Diese Präsentation wurde erfolgreich gemeldet.
Wir verwenden Ihre LinkedIn Profilangaben und Informationen zu Ihren Aktivitäten, um Anzeigen zu personalisieren und Ihnen relevantere Inhalte anzuzeigen. Sie können Ihre Anzeigeneinstellungen jederzeit ändern.

Istio - A Service Mesh for Microservices as Scale

125 Aufrufe

Veröffentlicht am

Manage microservices on Kubernetes using the open source Istio service mesh from IBM, Google, and Lyft. In this presentation we explore the overall value and architecture of Istio and walk through key mechanisms for using Istio to drive highly secure microservices. We will also demonstrate the various features of Istio showing how to intelligently load balance traffic between services, conduct A/B tests, release canaries, and more.

Veröffentlicht in: Technologie
  • Als Erste(r) kommentieren

Istio - A Service Mesh for Microservices as Scale

  1. 1. Ram Vennam IBM Cloud Kubernetes Service @ramvennam Istio Connect, manage and secure microservices at scale
  2. 2. Agenda • Fundamentals • Kubernetes Overview • Managed Kubernetes • Problem Statement • Istio • Istio Demo • Q&A IBM Cloud Kubernetes Service | ©2018 IBM Corporation
  3. 3. Working with Microservices
  4. 4. IBM Cloud Kubernetes Service | ©2018 IBM Corporation An engineering approach focused on decomposing an application into single- function modules with well defined interfaces which are independently deployed and operated by a small team who owns the entire lifecycle of the service. Microservices accelerate delivery by minimizing communication and coordination between people while reducing the scope and risk of change. Microservices
  5. 5. 5
  6. 6. 6
  7. 7. A standard way to package an application and all its dependencies so that it can be moved between environments and run without changes. Containers work by isolating the differences between applications inside the container so that everything outside the container can be standardized. Containers IBM Cloud Kubernetes Service | ©2018 IBM Corporation
  8. 8. Why Containers Work? Dan the Developer Worries about what’s “inside” the container • His code • His Libraries • His Package Manager • His Apps • His Data All servers look the same Oscar the Ops Guy Worries about what’s “outside” the container • Logging • Remote access • Monitoring • Network config All containers start, stop, copy, attach, migrate, etc. the same way Separation of concerns
  9. 9. Allows users to define how to coordinate the containers in the cloud when the multi-container packaged application is deployed. • Scheduling • Cluster management • Service discovery • Provisioning • Monitoring • Configuration management Container Orchestration
  10. 10. Kubernetes Capabilities
  11. 11. Intelligent Scheduling Self-healing Horizontal scaling Service discovery & load balancing Automated rollouts and rollbacks Secret and configuration management IBM Cloud Kubernetes Service | ©2018 IBM Corporation
  12. 12. Slide Title Goes Here IBM Cloud Kubernetes Service | ©2018 IBM Corporation Kubernetes Architecture API UI CLI Kubernetes Master Worker Node 1 Worker Node 2 Worker Node 3 Worker Node n Registry • Etcd • API Server • Controller Manager Server • Scheduler Server
  13. 13. Container Ecosystem
  14. 14. IBM Cloud Kubernetes Service | ©2018 IBM Corporation Which do you prefer?
  15. 15. Managed Kubernetes Capabilities
  16. 16. Simplified cluster management Extend with IBM Cloud & Watson Container security & isolation Design your own cluster Native open-source experience Integrated operational tools IBM Cloud Kubernetes Service | ©2018 IBM Corporation
  17. 17. IBM Cloud Kubernetes Service | ©2018 IBM Corporation More things to consider! • Security • Canary deployments • A/B testing • Circuit breaking • Rate limiting • Fault injection • Policy management Add client libraries into each microservice?!
  18. 18. http://istio.io
  19. 19. Slide Title Goes Here IBM Cloud Kubernetes Service | ©2018 IBM Corporation Intelligent Routing and Load Balancing Resiliency across Languages and Platforms Fleet Wide Policy Enforcement In-Depth Telemetry and Reporting Istio Features
  20. 20. IBM Cloud Istio 1.0 After ~2 years of work ~200 developers IBM, Google, VMWare, Cisco, Red Hat, Tigera, others… Many adapters Many customers Istio in Action Istio Partners State of Istio
  21. 21. How does it work? UI Order container pod
  22. 22. IBM Cloud Kubernetes Service | ©2018 IBM Corporation Envoy intercepts requests UI Order Policy container pod container check policies
  23. 23. IBM Cloud Kubernetes Service | ©2018 IBM Corporation Report telemetry data UI Order container pod container Policy TelemetryPilot Citadel report
  24. 24. IBM Cloud Kubernetes Service | ©2018 IBM Corporation Pilot UI Order container pod container Policy TelemetryPilot Citadel config certs
  25. 25. Citadel
  26. 26. IBM Cloud Kubernetes Service | ©2018 IBM Corporation Istio Architecture
  27. 27. Istio examples kubectl apply –f my-rule.yaml
  28. 28. https://istio.io/docs/examples/bookinfo/ Sample: BookInfo
  29. 29. IBM Cloud Kubernetes Service | ©2018 IBM Corporation Request Routing Canary Testing Route user:jason to reviews:v2 Others still get reviews:v1
  30. 30. IBM Cloud Kubernetes Service | ©2018 IBM Corporation Traffic Shifting 50% -> v1 50% -> v3
  31. 31. IBM Cloud Kubernetes Service | ©2018 IBM Corporation Rate Limits 5000 requests per 1s ratings: 100 requests per 1s
  32. 32. IBM Cloud Kubernetes Service | ©2018 IBM Corporation Delay Injection Inject 7 second delay
  33. 33. IBM Cloud Kubernetes Service | ©2018 IBM Corporation Fault Injection jason: Return with Error 500
  34. 34. IBM Cloud Kubernetes Service | ©2018 IBM Corporation Circuit Breaking Max 1 concurrent connection & request
  35. 35. IBM Cloud Kubernetes Service | ©2018 IBM Corporation Telemetry
  36. 36. Demo
  37. 37. https://istio.io/docs/examples/bookinfo/ Sample: BookInfo
  38. 38. Thank You!

×