Kuma

Transcript

1. Kuma ৮ͬͯΈͨ Takafumi Ikeda Solution Engineer, Kong

2. @ikeike443 Takafumi Ikeda Solutions Engineer

3. None

4. Kuma ͱ͸

5. • ϢχόʔαϧίϯτϩʔϧϓϨʔϯ • ܰྔͳσʔλϓϨʔϯ: Envoyϕʔε, L4/L7 • DPΠϯδΣΫγϣϯ: ίʔυมߋͳ͠Ͱk8s, VMʹDP஫ೖ

   • ๛෋ͳػೳ: mTLS, Traffic Segmentation, Traffic Routing, Traffic Metrics, Traffic Logs, Health- checking, etc • ϚϧνϓϥοτϑΥʔϜ: k8s, VM, ϕΞϝλϧ • ήʔτ΢ΣΠ࿈ܞ: KongΛ࢝Ίͱ͢ΔAPI Gateway/IngressʹରԠ

6. Kuma.io/install

7. ./conf/kuma-cp.conf ./bin/kuma-dp ./bin/kuma-cp ./bin/kumactl Kuma Files ./bin/kuma-tcp-echo ./kuma-prometheus-sd ./bin/envoy ./README

8. Kuma.io In Kubernetes In Universal

9. CPΠϯετʔϧ͓ΑͼDPΠϯδΣΫγϣϯ

10. backend-api elasticsearch redis frontend-app αϯϓϧΞϓϦέʔγϣϯ

11. None
12. None
13. None
14. None
15. None

16. Mutual TLSͷઃఆ

17. Kuma.io backend-api elasticsearch redis frontend-app mTLS mTLS mTLS

18. INSERT AN IMAGE FOR ALL THE AREA mTLS 18 $

    cat <<EOF | kubectl apply -f - apiVersion: kuma.io/v1alpha1 kind: Mesh metadata: name: default spec: mtls: ca: builtin: {} enabled: true EOF

19. Traffic Permissionsͷઃఆ

20. INSERT AN IMAGE FOR ALL THE AREA Traffic-permission 20 $

    cat <<EOF | kubectl apply -f - apiVersion: kuma.io/v1alpha1 kind: TrafficPermission mesh: default metadata: namespace: kuma-demo name: frontend-to-backend spec: sources: - match: service: frontend.kuma-demo.svc:80 destinations: - match: service: backend.kuma-demo.svc:3001 EOF

21. Kong Integration

22. Kuma.io API Server kuma-system kuma-demo kuma-injector Search Back-end Reviews-Redis Envoy

    Sidecar Proxy Envoy Sidecar Proxy Envoy Sidecar Proxy labels: kuma.io/sidecar-injection: enabled Ingress/GW Envoy Sidecar Proxy Front-end Envoy Sidecar Proxy Kong Integration (Gateway Mode)

23. Traffic Routing/Canary - New in 0.3.2

24. Kuma.io backend-api v0 frontend-app backend-api v1 backend-api v2 Weight: 80

    Weight: 0 Weight: 20

25. ·ͱΊ • Kuma͸Πϯετʔϧ͕؆୯Ͱѻ͍΍͍͢ • k8sωΠςΟϒαϙʔτʹՃ͑ͯVM, ϕΞϝλϧ΋ಉ͡Α͏ʹαʔϏεϝογϡΛద༻Ͱ͖Δ • ͔ͳΓए͍ϓϩδΣΫτ͕ͩɺ։ൃ΋ΞΫςΟϒʹߦΘΕ͍ͯͯ੒௕͕ظ଴Ͱ͖Δ • ϓϩμΫγϣϯࣄྫ͸·ͩ΄ͱΜͲͳ͍ɺ͜Ε͔ΒͷϓϩδΣΫτ

26. Slack: https://chat.kuma.io μ΢ϯϩʔυ: kuma.io/install ΫΠοΫσϞ: https://github.com/Kong/kuma-demo ϦϯΫू