tra c routing with istio on oracle cloud
play

Trac Routing with Istio on Oracle Cloud Slides: - PowerPoint PPT Presentation

Aug 04, 2023 •483 likes •919 views

Trac Routing with Istio on Oracle Cloud Slides: https://slides.peterj.dev @pjausovec 1 / 43 Safe Harbor The following is intended to outline our general product direction. It is intended for information purposes only, and may not be

  1. Tra�c Routing with Istio on Oracle Cloud Slides: https://slides.peterj.dev @pjausovec 1 / 43

  2. Safe Harbor The following is intended to outline our general product direction. It is intended for information purposes only, and may not be incorporated into any contract. It is not a commitment to deliver any material, coe, or functionality, and should not be relied upon in making purchasing decisions. The development, release, timing, and princing of any features or functionality described for Oracle's products may change and remains at the sole discretion of Oracle Corporation. Statements in this presentation relating to Oracle's future plans, expectations, beliefts, intentions and prospects are "forward-looking statements" and are subject to material risks and uncertainties. A detailed discussion of these factors and other risks that a�ect our business is contained in Oracle's Securities and Exchange Commission (SEC) �lings, including our most recent reports on Form 10-K and Form 10-Q under the heading "Risk Factors." These �lings are available on the SEC's website or on Oracle's website at http://www.oracle.com/investor. All information in this presentation is current as of September 2019 and Oracle undertakes no duty to update any statement in light of new information or future events.

  3. Introduction I am Peter (@pjausovec) Software Engineer at Oracle Working on "cloud-native" stu� Books: Cloud Native: Using Containers, Functions, and Data to Build Next-Gen Apps SharePoint Development VSTO For Dummies Courses: Kubernetes Course (https://startkubernetes.com) Istio Service Mesh Course (https://learnistio.com) 3 / 43

  4. Docker? @pjausovec 4 / 43

  5. Kubernetes? @pjausovec 5 / 43

  6. Service Mesh @pjausovec 6 / 43

  7. Dedicated infrastructure layer to connect connect, manage connect manage, and secure manage secure secure connect connect manage manage secure secure workloads by managing the communication between them @pjausovec 7 / 43

  8. Istio service mesh Open source service mesh Google, IBM, Lyft Well-de�ned API Can be deployed on-premise, in the cloud Kubernetes Mesos @pjausovec 8 / 43

  9. @pjausovec 9 / 43

  10. @pjausovec 10 / 43

  11. @pjausovec 11 / 43

  12. @pjausovec 12 / 43

  13. Source: https://barkpost.com/cute/sidecar-dogs/ 13 / 43

  14. Service Mesh - Architecture Data plane (proxies) Run next to each service instance (or one per host) Istio uses Envoy proxy Intercept all incoming/outgoing requests ( iptables ) Con�gure on how to handle tra�c Emits metric Control plane Validates rules Translates high-level rules to proxy con�guration Updates the proxies/con�guration Collects metrics from proxies @pjausovec 14 / 43

  15. Service Mesh - Features Connect Layer 7 routing and tra�c management %-based tra�c split (URIs, header, scheme, method, ...) Circuit breakers, timeouts and retries Manage Telemetry (proxies collect metrics automatically -> tools: Grafana, Jaeger, Kiali) Visibility into service communication without code changes Secure Secure communication between services (mutual TLS) Identity + cert for each service @pjausovec 15 / 43

  16. @pjausovec 16 / 43

  17. Tra�c Management @pjausovec 17 / 43

  18. @pjausovec 18 / 43

  19. @pjausovec 19 / 43

  20. @pjausovec 20 / 43

  21. Tra�c Management Scenarios Canary "5% of the tra�c should go to v2 and 95% of the tra�c to v1" A/B tests "Is User-Agent header == Firefox, direct tra�c to v2 version" "Any requests to URL /api/user should be redirected to /api/v1/user" "All GET requests to /api/v2 all POST requests to /api/v1" ... @pjausovec 21 / 43

  22. Tra�c Management Scenarios Ingress Gateway Route domains/subdomains to di�erent services https://hello.example.com → hello-svc https://blog.example.com → blog-svc https://other-domain.com → some-service Egress Gateway/Service Entry Control outgoing tra�c/external services Mirroring/Shadowing Duplicate incoming requests and send them to di�erent service @pjausovec 22 / 43

  23. Service Mesh - Istio Tra�c Management Resources Gateway VirtualService DestinationRule ServiceEntry Sidecar @pjausovec 23 / 43

  24. Service Mesh - Virtual Service 1 apiVersion: networking.istio.io/v1alpha3 2 kind: VirtualService 3 metadata: 4 name: serviceb-vs 5 spec: 6 hosts: 7 - service- b .default.svc.cluster.local 8 http: 9 - route: 10 - destination: 11 host: service- b .default.svc.cluster.local 12 subset: v1 13 weight: 98 14 - destination: 15 host: service- b .default.svc.cluster.local 16 subset: v2 17 weight: 2 @pjausovec 24 / 43

  25. Service Mesh - Destination Rule apiVersion: networking.istio.io/v1alpha3 kind: DestinationRule metadata: name: serviceb-dr spec: host: service-b.default.svc.cluster.local subsets: - name: v1 labels: version: v1 - name: v2 labels: version: v2 trafficPolicy: tls: mode: ISTIO_MUTUAL @pjausovec 25 / 43

  26. @pjausovec 26 / 43

  27. @pjausovec 27 / 43

  28. Destination rule 1 apiVersion : networking.istio.io/v1alpha3 2 kind : DestinationRule 3 metadata : 4 name : serviceb-dr 5 spec : 6 host : service-b.default.svc.cluster.local 7 subsets : 8 - name : v1 9 labels : 10 version : v1 11 - name : v2 12 labels : 13 version : v2 @pjausovec 28 / 43

  29. Virtual service 1 ... 2 http: 3 - route: 4 - destination: 5 host: service- b .default.svc.cluster.local 6 subset: v1 7 weight: 30 @pjausovec 29 / 43

  30. @pjausovec 30 / 43

  31. @pjausovec 31 / 43

  32. @pjausovec 32 / 43

  33. Service Mesh - Service Entry 1 apiVersion : networking.istio.io/v1alpha3 2 kind : ServiceEntry 3 metadata : 4 name : movie-db 5 spec : 6 hosts : 7 - api.themoviedb.org 8 ports : 9 - number : 443 10 name : https 11 protocol : HTTPS 12 resolution : DNS 13 location : MESH_EXTERNAL @pjausovec 33 / 43

  34. Service Mesh - Gateway 1 apiVersion : networking.istio.io/v1alpha3 2 kind : Gateway 3 metadata : 4 name : gateway 5 spec : 6 selector : 7 istio : ingressgateway 8 servers : 9 - port : 10 number : 80 11 name : http 12 protocol : HTTP 13 hosts : 14 - "hello.example.com" @pjausovec 34 / 43

  35. @pjausovec 35 / 43

  36. @pjausovec 36 / 43

  37. @pjausovec 37 / 43

  38. @pjausovec 38 / 43

  39. Service Mesh - Sidecar 1 apiVersion : networking.istio.io/v1alpha3 2 kind : Sidecar 3 metadata : 4 name : default 5 namespace : prod-us-west-1 6 spec : 7 egress : 8 - hosts : 9 - 'prod-us-west-1/*' 10 - 'prod-apis/*' 11 - 'istio-system/*' @pjausovec 39 / 43

  40. @pjausovec 40 / 43

  41. Resources Kubernetes on Oracle Cloud (OKE) - (https://cloud.oracle.com) Kubernetes - (https://kubernetes.io) Istio - (https://istio.io) Oracle Microservices Example MuShop - https://github.com/oracle-quickstart/oci-cloudnative @pjausovec 41 / 43

  42. Thank you Slides: https://slides.peterj.dev Contact @pjausovec https://peterj.dev @pjausovec 42 / 43

  43. Table of Contents Introduction Service Mesh Tra�c Management Resources @pjausovec 43 / 43

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Using Istio and Envoy for Edge Routing in Cloud Foundry Shubha Anjur Tupil Product Manager,

Using Istio and Envoy for Edge Routing in Cloud Foundry Shubha Anjur Tupil Product Manager,

Using Istio and Envoy for Edge Routing in Cloud Foundry Shubha Anjur Tupil Product Manager, Pivotal Aaron Hurley Engineer, Pivotal Cloud Foundry is an Open Source Cloud Application Platform Integration friendly Any App Interoperable

689 views • 22 slides
Oracle Buys Taleo Adds Leading Talent Management Cloud Offering to the Oracle Public Cloud April

Oracle Buys Taleo Adds Leading Talent Management Cloud Offering to the Oracle Public Cloud April

D R A F <Insert Picture Here> T Oracle Buys Taleo Adds Leading Talent Management Cloud Offering to the Oracle Public Cloud April 5, 2012 Oracle is currently reviewing the existing Taleo product roadmap and will be providing guidance

234 views • 11 slides
AWS to Oracle Cloud Migration Gemma Wood 1 About Me Gemma Wood Co-Founder of Cavanti,

AWS to Oracle Cloud Migration Gemma Wood 1 About Me Gemma Wood Co-Founder of Cavanti,

AWS to Oracle Cloud Migration Gemma Wood 1 About Me Gemma Wood Co-Founder of Cavanti, responsible for product development Oracle Developer since 1995, initially Oracle E-Business Suite. Focused exclusively on Oracle APEX for

556 views • 13 slides
10 Ways Oracle Cloud Is Better Than AWS BY UMAIR MANSOOB Agenda Introduction Overview

10 Ways Oracle Cloud Is Better Than AWS BY UMAIR MANSOOB Agenda Introduction Overview

10 Ways Oracle Cloud Is Better Than AWS BY UMAIR MANSOOB Agenda Introduction Overview 10 Ways Oracle cloud is Better Than AWS 1. Complete Cloud Solution 2. One Hardware & Software Vendor 3. Managed Services 4. Robust

533 views • 15 slides
Oracle Buys ClearTrial Adds Leading Cloud-based Clinical Trial Operations and Analytics

Oracle Buys ClearTrial Adds Leading Cloud-based Clinical Trial Operations and Analytics

<Insert Picture Here> Oracle Buys ClearTrial Adds Leading Cloud-based Clinical Trial Operations and Analytics Applications to the Oracle Health Sciences Suite April 12, 2012 Oracle is currently reviewing the existing ClearTrial product

616 views • 12 slides
Service Mesh from the Ground Up: How Istio Can Transform Your Organization Megan O'Keefe Hello!

Service Mesh from the Ground Up: How Istio Can Transform Your Organization Megan O'Keefe Hello!

Service Mesh from the Ground Up: How Istio Can Transform Your Organization Megan O'Keefe Hello! I'm a Developer Relations Engineer at Google Cloud. I help make Google's products easy to adopt and use. I test-drive new features,

1.86k views • 135 slides
& the architecture along the way! @mt165 mt165.co.uk The life of a packet through Istio

& the architecture along the way! @mt165 mt165.co.uk The life of a packet through Istio

QCon London March 2019 & the architecture along the way! @mt165 mt165.co.uk The life of a packet through Istio @mt165 Objectives Learn how a packet traverses an Istio/Envoy/Kubernetes system See what control plane calls are made in that

756 views • 51 slides
Solucionando Problemas de Microsservios com Service Mesh: Istio e Envoy Edson Yanaga (@yanaga)

Solucionando Problemas de Microsservios com Service Mesh: Istio e Envoy Edson Yanaga (@yanaga)

Solucionando Problemas de Microsservios com Service Mesh: Istio e Envoy Edson Yanaga (@yanaga) bit.ly/istio-tutorial @yanaga - bit.ly/istio-intro 1 @yanaga Edson Yanaga Raffle Rules @yanaga - Follow: - With a picture of the session -

1.16k views • 84 slides
Visualization? Wayne D. Van Sluys Lead Consultant & Oracle ACE info@interrel.com

Visualization? Wayne D. Van Sluys Lead Consultant & Oracle ACE info@interrel.com

What is Oracle Data Visualization? Wayne D. Van Sluys Lead Consultant & Oracle ACE info@interrel.com epm.bi/videos Oracle Analytics Partner of the Year interRel Highlights and Company Overview Awards #1 EPM Cloud Partner Focused on

825 views • 70 slides
Oracle Buys AmberPoint Strengthens Oracle Fusion Middleware SOA Suite and Oracle Enterprise

Oracle Buys AmberPoint Strengthens Oracle Fusion Middleware SOA Suite and Oracle Enterprise

Oracle Buys AmberPoint Strengthens Oracle Fusion Middleware SOA Suite and Oracle Enterprise Manager with Best-in-Class SOA Management Capabilities February 12, 2010 Oracle is currently reviewing the existing AmberPoints product roadmap and

774 views • 19 slides
The Cloud Native Elephant in the Room The Cloud Native Elephant in the Room Bob Quillin, VP

The Cloud Native Elephant in the Room The Cloud Native Elephant in the Room Bob Quillin, VP

The Cloud Native Elephant in the Room The Cloud Native Elephant in the Room Bob Quillin, VP Developer Relations Oracle Cloud Bob Quillin, VP Developer Relations Oracle Cloud @bobquillin @bobquillin Cloud Native: New Rules, New Game How we

351 views • 17 slides
Networking on the ground, in the cloud, and in containers What is in the box? Router A computer

Networking on the ground, in the cloud, and in containers What is in the box? Router A computer

Networking on the ground, in the cloud, and in containers What is in the box? Router A computer optimized for routing and forwarding Operating system to manage resources Routing protocol implementations (e.g., BGP, OSPF) Lots of

200 views • 18 slides
Oracle Service Cloud for # Change the Economics of Service Delivery Connected Customer Processes

Oracle Service Cloud for # Change the Economics of Service Delivery Connected Customer Processes

ANNEX D Oracle Service Cloud for # Change the Economics of Service Delivery Connected Customer Processes ANNEX D Revs & Bens Resources GIS Pay LLPG Content Booking Children & Planning & Adult Regen Services Env.

182 views • 5 slides
Daily backups should be performed on the Data Center servers. NC & SC use rman

Daily backups should be performed on the Data Center servers. NC & SC use rman

CISN/RSNs are currently running Oracle 10g Release 2. Oracle 11g Release 2 is the latest Oracle version. Oracle releases Critical Patch Updates on a quarterly basis. They contain security fixes and should be installed promptly.

330 views • 8 slides
Comparison of AWS, Azure, and Oracle Device Models W3C Web of Things Open Day 26.3.2018, Prague

Comparison of AWS, Azure, and Oracle Device Models W3C Web of Things Open Day 26.3.2018, Prague

Comparison of AWS, Azure, and Oracle Device Models W3C Web of Things Open Day 26.3.2018, Prague Michael.Lagally@oracle.com Outline This presentaJon takes a focused view on the device concepts in the IoT cloud plaNorms of Amazon (AWS Device

454 views • 34 slides
CS5412: THE CLOUD UNDER ATTACK! Lecture XXIV Ken Birman For all its virtues, the cloud is

CS5412: THE CLOUD UNDER ATTACK! Lecture XXIV Ken Birman For all its virtues, the cloud is

1 CS5412: THE CLOUD UNDER ATTACK! Lecture XXIV Ken Birman For all its virtues, the cloud is risky! 2 Categories of concerns Client platform inadequacies, code download, browser insecurities Internet outages, routing problems,

816 views • 50 slides
ASURE an applied-research organization affiliated with the nation s fastest growing research

ASURE an applied-research organization affiliated with the nation s fastest growing research

The Aerospace & Defense Forum Arizona Chapter May 12, 2015 ASU RESEARCH ENTERPRISE Introductory Briefing Security | Innovation | Service We conceive | We develop | We implement | We deliver ASURE ASURE an applied-research

488 views • 16 slides
Analysis and design covariance inflation methods from functional viewpoint Le Duc 13 , Kazuo

Analysis and design covariance inflation methods from functional viewpoint Le Duc 13 , Kazuo

Analysis and design covariance inflation methods from functional viewpoint Le Duc 13 , Kazuo Saito 23 , and Daisuke Hotta 3 1 Japan Agency for Marine-Earth Sciences and Technology 2 AORI, University of Tokyo 3 Meteorology Research Institute of

1.23k views • 65 slides
L. Parent , N. Ferry, B. Barnier, G. Garric, C. Bricaud, C-E Testut, O. Le Galloudec, J-M

L. Parent , N. Ferry, B. Barnier, G. Garric, C. Bricaud, C-E Testut, O. Le Galloudec, J-M

GLOBAL Eddy-Permitting Ocean Reanalyses and Simulations of the period 1992 to Present L. Parent , N. Ferry, B. Barnier, G. Garric, C. Bricaud, C-E Testut, O. Le Galloudec, J-M Lellouche, E. Greiner, M. Drevillon, E. Rmy J-M Molines, Mercator

727 views • 27 slides
Corporate social responsibility 12,3 and organizational effectiveness of insurance companies in

Corporate social responsibility 12,3 and organizational effectiveness of insurance companies in

The current issue and full text archive of this journal is available at www.emeraldinsight.com/1526-5943.htm JRF Corporate social responsibility 12,3 and organizational effectiveness of insurance companies in Nigeria 156 Folake Olowokudejo

755 views • 12 slides
Shaded blue area is Boylen CI the existing Nelson A. Maple Leaf PS Boylen CI Secondary Weston

Shaded blue area is Boylen CI the existing Nelson A. Maple Leaf PS Boylen CI Secondary Weston

Staff Recommendations: Existing Nelson A. Boylen Secondary Attendance Area - Map Pierre Laporte MS Highview PS Pelmo Park PS Nelson A Shaded blue area is Boylen CI the existing Nelson A. Maple Leaf PS Boylen CI Secondary Weston Memorial Jr

392 views • 3 slides
INVESTING NOW FOR INCOME -- WITHOUT LOSING YOUR PRINCIPAL March, 2010 Donald Cassidy President,

INVESTING NOW FOR INCOME -- WITHOUT LOSING YOUR PRINCIPAL March, 2010 Donald Cassidy President,

INVESTING NOW FOR INCOME -- WITHOUT LOSING YOUR PRINCIPAL March, 2010 Donald Cassidy President, Retirement Investing Institute www. R-i-i. org DISCLAIMER Neither the speaker nor the Retirement Investing Institute (R-i-i.org) make individual

708 views • 47 slides
Directions for Future Research Annual Meeting of the Greenleaf Center for Servant Leadership,

Directions for Future Research Annual Meeting of the Greenleaf Center for Servant Leadership,

Scientific Research on Servant Leadership: Initial Results and Directions for Future Research Annual Meeting of the Greenleaf Center for Servant Leadership, June, 2012 Robert C. Liden University of Illinois at Chicago Overview Servant

696 views • 30 slides
Detecting Distributed Denial of Service Attacks: A Neural Network Approach Gulay Oke

Detecting Distributed Denial of Service Attacks: A Neural Network Approach Gulay Oke

Detecting Distributed Denial of Service Attacks: A Neural Network Approach Gulay Oke (g.oke@imperial.ac.uk) Intelligent Systems and Networks Group Dept. of Electrical and Electronic Engineering Imperial College London Multi-Service

681 views • 21 slides

More recommend