SlideShare une entreprise Scribd logo

Service Discovery using etcd, Consul and Kubernetes

Télécharger en tant que PPTX, PDF
Sreenivas Makam
Sreenivas Makam

Overview of Service Discovery and Service Discovery using etcd, Consul, Kubernetes and Docker. Presented at Open source meetup, Bangalore(http://www.meetup.com/Bangalore-Open-Source-Meetup/events/229763724/)

Technologie
1  sur  28
SERVICE DISCOVERY USING ETCD, CONSUL, KUBERNETES Presenter Name: Sreenivas Makam Presented at: Open source Meetup Bangalore Presentation Date: April 16, 2016
About me • Senior Engineering Manager at Cisco Systems Data Center group • Personal blog can be found at https://sreeninet.wordpress.com/ and my hacky code at https://github.com/smakam • Author of “Mastering CoreOS” book, published on Feb 2016. (https://www.packtpub.com/netw orking-and-servers/mastering- coreos ) • You can reach me on LinkedIn at https://in.linkedin.com/in/sreeniva smakam, Twitter handle - @srmakam
Death star Architecture Image from: http://www.slideshare.net/InfoQ/migrating-to-cloud-native- with-microservices
Sample Microservices Architecture Image from https://www.nginx.com/blog/introduction-to-microservices/ Monolith Microservices
What should Service Discovery provide? • Discovery - Services need to discover each other dynamically to get IP address and port detail to communicate with other services in the cluster. • Health check – Only healthy services should participate in handling traffic, unhealthy services need to be dynamically pruned out. • Load balancing – Traffic destined to a particular service should be dynamically load balanced to all instances providing the particular service.
Client vs Server side Service discovery Pictures from https://www.nginx.com/blog/service-discovery-in-a-microservices- architecture/ Client talks to Service registry and does load balancing. Client service needs to be Service registry aware. Eg: Netflix OSS Client talks to load balancer and load balancer talks to Service registry. Client service need not be Service registry aware Eg: Consul, AWS ELB Client Discovery Server Discovery
Service Discovery Components • Service Registry – Maintains a database of services and provides an external API(HTTP/DNS) to interact. Typically Implemented as a distributed key, value store • Registrator – Registers services dynamically to Service registry by listening to Service creation and deletion events • Health checker – Monitors Service health dynamically and updates Service registry appropriately • Load balancer – Distribute traffic destined for the service to active participants
Service discovery using etcd • Etcd can be used as KV store for Service registry. • Service itself can directly update etcd or a Sidekick service can be used to update etcd on the Service details. • Sidekick service serves as registrator. • Other services can query etcd database to do the dynamic Service discovery. • Side kick service does the health check for main service. Simple Discovery Discovery using Side kick service
Service discovery – etcd exampleApache service: [Unit] Description=Apache web server service on port %i # Requirements Requires=etcd2.service Requires=docker.service Requires=apachet-discovery@%i.service # Dependency ordering After=etcd2.service After=docker.service Before=apachet-discovery@%i.service [Service] # Let processes take awhile to start up (for first run Docker containers) TimeoutStartSec=0 # Change killmode from "control-group" to "none" to let Docker remove # work correctly. KillMode=none # Get CoreOS environmental variables EnvironmentFile=/etc/environment # Pre-start and Start ## Directives with "=-" are allowed to fail without consequence ExecStartPre=-/usr/bin/docker kill apachet.%i ExecStartPre=-/usr/bin/docker rm apachet.%i ExecStartPre=/usr/bin/docker pull coreos/apache ExecStart=/usr/bin/docker run --name apachet.%i -p ${COREOS_PUBLIC_IPV4}:%i:80 coreos/apache /usr/sbin/apache2ctl -D FOREGROUND # Stop ExecStop=/usr/bin/docker stop apachet.%i Apache sidekick service: [Unit] Description=Apache web server on port %i etcd registration # Requirements Requires=etcd2.service Requires=apachet@%i.service # Dependency ordering and binding After=etcd2.service After=apachet@%i.service BindsTo=apachet@%i.service [Service] # Get CoreOS environmental variables EnvironmentFile=/etc/environment # Start ## Test whether service is accessible and then register useful information ExecStart=/bin/bash -c ' while true; do curl -f ${COREOS_PUBLIC_IPV4}:%i; if [ $? -eq 0 ]; then etcdctl set /services/apachet/${COREOS_PUBLIC_IPV4} '{"host": "%H", "ipv4_addr": ${COREOS_PUBLIC_IPV4}, "port": %i}' --ttl 30; else etcdctl rm /services/apachet/${COREOS_PUBLIC_IPV4}; fi; sleep 20; done' # Stop ExecStop=/usr/bin/etcdctl rm /services/apachet/${COREOS_PUBLIC_IPV4} [X-Fleet] # Schedule on the same machine as the associated Apache service X-ConditionMachineOf=apachet@%i.service
Service discovery – etcd example(contd) 3 node CoreOS cluster: $ fleetctl list-machines MACHINE IP METADATA 7a895214... 172.17.8.103 - a4562fd1... 172.17.8.101 - d29b1507... 172.17.8.102 - Start 2 instances of the service: fleetctl start apachet@8080.service apachet-discovery@8080.service fleetctl start apachet@8081.service apachet-discovery@8081.service See running services: $ fleetctl list-units UNIT MACHINE ACTIVE SUB apachet-discovery@8080.service 7a895214.../172.17.8.103 active running apachet-discovery@8081.service a4562fd1.../172.17.8.101 active running apachet@8080.service 7a895214.../172.17.8.103 active running apachet@8081.service a4562fd1.../172.17.8.101 active running Check etcd database: $ etcdctl ls / --recursive /services /services/apachet /services/apachet/172.17.8.103 /services/apachet/172.17.8.101 $ etcdctl get /services/apachet/172.17.8.101 {"host": "core-01", "ipv4_addr": 172.17.8.101, "port": 8081} $ etcdctl get /services/apachet/172.17.8.103 {"host": "core-03", "ipv4_addr": 172.17.8.103, "port": 8080}
Etcd with Load balancing • Previous example with etcd demonstrates Service database and health check. It does not achieve DNS and Load balancing. • Load balancing can be achieved by combining etcd with confd or haproxy. Etcd with confd Etcd with haproxy Reference: http://adetante.github.io/articles/service- discovery-haproxy/ Reference: https://www.digitalocean.com/community/tutorials/how-to- use-confd-and-etcd-to-dynamically-reconfigure-services-in- coreos
Consul • Has a distributed key value store for storing Service database. • Provides comprehensive service health checking using both in-built solutions as well as user provided custom solutions. • Provides REST based HTTP api for external interaction. • Service database can be queried using DNS. • Does dynamic load balancing. • Supports single data center and can be scaled to support multiple data centers. • Integrates well with Docker. • Consul integrates well with other Hashicorp tools.
Consul health check options Following are the options that Consul provides for health-check: • Script based check - User provided script is run periodically to verify health of the service. • HTTP based check – Periodic HTTP based check is done to the service IP and endpoint address. • TCP based check – Periodic TCP based check is done to the service IP and specified port. • TTL based check – Previous schemes are driven from Consul server to the service. In this case, the service is expected to refresh a TTL counter in the Consul server periodically. • Docker Container based check – Health check application is available as a Container and Consul invokes the Container periodically to do the health-check.
Sample application with Consul Ubuntu Container (http client) Nginx Container1 Nginx Container2 Consul Load balancer, DNS, Service registry • Two nginx containers will serve as the web servers. ubuntu container will serve as http client. • Consul will load balance the request between two nginx web servers. • Consul will be used as service registry, load balancer, health checker as well as DNS server for this application.
Consul web Interface Following picture shows Consul GUI with: • 2 instances of “http” service and 1 instance of “consul” service. • Health check is passing for both services
Consul with manual registration Service files: http1_checkhttp.json: { "ID": "http1", "Name": "http", "Address": "172.17.0.3", "Port": 80, "check": { "http": "http://172.17.0.3:80", "interval": "10s", "timeout": "1s" } } http2_checkhttp.json: { "ID": "http2", "Name": "http", "Address": "172.17.0.4", "Port": 80, "check": { "http": "http://172.17.0.4:80", "interval": "10s", "timeout": "1s" } } Register services: curl -X PUT --data-binary @http1_checkhttp.json http://localhost:8500/v1/agent/service/register curl -X PUT --data-binary @http2_checkhttp.json http://localhost:8500/v1/agent/service/register Service status: $ curl -s http://localhost:8500/v1/health/checks/http | jq . [ { "ModifyIndex": 424, "CreateIndex": 423, "Node": "myconsul", "CheckID": "service:http1", "Name": "Service 'http' check", "Status": "passing", "Notes": "", "Output": "", "ServiceID": "http1", "ServiceName": "http" }, { "ModifyIndex": 427, "CreateIndex": 425, "Node": "myconsul", "CheckID": "service:http2", "Name": "Service 'http' check", "Status": "passing", "Notes": "", "Output": "", "ServiceID": "http2", "ServiceName": "http" } ]
Consul health check – Good status dig @172.17.0.1 http.service.consul SRV ; <<>> DiG 9.9.5-3ubuntu0.7-Ubuntu <<>> @172.17.0.1 http.service.consul SRV ; (1 server found) ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 34138 ;; flags: qr aa rd; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 2 ;; WARNING: recursion requested but not available ;; QUESTION SECTION: ;http.service.consul. IN SRV ;; ANSWER SECTION: http.service.consul. 0 IN SRV 1 1 80 myconsul.node.dc1.consul. http.service.consul. 0 IN SRV 1 1 80 myconsul.node.dc1.consul. ;; ADDITIONAL SECTION: myconsul.node.dc1.consul. 0 IN A 172.17.0.4 myconsul.node.dc1.consul. 0 IN A 172.17.0.3
Consul health Check – Bad status $ dig @172.17.0.1 http.service.consul SRV ; <<>> DiG 9.9.5-3ubuntu0.7-Ubuntu <<>> @172.17.0.1 http.service.consul SRV ; (1 server found) ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 23330 ;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1 ;; WARNING: recursion requested but not available ;; QUESTION SECTION: ;http.service.consul. IN SRV ;; ANSWER SECTION: http.service.consul. 0 IN SRV 1 1 80 myconsul.node.dc1.consul. ;; ADDITIONAL SECTION: myconsul.node.dc1.consul. 0 IN A 172.17.0.3
Consul with Registrator • Manual registration of service details to Consul is error-prone. • Gliderlabs Registrator open source project (https://github.com/gliderlabs/registrator) takes care of automatically registering/deregistering the service by listening to Docker events and updating Consul registry. • Choosing the Service IP address for the registration is critical. There are 2 choices: – With internal IP option, Container IP and port number gets registered with Consul. This approach is useful when we want to access the service registry from within a Container. Following is an example of starting Registrator using "internal" IP option. • docker run -d -v /var/run/docker.sock:/tmp/docker.sock --net=host gliderlabs/registrator -internal consul://localhost:8500 – With external IP option, host IP and port number gets registered with Consul. Its necessary to specify IP address manually. If its not specified, loopback address gets registered. Following is an example of starting Registrator using "external" IP option. • docker run -d -v /var/run/docker.sock:/tmp/docker.sock gliderlabs/registrator -ip 192.168.99.100 consul://192.168.99.100:8500 • Following is an example for registering “http” service with 2 nginx servers using HTTP check: – docker run -d -p :80 -e "SERVICE_80_NAME=http" -e "SERVICE_80_ID=http1" -e "SERVICE_80_CHECK_HTTP=true" -e "SERVICE_80_CHECK_HTTP=/" --name=nginx1 nginx – docker run -d -p :80 -e "SERVICE_80_NAME=http" -e "SERVICE_80_ID=http2" -e "SERVICE_80_CHECK_HTTP=true" -e "SERVICE_80_CHECK_HTTP=/" --name=nginx2 nginx • Following is an example for registering “http” service with 2 nginx servers using TTL check: – docker run -d -p :80 -e "SERVICE_80_NAME=http" -e "SERVICE_80_ID=http1" -e "SERVICE_80_CHECK_TTL=30s" --name=nginx1 nginx – docker run -d -p :80 -e "SERVICE_80_NAME=http" -e "SERVICE_80_ID=http2" -e "SERVICE_80_CHECK_TTL=30s" --name=nginx2 nginx
Kubernetes Architecture Kubernetes Service discovery components: • SkyDNS is used to map Service name to IP address. • Etcd is used as KV store for Service database. • Kubelet does the health check and replication controller takes care of maintaining Pod count. • Kube-proxy takes care of load balancing traffic to the individual pods.
Kubernetes Service • Service is a L3 routable object with IP address and port number. • Service gets mapped to pods using selector labels. In example on right, “MyApp” is the label. • Service port gets mapped to targetPort in the pod. • Kubernetes supports head-less services. In this case, service is not allocated an IP address, this allows for user to choose their own service registration option. { "kind": "Service", "apiVersion": "v1", "metadata": { "name": "my-service" }, "spec": { "selector": { "app": "MyApp" }, "ports": [ { "protocol": "TCP", "port": 80, "targetPort": 9376 } ] } }
Kubernetes Service discovery Internals • Service name gets mapped to Virtual IP and port using Skydns. • Kube-proxy watches Service changes and updates IPtables. Virtual IP to Service IP, port remapping is achieved using IP tables. • Kubernetes does not use DNS based load balancing to avoid some of the known issues associated with it. Picture source: http://kubernetes.io/docs/use r-guide/services/
Kubernetes Health check • Kubelet can implement a health check to check if Container is healthy. • Kubelet will kill the Container if it is not healthy. Replication controller would take care of maintaining endpoint count. • Health check is defined in Pod manifest. • Currently, 3 options are supported for health- check: – HTTP Health Checks - The Kubelet will call a web hook. If it returns between 200 and 399, it is considered success, failure otherwise. – Container Exec - The Kubelet will execute a command inside the container. If it exits with status 0 it will be considered a success. – TCP Socket - The Kubelet will attempt to open a socket to the container. If it can establish a connection, the container is considered healthy, if it can’t it is considered a failure. Pod with HTTP health check: apiVersion: v1 kind: Pod metadata: name: pod-with-healthcheck spec: containers: - name: nginx image: nginx # defines the health checking livenessProbe: # an http probe httpGet: path: /_status/healthz port: 80 # length of time to wait for a pod to initialize # after pod startup, before applying health checking initialDelaySeconds: 30 timeoutSeconds: 1 ports: - containerPort: 80
Kubernetes Service Discovery options • For internal service discovery, Kubernetes provides two options: – Environment variable: When a new Pod is created, environment variables from older services can be imported. This allows services to talk to each other. This approach enforces ordering in service creation. – DNS: Every service registers to the DNS service; using this, new services can find and talk to other services. Kubernetes provides the kube-dns service for this. • For external service discovery, Kubernetes provides two options: – NodePort: In this method, Kubernetes exposes the service through special ports (30000-32767) of the node IP address. – Loadbalancer: In this method, Kubernetes interacts with the cloud provider to create a load balancer that redirects the traffic to the Pods. This approach is currently available with GCE. REDIS_MASTER_SERVICE_HOST=10.0.0.11 REDIS_MASTER_SERVICE_PORT=6379 REDIS_MASTER_PORT=tcp://10.0.0.11:63 79 REDIS_MASTER_PORT_6379_TCP=tcp://1 0.0.0.11:6379 REDIS_MASTER_PORT_6379_TCP_PROTO =tcp REDIS_MASTER_PORT_6379_TCP_PORT= 6379 REDIS_MASTER_PORT_6379_TCP_ADDR= 10.0.0.11 apiVersion: v1 kind: Service metadata: name: frontend labels: app: guestbook tier: frontend spec: # if your cluster supports it, uncomment the following to automatically create # an external load-balanced IP for the frontend service. type: LoadBalancer ports: # the port that this service should serve on - port: 80 selector: app: guestbook tier: frontend
Docker Service Discovery • With Docker 1.9, Container name to IP address mapping was done by updating “/etc/hosts” automatically. • With Docker 1.10 release, Docker added embedded DNS server which does Container name resolution within a user defined network. • Name resolution can be done for Container name(-- name), network alias(--net-alias) and Container link(--link). Port number is not part of DNS. • With Docker 1.11 release, Docker added DNS based random load balancing for Containers with same network alias. • Docker’s Service Discovery is very primitive and it does not have health check and comprehensive load balancing.
Docker DNS in release 1.11 Create 3 Containers in “fe” network: docker run -d --name=nginx1 -- net=fe --net-alias=nginxnet nginx docker run -d --name=nginx2 -- net=fe --net-alias=nginxnet nginx docker run -ti --name=myubuntu -- net=fe --link=nginx1:nginx1link -- link=nginx2:nginx2link ubuntu bash DNS by network alias: root@4d2d6e34120d:/# ping -c1 nginxnet PING nginxnet (172.20.0.3) 56(84) bytes of data. 64 bytes from nginx2.fe (172.20.0.3): icmp_seq=1 ttl=64 time=0.852 ms root@4d2d6e34120d:/# ping -c1 nginxnet PING nginxnet (172.20.0.2) 56(84) bytes of data. 64 bytes from nginx1.fe (172.20.0.2): icmp_seq=1 ttl=64 time=0.244 ms DNS by Container name: root@4d2d6e34120d:/# ping -c1 nginx1 PING nginx1 (172.20.0.2) 56(84) bytes of data. 64 bytes from nginx1.fe (172.20.0.2): icmp_seq=1 ttl=64 time=0.112 ms root@4d2d6e34120d:/# ping -c1 nginx2 PING nginx2 (172.20.0.3) 56(84) bytes of data. 64 bytes from nginx2.fe (172.20.0.3): icmp_seq=1 ttl=64 time=0.090 ms DNS by link name: root@4d2d6e34120d:/# ping -c1 nginx1link PING nginx1link (172.20.0.2) 56(84) bytes of data. 64 bytes from nginx1.fe (172.20.0.2): icmp_seq=1 ttl=64 time=0.049 ms root@4d2d6e34120d:/# ping -c1 nginx2link PING nginx2link (172.20.0.3) 56(84) bytes of data. 64 bytes from nginx2.fe (172.20.0.3): icmp_seq=1 ttl=64 time=0.253 ms
References • https://www.nginx.com/blog/service-discovery-in-a-microservices- architecture/ • http://jasonwilder.com/blog/2014/02/04/service-discovery-in-the- cloud/ • http://progrium.com/blog/2014/07/29/understanding-modern-service- discovery-with-docker/ • http://artplustech.com/docker-consul-dns-registrator/ • https://jlordiales.me/2015/01/23/docker-consul/ • Mastering CoreOS book - https://www.packtpub.com/networking-and- servers/mastering-coreos • Kubernetes Services - http://kubernetes.io/docs/user-guide/services/ • Docker DNS Server - https://docs.docker.com/engine/userguide/networking/configure-dns/, https://github.com/docker/libnetwork/pull/974
DEMO

Recommandé

[2019] PAYCO 쇼핑 마이크로서비스 아키텍처(MSA) 전환기
[2019] PAYCO 쇼핑 마이크로서비스 아키텍처(MSA) 전환기[2019] PAYCO 쇼핑 마이크로서비스 아키텍처(MSA) 전환기
[2019] PAYCO 쇼핑 마이크로서비스 아키텍처(MSA) 전환기NHN FORWARD
 
Autoscaling Kubernetes
Autoscaling KubernetesAutoscaling Kubernetes
Autoscaling Kubernetescraigbox
 
Kubernetes Networking
Kubernetes NetworkingKubernetes Networking
Kubernetes NetworkingCJ Cullen
 
왜 쿠버네티스는 systemd로 cgroup을 관리하려고 할까요
왜 쿠버네티스는 systemd로 cgroup을 관리하려고 할까요왜 쿠버네티스는 systemd로 cgroup을 관리하려고 할까요
왜 쿠버네티스는 systemd로 cgroup을 관리하려고 할까요Jo Hoon
 
CDC patterns in Apache Kafka®
CDC patterns in Apache Kafka®CDC patterns in Apache Kafka®
CDC patterns in Apache Kafka®confluent
 
ksqlDB로 실시간 데이터 변환 및 스트림 처리
ksqlDB로 실시간 데이터 변환 및 스트림 처리ksqlDB로 실시간 데이터 변환 및 스트림 처리
ksqlDB로 실시간 데이터 변환 및 스트림 처리confluent
 
Introduction to Spring Cloud
Introduction to Spring Cloud Introduction to Spring Cloud
Introduction to Spring Cloud VMware Tanzu
 
Let's build Developer Portal with Backstage
Let's build Developer Portal with BackstageLet's build Developer Portal with Backstage
Let's build Developer Portal with BackstageOpsta
 

Recommandé

[2019] PAYCO 쇼핑 마이크로서비스 아키텍처(MSA) 전환기
[2019] PAYCO 쇼핑 마이크로서비스 아키텍처(MSA) 전환기[2019] PAYCO 쇼핑 마이크로서비스 아키텍처(MSA) 전환기
[2019] PAYCO 쇼핑 마이크로서비스 아키텍처(MSA) 전환기NHN FORWARD
 
Autoscaling Kubernetes
Autoscaling KubernetesAutoscaling Kubernetes
Autoscaling Kubernetescraigbox
 
Kubernetes Networking
Kubernetes NetworkingKubernetes Networking
Kubernetes NetworkingCJ Cullen
 
왜 쿠버네티스는 systemd로 cgroup을 관리하려고 할까요
왜 쿠버네티스는 systemd로 cgroup을 관리하려고 할까요왜 쿠버네티스는 systemd로 cgroup을 관리하려고 할까요
왜 쿠버네티스는 systemd로 cgroup을 관리하려고 할까요Jo Hoon
 
CDC patterns in Apache Kafka®
CDC patterns in Apache Kafka®CDC patterns in Apache Kafka®
CDC patterns in Apache Kafka®confluent
 
ksqlDB로 실시간 데이터 변환 및 스트림 처리
ksqlDB로 실시간 데이터 변환 및 스트림 처리ksqlDB로 실시간 데이터 변환 및 스트림 처리
ksqlDB로 실시간 데이터 변환 및 스트림 처리confluent
 
Introduction to Spring Cloud
Introduction to Spring Cloud Introduction to Spring Cloud
Introduction to Spring Cloud VMware Tanzu
 
Let's build Developer Portal with Backstage
Let's build Developer Portal with BackstageLet's build Developer Portal with Backstage
Let's build Developer Portal with BackstageOpsta
 
Cilium - BPF & XDP for containers
Cilium - BPF & XDP for containers Cilium - BPF & XDP for containers
Cilium - BPF & XDP for containersDocker, Inc.
 
Apicurio Registry: Event-driven APIs & Schema governance for Apache Kafka | F...
Apicurio Registry: Event-driven APIs & Schema governance for Apache Kafka | F...Apicurio Registry: Event-driven APIs & Schema governance for Apache Kafka | F...
Apicurio Registry: Event-driven APIs & Schema governance for Apache Kafka | F...HostedbyConfluent
 
Building Event Driven (Micro)services with Apache Kafka
Building Event Driven (Micro)services with Apache KafkaBuilding Event Driven (Micro)services with Apache Kafka
Building Event Driven (Micro)services with Apache KafkaGuido Schmutz
 
AWS로 사용자 천만 명 서비스 만들기 (윤석찬)- 클라우드 태권 2015
AWS로 사용자 천만 명 서비스 만들기 (윤석찬)- 클라우드 태권 2015 AWS로 사용자 천만 명 서비스 만들기 (윤석찬)- 클라우드 태권 2015
AWS로 사용자 천만 명 서비스 만들기 (윤석찬)- 클라우드 태권 2015 Amazon Web Services Korea
 
Docker Networking Tip - Macvlan driver
Docker Networking Tip - Macvlan driverDocker Networking Tip - Macvlan driver
Docker Networking Tip - Macvlan driverSreenivas Makam
 
Extending KEDA with External Scalers
Extending KEDA with External ScalersExtending KEDA with External Scalers
Extending KEDA with External ScalersBaltazar Chua
 
CRI, OCI, and CRI-O
CRI, OCI, and CRI-OCRI, OCI, and CRI-O
CRI, OCI, and CRI-OChe-Chia Chang
 
Serverless Computing: build and run applications without thinking about servers
Serverless Computing: build and run applications without thinking about serversServerless Computing: build and run applications without thinking about servers
Serverless Computing: build and run applications without thinking about serversAmazon Web Services
 
OpenShift Virtualization- Technical Overview.pdf
OpenShift Virtualization- Technical Overview.pdfOpenShift Virtualization- Technical Overview.pdf
OpenShift Virtualization- Technical Overview.pdfssuser1490e8
 
Docker 101 - Nov 2016
Docker 101 - Nov 2016Docker 101 - Nov 2016
Docker 101 - Nov 2016Docker, Inc.
 
Ansible 101
Ansible 101Ansible 101
Ansible 101Gena Mykhailiuta
 
Laravel Design Patterns
Laravel Design PatternsLaravel Design Patterns
Laravel Design PatternsBobby Bouwmann
 
Showdown: Integration Framework (Spring Integration, Apache Camel) vs. Enterp...
Showdown: Integration Framework (Spring Integration, Apache Camel) vs. Enterp...Showdown: Integration Framework (Spring Integration, Apache Camel) vs. Enterp...
Showdown: Integration Framework (Spring Integration, Apache Camel) vs. Enterp...Kai Wähner
 
우아한 모노리스
우아한 모노리스우아한 모노리스
우아한 모노리스Arawn Park
 
Hexagonal architecture with Spring Boot
Hexagonal architecture with Spring BootHexagonal architecture with Spring Boot
Hexagonal architecture with Spring BootMikalai Alimenkou
 
Architectural patterns for high performance microservices in kubernetes
Architectural patterns for high performance microservices in kubernetesArchitectural patterns for high performance microservices in kubernetes
Architectural patterns for high performance microservices in kubernetesRafał Leszko
 
Service discovery with Eureka and Spring Cloud
Service discovery with Eureka and Spring CloudService discovery with Eureka and Spring Cloud
Service discovery with Eureka and Spring CloudMarcelo Serpa
 
Resiliency vs High Availability vs Fault Tolerance vs Reliability
Resiliency vs High Availability vs Fault Tolerance vs ReliabilityResiliency vs High Availability vs Fault Tolerance vs Reliability
Resiliency vs High Availability vs Fault Tolerance vs Reliabilityjeetendra mandal
 
Introduction to CNI (Container Network Interface)
Introduction to CNI (Container Network Interface)Introduction to CNI (Container Network Interface)
Introduction to CNI (Container Network Interface)HungWei Chiu
 
Introduction to microservices
Introduction to microservicesIntroduction to microservices
Introduction to microservicesPaulo Gandra de Sousa
 
Service discovery in a microservice architecture using consul
Service discovery in a microservice architecture using consulService discovery in a microservice architecture using consul
Service discovery in a microservice architecture using consulJos Dirksen
 
CoreOS Overview and Current Status
CoreOS Overview and Current StatusCoreOS Overview and Current Status
CoreOS Overview and Current StatusSreenivas Makam
 

Contenu connexe

Tendances

Cilium - BPF & XDP for containers
Cilium - BPF & XDP for containers Cilium - BPF & XDP for containers
Cilium - BPF & XDP for containersDocker, Inc.
 
Apicurio Registry: Event-driven APIs & Schema governance for Apache Kafka | F...
Apicurio Registry: Event-driven APIs & Schema governance for Apache Kafka | F...Apicurio Registry: Event-driven APIs & Schema governance for Apache Kafka | F...
Apicurio Registry: Event-driven APIs & Schema governance for Apache Kafka | F...HostedbyConfluent
 
Building Event Driven (Micro)services with Apache Kafka
Building Event Driven (Micro)services with Apache KafkaBuilding Event Driven (Micro)services with Apache Kafka
Building Event Driven (Micro)services with Apache KafkaGuido Schmutz
 
AWS로 사용자 천만 명 서비스 만들기 (윤석찬)- 클라우드 태권 2015
AWS로 사용자 천만 명 서비스 만들기 (윤석찬)- 클라우드 태권 2015 AWS로 사용자 천만 명 서비스 만들기 (윤석찬)- 클라우드 태권 2015
AWS로 사용자 천만 명 서비스 만들기 (윤석찬)- 클라우드 태권 2015 Amazon Web Services Korea
 
Docker Networking Tip - Macvlan driver
Docker Networking Tip - Macvlan driverDocker Networking Tip - Macvlan driver
Docker Networking Tip - Macvlan driverSreenivas Makam
 
Extending KEDA with External Scalers
Extending KEDA with External ScalersExtending KEDA with External Scalers
Extending KEDA with External ScalersBaltazar Chua
 
Serverless Computing: build and run applications without thinking about servers
Serverless Computing: build and run applications without thinking about serversServerless Computing: build and run applications without thinking about servers
Serverless Computing: build and run applications without thinking about serversAmazon Web Services
 
OpenShift Virtualization- Technical Overview.pdf
OpenShift Virtualization- Technical Overview.pdfOpenShift Virtualization- Technical Overview.pdf
OpenShift Virtualization- Technical Overview.pdfssuser1490e8
 
Docker 101 - Nov 2016
Docker 101 - Nov 2016Docker 101 - Nov 2016
Docker 101 - Nov 2016Docker, Inc.
 
Laravel Design Patterns
Laravel Design PatternsLaravel Design Patterns
Laravel Design PatternsBobby Bouwmann
 
Showdown: Integration Framework (Spring Integration, Apache Camel) vs. Enterp...
Showdown: Integration Framework (Spring Integration, Apache Camel) vs. Enterp...Showdown: Integration Framework (Spring Integration, Apache Camel) vs. Enterp...
Showdown: Integration Framework (Spring Integration, Apache Camel) vs. Enterp...Kai Wähner
 
우아한 모노리스
우아한 모노리스우아한 모노리스
우아한 모노리스Arawn Park
 
Hexagonal architecture with Spring Boot
Hexagonal architecture with Spring BootHexagonal architecture with Spring Boot
Hexagonal architecture with Spring BootMikalai Alimenkou
 
Architectural patterns for high performance microservices in kubernetes
Architectural patterns for high performance microservices in kubernetesArchitectural patterns for high performance microservices in kubernetes
Architectural patterns for high performance microservices in kubernetesRafał Leszko
 
Service discovery with Eureka and Spring Cloud
Service discovery with Eureka and Spring CloudService discovery with Eureka and Spring Cloud
Service discovery with Eureka and Spring CloudMarcelo Serpa
 
Resiliency vs High Availability vs Fault Tolerance vs Reliability
Resiliency vs High Availability vs Fault Tolerance vs ReliabilityResiliency vs High Availability vs Fault Tolerance vs Reliability
Resiliency vs High Availability vs Fault Tolerance vs Reliabilityjeetendra mandal
 
Introduction to CNI (Container Network Interface)
Introduction to CNI (Container Network Interface)Introduction to CNI (Container Network Interface)
Introduction to CNI (Container Network Interface)HungWei Chiu
 

Tendances (20)

Cilium - BPF & XDP for containers
Cilium - BPF & XDP for containers Cilium - BPF & XDP for containers
Cilium - BPF & XDP for containers
 
Apicurio Registry: Event-driven APIs & Schema governance for Apache Kafka | F...
Apicurio Registry: Event-driven APIs & Schema governance for Apache Kafka | F...Apicurio Registry: Event-driven APIs & Schema governance for Apache Kafka | F...
Apicurio Registry: Event-driven APIs & Schema governance for Apache Kafka | F...
 
Building Event Driven (Micro)services with Apache Kafka
Building Event Driven (Micro)services with Apache KafkaBuilding Event Driven (Micro)services with Apache Kafka
Building Event Driven (Micro)services with Apache Kafka
 
AWS로 사용자 천만 명 서비스 만들기 (윤석찬)- 클라우드 태권 2015
AWS로 사용자 천만 명 서비스 만들기 (윤석찬)- 클라우드 태권 2015 AWS로 사용자 천만 명 서비스 만들기 (윤석찬)- 클라우드 태권 2015
AWS로 사용자 천만 명 서비스 만들기 (윤석찬)- 클라우드 태권 2015
 
Docker Networking Tip - Macvlan driver
Docker Networking Tip - Macvlan driverDocker Networking Tip - Macvlan driver
Docker Networking Tip - Macvlan driver
 
Extending KEDA with External Scalers
Extending KEDA with External ScalersExtending KEDA with External Scalers
Extending KEDA with External Scalers
 
CRI, OCI, and CRI-O
CRI, OCI, and CRI-OCRI, OCI, and CRI-O
CRI, OCI, and CRI-O
 
Serverless Computing: build and run applications without thinking about servers
Serverless Computing: build and run applications without thinking about serversServerless Computing: build and run applications without thinking about servers
Serverless Computing: build and run applications without thinking about servers
 
OpenShift Virtualization- Technical Overview.pdf
OpenShift Virtualization- Technical Overview.pdfOpenShift Virtualization- Technical Overview.pdf
OpenShift Virtualization- Technical Overview.pdf
 
Docker 101 - Nov 2016
Docker 101 - Nov 2016Docker 101 - Nov 2016
Docker 101 - Nov 2016
 
Ansible 101
Ansible 101Ansible 101
Ansible 101
 
Laravel Design Patterns
Laravel Design PatternsLaravel Design Patterns
Laravel Design Patterns
 
Showdown: Integration Framework (Spring Integration, Apache Camel) vs. Enterp...
Showdown: Integration Framework (Spring Integration, Apache Camel) vs. Enterp...Showdown: Integration Framework (Spring Integration, Apache Camel) vs. Enterp...
Showdown: Integration Framework (Spring Integration, Apache Camel) vs. Enterp...
 
우아한 모노리스
우아한 모노리스우아한 모노리스
우아한 모노리스
 
Hexagonal architecture with Spring Boot
Hexagonal architecture with Spring BootHexagonal architecture with Spring Boot
Hexagonal architecture with Spring Boot
 
Architectural patterns for high performance microservices in kubernetes
Architectural patterns for high performance microservices in kubernetesArchitectural patterns for high performance microservices in kubernetes
Architectural patterns for high performance microservices in kubernetes
 
Service discovery with Eureka and Spring Cloud
Service discovery with Eureka and Spring CloudService discovery with Eureka and Spring Cloud
Service discovery with Eureka and Spring Cloud
 
Resiliency vs High Availability vs Fault Tolerance vs Reliability
Resiliency vs High Availability vs Fault Tolerance vs ReliabilityResiliency vs High Availability vs Fault Tolerance vs Reliability
Resiliency vs High Availability vs Fault Tolerance vs Reliability
 
Introduction to CNI (Container Network Interface)
Introduction to CNI (Container Network Interface)Introduction to CNI (Container Network Interface)
Introduction to CNI (Container Network Interface)
 
Introduction to microservices
Introduction to microservicesIntroduction to microservices
Introduction to microservices
 

En vedette

Service discovery in a microservice architecture using consul
Service discovery in a microservice architecture using consulService discovery in a microservice architecture using consul
Service discovery in a microservice architecture using consulJos Dirksen
 
CoreOS Overview and Current Status
CoreOS Overview and Current StatusCoreOS Overview and Current Status
CoreOS Overview and Current StatusSreenivas Makam
 
Docker Networking Tip - Load balancing options
Docker Networking Tip - Load balancing optionsDocker Networking Tip - Load balancing options
Docker Networking Tip - Load balancing optionsSreenivas Makam
 
Consul and Complex Networks
Consul and Complex NetworksConsul and Complex Networks
Consul and Complex Networksslackpad
 
Building a Cloud Native Service - Docker Meetup Santa Clara (July 20, 2017)
Building a Cloud Native Service - Docker Meetup Santa Clara (July 20, 2017)Building a Cloud Native Service - Docker Meetup Santa Clara (July 20, 2017)
Building a Cloud Native Service - Docker Meetup Santa Clara (July 20, 2017)Yong Tang
 
Service Discovery and Registration in a Microservices Architecture
Service Discovery and Registration in a Microservices ArchitectureService Discovery and Registration in a Microservices Architecture
Service Discovery and Registration in a Microservices ArchitecturePLUMgrid
 
Consul: Microservice Enabling Microservices and Reactive Programming
Consul: Microservice Enabling Microservices and Reactive ProgrammingConsul: Microservice Enabling Microservices and Reactive Programming
Consul: Microservice Enabling Microservices and Reactive ProgrammingRick Hightower
 

En vedette (8)

Service discovery in a microservice architecture using consul
Service discovery in a microservice architecture using consulService discovery in a microservice architecture using consul
Service discovery in a microservice architecture using consul
 
CoreOS Overview and Current Status
CoreOS Overview and Current StatusCoreOS Overview and Current Status
CoreOS Overview and Current Status
 
Docker Networking Tip - Load balancing options
Docker Networking Tip - Load balancing optionsDocker Networking Tip - Load balancing options
Docker Networking Tip - Load balancing options
 
Service Discovery 101
Service Discovery 101Service Discovery 101
Service Discovery 101
 
Consul and Complex Networks
Consul and Complex NetworksConsul and Complex Networks
Consul and Complex Networks
 
Building a Cloud Native Service - Docker Meetup Santa Clara (July 20, 2017)
Building a Cloud Native Service - Docker Meetup Santa Clara (July 20, 2017)Building a Cloud Native Service - Docker Meetup Santa Clara (July 20, 2017)
Building a Cloud Native Service - Docker Meetup Santa Clara (July 20, 2017)
 
Service Discovery and Registration in a Microservices Architecture
Service Discovery and Registration in a Microservices ArchitectureService Discovery and Registration in a Microservices Architecture
Service Discovery and Registration in a Microservices Architecture
 
Consul: Microservice Enabling Microservices and Reactive Programming
Consul: Microservice Enabling Microservices and Reactive ProgrammingConsul: Microservice Enabling Microservices and Reactive Programming
Consul: Microservice Enabling Microservices and Reactive Programming
 

Similaire à Service Discovery using etcd, Consul and Kubernetes

Session: A Reference Architecture for Running Modern APIs with NGINX Unit and...
Session: A Reference Architecture for Running Modern APIs with NGINX Unit and...Session: A Reference Architecture for Running Modern APIs with NGINX Unit and...
Session: A Reference Architecture for Running Modern APIs with NGINX Unit and...NGINX, Inc.
 
Writing robust Node.js applications
Writing robust Node.js applicationsWriting robust Node.js applications
Writing robust Node.js applicationsTom Croucher
 
Deploying windows containers with kubernetes
Deploying windows containers with kubernetesDeploying windows containers with kubernetes
Deploying windows containers with kubernetesBen Hall
 
Orchestration Tool Roundup - Arthur Berezin & Trammell Scruggs
Orchestration Tool Roundup - Arthur Berezin & Trammell ScruggsOrchestration Tool Roundup - Arthur Berezin & Trammell Scruggs
Orchestration Tool Roundup - Arthur Berezin & Trammell ScruggsCloud Native Day Tel Aviv
 
Managing Your Security Logs with Elasticsearch
Managing Your Security Logs with ElasticsearchManaging Your Security Logs with Elasticsearch
Managing Your Security Logs with ElasticsearchVic Hargrave
 
The Challenges of Becoming Cloud Native
The Challenges of Becoming Cloud NativeThe Challenges of Becoming Cloud Native
The Challenges of Becoming Cloud NativeBen Hall
 
PostgreSQL High-Availability and Geographic Locality using consul
PostgreSQL High-Availability and Geographic Locality using consulPostgreSQL High-Availability and Geographic Locality using consul
PostgreSQL High-Availability and Geographic Locality using consulSean Chittenden
 
Orchestrating Docker with Terraform and Consul by Mitchell Hashimoto
Orchestrating Docker with Terraform and Consul by Mitchell Hashimoto Orchestrating Docker with Terraform and Consul by Mitchell Hashimoto
Orchestrating Docker with Terraform and Consul by Mitchell Hashimoto Docker, Inc.
 
Load Balancing Applications with NGINX in a CoreOS Cluster
Load Balancing Applications with NGINX in a CoreOS ClusterLoad Balancing Applications with NGINX in a CoreOS Cluster
Load Balancing Applications with NGINX in a CoreOS ClusterKevin Jones
 
From nothing to Prometheus : one year after
From nothing to Prometheus : one year afterFrom nothing to Prometheus : one year after
From nothing to Prometheus : one year afterAntoine Leroyer
 
Webinar - 2020-09-23 - Escape the ticketing turmoil with Teleport PagerDuty &...
Webinar - 2020-09-23 - Escape the ticketing turmoil with Teleport PagerDuty &...Webinar - 2020-09-23 - Escape the ticketing turmoil with Teleport PagerDuty &...
Webinar - 2020-09-23 - Escape the ticketing turmoil with Teleport PagerDuty &...Teleport
 
Service discovery like a pro (presented at reversimX)
Service discovery like a pro (presented at reversimX)Service discovery like a pro (presented at reversimX)
Service discovery like a pro (presented at reversimX)Eran Harel
 
Docker Logging and analysing with Elastic Stack - Jakub Hajek
Docker Logging and analysing with Elastic Stack - Jakub Hajek Docker Logging and analysing with Elastic Stack - Jakub Hajek
Docker Logging and analysing with Elastic Stack - Jakub Hajek PROIDEA
 
Docker Logging and analysing with Elastic Stack
Docker Logging and analysing with Elastic StackDocker Logging and analysing with Elastic Stack
Docker Logging and analysing with Elastic StackJakub Hajek
 
Exploring Async PHP (SF Live Berlin 2019)
Exploring Async PHP (SF Live Berlin 2019)Exploring Async PHP (SF Live Berlin 2019)
Exploring Async PHP (SF Live Berlin 2019)dantleech
 
UEMB200: Next Generation of Endpoint Management Architecture and Discovery Se...
UEMB200: Next Generation of Endpoint Management Architecture and Discovery Se...UEMB200: Next Generation of Endpoint Management Architecture and Discovery Se...
UEMB200: Next Generation of Endpoint Management Architecture and Discovery Se...Ivanti
 
Scaling Docker Containers using Kubernetes and Azure Container Service
Scaling Docker Containers using Kubernetes and Azure Container ServiceScaling Docker Containers using Kubernetes and Azure Container Service
Scaling Docker Containers using Kubernetes and Azure Container ServiceBen Hall
 
ITB2019 NGINX Overview and Technical Aspects - Kevin Jones
ITB2019 NGINX Overview and Technical Aspects - Kevin JonesITB2019 NGINX Overview and Technical Aspects - Kevin Jones
ITB2019 NGINX Overview and Technical Aspects - Kevin JonesOrtus Solutions, Corp
 
Bare Metal to OpenStack with Razor and Chef
Bare Metal to OpenStack with Razor and ChefBare Metal to OpenStack with Razor and Chef
Bare Metal to OpenStack with Razor and ChefMatt Ray
 

Similaire à Service Discovery using etcd, Consul and Kubernetes (20)

Session: A Reference Architecture for Running Modern APIs with NGINX Unit and...
Session: A Reference Architecture for Running Modern APIs with NGINX Unit and...Session: A Reference Architecture for Running Modern APIs with NGINX Unit and...
Session: A Reference Architecture for Running Modern APIs with NGINX Unit and...
 
Writing robust Node.js applications
Writing robust Node.js applicationsWriting robust Node.js applications
Writing robust Node.js applications
 
Deploying windows containers with kubernetes
Deploying windows containers with kubernetesDeploying windows containers with kubernetes
Deploying windows containers with kubernetes
 
Orchestration Tool Roundup - Arthur Berezin & Trammell Scruggs
Orchestration Tool Roundup - Arthur Berezin & Trammell ScruggsOrchestration Tool Roundup - Arthur Berezin & Trammell Scruggs
Orchestration Tool Roundup - Arthur Berezin & Trammell Scruggs
 
Managing Your Security Logs with Elasticsearch
Managing Your Security Logs with ElasticsearchManaging Your Security Logs with Elasticsearch
Managing Your Security Logs with Elasticsearch
 
The Challenges of Becoming Cloud Native
The Challenges of Becoming Cloud NativeThe Challenges of Becoming Cloud Native
The Challenges of Becoming Cloud Native
 
PostgreSQL High-Availability and Geographic Locality using consul
PostgreSQL High-Availability and Geographic Locality using consulPostgreSQL High-Availability and Geographic Locality using consul
PostgreSQL High-Availability and Geographic Locality using consul
 
Orchestrating Docker with Terraform and Consul by Mitchell Hashimoto
Orchestrating Docker with Terraform and Consul by Mitchell Hashimoto Orchestrating Docker with Terraform and Consul by Mitchell Hashimoto
Orchestrating Docker with Terraform and Consul by Mitchell Hashimoto
 
Load Balancing Applications with NGINX in a CoreOS Cluster
Load Balancing Applications with NGINX in a CoreOS ClusterLoad Balancing Applications with NGINX in a CoreOS Cluster
Load Balancing Applications with NGINX in a CoreOS Cluster
 
From nothing to Prometheus : one year after
From nothing to Prometheus : one year afterFrom nothing to Prometheus : one year after
From nothing to Prometheus : one year after
 
Webinar - 2020-09-23 - Escape the ticketing turmoil with Teleport PagerDuty &...
Webinar - 2020-09-23 - Escape the ticketing turmoil with Teleport PagerDuty &...Webinar - 2020-09-23 - Escape the ticketing turmoil with Teleport PagerDuty &...
Webinar - 2020-09-23 - Escape the ticketing turmoil with Teleport PagerDuty &...
 
Service discovery like a pro (presented at reversimX)
Service discovery like a pro (presented at reversimX)Service discovery like a pro (presented at reversimX)
Service discovery like a pro (presented at reversimX)
 
Docker Logging and analysing with Elastic Stack - Jakub Hajek
Docker Logging and analysing with Elastic Stack - Jakub Hajek Docker Logging and analysing with Elastic Stack - Jakub Hajek
Docker Logging and analysing with Elastic Stack - Jakub Hajek
 
Docker Logging and analysing with Elastic Stack
Docker Logging and analysing with Elastic StackDocker Logging and analysing with Elastic Stack
Docker Logging and analysing with Elastic Stack
 
Exploring Async PHP (SF Live Berlin 2019)
Exploring Async PHP (SF Live Berlin 2019)Exploring Async PHP (SF Live Berlin 2019)
Exploring Async PHP (SF Live Berlin 2019)
 
Catalyst MVC
Catalyst MVCCatalyst MVC
Catalyst MVC
 
UEMB200: Next Generation of Endpoint Management Architecture and Discovery Se...
UEMB200: Next Generation of Endpoint Management Architecture and Discovery Se...UEMB200: Next Generation of Endpoint Management Architecture and Discovery Se...
UEMB200: Next Generation of Endpoint Management Architecture and Discovery Se...
 
Scaling Docker Containers using Kubernetes and Azure Container Service
Scaling Docker Containers using Kubernetes and Azure Container ServiceScaling Docker Containers using Kubernetes and Azure Container Service
Scaling Docker Containers using Kubernetes and Azure Container Service
 
ITB2019 NGINX Overview and Technical Aspects - Kevin Jones
ITB2019 NGINX Overview and Technical Aspects - Kevin JonesITB2019 NGINX Overview and Technical Aspects - Kevin Jones
ITB2019 NGINX Overview and Technical Aspects - Kevin Jones
 
Bare Metal to OpenStack with Razor and Chef
Bare Metal to OpenStack with Razor and ChefBare Metal to OpenStack with Razor and Chef
Bare Metal to OpenStack with Razor and Chef
 

Plus de Sreenivas Makam

GKE Tip Series - Usage Metering
GKE Tip Series - Usage MeteringGKE Tip Series - Usage Metering
GKE Tip Series - Usage MeteringSreenivas Makam
 
GKE Tip Series how do i choose between gke standard, autopilot and cloud run
GKE Tip Series how do i choose between gke standard, autopilot and cloud run GKE Tip Series how do i choose between gke standard, autopilot and cloud run
GKE Tip Series how do i choose between gke standard, autopilot and cloud run Sreenivas Makam
 
Kubernetes design principles, patterns and ecosystem
Kubernetes design principles, patterns and ecosystemKubernetes design principles, patterns and ecosystem
Kubernetes design principles, patterns and ecosystemSreenivas Makam
 
Top 3 reasons why you should run your Enterprise workloads on GKE
Top 3 reasons why you should run your Enterprise workloads on GKETop 3 reasons why you should run your Enterprise workloads on GKE
Top 3 reasons why you should run your Enterprise workloads on GKESreenivas Makam
 
How Kubernetes helps Devops
How Kubernetes helps DevopsHow Kubernetes helps Devops
How Kubernetes helps DevopsSreenivas Makam
 
Deep dive into Kubernetes Networking
Deep dive into Kubernetes NetworkingDeep dive into Kubernetes Networking
Deep dive into Kubernetes NetworkingSreenivas Makam
 
Docker Networking Overview
Docker Networking OverviewDocker Networking Overview
Docker Networking OverviewSreenivas Makam
 
Docker Networking - Common Issues and Troubleshooting Techniques
Docker Networking - Common Issues and Troubleshooting TechniquesDocker Networking - Common Issues and Troubleshooting Techniques
Docker Networking - Common Issues and Troubleshooting TechniquesSreenivas Makam
 
Compare Docker deployment options in the public cloud
Compare Docker deployment options in the public cloudCompare Docker deployment options in the public cloud
Compare Docker deployment options in the public cloudSreenivas Makam
 
Docker Mentorweek beginner workshop notes
Docker Mentorweek beginner workshop notesDocker Mentorweek beginner workshop notes
Docker Mentorweek beginner workshop notesSreenivas Makam
 
Docker Security Overview
Docker Security OverviewDocker Security Overview
Docker Security OverviewSreenivas Makam
 
Docker 1.11 Presentation
Docker 1.11 PresentationDocker 1.11 Presentation
Docker 1.11 PresentationSreenivas Makam
 
Container Monitoring with Sysdig
Container Monitoring with SysdigContainer Monitoring with Sysdig
Container Monitoring with SysdigSreenivas Makam
 
CI, CD with Docker, Jenkins and Tutum
CI, CD with Docker, Jenkins and TutumCI, CD with Docker, Jenkins and Tutum
CI, CD with Docker, Jenkins and TutumSreenivas Makam
 
Docker 1.9 Feature Overview
Docker 1.9 Feature OverviewDocker 1.9 Feature Overview
Docker 1.9 Feature OverviewSreenivas Makam
 
Docker Networking - Current Status and goals of Experimental Networking
Docker Networking - Current Status and goals of Experimental NetworkingDocker Networking - Current Status and goals of Experimental Networking
Docker Networking - Current Status and goals of Experimental NetworkingSreenivas Makam
 

Plus de Sreenivas Makam (18)

GKE Tip Series - Usage Metering
GKE Tip Series - Usage MeteringGKE Tip Series - Usage Metering
GKE Tip Series - Usage Metering
 
GKE Tip Series how do i choose between gke standard, autopilot and cloud run
GKE Tip Series how do i choose between gke standard, autopilot and cloud run GKE Tip Series how do i choose between gke standard, autopilot and cloud run
GKE Tip Series how do i choose between gke standard, autopilot and cloud run
 
Kubernetes design principles, patterns and ecosystem
Kubernetes design principles, patterns and ecosystemKubernetes design principles, patterns and ecosystem
Kubernetes design principles, patterns and ecosystem
 
My kubernetes toolkit
My kubernetes toolkitMy kubernetes toolkit
My kubernetes toolkit
 
Top 3 reasons why you should run your Enterprise workloads on GKE
Top 3 reasons why you should run your Enterprise workloads on GKETop 3 reasons why you should run your Enterprise workloads on GKE
Top 3 reasons why you should run your Enterprise workloads on GKE
 
How Kubernetes helps Devops
How Kubernetes helps DevopsHow Kubernetes helps Devops
How Kubernetes helps Devops
 
Deep dive into Kubernetes Networking
Deep dive into Kubernetes NetworkingDeep dive into Kubernetes Networking
Deep dive into Kubernetes Networking
 
Docker Networking Overview
Docker Networking OverviewDocker Networking Overview
Docker Networking Overview
 
Docker Networking - Common Issues and Troubleshooting Techniques
Docker Networking - Common Issues and Troubleshooting TechniquesDocker Networking - Common Issues and Troubleshooting Techniques
Docker Networking - Common Issues and Troubleshooting Techniques
 
Compare Docker deployment options in the public cloud
Compare Docker deployment options in the public cloudCompare Docker deployment options in the public cloud
Compare Docker deployment options in the public cloud
 
Docker Mentorweek beginner workshop notes
Docker Mentorweek beginner workshop notesDocker Mentorweek beginner workshop notes
Docker Mentorweek beginner workshop notes
 
Devops in Networking
Devops in NetworkingDevops in Networking
Devops in Networking
 
Docker Security Overview
Docker Security OverviewDocker Security Overview
Docker Security Overview
 
Docker 1.11 Presentation
Docker 1.11 PresentationDocker 1.11 Presentation
Docker 1.11 Presentation
 
Container Monitoring with Sysdig
Container Monitoring with SysdigContainer Monitoring with Sysdig
Container Monitoring with Sysdig
 
CI, CD with Docker, Jenkins and Tutum
CI, CD with Docker, Jenkins and TutumCI, CD with Docker, Jenkins and Tutum
CI, CD with Docker, Jenkins and Tutum
 
Docker 1.9 Feature Overview
Docker 1.9 Feature OverviewDocker 1.9 Feature Overview
Docker 1.9 Feature Overview
 
Docker Networking - Current Status and goals of Experimental Networking
Docker Networking - Current Status and goals of Experimental NetworkingDocker Networking - Current Status and goals of Experimental Networking
Docker Networking - Current Status and goals of Experimental Networking
 

Dernier

Data governance with Unity Catalog Presentation
Data governance with Unity Catalog PresentationData governance with Unity Catalog Presentation
Data governance with Unity Catalog PresentationKnoldus Inc.
 
A Framework for Development in the AI Age
A Framework for Development in the AI AgeA Framework for Development in the AI Age
A Framework for Development in the AI AgeCprime
 
Top 10 Hubspot Development Companies in 2024
Top 10 Hubspot Development Companies in 2024Top 10 Hubspot Development Companies in 2024
Top 10 Hubspot Development Companies in 2024TopCSSGallery
 
Varsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
Varsha Sewlal- Cyber Attacks on Critical Critical InfrastructureVarsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
Varsha Sewlal- Cyber Attacks on Critical Critical Infrastructureitnewsafrica
 
Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024Hiroshi SHIBATA
 
Connecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdfConnecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdfNeo4j
 
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...Nikki Chapple
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxLoriGlavin3
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity PlanDatabarracks
 
Time Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsTime Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsNathaniel Shimoni
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxLoriGlavin3
 
Scale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL RouterScale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL RouterMydbops
 
Glenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security ObservabilityGlenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security Observabilityitnewsafrica
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxLoriGlavin3
 
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentEmixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentPim van der Noll
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.Curtis Poe
 
UiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to HeroUiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to HeroUiPathCommunity
 
2024 April Patch Tuesday
2024 April Patch Tuesday2024 April Patch Tuesday
2024 April Patch TuesdayIvanti
 
Design pattern talk by Kaya Weers - 2024 (v2)
Design pattern talk by Kaya Weers - 2024 (v2)Design pattern talk by Kaya Weers - 2024 (v2)
Design pattern talk by Kaya Weers - 2024 (v2)Kaya Weers
 

Dernier (20)

Data governance with Unity Catalog Presentation
Data governance with Unity Catalog PresentationData governance with Unity Catalog Presentation
Data governance with Unity Catalog Presentation
 
A Framework for Development in the AI Age
A Framework for Development in the AI AgeA Framework for Development in the AI Age
A Framework for Development in the AI Age
 
Top 10 Hubspot Development Companies in 2024
Top 10 Hubspot Development Companies in 2024Top 10 Hubspot Development Companies in 2024
Top 10 Hubspot Development Companies in 2024
 
Varsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
Varsha Sewlal- Cyber Attacks on Critical Critical InfrastructureVarsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
Varsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
 
Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024
 
Connecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdfConnecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdf
 
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptx
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity Plan
 
Time Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsTime Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directions
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
 
Scale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL RouterScale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL Router
 
Glenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security ObservabilityGlenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security Observability
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
 
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentEmixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.
 
UiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to HeroUiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to Hero
 
2024 April Patch Tuesday
2024 April Patch Tuesday2024 April Patch Tuesday
2024 April Patch Tuesday
 
Design pattern talk by Kaya Weers - 2024 (v2)
Design pattern talk by Kaya Weers - 2024 (v2)Design pattern talk by Kaya Weers - 2024 (v2)
Design pattern talk by Kaya Weers - 2024 (v2)
 

Service Discovery using etcd, Consul and Kubernetes

  • 1. SERVICE DISCOVERY USING ETCD, CONSUL, KUBERNETES Presenter Name: Sreenivas Makam Presented at: Open source Meetup Bangalore Presentation Date: April 16, 2016
  • 2. About me • Senior Engineering Manager at Cisco Systems Data Center group • Personal blog can be found at https://sreeninet.wordpress.com/ and my hacky code at https://github.com/smakam • Author of “Mastering CoreOS” book, published on Feb 2016. (https://www.packtpub.com/netw orking-and-servers/mastering- coreos ) • You can reach me on LinkedIn at https://in.linkedin.com/in/sreeniva smakam, Twitter handle - @srmakam
  • 3. Death star Architecture Image from: http://www.slideshare.net/InfoQ/migrating-to-cloud-native- with-microservices
  • 4. Sample Microservices Architecture Image from https://www.nginx.com/blog/introduction-to-microservices/ Monolith Microservices
  • 5. What should Service Discovery provide? • Discovery - Services need to discover each other dynamically to get IP address and port detail to communicate with other services in the cluster. • Health check – Only healthy services should participate in handling traffic, unhealthy services need to be dynamically pruned out. • Load balancing – Traffic destined to a particular service should be dynamically load balanced to all instances providing the particular service.
  • 6. Client vs Server side Service discovery Pictures from https://www.nginx.com/blog/service-discovery-in-a-microservices- architecture/ Client talks to Service registry and does load balancing. Client service needs to be Service registry aware. Eg: Netflix OSS Client talks to load balancer and load balancer talks to Service registry. Client service need not be Service registry aware Eg: Consul, AWS ELB Client Discovery Server Discovery
  • 7. Service Discovery Components • Service Registry – Maintains a database of services and provides an external API(HTTP/DNS) to interact. Typically Implemented as a distributed key, value store • Registrator – Registers services dynamically to Service registry by listening to Service creation and deletion events • Health checker – Monitors Service health dynamically and updates Service registry appropriately • Load balancer – Distribute traffic destined for the service to active participants
  • 8. Service discovery using etcd • Etcd can be used as KV store for Service registry. • Service itself can directly update etcd or a Sidekick service can be used to update etcd on the Service details. • Sidekick service serves as registrator. • Other services can query etcd database to do the dynamic Service discovery. • Side kick service does the health check for main service. Simple Discovery Discovery using Side kick service
  • 9. Service discovery – etcd exampleApache service: [Unit] Description=Apache web server service on port %i # Requirements Requires=etcd2.service Requires=docker.service Requires=apachet-discovery@%i.service # Dependency ordering After=etcd2.service After=docker.service Before=apachet-discovery@%i.service [Service] # Let processes take awhile to start up (for first run Docker containers) TimeoutStartSec=0 # Change killmode from "control-group" to "none" to let Docker remove # work correctly. KillMode=none # Get CoreOS environmental variables EnvironmentFile=/etc/environment # Pre-start and Start ## Directives with "=-" are allowed to fail without consequence ExecStartPre=-/usr/bin/docker kill apachet.%i ExecStartPre=-/usr/bin/docker rm apachet.%i ExecStartPre=/usr/bin/docker pull coreos/apache ExecStart=/usr/bin/docker run --name apachet.%i -p ${COREOS_PUBLIC_IPV4}:%i:80 coreos/apache /usr/sbin/apache2ctl -D FOREGROUND # Stop ExecStop=/usr/bin/docker stop apachet.%i Apache sidekick service: [Unit] Description=Apache web server on port %i etcd registration # Requirements Requires=etcd2.service Requires=apachet@%i.service # Dependency ordering and binding After=etcd2.service After=apachet@%i.service BindsTo=apachet@%i.service [Service] # Get CoreOS environmental variables EnvironmentFile=/etc/environment # Start ## Test whether service is accessible and then register useful information ExecStart=/bin/bash -c ' while true; do curl -f ${COREOS_PUBLIC_IPV4}:%i; if [ $? -eq 0 ]; then etcdctl set /services/apachet/${COREOS_PUBLIC_IPV4} '{"host": "%H", "ipv4_addr": ${COREOS_PUBLIC_IPV4}, "port": %i}' --ttl 30; else etcdctl rm /services/apachet/${COREOS_PUBLIC_IPV4}; fi; sleep 20; done' # Stop ExecStop=/usr/bin/etcdctl rm /services/apachet/${COREOS_PUBLIC_IPV4} [X-Fleet] # Schedule on the same machine as the associated Apache service X-ConditionMachineOf=apachet@%i.service
  • 10. Service discovery – etcd example(contd) 3 node CoreOS cluster: $ fleetctl list-machines MACHINE IP METADATA 7a895214... 172.17.8.103 - a4562fd1... 172.17.8.101 - d29b1507... 172.17.8.102 - Start 2 instances of the service: fleetctl start apachet@8080.service apachet-discovery@8080.service fleetctl start apachet@8081.service apachet-discovery@8081.service See running services: $ fleetctl list-units UNIT MACHINE ACTIVE SUB apachet-discovery@8080.service 7a895214.../172.17.8.103 active running apachet-discovery@8081.service a4562fd1.../172.17.8.101 active running apachet@8080.service 7a895214.../172.17.8.103 active running apachet@8081.service a4562fd1.../172.17.8.101 active running Check etcd database: $ etcdctl ls / --recursive /services /services/apachet /services/apachet/172.17.8.103 /services/apachet/172.17.8.101 $ etcdctl get /services/apachet/172.17.8.101 {"host": "core-01", "ipv4_addr": 172.17.8.101, "port": 8081} $ etcdctl get /services/apachet/172.17.8.103 {"host": "core-03", "ipv4_addr": 172.17.8.103, "port": 8080}
  • 11. Etcd with Load balancing • Previous example with etcd demonstrates Service database and health check. It does not achieve DNS and Load balancing. • Load balancing can be achieved by combining etcd with confd or haproxy. Etcd with confd Etcd with haproxy Reference: http://adetante.github.io/articles/service- discovery-haproxy/ Reference: https://www.digitalocean.com/community/tutorials/how-to- use-confd-and-etcd-to-dynamically-reconfigure-services-in- coreos
  • 12. Consul • Has a distributed key value store for storing Service database. • Provides comprehensive service health checking using both in-built solutions as well as user provided custom solutions. • Provides REST based HTTP api for external interaction. • Service database can be queried using DNS. • Does dynamic load balancing. • Supports single data center and can be scaled to support multiple data centers. • Integrates well with Docker. • Consul integrates well with other Hashicorp tools.
  • 13. Consul health check options Following are the options that Consul provides for health-check: • Script based check - User provided script is run periodically to verify health of the service. • HTTP based check – Periodic HTTP based check is done to the service IP and endpoint address. • TCP based check – Periodic TCP based check is done to the service IP and specified port. • TTL based check – Previous schemes are driven from Consul server to the service. In this case, the service is expected to refresh a TTL counter in the Consul server periodically. • Docker Container based check – Health check application is available as a Container and Consul invokes the Container periodically to do the health-check.
  • 14. Sample application with Consul Ubuntu Container (http client) Nginx Container1 Nginx Container2 Consul Load balancer, DNS, Service registry • Two nginx containers will serve as the web servers. ubuntu container will serve as http client. • Consul will load balance the request between two nginx web servers. • Consul will be used as service registry, load balancer, health checker as well as DNS server for this application.
  • 15. Consul web Interface Following picture shows Consul GUI with: • 2 instances of “http” service and 1 instance of “consul” service. • Health check is passing for both services
  • 16. Consul with manual registration Service files: http1_checkhttp.json: { "ID": "http1", "Name": "http", "Address": "172.17.0.3", "Port": 80, "check": { "http": "http://172.17.0.3:80", "interval": "10s", "timeout": "1s" } } http2_checkhttp.json: { "ID": "http2", "Name": "http", "Address": "172.17.0.4", "Port": 80, "check": { "http": "http://172.17.0.4:80", "interval": "10s", "timeout": "1s" } } Register services: curl -X PUT --data-binary @http1_checkhttp.json http://localhost:8500/v1/agent/service/register curl -X PUT --data-binary @http2_checkhttp.json http://localhost:8500/v1/agent/service/register Service status: $ curl -s http://localhost:8500/v1/health/checks/http | jq . [ { "ModifyIndex": 424, "CreateIndex": 423, "Node": "myconsul", "CheckID": "service:http1", "Name": "Service 'http' check", "Status": "passing", "Notes": "", "Output": "", "ServiceID": "http1", "ServiceName": "http" }, { "ModifyIndex": 427, "CreateIndex": 425, "Node": "myconsul", "CheckID": "service:http2", "Name": "Service 'http' check", "Status": "passing", "Notes": "", "Output": "", "ServiceID": "http2", "ServiceName": "http" } ]
  • 17. Consul health check – Good status dig @172.17.0.1 http.service.consul SRV ; <<>> DiG 9.9.5-3ubuntu0.7-Ubuntu <<>> @172.17.0.1 http.service.consul SRV ; (1 server found) ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 34138 ;; flags: qr aa rd; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 2 ;; WARNING: recursion requested but not available ;; QUESTION SECTION: ;http.service.consul. IN SRV ;; ANSWER SECTION: http.service.consul. 0 IN SRV 1 1 80 myconsul.node.dc1.consul. http.service.consul. 0 IN SRV 1 1 80 myconsul.node.dc1.consul. ;; ADDITIONAL SECTION: myconsul.node.dc1.consul. 0 IN A 172.17.0.4 myconsul.node.dc1.consul. 0 IN A 172.17.0.3
  • 18. Consul health Check – Bad status $ dig @172.17.0.1 http.service.consul SRV ; <<>> DiG 9.9.5-3ubuntu0.7-Ubuntu <<>> @172.17.0.1 http.service.consul SRV ; (1 server found) ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 23330 ;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1 ;; WARNING: recursion requested but not available ;; QUESTION SECTION: ;http.service.consul. IN SRV ;; ANSWER SECTION: http.service.consul. 0 IN SRV 1 1 80 myconsul.node.dc1.consul. ;; ADDITIONAL SECTION: myconsul.node.dc1.consul. 0 IN A 172.17.0.3
  • 19. Consul with Registrator • Manual registration of service details to Consul is error-prone. • Gliderlabs Registrator open source project (https://github.com/gliderlabs/registrator) takes care of automatically registering/deregistering the service by listening to Docker events and updating Consul registry. • Choosing the Service IP address for the registration is critical. There are 2 choices: – With internal IP option, Container IP and port number gets registered with Consul. This approach is useful when we want to access the service registry from within a Container. Following is an example of starting Registrator using "internal" IP option. • docker run -d -v /var/run/docker.sock:/tmp/docker.sock --net=host gliderlabs/registrator -internal consul://localhost:8500 – With external IP option, host IP and port number gets registered with Consul. Its necessary to specify IP address manually. If its not specified, loopback address gets registered. Following is an example of starting Registrator using "external" IP option. • docker run -d -v /var/run/docker.sock:/tmp/docker.sock gliderlabs/registrator -ip 192.168.99.100 consul://192.168.99.100:8500 • Following is an example for registering “http” service with 2 nginx servers using HTTP check: – docker run -d -p :80 -e "SERVICE_80_NAME=http" -e "SERVICE_80_ID=http1" -e "SERVICE_80_CHECK_HTTP=true" -e "SERVICE_80_CHECK_HTTP=/" --name=nginx1 nginx – docker run -d -p :80 -e "SERVICE_80_NAME=http" -e "SERVICE_80_ID=http2" -e "SERVICE_80_CHECK_HTTP=true" -e "SERVICE_80_CHECK_HTTP=/" --name=nginx2 nginx • Following is an example for registering “http” service with 2 nginx servers using TTL check: – docker run -d -p :80 -e "SERVICE_80_NAME=http" -e "SERVICE_80_ID=http1" -e "SERVICE_80_CHECK_TTL=30s" --name=nginx1 nginx – docker run -d -p :80 -e "SERVICE_80_NAME=http" -e "SERVICE_80_ID=http2" -e "SERVICE_80_CHECK_TTL=30s" --name=nginx2 nginx
  • 20. Kubernetes Architecture Kubernetes Service discovery components: • SkyDNS is used to map Service name to IP address. • Etcd is used as KV store for Service database. • Kubelet does the health check and replication controller takes care of maintaining Pod count. • Kube-proxy takes care of load balancing traffic to the individual pods.
  • 21. Kubernetes Service • Service is a L3 routable object with IP address and port number. • Service gets mapped to pods using selector labels. In example on right, “MyApp” is the label. • Service port gets mapped to targetPort in the pod. • Kubernetes supports head-less services. In this case, service is not allocated an IP address, this allows for user to choose their own service registration option. { "kind": "Service", "apiVersion": "v1", "metadata": { "name": "my-service" }, "spec": { "selector": { "app": "MyApp" }, "ports": [ { "protocol": "TCP", "port": 80, "targetPort": 9376 } ] } }
  • 22. Kubernetes Service discovery Internals • Service name gets mapped to Virtual IP and port using Skydns. • Kube-proxy watches Service changes and updates IPtables. Virtual IP to Service IP, port remapping is achieved using IP tables. • Kubernetes does not use DNS based load balancing to avoid some of the known issues associated with it. Picture source: http://kubernetes.io/docs/use r-guide/services/
  • 23. Kubernetes Health check • Kubelet can implement a health check to check if Container is healthy. • Kubelet will kill the Container if it is not healthy. Replication controller would take care of maintaining endpoint count. • Health check is defined in Pod manifest. • Currently, 3 options are supported for health- check: – HTTP Health Checks - The Kubelet will call a web hook. If it returns between 200 and 399, it is considered success, failure otherwise. – Container Exec - The Kubelet will execute a command inside the container. If it exits with status 0 it will be considered a success. – TCP Socket - The Kubelet will attempt to open a socket to the container. If it can establish a connection, the container is considered healthy, if it can’t it is considered a failure. Pod with HTTP health check: apiVersion: v1 kind: Pod metadata: name: pod-with-healthcheck spec: containers: - name: nginx image: nginx # defines the health checking livenessProbe: # an http probe httpGet: path: /_status/healthz port: 80 # length of time to wait for a pod to initialize # after pod startup, before applying health checking initialDelaySeconds: 30 timeoutSeconds: 1 ports: - containerPort: 80
  • 24. Kubernetes Service Discovery options • For internal service discovery, Kubernetes provides two options: – Environment variable: When a new Pod is created, environment variables from older services can be imported. This allows services to talk to each other. This approach enforces ordering in service creation. – DNS: Every service registers to the DNS service; using this, new services can find and talk to other services. Kubernetes provides the kube-dns service for this. • For external service discovery, Kubernetes provides two options: – NodePort: In this method, Kubernetes exposes the service through special ports (30000-32767) of the node IP address. – Loadbalancer: In this method, Kubernetes interacts with the cloud provider to create a load balancer that redirects the traffic to the Pods. This approach is currently available with GCE. REDIS_MASTER_SERVICE_HOST=10.0.0.11 REDIS_MASTER_SERVICE_PORT=6379 REDIS_MASTER_PORT=tcp://10.0.0.11:63 79 REDIS_MASTER_PORT_6379_TCP=tcp://1 0.0.0.11:6379 REDIS_MASTER_PORT_6379_TCP_PROTO =tcp REDIS_MASTER_PORT_6379_TCP_PORT= 6379 REDIS_MASTER_PORT_6379_TCP_ADDR= 10.0.0.11 apiVersion: v1 kind: Service metadata: name: frontend labels: app: guestbook tier: frontend spec: # if your cluster supports it, uncomment the following to automatically create # an external load-balanced IP for the frontend service. type: LoadBalancer ports: # the port that this service should serve on - port: 80 selector: app: guestbook tier: frontend
  • 25. Docker Service Discovery • With Docker 1.9, Container name to IP address mapping was done by updating “/etc/hosts” automatically. • With Docker 1.10 release, Docker added embedded DNS server which does Container name resolution within a user defined network. • Name resolution can be done for Container name(-- name), network alias(--net-alias) and Container link(--link). Port number is not part of DNS. • With Docker 1.11 release, Docker added DNS based random load balancing for Containers with same network alias. • Docker’s Service Discovery is very primitive and it does not have health check and comprehensive load balancing.
  • 26. Docker DNS in release 1.11 Create 3 Containers in “fe” network: docker run -d --name=nginx1 -- net=fe --net-alias=nginxnet nginx docker run -d --name=nginx2 -- net=fe --net-alias=nginxnet nginx docker run -ti --name=myubuntu -- net=fe --link=nginx1:nginx1link -- link=nginx2:nginx2link ubuntu bash DNS by network alias: root@4d2d6e34120d:/# ping -c1 nginxnet PING nginxnet (172.20.0.3) 56(84) bytes of data. 64 bytes from nginx2.fe (172.20.0.3): icmp_seq=1 ttl=64 time=0.852 ms root@4d2d6e34120d:/# ping -c1 nginxnet PING nginxnet (172.20.0.2) 56(84) bytes of data. 64 bytes from nginx1.fe (172.20.0.2): icmp_seq=1 ttl=64 time=0.244 ms DNS by Container name: root@4d2d6e34120d:/# ping -c1 nginx1 PING nginx1 (172.20.0.2) 56(84) bytes of data. 64 bytes from nginx1.fe (172.20.0.2): icmp_seq=1 ttl=64 time=0.112 ms root@4d2d6e34120d:/# ping -c1 nginx2 PING nginx2 (172.20.0.3) 56(84) bytes of data. 64 bytes from nginx2.fe (172.20.0.3): icmp_seq=1 ttl=64 time=0.090 ms DNS by link name: root@4d2d6e34120d:/# ping -c1 nginx1link PING nginx1link (172.20.0.2) 56(84) bytes of data. 64 bytes from nginx1.fe (172.20.0.2): icmp_seq=1 ttl=64 time=0.049 ms root@4d2d6e34120d:/# ping -c1 nginx2link PING nginx2link (172.20.0.3) 56(84) bytes of data. 64 bytes from nginx2.fe (172.20.0.3): icmp_seq=1 ttl=64 time=0.253 ms
  • 27. References • https://www.nginx.com/blog/service-discovery-in-a-microservices- architecture/ • http://jasonwilder.com/blog/2014/02/04/service-discovery-in-the- cloud/ • http://progrium.com/blog/2014/07/29/understanding-modern-service- discovery-with-docker/ • http://artplustech.com/docker-consul-dns-registrator/ • https://jlordiales.me/2015/01/23/docker-consul/ • Mastering CoreOS book - https://www.packtpub.com/networking-and- servers/mastering-coreos • Kubernetes Services - http://kubernetes.io/docs/user-guide/services/ • Docker DNS Server - https://docs.docker.com/engine/userguide/networking/configure-dns/, https://github.com/docker/libnetwork/pull/974
  • 28. DEMO

Notes de l'éditeur

  1. Microsoft Confidential
  2. Microsoft Confidential