Source The first words Service Mesh is a cutting-edge terminology in these days. I have seen that a lot of people starting to talk about this topic all over the world. The first time around 4 months ago, I started to have a look at it and really surprise a lot. How beautiful can it do to help us build a complex microservices stack actually makes me keep focusing on it? As far as we know, in order to build the system with microservices approach comes with a lot of headache problems, and the main things are we need to pay attention to many concepts of the distributed computing. Everyone knows that distributed computing. In my personally, the distributed system is quite hard and not easy to adopt for a long time after it is coined many years ago. Many big companies like Twitter, Netflix, Google, Amazon, Microsoft… spent a lot of money and efforts to find and build the neat solutions on that. A ton of libraries and tools came in since then. You can search a lot of topics to discuss how can we build and use those solutions and tooling to avoid the trap in the microservices approach. Just googling a microservices keyword and you will believe in me. The complex problems are communication, traffic control (route), security, and observe services quite hard to adopt, even if you are know everything about how to implement it. “ ” is a term that we heard a lot nowadays. But what the heck if we don’t need to optimize, instead of removing it. This sentence is quite buzzwords, but actually, it is real if you follow up to the end of this article, and find out by yourself how easy it can. Believe me! Don’t optimize layers, remove them In 2017, there are coming with a lot of tooling and orchestrator which helps us a lot in managing the dynamic and flexible of changes in software development (infrastructure as software). Some of those are Docker, Kubernetes, Istio… And just last couple of days, Istio released to 1.0.0 version and promise that they will become the big tooling in the service mesh world that helps us build up the microservice stack with a small effort. http://layer5.io/service-meshes To start with the big thing, we need to set up and run the small thing first, I chose CoolStore project from JBoss Demo Center and Redhat Demo Center to demonstrate what I said. This project is implemented totally in Java Stack. I borrow the ideas and build up from scratch with .NET Core 2.x and NodeJS because of the popularity of .NET in my company and generally in my country as well. In remain of this article, we will deploy the following Coolstore project as following to AKS Prerequisites Windows 10 Windows Subsystem Linux (WSL — Ubuntu OS) Docker for Windows (Kubernetes enabled) Azure Account with a valid subscription kubectl helm istioctl Azure CLI 2.0 (az) Install Docker for Windows and enable Kubernetes, Ubuntu WSL, kubectl, istioctl, helm and az Step 1: Create coolstore AKS, enabled RBAC. Minimum should have 3 nodes (istio pilot needs it) Step 2: And make sure checking to enable RBAC as following Follow up with next steps to finish creating the cluster. It normally takes around 20 to 30 minutes. After it finished, we should be able to access to the Dashboard with following steps > az aks get-credentials --resource-group coolstore --name coolstore> kubectl proxy But now, you will not be able to access to Kubernetes Dashboard. Then we need to add several steps then > kubectl create clusterrolebinding kubernetes-dashboard -n kube-system --clusterrole=cluster-admin --serviceaccount=kube-system:kubernetes-dashboard Get the token subsequently > kubectl get secret $(kubectl get serviceaccount kubernetes-dashboard -n kube-system -o jsonpath="{.secrets[0].name}") -n kube-system -o jsonpath="{.data.token}" | base64 --decode Paste the token to login page as http://localhost:8001/api/v1/namespaces/kube-system/services/kubernetes-dashboard/proxy/#!/login Install Istio on AKS Step 3: Due to some of the timeout issues for helm at now so that I couldn’t use helm to install, but export it to yaml file, then using kubectl to create it on AKS. Download istio 1.0.0, then upzip to somewhere on the machine. Following command to export and deploy it to AKS > helm template install/kubernetes/helm/istio --namespace istio-system > istio-dump.yamlkubectl create -f istio-dump.yaml > kubectl create -f istio-dump.yaml Install Coolstore on AKS Step 4: Get the internal istio-ingress IP by using > kubectl get services istio-ingressgateway -n istio-system -o=jsonpath={.spec.clusterIP} Create the with content like values.aks.yaml gateway: ip: 10.0.106.82 Then run helm command > helm template deploys/charts/coolstore -f deploys/charts/coolstore/values.aks.yaml > deploys/k8s/dev-all-in-one.aks.yaml Finally, we inject sidecar with this command > istioctl kube-inject -f deploys/k8s/dev-all-in-one.aks.yaml | kubectl apply -f - Put mapping for hosts file Step 5: Get external IP on istio ingress by using > kubectl get svc -n istio-system It should print out something like ...istio-ingressgateway LoadBalancer 10.106.52.19 localhost 80:31380/TCP,443:31390/TCP,31400:31400/TCP,15011:32131/TCP,8060:30958/TCP,15030:31983/TCP,15031:30365/TCP 8d... Then, we only need to copy 10.106.52.19 to C:\Windows\System32\drivers\etc\hosts file as following 10.106.52.19 id.coolstore.aks10.106.52.19 api.coolstore.aks10.106.52.19 coolstore.aks From now on, we can access website at , identity provider at , and api gateway at http://coolstore.aks http://id.coolstore.aks http://api.coolstore.aks Let say we access to /cart/swagger, then we should see http://api.coolstore.aks And the website at http://coolstore.aks Hola! We done. Lets explore and enjoy the world of Service Mesh. Final Thoughts In 2018, we have enough of tooling to make our dream comes to. We have Docker to package your piece of the application, then we don’t worry about which programming language that we used to implement the application. That means we have portability attribute in software development. From now on, we can bring this image and start to run it anytime, anywhere on any platforms (cloud-native apps). But then we need some tool for control and orchestrate your containers in Cloud Native platforms. That where Kubernetes come in to play its role. We have the tool just to control and help us to orchestrate our container to play the correct way on the correct role, and on the correct policy that we allow by define in manifest files. What makes it different finally? Service Mesh will help you to control your traffic, secure communication, define the way services connecting together, and essentially observation your activities. We will see the emerge of Service Mesh in next couple of years. And also the next couple of articles from me in this year about this topic. The source code for this article can be found at https://github.com/vietnam-devs/coolstore-microservices Thanks for reading! If you enjoyed this article, be sure to click 👏 symbol below so others will see it.
