sail in the cloud
TRANSCRIPT
![Page 1: Sail In The Cloud](https://reader031.vdocuments.mx/reader031/viewer/2022030319/5aac89377f8b9a435e8b4d83/html5/thumbnails/1.jpg)
Sail in the CloudAn Introduction to Istio
Alex Soto @alexsotob
![Page 2: Sail In The Cloud](https://reader031.vdocuments.mx/reader031/viewer/2022030319/5aac89377f8b9a435e8b4d83/html5/thumbnails/2.jpg)
@alexsotob2
Alex Soto
Red Hat Engineer
www.lordofthejars.com
@alexsotob
Who Am I?
![Page 3: Sail In The Cloud](https://reader031.vdocuments.mx/reader031/viewer/2022030319/5aac89377f8b9a435e8b4d83/html5/thumbnails/3.jpg)
@alexsotob3
https://www.manning.com/books/testing-java-microservices
![Page 4: Sail In The Cloud](https://reader031.vdocuments.mx/reader031/viewer/2022030319/5aac89377f8b9a435e8b4d83/html5/thumbnails/4.jpg)
@alexsotob4
![Page 5: Sail In The Cloud](https://reader031.vdocuments.mx/reader031/viewer/2022030319/5aac89377f8b9a435e8b4d83/html5/thumbnails/5.jpg)
@alexsotob5
Questions
![Page 6: Sail In The Cloud](https://reader031.vdocuments.mx/reader031/viewer/2022030319/5aac89377f8b9a435e8b4d83/html5/thumbnails/6.jpg)
@alexsotob6
Our IT World Morphs
![Page 7: Sail In The Cloud](https://reader031.vdocuments.mx/reader031/viewer/2022030319/5aac89377f8b9a435e8b4d83/html5/thumbnails/7.jpg)
@alexsotob7
![Page 8: Sail In The Cloud](https://reader031.vdocuments.mx/reader031/viewer/2022030319/5aac89377f8b9a435e8b4d83/html5/thumbnails/8.jpg)
@alexsotob8
Microservices Core Principles
MyService
Monitoring
Tracing
Discovery
API
Invocation
Resilience
Pipeline
Authentication
Logging Elasticity
![Page 9: Sail In The Cloud](https://reader031.vdocuments.mx/reader031/viewer/2022030319/5aac89377f8b9a435e8b4d83/html5/thumbnails/9.jpg)
@alexsotob9
Your Stack Matters
Server Hardware
Operating System
Application Server
your.war
Java Virtual Machine
Custom Configuration
Linux Kernel Version & Distribution
Java 1.7.0_67
Tomcat, Wildfly, Jetty
JDBC driver, JMS queue, users
![Page 10: Sail In The Cloud](https://reader031.vdocuments.mx/reader031/viewer/2022030319/5aac89377f8b9a435e8b4d83/html5/thumbnails/10.jpg)
@alexsotob10
DevOps Challenges for Multiple Containers▪ How to scale? ▪ How to avoid port conflicts? ▪ How to manage them on
multiple hosts? ▪ What happens if a host has
trouble? ▪ How to keep them running? ▪ How to update them? ▪ Where are my containers?
Node
Node Node
Node Node
Logger
Node
![Page 11: Sail In The Cloud](https://reader031.vdocuments.mx/reader031/viewer/2022030319/5aac89377f8b9a435e8b4d83/html5/thumbnails/11.jpg)
@alexsotob11
ssh docker run
ssh docker run
ssh docker run
![Page 12: Sail In The Cloud](https://reader031.vdocuments.mx/reader031/viewer/2022030319/5aac89377f8b9a435e8b4d83/html5/thumbnails/12.jpg)
@alexsotob12
![Page 13: Sail In The Cloud](https://reader031.vdocuments.mx/reader031/viewer/2022030319/5aac89377f8b9a435e8b4d83/html5/thumbnails/13.jpg)
@alexsotob13
▪ Greek for “Helmsman,” also the root of the word “Governor” (from latin: gubernator)
▪ Container orchestrator ▪ Supports multiple cloud and bare-metal
environments ▪ Inspired by Google’s experience with containers ▪ Open source, written in Go ▪ Manage applications, not machines
Meet Kubernetes
![Page 14: Sail In The Cloud](https://reader031.vdocuments.mx/reader031/viewer/2022030319/5aac89377f8b9a435e8b4d83/html5/thumbnails/14.jpg)
@alexsotob14
Kubernetes Cluster
Ops
Dev
Master
api
etcd
scheduler
controllers
Node
Node Node
Node Node
Logger
Node
![Page 15: Sail In The Cloud](https://reader031.vdocuments.mx/reader031/viewer/2022030319/5aac89377f8b9a435e8b4d83/html5/thumbnails/15.jpg)
@alexsotob15
Kubernetes Cluster
PodReplicationController/
DeploymentService Label
✓ 1+ containers ✓ Shared IP ✓ Shared storage volume ✓ Shared resources ✓ Shared lifecycle
✓ Ensures that a specified number of pod replicas are running at any one time
✓ Grouping of pods (acting as one) has stable virtual IP and DNS name
✓ Key/Value pairs associated with Kubernetes objects(env=production)
![Page 16: Sail In The Cloud](https://reader031.vdocuments.mx/reader031/viewer/2022030319/5aac89377f8b9a435e8b4d83/html5/thumbnails/16.jpg)
@alexsotob16
PodsA group of whales is commonly referred to as a pod and a pod usually consists a group of whales that have bonded together either because of biological reasons or through friendships developed between two or more whales.
In many cases a typical whale pod consists of anywhere from 2 to 30 whales or more.*
*http://www.whalefacts.org/what-is-a-group-of-whales-called/
![Page 17: Sail In The Cloud](https://reader031.vdocuments.mx/reader031/viewer/2022030319/5aac89377f8b9a435e8b4d83/html5/thumbnails/17.jpg)
@alexsotob
Deploy Something To Kubernetes
17
![Page 18: Sail In The Cloud](https://reader031.vdocuments.mx/reader031/viewer/2022030319/5aac89377f8b9a435e8b4d83/html5/thumbnails/18.jpg)
@alexsotob18
![Page 19: Sail In The Cloud](https://reader031.vdocuments.mx/reader031/viewer/2022030319/5aac89377f8b9a435e8b4d83/html5/thumbnails/19.jpg)
@alexsotob19
SCM(Git/Svn)
Master
API Server
Service Layer
VirtualPhysical Private Public
Persistent Storage
Node Node
Logger
Node
Node Node Node
Dev
Ops
CI/CD
Automation
Routing LayerRegistry
SDN Overlay Network
Controllers - Scheduler - Deployments - Services - Builds - Routes - DeploymentConfigs
Kubernetes
OpenShift - Builds - ImageStreams
![Page 20: Sail In The Cloud](https://reader031.vdocuments.mx/reader031/viewer/2022030319/5aac89377f8b9a435e8b4d83/html5/thumbnails/20.jpg)
@alexsotob20
DEMO
Demo1: https://www.youtube.com/watch?v=jTX-Lg73nXA
Demo2: https://www.youtube.com/watch?v=lj4NE0mcxFY
![Page 21: Sail In The Cloud](https://reader031.vdocuments.mx/reader031/viewer/2022030319/5aac89377f8b9a435e8b4d83/html5/thumbnails/21.jpg)
@alexsotob21
Lead Time
![Page 22: Sail In The Cloud](https://reader031.vdocuments.mx/reader031/viewer/2022030319/5aac89377f8b9a435e8b4d83/html5/thumbnails/22.jpg)
@alexsotob22
Blue-Green Deployments
![Page 23: Sail In The Cloud](https://reader031.vdocuments.mx/reader031/viewer/2022030319/5aac89377f8b9a435e8b4d83/html5/thumbnails/23.jpg)
Starts with a “git commit and git push”
Blue/Green Deployment
DEVELOPMENT QA STAGING PRODUCTION ROUTER USERS
BUILDSCM
![Page 24: Sail In The Cloud](https://reader031.vdocuments.mx/reader031/viewer/2022030319/5aac89377f8b9a435e8b4d83/html5/thumbnails/24.jpg)
Blue/Green Deployment
DEVELOPMENT QA STAGING PRODUCTION ROUTER USERS
BUILDSCM
![Page 25: Sail In The Cloud](https://reader031.vdocuments.mx/reader031/viewer/2022030319/5aac89377f8b9a435e8b4d83/html5/thumbnails/25.jpg)
Blue/Green Deployment
DEVELOPMENT QA STAGING PRODUCTION ROUTER USERS
BUILDSCM
![Page 26: Sail In The Cloud](https://reader031.vdocuments.mx/reader031/viewer/2022030319/5aac89377f8b9a435e8b4d83/html5/thumbnails/26.jpg)
Blue/Green Deployment
DEVELOPMENT QA STAGING PRODUCTION ROUTER USERS
BUILDSCM
![Page 27: Sail In The Cloud](https://reader031.vdocuments.mx/reader031/viewer/2022030319/5aac89377f8b9a435e8b4d83/html5/thumbnails/27.jpg)
Blue/Green Deployment
DEVELOPMENT QA STAGING PRODUCTION ROUTER USERS
BUILDSCM
![Page 28: Sail In The Cloud](https://reader031.vdocuments.mx/reader031/viewer/2022030319/5aac89377f8b9a435e8b4d83/html5/thumbnails/28.jpg)
Blue/Green Deployment
DEVELOPMENT QA STAGING PRODUCTION ROUTER USERS
SCM
![Page 29: Sail In The Cloud](https://reader031.vdocuments.mx/reader031/viewer/2022030319/5aac89377f8b9a435e8b4d83/html5/thumbnails/29.jpg)
Blue/Green Deployment
DEVELOPMENT QA STAGING PRODUCTION ROUTER USERS
SCM
![Page 30: Sail In The Cloud](https://reader031.vdocuments.mx/reader031/viewer/2022030319/5aac89377f8b9a435e8b4d83/html5/thumbnails/30.jpg)
@alexsotob30
Canary Release
![Page 31: Sail In The Cloud](https://reader031.vdocuments.mx/reader031/viewer/2022030319/5aac89377f8b9a435e8b4d83/html5/thumbnails/31.jpg)
Canary Deployment
DEVELOPMENT QA STAGING PRODUCTION ROUTER USERS
SCM
![Page 32: Sail In The Cloud](https://reader031.vdocuments.mx/reader031/viewer/2022030319/5aac89377f8b9a435e8b4d83/html5/thumbnails/32.jpg)
Canary Deployment
DEVELOPMENT QA STAGING PRODUCTION ROUTER USERS
SCM
![Page 33: Sail In The Cloud](https://reader031.vdocuments.mx/reader031/viewer/2022030319/5aac89377f8b9a435e8b4d83/html5/thumbnails/33.jpg)
Canary Deployment
DEVELOPMENT QA STAGING PRODUCTION ROUTER USERS
SCM
![Page 34: Sail In The Cloud](https://reader031.vdocuments.mx/reader031/viewer/2022030319/5aac89377f8b9a435e8b4d83/html5/thumbnails/34.jpg)
Canary Deployment
DEVELOPMENT QA STAGING PRODUCTION ROUTER USERS
SCM
![Page 35: Sail In The Cloud](https://reader031.vdocuments.mx/reader031/viewer/2022030319/5aac89377f8b9a435e8b4d83/html5/thumbnails/35.jpg)
Canary Deployment
DEVELOPMENT QA STAGING PRODUCTION ROUTER USERS
SCM
![Page 36: Sail In The Cloud](https://reader031.vdocuments.mx/reader031/viewer/2022030319/5aac89377f8b9a435e8b4d83/html5/thumbnails/36.jpg)
Canary Deployment
DEVELOPMENT QA STAGING PRODUCTION ROUTER USERS
SCM
![Page 37: Sail In The Cloud](https://reader031.vdocuments.mx/reader031/viewer/2022030319/5aac89377f8b9a435e8b4d83/html5/thumbnails/37.jpg)
Canary Deployment
DEVELOPMENT QA STAGING PRODUCTION ROUTER USERS
SCM
![Page 38: Sail In The Cloud](https://reader031.vdocuments.mx/reader031/viewer/2022030319/5aac89377f8b9a435e8b4d83/html5/thumbnails/38.jpg)
Canary Deployment
DEVELOPMENT QA STAGING PRODUCTION ROUTER USERS
SCM
![Page 39: Sail In The Cloud](https://reader031.vdocuments.mx/reader031/viewer/2022030319/5aac89377f8b9a435e8b4d83/html5/thumbnails/39.jpg)
Canary Deployment
DEVELOPMENT QA STAGING PRODUCTION ROUTER USERS
SCM
![Page 40: Sail In The Cloud](https://reader031.vdocuments.mx/reader031/viewer/2022030319/5aac89377f8b9a435e8b4d83/html5/thumbnails/40.jpg)
Canary Deployment
DEVELOPMENT QA STAGING PRODUCTION ROUTER USERS
SCM
![Page 41: Sail In The Cloud](https://reader031.vdocuments.mx/reader031/viewer/2022030319/5aac89377f8b9a435e8b4d83/html5/thumbnails/41.jpg)
@alexsotob41
Dark Launches
![Page 42: Sail In The Cloud](https://reader031.vdocuments.mx/reader031/viewer/2022030319/5aac89377f8b9a435e8b4d83/html5/thumbnails/42.jpg)
Dark Launches
DEVELOPMENT QA STAGING PRODUCTION ROUTER USERS
SCM
INTERNAL USERS
![Page 43: Sail In The Cloud](https://reader031.vdocuments.mx/reader031/viewer/2022030319/5aac89377f8b9a435e8b4d83/html5/thumbnails/43.jpg)
Dark Launches
DEVELOPMENT QA STAGING PRODUCTION ROUTER USERS
SCM
![Page 44: Sail In The Cloud](https://reader031.vdocuments.mx/reader031/viewer/2022030319/5aac89377f8b9a435e8b4d83/html5/thumbnails/44.jpg)
@alexsotob44
![Page 45: Sail In The Cloud](https://reader031.vdocuments.mx/reader031/viewer/2022030319/5aac89377f8b9a435e8b4d83/html5/thumbnails/45.jpg)
@alexsotob45
Microservices Core Principles
MyService
Monitoring
Tracing
Discovery
API
Invocation
Resilience
Pipeline
Authentication
Logging Elasticity
![Page 46: Sail In The Cloud](https://reader031.vdocuments.mx/reader031/viewer/2022030319/5aac89377f8b9a435e8b4d83/html5/thumbnails/46.jpg)
@alexsotob46
As we move to services architectures, we push the complexity to the space between our services
CHRISTIAN POSTA
![Page 47: Sail In The Cloud](https://reader031.vdocuments.mx/reader031/viewer/2022030319/5aac89377f8b9a435e8b4d83/html5/thumbnails/47.jpg)
@alexsotob47
NETFLIX Ribbon
Config Server
Java Microservices Platform circa 2016
![Page 48: Sail In The Cloud](https://reader031.vdocuments.mx/reader031/viewer/2022030319/5aac89377f8b9a435e8b4d83/html5/thumbnails/48.jpg)
@alexsotob48
Istio
Java Microservices Platform circa 2018
![Page 49: Sail In The Cloud](https://reader031.vdocuments.mx/reader031/viewer/2022030319/5aac89377f8b9a435e8b4d83/html5/thumbnails/49.jpg)
@alexsotob49
What If…
Service
Proxy
crosscutting concerns
network traffic
![Page 50: Sail In The Cloud](https://reader031.vdocuments.mx/reader031/viewer/2022030319/5aac89377f8b9a435e8b4d83/html5/thumbnails/50.jpg)
@alexsotob50
… more explicitly
Service A
Proxy
Proxy
Service B
Proxy
Service B
Proxy
![Page 51: Sail In The Cloud](https://reader031.vdocuments.mx/reader031/viewer/2022030319/5aac89377f8b9a435e8b4d83/html5/thumbnails/51.jpg)
@alexsotob51
![Page 52: Sail In The Cloud](https://reader031.vdocuments.mx/reader031/viewer/2022030319/5aac89377f8b9a435e8b4d83/html5/thumbnails/52.jpg)
@alexsotob52
▪ Service proxy ▪ Highly parallel, non-blocking ▪ L3/4 network filter ▪ Out of the box L7 filters ▪ HTTP 2, including gRPC ▪ Baked in service discovery/health checking ▪ Advanced load balancing ▪ stats, metrics, tracing ▪ dynamic configuration through xDS
Meet Envoy
![Page 53: Sail In The Cloud](https://reader031.vdocuments.mx/reader031/viewer/2022030319/5aac89377f8b9a435e8b4d83/html5/thumbnails/53.jpg)
@alexsotob53
In reality
Service
Service
Service
![Page 54: Sail In The Cloud](https://reader031.vdocuments.mx/reader031/viewer/2022030319/5aac89377f8b9a435e8b4d83/html5/thumbnails/54.jpg)
@alexsotob54
▪ Greek word for “sail” ▪ Fleet configuration ▪ Routing and Load-Balancing control ▪ Observability ▪ Chaos Testing ▪ Security Options
Istio To Rescue
![Page 55: Sail In The Cloud](https://reader031.vdocuments.mx/reader031/viewer/2022030319/5aac89377f8b9a435e8b4d83/html5/thumbnails/55.jpg)
@alexsotob55
Istio Control Plane
PodContainer
JVM
Service A
Envoy Side-car
PodContainer
JVM
Service B
Envoy Side-car
PodContainer
JVM
Service C
Envoy Side-car
HTTP1.1, HTTP2, gRPC, TCP w/TLS
HTTP1.1, HTTP2, gRPC, TCP w/TLS
HTTP1.1, HTTP2, gRPC, TCP w/TLS
Istio Pilot Istio Mixer Istio Auth
istioctl, API, config Quota, TelemetryRate Limiting, ACL
CA, SPIFFE
Istio Data Plane
![Page 56: Sail In The Cloud](https://reader031.vdocuments.mx/reader031/viewer/2022030319/5aac89377f8b9a435e8b4d83/html5/thumbnails/56.jpg)
@alexsotob
Running Istio
56
![Page 57: Sail In The Cloud](https://reader031.vdocuments.mx/reader031/viewer/2022030319/5aac89377f8b9a435e8b4d83/html5/thumbnails/57.jpg)
@alexsotob57
![Page 58: Sail In The Cloud](https://reader031.vdocuments.mx/reader031/viewer/2022030319/5aac89377f8b9a435e8b4d83/html5/thumbnails/58.jpg)
@alexsotob
Canary Release
58
![Page 59: Sail In The Cloud](https://reader031.vdocuments.mx/reader031/viewer/2022030319/5aac89377f8b9a435e8b4d83/html5/thumbnails/59.jpg)
@alexsotob
Blocking
59
![Page 60: Sail In The Cloud](https://reader031.vdocuments.mx/reader031/viewer/2022030319/5aac89377f8b9a435e8b4d83/html5/thumbnails/60.jpg)
@alexsotob
Fault Injection
60
![Page 61: Sail In The Cloud](https://reader031.vdocuments.mx/reader031/viewer/2022030319/5aac89377f8b9a435e8b4d83/html5/thumbnails/61.jpg)
@alexsotob61
DEMO
Demo1: https://www.youtube.com/watch?v=CSd91BoG-sc
![Page 62: Sail In The Cloud](https://reader031.vdocuments.mx/reader031/viewer/2022030319/5aac89377f8b9a435e8b4d83/html5/thumbnails/62.jpg)
@alexsotob62
![Page 63: Sail In The Cloud](https://reader031.vdocuments.mx/reader031/viewer/2022030319/5aac89377f8b9a435e8b4d83/html5/thumbnails/63.jpg)
@alexsotob63
![Page 64: Sail In The Cloud](https://reader031.vdocuments.mx/reader031/viewer/2022030319/5aac89377f8b9a435e8b4d83/html5/thumbnails/64.jpg)
@alexsotob64
Let’s Wind Down
![Page 65: Sail In The Cloud](https://reader031.vdocuments.mx/reader031/viewer/2022030319/5aac89377f8b9a435e8b4d83/html5/thumbnails/65.jpg)
@alexsotob65
![Page 66: Sail In The Cloud](https://reader031.vdocuments.mx/reader031/viewer/2022030319/5aac89377f8b9a435e8b4d83/html5/thumbnails/66.jpg)
“Change is the essential process of all of existence.”
—SPOCK
![Page 67: Sail In The Cloud](https://reader031.vdocuments.mx/reader031/viewer/2022030319/5aac89377f8b9a435e8b4d83/html5/thumbnails/67.jpg)
@alexsotob67