SlideShare uma empresa Scribd logo

Kubernetes and Istio

Ketan Gote
Ketan Gote

Istio Introduction Setup Shopping Portal Microservice Deployment Canary Deployment Routing Rules based on User Agent and Weight Distributed Tracing Visualizing Metrics

Tecnologia
1 de 29
Baixar para ler offline
Kubernetes / Istio Ketan Gote: Co-Founder / CDO, MetaMagic Global Inc., NJ, USA
Agenda 10/19/2018 (C) COPYRIGHT METAMAGIC GLOBAL INC., NEW JERSEY, USA 2 • Istio Introduction • Setup • Shopping Portal Microservice Deployment • Canary Deployment • Routing Rules based on User Agent and Weight • Distributed Tracing • Visualizing Metrics
Microservice In Kubernetes Clusters 10/19/2018 (C) COPYRIGHT METAMAGIC GLOBAL INC., NEW JERSEY, USA 3 INGRESS MS App1 Service Endpoints MS App2 Service Endpoints MS App1 Pod MS App1 Pod MS App1 Pod MS App2 Pod MS App2 Pod MS App2 Pod • No Retries • No Timeout • No Routing decisions • No intelligent load balancing • No Encryption • No Access Controls • No Log Tracing • No Access Control Load balancer
Microservice In Istio 10/19/2018 (C) COPYRIGHT METAMAGIC GLOBAL INC., NEW JERSEY, USA 4 Virtual Service Load balancer Gateway MS App1 Service Endpoints Destination Rules MS App2 Service Endpoints Destination Rules MS App2 Envoy Proxy POD MS App1 Envoy Proxy POD Pilot Mixer Citadel Policy, Telemetry TLSConfig Data Control Plane API • Specify retries • Specify Timeout • Routing decisions • Intelligent load balancing • Encryption • Access Controls • Log Tracing • Access Control Benefits of Istio
Istio Setup 10/19/2018 (C) COPYRIGHT METAMAGIC GLOBAL INC., NEW JERSEY, USA 5 Follow below sets to install Istio: • wget https://github.com/istio/istio/releases/download/1.0.2/istio-1.0.2-linux.tar.gz • tar -xzvf istio-1.0.2-linux.tar.gz • cd istio-1.0.2 • echo 'export PATH="$PATH:/home/ubuntu/istio-1.0.2/bin"' >> ~/.profile • type "istioctl" to confirm path is setup properly If you are using minikube make sure you have enabled ingress, metric-server & heapster.
Istio Setup 10/19/2018 (C) COPYRIGHT METAMAGIC GLOBAL INC., NEW JERSEY, USA 6 Apply CRDS: • kubectl apply -f ~/istio-1.0.2/install/kubernetes/helm/istio/templates/crds.yaml Option 1: With no mutual TLS authentication • kubectl apply -f ~/istio-1.0.2/install/kubernetes/istio-demo.yaml Option 2: or with mutual TLS authentication • kubectl apply -f ~/istio-1.0.2/install/kubernetes/istio-demo-auth.yaml Installation Verification kubectl get pods -n istio-system kubectl get svc -n istio-system
Shopping Portal Demo Microservice 10/19/2018 (C) COPYRIGHT METAMAGIC GLOBAL INC., NEW JERSEY, USA 7 This Demo Application deployment consist of four components • UI – Build using Angular • MYSQL – Database for storing and retrieving data • Product Review Microservice • Endpoint exposed to get reviews based on product • Product Microservice • Endpoints exposed to fetch product and get product details, when product specific details are fetched it internally calls product review microservice to get review. Note: Deployment architecture diagram in next slide.
Shopping Portal - Istio /ui /productms /productreview Gateway Virtual Service UI Pod UI Pod UI Pod UI Service Product Pod Product Pod Product Pod Product Service Review Pod Review Pod Review Pod Review Service MySQL Pod Deployment / Replica / Pod N1 N2 N2 N4 N1 N3 N4 N3 NodesIstio Sidecar - Envoy Destination Rule Destination Rule Destination Rule Load Balancer Kubernetes Objects Istio Objects Firewall Pilot Mixer CitadelIstio Control Plane Service Call Kube DNS EndPoints EndPoints EndPoints Internal Load Balancers
Installing the sidecar 10/19/2018 (C) COPYRIGHT METAMAGIC GLOBAL INC., NEW JERSEY, USA 9 Each pod in the mesh must be running in Istio compatible sidecar. There are multiple way to inject sidecar Manually or Automatic. • Manual Injection using command: $ istioctl kube-inject -f samples/sleep/sleep.yaml | kubectl apply -f – • In our application we will be creating namespace which has Istio-injection enabled. So every deployment which happens within that namespaces has sidecar deployed automatically. • Below namespace configuration is present on Git $ kubectl create -f https://raw.githubusercontent.com/meta-magic/kubernetes_workshop/master/yaml/istio/shopping-ns.yaml • Use below command to create namespace
Create MySQL POD 10/19/2018 (C) COPYRIGHT METAMAGIC GLOBAL INC., NEW JERSEY, USA 10 Deploy below configuration YAML using kubectl. This will create MYSQL Pod, Service, Persistence volume. • kubectl create -f https://raw.githubusercontent.com/meta-magic/kubernetes_workshop/master/yaml/mysqlfiles/mysql-secret.yaml • kubectl create -f https://raw.githubusercontent.com/metamagic/kubernetes_workshop/master/yaml/mysqlfiles/mysql-pv.yaml • kubectl create -f https://raw.githubusercontent.com/metamagic/kubernetes_workshop/master/yaml/mysqlfiles/mysql-pvc.yaml • kubectl create -f https://raw.githubusercontent.com/metamagic/kubernetes_workshop/master/yaml/mysqlfiles/mysql-dep.yaml • kubectl create -f https://raw.githubusercontent.com/metamagic/kubernetes_workshop/master/yaml/mysqlfiles/mysql-svc.yaml • Use below commands to see pods and service running. • kubectl get pods,svc –n shoppingportal You can see 2 container running in mysql POD. One is mysql container and other is envoy proxy
Deploy Product Microservice 10/19/2018 (C) COPYRIGHT METAMAGIC GLOBAL INC., NEW JERSEY, USA 11 We will be deploying two version of Product Microservice i.e. v1 (stable) and v2 (canary). As we are having multiple version we need to provide destination rules. When we deploy virtual-service we will be adding routing rules to direct traffic to v2 based on some rules. • Deploy below configuration YAML using kubectl. This will create Product Microservice Pod, Service. kubectl create -f https://raw.githubusercontent.com/metamagic/kubernetes_workshop/master/yaml/istio/product/product-v1.yaml kubectl create -f https://raw.githubusercontent.com/metamagic/kubernetes_workshop/master/yaml/istio/product/product-v2.yaml kubectl create -f https://raw.githubusercontent.com/metamagic/kubernetes_workshop/master/yaml/istio/product/product-destination.yaml kubectl create -f https://raw.githubusercontent.com/metamagic/kubernetes_workshop/master/yaml/istio/product/product-service.yaml • Use below command to see number of POD and service running. • kubectl get pods,svc –n shoppingportal Two version of product microservice deployed each containing 2 container. One is product microservice container and other is envoy proxy
Deploy Review Microservice 10/19/2018 (C) COPYRIGHT METAMAGIC GLOBAL INC., NEW JERSEY, USA 12 • Deploy below configuration YAML using kubectl. This will create Product Review Microservice Pod, Service. kubectl create -f https://raw.githubusercontent.com/metamagic/kubernetes_workshop/master/yaml/istio/productreview/productreview-v1.yaml kubectl create -f https://raw.githubusercontent.com/meta-magic/kubernetes_workshop/master/yaml/istio/productreview/productreview-service.yaml • Use below command to see number of POD and service running. kubectl get pods,svc –n shoppingportal You can see 2 container running in Product Review POD. One is product microservice container and other is envoy proxy
Deploy UI 10/19/2018 (C) COPYRIGHT METAMAGIC GLOBAL INC., NEW JERSEY, USA 13 We will be deploying two version of UI i.e. v1 (stable) and v2 (canary). As we are having multiple version we need to provide destination rules. When we deploy virtual-service we will be adding routing rules to direct traffic to v2 based on some rules. • Deploy below configuration YAML using kubectl. This will create UI Pod, Service. kubectl create -f https://raw.githubusercontent.com/meta-magic/kubernetes_workshop/master/yaml/istio/ui/ui-v1.yaml kubectl create -f https://raw.githubusercontent.com/meta-magic/kubernetes_workshop/master/yaml/istio/ui/ui-v2.yaml kubectl create -f https://raw.githubusercontent.com/meta-magic/kubernetes_workshop/master/yaml/istio/ui/ui-destination.yaml kubectl create -f https://raw.githubusercontent.com/meta-magic/kubernetes_workshop/master/yaml/istio/ui/ui-service.yaml • Use below command to see number of POD and service running. kubectl get pods,svc –n shoppingportal Two version of UI deployed each containing 2 container. One is UI container and other is envoy proxy
Ingress using an Istio Gateway 10/19/2018 (C) COPYRIGHT METAMAGIC GLOBAL INC., NEW JERSEY, USA 14 Gateway describes a load balancer operating at the edge of the mesh receiving incoming or outgoing HTTP/TCP connections. The specification describes a set of ports that should be exposed, the type of protocol to use. Let’s see how you can configure a Gateway on port 80 for HTTP traffic. Note: Unlike Kubernetes Ingress Resources, does not include any traffic routing configuration. Traffic routing for ingress traffic is instead configured using Istio routing rules
Virtual Service: Configure routes for traffic entering via the Gateway 10/19/2018 (C) COPYRIGHT METAMAGIC GLOBAL INC., NEW JERSEY, USA 15 A Virtual Service defines a set of traffic routing rules to apply when a host is addressed. Each routing rule defines matching criteria for traffic of a specific protocol. If the traffic is matched, then it is sent to a named destination service Request from any host Route any http request with ”/ui..” to UI service Route any http request with ”/productms..” to Product service Route any http request with ”/productreviewms..” to Product service
Demo – Version 1 10/19/2018 (C) COPYRIGHT METAMAGIC GLOBAL INC., NEW JERSEY, USA 16 Before you start demo, we need to get IP and Port of Ingress gateway. So use below command to get IP and Port. kubectl get svc –n Istio-system Note: As I am using minikube external-ip address is coming as Pending. But on cloud you will be getting actual hostname or IP. • Open the below link in browser and checkout UI http://192.168.99.100:31380/ui/#/catlogue • To Test product and product review microservice endpoints use below curl commands • curl http://192.168.99.100:31380/productms/product/catalogue • curl http://192.168.99.100:31380/productreviewms/productreview/1
Canary Deployment: Traffic routing based on User Agent 10/19/2018 (C) COPYRIGHT METAMAGIC GLOBAL INC., NEW JERSEY, USA 17 The idea behind canary deployment (or rollout) is to introduce a new version of a service by first testing it using a small percentage of user traffic. Any request to UI coming from Firefox browser will be redirected to canary deployment version of UI. If request is from any other browser it will be redirected to stable version. Any request to Product Microservice with header as "end- user:metamagic" will be redirected to canary deployment of product microservice. If header doesn’t matched request will be redirected to stable version.
Canary Deployment: Traffic routing based on Weight 10/19/2018 (C) COPYRIGHT METAMAGIC GLOBAL INC., NEW JERSEY, USA 18 The idea behind canary deployment (or rollout) is to introduce a new version of a service by first testing it using a small percentage of user traffic. 80% of request send to stable and 20% to canary deployment 80% of request send to stable and 20% to canary deployment
10/19/2018 (C) COPYRIGHT METAMAGIC GLOBAL INC., NEW JERSEY, USA 19 Distributed Tracing
Distributed Tracing: Using Istio + Jaeger 10/19/2018 (C) COPYRIGHT METAMAGIC GLOBAL INC., NEW JERSEY, USA 20 This task shows you how Istio-enabled applications can be configured to collect trace spans. When we installed Istio, by default Tracing is enabled. Enable Jaeger console using port forwarding kubectl port-forward -n istio-system $(kubectl get pod -n istio-system -l app=jaeger -o jsonpath='{.items[0].metadata.name}') 16686:16686
Envoy and Open Tracing 10/19/2018 (C) COPYRIGHT METAMAGIC GLOBAL INC., NEW JERSEY, USA 21 Open Tracing is vendor neutral and therefore we also have to supply a tracer implementation. In our microservice example "Product and Product review" we are using JAEGER tracing. Envoy uses B3 propagation which is not enabled in Jaeger by default and has to be registered explicitly. Check Product MS code which explains how to enable. Open Jager Console: http://localhost:16686/search
10/19/2018 (C) COPYRIGHT METAMAGIC GLOBAL INC., NEW JERSEY, USA 22
10/19/2018 (C) COPYRIGHT METAMAGIC GLOBAL INC., NEW JERSEY, USA 23
10/19/2018 (C) COPYRIGHT METAMAGIC GLOBAL INC., NEW JERSEY, USA 24 Visualizing Metrics
Visualizing Metrics with Grafana 10/19/2018 (C) COPYRIGHT METAMAGIC GLOBAL INC., NEW JERSEY, USA 25 • This task shows you how to setup and use the Istio Dashboard to monitor mesh traffic. As part of this task, you will install the Grafana Istio add-on and use the web-based interface for viewing service mesh traffic data. • Verify that the Prometheus and Grafana service is running in your cluster • Open the Istio Dashboard via the Grafana UI kubectl -n istio-system port-forward $(kubectl -n istio-system get pod -l app=grafana -o jsonpath='{.items[0].metadata.name}') 3000:3000 &
10/19/2018 (C) COPYRIGHT METAMAGIC GLOBAL INC., NEW JERSEY, USA 26
10/19/2018 (C) COPYRIGHT METAMAGIC GLOBAL INC., NEW JERSEY, USA 27
10/19/2018 (C) COPYRIGHT METAMAGIC GLOBAL INC., NEW JERSEY, USA 28
Thank You Ketan Gote: Co-Founder / CDO, MetaMagic Global Inc., NJ, USA https://github.com/meta-magic/kubernetes_workshop

Recomendados

Docker Kubernetes Istio
Docker Kubernetes IstioDocker Kubernetes Istio
Docker Kubernetes IstioAraf Karsh Hamid
 
AWS Summit Singapore 2019 | Autoscaling Your Kubernetes Workloads
AWS Summit Singapore 2019 | Autoscaling Your Kubernetes WorkloadsAWS Summit Singapore 2019 | Autoscaling Your Kubernetes Workloads
AWS Summit Singapore 2019 | Autoscaling Your Kubernetes WorkloadsAWS Summits
 
K8s in 3h - Kubernetes Fundamentals Training
K8s in 3h - Kubernetes Fundamentals TrainingK8s in 3h - Kubernetes Fundamentals Training
K8s in 3h - Kubernetes Fundamentals TrainingPiotr Perzyna
 
Orchestrating Microservices with Kubernetes
Orchestrating Microservices with Kubernetes Orchestrating Microservices with Kubernetes
Orchestrating Microservices with Kubernetes Weaveworks
 
Kubernetes - A Comprehensive Overview
Kubernetes - A Comprehensive OverviewKubernetes - A Comprehensive Overview
Kubernetes - A Comprehensive OverviewBob Killen
 
Kubernetes automation in production
Kubernetes automation in productionKubernetes automation in production
Kubernetes automation in productionPaul Bakker
 
Introduction to Kubernetes
Introduction to KubernetesIntroduction to Kubernetes
Introduction to KubernetesPaul Czarkowski
 
From Code to Kubernetes
From Code to KubernetesFrom Code to Kubernetes
From Code to KubernetesDaniel Oliveira Filho
 

Recomendados

Docker Kubernetes Istio
Docker Kubernetes IstioDocker Kubernetes Istio
Docker Kubernetes IstioAraf Karsh Hamid
 
AWS Summit Singapore 2019 | Autoscaling Your Kubernetes Workloads
AWS Summit Singapore 2019 | Autoscaling Your Kubernetes WorkloadsAWS Summit Singapore 2019 | Autoscaling Your Kubernetes Workloads
AWS Summit Singapore 2019 | Autoscaling Your Kubernetes WorkloadsAWS Summits
 
K8s in 3h - Kubernetes Fundamentals Training
K8s in 3h - Kubernetes Fundamentals TrainingK8s in 3h - Kubernetes Fundamentals Training
K8s in 3h - Kubernetes Fundamentals TrainingPiotr Perzyna
 
Orchestrating Microservices with Kubernetes
Orchestrating Microservices with Kubernetes Orchestrating Microservices with Kubernetes
Orchestrating Microservices with Kubernetes Weaveworks
 
Kubernetes - A Comprehensive Overview
Kubernetes - A Comprehensive OverviewKubernetes - A Comprehensive Overview
Kubernetes - A Comprehensive OverviewBob Killen
 
Kubernetes automation in production
Kubernetes automation in productionKubernetes automation in production
Kubernetes automation in productionPaul Bakker
 
Introduction to Kubernetes
Introduction to KubernetesIntroduction to Kubernetes
Introduction to KubernetesPaul Czarkowski
 
From Code to Kubernetes
From Code to KubernetesFrom Code to Kubernetes
From Code to KubernetesDaniel Oliveira Filho
 
WSO2Con US 2015 Kubernetes: a platform for automating deployment, scaling, an...
WSO2Con US 2015 Kubernetes: a platform for automating deployment, scaling, an...WSO2Con US 2015 Kubernetes: a platform for automating deployment, scaling, an...
WSO2Con US 2015 Kubernetes: a platform for automating deployment, scaling, an...Brian Grant
 
Deep dive into Kubernetes Networking
Deep dive into Kubernetes NetworkingDeep dive into Kubernetes Networking
Deep dive into Kubernetes NetworkingSreenivas Makam
 
Kubernetes Architecture | Understanding Kubernetes Components | Kubernetes Tu...
Kubernetes Architecture | Understanding Kubernetes Components | Kubernetes Tu...Kubernetes Architecture | Understanding Kubernetes Components | Kubernetes Tu...
Kubernetes Architecture | Understanding Kubernetes Components | Kubernetes Tu...Edureka!
 
Kubernetes extensibility
Kubernetes extensibilityKubernetes extensibility
Kubernetes extensibilityDocker, Inc.
 
Kubernetes persistence 101
Kubernetes persistence 101Kubernetes persistence 101
Kubernetes persistence 101Kublr
 
Kubernetes Ingress 101
Kubernetes Ingress 101Kubernetes Ingress 101
Kubernetes Ingress 101Kublr
 
Kubernetes Monitoring & Best Practices
Kubernetes Monitoring & Best PracticesKubernetes Monitoring & Best Practices
Kubernetes Monitoring & Best PracticesAjeet Singh Raina
 
Kubernetes basics and hands on exercise
Kubernetes basics and hands on exerciseKubernetes basics and hands on exercise
Kubernetes basics and hands on exerciseCloud Technology Experts
 
Kubernetes - State of the Union (Q1-2016)
Kubernetes - State of the Union (Q1-2016)Kubernetes - State of the Union (Q1-2016)
Kubernetes - State of the Union (Q1-2016)DoiT International
 
Top 3 reasons why you should run your Enterprise workloads on GKE
Top 3 reasons why you should run your Enterprise workloads on GKETop 3 reasons why you should run your Enterprise workloads on GKE
Top 3 reasons why you should run your Enterprise workloads on GKESreenivas Makam
 
Kubernetes 101
Kubernetes 101Kubernetes 101
Kubernetes 101Crevise Technologies
 
Architecture Overview: Kubernetes with Red Hat Enterprise Linux 7.1
Architecture Overview: Kubernetes with Red Hat Enterprise Linux 7.1Architecture Overview: Kubernetes with Red Hat Enterprise Linux 7.1
Architecture Overview: Kubernetes with Red Hat Enterprise Linux 7.1Etsuji Nakai
 
Introduction to kubernetes
Introduction to kubernetesIntroduction to kubernetes
Introduction to kubernetesGabriel Carro
 
Architecture of Cisco Container Platform: A new Enterprise Multi-Cloud Kubern...
Architecture of Cisco Container Platform: A new Enterprise Multi-Cloud Kubern...Architecture of Cisco Container Platform: A new Enterprise Multi-Cloud Kubern...
Architecture of Cisco Container Platform: A new Enterprise Multi-Cloud Kubern...Sanjeev Rampal
 
Introduction to Kubernetes
Introduction to KubernetesIntroduction to Kubernetes
Introduction to Kubernetesrajdeep
 
Load Balancing in the Cloud using Nginx & Kubernetes
Load Balancing in the Cloud using Nginx & KubernetesLoad Balancing in the Cloud using Nginx & Kubernetes
Load Balancing in the Cloud using Nginx & KubernetesLee Calcote
 
Istio canaries and kubernetes
Istio canaries and kubernetesIstio canaries and kubernetes
Istio canaries and kubernetesRed Hat Developers
 
Quick introduction to Kubernetes
Quick introduction to KubernetesQuick introduction to Kubernetes
Quick introduction to KubernetesEduardo Garcia Moyano
 
ОЛЕКСАНДР ЛИПКО «Graceful Shutdown Node.js + k8s» Online WDDay 2021
ОЛЕКСАНДР ЛИПКО «Graceful Shutdown Node.js + k8s» Online WDDay 2021ОЛЕКСАНДР ЛИПКО «Graceful Shutdown Node.js + k8s» Online WDDay 2021
ОЛЕКСАНДР ЛИПКО «Graceful Shutdown Node.js + k8s» Online WDDay 2021WDDay
 
Social Connections 14 - Kubernetes Basics for Connections Admins
Social Connections 14 - Kubernetes Basics for Connections AdminsSocial Connections 14 - Kubernetes Basics for Connections Admins
Social Connections 14 - Kubernetes Basics for Connections Adminspanagenda
 
OSS Japan 2019 service mesh bridging Kubernetes and legacy
OSS Japan 2019 service mesh bridging Kubernetes and legacyOSS Japan 2019 service mesh bridging Kubernetes and legacy
OSS Japan 2019 service mesh bridging Kubernetes and legacySteve Wong
 
Cloud-Native Operations with Kubernetes and CI/CD
Cloud-Native Operations with Kubernetes and CI/CDCloud-Native Operations with Kubernetes and CI/CD
Cloud-Native Operations with Kubernetes and CI/CDVMware Tanzu
 

Mais conteúdo relacionado

Mais procurados

WSO2Con US 2015 Kubernetes: a platform for automating deployment, scaling, an...
WSO2Con US 2015 Kubernetes: a platform for automating deployment, scaling, an...WSO2Con US 2015 Kubernetes: a platform for automating deployment, scaling, an...
WSO2Con US 2015 Kubernetes: a platform for automating deployment, scaling, an...Brian Grant
 
Deep dive into Kubernetes Networking
Deep dive into Kubernetes NetworkingDeep dive into Kubernetes Networking
Deep dive into Kubernetes NetworkingSreenivas Makam
 
Kubernetes Architecture | Understanding Kubernetes Components | Kubernetes Tu...
Kubernetes Architecture | Understanding Kubernetes Components | Kubernetes Tu...Kubernetes Architecture | Understanding Kubernetes Components | Kubernetes Tu...
Kubernetes Architecture | Understanding Kubernetes Components | Kubernetes Tu...Edureka!
 
Kubernetes extensibility
Kubernetes extensibilityKubernetes extensibility
Kubernetes extensibilityDocker, Inc.
 
Kubernetes persistence 101
Kubernetes persistence 101Kubernetes persistence 101
Kubernetes persistence 101Kublr
 
Kubernetes Ingress 101
Kubernetes Ingress 101Kubernetes Ingress 101
Kubernetes Ingress 101Kublr
 
Kubernetes Monitoring & Best Practices
Kubernetes Monitoring & Best PracticesKubernetes Monitoring & Best Practices
Kubernetes Monitoring & Best PracticesAjeet Singh Raina
 
Kubernetes - State of the Union (Q1-2016)
Kubernetes - State of the Union (Q1-2016)Kubernetes - State of the Union (Q1-2016)
Kubernetes - State of the Union (Q1-2016)DoiT International
 
Top 3 reasons why you should run your Enterprise workloads on GKE
Top 3 reasons why you should run your Enterprise workloads on GKETop 3 reasons why you should run your Enterprise workloads on GKE
Top 3 reasons why you should run your Enterprise workloads on GKESreenivas Makam
 
Architecture Overview: Kubernetes with Red Hat Enterprise Linux 7.1
Architecture Overview: Kubernetes with Red Hat Enterprise Linux 7.1Architecture Overview: Kubernetes with Red Hat Enterprise Linux 7.1
Architecture Overview: Kubernetes with Red Hat Enterprise Linux 7.1Etsuji Nakai
 
Introduction to kubernetes
Introduction to kubernetesIntroduction to kubernetes
Introduction to kubernetesGabriel Carro
 
Architecture of Cisco Container Platform: A new Enterprise Multi-Cloud Kubern...
Architecture of Cisco Container Platform: A new Enterprise Multi-Cloud Kubern...Architecture of Cisco Container Platform: A new Enterprise Multi-Cloud Kubern...
Architecture of Cisco Container Platform: A new Enterprise Multi-Cloud Kubern...Sanjeev Rampal
 
Introduction to Kubernetes
Introduction to KubernetesIntroduction to Kubernetes
Introduction to Kubernetesrajdeep
 
Load Balancing in the Cloud using Nginx & Kubernetes
Load Balancing in the Cloud using Nginx & KubernetesLoad Balancing in the Cloud using Nginx & Kubernetes
Load Balancing in the Cloud using Nginx & KubernetesLee Calcote
 
ОЛЕКСАНДР ЛИПКО «Graceful Shutdown Node.js + k8s» Online WDDay 2021
ОЛЕКСАНДР ЛИПКО «Graceful Shutdown Node.js + k8s» Online WDDay 2021ОЛЕКСАНДР ЛИПКО «Graceful Shutdown Node.js + k8s» Online WDDay 2021
ОЛЕКСАНДР ЛИПКО «Graceful Shutdown Node.js + k8s» Online WDDay 2021WDDay
 
Social Connections 14 - Kubernetes Basics for Connections Admins
Social Connections 14 - Kubernetes Basics for Connections AdminsSocial Connections 14 - Kubernetes Basics for Connections Admins
Social Connections 14 - Kubernetes Basics for Connections Adminspanagenda
 

Mais procurados (20)

WSO2Con US 2015 Kubernetes: a platform for automating deployment, scaling, an...
WSO2Con US 2015 Kubernetes: a platform for automating deployment, scaling, an...WSO2Con US 2015 Kubernetes: a platform for automating deployment, scaling, an...
WSO2Con US 2015 Kubernetes: a platform for automating deployment, scaling, an...
 
Deep dive into Kubernetes Networking
Deep dive into Kubernetes NetworkingDeep dive into Kubernetes Networking
Deep dive into Kubernetes Networking
 
Kubernetes Architecture | Understanding Kubernetes Components | Kubernetes Tu...
Kubernetes Architecture | Understanding Kubernetes Components | Kubernetes Tu...Kubernetes Architecture | Understanding Kubernetes Components | Kubernetes Tu...
Kubernetes Architecture | Understanding Kubernetes Components | Kubernetes Tu...
 
Kubernetes extensibility
Kubernetes extensibilityKubernetes extensibility
Kubernetes extensibility
 
Kubernetes persistence 101
Kubernetes persistence 101Kubernetes persistence 101
Kubernetes persistence 101
 
Kubernetes Ingress 101
Kubernetes Ingress 101Kubernetes Ingress 101
Kubernetes Ingress 101
 
Kubernetes Monitoring & Best Practices
Kubernetes Monitoring & Best PracticesKubernetes Monitoring & Best Practices
Kubernetes Monitoring & Best Practices
 
Kubernetes basics and hands on exercise
Kubernetes basics and hands on exerciseKubernetes basics and hands on exercise
Kubernetes basics and hands on exercise
 
Kubernetes - State of the Union (Q1-2016)
Kubernetes - State of the Union (Q1-2016)Kubernetes - State of the Union (Q1-2016)
Kubernetes - State of the Union (Q1-2016)
 
Top 3 reasons why you should run your Enterprise workloads on GKE
Top 3 reasons why you should run your Enterprise workloads on GKETop 3 reasons why you should run your Enterprise workloads on GKE
Top 3 reasons why you should run your Enterprise workloads on GKE
 
Kubernetes 101
Kubernetes 101Kubernetes 101
Kubernetes 101
 
Architecture Overview: Kubernetes with Red Hat Enterprise Linux 7.1
Architecture Overview: Kubernetes with Red Hat Enterprise Linux 7.1Architecture Overview: Kubernetes with Red Hat Enterprise Linux 7.1
Architecture Overview: Kubernetes with Red Hat Enterprise Linux 7.1
 
Introduction to kubernetes
Introduction to kubernetesIntroduction to kubernetes
Introduction to kubernetes
 
Architecture of Cisco Container Platform: A new Enterprise Multi-Cloud Kubern...
Architecture of Cisco Container Platform: A new Enterprise Multi-Cloud Kubern...Architecture of Cisco Container Platform: A new Enterprise Multi-Cloud Kubern...
Architecture of Cisco Container Platform: A new Enterprise Multi-Cloud Kubern...
 
Introduction to Kubernetes
Introduction to KubernetesIntroduction to Kubernetes
Introduction to Kubernetes
 
Load Balancing in the Cloud using Nginx & Kubernetes
Load Balancing in the Cloud using Nginx & KubernetesLoad Balancing in the Cloud using Nginx & Kubernetes
Load Balancing in the Cloud using Nginx & Kubernetes
 
Istio canaries and kubernetes
Istio canaries and kubernetesIstio canaries and kubernetes
Istio canaries and kubernetes
 
Quick introduction to Kubernetes
Quick introduction to KubernetesQuick introduction to Kubernetes
Quick introduction to Kubernetes
 
ОЛЕКСАНДР ЛИПКО «Graceful Shutdown Node.js + k8s» Online WDDay 2021
ОЛЕКСАНДР ЛИПКО «Graceful Shutdown Node.js + k8s» Online WDDay 2021ОЛЕКСАНДР ЛИПКО «Graceful Shutdown Node.js + k8s» Online WDDay 2021
ОЛЕКСАНДР ЛИПКО «Graceful Shutdown Node.js + k8s» Online WDDay 2021
 
Social Connections 14 - Kubernetes Basics for Connections Admins
Social Connections 14 - Kubernetes Basics for Connections AdminsSocial Connections 14 - Kubernetes Basics for Connections Admins
Social Connections 14 - Kubernetes Basics for Connections Admins
 

Semelhante a Kubernetes and Istio

OSS Japan 2019 service mesh bridging Kubernetes and legacy
OSS Japan 2019 service mesh bridging Kubernetes and legacyOSS Japan 2019 service mesh bridging Kubernetes and legacy
OSS Japan 2019 service mesh bridging Kubernetes and legacySteve Wong
 
Cloud-Native Operations with Kubernetes and CI/CD
Cloud-Native Operations with Kubernetes and CI/CDCloud-Native Operations with Kubernetes and CI/CD
Cloud-Native Operations with Kubernetes and CI/CDVMware Tanzu
 
Behind the Code 'September 2022 // by Exness
Behind the Code 'September 2022 // by ExnessBehind the Code 'September 2022 // by Exness
Behind the Code 'September 2022 // by ExnessMaxim Gaponov
 
AWS 고객사를 위한 ‘AWS 컨테이너 교육’ - 유재석, AWS 솔루션즈 아키텍트
AWS 고객사를 위한 ‘AWS 컨테이너 교육’ - 유재석, AWS 솔루션즈 아키텍트AWS 고객사를 위한 ‘AWS 컨테이너 교육’ - 유재석, AWS 솔루션즈 아키텍트
AWS 고객사를 위한 ‘AWS 컨테이너 교육’ - 유재석, AWS 솔루션즈 아키텍트Amazon Web Services Korea
 
Migrating from IBM API Connect v5 to v2018
Migrating from IBM API Connect v5 to v2018Migrating from IBM API Connect v5 to v2018
Migrating from IBM API Connect v5 to v2018Natalia Kataoka
 
Automatically scaling your Kubernetes workloads - SVC210-S - Santa Clara AWS ...
Automatically scaling your Kubernetes workloads - SVC210-S - Santa Clara AWS ...Automatically scaling your Kubernetes workloads - SVC210-S - Santa Clara AWS ...
Automatically scaling your Kubernetes workloads - SVC210-S - Santa Clara AWS ...Amazon Web Services
 
Deploy and scale your first cloud application with Amazon Lightsail - CMP202 ...
Deploy and scale your first cloud application with Amazon Lightsail - CMP202 ...Deploy and scale your first cloud application with Amazon Lightsail - CMP202 ...
Deploy and scale your first cloud application with Amazon Lightsail - CMP202 ...Amazon Web Services
 
Matt Johnson - My developer journey towards true hybrid cloud with Kubernetes...
Matt Johnson - My developer journey towards true hybrid cloud with Kubernetes...Matt Johnson - My developer journey towards true hybrid cloud with Kubernetes...
Matt Johnson - My developer journey towards true hybrid cloud with Kubernetes...Codemotion
 
DevOps monitoring: Best Practices using OpenShift combined with Icinga & Big ...
DevOps monitoring: Best Practices using OpenShift combined with Icinga & Big ...DevOps monitoring: Best Practices using OpenShift combined with Icinga & Big ...
DevOps monitoring: Best Practices using OpenShift combined with Icinga & Big ...Icinga
 
The Future of Service Mesh
The Future of Service MeshThe Future of Service Mesh
The Future of Service MeshAll Things Open
 
GCP - Continuous Integration and Delivery into Kubernetes with GitHub, Travis...
GCP - Continuous Integration and Delivery into Kubernetes with GitHub, Travis...GCP - Continuous Integration and Delivery into Kubernetes with GitHub, Travis...
GCP - Continuous Integration and Delivery into Kubernetes with GitHub, Travis...Oleg Shalygin
 
Week 4 lecture material cc (1)
Week 4 lecture material cc (1)Week 4 lecture material cc (1)
Week 4 lecture material cc (1)Ankit Gupta
 
20160221 va interconnect_pub
20160221 va interconnect_pub20160221 va interconnect_pub
20160221 va interconnect_pubCanturk Isci
 
Ultimate Guide to Microservice Architecture on Kubernetes
Ultimate Guide to Microservice Architecture on KubernetesUltimate Guide to Microservice Architecture on Kubernetes
Ultimate Guide to Microservice Architecture on Kuberneteskloia
 
20191201 kubernetes managed weblogic revival - part 2
20191201 kubernetes managed weblogic revival - part 220191201 kubernetes managed weblogic revival - part 2
20191201 kubernetes managed weblogic revival - part 2makker_nl
 
Minikube – get Connections in the smalles possible setup
Minikube – get Connections in the smalles possible setupMinikube – get Connections in the smalles possible setup
Minikube – get Connections in the smalles possible setupMartin Schmidt
 
深探如何使用-Amazon-EKS-與-Prometheus-進行雲端監控
深探如何使用-Amazon-EKS-與-Prometheus-進行雲端監控深探如何使用-Amazon-EKS-與-Prometheus-進行雲端監控
深探如何使用-Amazon-EKS-與-Prometheus-進行雲端監控Amazon Web Services
 
Deep-Dive-with-Cloud-Monitoring-with-Amazon-EKS-and-Prometheus
Deep-Dive-with-Cloud-Monitoring-with-Amazon-EKS-and-PrometheusDeep-Dive-with-Cloud-Monitoring-with-Amazon-EKS-and-Prometheus
Deep-Dive-with-Cloud-Monitoring-with-Amazon-EKS-and-PrometheusAmazon Web Services
 
The Kubernetes WebLogic revival (part 2)
The Kubernetes WebLogic revival (part 2)The Kubernetes WebLogic revival (part 2)
The Kubernetes WebLogic revival (part 2)Simon Haslam
 
Hands-On Introduction to Kubernetes at LISA17
Hands-On Introduction to Kubernetes at LISA17Hands-On Introduction to Kubernetes at LISA17
Hands-On Introduction to Kubernetes at LISA17Ryan Jarvinen
 

Semelhante a Kubernetes and Istio (20)

OSS Japan 2019 service mesh bridging Kubernetes and legacy
OSS Japan 2019 service mesh bridging Kubernetes and legacyOSS Japan 2019 service mesh bridging Kubernetes and legacy
OSS Japan 2019 service mesh bridging Kubernetes and legacy
 
Cloud-Native Operations with Kubernetes and CI/CD
Cloud-Native Operations with Kubernetes and CI/CDCloud-Native Operations with Kubernetes and CI/CD
Cloud-Native Operations with Kubernetes and CI/CD
 
Behind the Code 'September 2022 // by Exness
Behind the Code 'September 2022 // by ExnessBehind the Code 'September 2022 // by Exness
Behind the Code 'September 2022 // by Exness
 
AWS 고객사를 위한 ‘AWS 컨테이너 교육’ - 유재석, AWS 솔루션즈 아키텍트
AWS 고객사를 위한 ‘AWS 컨테이너 교육’ - 유재석, AWS 솔루션즈 아키텍트AWS 고객사를 위한 ‘AWS 컨테이너 교육’ - 유재석, AWS 솔루션즈 아키텍트
AWS 고객사를 위한 ‘AWS 컨테이너 교육’ - 유재석, AWS 솔루션즈 아키텍트
 
Migrating from IBM API Connect v5 to v2018
Migrating from IBM API Connect v5 to v2018Migrating from IBM API Connect v5 to v2018
Migrating from IBM API Connect v5 to v2018
 
Automatically scaling your Kubernetes workloads - SVC210-S - Santa Clara AWS ...
Automatically scaling your Kubernetes workloads - SVC210-S - Santa Clara AWS ...Automatically scaling your Kubernetes workloads - SVC210-S - Santa Clara AWS ...
Automatically scaling your Kubernetes workloads - SVC210-S - Santa Clara AWS ...
 
Deploy and scale your first cloud application with Amazon Lightsail - CMP202 ...
Deploy and scale your first cloud application with Amazon Lightsail - CMP202 ...Deploy and scale your first cloud application with Amazon Lightsail - CMP202 ...
Deploy and scale your first cloud application with Amazon Lightsail - CMP202 ...
 
Matt Johnson - My developer journey towards true hybrid cloud with Kubernetes...
Matt Johnson - My developer journey towards true hybrid cloud with Kubernetes...Matt Johnson - My developer journey towards true hybrid cloud with Kubernetes...
Matt Johnson - My developer journey towards true hybrid cloud with Kubernetes...
 
DevOps monitoring: Best Practices using OpenShift combined with Icinga & Big ...
DevOps monitoring: Best Practices using OpenShift combined with Icinga & Big ...DevOps monitoring: Best Practices using OpenShift combined with Icinga & Big ...
DevOps monitoring: Best Practices using OpenShift combined with Icinga & Big ...
 
The Future of Service Mesh
The Future of Service MeshThe Future of Service Mesh
The Future of Service Mesh
 
GCP - Continuous Integration and Delivery into Kubernetes with GitHub, Travis...
GCP - Continuous Integration and Delivery into Kubernetes with GitHub, Travis...GCP - Continuous Integration and Delivery into Kubernetes with GitHub, Travis...
GCP - Continuous Integration and Delivery into Kubernetes with GitHub, Travis...
 
Week 4 lecture material cc (1)
Week 4 lecture material cc (1)Week 4 lecture material cc (1)
Week 4 lecture material cc (1)
 
20160221 va interconnect_pub
20160221 va interconnect_pub20160221 va interconnect_pub
20160221 va interconnect_pub
 
Ultimate Guide to Microservice Architecture on Kubernetes
Ultimate Guide to Microservice Architecture on KubernetesUltimate Guide to Microservice Architecture on Kubernetes
Ultimate Guide to Microservice Architecture on Kubernetes
 
20191201 kubernetes managed weblogic revival - part 2
20191201 kubernetes managed weblogic revival - part 220191201 kubernetes managed weblogic revival - part 2
20191201 kubernetes managed weblogic revival - part 2
 
Minikube – get Connections in the smalles possible setup
Minikube – get Connections in the smalles possible setupMinikube – get Connections in the smalles possible setup
Minikube – get Connections in the smalles possible setup
 
深探如何使用-Amazon-EKS-與-Prometheus-進行雲端監控
深探如何使用-Amazon-EKS-與-Prometheus-進行雲端監控深探如何使用-Amazon-EKS-與-Prometheus-進行雲端監控
深探如何使用-Amazon-EKS-與-Prometheus-進行雲端監控
 
Deep-Dive-with-Cloud-Monitoring-with-Amazon-EKS-and-Prometheus
Deep-Dive-with-Cloud-Monitoring-with-Amazon-EKS-and-PrometheusDeep-Dive-with-Cloud-Monitoring-with-Amazon-EKS-and-Prometheus
Deep-Dive-with-Cloud-Monitoring-with-Amazon-EKS-and-Prometheus
 
The Kubernetes WebLogic revival (part 2)
The Kubernetes WebLogic revival (part 2)The Kubernetes WebLogic revival (part 2)
The Kubernetes WebLogic revival (part 2)
 
Hands-On Introduction to Kubernetes at LISA17
Hands-On Introduction to Kubernetes at LISA17Hands-On Introduction to Kubernetes at LISA17
Hands-On Introduction to Kubernetes at LISA17
 

Último

Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfMoving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfLoriGlavin3
 
Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...
Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...
Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...itnewsafrica
 
Connecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdfConnecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdfNeo4j
 
Top 10 Hubspot Development Companies in 2024
Top 10 Hubspot Development Companies in 2024Top 10 Hubspot Development Companies in 2024
Top 10 Hubspot Development Companies in 2024TopCSSGallery
 
Glenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security ObservabilityGlenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security Observabilityitnewsafrica
 
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...Nikki Chapple
 
Landscape Catalogue 2024 Australia-1.pdf
Landscape Catalogue 2024 Australia-1.pdfLandscape Catalogue 2024 Australia-1.pdf
Landscape Catalogue 2024 Australia-1.pdfAarwolf Industries LLC
 
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxLoriGlavin3
 
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxThe Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxLoriGlavin3
 
Design pattern talk by Kaya Weers - 2024 (v2)
Design pattern talk by Kaya Weers - 2024 (v2)Design pattern talk by Kaya Weers - 2024 (v2)
Design pattern talk by Kaya Weers - 2024 (v2)Kaya Weers
 
Data governance with Unity Catalog Presentation
Data governance with Unity Catalog PresentationData governance with Unity Catalog Presentation
Data governance with Unity Catalog PresentationKnoldus Inc.
 
Potential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsPotential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsRavi Sanghani
 
Zeshan Sattar- Assessing the skill requirements and industry expectations for...
Zeshan Sattar- Assessing the skill requirements and industry expectations for...Zeshan Sattar- Assessing the skill requirements and industry expectations for...
Zeshan Sattar- Assessing the skill requirements and industry expectations for...itnewsafrica
 
Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)
Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)
Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)Mark Simos
 
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotes
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotesMuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotes
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotesManik S Magar
 
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesHow to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesThousandEyes
 
Email Marketing Automation for Bonterra Impact Management (fka Social Solutio...
Email Marketing Automation for Bonterra Impact Management (fka Social Solutio...Email Marketing Automation for Bonterra Impact Management (fka Social Solutio...
Email Marketing Automation for Bonterra Impact Management (fka Social Solutio...Jeffrey Haguewood
 
Bridging Between CAD & GIS: 6 Ways to Automate Your Data Integration
Bridging Between CAD & GIS: 6 Ways to Automate Your Data IntegrationBridging Between CAD & GIS: 6 Ways to Automate Your Data Integration
Bridging Between CAD & GIS: 6 Ways to Automate Your Data Integrationmarketing932765
 
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...Alkin Tezuysal
 
QCon London: Mastering long-running processes in modern architectures
QCon London: Mastering long-running processes in modern architecturesQCon London: Mastering long-running processes in modern architectures
QCon London: Mastering long-running processes in modern architecturesBernd Ruecker
 

Último (20)

Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfMoving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdf
 
Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...
Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...
Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...
 
Connecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdfConnecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdf
 
Top 10 Hubspot Development Companies in 2024
Top 10 Hubspot Development Companies in 2024Top 10 Hubspot Development Companies in 2024
Top 10 Hubspot Development Companies in 2024
 
Glenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security ObservabilityGlenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security Observability
 
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
 
Landscape Catalogue 2024 Australia-1.pdf
Landscape Catalogue 2024 Australia-1.pdfLandscape Catalogue 2024 Australia-1.pdf
Landscape Catalogue 2024 Australia-1.pdf
 
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
 
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxThe Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
 
Design pattern talk by Kaya Weers - 2024 (v2)
Design pattern talk by Kaya Weers - 2024 (v2)Design pattern talk by Kaya Weers - 2024 (v2)
Design pattern talk by Kaya Weers - 2024 (v2)
 
Data governance with Unity Catalog Presentation
Data governance with Unity Catalog PresentationData governance with Unity Catalog Presentation
Data governance with Unity Catalog Presentation
 
Potential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsPotential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and Insights
 
Zeshan Sattar- Assessing the skill requirements and industry expectations for...
Zeshan Sattar- Assessing the skill requirements and industry expectations for...Zeshan Sattar- Assessing the skill requirements and industry expectations for...
Zeshan Sattar- Assessing the skill requirements and industry expectations for...
 
Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)
Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)
Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)
 
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotes
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotesMuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotes
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotes
 
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesHow to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
 
Email Marketing Automation for Bonterra Impact Management (fka Social Solutio...
Email Marketing Automation for Bonterra Impact Management (fka Social Solutio...Email Marketing Automation for Bonterra Impact Management (fka Social Solutio...
Email Marketing Automation for Bonterra Impact Management (fka Social Solutio...
 
Bridging Between CAD & GIS: 6 Ways to Automate Your Data Integration
Bridging Between CAD & GIS: 6 Ways to Automate Your Data IntegrationBridging Between CAD & GIS: 6 Ways to Automate Your Data Integration
Bridging Between CAD & GIS: 6 Ways to Automate Your Data Integration
 
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
 
QCon London: Mastering long-running processes in modern architectures
QCon London: Mastering long-running processes in modern architecturesQCon London: Mastering long-running processes in modern architectures
QCon London: Mastering long-running processes in modern architectures
 

Kubernetes and Istio

  • 1. Kubernetes / Istio Ketan Gote: Co-Founder / CDO, MetaMagic Global Inc., NJ, USA
  • 2. Agenda 10/19/2018 (C) COPYRIGHT METAMAGIC GLOBAL INC., NEW JERSEY, USA 2 • Istio Introduction • Setup • Shopping Portal Microservice Deployment • Canary Deployment • Routing Rules based on User Agent and Weight • Distributed Tracing • Visualizing Metrics
  • 3. Microservice In Kubernetes Clusters 10/19/2018 (C) COPYRIGHT METAMAGIC GLOBAL INC., NEW JERSEY, USA 3 INGRESS MS App1 Service Endpoints MS App2 Service Endpoints MS App1 Pod MS App1 Pod MS App1 Pod MS App2 Pod MS App2 Pod MS App2 Pod • No Retries • No Timeout • No Routing decisions • No intelligent load balancing • No Encryption • No Access Controls • No Log Tracing • No Access Control Load balancer
  • 4. Microservice In Istio 10/19/2018 (C) COPYRIGHT METAMAGIC GLOBAL INC., NEW JERSEY, USA 4 Virtual Service Load balancer Gateway MS App1 Service Endpoints Destination Rules MS App2 Service Endpoints Destination Rules MS App2 Envoy Proxy POD MS App1 Envoy Proxy POD Pilot Mixer Citadel Policy, Telemetry TLSConfig Data Control Plane API • Specify retries • Specify Timeout • Routing decisions • Intelligent load balancing • Encryption • Access Controls • Log Tracing • Access Control Benefits of Istio
  • 5. Istio Setup 10/19/2018 (C) COPYRIGHT METAMAGIC GLOBAL INC., NEW JERSEY, USA 5 Follow below sets to install Istio: • wget https://github.com/istio/istio/releases/download/1.0.2/istio-1.0.2-linux.tar.gz • tar -xzvf istio-1.0.2-linux.tar.gz • cd istio-1.0.2 • echo 'export PATH="$PATH:/home/ubuntu/istio-1.0.2/bin"' >> ~/.profile • type "istioctl" to confirm path is setup properly If you are using minikube make sure you have enabled ingress, metric-server & heapster.
  • 6. Istio Setup 10/19/2018 (C) COPYRIGHT METAMAGIC GLOBAL INC., NEW JERSEY, USA 6 Apply CRDS: • kubectl apply -f ~/istio-1.0.2/install/kubernetes/helm/istio/templates/crds.yaml Option 1: With no mutual TLS authentication • kubectl apply -f ~/istio-1.0.2/install/kubernetes/istio-demo.yaml Option 2: or with mutual TLS authentication • kubectl apply -f ~/istio-1.0.2/install/kubernetes/istio-demo-auth.yaml Installation Verification kubectl get pods -n istio-system kubectl get svc -n istio-system
  • 7. Shopping Portal Demo Microservice 10/19/2018 (C) COPYRIGHT METAMAGIC GLOBAL INC., NEW JERSEY, USA 7 This Demo Application deployment consist of four components • UI – Build using Angular • MYSQL – Database for storing and retrieving data • Product Review Microservice • Endpoint exposed to get reviews based on product • Product Microservice • Endpoints exposed to fetch product and get product details, when product specific details are fetched it internally calls product review microservice to get review. Note: Deployment architecture diagram in next slide.
  • 8. Shopping Portal - Istio /ui /productms /productreview Gateway Virtual Service UI Pod UI Pod UI Pod UI Service Product Pod Product Pod Product Pod Product Service Review Pod Review Pod Review Pod Review Service MySQL Pod Deployment / Replica / Pod N1 N2 N2 N4 N1 N3 N4 N3 NodesIstio Sidecar - Envoy Destination Rule Destination Rule Destination Rule Load Balancer Kubernetes Objects Istio Objects Firewall Pilot Mixer CitadelIstio Control Plane Service Call Kube DNS EndPoints EndPoints EndPoints Internal Load Balancers
  • 9. Installing the sidecar 10/19/2018 (C) COPYRIGHT METAMAGIC GLOBAL INC., NEW JERSEY, USA 9 Each pod in the mesh must be running in Istio compatible sidecar. There are multiple way to inject sidecar Manually or Automatic. • Manual Injection using command: $ istioctl kube-inject -f samples/sleep/sleep.yaml | kubectl apply -f – • In our application we will be creating namespace which has Istio-injection enabled. So every deployment which happens within that namespaces has sidecar deployed automatically. • Below namespace configuration is present on Git $ kubectl create -f https://raw.githubusercontent.com/meta-magic/kubernetes_workshop/master/yaml/istio/shopping-ns.yaml • Use below command to create namespace
  • 10. Create MySQL POD 10/19/2018 (C) COPYRIGHT METAMAGIC GLOBAL INC., NEW JERSEY, USA 10 Deploy below configuration YAML using kubectl. This will create MYSQL Pod, Service, Persistence volume. • kubectl create -f https://raw.githubusercontent.com/meta-magic/kubernetes_workshop/master/yaml/mysqlfiles/mysql-secret.yaml • kubectl create -f https://raw.githubusercontent.com/metamagic/kubernetes_workshop/master/yaml/mysqlfiles/mysql-pv.yaml • kubectl create -f https://raw.githubusercontent.com/metamagic/kubernetes_workshop/master/yaml/mysqlfiles/mysql-pvc.yaml • kubectl create -f https://raw.githubusercontent.com/metamagic/kubernetes_workshop/master/yaml/mysqlfiles/mysql-dep.yaml • kubectl create -f https://raw.githubusercontent.com/metamagic/kubernetes_workshop/master/yaml/mysqlfiles/mysql-svc.yaml • Use below commands to see pods and service running. • kubectl get pods,svc –n shoppingportal You can see 2 container running in mysql POD. One is mysql container and other is envoy proxy
  • 11. Deploy Product Microservice 10/19/2018 (C) COPYRIGHT METAMAGIC GLOBAL INC., NEW JERSEY, USA 11 We will be deploying two version of Product Microservice i.e. v1 (stable) and v2 (canary). As we are having multiple version we need to provide destination rules. When we deploy virtual-service we will be adding routing rules to direct traffic to v2 based on some rules. • Deploy below configuration YAML using kubectl. This will create Product Microservice Pod, Service. kubectl create -f https://raw.githubusercontent.com/metamagic/kubernetes_workshop/master/yaml/istio/product/product-v1.yaml kubectl create -f https://raw.githubusercontent.com/metamagic/kubernetes_workshop/master/yaml/istio/product/product-v2.yaml kubectl create -f https://raw.githubusercontent.com/metamagic/kubernetes_workshop/master/yaml/istio/product/product-destination.yaml kubectl create -f https://raw.githubusercontent.com/metamagic/kubernetes_workshop/master/yaml/istio/product/product-service.yaml • Use below command to see number of POD and service running. • kubectl get pods,svc –n shoppingportal Two version of product microservice deployed each containing 2 container. One is product microservice container and other is envoy proxy
  • 12. Deploy Review Microservice 10/19/2018 (C) COPYRIGHT METAMAGIC GLOBAL INC., NEW JERSEY, USA 12 • Deploy below configuration YAML using kubectl. This will create Product Review Microservice Pod, Service. kubectl create -f https://raw.githubusercontent.com/metamagic/kubernetes_workshop/master/yaml/istio/productreview/productreview-v1.yaml kubectl create -f https://raw.githubusercontent.com/meta-magic/kubernetes_workshop/master/yaml/istio/productreview/productreview-service.yaml • Use below command to see number of POD and service running. kubectl get pods,svc –n shoppingportal You can see 2 container running in Product Review POD. One is product microservice container and other is envoy proxy
  • 13. Deploy UI 10/19/2018 (C) COPYRIGHT METAMAGIC GLOBAL INC., NEW JERSEY, USA 13 We will be deploying two version of UI i.e. v1 (stable) and v2 (canary). As we are having multiple version we need to provide destination rules. When we deploy virtual-service we will be adding routing rules to direct traffic to v2 based on some rules. • Deploy below configuration YAML using kubectl. This will create UI Pod, Service. kubectl create -f https://raw.githubusercontent.com/meta-magic/kubernetes_workshop/master/yaml/istio/ui/ui-v1.yaml kubectl create -f https://raw.githubusercontent.com/meta-magic/kubernetes_workshop/master/yaml/istio/ui/ui-v2.yaml kubectl create -f https://raw.githubusercontent.com/meta-magic/kubernetes_workshop/master/yaml/istio/ui/ui-destination.yaml kubectl create -f https://raw.githubusercontent.com/meta-magic/kubernetes_workshop/master/yaml/istio/ui/ui-service.yaml • Use below command to see number of POD and service running. kubectl get pods,svc –n shoppingportal Two version of UI deployed each containing 2 container. One is UI container and other is envoy proxy
  • 14. Ingress using an Istio Gateway 10/19/2018 (C) COPYRIGHT METAMAGIC GLOBAL INC., NEW JERSEY, USA 14 Gateway describes a load balancer operating at the edge of the mesh receiving incoming or outgoing HTTP/TCP connections. The specification describes a set of ports that should be exposed, the type of protocol to use. Let’s see how you can configure a Gateway on port 80 for HTTP traffic. Note: Unlike Kubernetes Ingress Resources, does not include any traffic routing configuration. Traffic routing for ingress traffic is instead configured using Istio routing rules
  • 15. Virtual Service: Configure routes for traffic entering via the Gateway 10/19/2018 (C) COPYRIGHT METAMAGIC GLOBAL INC., NEW JERSEY, USA 15 A Virtual Service defines a set of traffic routing rules to apply when a host is addressed. Each routing rule defines matching criteria for traffic of a specific protocol. If the traffic is matched, then it is sent to a named destination service Request from any host Route any http request with ”/ui..” to UI service Route any http request with ”/productms..” to Product service Route any http request with ”/productreviewms..” to Product service
  • 16. Demo – Version 1 10/19/2018 (C) COPYRIGHT METAMAGIC GLOBAL INC., NEW JERSEY, USA 16 Before you start demo, we need to get IP and Port of Ingress gateway. So use below command to get IP and Port. kubectl get svc –n Istio-system Note: As I am using minikube external-ip address is coming as Pending. But on cloud you will be getting actual hostname or IP. • Open the below link in browser and checkout UI http://192.168.99.100:31380/ui/#/catlogue • To Test product and product review microservice endpoints use below curl commands • curl http://192.168.99.100:31380/productms/product/catalogue • curl http://192.168.99.100:31380/productreviewms/productreview/1
  • 17. Canary Deployment: Traffic routing based on User Agent 10/19/2018 (C) COPYRIGHT METAMAGIC GLOBAL INC., NEW JERSEY, USA 17 The idea behind canary deployment (or rollout) is to introduce a new version of a service by first testing it using a small percentage of user traffic. Any request to UI coming from Firefox browser will be redirected to canary deployment version of UI. If request is from any other browser it will be redirected to stable version. Any request to Product Microservice with header as "end- user:metamagic" will be redirected to canary deployment of product microservice. If header doesn’t matched request will be redirected to stable version.
  • 18. Canary Deployment: Traffic routing based on Weight 10/19/2018 (C) COPYRIGHT METAMAGIC GLOBAL INC., NEW JERSEY, USA 18 The idea behind canary deployment (or rollout) is to introduce a new version of a service by first testing it using a small percentage of user traffic. 80% of request send to stable and 20% to canary deployment 80% of request send to stable and 20% to canary deployment
  • 19. 10/19/2018 (C) COPYRIGHT METAMAGIC GLOBAL INC., NEW JERSEY, USA 19 Distributed Tracing
  • 20. Distributed Tracing: Using Istio + Jaeger 10/19/2018 (C) COPYRIGHT METAMAGIC GLOBAL INC., NEW JERSEY, USA 20 This task shows you how Istio-enabled applications can be configured to collect trace spans. When we installed Istio, by default Tracing is enabled. Enable Jaeger console using port forwarding kubectl port-forward -n istio-system $(kubectl get pod -n istio-system -l app=jaeger -o jsonpath='{.items[0].metadata.name}') 16686:16686
  • 21. Envoy and Open Tracing 10/19/2018 (C) COPYRIGHT METAMAGIC GLOBAL INC., NEW JERSEY, USA 21 Open Tracing is vendor neutral and therefore we also have to supply a tracer implementation. In our microservice example "Product and Product review" we are using JAEGER tracing. Envoy uses B3 propagation which is not enabled in Jaeger by default and has to be registered explicitly. Check Product MS code which explains how to enable. Open Jager Console: http://localhost:16686/search
  • 22. 10/19/2018 (C) COPYRIGHT METAMAGIC GLOBAL INC., NEW JERSEY, USA 22
  • 23. 10/19/2018 (C) COPYRIGHT METAMAGIC GLOBAL INC., NEW JERSEY, USA 23
  • 24. 10/19/2018 (C) COPYRIGHT METAMAGIC GLOBAL INC., NEW JERSEY, USA 24 Visualizing Metrics
  • 25. Visualizing Metrics with Grafana 10/19/2018 (C) COPYRIGHT METAMAGIC GLOBAL INC., NEW JERSEY, USA 25 • This task shows you how to setup and use the Istio Dashboard to monitor mesh traffic. As part of this task, you will install the Grafana Istio add-on and use the web-based interface for viewing service mesh traffic data. • Verify that the Prometheus and Grafana service is running in your cluster • Open the Istio Dashboard via the Grafana UI kubectl -n istio-system port-forward $(kubectl -n istio-system get pod -l app=grafana -o jsonpath='{.items[0].metadata.name}') 3000:3000 &
  • 26. 10/19/2018 (C) COPYRIGHT METAMAGIC GLOBAL INC., NEW JERSEY, USA 26
  • 27. 10/19/2018 (C) COPYRIGHT METAMAGIC GLOBAL INC., NEW JERSEY, USA 27
  • 28. 10/19/2018 (C) COPYRIGHT METAMAGIC GLOBAL INC., NEW JERSEY, USA 28
  • 29. Thank You Ketan Gote: Co-Founder / CDO, MetaMagic Global Inc., NJ, USA https://github.com/meta-magic/kubernetes_workshop