Istio Service Mesh

20
Istio! Luke Marsden, Developer Experience @lmarsden

Transcript of Istio Service Mesh

Page 1: Istio Service Mesh

Istio!

Luke Marsden, Developer Experience@lmarsden

Page 2: Istio Service Mesh

Developers

Users

Page 3: Istio Service Mesh

Ship features fasterDevelopers

Users

Page 4: Istio Service Mesh

Fix problems faster

Developers

Users

Page 5: Istio Service Mesh

Developers

Users

competitiveness = speed of iteration

Page 6: Istio Service Mesh

Service mesh• Your app normally has: • API server, needs securing with TLS • API client, needs retries • Load balancer to send traffic to the right place depending on

policies • Authentication and authorization • Circuit breaking • Monitoring instrumentation (Prometheus) • …

Page 7: Istio Service Mesh

Service mesh• Service mesh says: • Move this into a sidecar!

Page 8: Istio Service Mesh

Before

Kubernetes pod

Page 9: Istio Service Mesh

Before

Kubernetes pod

Appcontainer

Page 10: Istio Service Mesh

Before

Kubernetes pod

Appcontainer

TLS

Page 11: Istio Service Mesh

Before

Kubernetes pod

Appcontainer

TLS

retries

Page 12: Istio Service Mesh

Before

Kubernetes pod

Appcontainer

TLS

retries

metrics

Page 13: Istio Service Mesh

Before

Kubernetes pod

Appcontainer

TLS

retries

metrics

Page 14: Istio Service Mesh

Before

Kubernetes pod

Appcontainer

TLS

retries

metrics

Page 15: Istio Service Mesh

Istio

After

Kubernetes pod

Appcontainer

TLS

retries

metrics

Page 16: Istio Service Mesh

Benefits• Do it well once, rather than over and over

again • Save effort! • Microservices are polyglot • Don’t want to have to rewrite all that logic

in N different languages

Page 17: Istio Service Mesh

Istio components• Envoy • Smart reverse proxy as shown • Mixer • “Control” service to which Envoys connect • Also: • Pilot for config, Istio-Auth for TLS...

Page 18: Istio Service Mesh

Istio

Page 19: Istio Service Mesh

Istio and Weave Cloud• Istio works great with Weave Cloud • Use Weave Cloud Explore to visualize Istio

in action • Have Weave Cloud Monitor handle the

long-term storage of Prometheus metrics • Demo…

Page 20: Istio Service Mesh

What does Weave do?

Weave helps devops iterate faster with: • observability &

monitoring • continuous delivery • container networks &

firewalls

Weave Net provides a Kubernetes pod network & Network Policy implementation


Multi-Service Mesh Networks

Multi-Service Mesh Networks

Services Mesh Istio: Sailing to a Secure - Istio... · Istio: Sailing to a Secure Services Mesh Spike Curtis, Tigera & Dan Berg, IBM. ... Ops needs a cross-platform toolchain: Canary

Services Mesh Istio: Sailing to a Secure - Istio... · Istio: Sailing to a Secure Services Mesh Spike Curtis, Tigera & Dan Berg, IBM. ... Ops needs a cross-platform toolchain: Canary

Service Mesh University

Service Mesh University

Istio · Weaving the mesh svcA sidecar sidecar Service A ... Fault Injection ... Istio adds fault tolerance to your application

Istio · Weaving the mesh svcA sidecar sidecar Service A ... Fault Injection ... Istio adds fault tolerance to your application

How to Manage Any Layer-7 Traffic in an Istio Service Mesh?

How to Manage Any Layer-7 Traffic in an Istio Service Mesh?

Istio Service Mesh Developing Microservices with...HTTP1.1, HTTP2, gRPC, TCP w/TLS istioctl, API, config Quota, Telemetry Rate Limiting, ACL CA, SPIFFE Istio Service Mesh POD SERVICE

Istio Service Mesh Developing Microservices with...HTTP1.1, HTTP2, gRPC, TCP w/TLS istioctl, API, config Quota, Telemetry Rate Limiting, ACL CA, SPIFFE Istio Service Mesh POD SERVICE

ServiceComb’s Exploration of Service Meshservicecomb.apache.org/assets/slides/20181012/EN/4_ServiceComb’s... · 10.24.0.23:8080 10.24.0.24:8080... Apollo Istio. 10 Huawei Confidential

ServiceComb’s Exploration of Service Meshservicecomb.apache.org/assets/slides/20181012/EN/4_ServiceComb’s... · 10.24.0.23:8080 10.24.0.24:8080... Apollo Istio. 10 Huawei Confidential

Service Provisioning for Wireless Mesh Networks

Service Provisioning for Wireless Mesh Networks

Securing Microservices with Istio

Securing Microservices with Istio

Service Mesh The Salesforce - Istio

Service Mesh The Salesforce - Istio

Service Mesh with VMware NSX€¦  · Web viewVMware NSX Service Mesh is an abstraction layer for multiple data plane service meshes. The solution applies service mesh concepts such

Service Mesh with VMware NSX€¦  · Web viewVMware NSX Service Mesh is an abstraction layer for multiple data plane service meshes. The solution applies service mesh concepts such

Istio Service Meshpeople.redhat.com/abach/OSAW/FILES/DAY2/7 Istio Service Mesh.pdf · Enforce consistently across diverse protocols and runtimes with little or no application changes.

Istio Service Meshpeople.redhat.com/abach/OSAW/FILES/DAY2/7 Istio Service Mesh.pdf · Enforce consistently across diverse protocols and runtimes with little or no application changes.

Best practice: from spring cloud to Istio

Best practice: from spring cloud to Istio

FAMILY ISTIOPHORIDAE ISTIO Makaira ISTIO Istio Istiophorus

FAMILY ISTIOPHORIDAE ISTIO Makaira ISTIO Istio Istiophorus

Attack in a Service Mesh

Attack in a Service Mesh

Lyft's Envoy: Embracing a Service Mesh

Lyft's Envoy: Embracing a Service Mesh

Istio in Action MEAP V03 - Chapter 1 · Istio is an opensource project that aims to help folks connect - ... C Control-plane lifecyle management . D Istio compared to other service

Istio in Action MEAP V03 - Chapter 1 · Istio is an opensource project that aims to help folks connect - ... C Control-plane lifecyle management . D Istio compared to other service

How to Manage Any Layer-7 Traic in an Istio Service Mesh?

How to Manage Any Layer-7 Traic in an Istio Service Mesh?

Istio Journey Airbnb’s

Istio Journey Airbnb’s

FAMILY ISTIOPHORIDAE ISTIO Makaira ISTIO Istio ...forage organisms during the warmer season and back to warm waters for spawning or over-wintering during the colder season. Being among

FAMILY ISTIOPHORIDAE ISTIO Makaira ISTIO Istio ...forage organisms during the warmer season and back to warm waters for spawning or over-wintering during the colder season. Being among