mesh for Microservices as Scale
Istio - A Service Mesh for Microservices as Scale
 
Kubernetes overview 101
Kubernetes overview 101Kubernetes overview 101
Kubernetes overview 101
 
Managing traffic routing with istio and envoy workshop
Managing traffic routing with istio and envoy workshopManaging traffic routing with istio and envoy workshop
Managing traffic routing with istio and envoy workshop
 
12 Factor App
12 Factor App12 Factor App
12 Factor App
 
Container security within Cisco Container Platform
Container security within Cisco Container PlatformContainer security within Cisco Container Platform
Container security within Cisco Container Platform
 
NYC Kubernetes Meetup: Ambassador and Istio - Flynn, Datawire
NYC Kubernetes Meetup: Ambassador and Istio - Flynn, DatawireNYC Kubernetes Meetup: Ambassador and Istio - Flynn, Datawire
NYC Kubernetes Meetup: Ambassador and Istio - Flynn, Datawire
 
Ich brauche einen Abstraktions-Layer für meine Cloud
Ich brauche einen Abstraktions-Layer für meine CloudIch brauche einen Abstraktions-Layer für meine Cloud
Ich brauche einen Abstraktions-Layer für meine Cloud
 
Kubernetes 1.16 and rancher 2.3 enhancements
Kubernetes 1.16 and rancher 2.3 enhancementsKubernetes 1.16 and rancher 2.3 enhancements
Kubernetes 1.16 and rancher 2.3 enhancements
 
Gatekeeper: API gateway
Gatekeeper: API gatewayGatekeeper: API gateway
Gatekeeper: API gateway
 
Kubernetes: від знайомства до використання у CI/CD
Kubernetes: від знайомства до використання у CI/CDKubernetes: від знайомства до використання у CI/CD
Kubernetes: від знайомства до використання у CI/CD
 
Spring Boot on Kubernetes/OpenShift
Spring Boot on Kubernetes/OpenShiftSpring Boot on Kubernetes/OpenShift
Spring Boot on Kubernetes/OpenShift
 

Similar a Putting microservices on a diet with Istio

Putting microservices on a diet with istio
Putting microservices on a diet with istioPutting microservices on a diet with istio
Putting microservices on a diet with istioQAware GmbH
 
Putting Microservices on a Diet: with Istio!
Putting Microservices on a Diet: with Istio!Putting Microservices on a Diet: with Istio!
Putting Microservices on a Diet: with Istio!QAware GmbH
 
Managing microservices with Istio Service Mesh
Managing microservices with Istio Service MeshManaging microservices with Istio Service Mesh
Managing microservices with Istio Service MeshRafik HARABI
 
Istio: Using nginMesh as the service proxy
Istio: Using nginMesh as the service proxyIstio: Using nginMesh as the service proxy
Istio: Using nginMesh as the service proxyLee Calcote
 
Unmeshing the service mesh
Unmeshing the service meshUnmeshing the service mesh
Unmeshing the service meshCodeValue
 
FIWARE IoT Proposal & Community
FIWARE IoT Proposal & CommunityFIWARE IoT Proposal & Community
FIWARE IoT Proposal & CommunityFIWARE
 
Monitoring as an entry point for collaboration
Monitoring as an entry point for collaborationMonitoring as an entry point for collaboration
Monitoring as an entry point for collaborationJulien Pivotto
 
Programming IoT Gateways with macchina.io
Programming IoT Gateways with macchina.ioProgramming IoT Gateways with macchina.io
Programming IoT Gateways with macchina.ioGünter Obiltschnig
 
Debugging Microservices - QCON 2017
Debugging Microservices - QCON 2017Debugging Microservices - QCON 2017
Debugging Microservices - QCON 2017Idit Levine
 
Red hat forum istio & kiali - introduction and overview
Red hat forum istio & kiali - introduction and overviewRed hat forum istio & kiali - introduction and overview
Red hat forum istio & kiali - introduction and overviewLiran Cohen
 
OpenFest 2016 - Open Microservice Architecture
OpenFest 2016 - Open Microservice ArchitectureOpenFest 2016 - Open Microservice Architecture
OpenFest 2016 - Open Microservice ArchitectureNikolay Stoitsev
 
ICSE 2022 SEIP: Toward Among-Device AI from On-Device AI with Stream Pipelines
ICSE 2022 SEIP: Toward Among-Device AI from On-Device AI with Stream PipelinesICSE 2022 SEIP: Toward Among-Device AI from On-Device AI with Stream Pipelines
ICSE 2022 SEIP: Toward Among-Device AI from On-Device AI with Stream PipelinesMyungJoo Ham
 
CCICI CIP 1.0 Testbed - Security access implementation and reference - v1.0
CCICI CIP 1.0 Testbed - Security access implementation and reference - v1.0CCICI CIP 1.0 Testbed - Security access implementation and reference - v1.0
CCICI CIP 1.0 Testbed - Security access implementation and reference - v1.0Krishna-Kumar
 
Native Cloud-Native: Building Agile Microservices with the Micronaut Framework
Native Cloud-Native: Building Agile Microservices with the Micronaut FrameworkNative Cloud-Native: Building Agile Microservices with the Micronaut Framework
Native Cloud-Native: Building Agile Microservices with the Micronaut FrameworkZachary Klein
 
IRJET- Proof of Document using Multichain and Ethereum
IRJET- Proof of Document using Multichain and EthereumIRJET- Proof of Document using Multichain and Ethereum
IRJET- Proof of Document using Multichain and EthereumIRJET Journal
 
Kubernetes One-Click Deployment: Hands-on Workshop (Mainz)
Kubernetes One-Click Deployment: Hands-on Workshop (Mainz)Kubernetes One-Click Deployment: Hands-on Workshop (Mainz)
Kubernetes One-Click Deployment: Hands-on Workshop (Mainz)QAware GmbH
 
Kubecon SIG Apps December 2017 Update
Kubecon SIG Apps December 2017 UpdateKubecon SIG Apps December 2017 Update
Kubecon SIG Apps December 2017 UpdateMatthew Farina
 
Red Hat and kubernetes: awesome stuff coming your way
Red Hat and kubernetes: awesome stuff coming your wayRed Hat and kubernetes: awesome stuff coming your way
Red Hat and kubernetes: awesome stuff coming your wayJohannes Brännström
 
Istio Triangle Kubernetes Meetup Aug 2019
Istio Triangle Kubernetes Meetup Aug 2019Istio Triangle Kubernetes Meetup Aug 2019
Istio Triangle Kubernetes Meetup Aug 2019Ram Vennam
 

Similar a Putting microservices on a diet with Istio (20)

Putting microservices on a diet with istio
Putting microservices on a diet with istioPutting microservices on a diet with istio
Putting microservices on a diet with istio
 
Putting Microservices on a Diet: with Istio!
Putting Microservices on a Diet: with Istio!Putting Microservices on a Diet: with Istio!
Putting Microservices on a Diet: with Istio!
 
Managing microservices with Istio Service Mesh
Managing microservices with Istio Service MeshManaging microservices with Istio Service Mesh
Managing microservices with Istio Service Mesh
 
Istio: Using nginMesh as the service proxy
Istio: Using nginMesh as the service proxyIstio: Using nginMesh as the service proxy
Istio: Using nginMesh as the service proxy
 
What's Rio 〜Standalone〜
What's Rio 〜Standalone〜What's Rio 〜Standalone〜
What's Rio 〜Standalone〜
 
Unmeshing the service mesh
Unmeshing the service meshUnmeshing the service mesh
Unmeshing the service mesh
 
FIWARE IoT Proposal & Community
FIWARE IoT Proposal & CommunityFIWARE IoT Proposal & Community
FIWARE IoT Proposal & Community
 
Monitoring as an entry point for collaboration
Monitoring as an entry point for collaborationMonitoring as an entry point for collaboration
Monitoring as an entry point for collaboration
 
Programming IoT Gateways with macchina.io
Programming IoT Gateways with macchina.ioProgramming IoT Gateways with macchina.io
Programming IoT Gateways with macchina.io
 
Debugging Microservices - QCON 2017
Debugging Microservices - QCON 2017Debugging Microservices - QCON 2017
Debugging Microservices - QCON 2017
 
Red hat forum istio & kiali - introduction and overview
Red hat forum istio & kiali - introduction and overviewRed hat forum istio & kiali - introduction and overview
Red hat forum istio & kiali - introduction and overview
 
OpenFest 2016 - Open Microservice Architecture
OpenFest 2016 - Open Microservice ArchitectureOpenFest 2016 - Open Microservice Architecture
OpenFest 2016 - Open Microservice Architecture
 
ICSE 2022 SEIP: Toward Among-Device AI from On-Device AI with Stream Pipelines
ICSE 2022 SEIP: Toward Among-Device AI from On-Device AI with Stream PipelinesICSE 2022 SEIP: Toward Among-Device AI from On-Device AI with Stream Pipelines
ICSE 2022 SEIP: Toward Among-Device AI from On-Device AI with Stream Pipelines
 
CCICI CIP 1.0 Testbed - Security access implementation and reference - v1.0
CCICI CIP 1.0 Testbed - Security access implementation and reference - v1.0CCICI CIP 1.0 Testbed - Security access implementation and reference - v1.0
CCICI CIP 1.0 Testbed - Security access implementation and reference - v1.0
 
Native Cloud-Native: Building Agile Microservices with the Micronaut Framework
Native Cloud-Native: Building Agile Microservices with the Micronaut FrameworkNative Cloud-Native: Building Agile Microservices with the Micronaut Framework
Native Cloud-Native: Building Agile Microservices with the Micronaut Framework
 
IRJET- Proof of Document using Multichain and Ethereum
IRJET- Proof of Document using Multichain and EthereumIRJET- Proof of Document using Multichain and Ethereum
IRJET- Proof of Document using Multichain and Ethereum
 
Kubernetes One-Click Deployment: Hands-on Workshop (Mainz)
Kubernetes One-Click Deployment: Hands-on Workshop (Mainz)Kubernetes One-Click Deployment: Hands-on Workshop (Mainz)
Kubernetes One-Click Deployment: Hands-on Workshop (Mainz)
 
Kubecon SIG Apps December 2017 Update
Kubecon SIG Apps December 2017 UpdateKubecon SIG Apps December 2017 Update
Kubecon SIG Apps December 2017 Update
 
Red Hat and kubernetes: awesome stuff coming your way
Red Hat and kubernetes: awesome stuff coming your wayRed Hat and kubernetes: awesome stuff coming your way
Red Hat and kubernetes: awesome stuff coming your way
 
Istio Triangle Kubernetes Meetup Aug 2019
Istio Triangle Kubernetes Meetup Aug 2019Istio Triangle Kubernetes Meetup Aug 2019
Istio Triangle Kubernetes Meetup Aug 2019
 

Más de QAware GmbH

50 Shades of K8s Autoscaling #JavaLand24.pdf
50 Shades of K8s Autoscaling #JavaLand24.pdf50 Shades of K8s Autoscaling #JavaLand24.pdf
50 Shades of K8s Autoscaling #JavaLand24.pdfQAware GmbH
 
Make Agile Great - PM-Erfahrungen aus zwei virtuellen internationalen SAFe-Pr...
Make Agile Great - PM-Erfahrungen aus zwei virtuellen internationalen SAFe-Pr...Make Agile Great - PM-Erfahrungen aus zwei virtuellen internationalen SAFe-Pr...
Make Agile Great - PM-Erfahrungen aus zwei virtuellen internationalen SAFe-Pr...QAware GmbH
 
Fully-managed Cloud-native Databases: The path to indefinite scale @ CNN Mainz
Fully-managed Cloud-native Databases: The path to indefinite scale @ CNN MainzFully-managed Cloud-native Databases: The path to indefinite scale @ CNN Mainz
Fully-managed Cloud-native Databases: The path to indefinite scale @ CNN MainzQAware GmbH
 
Down the Ivory Tower towards Agile Architecture
Down the Ivory Tower towards Agile ArchitectureDown the Ivory Tower towards Agile Architecture
Down the Ivory Tower towards Agile ArchitectureQAware GmbH
 
"Mixed" Scrum-Teams – Die richtige Mischung macht's!
"Mixed" Scrum-Teams – Die richtige Mischung macht's!"Mixed" Scrum-Teams – Die richtige Mischung macht's!
"Mixed" Scrum-Teams – Die richtige Mischung macht's!QAware GmbH
 
Make Developers Fly: Principles for Platform Engineering
Make Developers Fly: Principles for Platform EngineeringMake Developers Fly: Principles for Platform Engineering
Make Developers Fly: Principles for Platform EngineeringQAware GmbH
 
Der Tod der Testpyramide? – Frontend-Testing mit Playwright
Der Tod der Testpyramide? – Frontend-Testing mit PlaywrightDer Tod der Testpyramide? – Frontend-Testing mit Playwright
Der Tod der Testpyramide? – Frontend-Testing mit PlaywrightQAware GmbH
 
Was kommt nach den SPAs
Was kommt nach den SPAsWas kommt nach den SPAs
Was kommt nach den SPAsQAware GmbH
 
Cloud Migration mit KI: der Turbo
Cloud Migration mit KI: der Turbo Cloud Migration mit KI: der Turbo
Cloud Migration mit KI: der Turbo QAware GmbH
 
Migration von stark regulierten Anwendungen in die Cloud: Dem Teufel die See...
Migration von stark regulierten Anwendungen in die Cloud: Dem Teufel die See... Migration von stark regulierten Anwendungen in die Cloud: Dem Teufel die See...
Migration von stark regulierten Anwendungen in die Cloud: Dem Teufel die See...QAware GmbH
 
Aus blau wird grün! Ansätze und Technologien für nachhaltige Kubernetes-Cluster
Aus blau wird grün! Ansätze und Technologien für nachhaltige Kubernetes-Cluster Aus blau wird grün! Ansätze und Technologien für nachhaltige Kubernetes-Cluster
Aus blau wird grün! Ansätze und Technologien für nachhaltige Kubernetes-Cluster QAware GmbH
 
Endlich gute API Tests. Boldly Testing APIs Where No One Has Tested Before.
Endlich gute API Tests. Boldly Testing APIs Where No One Has Tested Before.Endlich gute API Tests. Boldly Testing APIs Where No One Has Tested Before.
Endlich gute API Tests. Boldly Testing APIs Where No One Has Tested Before.QAware GmbH
 
Kubernetes with Cilium in AWS - Experience Report!
Kubernetes with Cilium in AWS - Experience Report!Kubernetes with Cilium in AWS - Experience Report!
Kubernetes with Cilium in AWS - Experience Report!QAware GmbH
 
50 Shades of K8s Autoscaling
50 Shades of K8s Autoscaling50 Shades of K8s Autoscaling
50 Shades of K8s AutoscalingQAware GmbH
 
Kontinuierliche Sicherheitstests für APIs mit Testkube und OWASP ZAP
Kontinuierliche Sicherheitstests für APIs mit Testkube und OWASP ZAPKontinuierliche Sicherheitstests für APIs mit Testkube und OWASP ZAP
Kontinuierliche Sicherheitstests für APIs mit Testkube und OWASP ZAPQAware GmbH
 
Service Mesh Pain & Gain. Experiences from a client project.
Service Mesh Pain & Gain. Experiences from a client project.Service Mesh Pain & Gain. Experiences from a client project.
Service Mesh Pain & Gain. Experiences from a client project.QAware GmbH
 
50 Shades of K8s Autoscaling
50 Shades of K8s Autoscaling50 Shades of K8s Autoscaling
50 Shades of K8s AutoscalingQAware GmbH
 
Blue turns green! Approaches and technologies for sustainable K8s clusters.
Blue turns green! Approaches and technologies for sustainable K8s clusters.Blue turns green! Approaches and technologies for sustainable K8s clusters.
Blue turns green! Approaches and technologies for sustainable K8s clusters.QAware GmbH
 
Per Anhalter zu Cloud Nativen API Gateways
Per Anhalter zu Cloud Nativen API GatewaysPer Anhalter zu Cloud Nativen API Gateways
Per Anhalter zu Cloud Nativen API GatewaysQAware GmbH
 
Aus blau wird grün! Ansätze und Technologien für nachhaltige Kubernetes-Cluster
Aus blau wird grün! Ansätze und Technologien für nachhaltige Kubernetes-Cluster Aus blau wird grün! Ansätze und Technologien für nachhaltige Kubernetes-Cluster
Aus blau wird grün! Ansätze und Technologien für nachhaltige Kubernetes-Cluster QAware GmbH
 

Más de QAware GmbH (20)

50 Shades of K8s Autoscaling #JavaLand24.pdf
50 Shades of K8s Autoscaling #JavaLand24.pdf50 Shades of K8s Autoscaling #JavaLand24.pdf
50 Shades of K8s Autoscaling #JavaLand24.pdf
 
Make Agile Great - PM-Erfahrungen aus zwei virtuellen internationalen SAFe-Pr...
Make Agile Great - PM-Erfahrungen aus zwei virtuellen internationalen SAFe-Pr...Make Agile Great - PM-Erfahrungen aus zwei virtuellen internationalen SAFe-Pr...
Make Agile Great - PM-Erfahrungen aus zwei virtuellen internationalen SAFe-Pr...
 
Fully-managed Cloud-native Databases: The path to indefinite scale @ CNN Mainz
Fully-managed Cloud-native Databases: The path to indefinite scale @ CNN MainzFully-managed Cloud-native Databases: The path to indefinite scale @ CNN Mainz
Fully-managed Cloud-native Databases: The path to indefinite scale @ CNN Mainz
 
Down the Ivory Tower towards Agile Architecture
Down the Ivory Tower towards Agile ArchitectureDown the Ivory Tower towards Agile Architecture
Down the Ivory Tower towards Agile Architecture
 
"Mixed" Scrum-Teams – Die richtige Mischung macht's!
"Mixed" Scrum-Teams – Die richtige Mischung macht's!"Mixed" Scrum-Teams – Die richtige Mischung macht's!
"Mixed" Scrum-Teams – Die richtige Mischung macht's!
 
Make Developers Fly: Principles for Platform Engineering
Make Developers Fly: Principles for Platform EngineeringMake Developers Fly: Principles for Platform Engineering
Make Developers Fly: Principles for Platform Engineering
 
Der Tod der Testpyramide? – Frontend-Testing mit Playwright
Der Tod der Testpyramide? – Frontend-Testing mit PlaywrightDer Tod der Testpyramide? – Frontend-Testing mit Playwright
Der Tod der Testpyramide? – Frontend-Testing mit Playwright
 
Was kommt nach den SPAs
Was kommt nach den SPAsWas kommt nach den SPAs
Was kommt nach den SPAs
 
Cloud Migration mit KI: der Turbo
Cloud Migration mit KI: der Turbo Cloud Migration mit KI: der Turbo
Cloud Migration mit KI: der Turbo
 
Migration von stark regulierten Anwendungen in die Cloud: Dem Teufel die See...
Migration von stark regulierten Anwendungen in die Cloud: Dem Teufel die See... Migration von stark regulierten Anwendungen in die Cloud: Dem Teufel die See...
Migration von stark regulierten Anwendungen in die Cloud: Dem Teufel die See...
 
Aus blau wird grün! Ansätze und Technologien für nachhaltige Kubernetes-Cluster
Aus blau wird grün! Ansätze und Technologien für nachhaltige Kubernetes-Cluster Aus blau wird grün! Ansätze und Technologien für nachhaltige Kubernetes-Cluster
Aus blau wird grün! Ansätze und Technologien für nachhaltige Kubernetes-Cluster
 
Endlich gute API Tests. Boldly Testing APIs Where No One Has Tested Before.
Endlich gute API Tests. Boldly Testing APIs Where No One Has Tested Before.Endlich gute API Tests. Boldly Testing APIs Where No One Has Tested Before.
Endlich gute API Tests. Boldly Testing APIs Where No One Has Tested Before.
 
Kubernetes with Cilium in AWS - Experience Report!
Kubernetes with Cilium in AWS - Experience Report!Kubernetes with Cilium in AWS - Experience Report!
Kubernetes with Cilium in AWS - Experience Report!
 
50 Shades of K8s Autoscaling
50 Shades of K8s Autoscaling50 Shades of K8s Autoscaling
50 Shades of K8s Autoscaling
 
Kontinuierliche Sicherheitstests für APIs mit Testkube und OWASP ZAP
Kontinuierliche Sicherheitstests für APIs mit Testkube und OWASP ZAPKontinuierliche Sicherheitstests für APIs mit Testkube und OWASP ZAP
Kontinuierliche Sicherheitstests für APIs mit Testkube und OWASP ZAP
 
Service Mesh Pain & Gain. Experiences from a client project.
Service Mesh Pain & Gain. Experiences from a client project.Service Mesh Pain & Gain. Experiences from a client project.
Service Mesh Pain & Gain. Experiences from a client project.
 
50 Shades of K8s Autoscaling
50 Shades of K8s Autoscaling50 Shades of K8s Autoscaling
50 Shades of K8s Autoscaling
 
Blue turns green! Approaches and technologies for sustainable K8s clusters.
Blue turns green! Approaches and technologies for sustainable K8s clusters.Blue turns green! Approaches and technologies for sustainable K8s clusters.
Blue turns green! Approaches and technologies for sustainable K8s clusters.
 
Per Anhalter zu Cloud Nativen API Gateways
Per Anhalter zu Cloud Nativen API GatewaysPer Anhalter zu Cloud Nativen API Gateways
Per Anhalter zu Cloud Nativen API Gateways
 
Aus blau wird grün! Ansätze und Technologien für nachhaltige Kubernetes-Cluster
Aus blau wird grün! Ansätze und Technologien für nachhaltige Kubernetes-Cluster Aus blau wird grün! Ansätze und Technologien für nachhaltige Kubernetes-Cluster
Aus blau wird grün! Ansätze und Technologien für nachhaltige Kubernetes-Cluster
 

Último

Delhi Call Girls CP 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
Delhi Call Girls CP 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip CallDelhi Call Girls CP 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
Delhi Call Girls CP 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Callshivangimorya083
 
Chintamani Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore ...
Chintamani Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore ...Chintamani Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore ...
Chintamani Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore ...amitlee9823
 
Cheap Rate Call girls Sarita Vihar Delhi 9205541914 shot 1500 night
Cheap Rate Call girls Sarita Vihar Delhi 9205541914 shot 1500 nightCheap Rate Call girls Sarita Vihar Delhi 9205541914 shot 1500 night
Cheap Rate Call girls Sarita Vihar Delhi 9205541914 shot 1500 nightDelhi Call girls
 
Discover Why Less is More in B2B Research
Discover Why Less is More in B2B ResearchDiscover Why Less is More in B2B Research
Discover Why Less is More in B2B Researchmichael115558
 
Call Girls in Sarai Kale Khan Delhi 💯 Call Us 🔝9205541914 🔝( Delhi) Escorts S...
Call Girls in Sarai Kale Khan Delhi 💯 Call Us 🔝9205541914 🔝( Delhi) Escorts S...Call Girls in Sarai Kale Khan Delhi 💯 Call Us 🔝9205541914 🔝( Delhi) Escorts S...
Call Girls in Sarai Kale Khan Delhi 💯 Call Us 🔝9205541914 🔝( Delhi) Escorts S...Delhi Call girls
 
Al Barsha Escorts $#$ O565212860 $#$ Escort Service In Al Barsha
Al Barsha Escorts $#$ O565212860 $#$ Escort Service In Al BarshaAl Barsha Escorts $#$ O565212860 $#$ Escort Service In Al Barsha
Al Barsha Escorts $#$ O565212860 $#$ Escort Service In Al BarshaAroojKhan71
 
Schema on read is obsolete. Welcome metaprogramming..pdf
Schema on read is obsolete. Welcome metaprogramming..pdfSchema on read is obsolete. Welcome metaprogramming..pdf
Schema on read is obsolete. Welcome metaprogramming..pdfLars Albertsson
 
Call Girls Hsr Layout Just Call 👗 7737669865 👗 Top Class Call Girl Service Ba...
Call Girls Hsr Layout Just Call 👗 7737669865 👗 Top Class Call Girl Service Ba...Call Girls Hsr Layout Just Call 👗 7737669865 👗 Top Class Call Girl Service Ba...
Call Girls Hsr Layout Just Call 👗 7737669865 👗 Top Class Call Girl Service Ba...amitlee9823
 
Ravak dropshipping via API with DroFx.pptx
Ravak dropshipping via API with DroFx.pptxRavak dropshipping via API with DroFx.pptx
Ravak dropshipping via API with DroFx.pptxolyaivanovalion
 
Market Analysis in the 5 Largest Economic Countries in Southeast Asia.pdf
Market Analysis in the 5 Largest Economic Countries in Southeast Asia.pdfMarket Analysis in the 5 Largest Economic Countries in Southeast Asia.pdf
Market Analysis in the 5 Largest Economic Countries in Southeast Asia.pdfRachmat Ramadhan H
 
Week-01-2.ppt BBB human Computer interaction
Week-01-2.ppt BBB human Computer interactionWeek-01-2.ppt BBB human Computer interaction
Week-01-2.ppt BBB human Computer interactionfulawalesam
 
Mature dropshipping via API with DroFx.pptx
Mature dropshipping via API with DroFx.pptxMature dropshipping via API with DroFx.pptx
Mature dropshipping via API with DroFx.pptxolyaivanovalion
 
Delhi Call Girls Punjabi Bagh 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
Delhi Call Girls Punjabi Bagh 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip CallDelhi Call Girls Punjabi Bagh 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
Delhi Call Girls Punjabi Bagh 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Callshivangimorya083
 
Log Analysis using OSSEC sasoasasasas.pptx
Log Analysis using OSSEC sasoasasasas.pptxLog Analysis using OSSEC sasoasasasas.pptx
Log Analysis using OSSEC sasoasasasas.pptxJohnnyPlasten
 
Vip Model Call Girls (Delhi) Karol Bagh 9711199171✔️Body to body massage wit...
Vip Model Call Girls (Delhi) Karol Bagh 9711199171✔️Body to body massage wit...Vip Model Call Girls (Delhi) Karol Bagh 9711199171✔️Body to body massage wit...
Vip Model Call Girls (Delhi) Karol Bagh 9711199171✔️Body to body massage wit...shivangimorya083
 
Accredited-Transport-Cooperatives-Jan-2021-Web.pdf
Accredited-Transport-Cooperatives-Jan-2021-Web.pdfAccredited-Transport-Cooperatives-Jan-2021-Web.pdf
Accredited-Transport-Cooperatives-Jan-2021-Web.pdfadriantubila
 
Introduction-to-Machine-Learning (1).pptx
Introduction-to-Machine-Learning (1).pptxIntroduction-to-Machine-Learning (1).pptx
Introduction-to-Machine-Learning (1).pptxfirstjob4
 
FESE Capital Markets Fact Sheet 2024 Q1.pdf
FESE Capital Markets Fact Sheet 2024 Q1.pdfFESE Capital Markets Fact Sheet 2024 Q1.pdf
FESE Capital Markets Fact Sheet 2024 Q1.pdfMarinCaroMartnezBerg
 

Último (20)

Delhi Call Girls CP 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
Delhi Call Girls CP 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip CallDelhi Call Girls CP 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
Delhi Call Girls CP 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
 
Abortion pills in Doha Qatar (+966572737505 ! Get Cytotec
Abortion pills in Doha Qatar (+966572737505 ! Get CytotecAbortion pills in Doha Qatar (+966572737505 ! Get Cytotec
Abortion pills in Doha Qatar (+966572737505 ! Get Cytotec
 
Chintamani Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore ...
Chintamani Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore ...Chintamani Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore ...
Chintamani Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore ...
 
Cheap Rate Call girls Sarita Vihar Delhi 9205541914 shot 1500 night
Cheap Rate Call girls Sarita Vihar Delhi 9205541914 shot 1500 nightCheap Rate Call girls Sarita Vihar Delhi 9205541914 shot 1500 night
Cheap Rate Call girls Sarita Vihar Delhi 9205541914 shot 1500 night
 
Discover Why Less is More in B2B Research
Discover Why Less is More in B2B ResearchDiscover Why Less is More in B2B Research
Discover Why Less is More in B2B Research
 
Call Girls in Sarai Kale Khan Delhi 💯 Call Us 🔝9205541914 🔝( Delhi) Escorts S...
Call Girls in Sarai Kale Khan Delhi 💯 Call Us 🔝9205541914 🔝( Delhi) Escorts S...Call Girls in Sarai Kale Khan Delhi 💯 Call Us 🔝9205541914 🔝( Delhi) Escorts S...
Call Girls in Sarai Kale Khan Delhi 💯 Call Us 🔝9205541914 🔝( Delhi) Escorts S...
 
Al Barsha Escorts $#$ O565212860 $#$ Escort Service In Al Barsha
Al Barsha Escorts $#$ O565212860 $#$ Escort Service In Al BarshaAl Barsha Escorts $#$ O565212860 $#$ Escort Service In Al Barsha
Al Barsha Escorts $#$ O565212860 $#$ Escort Service In Al Barsha
 
Schema on read is obsolete. Welcome metaprogramming..pdf
Schema on read is obsolete. Welcome metaprogramming..pdfSchema on read is obsolete. Welcome metaprogramming..pdf
Schema on read is obsolete. Welcome metaprogramming..pdf
 
Call Girls Hsr Layout Just Call 👗 7737669865 👗 Top Class Call Girl Service Ba...
Call Girls Hsr Layout Just Call 👗 7737669865 👗 Top Class Call Girl Service Ba...Call Girls Hsr Layout Just Call 👗 7737669865 👗 Top Class Call Girl Service Ba...
Call Girls Hsr Layout Just Call 👗 7737669865 👗 Top Class Call Girl Service Ba...
 
Call Girls In Shalimar Bagh ( Delhi) 9953330565 Escorts Service
Call Girls In Shalimar Bagh ( Delhi) 9953330565 Escorts ServiceCall Girls In Shalimar Bagh ( Delhi) 9953330565 Escorts Service
Call Girls In Shalimar Bagh ( Delhi) 9953330565 Escorts Service
 
Ravak dropshipping via API with DroFx.pptx
Ravak dropshipping via API with DroFx.pptxRavak dropshipping via API with DroFx.pptx
Ravak dropshipping via API with DroFx.pptx
 
Market Analysis in the 5 Largest Economic Countries in Southeast Asia.pdf
Market Analysis in the 5 Largest Economic Countries in Southeast Asia.pdfMarket Analysis in the 5 Largest Economic Countries in Southeast Asia.pdf
Market Analysis in the 5 Largest Economic Countries in Southeast Asia.pdf
 
Week-01-2.ppt BBB human Computer interaction
Week-01-2.ppt BBB human Computer interactionWeek-01-2.ppt BBB human Computer interaction
Week-01-2.ppt BBB human Computer interaction
 
Mature dropshipping via API with DroFx.pptx
Mature dropshipping via API with DroFx.pptxMature dropshipping via API with DroFx.pptx
Mature dropshipping via API with DroFx.pptx
 
Delhi Call Girls Punjabi Bagh 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
Delhi Call Girls Punjabi Bagh 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip CallDelhi Call Girls Punjabi Bagh 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
Delhi Call Girls Punjabi Bagh 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
 
Log Analysis using OSSEC sasoasasasas.pptx
Log Analysis using OSSEC sasoasasasas.pptxLog Analysis using OSSEC sasoasasasas.pptx
Log Analysis using OSSEC sasoasasasas.pptx
 
Vip Model Call Girls (Delhi) Karol Bagh 9711199171✔️Body to body massage wit...
Vip Model Call Girls (Delhi) Karol Bagh 9711199171✔️Body to body massage wit...Vip Model Call Girls (Delhi) Karol Bagh 9711199171✔️Body to body massage wit...
Vip Model Call Girls (Delhi) Karol Bagh 9711199171✔️Body to body massage wit...
 
Accredited-Transport-Cooperatives-Jan-2021-Web.pdf
Accredited-Transport-Cooperatives-Jan-2021-Web.pdfAccredited-Transport-Cooperatives-Jan-2021-Web.pdf
Accredited-Transport-Cooperatives-Jan-2021-Web.pdf
 
Introduction-to-Machine-Learning (1).pptx
Introduction-to-Machine-Learning (1).pptxIntroduction-to-Machine-Learning (1).pptx
Introduction-to-Machine-Learning (1).pptx
 
FESE Capital Markets Fact Sheet 2024 Q1.pdf
FESE Capital Markets Fact Sheet 2024 Q1.pdfFESE Capital Markets Fact Sheet 2024 Q1.pdf
FESE Capital Markets Fact Sheet 2024 Q1.pdf
 

Putting microservices on a diet with Istio

  • 1. Mario-Leander Reimer, QAware GmbH mario-leander.reimer@qaware.de Putting microservices on a diet with Istio London, 29th October 2018
  • 2. Mario-Leander Reimer Principal Software Architect, QAware GmbH Mail: mario-leander.reimer@qaware.de Twitter: @LeanderReimer Github: https://github.com/lreimer/ Slides: https://speakerdeck.com/lreimer/ 29.10.2018 2 Developer && Architect 20+ years of experience #CloudNativeNerd Open Source Enthusiast Speaker && Author
  • 3. Fork me on Github. https://github.com/lreimer/microservice-diet-with-istio
  • 5. loosely coupled stateless bounded contexts makeameme.org
  • 6. Essential Cloud-native Design Principles. 6 Design for Distribution: Containers; microservices; API driven development. Design for Configuration: One image, multiple environments. Design for Resiliency: Fault-tolerant and self-healing. Design for Elasticity: Scales dynamically and reacts to stimuli. Design for Delivery: Short roundtrips and automated provisioning. Design for Performance: Responsive; concurrent; resource efficient. Design for Automation: Automated Dev & Ops tasks. Design for Diagnosability: Cluster-wide logs, metrics and traces. Design for Security: Secure Endpoints, API-Gateways, E2E-Encryption
  • 9. Concrete Blueprint Incarnation with Spring Cloud Netflix. 9 Some Facts: 58 MB Uberjar 192 Dependencies 3 KB Classes
  • 10. A polyglot microservice architecture suffers from severe library bloat and bad maintainability in the long run. 10
  • 11. Istio is like AOP, but for microservice communication.
  • 12. Istio to the Rescue! 12
  • 13. Conceptual View on a Kubernetes Cluster. 13
  • 14. Demo
  • 15. Pods are the smallest unit of compute in Kubernetes Labels are key/value pairs used to identify Kubernetes resources Replica Sets ensure that the desired number of pod replicas are running Deployments are an abstraction used to declare and update pods, RCs, … Services are an abstraction for a logical collection of pods providing DNS name Ingress routes traffic from outside the cluster to services and ports based on URL patterns and host Kubernetes Glossary. 15
  • 16. GoF in the Cloud: Container Orchestration Patterns. 16http://blog.kubernetes.io/2015/06/the-distributed-system-toolkit-patterns.html 1. Sidecar Container: Extend container behaviour Log Extraction / Reformating (fluentd, logstash) Scheduling (cron, quartz) 2. Ambassador Container: Proxy communication TLS Tunnel (Stunnel, ghostunnel, Istio) Circuit Breaking (linkerd, Istio) Request Monitoring (linkerd, Istio) 3. Adapter Container: Provide a standardized interface Monitoring (Prometheus) Configuration (ConfigMaps, Secrets, …)
  • 17. Conceptual Istio Architecture and Components. 17
  • 18. 18 Envoy: Sidecar proxy per microservice that handles inbound/outbound traffic within each Pod. Extended version of Envoy project. Gateway: Inbound gateway / ingress. Nothing more than a managed Envoy. Mixer: Policy / precondition checks and telemetry. Highly scalable. Envoy caches policy checks within the sidecar (level 1) and within envoy instances (level 2), buffers telemetry data locally and centrally, and can be run in multiple instances. Mixer includes a flexible plugin model. https://istio.io/blog/2017/mixer-spof-myth.html Pilot: Pilot converts high level routing rules that control traffic behavior into Envoy-specific configurations, and propagates them to the sidecars at runtime. Watches services and transforms this information in a canonical platform-agnostic model (abstracting away from k8s, Nomad, Consul etc). The envoy configuration is then derived from this canonical model. Exposes the Rules API to add traffic management rules. Citadel: CA for service-to-service authx and encryption. Certs are delivered as a secret volume mount. Workload identity is provided in SPIFFE format. https://istio.io/docs/concepts/security/mutual-tls.html
  • 19. Demo
  • 20. Gateway configures a load balancer for HTTP/TCP traffic, enables ingress traffic into the service mesh Virtual Service defines the rules that control how requests for a service are routed within the service mesh Destination Rule configures the set of policies to be applied to a request after VirtualService routing has occurred Service Version aka Subset allows to select a subset of pods based on labels Service Entry enables requests to services outside of the service mesh Istio Glossary. 20
  • 21. apiVersion: networking.istio.io/v1alpha3 kind: Gateway metadata: name: hello-istio-gateway spec: selector: # use istio default controller istio: ingressgateway servers: - port: number: 80 name: http protocol: HTTP hosts: - "hello-istio.cloud" Example Istio Gateway and VirtualService Definitions. 21 apiVersion: networking.istio.io/v1alpha3 kind: VirtualService metadata: name: hello-istio spec: hosts: - "hello-istio.cloud" gateways: - hello-istio-gateway http: - match: - uri: exact: /api/hello route: - destination: host: hello-istio port: number: 8080 Exact URI Routing
  • 23. Different release patterns can easily be applied. 23
  • 24. Different release patterns can easily be applied. 24
  • 25. apiVersion: networking.istio.io/v1alpha3 kind: VirtualService metadata: name: hello-istio spec: hosts: - "hello-istio.cloud" gateways: - hello-istio-gateway http: - route: - destination: host: hello-istio subset: v1 weight: 70 - destination: host: hello-istio subset: v2 weight: 30 Examples for different routing configurations. 25 apiVersion: networking.istio.io/v1alpha3 kind: VirtualService metadata: name: hello-istio spec: hosts: - "hello-istio.cloud" gateways: - hello-istio-gateway http: - match: - headers: user-agent: regex: ".*Chrome.*" route: - destination: host: hello-istio subset: v2 - route: - destination: host: hello-istio subset: v1 Weighted Traffic Routing Header basedTraffic Routing
  • 27. apiVersion: networking.istio.io/v1alpha3 kind: VirtualService metadata: name: alphabet-service spec: hosts: - alphabet-service http: - fault: delay: fixedDelay: 2s percent: 50 abort: httpStatus: 500 percent: 50 route: - destination: host: alphabet-service subset: v1 Examples for fault injection and circuit breaker policy. 27 apiVersion: networking.istio.io/v1alpha3 kind: DestinationRule metadata: name: alphabet-service spec: host: alphabet-service trafficPolicy: connectionPool: http: http1MaxPendingRequests: 1 maxRequestsPerConnection: 1 tcp: maxConnections: 1 outlierDetection: baseEjectionTime: 5.000s consecutiveErrors: 1 interval: 1.000s maxEjectionPercent: 100 subsets: - name: v1 labels: version: v1 Circuit Breaker Policy Fault Injection
  • 28. Istio has built-in support for service mesh diagnosability. 28 Diagnosability Triangle Metrics LogsTraces
  • 29. Not all Istio features are marked Stable yet, but Beta can already be used in Production. 29 Istio v1.0.3 is deemed production ready. Core: 4 Stable, 3 Beta, 6 Alpha Traffic Management: 1 Stable, 5 Beta, 1 Alpha Security and Policy Enforcement: 5 Stable, 2 Beta, 4 Alpha Telemetry: 4 Stable, 2 Beta, 7 Alpha Other Service Mesh technologies are emerging. Linkerd and Conduit Consul Connect See https://istio.io/about/feature-stages/