SlideShare ist ein Scribd-Unternehmen logo

Istio as an enabler for migrating to microservices (edition 2022)

Ahmed Misbah
Ahmed Misbah

This session is targeted towards teams and organizations considering to migrate their applications from monolithic to Microservice architecture by proposing Istio as an enabler. Istio is an implementation of service mesh, a technology useful for migrating to Microservices iteratively and safely. Migrating application architectures to Microservices is considered a key area of transformation in the IT world. Modernizing legacy applications to Kubernetes-based Microservices can prove to be very challenging if not planned correctly, taking into consideration the right technologies and enablers. This session explains how Istio can be used as a bridge and enabler for modernizing legacy monolithic applications to Microservices. Topics covered in the session will include: 1- Advantages of migrating to Microservices and service mesh . 2- Designing a Microservice application based on splitting an existing monolithic application. 3- Implementing Microservices iteratively as a strangler fig application with Istio. 4- Features Istio provides as a service mesh platform.

Software
1 von 56
Ahmed MISBAH - 22/09/2022 Istio as an enabler for migrating to Microservices 2022 edition
About the speaker Role and previous talks • Chief Software Engineer • Speaker at: ‣ DevOpsDays Cairo ‣ AMECSE ‣ Orange DevTest Days ‣ GDG ‣ Delta Technopreneurs ‣ JDC
About the speaker Topics of interest • DevOps • Agile and Lean • Cloud-Native Apps and beyond • Software Architecture • Java • FOSS • Arti fi cial Intelligence and ML
About the speaker Experience • 9 years at Orange Innovation Egypt • Delivered two award winning innovative solutions • Worked at two startups • Helped many others! • Winner of Dell Hacktrick 2022 UI/UX track • MSc. degree in ML and many other professional certi fi cations Nile University J;.lll ~l:J.. Qtertifirate (3/'~ This is to certify that Ahmed Mahmoud Amir Misbah •••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••• Has successfully completed the program of study and fulfilled the requirements for BigData & Data Science Diploma for the period from October 2015 to July 2016 ...f:.!.l...~'!!~~!.tf....El..#.!(!.~.1.. INF Program Director ~~.__QI II C.a.::::a..;r:q;;; AU J M IW fl , : ~t '-M4' October 2016 · ····························••- •·············· Date
Istio as an enabler for migrating to Microservices Agenda • Why migrate? • The migration • After the migration
Istio as an enabler for migrating to Microservices Agenda ➡ Why migrate? • The migration • After the migration
Why migrate? Digital Transformation - Past and Present Development Process Application Architecture Deployment and Packaging Application Infrastructure Waterfall Agile DevOps Monolithic N-Tier | SOA Microservices Physical Servers Virtual Server Containers Datacenter Hosted Cloud
Why migrate? Why Microservices? Microservices enable organizations to evolve their structure and technology stack through structuring their application(s) as a collection of services that are: • Organized around business capabilities • Owned by a small team • Independently deployable • Loosely coupled • Highly maintainable and testable
Why migrate? Why Microservices? • Technology Heterogeneity • Ease of Deployment • Scaling • Robustness • Composability
Istio as an enabler for migrating to Microservices Agenda • Why migrate? ➡ The migration • After the migration
The migration Microservice Architecture Challenges 1. Learning Curve 2. Monitoring 3. Troubleshooting and debugging 4. Handling failures 5. Security 6. Testing 7. Latency 8. Data Consistency 9. Infrastructure provisioning 10. Deployment
The migration Non-functional requirements (NFRs) Challenge Solution Technology Monitoring, Troubleshooting, Debugging Observability ? Handling failures Design Patterns: Retry pattern, circuit breaker pattern ? Security Mutual TLS ? Testing Chaos Engineering ? Deployment Deployment Strategies ? Scaling, Load Balancing Advanced Tra ffi c Management ?
The migration Enter Service Mesh • A Service Mesh is a dedicated communication layer for facilitating service-to-service communications between Microservices using a proxy (often as a sidecar). • Having such a dedicated communication layer can provide a number of bene fi ts, such as: • Providing observability into communications, • Providing secure connections, • Automating retries and backo ff for failed requests, • Tra ffi c management (e.g., Load Balancing), • Many deployment strategies (Canary, blue-green, etc.), • Separating the business logic of the application from the previous points
The migration Enter Istio Istio is an open source Service Mesh that helps organizations run distributed, Microservices-based apps anywhere. Istio enables organizations to secure, connect, and monitor Microservices, so they can modernize their enterprise applications more swiftly and securely.
The migration Why Istio? • Tra ffi c Management ‣ Virtual Services ‣ Destination Rules ‣ Gateways ‣ Service enteries ‣ Sidecars • Security (ICM, Authentication and Authorization) • Observability (Metrics, Distributed Tracing, Access Logs)
The migration Why Istio? • K8s native (i.e., extensibility and all other K8s goodies) • Free and Open Source (FOSS) • Relies on other FOSS (Envoy, Jaeger, Prometheus, Grafana, Kiali, etc.)
The migration Migration Approaches 1. Big Bang Approach: Creating a new application from scratch 2. Incremental Approach: Gradually migrate to Microservice Architecture Big Bang Approach Gradual Approach
The migration Incremental Approach • Monolithic functionalities can be extracted gradually to be implemented in Microservices by splitting the monolithic application based on business capabilities, teams, or sub-domain (DDD). • Such Microservices include business functionalities exposed as API calls. They can also access the monolithic database or have their own autonomous database. • Many patterns exist for splitting monolithic application. One of the most useful and commonly used techniques is the Strangler Fig Application.
The migration Strangler Fig Application Pattern • The idea of Strangler Fig Application Pattern is to have the new system initially supported by the existing system. • The old and the new systems can coexist, giving the new system time to grow and potentially entirely replace the old system. 
The migration Bene fi ts of Incremental Approach and Strangler Fig • Allows new evolutions to be delivered during the migration phase. • The new system will always be up-to-date. • Zero Downtime Deployments (ZDD).
The migration Stages of Strangler Fig Application Pattern 1. Identify: identify parts of the legacy application that will be migrated. DDD can be used to identify various bounded contexts 2. Transform: implement this functionality in a new Microservice 3. Co-exist: leave the existing module in the legacy application as is. Incrementally re-route calls from the monolith to the new micro service 4. Eliminate: once the tra ffi c is completely redirected to the micro service, eliminate the legacy module
Sample Application
Sample Application
Sample Application Assumptions • Legacy application is a modular monolith • Deployment will be on a public cloud • K8s cluster is installed with Istio • Legacy monolithic application does not run in a container • Complete DB decomposition will not be covered +
Sample Application Stage 1 - Identify
Sample Application Stage 2 & 3 - Transform & Co-exist • CI pipeline of application should be modi fi ed so as to package monolithic application as a container image and upload it to an artifact repository or container registry • CD pipeline should be con fi gured so as to trigger the deployment of the application to K8s • An Istio Ingress Gateway should be deployed and con fi gured to route all tra ffi c to the monolithic application • DNS should be con fi gured so as to map your domains to the new K8s cluster K8s Node K8s Pod Envoy Proxy Monolith Cloud Load Balancer / Istio Ingress Gateway Clients
K8s Node K8s Pod Envoy Proxy Monolith Cloud Load Balancer / Istio Ingress Gateway Clients
K8s Node K8s Pod Envoy Proxy Monolith Cloud Load Balancer / Istio Ingress Gateway Clients K8s Pod Envoy Proxy Microservice 1
K8s Node K8s Pod Envoy Proxy Monolith Cloud Load Balancer / Istio Ingress Gateway Clients K8s Pod Envoy Proxy Microservice 2 K8s Pod Envoy Proxy Microservice 1
K8s Node Cloud Load Balancer / Istio Ingress Gateway Clients K8s Pod Envoy Proxy Microservice 2 K8s Pod Envoy Proxy Microservice 4 K8s Pod Envoy Proxy Microservice 3 K8s Pod Envoy Proxy Microservice 1 K8s Pod Envoy Proxy Monolith
Sample Application Stage 4 - Eliminate K8s Node Cloud Load Balancer / Istio Ingress Gateway Clients K8s Pod Envoy Proxy Microservice 2 K8s Pod Envoy Proxy Microservice 4 K8s Pod Envoy Proxy Microservice 3 K8s Pod Envoy Proxy Microservice 1
Sample Application DB Migration • You can start with a shared DB, • Then start decomposing the DB using a pattern, • Finally, you should end up with one DB per Microservice. • Istio Egress controller can be used to control tra ffi c to the DB if it will be used as a service and not deployed within the K8s cluster
Cloud Load Balancer / Istio Ingress Gateway Clients K8s Pod Envoy Proxy Microservice 2 K8s Pod Envoy Proxy Microservice 4 K8s Pod Envoy Proxy Microservice 3 K8s Pod Envoy Proxy Microservice 1 K8s Node Istio Egress Gateway Shared DB
Cloud Load Balancer / Istio Ingress Gateway Clients K8s Pod Envoy Proxy Microservice 2 K8s Pod Envoy Proxy Microservice 4 K8s Pod Envoy Proxy Microservice 3 K8s Pod Envoy Proxy Microservice 1 K8s Node Istio Egress Gateway DB 1 DB 2 DB 3 DB 4
Istio as an enabler for migrating to Microservices Agenda • Why migrate? • The migration ➡ After the migration
Traffic Management
Traffic Management Load Balancing
Traffic Management Releases - Canary Releases
Traffic Management Rate Limiting • Global Rate Limit • Local Rate Limit
Chaos Engineering
Chaos Engineering Fault Injection • HTTP delay fault • HTTP abort fault
Failure Handling
Failure Handling Circuit Breaker
Security
Security Features • Certi fi cate Management • Authentication • Authorization • TLS con fi guration
Observability
Observability Kiali
Observability Grafana
Observability Prometheus
Observability Jaeger
One last thing…….
It’s not all sunshine and roses! Istio drawbacks and challenges • Latency from adding sidecar proxies (solved by eBPF) • Multi-cluster, multi-cloud, and multi-tenant support (solved by Tetrate) • Con fi guring Control Plane components • K8s lock-in • Using only one of its features
Thank you!
References
Book a free call to arrange a workshop • DevOps Maturity Assessment workshop • DevOps for Enterprises workshop • Microservice Architecture workshop • Serverless Architectures workshop • CI/CD workshop • Hands-on DevOps mentorship Scan to book a free call

Empfohlen

Migrating to Microservices Patterns and Technologies (edition 2023)
Migrating to Microservices Patterns and Technologies (edition 2023) Migrating to Microservices Patterns and Technologies (edition 2023)
Migrating to Microservices Patterns and Technologies (edition 2023)
Ahmed Misbah
 
Istio as an Enabler for Migrating Monolithic Applications to Microservices v1.3
Istio as an Enabler for Migrating Monolithic Applications to Microservices v1.3Istio as an Enabler for Migrating Monolithic Applications to Microservices v1.3
Istio as an Enabler for Migrating Monolithic Applications to Microservices v1.3
Ahmed Misbah
 
Application Centric Microservices from Redhat Summit 2015
Application Centric Microservices from Redhat Summit 2015Application Centric Microservices from Redhat Summit 2015
Application Centric Microservices from Redhat Summit 2015
Ken Owens
 
Do You Need A Service Mesh?
Do You Need A Service Mesh?Do You Need A Service Mesh?
Do You Need A Service Mesh?
NGINX, Inc.
 
Do I Need A Service Mesh.pptx
Do I Need A Service Mesh.pptxDo I Need A Service Mesh.pptx
Do I Need A Service Mesh.pptx
PINGXIONG3
 
Istio Mesh – Managing Container Deployments at Scale
Istio Mesh – Managing Container Deployments at ScaleIstio Mesh – Managing Container Deployments at Scale
Istio Mesh – Managing Container Deployments at Scale
Mofizur Rahman
 
Manging Container Deployments at Scale
Manging Container Deployments at ScaleManging Container Deployments at Scale
Manging Container Deployments at Scale
Mofizur Rahman
 
Newt global meetup microservices
Newt global meetup microservicesNewt global meetup microservices
Newt global meetup microservices
Venkatnadhan Thirunalai
 

Empfohlen

Migrating to Microservices Patterns and Technologies (edition 2023)
Migrating to Microservices Patterns and Technologies (edition 2023) Migrating to Microservices Patterns and Technologies (edition 2023)
Migrating to Microservices Patterns and Technologies (edition 2023)
Ahmed Misbah
 
Istio as an Enabler for Migrating Monolithic Applications to Microservices v1.3
Istio as an Enabler for Migrating Monolithic Applications to Microservices v1.3Istio as an Enabler for Migrating Monolithic Applications to Microservices v1.3
Istio as an Enabler for Migrating Monolithic Applications to Microservices v1.3
Ahmed Misbah
 
Application Centric Microservices from Redhat Summit 2015
Application Centric Microservices from Redhat Summit 2015Application Centric Microservices from Redhat Summit 2015
Application Centric Microservices from Redhat Summit 2015
Ken Owens
 
Do You Need A Service Mesh?
Do You Need A Service Mesh?Do You Need A Service Mesh?
Do You Need A Service Mesh?
NGINX, Inc.
 
Do I Need A Service Mesh.pptx
Do I Need A Service Mesh.pptxDo I Need A Service Mesh.pptx
Do I Need A Service Mesh.pptx
PINGXIONG3
 
Istio Mesh – Managing Container Deployments at Scale
Istio Mesh – Managing Container Deployments at ScaleIstio Mesh – Managing Container Deployments at Scale
Istio Mesh – Managing Container Deployments at Scale
Mofizur Rahman
 
Manging Container Deployments at Scale
Manging Container Deployments at ScaleManging Container Deployments at Scale
Manging Container Deployments at Scale
Mofizur Rahman
 
Newt global meetup microservices
Newt global meetup microservicesNewt global meetup microservices
Newt global meetup microservices
Venkatnadhan Thirunalai
 
Technology insights: Decision Science Platform
Technology insights: Decision Science PlatformTechnology insights: Decision Science Platform
Technology insights: Decision Science Platform
Decision Science Community
 
Running containers in production, the ING story
Running containers in production, the ING storyRunning containers in production, the ING story
Running containers in production, the ING story
Thijs Ebbers
 
Microservices.pdf
Microservices.pdfMicroservices.pdf
Microservices.pdf
SelmaJelovac1
 
Micro Front-End & Microservices - Plansoft
Micro Front-End & Microservices - PlansoftMicro Front-End & Microservices - Plansoft
Micro Front-End & Microservices - Plansoft
Miki Lombardi
 
Enabling application portability with the greatest of ease!
Enabling application portability with the greatest of ease!Enabling application portability with the greatest of ease!
Enabling application portability with the greatest of ease!
Ken Owens
 
Your Journey to Cloud-Native Begins with DevOps, Microservices, and Containers
Your Journey to Cloud-Native Begins with DevOps, Microservices, and ContainersYour Journey to Cloud-Native Begins with DevOps, Microservices, and Containers
Your Journey to Cloud-Native Begins with DevOps, Microservices, and Containers
Atlassian
 
NUS-ISS Learning Day 2018- Designing software to make the most of cloud platf...
NUS-ISS Learning Day 2018- Designing software to make the most of cloud platf...NUS-ISS Learning Day 2018- Designing software to make the most of cloud platf...
NUS-ISS Learning Day 2018- Designing software to make the most of cloud platf...
NUS-ISS
 
Serverless microservices
Serverless microservicesServerless microservices
Serverless microservices
Lalit Kale
 
MicroserviceArchitecture in detail over Monolith.
MicroserviceArchitecture in detail over Monolith.MicroserviceArchitecture in detail over Monolith.
MicroserviceArchitecture in detail over Monolith.
PLovababu
 
Introduction to Microservices
Introduction to MicroservicesIntroduction to Microservices
Introduction to Microservices
MahmoudZidan41
 
Monolithic to Microservices Architecture
Monolithic to Microservices ArchitectureMonolithic to Microservices Architecture
Monolithic to Microservices Architecture
Vin Dahake
 
Business and IT agility through DevOps and microservice architecture powered ...
Business and IT agility through DevOps and microservice architecture powered ...Business and IT agility through DevOps and microservice architecture powered ...
Business and IT agility through DevOps and microservice architecture powered ...
Lucas Jellema
 
QCon 2015 - Microservices Track Notes
QCon 2015 - Microservices Track Notes QCon 2015 - Microservices Track Notes
QCon 2015 - Microservices Track Notes
Abdul Basit Munda
 
Cloud Foundry Technical Overview at IBM Interconnect 2016
Cloud Foundry Technical Overview at IBM Interconnect 2016Cloud Foundry Technical Overview at IBM Interconnect 2016
Cloud Foundry Technical Overview at IBM Interconnect 2016
Stormy Peters
 
APIdays Paris 2019 - Cloud native API Management for Microservices on a Servi...
APIdays Paris 2019 - Cloud native API Management for Microservices on a Servi...APIdays Paris 2019 - Cloud native API Management for Microservices on a Servi...
APIdays Paris 2019 - Cloud native API Management for Microservices on a Servi...
apidays
 
Enabling Fast IT using Containers, Microservices and DAVROS models: an overview
Enabling Fast IT using Containers, Microservices and DAVROS models: an overviewEnabling Fast IT using Containers, Microservices and DAVROS models: an overview
Enabling Fast IT using Containers, Microservices and DAVROS models: an overview
Cisco DevNet
 
[APIdays Paris 2019] API Management in Service Mesh Using Istio and WSO2 API ...
[APIdays Paris 2019] API Management in Service Mesh Using Istio and WSO2 API ...[APIdays Paris 2019] API Management in Service Mesh Using Istio and WSO2 API ...
[APIdays Paris 2019] API Management in Service Mesh Using Istio and WSO2 API ...
WSO2
 
Microservices in Go with Go kit
Microservices in Go with Go kitMicroservices in Go with Go kit
Microservices in Go with Go kit
Shiju Varghese
 
Intro - Cloud Native
Intro - Cloud NativeIntro - Cloud Native
Intro - Cloud Native
Albert Suwandhi
 
Webinar : Microservices and Containerization
Webinar : Microservices and ContainerizationWebinar : Microservices and Containerization
Webinar : Microservices and Containerization
Newt Global Consulting LLC
 
6+1 Technical Tips for Tech Startups (2023 Edition)
6+1 Technical Tips for Tech Startups (2023 Edition)6+1 Technical Tips for Tech Startups (2023 Edition)
6+1 Technical Tips for Tech Startups (2023 Edition)
Ahmed Misbah
 
Practical Microservice Architecture (edition 2022).pdf
Practical Microservice Architecture (edition 2022).pdfPractical Microservice Architecture (edition 2022).pdf
Practical Microservice Architecture (edition 2022).pdf
Ahmed Misbah
 

Weitere ähnliche Inhalte

Ähnlich wie Istio as an enabler for migrating to microservices (edition 2022)

Your Journey to Cloud-Native Begins with DevOps, Microservices, and Containers
Your Journey to Cloud-Native Begins with DevOps, Microservices, and ContainersYour Journey to Cloud-Native Begins with DevOps, Microservices, and Containers
Your Journey to Cloud-Native Begins with DevOps, Microservices, and Containers
Atlassian
 
Business and IT agility through DevOps and microservice architecture powered ...
Business and IT agility through DevOps and microservice architecture powered ...Business and IT agility through DevOps and microservice architecture powered ...
Business and IT agility through DevOps and microservice architecture powered ...
Lucas Jellema
 

Ähnlich wie Istio as an enabler for migrating to microservices (edition 2022) (20)

Technology insights: Decision Science Platform
Technology insights: Decision Science PlatformTechnology insights: Decision Science Platform
Technology insights: Decision Science Platform
 
Running containers in production, the ING story
Running containers in production, the ING storyRunning containers in production, the ING story
Running containers in production, the ING story
 
Microservices.pdf
Microservices.pdfMicroservices.pdf
Microservices.pdf
 
Micro Front-End & Microservices - Plansoft
Micro Front-End & Microservices - PlansoftMicro Front-End & Microservices - Plansoft
Micro Front-End & Microservices - Plansoft
 
Enabling application portability with the greatest of ease!
Enabling application portability with the greatest of ease!Enabling application portability with the greatest of ease!
Enabling application portability with the greatest of ease!
 
Your Journey to Cloud-Native Begins with DevOps, Microservices, and Containers
Your Journey to Cloud-Native Begins with DevOps, Microservices, and ContainersYour Journey to Cloud-Native Begins with DevOps, Microservices, and Containers
Your Journey to Cloud-Native Begins with DevOps, Microservices, and Containers
 
NUS-ISS Learning Day 2018- Designing software to make the most of cloud platf...
NUS-ISS Learning Day 2018- Designing software to make the most of cloud platf...NUS-ISS Learning Day 2018- Designing software to make the most of cloud platf...
NUS-ISS Learning Day 2018- Designing software to make the most of cloud platf...
 
Serverless microservices
Serverless microservicesServerless microservices
Serverless microservices
 
MicroserviceArchitecture in detail over Monolith.
MicroserviceArchitecture in detail over Monolith.MicroserviceArchitecture in detail over Monolith.
MicroserviceArchitecture in detail over Monolith.
 
Introduction to Microservices
Introduction to MicroservicesIntroduction to Microservices
Introduction to Microservices
 
Monolithic to Microservices Architecture
Monolithic to Microservices ArchitectureMonolithic to Microservices Architecture
Monolithic to Microservices Architecture
 
Business and IT agility through DevOps and microservice architecture powered ...
Business and IT agility through DevOps and microservice architecture powered ...Business and IT agility through DevOps and microservice architecture powered ...
Business and IT agility through DevOps and microservice architecture powered ...
 
QCon 2015 - Microservices Track Notes
QCon 2015 - Microservices Track Notes QCon 2015 - Microservices Track Notes
QCon 2015 - Microservices Track Notes
 
Cloud Foundry Technical Overview at IBM Interconnect 2016
Cloud Foundry Technical Overview at IBM Interconnect 2016Cloud Foundry Technical Overview at IBM Interconnect 2016
Cloud Foundry Technical Overview at IBM Interconnect 2016
 
APIdays Paris 2019 - Cloud native API Management for Microservices on a Servi...
APIdays Paris 2019 - Cloud native API Management for Microservices on a Servi...APIdays Paris 2019 - Cloud native API Management for Microservices on a Servi...
APIdays Paris 2019 - Cloud native API Management for Microservices on a Servi...
 
Enabling Fast IT using Containers, Microservices and DAVROS models: an overview
Enabling Fast IT using Containers, Microservices and DAVROS models: an overviewEnabling Fast IT using Containers, Microservices and DAVROS models: an overview
Enabling Fast IT using Containers, Microservices and DAVROS models: an overview
 
[APIdays Paris 2019] API Management in Service Mesh Using Istio and WSO2 API ...
[APIdays Paris 2019] API Management in Service Mesh Using Istio and WSO2 API ...[APIdays Paris 2019] API Management in Service Mesh Using Istio and WSO2 API ...
[APIdays Paris 2019] API Management in Service Mesh Using Istio and WSO2 API ...
 
Microservices in Go with Go kit
Microservices in Go with Go kitMicroservices in Go with Go kit
Microservices in Go with Go kit
 
Intro - Cloud Native
Intro - Cloud NativeIntro - Cloud Native
Intro - Cloud Native
 
Webinar : Microservices and Containerization
Webinar : Microservices and ContainerizationWebinar : Microservices and Containerization
Webinar : Microservices and Containerization
 

Mehr von Ahmed Misbah

6+1 Technical Tips for Tech Startups (2023 Edition)
6+1 Technical Tips for Tech Startups (2023 Edition)6+1 Technical Tips for Tech Startups (2023 Edition)
6+1 Technical Tips for Tech Startups (2023 Edition)
Ahmed Misbah
 
Practical Microservice Architecture (edition 2022).pdf
Practical Microservice Architecture (edition 2022).pdfPractical Microservice Architecture (edition 2022).pdf
Practical Microservice Architecture (edition 2022).pdf
Ahmed Misbah
 
DevOps for absolute beginners (2022 edition)
DevOps for absolute beginners (2022 edition)DevOps for absolute beginners (2022 edition)
DevOps for absolute beginners (2022 edition)
Ahmed Misbah
 

Mehr von Ahmed Misbah (20)

6+1 Technical Tips for Tech Startups (2023 Edition)
6+1 Technical Tips for Tech Startups (2023 Edition)6+1 Technical Tips for Tech Startups (2023 Edition)
6+1 Technical Tips for Tech Startups (2023 Edition)
 
Practical Microservice Architecture (edition 2022).pdf
Practical Microservice Architecture (edition 2022).pdfPractical Microservice Architecture (edition 2022).pdf
Practical Microservice Architecture (edition 2022).pdf
 
DevOps for absolute beginners (2022 edition)
DevOps for absolute beginners (2022 edition)DevOps for absolute beginners (2022 edition)
DevOps for absolute beginners (2022 edition)
 
TDD Anti-patterns (2022 edition)
TDD Anti-patterns (2022 edition)TDD Anti-patterns (2022 edition)
TDD Anti-patterns (2022 edition)
 
Implementing FaaS on Kubernetes using Kubeless
Implementing FaaS on Kubernetes using KubelessImplementing FaaS on Kubernetes using Kubeless
Implementing FaaS on Kubernetes using Kubeless
 
Introduction to TDD
Introduction to TDDIntroduction to TDD
Introduction to TDD
 
Getting Started with DevOps
Getting Started with DevOpsGetting Started with DevOps
Getting Started with DevOps
 
DevOps for absolute beginners
DevOps for absolute beginnersDevOps for absolute beginners
DevOps for absolute beginners
 
Microservice test strategies for applications based on Spring, K8s and Istio
Microservice test strategies for applications based on Spring, K8s and IstioMicroservice test strategies for applications based on Spring, K8s and Istio
Microservice test strategies for applications based on Spring, K8s and Istio
 
Cucumber jvm best practices v3
Cucumber jvm best practices v3Cucumber jvm best practices v3
Cucumber jvm best practices v3
 
Welcome to the Professional World
Welcome to the Professional WorldWelcome to the Professional World
Welcome to the Professional World
 
More topics on Java
More topics on JavaMore topics on Java
More topics on Java
 
Career Paths for Software Professionals
Career Paths for Software ProfessionalsCareer Paths for Software Professionals
Career Paths for Software Professionals
 
Effective User Story Writing
Effective User Story WritingEffective User Story Writing
Effective User Story Writing
 
AndGen+
AndGen+AndGen+
AndGen+
 
DDT Testing Library for Android
DDT Testing Library for AndroidDDT Testing Library for Android
DDT Testing Library for Android
 
Big Data for QAs
Big Data for QAsBig Data for QAs
Big Data for QAs
 
Software Architecture
Software ArchitectureSoftware Architecture
Software Architecture
 
Software Design
Software DesignSoftware Design
Software Design
 
The Road to DevOps V3
The Road to DevOps V3The Road to DevOps V3
The Road to DevOps V3
 

Kürzlich hochgeladen

%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...
%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...
%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...
masabamasaba
 
Architecture decision records - How not to get lost in the past
Architecture decision records - How not to get lost in the pastArchitecture decision records - How not to get lost in the past
Architecture decision records - How not to get lost in the past
Papp Krisztián
 
The title is not connected to what is inside
The title is not connected to what is insideThe title is not connected to what is inside
The title is not connected to what is inside
shinachiaurasa2
 
%+27788225528 love spells in new york Psychic Readings, Attraction spells,Bri...
%+27788225528 love spells in new york Psychic Readings, Attraction spells,Bri...%+27788225528 love spells in new york Psychic Readings, Attraction spells,Bri...
%+27788225528 love spells in new york Psychic Readings, Attraction spells,Bri...
masabamasaba
 
Abortion Pills In Pretoria ](+27832195400*)[ 🏥 Women's Abortion Clinic In Pre...
Abortion Pills In Pretoria ](+27832195400*)[ 🏥 Women's Abortion Clinic In Pre...Abortion Pills In Pretoria ](+27832195400*)[ 🏥 Women's Abortion Clinic In Pre...
Abortion Pills In Pretoria ](+27832195400*)[ 🏥 Women's Abortion Clinic In Pre...
Medical / Health Care (+971588192166) Mifepristone and Misoprostol tablets 200mg
 
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Steffen Staab
 
Abortion Pill Prices Tembisa [(+27832195400*)] 🏥 Women's Abortion Clinic in T...
Abortion Pill Prices Tembisa [(+27832195400*)] 🏥 Women's Abortion Clinic in T...Abortion Pill Prices Tembisa [(+27832195400*)] 🏥 Women's Abortion Clinic in T...
Abortion Pill Prices Tembisa [(+27832195400*)] 🏥 Women's Abortion Clinic in T...
Medical / Health Care (+971588192166) Mifepristone and Misoprostol tablets 200mg
 

Kürzlich hochgeladen (20)

WSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital Transformation
WSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital TransformationWSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital Transformation
WSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital Transformation
 
%in Soweto+277-882-255-28 abortion pills for sale in soweto
%in Soweto+277-882-255-28 abortion pills for sale in soweto%in Soweto+277-882-255-28 abortion pills for sale in soweto
%in Soweto+277-882-255-28 abortion pills for sale in soweto
 
%in Benoni+277-882-255-28 abortion pills for sale in Benoni
%in Benoni+277-882-255-28 abortion pills for sale in Benoni%in Benoni+277-882-255-28 abortion pills for sale in Benoni
%in Benoni+277-882-255-28 abortion pills for sale in Benoni
 
%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...
%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...
%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...
 
WSO2CON 2024 - WSO2's Digital Transformation Journey with Choreo: A Platforml...
WSO2CON 2024 - WSO2's Digital Transformation Journey with Choreo: A Platforml...WSO2CON 2024 - WSO2's Digital Transformation Journey with Choreo: A Platforml...
WSO2CON 2024 - WSO2's Digital Transformation Journey with Choreo: A Platforml...
 
Architecture decision records - How not to get lost in the past
Architecture decision records - How not to get lost in the pastArchitecture decision records - How not to get lost in the past
Architecture decision records - How not to get lost in the past
 
VTU technical seminar 8Th Sem on Scikit-learn
VTU technical seminar 8Th Sem on Scikit-learnVTU technical seminar 8Th Sem on Scikit-learn
VTU technical seminar 8Th Sem on Scikit-learn
 
%in kaalfontein+277-882-255-28 abortion pills for sale in kaalfontein
%in kaalfontein+277-882-255-28 abortion pills for sale in kaalfontein%in kaalfontein+277-882-255-28 abortion pills for sale in kaalfontein
%in kaalfontein+277-882-255-28 abortion pills for sale in kaalfontein
 
The title is not connected to what is inside
The title is not connected to what is insideThe title is not connected to what is inside
The title is not connected to what is inside
 
%+27788225528 love spells in new york Psychic Readings, Attraction spells,Bri...
%+27788225528 love spells in new york Psychic Readings, Attraction spells,Bri...%+27788225528 love spells in new york Psychic Readings, Attraction spells,Bri...
%+27788225528 love spells in new york Psychic Readings, Attraction spells,Bri...
 
Abortion Pills In Pretoria ](+27832195400*)[ 🏥 Women's Abortion Clinic In Pre...
Abortion Pills In Pretoria ](+27832195400*)[ 🏥 Women's Abortion Clinic In Pre...Abortion Pills In Pretoria ](+27832195400*)[ 🏥 Women's Abortion Clinic In Pre...
Abortion Pills In Pretoria ](+27832195400*)[ 🏥 Women's Abortion Clinic In Pre...
 
OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...
OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...
OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...
 
WSO2CON 2024 - Does Open Source Still Matter?
WSO2CON 2024 - Does Open Source Still Matter?WSO2CON 2024 - Does Open Source Still Matter?
WSO2CON 2024 - Does Open Source Still Matter?
 
Announcing Codolex 2.0 from GDK Software
Announcing Codolex 2.0 from GDK SoftwareAnnouncing Codolex 2.0 from GDK Software
Announcing Codolex 2.0 from GDK Software
 
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
 
Abortion Pill Prices Tembisa [(+27832195400*)] 🏥 Women's Abortion Clinic in T...
Abortion Pill Prices Tembisa [(+27832195400*)] 🏥 Women's Abortion Clinic in T...Abortion Pill Prices Tembisa [(+27832195400*)] 🏥 Women's Abortion Clinic in T...
Abortion Pill Prices Tembisa [(+27832195400*)] 🏥 Women's Abortion Clinic in T...
 
Artyushina_Guest lecture_YorkU CS May 2024.pptx
Artyushina_Guest lecture_YorkU CS May 2024.pptxArtyushina_Guest lecture_YorkU CS May 2024.pptx
Artyushina_Guest lecture_YorkU CS May 2024.pptx
 
Crypto Cloud Review - How To Earn Up To $500 Per DAY Of Bitcoin 100% On AutoP...
Crypto Cloud Review - How To Earn Up To $500 Per DAY Of Bitcoin 100% On AutoP...Crypto Cloud Review - How To Earn Up To $500 Per DAY Of Bitcoin 100% On AutoP...
Crypto Cloud Review - How To Earn Up To $500 Per DAY Of Bitcoin 100% On AutoP...
 
%in Midrand+277-882-255-28 abortion pills for sale in midrand
%in Midrand+277-882-255-28 abortion pills for sale in midrand%in Midrand+277-882-255-28 abortion pills for sale in midrand
%in Midrand+277-882-255-28 abortion pills for sale in midrand
 
tonesoftg
tonesoftgtonesoftg
tonesoftg
 

Istio as an enabler for migrating to microservices (edition 2022)

  • 1. Ahmed MISBAH - 22/09/2022 Istio as an enabler for migrating to Microservices 2022 edition
  • 2. About the speaker Role and previous talks • Chief Software Engineer • Speaker at: ‣ DevOpsDays Cairo ‣ AMECSE ‣ Orange DevTest Days ‣ GDG ‣ Delta Technopreneurs ‣ JDC
  • 3. About the speaker Topics of interest • DevOps • Agile and Lean • Cloud-Native Apps and beyond • Software Architecture • Java • FOSS • Arti fi cial Intelligence and ML
  • 4. About the speaker Experience • 9 years at Orange Innovation Egypt • Delivered two award winning innovative solutions • Worked at two startups • Helped many others! • Winner of Dell Hacktrick 2022 UI/UX track • MSc. degree in ML and many other professional certi fi cations Nile University J;.lll ~l:J.. Qtertifirate (3/'~ This is to certify that Ahmed Mahmoud Amir Misbah •••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••• Has successfully completed the program of study and fulfilled the requirements for BigData & Data Science Diploma for the period from October 2015 to July 2016 ...f:.!.l...~'!!~~!.tf....El..#.!(!.~.1.. INF Program Director ~~.__QI II C.a.::::a..;r:q;;; AU J M IW fl , : ~t '-M4' October 2016 · ····························••- •·············· Date
  • 5. Istio as an enabler for migrating to Microservices Agenda • Why migrate? • The migration • After the migration
  • 6. Istio as an enabler for migrating to Microservices Agenda ➡ Why migrate? • The migration • After the migration
  • 7. Why migrate? Digital Transformation - Past and Present Development Process Application Architecture Deployment and Packaging Application Infrastructure Waterfall Agile DevOps Monolithic N-Tier | SOA Microservices Physical Servers Virtual Server Containers Datacenter Hosted Cloud
  • 8. Why migrate? Why Microservices? Microservices enable organizations to evolve their structure and technology stack through structuring their application(s) as a collection of services that are: • Organized around business capabilities • Owned by a small team • Independently deployable • Loosely coupled • Highly maintainable and testable
  • 9. Why migrate? Why Microservices? • Technology Heterogeneity • Ease of Deployment • Scaling • Robustness • Composability
  • 10. Istio as an enabler for migrating to Microservices Agenda • Why migrate? ➡ The migration • After the migration
  • 11. The migration Microservice Architecture Challenges 1. Learning Curve 2. Monitoring 3. Troubleshooting and debugging 4. Handling failures 5. Security 6. Testing 7. Latency 8. Data Consistency 9. Infrastructure provisioning 10. Deployment
  • 12. The migration Non-functional requirements (NFRs) Challenge Solution Technology Monitoring, Troubleshooting, Debugging Observability ? Handling failures Design Patterns: Retry pattern, circuit breaker pattern ? Security Mutual TLS ? Testing Chaos Engineering ? Deployment Deployment Strategies ? Scaling, Load Balancing Advanced Tra ffi c Management ?
  • 13. The migration Enter Service Mesh • A Service Mesh is a dedicated communication layer for facilitating service-to-service communications between Microservices using a proxy (often as a sidecar). • Having such a dedicated communication layer can provide a number of bene fi ts, such as: • Providing observability into communications, • Providing secure connections, • Automating retries and backo ff for failed requests, • Tra ffi c management (e.g., Load Balancing), • Many deployment strategies (Canary, blue-green, etc.), • Separating the business logic of the application from the previous points
  • 14. The migration Enter Istio Istio is an open source Service Mesh that helps organizations run distributed, Microservices-based apps anywhere. Istio enables organizations to secure, connect, and monitor Microservices, so they can modernize their enterprise applications more swiftly and securely.
  • 15. The migration Why Istio? • Tra ffi c Management ‣ Virtual Services ‣ Destination Rules ‣ Gateways ‣ Service enteries ‣ Sidecars • Security (ICM, Authentication and Authorization) • Observability (Metrics, Distributed Tracing, Access Logs)
  • 16. The migration Why Istio? • K8s native (i.e., extensibility and all other K8s goodies) • Free and Open Source (FOSS) • Relies on other FOSS (Envoy, Jaeger, Prometheus, Grafana, Kiali, etc.)
  • 17. The migration Migration Approaches 1. Big Bang Approach: Creating a new application from scratch 2. Incremental Approach: Gradually migrate to Microservice Architecture Big Bang Approach Gradual Approach
  • 18. The migration Incremental Approach • Monolithic functionalities can be extracted gradually to be implemented in Microservices by splitting the monolithic application based on business capabilities, teams, or sub-domain (DDD). • Such Microservices include business functionalities exposed as API calls. They can also access the monolithic database or have their own autonomous database. • Many patterns exist for splitting monolithic application. One of the most useful and commonly used techniques is the Strangler Fig Application.
  • 19. The migration Strangler Fig Application Pattern • The idea of Strangler Fig Application Pattern is to have the new system initially supported by the existing system. • The old and the new systems can coexist, giving the new system time to grow and potentially entirely replace the old system. 
  • 20. The migration Bene fi ts of Incremental Approach and Strangler Fig • Allows new evolutions to be delivered during the migration phase. • The new system will always be up-to-date. • Zero Downtime Deployments (ZDD).
  • 21. The migration Stages of Strangler Fig Application Pattern 1. Identify: identify parts of the legacy application that will be migrated. DDD can be used to identify various bounded contexts 2. Transform: implement this functionality in a new Microservice 3. Co-exist: leave the existing module in the legacy application as is. Incrementally re-route calls from the monolith to the new micro service 4. Eliminate: once the tra ffi c is completely redirected to the micro service, eliminate the legacy module
  • 24. Sample Application Assumptions • Legacy application is a modular monolith • Deployment will be on a public cloud • K8s cluster is installed with Istio • Legacy monolithic application does not run in a container • Complete DB decomposition will not be covered +
  • 26. Sample Application Stage 2 & 3 - Transform & Co-exist • CI pipeline of application should be modi fi ed so as to package monolithic application as a container image and upload it to an artifact repository or container registry • CD pipeline should be con fi gured so as to trigger the deployment of the application to K8s • An Istio Ingress Gateway should be deployed and con fi gured to route all tra ffi c to the monolithic application • DNS should be con fi gured so as to map your domains to the new K8s cluster K8s Node K8s Pod Envoy Proxy Monolith Cloud Load Balancer / Istio Ingress Gateway Clients
  • 27. K8s Node K8s Pod Envoy Proxy Monolith Cloud Load Balancer / Istio Ingress Gateway Clients
  • 28. K8s Node K8s Pod Envoy Proxy Monolith Cloud Load Balancer / Istio Ingress Gateway Clients K8s Pod Envoy Proxy Microservice 1
  • 29. K8s Node K8s Pod Envoy Proxy Monolith Cloud Load Balancer / Istio Ingress Gateway Clients K8s Pod Envoy Proxy Microservice 2 K8s Pod Envoy Proxy Microservice 1
  • 30. K8s Node Cloud Load Balancer / Istio Ingress Gateway Clients K8s Pod Envoy Proxy Microservice 2 K8s Pod Envoy Proxy Microservice 4 K8s Pod Envoy Proxy Microservice 3 K8s Pod Envoy Proxy Microservice 1 K8s Pod Envoy Proxy Monolith
  • 31. Sample Application Stage 4 - Eliminate K8s Node Cloud Load Balancer / Istio Ingress Gateway Clients K8s Pod Envoy Proxy Microservice 2 K8s Pod Envoy Proxy Microservice 4 K8s Pod Envoy Proxy Microservice 3 K8s Pod Envoy Proxy Microservice 1
  • 32. Sample Application DB Migration • You can start with a shared DB, • Then start decomposing the DB using a pattern, • Finally, you should end up with one DB per Microservice. • Istio Egress controller can be used to control tra ffi c to the DB if it will be used as a service and not deployed within the K8s cluster
  • 33. Cloud Load Balancer / Istio Ingress Gateway Clients K8s Pod Envoy Proxy Microservice 2 K8s Pod Envoy Proxy Microservice 4 K8s Pod Envoy Proxy Microservice 3 K8s Pod Envoy Proxy Microservice 1 K8s Node Istio Egress Gateway Shared DB
  • 34. Cloud Load Balancer / Istio Ingress Gateway Clients K8s Pod Envoy Proxy Microservice 2 K8s Pod Envoy Proxy Microservice 4 K8s Pod Envoy Proxy Microservice 3 K8s Pod Envoy Proxy Microservice 1 K8s Node Istio Egress Gateway DB 1 DB 2 DB 3 DB 4
  • 35. Istio as an enabler for migrating to Microservices Agenda • Why migrate? • The migration ➡ After the migration
  • 38. Traffic Management Releases - Canary Releases
  • 39. Traffic Management Rate Limiting • Global Rate Limit • Local Rate Limit
  • 41. Chaos Engineering Fault Injection • HTTP delay fault • HTTP abort fault
  • 45. Security Features • Certi fi cate Management • Authentication • Authorization • TLS con fi guration
  • 52. It’s not all sunshine and roses! Istio drawbacks and challenges • Latency from adding sidecar proxies (solved by eBPF) • Multi-cluster, multi-cloud, and multi-tenant support (solved by Tetrate) • Con fi guring Control Plane components • K8s lock-in • Using only one of its features
  • 55.
  • 56. Book a free call to arrange a workshop • DevOps Maturity Assessment workshop • DevOps for Enterprises workshop • Microservice Architecture workshop • Serverless Architectures workshop • CI/CD workshop • Hands-on DevOps mentorship Scan to book a free call