Build and Manage Multi-Cloud Applications Using Kuma
1 like91 views
The document outlines the benefits and architecture of Kuma, a service mesh designed for building and managing multi-cloud applications. It emphasizes the importance of service connectivity, security, and observability in distributed cloud environments while providing a flexible and agnostic approach to service integration. Key takeaways include increased developer productivity, reliable connectivity, and intuitive design for seamless multi-cluster and multi-zone deployment.
Build and Manage Multi-Cloud Applications Using Kuma
- 1. © OPITZ CONSULTING 2022 / Öffentlich Build and Manage Multi-Cloud Applications Using Kuma 1
- 2. © OPITZ CONSULTING 2022 / Öffentlich Build and Manage Multi-Cloud Applications Using Kuma 2 SERVICE MESH BASICS 01
- 3. © OPITZ CONSULTING 2022 / Öffentlich CONNECTIVITY IS THE BACKBONE OF DIGITAL ORGANIZATIONS Build and Manage Multi-Cloud Applications Using Kuma 3 Centralized STATIC ON-PREM MONOLITH VIRTUAL MACHINES MANUAL CHANGE PROCESS Decentralized DYNAMIC CLOUD / MULTI-CLOUD MICROSERVICES / SERVERLESS CONTAINERS, KUBERNETES AUTOMATED CI/CD TOOL CHAIN # Services & APIs CONTROL AND VISIBILITY
- 4. © OPITZ CONSULTING 2022 / Öffentlich WHAT’S END-TO-END SERVICE CONNECTIVITY? Build and Manage Multi-Cloud Applications Using Kuma 4 ¢ Between applications ¢ Within applications ¢ At the edge EDGE Monolithic back end service Microservices based app Microservices exposed at edge for external consumption
- 5. © OPITZ CONSULTING 2022 / Öffentlich INCREASED COMPLEXITY AND CHALLENGES WITH RESPECT TO DEVELOPMENT CONSISTENCY Build and Manage Multi-Cloud Applications Using Kuma 5 Security Security Logging Logging Security Tracing Metrics Routing Metrics Tracing Application AuthN/Z Rate-Limiting Routing Caching Organization Application AuthN/Z Versioning Versioning Rate-Limiting
- 6. © OPITZ CONSULTING 2022 / Öffentlich WHAT’S A SERVICE MESH? Build and Manage Multi-Cloud Applications Using Kuma 6 ¢ Efficient implementation of cross-cutting concerns with respect to service integration challenges ¢ Everything is a service! ¢ Cloud-native apps deployed to Kubernetes ¢ Non Cloud-native workloads ¢ Should be independent of ¢ Architecture (e.g. Monolithic or µService) ¢ Platform (e.g. VMs, Containers, Kubernetes) Dedicated infrastructure layer that makes service-to-service communication more reliable, secure and observable
- 7. © OPITZ CONSULTING 2022 / Öffentlich Build and Manage Multi-Cloud Applications Using Kuma 7 KUMA MESH 02
- 8. © OPITZ CONSULTING 2022 / Öffentlich KUMA MESH Build and Manage Multi-Cloud Applications Using Kuma 8 ¢ Initally invented by Kong and donated to CNCF in 2020 ¢ Provides a modern distributed Control Plane ¢ Completely Envoy-based Data Plane proxies ¢ Platform agnostic open-source control plane for Service Mesh ¢ Hence Kuma is ¢ Universal ¢ Simple ¢ Scalable ¢ Flexible deployment options ¢ Standalone deployment ¢ Multi-Zone deployment Source: https://tinyurl.com/xb57bhx5
- 9. © OPITZ CONSULTING 2022 / Öffentlich KUMA STANDALONE ARCHITECTURE Build and Manage Multi-Cloud Applications Using Kuma 9
- 10. © OPITZ CONSULTING 2022 / Öffentlich KUMA MULTI-CLUSTER ARCHITECTURE Build and Manage Multi-Cloud Applications Using Kuma 10 ¢ One zone can be deployed over multiple clusters ¢ All traffic enters cluster over zone ingress ¢ One Remote (Zone) Control Plane in each cluster
- 11. © OPITZ CONSULTING 2022 / Öffentlich KUMA NETWORKING / CNI Build and Manage Multi-Cloud Applications Using Kuma 11 ¢ Installed as DaemonSet on all Nodes ¢ Injects label on Pods - k8s.v1.cni.cncf.io/networks: kuma-cni ¢ CNI enables Transparent Proxying – redirects all traffic through Data Plane
- 12. © OPITZ CONSULTING 2022 / Öffentlich KUMA NETWORKING / INIT-CONTAINER Build and Manage Multi-Cloud Applications Using Kuma 12 ¢ Injected to Pod and started individually before Data Plane ¢ Configures iptables / network routing
- 13. © OPITZ CONSULTING 2022 / Öffentlich SERVICE MESH DNS Build and Manage Multi-Cloud Applications Using Kuma 13 ¢ Local DNS resolution directly in Data Plane (Envoy) ¢ Names are not resolvable in complete cluster, just inside service mesh (Envoy) ¢ Resolves “.mesh“ address to pre-defined service mesh IP address ¢ IP in other zone / cluster is routed over Kuma Zone Ingress
- 14. © OPITZ CONSULTING 2022 / Öffentlich ZONE EGRESS Build and Manage Multi-Cloud Applications Using Kuma 14 ¢ Special Data Plane instance – like Zone Ingress ¢ All outgoing traffic is routed through this instance ¢ Usage of External Services just possible with deployed Zone Egress in the future
- 15. © OPITZ CONSULTING 2022 / Öffentlich Build and Manage Multi-Cloud Applications Using Kuma 15 DEMO 03
- 16. © OPITZ CONSULTING 2022 / Öffentlich DEMO: MULTI-CLOUD / MULTI-CLUSTER MESH – OCI SETUP Build and Manage Multi-Cloud Applications Using Kuma 16
- 17. © OPITZ CONSULTING 2022 / Öffentlich DEMO: MULTI-CLOUD / MULTI-CLUSTER MESH – AZURE SETUP Build and Manage Multi-Cloud Applications Using Kuma 17
- 18. © OPITZ CONSULTING 2022 / Öffentlich DEMO: MULTI-CLOUD / MULTI-CLUSTER MESH Build and Manage Multi-Cloud Applications Using Kuma 18
- 19. © OPITZ CONSULTING 2022 / Öffentlich Build and Manage Multi-Cloud Applications Using Kuma 19 CONCLUSION 04
- 20. © OPITZ CONSULTING 2022 / Öffentlich SERVICE MESH BENEFITS Build and Manage Multi-Cloud Applications Using Kuma 20 ¢ Increased Developers productivity ¢ Self-service network management ¢ Reliable connectivity ¢ Zero-trust security ¢ Service Discovery ¢ Observability
- 21. © OPITZ CONSULTING 2022 / Öffentlich KEY TAKEAWAYS Build and Manage Multi-Cloud Applications Using Kuma 21 ¢ Service Mesh is essential to build and manage multi-cloud apps efficiently ¢ Kuma as a mesh implementation provides ¢ Agnostic approach (indepent of architecture or platform) ¢ Modern, flexible architecture supporting hybrid, multi-cloud scenarios ¢ Multi-zone ¢ Multi-cluster ¢ Multi-mesh ¢ Seamless CI / CD integration (GitOps) ¢ Intuitive design ¢ Spanning a mesh over mulitple clusters and clouds can be done easily
- 22. © OPITZ CONSULTING 2022 / Öffentlich MATERIALS Build and Manage Multi-Cloud Applications Using Kuma 22 ¢ Demo Source: https://github.com/KongChampions/kuma-multi-zone-mesh ¢ Kuma docs: https://kuma.io/docs/2.0.x/ ¢ Kuma Counter Demo: https://github.com/kumahq/kuma-counter-demo ¢ Kuma introduction – Meetup recording “Service integration made easy with OpenSource Kuma”: https://www.youtube.com/watch?v=f3GeuKzYrsA&t=1s ¢ Demo “Service integration made easy with OpenSource Kuma”: https://github.com/svenbernhardt/service-integration-made-easy
- 23. © OPITZ CONSULTING 2022 / Öffentlich Build and Manage Multi-Cloud Applications Using Kuma 23 Q & A https://opitzcloud.canto.global/b/H0EMG
- 24. © OPITZ CONSULTING 2022 / Öffentlich Build and Manage Multi-Cloud Applications Using Kuma 24 www.opitz-consulting.com KONTAKT Sven Bernhardt Senior Manager Corporate Development [email protected] +49 172 2193529 https://www.xing.com/profile/Sven_Bernhardt/ https://www.linkedin.com/in/sven-bernhardt-0570b823/ Fabian Hardt Solution Architect [email protected] https://twitter.com/fabian_hardt https://www.xing.com/profile/Fabian_Hardt https://www.linkedin.com/in/fabian-hardt-0956b1b1