Implementing Blue/Green Deployments with Istio Machine - - PowerPoint PPT Presentation

▶

Jan 14, 2024 278 likes •562 views

Implementing Blue/Green Deployments with Istio Machine Intelligence Modern Infrastructure http://mi2.live What is MI2? MI2 Webinars focus on the convergence of machine intelligence and modern infrastructure . Every alternate week, I deliver

SLIDE 1

Machine Intelligence Modern Infrastructure

http://mi2.live

Implementing Blue/Green Deployments with Istio

SLIDE 2

What is MI2?

MI2 Webinars focus on the convergence of machine intelligence and modern infrastructure. Every alternate week, I deliver informative and insightful sessions covering cutting-edge technologies. Each webinar is complemented by a tutorial, code snippets, and a video. MI2 strives to be an independent and neutral platform for exploring emerging technologies.

SLIDE 3

Objectives

Overview of Microservices
Challenges involved with Microservices
Why use a Service Mesh?
Big picture of Istio
Closer look at traffic routing policies
Demo
Summary

SLIDE 4

Traditional 3 Tier Architecture

Business Logic UI Data

SLIDE 5

Traditional 3 Tier Architecture

UI Data C1 C2 C3 AS 1 C1 C2 C3 AS 2 C1 C2 C3 AS 3 C1 C2 C3 AS 4

SLIDE 6

Microservices Architecture

UI Data Cluster Manager Node 1 C3 C1 C2 C1 Node 2 C3 C1 C2 C3 Node 3 C3 C1 C2 C3 Node 4 C3 C1 C2 C3 Node 5 C3 C1 C2 C1

SLIDE 7

Microservices Architecture

S1 S2 S3

SLIDE 8

Challenges involved with Microservices

Service A Service B Service C Service D

External Service

SLIDE 9

Challenges involved with Microservices

Service A Service B Service C Service D

External Service Python Java C# Ruby

SLIDE 10

Challenges involved with Microservices

Service A Service B Service C Service D

External Service

Agent Agent Agent Agent

Python Java C# Ruby

SLIDE 11

Challenges involved with Microservices

Service A Service B Service C Service D

External Service

Agent Agent Agent Agent

Python Java C# Ruby H T T P HTTP/2 gRPC GraphQL

SLIDE 12

Challenges involved with Microservices

Service A Service B Service C Service D

External Service

Agent Agent Agent Agent

Python Java C# Ruby H T T P HTTP/2 gRPC GraphQL L7 L4

SLIDE 13

Challenges involved with Microservices

Service A Service B Service C Service D

External Service

Agent Agent Agent Agent

Python Java C# Ruby H T T P HTTP/2 gRPC GraphQL L7 L4

Central Monitoring Service

SLIDE 14

Challenges involved with Microservices

Polyglot programming model
Language-specific tools and SDKs
Diverse set of protocols
Multiple deployment targets
Combination of load balancers
Complex debugging
Lack of visibility and observability
Hard to implement the best practices of distributed computing
Decentralized authentication and authorization

SLIDE 15

Service Mesh - A Possible Solution

Out of process architecture
Clean separation of data plane and control plane
Support internal and external load balancing (L3/L4/L7)
Consistent Service discovery
Extensible protocol support
Advanced health checks
Real-time monitoring, logging, tracing
Best practices of distributed computing

SLIDE 16

Service Mesh – Control Plane vs Data Plane

Service A Service B Service C Service D

External Service

Proxy Proxy Proxy Proxy

Python Java C# Ruby H T T P HTTP/2 gRPC GraphQL L7 L4

Control Plane

SLIDE 17

What is Istio?

Connect
Intelligent traffic routing and flow
Secure
Managed authentication, encryption
Control
Enforce policy-driven communication across services
Observe
Automatic tracing, monitoring, and logging

SLIDE 18

Istio – Control Plane vs. Data Plane

Service A Service B Service C Service D

External Service

Proxy Proxy Proxy Proxy

Python Java C# Ruby H T T P HTTP/2 gRPC GraphQL L7 L4

Istio Control Plane

SLIDE 19

Microservice 1 Microservice 2 Proxy Proxy

Istio Control Plane Observability Network Management Service Discovery Policy Definition

Istio Building Blocks

SLIDE 20

Istio Architecture

SLIDE 21

Key Concepts of Istio Traffic Management

VirtualService defines the rules that control how requests for a service are routed

within an Istio service mesh.

DestinationRule configures the set of policies to be applied to a request after

VirtualService routing has occurred.

ServiceEntry is commonly used to enable requests to services outside of an Istio

service mesh.

Gateway configures a load balancer for HTTP/TCP traffic operating at the edge of

the mesh, most commonly to enable ingress traffic for an application.

Sidecar configures one or more sidecar proxies attached to application workloads

running inside the mesh.

SLIDE 22

Blue/Green Deployments with Istio

SLIDE 23

What are we building?

Two versions of the same applications deployed in Kubernetes
Dynamically adjusting the traffic routing to the application via

Istio rules

SLIDE 24

DEMO

Performing Blue/Green Deployments

SLIDE 25

Summary

Automatic load balancing for HTTP, gRPC, WebSocket, and TCP traffic
Fine-grained control of traffic behavior with rich routing rules, retries, failovers, and fault

injection

A pluggable policy layer and configuration API supporting access controls, rate limits

and quotas

Automatic metrics, logs, and traces for all traffic within a cluster, including cluster

ingress and egress

Secure service-to-service communication in a cluster with strong identity-based

authentication and authorization

SLIDE 26

MI2 Sponsors

SLIDE 27

Next Webinar

Ge Getting ing Started wit ith Azure Io IoT Edge ge

Azure IoT Edge is an Internet of Things (IoT) service that builds on top of Azure IoT

Hub. By moving parts of an IoT workload to the edge, devices can spend less time

sending messages to the cloud and react more quickly to changes in status. Attend this session to learn how to use Azure IoT Edge to build intelligent applications that run at the edge.

Thursday, April 18th, 2019 9:00 AM PST / 9:30 PM IST