Many organizations adopt cloud native development practices with the goal of shipping features faster. The technologies and architectures may change when we move to the cloud, but the fact remains that we all still add the occasional bug to our code. The challenge here is that many of your existing local debugging tools and practices can't be used when everything is running in a container or deployed onto Kubernetes running in the cloud. This is where the open source Telepresence tool can help.
Join me to learn about:
- The challenges with scaling Kubernetes-based Java development i.e. you can only run so many microservices locally before minikube melts your laptop
- An exploration of how Telepresence can "intercept" or reroute traffic from a specified service in a remote K8s cluster to your local dev machine
- The benefits of getting a "hot reload" fast feedback loop between applications being developed locally and apps running in the remote environment
- A tour of Telepresence, from the sidecar proxy deployed into the remote K8s cluster to the CLI
- An overview of using "preview URLs" and header-based routing for the sharing, collaboration, and isolation of changes you are making on your local copy of an intercepted service
2. @danielbryantuk
tl;dr
2
• The inner development loop can be painful with microservices & Kubernetes
• Telepresence “proxies” your local machine into the cluster, increasing fast feedback
• Telepresence supports several workflows, from small to large systems
• Please support this CNCF project — get involved!
5. @danielbryantuk
Inner and outer dev loops
5
Hat tip to Mitch Denny (now 404): https://mitchdenny.com/the-inner-loop/
http://jorgemoral.es/posts/2020_03_17-develop_apps…
6. @danielbryantuk
Inner and outer loop with K8s
can be the same
6
• Write code
• Build container
• Push to registry
• Deploy to cluster
• Test
And can be …. SLOW.
13. @danielbryantuk
What is Telepresence
13
• “Fancy Kubernetes VPN for development”
• “kubectl port-forward on steroids”
• “kubectl proxy all-the-things”
• A network bridge between your laptop and the Kubernetes cluster
18. @danielbryantuk
Telepresence: Local-to-Remote bridge
18
telepresence connect
• Open a tunnel to the remote cluster; exposes “in-cluster” services/network/DNS
telepresence intercept my-service —port 3000
• Re-routes (intercepts) tra
ff
ic to my-service in the remote cluster to my local machine
telepresence login & telepresence intercept
• Create preview URL to isolate and share results of the intercept
19. @danielbryantuk
Telepresence: Local-to-Remote bridge
$ telepresence intercept dataprocessingnodeservice --port 3000
19
Using deployment dataprocessingnodeservice
intercepted
State : ACTIVE
Destination : 127.0.0.1:3000
Intercepting: HTTP requests that match all of:
header("x-telepresence-intercept-id") ~= regexp ("76a1e848-1829-74x-1138-e3294c1e9119:dataprocessingnodeservice")
Preview URL : https://[random-subdomain].preview.edgestack.me
www.youtube.com/watch?v=W_a3aErN3NU
20. The Good, the Bad, and the
“Don’t Try this at Home”
20
21. @danielbryantuk
Benefits
21
• Use any tool that runs on your laptop: IDE, profiler, debugger, …
• Connect to cloud-based resources
• Same network namespace (e.g., nslookup works)
• Very fast inner loop!
24. @danielbryantuk
tl;dr
24
• Capturing DNS and routing selectively to the
cluster is tricky
• Maintaining proxy connections can be
challenging
• Kubernetes has many resource types
• No two laptops are alike
• No two clusters are alike
• And more
27. @danielbryantuk
Simple Workflow (YOLO)
27
• One (production) cluster for single-source-of-truth microservices
• Developer checks out code and works on microservices
• Intercepts services on demand using Telepresence + IDE
• Once code is done, microservices are built and deployed via pipeline
Testing in production can be… scary (and personal intercepts help a lot!)
29. @danielbryantuk
Typical Workflow (SME)
29
• One shared (dev) cluster for single-source-of-truth microservices
• Developers check out one of the microservices (and coordinate with other devs)
• Watch for coupled service/API evolution
• Take care with mutating shared state
• Developers intercept and work on services via Telepresence + IDE
• Pipeline is used to run tests, build, and deploy to staging and prod
https://www.youtube.com/watch?v=75soljoqhjY
30. @danielbryantuk
Advanced Workflow
30
• One cluster with multiple namespaces for all single-source-of-truth microservices
• Developers check out one of the microservices
• Developers use Bazel + Telepresence + IDE
• Telepresence (1) is used in container mode with Bazel images
• Once code is done, Jenkins is used to run tests, build, and deploy
https://www.youtube.com/watch?v=tD0FIlxO1AQ
32. @danielbryantuk
Conclusion
32
• The inner development loop can be painful with microservices & Kubernetes
• Telepresence “proxies” your local dev machine into the cluster, increasing fast feedback
• Telepresence supports several workflows, from small to large systems
• Please support this CNCF project — get involved!
33. @danielbryantuk
Contributing to Telepresence
33
• Documentation and workflows
• Explain how you integrate Telepresence into your development workflow
• Let us know if you’re a user!
• Triage
• Lots of folks use GitHub for support, which doesn’t scale well
• Join Slack to help other users https://a8r.io/slack #telepresence