GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → GoogleCloudPlatform → gke-istio-telemetry-demo

GoogleCloudPlatform / gke-istio-telemetry-demo

Licence: Apache-2.0 license
This project demonstrates how to use an Istio service mesh in a single Kubernetes Engine cluster alongside Prometheus, Jaeger, and Grafana, to monitor cluster and workload performance metrics. You will first deploy the Istio control plane, data plane, and additional visibility tools using the provided scripts, then explore the collected metrics …

Programming Languages

shell
77523 projects
python
139335 projects - #7 most used programming language
Makefile
30231 projects

Labels

kubernetesprometheusgkeistiojaegergraphanakubernetes-enginegke-helmsman

Projects that are alternatives of or similar to gke-istio-telemetry-demo

gke-istio-gce-demo
In this project, you will leverage Kubernetes Engine and Google Compute Engine to explore how Istio can manage services that reside outside of the Kubernetes Engine environment. You will deploy a typical Istio service mesh in Kubernetes Engine, then configure an externally deployed microservice to join the mesh.
Stars: ✭ 53 (-3.64%)
Mutual labels:  gke, istio, kubernetes-engine, gke-helmsman
gke-rbac-demo
This project covers two use cases for RBAC within a Kubernetes Engine cluster. First, assigning different permissions to user personas. Second, granting limited API access to an application running within your cluster. Since RBAC's flexibility can occasionally result in complex rules, you will also perform common steps for troubleshooting RBAC a…
Stars: ✭ 138 (+150.91%)
Mutual labels:  gke, kubernetes-engine, gke-helmsman
gke-logging-sinks-demo
This project describes the steps required to deploy a sample application to Kubernetes Engine that forwards log events to Stackdriver Logging. As a part of the exercise, you will create a Cloud Storage bucket and a BigQuery dataset for exporting log data.
Stars: ✭ 45 (-18.18%)
Mutual labels:  gke, kubernetes-engine, gke-helmsman
gke-vault-demo
This demo builds two GKE Clusters and guides you through using secrets in Vault, using Kubernetes authentication from within a pod to login to Vault, and fetching short-lived Google Service Account credentials on-demand from Vault within a pod.
Stars: ✭ 63 (+14.55%)
Mutual labels:  gke, kubernetes-engine, gke-helmsman
gke-datadog-demo
This project demonstrates how a third party solution, like Datadog, can be used to monitor a Kubernetes Engine cluster and its workloads. Using the provided manifest, you will install Datadog and a simple nginx workload into your cluster. The Datadog agents will be configured to monitor the nginx workload, and ship metrics to your own Datadog ac…
Stars: ✭ 21 (-61.82%)
Mutual labels:  gke, kubernetes-engine, gke-helmsman
gke-ip-address-management
An application to help with IP Address Management (IPAM) for Google Kubernetes Engine (GKE) clusters. Easily allows the calculation of the subnets required to spin up GKE clusters in VPC-native mode. See it at: https://googlecloudplatform.github.io/gke-ip-address-management/
Stars: ✭ 45 (-18.18%)
Mutual labels:  gke, kubernetes-engine, gke-helmsman
multitenant-microservices-demo
Full Isolation in Multi-Tenant SaaS with Kubernetes + Istio
Stars: ✭ 57 (+3.64%)
Mutual labels:  gke, istio
istio-mastery
(outdated) Source code for the article Back to Microservices with Istio
Stars: ✭ 89 (+61.82%)
Mutual labels:  istio, jaeger
terraform-google-kubernetes-istio
Creates a kubernetes cluster with istio enabled on GKE
Stars: ✭ 27 (-50.91%)
Mutual labels:  gke, istio
gke-managed-certificates-demo
GKE ingress with GCP managed certificates
Stars: ✭ 21 (-61.82%)
Mutual labels:  gke, gke-helmsman
opentracing-istio-troubleshooting
Tackle the challenge of observability in a Kubernetes application that consists of multiple microservices running in the Open Liberty application server.
Stars: ✭ 16 (-70.91%)
Mutual labels:  istio, jaeger
Microservices Demo
Sample cloud-native application with 10 microservices showcasing Kubernetes, Istio, gRPC and OpenCensus.
Stars: ✭ 11,369 (+20570.91%)
Mutual labels:  gke, istio
multicloud
A multicloud demonstration presented at KubeCon 2019 EU featuring the Hipster Shop across AKS, GKE, and On-Premises
Stars: ✭ 13 (-76.36%)
Mutual labels:  gke, istio
gke-anthos-holistic-demo
This repository guides you through deploying a private GKE cluster and provides a base platform for hands-on exploration of several GKE related topics which leverage or integrate with that infrastructure. After completing the exercises in all topic areas, you will have a deeper understanding of several core components of GKE and GCP as configure…
Stars: ✭ 55 (+0%)
Mutual labels:  gke, gke-helmsman
croc-hunter-jenkinsx
Croc Hunter demo, deployed with Jenkins X
Stars: ✭ 19 (-65.45%)
Mutual labels:  gke
google-managed-certs-gke
DEPRECATED: How to use Google Managed SSL Certificates on GKE
Stars: ✭ 16 (-70.91%)
Mutual labels:  gke
terraform-gke
A set of terraform modules for building GKE clusters.
Stars: ✭ 17 (-69.09%)
Mutual labels:  gke
kube-tmuxp
Tool to generate tmuxp configs that help to switch between multiple Kubernetes contexts safely.
Stars: ✭ 21 (-61.82%)
Mutual labels:  gke
kubernetes workshop
Kubernetes is an open source Container Orchestration System for automatic deployment, scaling, and management of Containerized application. Kubernetes gives you the freedom to take advantage of on-premise, hybrid or public cloud infrastructure. Kubernetes helps you to scale both horizontally and vertically depends on the load.
Stars: ✭ 27 (-50.91%)
Mutual labels:  istio
jaeger-node
Out of the box distributed tracing for Node.js applications.
Stars: ✭ 66 (+20%)
Mutual labels:  jaeger
View All Similar Projects ➔

Istio in a Kubernetes Engine Cluster

Table of Contents

Introduction

Istio is part of a new category of products known as "service mesh" software designed to manage the complexity of service resilience in a microservice infrastructure. It defines itself as a service management framework built to keep business logic separate from the logic to keep your services up and running. In other words, it provides a layer on top of the network that will automatically route traffic to the appropriate services, handle circuit breaker logic, enforce access and load balancing policies, and generate telemetry data to gain insight into the network and allow for quick diagnosis of issues.

For more information on Istio, please refer to the Istio documentation. Some familiarity with Istio is assumed.

This repository contains demonstration code to create an Istio service mesh in a single GKE cluster and use Prometheus, Jaeger, and Grafana to collect metrics and tracing data and then visualize that data.

Architecture

Istio Overview

Istio has two main pieces that create the service mesh: the control plane and the data plane.

Istio Control Plane

The control plane is made up of the following set of components that act together to serve as the hub for the infrastructure's service management:

  • Mixer: a platform-independent component responsible for enforcing access control and usage policies across the service mesh and collecting telemetry data from the Envoy proxy and other services

  • Pilot: provides service discovery for the Envoy sidecars, traffic management capabilities for intelligent routing, (A/B tests, canary deployments, etc.), and resiliency (timeouts, retries, circuit breakers, etc.)

  • Citadel: provides strong service-to-service and end-user authentication using mutual TLS, with built-in identity and credential management.

Istio Data Plane

The data plane comprises all the individual service proxies that are distributed throughout the infrastructure. Istio uses Envoy with some Istio-specific extensions as its service proxy. It mediates all inbound and outbound traffic for all services in the service mesh. Istio leverages Envoy’s many built-in features such as dynamic service discovery, load balancing, TLS termination, HTTP/2 & gRPC proxying, circuit breakers, health checks, staged roll-outs with percentage-based traffic splits, fault injection, and rich metrics.

BookInfo Sample Application

The sample BookInfo application displays information about a book, similar to a single catalog entry of an online book store. Displayed on the page is a description of the book, book details (ISBN, number of pages, and so on), and a few book reviews.

The BookInfo application is broken into four separate microservices and calls on various language environments for its implementation:

  • productpage - The productpage microservice calls the details and reviews microservices to populate the page.
  • details - The details microservice contains book information.
  • reviews - The reviews microservice contains book reviews. It also calls the ratings microservice.
  • ratings - The ratings microservice contains book ranking information that accompanies a book review.

There are 3 versions of the reviews microservice:

  • Version v1 doesn’t call the ratings service.
  • Version v2 calls the ratings service, and displays each rating as 1 to 5 black stars.
  • Version v3 calls the ratings service, and displays each rating as 1 to 5 red stars.

To learn more about Istio, please refer to the project's documentation.

Putting it All Together

The pods and services that make up the Istio control plane are the first components of the architecture that will be installed into Kubernetes Engine. An Istio service proxy is installed along with each microservice during the installation of the BookInfo application, as are our telemetry add-ons. At this point, in addition to the application microservices there are two tiers that make up the Istio architecture: the Control Plane and the Data Plane.

In the diagram, note:

  • All input and output from any BookInfo microservice goes through the service proxy.
  • Each service proxy communicates with each other and the Control Plane to implement the features of the service mesh, circuit breaking, discovery, etc.
  • The Mixer component of the Control Plane is the conduit for the telemetry add-ons to get metrics from the service mesh.
  • The Istio ingress component provides external access to the mesh.
  • The environment is setup in the Kubernetes Engine default network.

Prerequisites

Run Demo in a Google Cloud Shell

Click the button below to run the demo in a Google Cloud Shell.

Open in Cloud Shell

All the tools for the demo are installed. When using Cloud Shell execute the following command in order to setup gcloud cli. When executing this command please setup your region and zone.

gcloud init

A Google Cloud account and a project with billing enabled are required for this demo to function. If you do not have a Google Cloud account please sign up for a free trial here.

Supported Operating Systems

This demo can be run from MacOS, Linux, or, alternatively, directly from Google Cloud Shell. The latter option is the simplest as it only requires browser access to GCP and no additional software is required. Instructions for both alternatives can be found below.

Deploying Demo from Google Cloud Shell

NOTE: This section can be skipped if the cloud deployment is being performed without Cloud Shell, for instance from a local machine or from a server outside GCP.

Google Cloud Shell is a browser-based terminal that Google provides to interact with your GCP resources. It is backed by a free Compute Engine instance that comes with many useful tools already installed, including everything required to run this demo.

Click the button below to open the demo in your Cloud Shell:

Open in Cloud Shell

To prepare gcloud for use in Cloud Shell, execute the following command in the terminal at the bottom of the browser window you just opened:

gcloud init

Respond to the prompts and continue with the following deployment instructions. The prompts will include the account you want to run as, the current project, and, optionally, the default region and zone. These configure Cloud Shell itself-the actual project, region, and zone, used by the demo will be configured separately below.

Deploying Demo without Cloud Shell

NOTE: If the demo is being deployed via Cloud Shell, as described above, this section can be skipped.

For deployments without using Cloud Shell, you will need to have access to a computer providing a bash shell with the following tools installed:

Use git to clone this project to your local machine:

git clone --recursive https://github.com/GoogleCloudPlatform/gke-istio-telemetry-demo.git

Note that the --recursive argument is required to download dependencies provided via a git submodule.

When downloading is complete, change your current working directory to the new project:

cd gke-istio-telemetry-demo

Continue with the instructions below, running all commands from this directory.

Deployment

NOTE: The following instructions are applicable for deployments performed both with and without Cloud Shell.

Copy the properties file to properties.env and set the following variables in the properties.env file:

  • YOUR_PROJECT - the name of the project you want to use
  • YOUR_REGION - the region in which to locate all the infrastructure
  • YOUR_ZONE - the zone in which to locate all the infrastructure
make create

The script should deploy all of the necessary infrastructure and install Istio. The script will end with a line like this, though the IP address will likely be different:

Update istio service proxy environment file
104.196.243.210/productpage

You can open this URL in your browser and see the simple web application provided by the demo.

Validation

  1. On the command line, run the following command:
echo "http://$(kubectl get -n istio-system service istio-ingressgateway -o jsonpath='{.status.loadBalancer.ingress[0].ip}'):$(kubectl get -n istio-system service istio-ingressgateway -o jsonpath='{.spec.ports[?(@.name=="http")].port}')/productpage"
  1. Visit the generated URL in your browser to see the BookInfo application.

View Prometheus UI

  1. To forward the Prometheus UI port locally so you can use the browser to access it, run the following command on the command line:
kubectl -n istio-system port-forward $(kubectl -n istio-system get pod -l app=prometheus -o jsonpath='{.items[0].metadata.name}') 9090:9090
  1. Visit the following URL in your web browser: http://localhost:9090/graph

Press CTRL-C to quit forwarding the port.

For more information on how to use Prometheus with Istio, please refer to the Istio documentation

View Grafana UI

  1. To forward the Grafana UI port locally so you can use the browser to access it, run the following command:
kubectl -n istio-system port-forward $(kubectl -n istio-system get pod -l app=grafana -o jsonpath='{.items[0].metadata.name}') 3000:3000
  1. Visit the following url in your web browser: http://localhost:3000/dashboard/db/istio-dashboard

Press CTRL-C to quit forwarding the port.

For more information on how to use Grafana with Istio, please refer to the Istio documentation

View Jaeger UI

  1. To forward the Jaeger UI port locally so you can use the browser to access it, run the following command:
kubectl port-forward -n istio-system $(kubectl get pod -n istio-system -l app=jaeger -o jsonpath='{.items[0].metadata.name}') 16686:16686
  1. Visit the following url in your web browser: http://localhost:16686

Press CTRL-C to quit forwarding the port.

For more information on how to generate sample traces, please refer to the Istio documentation.

Tear Down

To tear down the resources created by this demonstration, run:

make teardown

Relevant Material

This demo was created with help from the following links:

This is not an officially supported Google product

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].