Many Java-based organizations adopt cloud native development practices with the goal of shipping features faster. The technologies and architectures may change when we move to the cloud, but the fact remains that we all still add the occasional bug to our code. The challenge here is that many of your existing local debugging tools and practices can't be used when everything is running in a container or deployed onto Kubernetes running in the cloud. This is where the open source Telepresence tool can help. Join me to learn about: - The challenges with scaling Kubernetes-based Java development i.e. you can only run so many microservices locally before minikube melts your laptop - An exploration of how Telepresence can "intercept" or reroute traffic from a specified service in a remote K8s cluster to your local dev machine - The benefits of getting a "hot reload" fast feedback loop between applications being developed locally and apps running in the remote environment - A tour of Telepresence, from the sidecar proxy deployed into the remote K8s cluster to the CLI - An overview of using "preview URLs" and header-based routing for the sharing, collaboration, and isolation of changes you are making on your local copy of an intercepted service

1. Easy Debugging of Java Microservices
Running on Kubernetes, with Telepresence
Daniel Bryant

2. @danielbryantuk
tl;dr
2
• The inner development loop can be painful with Java microservices & Kubernetes
• Telepresence “proxies” your local machine into the cluster, increasing fast feedback
• Telepresence supports several workflows, from small to large systems
• Please support this CNCF project — get involved!

3. @danielbryantuk
3

4. Setting the Scene
4

5. @danielbryantuk
Inner and outer dev loops
5
Hat tip to Mitch Denny (now 404): https://mitchdenny.com/the-inner-loop/
http://jorgemoral.es/posts/2020_03_17-develop_apps…

6. @danielbryantuk
Inner and outer loop with K8s can be the same
6
• Write code
• Build container
• Push to registry
• Deploy to cluster
• Test
And can be …. SLOW.

7. @danielbryantuk
Automation can help…
7

8. @danielbryantuk
tl;dr
8
But you want a really fast inner loop (no docker build/push) …

9. @danielbryantuk
tl;dr
9 And you want to use your own tools.

10. @danielbryantuk
So, let’s run everything locally…
10

11. @danielbryantuk
tl;dr
11
“My laptop only
has 16GB RAM and
you’re asking it to
run Kubernetes
and a JVM and a
database???”

12. @danielbryantuk
12

13. @danielbryantuk
What is Telepresence
13
• “Fancy Kubernetes VPN for development
• “kubectl port-forward on steroids”
• A network bridge between your laptop and the Kubernetes cluster

14. @danielbryantuk
Telepresence: Local-to-Remote bridge
14

15. @danielbryantuk
Telepresence: Local-to-Remote bridge
15
www.youtube.com/watch?v=W_a3aErN3NU

16. Demo Time!
16

17. @danielbryantuk
Preview URLs, Personal Intercepts
17

18. @danielbryantuk
Telepresence: Local-to-Remote bridge
18
telepresence connect
• Open a tunnel to the remote cluster; exposes “in-cluster” services/network/DNS
telepresence intercept my-service —port 3000
• Re-routes (intercepts) tra
ff
ic to my-service in the remote cluster to my local machine
telepresence login & telepresence intercept
• Create preview URL to isolate and share results of the intercept

19. @danielbryantuk
Telepresence: Local-to-Remote bridge
$ telepresence intercept dataprocessingnodeservice --port 3000
19
Using deployment dataprocessingnodeservice
intercepted
State : ACTIVE
Destination : 127.0.0.1:3000
Intercepting: HTTP requests that match all of:
header("x-telepresence-intercept-id") ~= regexp ("76a1e848-1829-74x-1138-e3294c1e9119:dataprocessingnodeservice")
Preview URL : https://[random-subdomain].preview.edgestack.me
www.youtube.com/watch?v=W_a3aErN3NU

20. The Good, the Bad, and the
“Don’t Try this at Home”
20

21. @danielbryantuk
Benefits
21
• Use any tool that runs on your laptop: IDE, profiler, debugger, …
• Connect to cloud-based resources
• Same network namespace (e.g., nslookup works)
• Very fast inner loop!

22. @danielbryantuk
Requirements
22
• Network connection
• kubectl access to cluster
• Mac, Linux, or WSL2

23. @danielbryantuk
23

24. @danielbryantuk
tl;dr
24
• Capturing DNS and routing selectively to the
cluster is tricky
• Maintaining proxy connections can be
challenging
• Kubernetes has many resource types
• No two laptops are alike
• No two clusters are alike
• And more

25. @danielbryantuk
Telepresence is a CNCF project, with a wide variety of users
25

26. Workflows
26

27. @danielbryantuk
Simple Workflow (YOLO)
27
• One (production) cluster for single-source-of-truth microservices
• Developer checks out code and works on microservices
• Intercepts services on demand using Telepresence + IDE
• Once code is done, microservices are built and deployed via pipeline
Testing in production can be… scary

28. @danielbryantuk
28

29. @danielbryantuk
Typical Workflow (SME)
29
• One shared (dev) cluster for single-source-of-truth microservices
• Developers check out one of the microservices (and coordinate with other devs)
• Watch for coupled service/API evolution
• Take care with mutating shared state
• Developers intercept and work on services via Telepresence + IDE
• Pipeline is used to run tests, build, and deploy to staging and prod
https://www.youtube.com/watch?v=75soljoqhjY

30. @danielbryantuk
Advanced Workflow
30
• One cluster with multiple namespaces for all single-source-of-truth microservices
• Developers check out one of the microservices
• Developers use Bazel + Telepresence + IDE
• Telepresence (1) is used in container mode with Bazel images
• Once code is done, Jenkins is used to run tests, build, and deploy
https://www.youtube.com/watch?v=tD0FIlxO1AQ

31. Wrapping up
31

32. @danielbryantuk
Conclusion
32
• The inner development loop can be painful with Java microservices & Kubernetes
• Telepresence “proxies” your local dev machine into the cluster, increasing fast feedback
• Telepresence supports several workflows, from small to large systems
• Please support this CNCF project — get involved!

33. @danielbryantuk
Contributing to Telepresence
33
• Documentation and workflows
• Explain how you integrate Telepresence into your development workflow
• Let us know if you’re a user!
• Triage
• Lots of folks use GitHub for support, which doesn’t scale well
• Join Slack to help other users https://d6e.co/slack #telepresence

34. @danielbryantuk
Thank you! Questions?
34
getambassador.io/products/telepresence
Easy Debugging of Spring Boot Microservices
Running on Kubernetes
AL Developer O
ff
ice Hours:
• K8s Diagnosing and debugging: 3pm, 15th April
• Java debugging: 3pm, 22nd April
db@datawire.com / @danielbryantuk

35. @danielbryantuk
35
Bonus: Patterns, practices, and
tooling

36. @danielbryantuk
Putting it All Together: Safety and Speed
36
https://www.weave.works/blog/what-is-gitops-really
Development Production
Fast inner/outer dev loop GitOps
Speed
Safety

37. 37
Develop
Test
Deploy/
Release
Run
Progressive Delivery
Rollback
Observability
Chaos Engineering
Runbooks
Fast dev loop
Fast feedback
Realistic test
environments
Developer
Self-Service

38. @danielbryantuk
Pattern: Artifact Syncing
38
• Pain points:
• Can’t run all required dependent services locally
• Sick of code, build image, push to remote registry slow dev loop
• Integration tests rely on mocks (with implicit assumptions)
• Solution
• Deploy all services to remote environment and sync local changes (combine with buildpacks)
• O
ft
en combined with development environment bridging
• Example tool
• Ska
ff
old (ksync, Tilt, Garden)

39. @danielbryantuk
Pattern: Dev Environment Bridging/Extension
39
• Pain points:
• Can’t run all required dependent services locally
• Integration tests rely on mocks (with implicit assumptions)
• Need “hot reload” coupled to remote services/resources
• Solution
• Deploy all services to remote environment and proxy/re-route tra
ff
ic to/from
a local running copy of a service (or subset of services)
• Example tool
• Telepresence