csci2952 f
play

CSCI2952-F Microservices.. Day 2: Background Continued Outline - PowerPoint PPT Presentation

Aug 15, 2022 •237 likes •483 views

CSCI2952-F Microservices.. Day 2: Background Continued Outline Containers Versus VMs Service Mesh Design Patterns API Gateway Motivation Architecture eBPF YAML

  1. CSCI2952-F Microservices.. Day 2: Background Continued

  2. Outline • Containers Versus VMs • Service Mesh Design Patterns • API Gateway • Motivation • Architecture • eBPF • YAML

  3. https://www.computerworld.com/article/3427686/how-containers-cut-server-costs-at-the- financial-times-by-80-percent.html

  4. Deployment Differences Containers == process + name space isolation Containers are more lightweight • than VMs Shared OS • Limited isolation between • containers https://kubernetes.io/docs/concepts/overview/what-is-kubernetes/ https://www.researchgate.net/publication/309961613_Containers_and_Virtual_Machines_at_Scale_A_Comparative_Study

  5. Outline • Containers Versus VMs • Service Mesh Design Patterns • API Gateway • Motivation • Architecture • eBPF • YAML

  6. Recall…. ControlPlane (Istio)

  7. ServiceMesh(SM) Dataplane Design Patterns Ω Kernel Space Kernel Space Kernel Space Kernel Space

  8. ServiceMesh (SM) Dataplane Design Patterns Ω Kernel Space Kernel Space Kernel Space Kernel Space SM is in the kernel (eBPF) SM is in a separate user space Proxy SM is in a separate user space Proxy SM is in RPC framework What are the pros/cons of the different approaches? https://forms.gle/aERbanJoxayLFa176 • https://thrift.apache.org/static/files/thrift-20070401.pdf

  10. ServiceMesh (SM) Dataplane Design Patterns Ω Kernel Space Kernel Space Kernel Space Kernel Space SM is in the kernel (eBPF) SM is in a separate user space Proxy SM is in a separate user space Proxy SM is in RPC framework • Lower overheads Used @ lyft, DataDog, Tinder… But proxy is shared by all Used @ FB/Google • • • • Minimal performance issues Chic-fila containers Tight coupling w/ code • But lower fault tolerance • Decouples app code from SM Lower overheads Must recompile for changes • • • Limited functionality • Independent evolution Performance issues Low overhead • • • • Requires rewriting everything in Fault tolerance properties But lower fault tolerance Minimal performance • • • eBPF High overheads • Performance issues • One proxy per container • • https://thrift.apache.org/static/files/thrift-20070401.pdf

  11. ServiceMesh (SM) Controlplane Design Patterns https://logz.io/blog/istio-linkerd-consul-comparison-service-meshes/

  12. Limited feature set • Implements all features • • Same binary everywhere But easy to operate • Hard to configure Easier to deploy • • Issues at scale • • Well tested functionality https://www.cloudops.com/blog/comparing-service-meshes- https://cloudblogs.microsoft.com/opensource/2018/10/15/use istio-linkerd-and-consul-connect-citrix-adc/ -case-modern-service-mesh-consul-microsoft-azure-part-2/

  13. https://events19.linuxfoundation.org/wp- content/uploads/2018/11/OSN-Days-PPT-Service-Mesh.pdf

  14. Performance Comparison of Popular Implementation https://kinvolk.io/blog/2019/05/performance-benchmark-analysis-of-istio-and-linkerd/

  15. Performance Comparison of Popular Implementation https://kinvolk.io/blog/2019/05/performance-benchmark-analysis-of-istio-and-linkerd/

  16. Which would you use? • https://forms.gle/6bzK6jJhEsPkiSad9

  17. Which would you use? https://dzone.com/articles/service-mesh-comparison-istio-vs- linkerd

  18. Roundtable conversation at Kubecon; Me: which mesh do you use? AnonSRE: We are thinking of switching to Istio. It has a lot of features? Me: do you know how you will use them? AnonSRE: No, but we want to have the option to use them in the future

  20. ControlPlane (Istio) Recall…. End Users End Users How do users connect to your services? What are all the different ways? • How does this become complicated with a microservice infrastructure? • What functionality do you need at the edge to interact with these external users? •

  21. ControlPlane ControlPlane (Istio) (Istio) USER USER API Gateway Interface Interface Devs Browser Devs services services Browser API-Gateway unifies access from external API-based communications to internal services • API-GW provides uniform authentication, verification, auditing and routing • One codebase w/ identical policies and enforcement •

  22. https://dzone.com/articles/thrift-api-gateway-part-1-bloody-core ControlPlane (Istio) USER API Gateway Interface API-Gateway unifies access from external API-based • communications to internal services Devs services Browser API-GW provides uniform authentication, verification, • auditing and routing One codebase w/ identical policies and enforcement •

  23. Outline • Service Mesh Design Patterns • API Gateway • Motivation • Architecture • eBPF • YAML

More recommend