With the rapid adoption of Microservice architecture pattern for distributed systems, we are seeing how a single monolithic application can get decomposed into multiple loosely coupled services. These services run as docker containers, many times horizontally scaled to multiple instances in production environment and orchestrated by complex and advanced platform engines like Kubernetes.
It’s not always an easy task. While developing and deploying is one part of the equation, another important aspect is managing such huge number of micro services and making sure everything is running fine. At any moment in time, operations and support team need to know what…
If you or your team is working with containers and pods, chances are you have heard of Kubernetes. Kubernetes is not new, however for many of us, there’s still some mystery to how it all comes together. Getting the basic concepts right is important to understand it overall which will help you not only in your daily work but also in becoming an expert in this field if you want to.
Here we are going to look at the top 5 concepts one absolutely need to know about Kubernetes:
Kubernetes uses etcd as it’s main backend database. It stores all configuration data in key-value format in etcd. If you lose etcd, your Kubernetes will stop working. Kubernetes uses etcd to store its actual state and desired state of the system. It then uses etcd watch functionality to monitor changes and based on that reconcile actual v/s desired state.
And it’s not just Kubernetes, there are other adopters like Rook, CoreDNS etc.
One of the most important design characteristics of etcd is — nothing gets deleted unless the admin truncates data. By design etcd stores data as multi-version key-value pair…
We are all seeing rise of microservices. While Docker is helping teams with development, Kubernetes has gradually become platform of choice for runtime orchestration of the containers. Many companies have successfully improved use of Kubernetes moving their applications into microservices world and while doing so has effectively increased footprint of the microservices manifold. These organizations now face runtime challenges of efficiently routing, monitoring and securing the networking between these microservices — not because we don’t know how, but because the sheer increase in number and volume calls for a dedicated and efficient solution. …
As we all have realized by now, moving into a microservices ecosystem brings its own challenges. Among them is the loss of visibility into the system, and the complex interactions occurring between services. The reliability of the system is paramount, yet it is not possible without observability. Traditional monitoring tools such as metrics and distributed logging still have their place, but they often fail to provide visibility across services. This is where distributed tracing provided by Jaeger thrives.
Distributed tracing is challenging because the instrumentation must propagate the tracing context both within and between processes, many times…
We are going to look into a straight forward way of how to develop and build a simple and efficient PHP Apache Docker image.
Project Directory Structure
To start with the project directory structure will look like below.
In Kubernetes, many times the challenge is not how to do deployments, but how to connect to the deployments. While trying to set-up a networking freeway, apart from load balancing and web acceleration, TLS is one of the major success criteria too. At this point, reverse proxies emerge as an important and logical consideration for all practical reasons.
“A reverse proxy server is a type of proxy server that typically sits behind the firewall in a private network and directs client requests to the appropriate backend server. A reverse proxy provides an additional level of abstraction and control to ensure…
Application logs can help you understand what is happening inside your application. Container engines and distributed platforms are designed to support logging. The easiest and most adopted logging method for containerized applications is writing to standard output and standard error streams. However, the native functionality provided by a container engine or runtime is usually not enough for a complete logging solution.
Kubernetes does not provide a native storage solution for log data. Instead, there are many logging solutions that integrate with Kubernetes.
Secrets management refers to the tools and technologies used to manage digital authentication credentials. This can include APIs, keys, passwords, tokens, or other credentials used to protect sensitive information across the IT ecosystem. Secrets are becoming more challenging to manage as cloud native grows. Every service requires an API key or credentials, so more software is passing credentials through more services than ever before. — cncf.io
Below is the result of a recent survey conducted by CNCF on how top technology companies are doing secret management for their mission critical cloud applications.
As number of microservices increase, service mesh starts to make sense. Some time back I wrote about top service mesh products of 2021. Going in those lines, if we choose Istio, how would we do it for our production environment.
There are essentially 4 dimensions of configuration which one would need to explore and find answer for to come up with the best possible deployment model based on your requirements and resources. They are — Cluster, Network, Control plane and the mesh itself.
We will need to cover each of these, one step at a time.
This is as you…
Technology enthusiast. Working as a cloud solution architect at a Fortune 500 company. Cooks, travels, games and enjoys life with friends and family.