Cloud Observability by pradpoddar

With the rapid adoption of Microservice architecture pattern for distributed systems, we are seeing how a single monolithic application can get decomposed into multiple loosely coupled services. These services run as docker containers, many times horizontally scaled to multiple instances in production environment and orchestrated by complex and advanced platform engines like Kubernetes.

It’s not always an easy task. While developing and deploying is one part of the equation, another important aspect is managing such huge number of micro services and making sure everything is running fine. At any moment in time, operations and support team need to know what…


Photo by Edgar Castrejon on Unsplash

If you or your team is working with containers and pods, chances are you have heard of Kubernetes. Kubernetes is not new, however for many of us, there’s still some mystery to how it all comes together. Getting the basic concepts right is important to understand it overall which will help you not only in your daily work but also in becoming an expert in this field if you want to.

Here we are going to look at the top 5 concepts one absolutely need to know about Kubernetes:

  • What is it
  • What kind of workload can we run on…


Photo by Ben White on Unsplash

Kubernetes uses etcd as it’s main backend database. It stores all configuration data in key-value format in etcd. If you lose etcd, your Kubernetes will stop working. Kubernetes uses etcd to store its actual state and desired state of the system. It then uses etcd watch functionality to monitor changes and based on that reconcile actual v/s desired state.

And it’s not just Kubernetes, there are other adopters like Rook, CoreDNS etc.

Most Important Data Model Design Policy

One of the most important design characteristics of etcd is — nothing gets deleted unless the admin truncates data. By design etcd stores data as multi-version key-value pair…


Spiderman reading about mesh.
Spiderman reading about mesh.
Photo by Road Trip with Raj on Unsplash

We are all seeing rise of microservices. While Docker is helping teams with development, Kubernetes has gradually become platform of choice for runtime orchestration of the containers. Many companies have successfully improved use of Kubernetes moving their applications into microservices world and while doing so has effectively increased footprint of the microservices manifold. These organizations now face runtime challenges of efficiently routing, monitoring and securing the networking between these microservices — not because we don’t know how, but because the sheer increase in number and volume calls for a dedicated and efficient solution. …


Jaeger for Distributed Tracing. Image by pradpoddar.

As we all have realized by now, moving into a microservices ecosystem brings its own challenges. Among them is the loss of visibility into the system, and the complex interactions occurring between services. The reliability of the system is paramount, yet it is not possible without observability. Traditional monitoring tools such as metrics and distributed logging still have their place, but they often fail to provide visibility across services. This is where distributed tracing provided by Jaeger thrives.

OpenTracing Specification

https://opentracing.io/

Distributed tracing is challenging because the instrumentation must propagate the tracing context both within and between processes, many times…


Photo by KOBU Agency on Unsplash

We are going to look into a straight forward way of how to develop and build a simple and efficient PHP Apache Docker image.

Project Directory Structure

To start with the project directory structure will look like below.


Image by pradpoddar.

In Kubernetes, many times the challenge is not how to do deployments, but how to connect to the deployments. While trying to set-up a networking freeway, apart from load balancing and web acceleration, TLS is one of the major success criteria too. At this point, reverse proxies emerge as an important and logical consideration for all practical reasons.

“A reverse proxy server is a type of proxy server that typically sits behind the firewall in a private network and directs client requests to the appropriate backend server. A reverse proxy provides an additional level of abstraction and control to ensure…


Image by pradpoddar.

Application logs can help you understand what is happening inside your application. Container engines and distributed platforms are designed to support logging. The easiest and most adopted logging method for containerized applications is writing to standard output and standard error streams. However, the native functionality provided by a container engine or runtime is usually not enough for a complete logging solution.

Kubernetes does not provide a native storage solution for log data. Instead, there are many logging solutions that integrate with Kubernetes.

Fluentd

https://www.fluentd.org/ , https://github.com/fluent/fluentd

  • Fluentd is an open source unified logging layer whose sole purpose is to take files…


Photo by Jason Dent on Unsplash

Secrets management refers to the tools and technologies used to manage digital authentication credentials. This can include APIs, keys, passwords, tokens, or other credentials used to protect sensitive information across the IT ecosystem. Secrets are becoming more challenging to manage as cloud native grows. Every service requires an API key or credentials, so more software is passing credentials through more services than ever before. — cncf.io

Below is the result of a recent survey conducted by CNCF on how top technology companies are doing secret management for their mission critical cloud applications.


Photo by María Noel Rabuñal Cantero on Unsplash

As number of microservices increase, service mesh starts to make sense. Some time back I wrote about top service mesh products of 2021. Going in those lines, if we choose Istio, how would we do it for our production environment.

There are essentially 4 dimensions of configuration which one would need to explore and find answer for to come up with the best possible deployment model based on your requirements and resources. They are — Cluster, Network, Control plane and the mesh itself.

We will need to cover each of these, one step at a time.

Cluster

This is as you…

Prad Poddar

Technology enthusiast. Working as a cloud solution architect at a Fortune 500 company. Cooks, travels, games and enjoys life with friends and family.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store