Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Microservice Architecture on Kubernetes - Husey...

DevOpsDays Zurich
May 14, 2019
Technology
1
440

Microservice Architecture on Kubernetes - Huseyin Babal

Production-grade best practices gained from experience on Sony and eBay on Microservice architecture on Kubernetes.
In this session, there will be best practices for migrating/architecting microservices on Kubernetes environment. There will be a brief introduction to Kubernetes followed by, building images, deployment strategies, CI/CD integration, autoscaling, logging architecture, and service mesh. Those items will be supported by code/configuration pieces.

DevOpsDays Zurich

May 14, 2019
Tweet

More Decks by DevOpsDays Zurich

See All by DevOpsDays Zurich
Rethinking Agile – Klaus Leopold
dodzh
3
2.5k
What is your done? - Alex Lichtenberger
dodzh
4
400
Using Design Methods to Establish Healthy DevOps Practices - Aras Bilgen
dodzh
0
330
AIOps leveraged by Deep Learning and Knowledge Graph data representations - Florian Krausbeck
dodzh
0
1.2k
The Phoenix Project - A DevOps business simulation - Jochen Reinholdt
dodzh
0
160
Battle of the Circuit Breakers: Resilience4J vs Istio - Nicolas Fränkel
dodzh
1
1k
Why do we want to introduce DevOps? - Romano Roth
dodzh
0
250
Better On-Call the SRE Way - Ramón Medrano Llamas
dodzh
0
280
Reliability Engineering - Mary Poppendieck
dodzh
0
330

Other Decks in Technology

See All in Technology
エンジニア人生の拡張性を高める 「探索型キャリア設計」の提案
tenshoku_draft
1
130
Lexical Analysis
shigashiyama
1
150
AWS Media Services 最新サービスアップデート 2024
eijikominami
0
200
AGIについてChatGPTに聞いてみた
blueb
0
130
B2B SaaSから見た最近のC#/.NETの進化
sansantech
PRO
0
910
VideoMamba: State Space Model for Efficient Video Understanding
chou500
0
190
個人でもIAM Identity Centerを使おう!(アクセス管理編)
ryder472
4
230
障害対応指揮の意思決定と情報共有における価値観 / Waroom Meetup #2
arthur1
5
490
AWS Lambda のトラブルシュートをしていて思うこと
kazzpapa3
2
180
Engineer Career Talk
lycorp_recruit_jp
0
190
ドメインの本質を掴む / Get the essence of the domain
sinsoku
2
160
Terraform Stacks入門 #HashiTalks
msato
0
360

Featured

See All Featured
Speed Design
sergeychernyshev
25
620
BBQ
matthewcrist
85
9.3k
Site-Speed That Sticks
csswizardry
0
28
The Psychology of Web Performance [Beyond Tellerrand 2023]
tammyeverts
44
2.2k
How to Think Like a Performance Engineer
csswizardry
20
1.1k
I Don’t Have Time: Getting Over the Fear to Launch Your Podcast
jcasabona
28
2k
What's in a price? How to price your products and services
michaelherold
243
12k
Bootstrapping a Software Product
garrettdimon
PRO
305
110k
Rebuilding a faster, lazier Slack
samanthasiow
79
8.7k
The Power of CSS Pseudo Elements
geoffreycrofte
73
5.3k
Designing on Purpose - Digital PM Summit 2013
jponch
115
7k
Gamification - CAS2011
davidbonilla
80
5k

Transcript

  1. Microservice Architecture on Kubernetes Huseyin BABAL Software Development Team Lead

    @ Hazelcast Cloud

  2. Who Am I? Currently Implementing Hazelcast Cloud Ex-Sony and Ex-eBay

    Engineer (Microservice Transformation Project Architect) Organizer of Docker Istanbul, NodeSchool Istanbul, DevOps Underground meetups

  3. #1 Kubernetes Overview

  4. What is it? Open-source platform for managing containerized workloads and

    services.

  5. How to use? You can see managed versions of kubernetes

    on Google Cloud, AWS, and Azure. You can use kubespray to deploy k8s on datacenter. We will focused on architectural overview rather than how to install k8s from now on.

  6. #2 Cluster Environment Architecture

  7. When you use k8s, you will forget about infrastructure level

    operations and mainly focus on architecting your applications.

  8. Environments According to your needs, you may need different environments

    like dev, staging, prod for different purposes. Let see how we can do this.

  9. Cluster Level Isolation You can setup cluster per environment to

    have maximum isolation. Dev Staging Prod Cluster 1 Cluster 2 Cluster 3

  10. Namespace Level Isolation You can create namespace per environment to

    isolate them Cluster Dev Staging Prod

  11. Tip Do not put all the things in default namespace,

    it will be very hard to manage them in the future. If you want to put all the things in default namespace, you will need to have good labelling on your pods to filter them based on needs

  12. Prometheus Grafana Unsee Product Service User Service Category Service Payment

    Service Payment Worker Scoring Worker Billing Worker monitoring microservice worker

  13. Good Tools for Daily Kubernetes kubectx: A tool for managing

    your kubernetes context kubens: A tool for managing your kubernetes namespace Thanks Ahmet Alp Balkan for those wonderful tools https://github.com/ahmetb

  14. Kubectx

  15. Kubens

  16. #3 Monitoring

  17. Monitor Everything

  18. Prometheus Prometheus is capable of collecting metrics from known sources

    like cAdvisor. Prometheus is mainly used for collecting metrics and alert manager to notify you on any kind of problem

  19. Prometheus Operator Hopefully, CoreOS team developed a project called prometheus

    operator to collect k8s specific metrics automatically. https://github.com/coreos/prometheus-operator

  20. Getting Started You can install Prometheus with Helm charts

  21. Visualization Prometheus lets us to keep track of external services

    by using some endpoint via exporters. To visualize metrics, we will use grafana.
  22. None

  23. Alert Manager

  24. Monitoring Multiple Clusters If you have multiple clusters to be

    monitored, you can use Prometheus Federation. This is simply handled by selection one member as central monitoring member and it is capable of collecting metrics from others.

  25. Federation Sample

  26. #4 Public Traffic

  27. Cloud Based Scenario There are several ways to provide public

    traffic to k8s cluster, but in this scenario, we will go through a kubernetes cluster exists on AWS.

  28. Nginx Ingress You can expose your service to the outside

    in several ways like as LoadBalancer. However, creating an LB for each will be hard to manage and costful. When you deploy Nginx Ingress on kubernetes environment, it will automatically create a Load Balancer.

  29. Route53 If you have managed domain name on Route53, you

    can simply add a CNAME record to point domain to LB. Every request will be proxied to k8s cluster entrance, but how about pointing to specific service?

  30. Ingress Rules You can use ingress rule to proxy incoming

    requests to specific service in k8s.
  31. None

  32. Route53 Load Balancer Nginx Ingress Product Service User Service Kubernetes

    Cluster

  33. #5 Microservice Overview

  34. Once upon a time while we are in monolithic app

    days

  35. After switching to Microservice Architecture ...

  36. And yes, the truth is, only the name Microservice Architecture

    cannot solve your architectural problems. You need to consider applying best practices to Microservices to do it in an efficient way

  37. #6 Try to Reach Glory of REST

  38. Leonard Richardson’s Maturity Model •

  39. #7 k8s Warm-up

  40. Project Structure

  41. deployment.yml

  42. service.yml

  43. Kubectl configuration Kubectl is a client app for k8s api

    server in order to manage k8s cluster. If you use minikube, your kubectl will be automatically configured, and it is different for other cloud providers.

  44. Simple deployment git clone <http://project> cd <project> kubectl apply -f

    k8s

  45. Handling Confidential Data If you have confidential data like db

    password, api secret, etc… you can store them inside Kubernetes secrets kubectl -n microservice create secret generic product-service --from-literal=dbpassword=${dbpassword}
  46. None

  47. #8 Continuous Delivery

  48. Build Test Deploy Cloud Provider

  49. None

  50. Slack Notifications

  51. Deployment Script

  52. Deployment Types • Rolling Update • Canary Deployment • Blue

    / Green Deployment

  53. Rolling Update Deployment resource on k8s uses RollingUpdate strategy by

    default. Within this strategy, pods deployed one by one instead of taking entire service down.

  54. Canary Deployment You deploy an experimental feature and allow small

    amount of request traffic to this deployment. You increment the size of traffic and after a while, canary replaces the production one
  55. None
  56. None

  57. After a while... You confirmed that, the feature on canary

    deployment works, replace prod image with canary one and delete canary deployment
  58. None

  59. Blue & Green Deployment In this strategy, there will be

    2 environments with same properties except application version. The current version will be called blue and new version will be green. Just update ingress rules to redirect traffic to green deployment.

  60. #9 Distributed Configuration

  61. Why Not Project Specific Configs? • Sensitive data walks around

    Git • Unable to inherit common properties like spring.main.banner-mode=OFF

  62. How to Centralized Config? • Consul can be used to

    keep config data as Key/Value • Create a project for just keeping project configurations. • Git2Consul for sync configuration to Consul

  63. Architecture Git2Consull Daemon Config Project Git push new config change

    Polling Sync configs to Consul User

  64. Spring Boot Config

  65. Spring Boot Config (Test)

  66. Git2Consul npm install -g git2consul Create a file called git2consul.json

    and add necessary config git2consul --endpoint <consul_host> --port 8500 --config-file git2consul.json

  67. Git2Consul Config File

  68. Pro Tip By default, Spring Boot refreshes its context on

    config change on Consul. This may cause down time problems, so disable config change watching with following.

  69. #10 Client Code Generation

  70. How? You can either use Swagger to generate your client

    code on any supported language, or feign client with a little annotation and client side load balancing with Ribbon.

  71. Feign Client

  72. Swagger Doc

  73. Swagger Doc Now you are able to access; http://your_api/swagger-ui.html for

    api documentation http://your_api/v2/api-docs for json specification of API doc.

  74. Swagger Codegen

  75. Pro Tip The best place to generate api client is

    while Jenkins build section. • If you are deploying a feature to non-prod environment you can generate client library with snapshot version and push to nexus. • If you are deploying a feature to prod environment, you can generate client with stable and push to nexus artifactory

  76. #11 Logging

  77. Spring Boot Logging

  78. Logging Types • Node Level Logging • Cluster Level Logging

  79. Node Level Logging

  80. Cluster-Level Logging

  81. You can use several technology to send your logs to

    logging backend. It can be Graylog, ELK, etc...
  82. None

  83. Humio

  84. None

  85. Installation helm install --version "v0.8.0" stable/fluent-bit --name=humio-agent -f humio-agent.yaml

  86. #12 APM & Service Mesh

  87. Why to Monitor Service Metrics? Beautiful graphs and dashboard fetched

    from log resources may not be helpful for you every time when you face a difficult issue. You may need to see your service insights to find the root cause.

  88. Tools Can Be Used NewRelic, AppDynamics, DynaTrace, Zipkin can be

    suggestion for your APM monitoring. However, in a containerized microservices world, you may need to have a tool that works in real-time and has some AI capabilities.

  89. Instana Instana is an AI Powered Application and Infrastructure Monitoring

  90. None
  91. None
  92. None
  93. None
  94. None
  95. None

  96. Any Question? /huseyinbabal /huseyinbabal https://huseyinbabal.com