Kubernetes sidecar pattern as a swiss-army knife for microservices.pptx

Abhishek Tiwari
Abhishek TiwariSenior Software Development Manager à Amazon
@abhishektiwari
Kubernetes sidecar
pattern as a swiss-army
knife for microservices
Abhishek Tiwari
https://www.abhishek-tiwari.com
@abhishektiwari
A bit about me
● Director of Engineering at HelloFresh
● An early adopter of K8S ~ Dec 2015
● Ran large K8s clusters in AWS and GCP
● A range of mission critical stateles workloads
@abhishektiwari
scaling microservices require excellence in devops
Amazon Twitter
@abhishektiwari
J-CURVE OF DevOPs Excellence
Credits: Accelerate: State of DevOps 2018: Strategies for a New Economy | Does DevOps Matter?
7% Elite
@abhishektiwari
Common DevOps Concerns
A
B
C
Service-to-service
communication
A
B
C
Securing services and
communication
A
B
C
Control and enforce
policies
@abhishektiwari
Common DevOps Concerns
A
B
C
Service observability
and telemetry
A
B
C
Fault tolerance and
circuit breakers
A
B
C
Deployments and
service topologies
@abhishektiwari
Old Approach
fault tolerance libraries
Implementation specific to
- Languages (Java/Scala) or
- Frameworks or
- Server (Tomcat/Jetty)or
- Protocols (Thrift/RPC)
@abhishektiwari
Kubernetes
Kubernetes has now become the de facto standard
for deploying containerized applications at scale
in private, public and hybrid cloud.
@abhishektiwari
High-level architecture
Kubernetes
Master
Node Node Node
Pod Pod
Pod Pod
Pod
Pod
Pod
Pod
Pod
Pod
Pod Pod
Pods are scheduled and packed dynamically on Kubernetes nodes
Docker Kubelet Kube Proxy Docker Kubelet Kube Proxy Docker Kubelet Kube Proxy
@abhishektiwari
PODS
A pod can co-schedule multiple containers as an atomic unit.
MySQL
Django
Nginx
MySQL
Django
Nginx
Co-scheduled multiple
containers as pod
Scheduled independently as
containers
@abhishektiwari
Design patterns for
container-based
distributed systems
@abhishektiwari
Design patterns for
container-based
distributed systems
3 Essential
Patterns
● Single-pod single-container patterns
● Single-pod multiple-container patterns
● multi-pod patterns
@abhishektiwari
MySQL
Django
Nginx
MySQL
Django
Nginx
Single-pod, multiple-
containers pattern
Single-pod, single-
container pattern
PODS
MySQL
Django
Nginx
1 2
3
Combination of 1 & 2
@abhishektiwari
MySQL
3
Combination of 1 & 2
Django
Nginx
Django
Nginx
Stateless Autoscaling of PODS
Django
Nginx
@abhishektiwari
Main container
Sidecar container
Sidecar pattern
A sidecar is a utility container
in the Pod and its whole purpose
is to support the main container
Fluentd
Python App
error.log
@abhishektiwari
● Independent resource
● Completely reusable
● Graceful degradation
● Seperate life cycle
● Runtime injection
● Multiple per main
● Peripheral tasks
Benefits of
Sidecar
@abhishektiwari
Envoy Linkerd
Sidecar proxy (aka data plane)
traefik
Intelligent service proxy which mediate
and/or control all network communication
Nginx
HAProxy
@abhishektiwari
Nginx Sidecar proxy
MySQL
Django
Nginx
Sidecar Nginx proxy mediates
all traffic to and from main
Django container
Python App
@abhishektiwari
Service to service communication
Service-A
Envoy
Service-B
Envoy
Service-C
Envoy
Envoy.yaml: Routing
virtual_hosts:
- name: backend
domains:
- "*"
routes:
- match:
prefix: "/service/a"
route:
cluster: service_a
- match:
prefix: "/service/b"
route:
cluster: service_b
- match:
prefix: "/service/c"
route:
cluster: service_c
@abhishektiwari
Service to service communication
Service-A
Envoy
Service-B
Envoy
Service-C
Envoy
Envoy.yaml: Load Balancing
clusters:
- name: service_a
connect_timeout: 0.25s
type: strict_dns
lb_policy: round_robin
http2_protocol_options: {}
hosts:
- socket_address:
address: service_a
port_value: 443
- name: service_b
connect_timeout: 0.25s
type: strict_dns
lb_policy: round_robin
http2_protocol_options: {}
hosts:
- socket_address:
address: service_b
port_value: 443
@abhishektiwari
Securing services and communication
Service-A
Envoy
Service-B
Envoy
Service-C
Envoy
Envoy.yaml: JWT Authentication
providers:
jwt_provider1:
issuer: https://auth0.com
audiences:
audience1
local_jwks:
inline_string: PUBLIC-KEY
rules:
- match:
prefix: /health
- match:
prefix: /api
requires:
provider_and_audiences:
provider_name: jwt_provider1
audiences:
api_audience
- match:
prefix: /
requires:
provider_name: jwt_provider1
@abhishektiwari
Fault tolerance and circuit breakers
Service-A
Envoy
Service-B
Envoy
Service-C
Envoy
Envoy.yaml: Circuit Breakers
circuit_breakers:
thresholds:
max_connections: 1
max_pending_requests: 1
max_requests: 1
@abhishektiwari
Fault tolerance and circuit breakers
Service-A
Envoy
Service-B
Envoy
Service-C
Envoy
Envoy.yaml: Retry/Timeout
retry_policy:
retry_on: 5xx
num_retries: 3
per_try_timeout: 5s
@abhishektiwari
Fault tolerance and circuit breakers
Service-A
Envoy
Service-B
Envoy
Service-C
Envoy
Envoy.yaml: Fault/Delay
http_filters:
- name: envoy.fault
config:
delay:
type: fixed
fixed_delay: 10s
percentage:
numerator: 50
denominator: HUNDRED
@abhishektiwari
Service observability and telemetry
Service-A
Envoy
Service-B
Envoy
Service-C
Envoy
Envoy.yaml: Zipkin Tracing
tracing:
http:
name: zipkin
typed_config:
type: zipkin
collector_cluster: zipkin
collector_endpoint: "/zipc"
@abhishektiwari
Configuration hell
Static
configs
Envoy
Envoy
Envoy
@abhishektiwari
We need a control plane
Control Plane
Manages and configures the proxies, enforce policies and collect telemetry
Service-A
Envoy
Service-B
Envoy
Service-C
Envoy
Data Plane
@abhishektiwari
Control plane + Data Plane = Service mesh
@abhishektiwari
Lastly
What microservices are part of my
service mesh and how are
they connected?
@abhishektiwari
THanks
Q&A
1 sur 30

Recommandé

[DW Webinar] Effective Management of APIs and the Edge when Adopting Kubernetes par
[DW Webinar] Effective Management of APIs and the Edge when Adopting Kubernetes[DW Webinar] Effective Management of APIs and the Edge when Adopting Kubernetes
[DW Webinar] Effective Management of APIs and the Edge when Adopting KubernetesDaniel Bryant
232 vues28 diapositives
Webinar: Effective Management of APIs and the Edge when Adopting Kubernetes par
Webinar: Effective Management of APIs and the Edge when Adopting Kubernetes Webinar: Effective Management of APIs and the Edge when Adopting Kubernetes
Webinar: Effective Management of APIs and the Edge when Adopting Kubernetes Ambassador Labs
132 vues29 diapositives
Openshift serverless Solution par
Openshift serverless SolutionOpenshift serverless Solution
Openshift serverless SolutionRyan ZhangCheng
124 vues46 diapositives
All About Microservices and OpenSource Microservice Frameworks par
All About Microservices and OpenSource Microservice FrameworksAll About Microservices and OpenSource Microservice Frameworks
All About Microservices and OpenSource Microservice FrameworksMohammad Asif Siddiqui
331 vues62 diapositives
Developing reliable applications with .net core and AKS par
Developing reliable applications with .net core and AKSDeveloping reliable applications with .net core and AKS
Developing reliable applications with .net core and AKSAlessandro Melchiori
271 vues32 diapositives
Kubernetes One-Click Deployment: Hands-on Workshop (Mainz) par
Kubernetes One-Click Deployment: Hands-on Workshop (Mainz)Kubernetes One-Click Deployment: Hands-on Workshop (Mainz)
Kubernetes One-Click Deployment: Hands-on Workshop (Mainz)QAware GmbH
501 vues121 diapositives

Contenu connexe

Similaire à Kubernetes sidecar pattern as a swiss-army knife for microservices.pptx

[Confoo Montreal 2020] Build Your Own Serverless with Knative - Alex Gervais par
[Confoo Montreal 2020] Build Your Own Serverless with Knative - Alex Gervais[Confoo Montreal 2020] Build Your Own Serverless with Knative - Alex Gervais
[Confoo Montreal 2020] Build Your Own Serverless with Knative - Alex GervaisAmbassador Labs
292 vues40 diapositives
Jakarta Tech Talk: How to develop your first cloud-native Application with Java par
Jakarta Tech Talk: How to develop your first cloud-native Application with JavaJakarta Tech Talk: How to develop your first cloud-native Application with Java
Jakarta Tech Talk: How to develop your first cloud-native Application with JavaNiklas Heidloff
793 vues59 diapositives
PlatformCon 23: "The Busy Platform Engineers Guide to API Gateways" par
PlatformCon 23: "The Busy Platform Engineers Guide to API Gateways"PlatformCon 23: "The Busy Platform Engineers Guide to API Gateways"
PlatformCon 23: "The Busy Platform Engineers Guide to API Gateways"Daniel Bryant
13 vues22 diapositives
Introduction to kubernetes par
Introduction to kubernetesIntroduction to kubernetes
Introduction to kubernetesGabriel Carro
231 vues182 diapositives
TechTalk: Extend Existing Architectures to Digital Endpoints with CA API Mana... par
TechTalk: Extend Existing Architectures to Digital Endpoints with CA API Mana...TechTalk: Extend Existing Architectures to Digital Endpoints with CA API Mana...
TechTalk: Extend Existing Architectures to Digital Endpoints with CA API Mana...CA Technologies
1K vues20 diapositives
Designing API: REST | gRPC | GraphQL, which one should you pick? - Cedrick Lu... par
Designing API: REST | gRPC | GraphQL, which one should you pick? - Cedrick Lu...Designing API: REST | gRPC | GraphQL, which one should you pick? - Cedrick Lu...
Designing API: REST | gRPC | GraphQL, which one should you pick? - Cedrick Lu...Shift Conference
104 vues36 diapositives

Similaire à Kubernetes sidecar pattern as a swiss-army knife for microservices.pptx(20)

[Confoo Montreal 2020] Build Your Own Serverless with Knative - Alex Gervais par Ambassador Labs
[Confoo Montreal 2020] Build Your Own Serverless with Knative - Alex Gervais[Confoo Montreal 2020] Build Your Own Serverless with Knative - Alex Gervais
[Confoo Montreal 2020] Build Your Own Serverless with Knative - Alex Gervais
Ambassador Labs292 vues
Jakarta Tech Talk: How to develop your first cloud-native Application with Java par Niklas Heidloff
Jakarta Tech Talk: How to develop your first cloud-native Application with JavaJakarta Tech Talk: How to develop your first cloud-native Application with Java
Jakarta Tech Talk: How to develop your first cloud-native Application with Java
Niklas Heidloff793 vues
PlatformCon 23: "The Busy Platform Engineers Guide to API Gateways" par Daniel Bryant
PlatformCon 23: "The Busy Platform Engineers Guide to API Gateways"PlatformCon 23: "The Busy Platform Engineers Guide to API Gateways"
PlatformCon 23: "The Busy Platform Engineers Guide to API Gateways"
Daniel Bryant13 vues
TechTalk: Extend Existing Architectures to Digital Endpoints with CA API Mana... par CA Technologies
TechTalk: Extend Existing Architectures to Digital Endpoints with CA API Mana...TechTalk: Extend Existing Architectures to Digital Endpoints with CA API Mana...
TechTalk: Extend Existing Architectures to Digital Endpoints with CA API Mana...
CA Technologies1K vues
Designing API: REST | gRPC | GraphQL, which one should you pick? - Cedrick Lu... par Shift Conference
Designing API: REST | gRPC | GraphQL, which one should you pick? - Cedrick Lu...Designing API: REST | gRPC | GraphQL, which one should you pick? - Cedrick Lu...
Designing API: REST | gRPC | GraphQL, which one should you pick? - Cedrick Lu...
Shift Conference104 vues
PortoTechHub - Hail Hydrate! From Stream to Lake with Apache Pulsar and Friends par Timothy Spann
PortoTechHub  - Hail Hydrate! From Stream to Lake with Apache Pulsar and FriendsPortoTechHub  - Hail Hydrate! From Stream to Lake with Apache Pulsar and Friends
PortoTechHub - Hail Hydrate! From Stream to Lake with Apache Pulsar and Friends
Timothy Spann986 vues
Intro to GitOps with Weave GitOps, Flagger and Linkerd par Weaveworks
Intro to GitOps with Weave GitOps, Flagger and LinkerdIntro to GitOps with Weave GitOps, Flagger and Linkerd
Intro to GitOps with Weave GitOps, Flagger and Linkerd
Weaveworks85 vues
GlueCon 2018: Are REST APIs Still Relevant Today? par LaunchAny
GlueCon 2018: Are REST APIs Still Relevant Today?GlueCon 2018: Are REST APIs Still Relevant Today?
GlueCon 2018: Are REST APIs Still Relevant Today?
LaunchAny1.9K vues
Resilient Microservices with Spring Cloud par VMware Tanzu
Resilient Microservices with Spring CloudResilient Microservices with Spring Cloud
Resilient Microservices with Spring Cloud
VMware Tanzu1.6K vues
I Love APIs 2015 : Zero to Thousands TPS Private Cloud Operations Workshop par Apigee | Google Cloud
I Love APIs 2015 : Zero to Thousands TPS Private Cloud Operations WorkshopI Love APIs 2015 : Zero to Thousands TPS Private Cloud Operations Workshop
I Love APIs 2015 : Zero to Thousands TPS Private Cloud Operations Workshop
DevOpsCon 2020: The Past, Present, and Future of Cloud Native API Gateways par Daniel Bryant
DevOpsCon 2020: The Past, Present, and Future of Cloud Native API GatewaysDevOpsCon 2020: The Past, Present, and Future of Cloud Native API Gateways
DevOpsCon 2020: The Past, Present, and Future of Cloud Native API Gateways
Daniel Bryant259 vues
End to end Machine Learning using Kubeflow - Build, Train, Deploy and Manage par Animesh Singh
End to end Machine Learning using Kubeflow - Build, Train, Deploy and ManageEnd to end Machine Learning using Kubeflow - Build, Train, Deploy and Manage
End to end Machine Learning using Kubeflow - Build, Train, Deploy and Manage
Animesh Singh1.9K vues
Pros and Cons of a MicroServices Architecture talk at AWS ReInvent par Sudhir Tonse
Pros and Cons of a MicroServices Architecture talk at AWS ReInventPros and Cons of a MicroServices Architecture talk at AWS ReInvent
Pros and Cons of a MicroServices Architecture talk at AWS ReInvent
Sudhir Tonse18.7K vues
SpringOne Platform 2018 Recap in 5 minutes par Rohit Kelapure
SpringOne Platform 2018 Recap in 5 minutesSpringOne Platform 2018 Recap in 5 minutes
SpringOne Platform 2018 Recap in 5 minutes
Rohit Kelapure165 vues
Building a scalable microservice architecture with envoy, kubernetes and istio par SAMIR BEHARA
Building a scalable microservice architecture with envoy, kubernetes and istioBuilding a scalable microservice architecture with envoy, kubernetes and istio
Building a scalable microservice architecture with envoy, kubernetes and istio
SAMIR BEHARA1.1K vues
Microservices with Spring Cloud and Netflix OSS par Denis Danov
Microservices with Spring Cloud and Netflix OSSMicroservices with Spring Cloud and Netflix OSS
Microservices with Spring Cloud and Netflix OSS
Denis Danov2.1K vues
AllTheTalks 2020: "The Past, Present, and Future of Cloud Native API Gateways" par Daniel Bryant
AllTheTalks 2020: "The Past, Present, and Future of Cloud Native API Gateways"AllTheTalks 2020: "The Past, Present, and Future of Cloud Native API Gateways"
AllTheTalks 2020: "The Past, Present, and Future of Cloud Native API Gateways"
Daniel Bryant560 vues

Dernier

Software evolution understanding: Automatic extraction of software identifier... par
Software evolution understanding: Automatic extraction of software identifier...Software evolution understanding: Automatic extraction of software identifier...
Software evolution understanding: Automatic extraction of software identifier...Ra'Fat Al-Msie'deen
9 vues33 diapositives
AI and Ml presentation .pptx par
AI and Ml presentation .pptxAI and Ml presentation .pptx
AI and Ml presentation .pptxFayazAli87
12 vues15 diapositives
20231129 - Platform @ localhost 2023 - Application-driven infrastructure with... par
20231129 - Platform @ localhost 2023 - Application-driven infrastructure with...20231129 - Platform @ localhost 2023 - Application-driven infrastructure with...
20231129 - Platform @ localhost 2023 - Application-driven infrastructure with...sparkfabrik
7 vues46 diapositives
Navigating container technology for enhanced security by Niklas Saari par
Navigating container technology for enhanced security by Niklas SaariNavigating container technology for enhanced security by Niklas Saari
Navigating container technology for enhanced security by Niklas SaariMetosin Oy
14 vues34 diapositives
DSD-INT 2023 Simulation of Coastal Hydrodynamics and Water Quality in Hong Ko... par
DSD-INT 2023 Simulation of Coastal Hydrodynamics and Water Quality in Hong Ko...DSD-INT 2023 Simulation of Coastal Hydrodynamics and Water Quality in Hong Ko...
DSD-INT 2023 Simulation of Coastal Hydrodynamics and Water Quality in Hong Ko...Deltares
14 vues23 diapositives
HarshithAkkapelli_Presentation.pdf par
HarshithAkkapelli_Presentation.pdfHarshithAkkapelli_Presentation.pdf
HarshithAkkapelli_Presentation.pdfharshithakkapelli
11 vues16 diapositives

Dernier(20)

Software evolution understanding: Automatic extraction of software identifier... par Ra'Fat Al-Msie'deen
Software evolution understanding: Automatic extraction of software identifier...Software evolution understanding: Automatic extraction of software identifier...
Software evolution understanding: Automatic extraction of software identifier...
AI and Ml presentation .pptx par FayazAli87
AI and Ml presentation .pptxAI and Ml presentation .pptx
AI and Ml presentation .pptx
FayazAli8712 vues
20231129 - Platform @ localhost 2023 - Application-driven infrastructure with... par sparkfabrik
20231129 - Platform @ localhost 2023 - Application-driven infrastructure with...20231129 - Platform @ localhost 2023 - Application-driven infrastructure with...
20231129 - Platform @ localhost 2023 - Application-driven infrastructure with...
sparkfabrik7 vues
Navigating container technology for enhanced security by Niklas Saari par Metosin Oy
Navigating container technology for enhanced security by Niklas SaariNavigating container technology for enhanced security by Niklas Saari
Navigating container technology for enhanced security by Niklas Saari
Metosin Oy14 vues
DSD-INT 2023 Simulation of Coastal Hydrodynamics and Water Quality in Hong Ko... par Deltares
DSD-INT 2023 Simulation of Coastal Hydrodynamics and Water Quality in Hong Ko...DSD-INT 2023 Simulation of Coastal Hydrodynamics and Water Quality in Hong Ko...
DSD-INT 2023 Simulation of Coastal Hydrodynamics and Water Quality in Hong Ko...
Deltares14 vues
Generic or specific? Making sensible software design decisions par Bert Jan Schrijver
Generic or specific? Making sensible software design decisionsGeneric or specific? Making sensible software design decisions
Generic or specific? Making sensible software design decisions
DSD-INT 2023 Exploring flash flood hazard reduction in arid regions using a h... par Deltares
DSD-INT 2023 Exploring flash flood hazard reduction in arid regions using a h...DSD-INT 2023 Exploring flash flood hazard reduction in arid regions using a h...
DSD-INT 2023 Exploring flash flood hazard reduction in arid regions using a h...
Deltares9 vues
2023-November-Schneider Electric-Meetup-BCN Admin Group.pptx par animuscrm
2023-November-Schneider Electric-Meetup-BCN Admin Group.pptx2023-November-Schneider Electric-Meetup-BCN Admin Group.pptx
2023-November-Schneider Electric-Meetup-BCN Admin Group.pptx
animuscrm15 vues
SUGCON ANZ Presentation V2.1 Final.pptx par Jack Spektor
SUGCON ANZ Presentation V2.1 Final.pptxSUGCON ANZ Presentation V2.1 Final.pptx
SUGCON ANZ Presentation V2.1 Final.pptx
Jack Spektor23 vues
Fleet Management Software in India par Fleetable
Fleet Management Software in India Fleet Management Software in India
Fleet Management Software in India
Fleetable11 vues
Headless JS UG Presentation.pptx par Jack Spektor
Headless JS UG Presentation.pptxHeadless JS UG Presentation.pptx
Headless JS UG Presentation.pptx
Jack Spektor8 vues
Dapr Unleashed: Accelerating Microservice Development par Miroslav Janeski
Dapr Unleashed: Accelerating Microservice DevelopmentDapr Unleashed: Accelerating Microservice Development
Dapr Unleashed: Accelerating Microservice Development
Copilot Prompting Toolkit_All Resources.pdf par Riccardo Zamana
Copilot Prompting Toolkit_All Resources.pdfCopilot Prompting Toolkit_All Resources.pdf
Copilot Prompting Toolkit_All Resources.pdf
Riccardo Zamana10 vues

Kubernetes sidecar pattern as a swiss-army knife for microservices.pptx

Notes de l'éditeur

  1. How many of you are developing microservices as part of your tech footprint? How many of you have more than 20 microservices in your tech ecosystem? How many of you are running microservice on top Kubernetes or in containers? Challenges faced when scaling microservices How Kubernetes and sidecar pattern help to
  2. Datadog. Stackdriver SumoLogic
  3. Independent resource accounting and allocation Sidecar can be paired with numerous different "main" containers Containing failure boundary, making it a graceful degradation Independent testing, packaging, upgrade, deployment, & rollback Runtime injection of sidecar i.e. no change in legacy pods/containers