1 of 42

Istio: Canaries and Kubernetes

@burrsutter

burr@redhat.com

bit.ly/istio-canaries

bit.ly/istio-tutorial

Link

Recording: https://www.youtube.com/watch?v=YQLOcjvbo9s

2 of 42

Demo: bit.ly/msa-instructions

Slides: bit.ly/microservicesdeepdive

Video Training: bit.ly/microservicesvideo

Free eBooks from developers.redhat.com

bit.ly/reactivemicroservicesbook

bit.ly/javamicroservicesbook

Microservices Introductory Materials

@burrsutter

Microservices Advanced Materials

bit.ly/istio-tutorial

bit.ly/mono2microdb

http://bit.ly/istio-canaries

Istio.io

Kubernetes for Java Developers

3 of 42

Monolith

MyApp

@burrsutter

4 of 42

Microservices

@burrsutter

5 of 42

Microservices

@burrsutter

6 of 42

Microservices

@burrsutter

7 of 42

Microservices

@burrsutter

8 of 42

Microservices

@burrsutter

9 of 42

Microservices

@burrsutter

10 of 42

Network of Services

@burrsutter

11 of 42

Microservices == Distributed Computing

OS

JVM

Service C

@burrsutter

OS

JVM

Service B

OS

JVM

Service A

12 of 42

Microservices'ilities

MyService

Monitoring

Tracing

API

Discovery

Invocation

Resilience

Pipeline

Authentication

Logging

Elasticity

@burrsutter

13 of 42

Short History of Microservices

Continuous

Integration

via XP

1999

AWS EC2

2006

DropWizard

May 2011

Agile

Manifesto

Feb

2001

NETFLIX

to AWS

2010

Ribbon

March 2012

Hystrix

March 2012

Eureka

July 2012

Microservices

Assess

Thoughtworks

Radar

March 2012

Spring Boot

Sept 2013

Microservices

Defined

Thoughtworks

Fowler, Lewis

March 2014

Kubernetes

June 2014

Java EE6

2009

DevOps

2009

Docker

March

2013

@burrsutter

14 of 42

What's Wrong with Netflix OSS?

Java Only

Adds a lot of libraries to YOUR code

15 of 42

Microservices embedding Capabilities

@burrsutter

Container

JVM

Service B

Discovery

Load-balancer

Resiliency

Metrics

Tracing

Container

JVM

Service A

Discovery

Load-balancer

Resiliency

Metrics

Tracing

Container

JVM

Service C

Discovery

Load-balancer

Resiliency

Metrics

Tracing

16 of 42

Microservices'ilities

MyService

Monitoring

Tracing

API

Discovery

Invocation

Resilience

Pipeline

Authentication

Logging

Elasticity

@burrsutter

17 of 42

@burrsutter

18 of 42

Microservices'ilities + Kubernetes

MyService

Monitoring

Tracing

API

Discovery

Invocation

Resilience

Pipeline

Authentication

Logging

Elasticity

@burrsutter

19 of 42

Microservices'ilities + OpenShift

MyService

Monitoring

Tracing

API

Discovery

Invocation

Resilience

Pipeline

Authentication

Logging

Elasticity

@burrsutter

20 of 42

Istio - Sail

(Kubernetes - Helmsman or ship’s pilot)

@burrsutter

21 of 42

Service Mesh Defined

A service mesh is a dedicated infrastructure layer for handling service-to-service communication. It’s responsible for the reliable delivery of requests through the complex topology of services that comprise a modern, cloud native application. In practice, the service mesh is typically implemented as an array of lightweight network proxies that are deployed alongside application code, without the application needing to be aware

https://buoyant.io/2017/04/25/whats-a-service-mesh-and-why-do-i-need-one/

22 of 42

Microservices'ilities + Istio

MyService

Monitoring

Tracing

API

Discovery

Invocation

Resilience

Pipeline

Authentication

Logging

Elasticity

@burrsutter

23 of 42

Microservices embedding Capabilities

@burrsutter

Container

JVM

Service B

Discovery

Load-balancer

Resiliency

Metrics

Tracing

Container

JVM

Service A

Discovery

Load-balancer

Resiliency

Metrics

Tracing

Container

JVM

Service C

Discovery

Load-balancer

Resiliency

Metrics

Tracing

Before Istio

24 of 42

Microservices externalizing Capabilities

@burrsutter

Pod

Container

JVM

Service A

Sidecar Container

Pod

Container

JVM

Service C

Sidecar Container

Pod

Container

JVM

Service B

Sidecar Container

After Istio

25 of 42

Kubernetes, Istio, Envoy

@burrsutter

Pod

Container

JVM

Service A

Sidecar Container

Pod

Container

JVM

Service C

Sidecar Container

Pod

Container

JVM

Service B

Sidecar Container

26 of 42

Next Generation Microservices - Service Mesh

Code Independent (Polyglot)

  • Intelligent Routing and Load-Balancing
    • A/B Tests
    • Smarter Canary Releases
  • Chaos: Fault Injection
  • Resilience: Circuit Breakers
  • Observability: Metrics and Tracing
  • Fleet wide policy enforcement

@burrsutter

27 of 42

28 of 42

Istio Control Plane

Pod

Container

JVM

Service A

Envoy Side-car

Pod

Container

JVM

Service B

Envoy Side-car

Pod

Container

JVM

Service C

Envoy Side-car

HTTP1.1, HTTP2, gRPC, TCP w/TLS

HTTP1.1, HTTP2, gRPC, TCP w/TLS

HTTP1.1, HTTP2, gRPC, TCP w/TLS

Istio Pilot

Istio Mixer

Istio Auth

istioctl, API, config

Quota, Telemetry�Rate Limiting, ACL

CA, SPIFFE

@burrsutter

29 of 42

Canary Deployment

DEVELOPMENT

QA

STAGING

PRODUCTION

ROUTER

USERS

SCM

@burrsutter

30 of 42

Canary Deployment

DEVELOPMENT

QA

STAGING

PRODUCTION

ROUTER

USERS

SCM

@burrsutter

31 of 42

Canary Deployment

DEVELOPMENT

QA

STAGING

PRODUCTION

ROUTER

USERS

SCM

@burrsutter

32 of 42

Canary Deployment

DEVELOPMENT

QA

STAGING

PRODUCTION

ROUTER

USERS

SCM

@burrsutter

33 of 42

Canary Deployment

DEVELOPMENT

QA

STAGING

PRODUCTION

ROUTER

USERS

SCM

@burrsutter

34 of 42

Canary Deployment

DEVELOPMENT

QA

STAGING

PRODUCTION

ROUTER

USERS

SCM

@burrsutter

35 of 42

Canary Deployment

DEVELOPMENT

QA

STAGING

PRODUCTION

ROUTER

USERS

SCM

@burrsutter

36 of 42

Canary Deployment

DEVELOPMENT

QA

STAGING

PRODUCTION

ROUTER

USERS

SCM

@burrsutter

37 of 42

Canary Deployment

DEVELOPMENT

QA

STAGING

PRODUCTION

ROUTER

USERS

SCM

@burrsutter

38 of 42

Canary Deployment

DEVELOPMENT

QA

STAGING

PRODUCTION

ROUTER

USERS

SCM

@burrsutter

39 of 42

Canaries with Kubernetes

Pod

Container

JVM

Service A v1

Pod

Container

JVM

Service A v2

Service

Route/

Ingress

50%

50%

@burrsutter

40 of 42

Canaries with Istio

Pod

Container

JVM

Service A v1

Pod

Container

JVM

Service A v2

Service

Route/

Ingress

90%

10%

@burrsutter

41 of 42

Demo

bit.ly/istio-tutorial

@burrsutter

42 of 42

Demo: bit.ly/msa-instructions

Slides: bit.ly/microservicesdeepdive

Video Training: bit.ly/microservicesvideo

Free eBooks from developers.redhat.com

bit.ly/reactivemicroservicesbook

bit.ly/javamicroservicesbook

Microservices Introductory materials

@burrsutter

Microservices Advanced Materials

bit.ly/istio-tutorial

bit.ly/mono2microdb

http://bit.ly/istio-canaries

Istio.io