Hashicorp Consul 提供了相當豐富的 Service Mesh 功能,能夠替分散式服務快速地做服務發現、服務動態劃分和服務設定,Consul 也可以支援多種 runtime 平台,也和許多工具或雲服務商做很好的 Cloud-Native 整合。此 Workshop 主要分為幾個主軸:
- Why Configuration Management?
- Consul 基本使用操作: KV Store, Service Registering and Building a Consul Cluster
- 佈署 Consul 到 Production 環境前所需注意事項
1. ONAP was evolving from a "SOA-like" architecture to a "pure microservices" architecture. MSB provided transparent service registration and communication for ONAP microservices.
2. Istio is an open source service mesh that provides reliability, security, observability and manageability for microservices. It introduces a centralized control plane to manage distributed sidecars.
3. Integrating Istio with ONAP would provide benefits like distributed tracing, metrics visibility and service graph for ONAP microservices. It is important to address challenges in supporting multiple network interfaces and coarse-grained services.
Open Source Networking Days- Service MeshCloudOps2005
At the Linux Foundation's 2018 Open Source Networking Days, Syed Ahmed compared service mesh options (Istio, Linkerd, and Consul Connect) and spoke about how they diverge from many complications traditionally found in monolithic applications.
Leveraging Envoy Proxy and GraphQL to Lower the Risk of Monolith to Microserv...Christian Posta
If you have an existing Java monolith, you know you must take care making changes to it or altering it in any negative way. Often times these monoliths are very valuable to the business and generate a lot of revenue. At the same time, since it’s difficult to make changes to the monolith it’s desirable to move to a microservices architecture. Unfortunately you cannot just do a big-bang migration to a greenfield architecture and will have to incrementally adopt microservices. In this talk, we’ll look at using Gloo proxy which is based on Envoy Proxy and GraphQL to do surgical, function-level traffic control and API aggregation to safely migrate your monolith to microservices and serverless functions.
Multicluster Kubernetes and Service Mesh PatternsChristian Posta
Building applications for cloud-native infrastructure that are resilient, scalable, secure, and meet compliance and IT objectives gets complicated. Another wrinkle for the organizations with which we work is the fact they need to run across a hybrid deployment footprint, not just Kubernetes. At Solo.io, we build application networking technology on Envoy Proxy that helps solve difficult multi-deployment, multi-cluster, and even multi-mesh problems.
In this webinar, we’re going to explore different options and patterns for building secure, scalable, resilient applications using technology like Kubernetes and Service Mesh without leaving behind existing IT investments. We’ll see why and when to use multi-cluster topologies, how to build for high availability and team autonomy, and solve for things like service discovery, identity federation, traffic routing, and access control.
MSB (Microservice Bus) provides solutions for common challenges in microservices architectures. It uses a service gateway for client access, service registration and discovery to dynamically find services, and centralized authentication for access control. The MSB architecture includes components like the service gateway, service registry, and plugins for additional functionality. It aims to provide high availability, separation of internal and external gateways, and extensibility through a plugin model. Example APIs and services are demonstrated for registration and requests.
Modern application architectures are embracing public clouds, microservices, and container schedulers like Kubernetes and Nomad. These bring complex service-to-service communication patterns, increased scale, dynamic IP addresses, ephemeral infrastructure, and higher failure rates. These changes require a new approach for service discovery, configuration, and segmentation. Service discovery enables services to find and communicate with each other. Service configuration allows us to dynamically configure applications at runtime. Service segmentations lets us secure our microservices architectures by limiting access. In this talk, we cover these challenges and how to solve them with Consul providing as a service mesh.
The document provides an overview of the Microservice Bus (MSB) which provides a communication infrastructure to support microservice architecture. Key components of MSB include service registration using a registry like Consul, client-side and server-side service discovery, and API gateways. MSB also includes tools like the Kube2MSB registrator to automatically register services deployed on Kubernetes. Examples are provided for running MSB without and within the ONAP Operations Manager (OOM). The future vision is presented of integrating service mesh technologies into the ONAP Microservice Architecture (OMSA) for carrier-grade microservices.
MSB to Support Carrier Grade ONAP Microservice Architecture with Service MeshHuabing Zhao
The document discusses how the Microservice Bus (MSB) project in ONAP Amsterdam release provides infrastructure to support ONAP's microservices architecture. It describes key MSB components like registry for service information storage, discovery for service lookup, and API gateway for request routing. It outlines plans for MSB in future releases to enhance the microservices infrastructure and provide a service mesh for improved reliability, security, performance, observability and manageability of communication between ONAP microservices.
This document provides an overview of Consul L7, a multi-cloud service networking platform. It discusses background on the transition to multi-cloud, Consul's approach to cloud networking, and principles around API-driven configuration, running services anywhere, and extending integrations. The rest of the document outlines basic Consul configuration, traffic routing, shifting, multi-cluster gateways, service failover, and using metrics and tracing with Envoy proxies.
Building a scalable microservice architecture with envoy, kubernetes and istioSAMIR BEHARA
Talk from O'Reilly Software Architecture Conference San Jose 2019
Microservices and containers have taken the software industry by storm. Transitioning from a monolith to microservices enables you to deploy your application more frequently, independently, and reliably. However, microservice architecture has its own challenges, and it has to deal with the same problems encountered while designing distributed systems.
Enter service mesh technology to the rescue. A service mesh reduces the complexity associated with microservices and provides functionality like load balancing, service discovery, traffic management, circuit breaking, telemetry, fault injection, and more. Istio is one of the best implementations of a service mesh at this point, while Kubernetes provides a platform for running microservices and automating deployment of containerized applications.
Join Samir Behara to go beyond the buzz and understand microservices and service mesh technologies.
Navigating the service mesh landscape with Istio, Consul Connect, and LinkerdChristian Posta
The document discusses various service mesh options including Linkerd, Consul Connect, Istio, and AWS App Mesh. It provides an overview of each solution, describing their key features and strengths/opportunities. It emphasizes that the service mesh approach is useful for managing inter-service communication and that implementations are still evolving. It recommends starting simply and iteratively adopting capabilities to match needs.
Brushing skills on SignalR for ASP.NET developersONE BCG
Let’s take a quick peek at SignalR and how we use it.
SignalR is an open-source library available in ASP.NET, to help developers add real-time features in web applications and more. Chat is the most common application that you can think of, there is a lot more you can do.
SignalR can be used to add any sort of “real-time” web functionality like dashboards, collaborative tools that require simultaneous editing of documents, job progress updates, and real-time forms. It can enable completely new types of web applications that need high-frequency updates from the server. One of the most common examples is real-time gaming.
Covers the following topics:
- Build "Single Page Applications” with the following JS MVC frameworks: Angular.js, Ember.js, BackBone.js
- Node.js
- Trends in Web Application Development
- Architectural patterns
Service-mesh technology promises to deliver a lot of value to a cloud-native application, but it doesn't come without some hype. In this talk, we'll look at what is a "service mesh", how it compares to similar technology (Netflix OSS, API Management, ESBs, etc) and what options for service mesh exist today.
Service-mesh options with Linkerd, Consul, Istio and AWS AppMeshChristian Posta
Service mesh abstracts the network from developers to solve three main pain points:
How do services communicate securely with one another
How can services implement network resilience
When things go wrong, can we identify what and why
Service mesh implementations usually follow a similar architecture: traffic flows through control points between services (usually service proxies deployed as sidecar processes) while an out-of-band set of nodes is responsible for defining the behavior and management of the control points. This loosely breaks out into an architecture of a "data plane" through which requests flow and a "control plane" for managing a service mesh.
Different service mesh implementations use different data planes depending on their use cases and familiarity with particular technology. The control plane implementations vary between service-mesh implementations as well. In this talk, we'll take a look at three different control plane implementations with Istio, Linkerd and Consul, their strengths, and their specific tradeoffs to see how they chose to solve each of the three pain points from above. We can use this information to make choices about a service mesh or to inform our journey if we choose to build a control plane ourselves.
The document provides an overview of microservices and service meshes, and uses Istio as an example service mesh implementation. It discusses how Istio allows microservices to be developed independently while providing capabilities like discovery, load balancing, resilience, metrics and tracing through lightweight proxies. The document then demonstrates what happens at each step of a request's lifecycle as it travels through an application protected by Istio's service mesh. Specifically, it shows how Istio components like Pilot, Envoy, Mixer and Citadel work together to provide control, observability and security for microservices.
In this session, Sam will give an overview of the new Hybrid Connections feature. With this feature, customers can easily connect their cloud services with their existing on premises resources. Sam will demonstrate the various capabilities of this new service and will discuss the advanced features, such as load balancing, Always On connectivity, connection cardinality, automation and performance.
Relevez les défis Kubernetes avec NGINXNGINX, Inc.
Découvrez les dernières tendances de Kubernetes et comment NGINX résout les défis courants dans Kubernetes. Ce webinar vous permettra de découvrir une solution apportant des réponses à vos défis liés à Kubernetes.
Rejoignez ce webinaire pour apprendre :
• Découvrir les avantages des différentes architectures
• Comment utiliser NGINX Ingress Controller pour sécuriser, renforcer et faire évoluer vos environnements Kubernetes
• Comment déployer NGINX nativement dans Kubernetes
• Effectuer un équilibrage de charges, de l’authentification et une sécurisation de manière transparente dans Kubernetes
• La duplication des services d'application, à la fois à l'intérieur et à l'extérieur de Kubernetes
• Optimiser la sécurisation des applications dans Kubernetes avec NGINX App Protect
The Internet of things for integration people - UKCSUG - public versionSam Vanhoutte
This document discusses the Internet of Things and how devices can connect and communicate using Microsoft technologies. It provides examples of smart devices in various industries like retail, healthcare, transportation that generate telemetry data. It then covers common connectivity protocols for IoT, steps to activate a device on a gateway, and patterns for routing telemetry and commands via a service bus. The document demonstrates connecting a Raspberry Pi device and a prototype solar panel system that sends telemetry and receives commands via a gateway and Azure services. It also mentions Microsoft's initiatives in the IoT space like Project Reykjavik and the Intelligent Systems Service.
Service discovery like a pro (presented at reversimX)Eran Harel
So you want to auto scale your services, and use service oriented architecture, eh?
Want to reduce the cost of managing your clusters, and discover them dynamically?
In this talk we shall see how consul helps you do that very efficiently, explain how it works, demonstrate spinning up several interconnected services, and show how we can achieve seamless discovery, HA, and fault tolerance.
This talk will guide you through the first steps to understand Consul and do some cool stuff with it.
You also have a live Vagrant demo available in github at https://github.com/lynxman/consul-first-steps
This document provides an overview of using the Bluemix platform-as-a-service from IBM. It discusses getting started with Bluemix, deploying a sample Node.js application, configuring services, debugging tools, and other features like custom domains and no-downtime deployments. The document is a guide for Node.js developers to understand Bluemix and how to build and deploy applications to it.
Scaling Docker Containers using Kubernetes and Azure Container ServiceBen Hall
This document discusses scaling Docker containers using Kubernetes and Azure Container Service. It begins with an introduction to containers and Docker, including how containers improve dependency and configuration management. It then demonstrates building and deploying containerized applications using Docker and discusses how to optimize Docker images. Finally, it introduces Kubernetes as a tool for orchestrating containers at scale and provides an example of deploying a containerized application on Kubernetes in Azure.
This document provides information about an exam for Deploy and Manage Citrix ADC 13 with Traffic Management. The exam code is 1Y0-241, costs $200 USD, lasts 90 minutes, and contains 64 questions. A passing score is 61%. The document then provides 10 sample exam questions and answers related to configuring and managing a Citrix ADC appliance. It advertises obtaining the latest exam dumps from Homer Co., Ltd and provides contact information.
Running Kubernetes in Production: A Million Ways to Crash Your Cluster - Cont...Henning Jacobs
Bootstrapping a Kubernetes cluster is easy, rolling it out to nearly 200 engineering teams and operating it at scale is a challenge. In this talk, we are presenting our approach to Kubernetes provisioning on AWS, operations and developer experience for our growing Zalando developer base. We will walk you through our horror stories of operating 80+ clusters and share the insights we gained from incidents, failures, user reports and general observations. Most of our learnings apply to other Kubernetes infrastructures (EKS, GKE, ..) as well. This talk strives to reduce the audience’s unknown unknowns about running Kubernetes in production.
https://2018.container.camp/uk/schedule/running-kubernetes-in-production-a-million-ways-to-crash-your-cluster/
Infrastructure development using ConsulGrid Dynamics
This document discusses using Consul for infrastructure development. It describes setting up a first application with various components like load balancers, databases, and application nodes. This led to problems with hardcoded IP addresses and manually updating configuration files. Consul provides service discovery and a key-value store to dynamically configure applications. It was used to generate Nginx and application configurations via Consul templates. This improved the infrastructure by removing IP addresses from files and allowing easy replication of environments.
Kube-proxy enables access to Kubernetes services (virtual IPs backed by pods) by configuring client-side load-balancing on nodes. The first implementation relied on a userspace proxy which was not very performant. The second implementation used iptables and is still the one used in most Kubernetes clusters. Recently, the community introduced an alternative based on IPVS. This talk will start with a description of the different modes and how they work. It will then focus on the IPVS implementation, the improvements it brings, the issues we encountered and how we fixed them as well as the remaining challenges and how they could be addressed. Finally, the talk will present alternative solutions based on eBPF such as Cilium.
HashiStack. To the cloud and beyond...Oleg Lobanov
This document discusses different architectural approaches for scaling a doner marketplace application. It begins by describing the monolithic architecture and its limitations in scaling. It then introduces service-oriented architecture using microservices and discusses challenges in implementing this approach, such as increased complexity and coordination between services. The document recommends using Consul for service discovery, configuration, and orchestration to help address SOA challenges. It provides examples of how Consul can be used for service registration, load balancing, and feature flags. The document also recommends Nomad for deployment automation and Terraform for infrastructure management.
Video and slides synchronized, mp3 and slide download available at URL http://bit.ly/20SN0dP.
Tammer Saleh talks about the mistakes people make when building a microservices architecture. He also talks about: when microservices are appropriate, and where to draw the lines between services, dealing with performance issues, testing and debugging techniques, managing a polyglot landscape and the explosion of platforms, managing failure and graceful degradation. Filmed at qconlondon.com.
Tammer Saleh is a long time developer, leader, and author of the acclaimed book *Rails AntiPatterns*. Saleh is currently building the Cloud Foundry platform at Pivotal.
Config Management Camp 2015 - How to Deploy CFEngine in the Open InternetCFEngine
This document discusses how to deploy CFEngine in the open internet by beginning with bootstrapping, establishing trust between nodes, using the TLS protocol for encryption, selectively distributing assets only to authorized nodes, and diagnosing potential problems. It provides steps for bootstrapping a client to a hub by generating keys, copying policies, and starting services. Trust is established by exchanging public keys. TLS is recommended for encryption and the standard way to enforce it in CFEngine is outlined. Guidelines for selective asset distribution include encrypting secrets and only distributing files to authorized nodes. Diagnosing is suggested by running a verbose server on another port.
Consul is a service for dynamic Service Discovery, a Distributed Key Value store, and Lock Manager service. It provides a lot of useful features for a modern admin, and provides a good complement to Puppet's feature set.
Dylan Cochran of Onyx Point Inc will be showing us how to use Puppet to manage consul, how to use consul to implement advanced administrator actions, and how to use consul to store configuration data that can be used in your puppet modules.
Consul is a service for dynamic Service Discovery, a Distributed Key Value store, and Lock Manager service. It provides a lot of useful features for a modern admin, and provides a good complement to Puppet's feature set.
Dylan Cochran of Onyx Point Inc will be showing us how to use Puppet to manage consul, how to use consul to implement advanced administrator actions, and how to use consul to store configuration data that can be used in your puppet modules.
Integrating Infrastructure as Code into a Continuous Delivery Pipeline | AWS ...Amazon Web Services
This document discusses integrating infrastructure as code into a continuous delivery pipeline. It covers DevOps principles like collaboration, automation, and monitoring everything. It discusses benefits like increased velocity and reduced risk. Infrastructure as code is realized using tools like Ansible, Chef, and Terraform to define infrastructure in code. This allows infrastructure to be treated like code and integrated into software development pipelines for continuous integration and delivery of both application and infrastructure changes.
This document provides an overview of getting started with Consul, including:
1. Consul is a tool for discovering and configuring services that is built on Golang and uses 3 basic ports for RPC, HTTP, and DNS.
2. It features service discovery, health checking, key/value storage, and multi-datacenter support.
3. Setup involves downloading the Consul binary, running the agent, and using commands like "consul members" and "consul join" to manage nodes.
Docker Swarm allows managing multiple Docker hosts as a single virtual Docker engine. The presenter demonstrates setting up a traditional Docker Swarm cluster with an external key-value store and load balancer. SwarmKit provides the core components of Docker Swarm as standalone binaries. Docker Swarm Mode is integrated directly into Docker Engine 1.12 and later, providing built-in orchestration without external components. The presenter then demonstrates a tutorial using Docker Swarm Mode to deploy a multi-container voting application across 3 Docker hosts and scale the service.
stackconf 2020 | The path to a Serverless-native era with Kubernetes by Paolo...NETWAYS
Serverless is one of the hottest design patterns in the cloud today, i’ll cover how the Serverless paradigms are changing the way we develop applications and the cloud infrastructures and how to implement Serveless-kind workloads with Kubernetes.
We’ll go through the latest Kubernetes-based serverless technologies, covering the most important aspects including pricing, scalability, observability and best practices
Webinar: Message Tracing and Debugging in WSO2 Enterprise Service BusWSO2
To view recording of this webinar please use the below URL:
http://wso2.com/library/webinars/2016/10/message-tracing-and-debugging-in-wso2-enterprise-service-bus/
Tracing and debugging play a key role when developing enterprise integration solutions. It helps to understand and build robust high-performance applications efficiently and makes the most use of your development time. Debugging enables developers to traverse message flows during runtime and tracing helps track issues after the process finishes. This allows you to identify and fix issues at the root of the cause.
WSO2 Enterprise Service Bus (WSO2 ESB) has now introduced these two much-awaited features to the distribution. This webinar will
Examine how WSO2 ESB’s runtime, tooling and analytics are integrated to enable debugging and tracing
Explore use case on developing sample artifacts
Demonstrate the capabilities of the debugger
Discuss how to perform tracing information collections
Explain the capabilities of tracing
Similar to 20190727 HashiCorp Consul Workshop: 管管你們家 config 啦 (20)
Overview of ERP - Mechlin Technologies.pptxMitchell Marsh
This PowerPoint presentation provides a comprehensive overview of Enterprise Resource Planning (ERP) systems. It covers the fundamental concepts, benefits, and key functionalities of ERP software, illustrating how it integrates various business processes into a unified system. From finance and HR to supply chain and customer relationship management, ERP facilitates efficient data management and decision-making across organizations. Whether you're new to ERP or looking to deepen your understanding, this presentation offers valuable insights into leveraging ERP for business success.
NBFC Software: Optimize Your Non-Banking Financial CompanyNBFC Softwares
NBFC Software: Optimize Your Non-Banking Financial Company
Enhance Your Financial Services with Comprehensive NBFC Software
NBFC software provides a complete solution for non-banking financial companies, streamlining banking and accounting functions to reduce operational costs. Our software is designed to meet the diverse needs of NBFCs, including investment banks, insurance companies, and hedge funds.
Key Features of NBFC Software:
Centralized Database: Facilitates inter-branch collaboration and smooth operations with a unified platform.
Automation: Simplifies loan lifecycle management and account maintenance, ensuring efficient delivery of financial services.
Customization: Highly customizable to fit specific business needs, offering flexibility in managing various loan types such as home loans, mortgage loans, personal loans, and more.
Security: Ensures safe and secure handling of financial transactions and sensitive data.
User-Friendly Interface: Designed to be intuitive and easy to use, reducing the learning curve for employees.
Cost-Effective: Reduces the need for additional manpower by automating tasks, making it a budget-friendly solution. Benefits of NBFC Software:
Go Paperless: Transition to a fully digital operation, eliminating offline work.
Transparency: Enables managers and executives to monitor various points of the banking process easily.
Defaulter Tracking: Helps track loan defaulters, maintaining a healthy loan management system.
Increased Accessibility: Cutting-edge technology increases the accessibility and usability of NBFC operations. Request a Demo Now!
React and Next.js are complementary tools in web development. React, a JavaScript library, specializes in building user interfaces with its component-based architecture and efficient state management. Next.js extends React by providing server-side rendering, routing, and other utilities, making it ideal for building SEO-friendly, high-performance web applications.
WhatsApp Tracker - Tracking WhatsApp to Boost Online Safety.pdfonemonitarsoftware
WhatsApp Tracker Software is an effective tool for remotely tracking the target’s WhatsApp activities. It allows users to monitor their loved one’s online behavior to ensure appropriate interactions for responsive device use.
Download this PPTX file and share this information to others.
CViewSurvey Digitech Pvt Ltd that works on a proven C.A.A.G. model.bhatinidhi2001
CViewSurvey is a SaaS-based Web & Mobile application that provides digital transformation to traditional paper surveys and feedback for customer & employee experience, field & market research that helps you evaluate your customer's as well as employee's loyalty.
With our unique C.A.A.G. Collect, Analysis, Act & Grow approach; business & industry’s can create customized surveys on web, publish on app to collect unlimited response & review AI backed real-time data analytics on mobile & tablets anytime, anywhere. Data collected when offline is securely stored in the device, which syncs to the cloud server when connected to any network.
Attendance Tracking From Paper To DigitalTask Tracker
If you are having trouble deciding which time tracker tool is best for you, try "Task Tracker" app. It has numerous features, including the ability to check daily attendance sheet, and other that make team management easier.
Seamless PostgreSQL to Snowflake Data Transfer in 8 Simple StepsEstuary Flow
Unlock the full potential of your data by effortlessly migrating from PostgreSQL to Snowflake, the leading cloud data warehouse. This comprehensive guide presents an easy-to-follow 8-step process using Estuary Flow, an open-source data operations platform designed to simplify data pipelines.
Discover how to seamlessly transfer your PostgreSQL data to Snowflake, leveraging Estuary Flow's intuitive interface and powerful real-time replication capabilities. Harness the power of both platforms to create a robust data ecosystem that drives business intelligence, analytics, and data-driven decision-making.
Key Takeaways:
1. Effortless Migration: Learn how to migrate your PostgreSQL data to Snowflake in 8 simple steps, even with limited technical expertise.
2. Real-Time Insights: Achieve near-instantaneous data syncing for up-to-the-minute analytics and reporting.
3. Cost-Effective Solution: Lower your total cost of ownership (TCO) with Estuary Flow's efficient and scalable architecture.
4. Seamless Integration: Combine the strengths of PostgreSQL's transactional power with Snowflake's cloud-native scalability and data warehousing features.
Don't miss out on this opportunity to unlock the full potential of your data. Read & Download this comprehensive guide now and embark on a seamless data journey from PostgreSQL to Snowflake with Estuary Flow!
Try it Free: https://dashboard.estuary.dev/register
A captivating AI chatbot PowerPoint presentation is made with a striking backdrop in order to attract a wider audience. Select this template featuring several AI chatbot visuals to boost audience engagement and spontaneity. With the aid of this multi-colored template, you may make a compelling presentation and get extra bonuses. To easily elucidate your ideas, choose a typeface with vibrant colors. You can include your data regarding utilizing the chatbot methodology to the remaining half of the template.
Explore the rapid development journey of TryBoxLang, completed in just 48 hours. This session delves into the innovative process behind creating TryBoxLang, a platform designed to showcase the capabilities of BoxLang by Ortus Solutions. Discover the challenges, strategies, and outcomes of this accelerated development effort, highlighting how TryBoxLang provides a practical introduction to BoxLang's features and benefits.
A Comparative Analysis of Functional and Non-Functional Testing.pdfkalichargn70th171
A robust software testing strategy encompassing functional and non-functional testing is fundamental for development teams. These twin pillars are essential for ensuring the success of your applications. But why are they so critical?
Functional testing rigorously examines the application's processes against predefined requirements, ensuring they align seamlessly. Conversely, non-functional testing evaluates performance and reliability under load, enhancing the end-user experience.
React Native vs Flutter - SSTech SystemSSTech System
Your project needs and long-term objectives will ultimately choose which of React Native and Flutter to use. For applications using JavaScript and current web technologies in particular, React Native is a mature and trustworthy choice. For projects that value performance and customizability across many platforms, Flutter, on the other hand, provides outstanding performance and a unified UI development experience.
2. Levi Chen
Software Engineer in Common Service Team @ 91APP
Contact Me @
● FB: https://www.facebook.com/ChenJiunYi
● Blog: http://blog.levichen.tw/
About Me
25. CH01 Why Configuration Management?
● Morden app are smaller, compostable & portable
● More fixable service management
● Single code base multiple deployment
● External services are unstable
29. E = Number of Environments
N = Number of Services
M = Number of Instances
The Deployment Complexity = E * N * M
30. CH01 Why Configuration Management?
● Morden app are smaller, compostable & portable
● More fixable service management
● Single code base multiple deployment
● External services are unstable
40. CH01 Why Configuration Management?
● Morden app are smaller, compostable & portable
● More fixable service management
● Single code base multiple deployment
● External services are unstable
46. Environment 1
AM
CI Server
1. Build Code
CMService B 3. Get Configuration
2. Get Artifact
Environment 2
CMService B 3. Get Configuration
2. Get Artifact
Configuration
(Git)
1. Build Configuration
47. CH01 Why Configuration Management?
● Morden app are smaller, compostable & portable
● More fixable service management
● Single code base multiple deployment
● External services are unstable
64. Please launch two terminals on Cloud9
Terminal 1 For starting Consul
Terminal 2 For executing commands
65. // terminal 1
$ consul agent -dev -ui -http-port 8080
// terminal 2
$ export CONSUL_HTTP_ADDR=http://localhost:8080
$ consul members
Launch Consul in Develop mode and check cluster members
69. CH02 Play with Consul: KV
● Key value store
● Used to hold dynamic configuration
70. // In terminal 2
$ export CONSUL_HTTP_ADDR=http://localhost:8080
// Get key value
$ consul kv get redis/config/minconns
// Insert a key value paris
$ consul kv put redis/config/minconns 1
$ consul kv put redis/config/maxconns 25
// Get single key value
$ consul kv get redis/config/minconns
// Get key value recursively
$ consul kv get -recurse
72. // update
$ consul kv put redis/config/minconns 9
$ consul kv get redis/config/minconns
// delete
$ consul kv delete redis/config/minconns
$ consul kv delete -recurse redis
Delete commands is dangerous check your ACL configruation before go live
73. ● Service Definition
○ Using statis service difinition files
● HTTP API
○ Using Consul command or HTTP API
CH02 Play with Consul: Registering Service
74. // terminal 1
// exit the previous consul process
$ cd ../lab02
$ consul agent -dev -ui -http-port 8080 -config-dir=conf.d
Launch Consul Again
84. // terminal 2
$ cd consul-workshop/lab02/
$ export CONSUL_HTTP_ADDR=http://localhost:8080
$ curl --request PUT --data @webapi.json
${CONSUL_HTTP_ADDR}/v1/agent/service/register
Launch Consul Again
87. Service health check
Critical component of service discovery that prevent using services that are
unhealthy.
Two approach to register check:
● Check difination files
● HTTP API
Unhealth
● exit code > 0
88. Launch Consul service and try get service via Consul HTTP API
// terminal 1
// exit the previous consul process
$ cd ../lab03
$ consul agent -dev -ui -http-port 8080 -enable-script-checks -config-dir=./
// terminal 2
$ cd ../lab03
$ export CONSUL_HTTP_ADDR=http://localhost:8080
$ curl $CONSUL_HTTP_ADDR/v1/health/state/critical
$ dig @127.0.0.1 -p 8600 web.service.consul SRV
98. ● Client passive (Pull)
○ Simpler
○ Bottleneck in the server
● Client active (Push)
○ Faster
Service health check: Push v.s Pull
99. ● KV
○ Key value store
○ Used to hold dynamic configuration
● Registering service
○ Static
○ Dynamic
● Health check
○ Consul helps you to check internal/external services
○ Push / Pull mode
Summary
102. Server
- bootstrap-expect: the number of expected servers in the datacenter
- ui: Enables the built-in web UI server and the required HTTP routes.
- client: The address to which Consul will bind client interfaces, including the HTTP and DNS
servers.
- node: The name of this node in the cluster.
Client
- join: Address of another agent to join upon starting up.
103. // terminal 1
// exit the previous consul process
$ cd ../lab04
$ docker-compose up -d
Using docker-compose to launch 1 Consul Server + 1 Consul Client
104. // terminal 2
// go into the Docker instance
$ docker exec -it consul-client sh
// get Consul Cluster information via local Consul agent
# consul members
109. // terminal 1
$ cd ../lab05
$ docker-compose up -d
Using docker-compose to launch 1 Consul Server + 3 Consul Clients + 2 webs
112. // terminal 2
// go into the Docker instance
$ docker exec -it consul-client3 sh
// get Consul Cluster via local Consul agent
# consul members
// get service information via HTTP API
# curl -G localhost:8500/v1/catalog/service/web | jq
113. // Get VIP instances
# curl -G localhost:8500/v1/catalog/service/web
--data-urlencode 'filter="VIP" in ServiceTags' | jq
// Get Normal instances
# curl -G localhost:8500/v1/catalog/service/web
--data-urlencode 'filter="Normal" in ServiceTags' | jq
126. ● Is Consul Stable?
● Monitoring Consul Cluster
● How to discover the service discovery system?
● How to push in the company?
● Production checklist
CH03 Go Live
127. ● Is Consul Stable?
● Monitoring Consul Cluster
● How to discover the service discovery service?
● How legacy service use it?
● Production checklist
CH03 Go Live
133. ● Is Consul Stable?
● Monitoring Consul Cluster
● How to discover the service discovery service?
● How legacy service use it?
● Production checklist
CH03 Go Live
140. ● Is Consul Stable?
● Monoriting Consul Cluster
● How to discover the service discovery service?
● How legacy service use it?
● Production checklist
CH03 Go Live
143. Environment 1
AM
CI Server
0. Build Code
CMService B
Environment 2
CMService B
Configuration
(Git)
0. Build Configuration
144. Environment 1
AM
CI Server
CMService B
Environment 2
CMService B
Configuration
(Git)
1. Get Instance Metadata
Version, AM URL, CM URL
Version, AM URL, CM URL
1. Get Instance Metadata
147. Environment 1
AM
CI Server
0. Build Code
CMService B 3. Get Configuration
Environment 2
CMService B 3. Get Configuration
Configuration
(Git)
0. Build Configuration
1. Get Instance Metadata
Version, AM URL, CM URL
Version, AM URL, CM URL
2. Get Artifact
1. Get Instance Metadata
2. Get Artifact
148. ● Run Consul Client (Join Consul Cluster)
● Get Service Name, Service Version, Artifacts Url, Market and Environment
● Get Artifacts
● Get Confugration
● Run Service
Service Provisioning
149. ● Is Consul Stable?
● Monitoring Consul Cluster
● How to discover the service discovery service?
● How legacy service use Consul?
● Production checklist
CH03 Go Live
151. Consul Template
This project provides a convenient way to populate values from Consul into the file
system using the consul-template daemon.
https://github.com/hashicorp/consul-template
153. // check all terminals change dir to lab07
$ cd ../lab07
// in terminal 1
$ docker-compose up -d
// in termianl 2
$ curl localhost:8081
154. // in termianl 2
// launch consul template, it will regenerator nginx proxy, and you can
access web1, web2 now
$ consul-template -template
"./nginx-config-template/upstream.tpl:./nginx-config/upstream.conf:docker restart proxy"
// in termianl 3
$ curl localhost:8081
$ docker stop web2
$ curl localhost:8081
156. ● Is Consul Stable?
● Monoriting Consul Cluster
● How to discover the service discovery service?
● How legacy service use Consul?
● Production checklist
CH03 Go Live
157. CH03 Go Live: Production checklist
● Networking
○ Port. Like: DNS Server, HTTP API, Serf, Gossip
○ DNS Configuration
■ https://learn.hashicorp.com/consul/security-networking/forwarding
■ https://learn.hashicorp.com/consul/security-networking/dns-caching
● Consul Servers Deployment
○ Consul Binary
○ Configuration
○ Telemerty configured
● Consul Clients Deployment
○ Sidecar or not?
○ External Service Monitor has been deployed to nodes that can not run a Consul client
158. ● Security
○ Encription of Communication
○ Enable ACLs
○ Setup a Certificate Authority
● Failure Recovery
CH03 Go Live: Production checklist
159. CH01 Why Configuration Management?
● Morden app are smaller, compostable & portable
● More fixable service management
● Single code base multiple deployment
● External services are unstable
Summary
160. CH02 Play With Consul
● KV
○ Key value store
○ Used to hold dynamic configuration
● Registering service
○ Static
○ Dynamic
● Health check
○ Consul helps you to check internal/external services
○ Push / Pull mode
● Building Consul cluster
Summary
161. CH03 Go Live
● Is Consul Stable?
● Monitoring Consul Cluster
● How to discover the service discovery service?
● How legacy service use Consul?
● Production checklist
Summary
164. ● Remember to delete your Cloud9 instance & Admin IAM Role
● CloudWatch Log will delete automatically after 2 weeks
Clean Up
165. ● 91APP
○ Andrew Wu
○ Rick Hwang
○ Earou Huang
○ Infra & Common Service Team Members
● DevOps Taiwan & Taipei HashiCorp User Group
○ Cheng Wei Chen
○ Smalltown
○ Rico Chen
● AWS
○ Carol Chen
● eCloudvalley Technology
Thank you sooooooooooooooo much