Easy Debugging of Java Microservices
Running on Kubernetes, with Telepresence
Daniel Bryant

@danielbryantuk
tl;dr
2
• The inner development loop can be painful with Java microservices & Kubernetes
• Telepresence “proxies” your local machine into the cluster, increasing fast feedback
• Telepresence supports several workflows, from small to large systems
• Please support this CNCF project — get involved!

@danielbryantuk
3

Setting the Scene
4

@danielbryantuk
Inner and outer dev loops
5
Hat tip to Mitch Denny (now 404): https://mitchdenny.com/the-inner-loop/
http://jorgemoral.es/posts/2020_03_17-develop_apps…

@danielbryantuk
Inner and outer loop with K8s can be the same
6
• Write code
• Build container
• Push to registry
• Deploy to cluster
• Test
And can be …. SLOW.

@danielbryantuk
Automation can help…
7

@danielbryantuk
tl;dr
8
But you want a really fast inner loop (no docker build/push) …

@danielbryantuk
tl;dr
9 And you want to use your own tools.

@danielbryantuk
So, let’s run everything locally…
10

@danielbryantuk
tl;dr
11
“My laptop only
has 16GB RAM and
you’re asking it to
run Kubernetes
and a JVM and a
database???”

@danielbryantuk
12

@danielbryantuk
What is Telepresence
13
• “Fancy Kubernetes VPN for development
• “kubectl port-forward on steroids”
• A network bridge between your laptop and the Kubernetes cluster

@danielbryantuk
Telepresence: Local-to-Remote bridge
14

@danielbryantuk
Telepresence: Local-to-Remote bridge
15
www.youtube.com/watch?v=W_a3aErN3NU

Demo Time!
16

@danielbryantuk
Preview URLs, Personal Intercepts
17

@danielbryantuk
Telepresence: Local-to-Remote bridge
18
telepresence connect
• Open a tunnel to the remote cluster; exposes “in-cluster” services/network/DNS
telepresence intercept my-service —port 3000
• Re-routes (intercepts) tra
ff
ic to my-service in the remote cluster to my local machine
telepresence login & telepresence intercept
• Create preview URL to isolate and share results of the intercept

@danielbryantuk
Telepresence: Local-to-Remote bridge
$ telepresence intercept dataprocessingnodeservice --port 3000
19
Using deployment dataprocessingnodeservice
intercepted
State : ACTIVE
Destination : 127.0.0.1:3000
Intercepting: HTTP requests that match all of:
header("x-telepresence-intercept-id") ~= regexp ("76a1e848-1829-74x-1138-e3294c1e9119:dataprocessingnodeservice")
Preview URL : https://[random-subdomain].preview.edgestack.me
www.youtube.com/watch?v=W_a3aErN3NU

The Good, the Bad, and the
“Don’t Try this at Home”
20

@danielbryantuk
Benefits
21
• Use any tool that runs on your laptop: IDE, profiler, debugger, …
• Connect to cloud-based resources
• Same network namespace (e.g., nslookup works)
• Very fast inner loop!

@danielbryantuk
Requirements
22
• Network connection
• kubectl access to cluster
• Mac, Linux, or WSL2

@danielbryantuk
23

@danielbryantuk
tl;dr
24
• Capturing DNS and routing selectively to the
cluster is tricky
• Maintaining proxy connections can be
challenging
• Kubernetes has many resource types
• No two laptops are alike
• No two clusters are alike
• And more

@danielbryantuk
Telepresence is a CNCF project, with a wide variety of users
25

Workflows
26

@danielbryantuk
Simple Workflow (YOLO)
27
• One (production) cluster for single-source-of-truth microservices
• Developer checks out code and works on microservices
• Intercepts services on demand using Telepresence + IDE
• Once code is done, microservices are built and deployed via pipeline
Testing in production can be… scary

@danielbryantuk
28

@danielbryantuk
Typical Workflow (SME)
29
• One shared (dev) cluster for single-source-of-truth microservices
• Developers check out one of the microservices (and coordinate with other devs)
• Watch for coupled service/API evolution
• Take care with mutating shared state
• Developers intercept and work on services via Telepresence + IDE
• Pipeline is used to run tests, build, and deploy to staging and prod
https://www.youtube.com/watch?v=75soljoqhjY

@danielbryantuk
Advanced Workflow
30
• One cluster with multiple namespaces for all single-source-of-truth microservices
• Developers check out one of the microservices
• Developers use Bazel + Telepresence + IDE
• Telepresence (1) is used in container mode with Bazel images
• Once code is done, Jenkins is used to run tests, build, and deploy
https://www.youtube.com/watch?v=tD0FIlxO1AQ

Wrapping up
31

@danielbryantuk
Conclusion
32
• The inner development loop can be painful with Java microservices & Kubernetes
• Telepresence “proxies” your local dev machine into the cluster, increasing fast feedback
• Telepresence supports several workflows, from small to large systems
• Please support this CNCF project — get involved!

@danielbryantuk
Contributing to Telepresence
33
• Documentation and workflows
• Explain how you integrate Telepresence into your development workflow
• Let us know if you’re a user!
• Triage
• Lots of folks use GitHub for support, which doesn’t scale well
• Join Slack to help other users https://a8r.io/slack #telepresence

@danielbryantuk
Thank you! Questions?
34
getambassador.io/products/telepresence
Easy Debugging of Spring Boot Microservices
Running on Kubernetes
AL Developer O
ff
ice Hours
db@datawire.com / @danielbryantuk

@danielbryantuk
35
Bonus: Patterns, practices, and
tooling

@danielbryantuk
Putting it All Together: Safety and Speed
36
https://www.weave.works/blog/what-is-gitops-really
Development Production
Fast inner/outer dev loop GitOps
Speed
Safety

37
Develop
Test
Deploy/
Release
Run
Progressive Delivery
Rollback
Observability
Chaos Engineering
Runbooks
Fast dev loop
Fast feedback
Realistic test
environments
Developer
Self-Service

@danielbryantuk
Pattern: Artifact Syncing
38
• Pain points:
• Can’t run all required dependent services locally
• Sick of code, build image, push to remote registry slow dev loop
• Integration tests rely on mocks (with implicit assumptions)
• Solution
• Deploy all services to remote environment and sync local changes (combine with buildpacks)
• O
ft
en combined with development environment bridging
• Example tool
• Ska
ff
old (ksync, Tilt, Garden)

@danielbryantuk
Pattern: Dev Environment Bridging/Extension
39
• Pain points:
• Can’t run all required dependent services locally
• Integration tests rely on mocks (with implicit assumptions)
• Need “hot reload” coupled to remote services/resources
• Solution
• Deploy all services to remote environment and proxy/re-route tra
ff
ic to/from
a local running copy of a service (or subset of services)
• Example tool
• Telepresence