Shulou(Shulou.com)05/31 Report--

This article shows you how to understand the Kubernetes-based service grid, the content is concise and easy to understand, can definitely brighten your eyes, through the detailed introduction of this article, I hope you can get something.

Between Kubernetes and microservices, the service grid provides an important layer.

Kubernetes has solved the problem of container orchestration, and for the cloud native ecosystem, the remaining problem is how to make the delivery of microservices more efficient and resilient. This problem can be realized by service grid technology.

In recent years, open source service grid projects such as Istio, Envoy and Linkerd have become increasingly popular. The following mainly discusses the basic principles of service grid, the challenges faced by a single vanilla Kubernetes (plain vanilla Kubernetes), and introduces several Kubernetes service grid products.

What is a service grid?

The service grid is a network infrastructure layer through which the communication between different parts of the application is controlled and visualized. Today's applications often work in this way. The network is divided into different parts, each part is a service, and each service performs specific business functions.

A service may need to request data from other services to perform its own functions. In general, some services are overloaded because of excessive requests, which is where the service grid is useful. The service grid optimizes communication between different parts by routing requests from one service to another.

Service network components include:

Control plane: mainly responsible for agent configuration, policy management and TLS certificate permissions. The control plane collects all the network metrics data, and some implementations of the service grid can also track services.

Data plane: made up of lightweight agents. These agents are distributed as side cars. Proxies include Envoy or NGINX. You can use the data plane to create your own Kubernetes service grid.

The challenges faced by ordinary vanilla Kubernetes and the role of Service Grid in it

When you use a normal vanilla Kubernetes cluster instead of a service grid, you will encounter the following problems:

Secure communication between servers

Normal vanilla Kubernetes does not encrypt traffic between cluster nodes, so communication between services is not secure. You can use TLS certificates to make communication between Kubernetes services secure.

Using TLS means that the DevOps team must manage and replace certificates. In addition, your development team must integrate TLS certificates into each service.

The service grid encrypts all network traffic, saving your team time. The service grid inserts the TLS side car into each Kubernetes Pod and replaces the certificate for you through the control plane.

Service delay tracking

Troubleshooting a single vanilla Kubernetes cluster does not always provide you with the source of the problem. For example, for latency issues, you must analyze the data for a single service. However, this data may have nothing to do with the communication of external services. The cause of the problem may be related to queries or front-end applications.

To solve this problem, you must monitor the performance of the code, analyze errors, and track every service request in the application. Service grid platforms such as Istio provide built-in distributed tracking and do not require code testing.

The service grid uses proxy side cars to route traffic through exits and entrances. Then the request header information is added to the side car to facilitate request tracking, so all the requested tracking information can be obtained without analyzing the code.

Limited load balancing

When the current end needs to handle more traffic, how to accurately locate the traffic bottleneck and expand the front-end scale more quickly? Kubernetes alone does not provide a solution. On the other hand, the service grid provides built-in metrics that you can use to achieve more advanced load balancing.

Different Kubernetes service grid implementations

The following list reviews three existing Kubernetes service grid products. The list clearly points out the important differences when selecting different service grid products.

Istio

Istio is an open source service grid, mainly used to manage multiple service proxies. Istio is jointly developed by Google, IBM and Lyft. Initially only for Kubernetes deployment, then redesigned to support all microservice platforms. Istio integrates with Envoy agents by default. Istio is more concerned with scalability, performance, portability, and maintaining the flexibility of loosely coupled components.

The control plane of Istio is written in GE language. Operators use the control plane to combine different management strategies, and each control plane component is designed for different applications, so Istio can be paired with different underlying data planes.

The main features of Istio include:

Security features, including RBAC, identity and key management.

Advanced current limits, policies, and quotas

Supports HTTP/1.x, HTTP/2, GRPC, WebSockets, and all TCP traffic

Fault injection

Multi-platform, hybrid deployment

Linkerd

Linkerd is an open source service grid project released in February 2016. it is the first product of the service grid family. The service grid design of the platform is very powerful and functional, and can be run in any environment. Linkerd is based on the Finagle library and is written in Scala. It can be extended to manage thousands of requests per second.

The package of Linkerd consists of a control plane and an agent data plane. Linkerd also has a commercial version supported by Buoyant. The current version of Linkerd includes the Service Grid Interface (SMI) traffic API, which can help you automate Canary deployment and other advanced delivery methods.

The main features of Linkerd include:

Support for different platforms, such as Kubernetes,Docker,Amazon ECS,DC/OS

Use built-in service discovery to abstract and unify multiple systems

Supports HTTP/1.x, HTTP/2, GRPC, WebSockets, and all TCP traffic

AWS Application Grid

AWS Application Grid is a service grid solution that simplifies the monitoring and management of microservices in AWS, enabling you to control communication and network traffic between AWS services such as ECS, EKS, EC2. In addition, the application grid enables you to monitor, track, and view microservice logging.

You can deploy the data plane of the application grid in your application, but the control plane is managed by Amazon and cannot be accessed by users.

The above is how to understand the Kubernetes-based service grid. Have you learned the knowledge or skills? If you want to learn more skills or enrich your knowledge reserve, you are welcome to follow the industry information channel.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.