CSCI2952-F Microservices.. Day 2: Background Continued Outline - - PowerPoint PPT Presentation

csci2952 f
SMART_READER_LITE
LIVE PREVIEW

CSCI2952-F Microservices.. Day 2: Background Continued Outline - - PowerPoint PPT Presentation

Aug 15, 2022 237 likes •490 views

CSCI2952-F Microservices.. Day 2: Background Continued Outline Containers Versus VMs Service Mesh Design Patterns API Gateway Motivation Architecture eBPF YAML

slide-1
SLIDE 1

CSCI2952-F

Microservices.. Day 2: Background Continued

slide-2
SLIDE 2

Outline

  • Containers Versus VMs
  • Service Mesh Design Patterns
  • API Gateway
  • Motivation
  • Architecture
  • eBPF
  • YAML
slide-3
SLIDE 3

https://www.computerworld.com/article/3427686/how-containers-cut-server-costs-at-the- financial-times-by-80-percent.html

slide-4
SLIDE 4

Deployment Differences

https://kubernetes.io/docs/concepts/overview/what-is-kubernetes/ Containers == process + name space isolation

  • Containers are more lightweight

than VMs

  • Shared OS
  • Limited isolation between

containers https://www.researchgate.net/publication/309961613_Containers_and_Virtual_Machines_at_Scale_A_Comparative_Study

slide-5
SLIDE 5

Outline

  • Containers Versus VMs
  • Service Mesh Design Patterns
  • API Gateway
  • Motivation
  • Architecture
  • eBPF
  • YAML
slide-6
SLIDE 6

Recall….

ControlPlane (Istio)

slide-7
SLIDE 7

ServiceMesh(SM) Dataplane Design Patterns

Kernel Space Kernel Space Kernel Space Kernel Space Ω

slide-8
SLIDE 8

ServiceMesh (SM) Dataplane Design Patterns

  • https://thrift.apache.org/static/files/thrift-20070401.pdf

Kernel Space Kernel Space Kernel Space Kernel Space Ω

SM is in RPC framework SM is in a separate user space Proxy SM is in a separate user space Proxy SM is in the kernel (eBPF)

What are the pros/cons of the different approaches? https://forms.gle/aERbanJoxayLFa176

slide-9
SLIDE 9
slide-10
SLIDE 10

ServiceMesh (SM) Dataplane Design Patterns

  • https://thrift.apache.org/static/files/thrift-20070401.pdf

Kernel Space Kernel Space Kernel Space Kernel Space Ω

SM is in RPC framework

  • Used @ FB/Google
  • Tight coupling w/ code
  • Must recompile for changes
  • Low overhead
  • Minimal performance

SM is in a separate user space Proxy

  • Used @ lyft, DataDog, Tinder…

Chic-fila

  • Decouples app code from SM
  • Independent evolution
  • Fault tolerance properties
  • High overheads
  • Performance issues
  • One proxy per container

SM is in a separate user space Proxy

  • But proxy is shared by all

containers

  • Lower overheads
  • Performance issues
  • But lower fault tolerance

SM is in the kernel (eBPF)

  • Lower overheads
  • Minimal performance issues
  • But lower fault tolerance
  • Limited functionality
  • Requires rewriting everything in

eBPF

slide-11
SLIDE 11

ServiceMesh (SM) Controlplane Design Patterns

https://logz.io/blog/istio-linkerd-consul-comparison-service-meshes/

slide-12
SLIDE 12

https://cloudblogs.microsoft.com/opensource/2018/10/15/use

  • case-modern-service-mesh-consul-microsoft-azure-part-2/

https://www.cloudops.com/blog/comparing-service-meshes- istio-linkerd-and-consul-connect-citrix-adc/

  • Implements all features
  • Hard to configure
  • Issues at scale
  • Limited feature set
  • But easy to operate
  • Same binary everywhere
  • Easier to deploy
  • Well tested functionality
slide-13
SLIDE 13

https://events19.linuxfoundation.org/wp- content/uploads/2018/11/OSN-Days-PPT-Service-Mesh.pdf

slide-14
SLIDE 14

Performance Comparison of Popular Implementation

https://kinvolk.io/blog/2019/05/performance-benchmark-analysis-of-istio-and-linkerd/

slide-15
SLIDE 15

Performance Comparison of Popular Implementation

https://kinvolk.io/blog/2019/05/performance-benchmark-analysis-of-istio-and-linkerd/

slide-16
SLIDE 16

Which would you use?

  • https://forms.gle/6bzK6jJhEsPkiSad9
slide-17
SLIDE 17

Which would you use?

https://dzone.com/articles/service-mesh-comparison-istio-vs- linkerd

slide-18
SLIDE 18

Roundtable conversation at Kubecon; Me: which mesh do you use? AnonSRE: We are thinking of switching to Istio. It has a lot of features? Me: do you know how you will use them? AnonSRE: No, but we want to have the option to use them in the future

slide-19
SLIDE 19
slide-20
SLIDE 20

Recall….

ControlPlane (Istio) End Users End Users

  • How do users connect to your services? What are all the different ways?
  • How does this become complicated with a microservice infrastructure?
  • What functionality do you need at the edge to interact with these external users?
slide-21
SLIDE 21

ControlPlane (Istio) Browser Devs services USER Interface ControlPlane (Istio) Browser Devs services USER Interface API Gateway

  • API-Gateway unifies access from external API-based communications to internal services
  • API-GW provides uniform authentication, verification, auditing and routing
  • One codebase w/ identical policies and enforcement
slide-22
SLIDE 22

ControlPlane (Istio) Browser Devs services USER Interface API Gateway https://dzone.com/articles/thrift-api-gateway-part-1-bloody-core

  • API-Gateway unifies access from external API-based

communications to internal services

  • API-GW provides uniform authentication, verification,

auditing and routing

  • One codebase w/ identical policies and enforcement
slide-23
SLIDE 23

Outline

  • Service Mesh Design Patterns
  • API Gateway
  • Motivation
  • Architecture
  • eBPF
  • YAML