Assignment 3.2

Final Problem Statement:

Implementation of service mesh technologies for the micro services of the codestorm project.

Differences from Initial Problem Statement:

The codestorm team initially faced a lot of issues while configuration of the different service mesh technologies with current Kubernetes version (1.11.1). In order to overcome the issue, the team had to upgrade the Kubernetes version from (1.11) to (1.14) which is compatible with most other service mesh tools. In order to upgrade the Kubernetes version, the team had to create new VM instances, set up Kubernetes Cluster on the newly created VMs via Ansible scripts and finally deploy the application to the newly generated cluster. This unaccounted change led the team to focus on two service mesh technologies i.e. Istio and LinkerD.

Problem Statement Development:

The CodeStorm Project comprises of the following micro services:

• User Management
• Session Management
• Data Analysis
• Model Execution
• Post Processing

Each of these micro services communicate directly with each other. In addition, it was noticed that a upon performing analysis step before data retrieval step led to an application error. Moreover, the application too failed to handle more than 1000 requests. In order to overcome these issues, the team decided to make a use of service mesh technology and the allied tools that could help tide over the above-mentioned issues. The team decided to break the problem statement into following sub-tasks

• Implement a robust communication method between the microservices
• Make the system fault tolerant.
• Ensure that the system is secure
• Make the system scalabale

Methodology:

• The team realized that all the above-mentioned problems can be solved via usage of the service mesh technologies
• The team decided to explore and implement the two most popular service mesh technologies i.e. Istio and LinkerD
• These service mesh technologies deploy the side cars OR web proxies for each micro service. In addition, these side cars along with a plethora of configurations can help implement different features like Request Routing, Fault Injection, Traffic Shifting

Implementation:

Istio (1.5.2)

The following were the steps taken for the installation, configuration & deployment process:

1. Log in to the Master VM.
2. git clone the repository:
   • https://github.com/DickChesterwood/istio-fleetman/tree/master/_course_files/warmup-exercise
3. Navigate to the path istio-fleetman/tree/master/_course_files/warmup-exercise
4. Execute the following commands:
   • kubectl apply -f 1-istio-init.yaml
   • kubectl apply -f 2-istio-minikube.yaml
   • kubectl apply -f 3-kiali-secret.yaml
5. Add a namespace label to instruct Istio to automatically inject Envoy sidecar proxies when you deploy your application later:
   • kubectl label namespace default istio-injection=enabled
6. Destroy the application pods using the following command:
   • kubectl delete deployment.apps/weather-app-frontend service/weather-app-frontend
   • kubectl delete deployment.apps/weather-app service/weather-app
7. git clone the repository:
   • https://github.com/airavata-courses/codestorm.git
8. Navigate to the path codestorm/Kubernetes/kubectl_secret
   • kubectl apply -f kubernetes_production.yml --validate=false
9. Execute the following commands:
   • kubectl get services
   • kubectl get pods Wait until all the pods are ready and in running state
10. Access the application: http://149.165.171.133:30001
11. Access the Kiali Dashboard: http://149.165.171.133:31000
12. Access the Grafana Dashboard: http://149.165.171.133:31002
13. Navigate to the path https://github.com/airavata-courses/codestorm/tree/dockerize-flask-node/Istio_Configurations
14. Execute the following commands:
    • kubectl apply -f virtual-service-all-v1.yaml
    • kubectl apply -f destination-rules.yaml
    • kubectl apply -f fault-injection.yaml
    • kubectl apply -f traffic-shifting.yaml
15. The first two commands implement request routing feature, the third command injects the fault tolerance feature and the last command takes care of routing the incoming traffic to by certain percentage to different system versions

Evaluation:

Please follow the Steps mentioned in the implementation section in order to evaluate the system.

Conclusions and Outcomes:

Overall the team received a steep learning curve about the concepts underlying the service mesh technologies and their scenario based uses. Moreover, the assignment presented a broad and an open ended problem related to the micro services architecture of the code storm team that can have multiple solutions.

Linkerd

Benefits of Linkerd

• Grafana Dashboard.
• Enforced security by default mTLS encryption.
• Customizable Proxy server to define authorization and security rules.
• You can also customize route relay.
• Has lesser functionalities than Istio but speeds up communication as compared to Istio.

Linkerd Installation

Referenced from: https://linkerd.io/2/getting-started/

• Linkerd runs on Kubernetes 1.13 or more. Therefore, check the version of Kubernetes, by running the following command:

kubectl version --short

• If first time, download Linkerd CLI using:

curl -sL https://run.linkerd.io/install | sh

• Download CLI using

export PATH=$PATH:$HOME/.linkerd2/bin

• Download and install the CLI with:

brew install linkerd

• Verify if the CLI is running with:

linkerd version

• Validate Kubernetes cluster

linkerd check --pre

• Install Linkerd cluster using

linkerd install | kubectl apply -f -

• Now to install Linkerd control plane

linkerd check

• To check the components that have been installed, run:

kubectl -n linkerd get deploy

Team Member Contributions:

1. Drishti Dhamejani
   • Looked up on LinkerD Tutorials and Concepts.
   • Creation of new VMs, Networks, Security Groups, Routers on Openstack in collaboration with Nikhil Mankame.
   • Linkerd Download and Installation.
   • Linkerd Controlplane and Dataplane deployment.
2. Daksha Nagre
   • Looked up on Istio, Envoy Tutorials and Concepts.
   • Creation of new VMs, Networks, Security Groups, Routers on Openstack in collaboration with Drishti Dhamejani, Nikhil Mankame.
   • Install and Configured Istioctl.
3. Nikhil B Mankame
   • Looked up Istio Tutorials & Concepts
   • Creation of new VMs, Networks, Security Groups, Routers on Openstack in collaboration with Drishti Dhamejani and Daksha Nagre
   • Deployment of new Kubernetes Cluster via ansible scripts:
     • https://github.com/airavata-courses/codestorm/commit/5786d7f1064d813894c81cea24a76309960eb2e3
   • Istio Download and Installation
   • Namespace Configuration and Sidecar proxies deployment
   • Deployment of 3 features:
     • Request Routing
     • Fault Injection
     • Traffic Shifting
     • https://github.com/airavata-courses/codestorm/commit/a8ad79fc31e1d29cd87837dabe7c9db97d4ef003