Showing posts with label microservice. Show all posts
Showing posts with label microservice. Show all posts

Jaeger + Elastic Search: Handson

Posted by Manish Panchmatia on Thursday, November 14, 2019 Labels: , , , / Comments: (0)

Steps

 docker run --rm -it --name=elasticsearch -e "ES_JAVA_OPTS=-Xms2g -Xmx2g" -p 9200:9200 -p 9300:9300 -e "discovery.type=single-node" -e "xpack.security.enabled=false" docker.elastic.co/elasticsearch/elasticsearch:6.8.0

 docker run --rm -it --link=elasticsearch --name=kibana -p 5601:5601 docker.elastic.co/kibana/kibana:6.8.0

 docker run --rm -it --link=elasticsearch --name=jaeger -e SPAN_STORAGE_TYPE=elasticsearch -e ES_SERVER_URLS=http://elasticsearch:9200 -e ES_TAGS_AS_FIELDS_ALL=true -p 16686:16686 jaegertracing/all-in-one:1.12
docker run --rm --link jaeger --env JAEGER_AGENT_HOST=jaeger --env JAEGER_AGENT_PORT=6831 -p8080-8083:8080-8083 jaegertracing/example-hotrod:latest all 

 Create a file JSON.txt with below conntent

 {
    "query" : {
        "match_all" : {}
    }

}

 curl -XGET "localhost:9200/jaeger-span-YYYY-MM-DD/_search" -H "Content-Type: application/json" -d @json.txt

 curl -XGET "localhost:9200/jaeger-span-YYYY-MM-DD/_search?size=10000" -H "Content-Type: application/json" -d @json.txt

 Reference:

 https://medium.com/jaegertracing/jaeger-elasticsearch-and-kibana-7ecb846137b6


JSON Output: 

{
  "took": 0,
  "timed_out": false,
  "_shards": {
    "total": 5,
    "successful": 5,
    "skipped": 0,
    "failed": 0
  },
  "hits": {
    "total": 441,
    "max_score": 1,
    "hits": [
      {
        "_index": "jaeger-span-2019-11-12",
        "_type": "span",
        "_id": "mQ2cXm4BVYoOLxBFNHpP",
        "_score": 1,
        "_source": {
          "traceID": "553c8316169ab970",
          "spanID": "2cd1c33438cb79f5",
          "flags": 1,
          "operationName": "HTTP GET /route",
          "references": [
            {
              "refType": "CHILD_OF",
              "traceID": "553c8316169ab970",
              "spanID": "44fa89467cc873aa"
            }
          ],
          "startTime": 1573545324720315,
          "startTimeMillis": 1573545324720,
          "duration": 53302,
          "tags": [],
          "tag": {
            "component": "net/http",
            "http@method": "GET",
            "http@status_code": 200,
            "http@url": "/route?dropoff=728%2C326&pickup=106%2C311",
            "internal@span@format": "proto",
            "span@kind": "server"
          },
          "logs": [
            {
              "timestamp": 1573545324720369,
              "fields": [
                {
                  "key": "event",
                  "type": "string",
                  "value": "HTTP request received"
                },
                {
                  "key": "level",
                  "type": "string",
                  "value": "info"
                },
                {
                  "key": "method",
                  "type": "string",
                  "value": "GET"
                },
                {
                  "key": "url",
                  "type": "string",
                  "value": "/route?dropoff=728%2C326&pickup=106%2C311"
                }
              ]
            }
          ],
          "process": {
            "serviceName": "route",
            "tags": [],
            "tag": {
              "client-uuid": "761a24cbd892ada8",
              "hostname": "367b2536b5f9",
              "ip": "172.17.0.5",
              "jaeger@version": "Go-2.20.0"
            }
          }
        }
      },
.....
    ]
  }
}

Trace JSON at Kibana APM

 {
    "events": [
        {
            "@timestamp": "2018-07-30T18:53:42.281Z",
            "agent": {
                "name": "elastic-node",
                "version": "3.14.0"
            },
            "parent": {
                "id": "abcdef0123456789"
            },
            "processor": {
                "event": "span",
                "name": "transaction"
            },
            "service": {
                "environment": "staging",
                "name": "backendspans"
            },
            "span": {
                "action": "query.custom",
                "duration": {
                    "us": 141581
                },
                "id": "abcdef01234567",
                "name": "GET /api/types",
                "subtype": "postgresql",
                "type": "db"
            },
            "timestamp": {
                "us": 1532976822281000
            },
            "trace": {
                "id": "fdedef0123456789abcdef9876543210"
            },
            "transaction": {
                "id": "01af25874dec69dd"
            }

        },
.....
    ]

}
Reference
https://www.elastic.co/guide/en/apm/server/current/span-indices.html

Distributed Tracing FAQ

Posted by Manish Panchmatia Labels: , , , , / Comments: (0)


** Is tracing only for request-response pair? How tracing happens for indication where response is not expected.

Zipkin
This is: One-way RPC Tracing. One-way is the same as normal RPC tracing, except there is no response anticipated.
In normal RPC tracing 4 annotations are used: “cs” “sr” (request) then “ss” “cr” (response). In one-way tracing, the first two are used “cs” “sr” as there is no response returned to the caller.
So, the client adds “cs” to a span and reports it to zipkin. Then, the server adds “sr” to the same span and reports it. Neither side add Span.timestamp or duration because neither side know both when the span started and finished.
CS = Client Send
SR = Server Receive
SS = Server Sent
CR = Client Receive
They are annotations for spans in Zipkin format
Refer: https://engineeringblog.yelp.com/images/posts/distributed-tracing-at-yelp/zipkin_image_2.png



Jaeger

For asynchronous messaging communications: “span.kind” tag values are: Producer and Consumer
For synchronous RPC communications: “span.kind” tag values are: Client and Server
The span.kind=server tag denotes an entry span, e.g. a span created in the local code in response to an external request. Likewise, span.kind=client denotes an exit span, e.g. a call made from the local code to another server.








Ref: https://cloud.spring.io/spring-cloud-sleuth/reference/html/

** At ‘Istio service mesh’, does ‘Envoy sidecar proxy’ add ‘B3 headers’ for incoming message or outgoing message,
For incoming message.

** What if some of the microservices use Zipkin format and new microservices use Jaeger format at K8s cluster?
Jaeger provides backward compatibility. So, just need to route ‘Zipkin format data’ from ‘legacy services’ to ‘Jaeger backend’ using ‘zipkin collector’

As Per: https://www.jaegertracing.io/docs/1.13/features/
Backwards compatibility with Zipkin
Although we recommend instrumenting applications with OpenTracing API and binding to Jaeger client libraries to benefit from advanced features not available elsewhere, if your organization has already invested in the instrumentation using Zipkin libraries, you do not have to rewrite all that code. Jaeger provides backwards compatibility with Zipkin by accepting spans in Zipkin formats (Thrift or JSON v1/v2) over HTTP. Switching from Zipkin backend is just a matter of routing the traffic from Zipkin libraries to the Jaeger backend.

** The ‘Envoy sidecar proxy’ at ‘Istio Service Mesh’ sends collected span data (JSON format) to Jaeger Collector. It it for incoming message or outgoing message?
The ‘Envoy sidecar proxy’ sends a single span (JSON format), asynchronously, anytime, after receiving response for the request which was originated by application.

** Can we bypass Jaeger Agent?
Yes for C++ Jaeger ClientLib.
https://github.com/jaegertracing/jaeger-client-cpp/issues/165
https://github.com/jaegertracing/jaeger-client-cpp/issues/122

** Can Jaeger Collector work on UDP?
No.

** How to use Baggage in Jaeger headers?
Key: uberctx-{baggage-key}
Value: url-encoded string

** How to use Baggage in Zipkin B3 header?
baggage-:
The support is only for Java and Go languages

** What is thrift
https://en.wikipedia.org/wiki/Apache_Thrift. It is for RPC with format like: JSON, Binary etc.

** what is TChannel?
It is a protocol over TCP for RPC

** Does Zipkin supports binary/compress format?
Zipkin can work on TChannel. It also supports compact Thrift format. However, Jaeger is better as being CNCF project.

** TChannel, Thrift, or its combination, which one is better?
Now, Jaeger collector supports gRPC as well. gRPC can be even better choice.

** Wild card query is supported at Jaeger UI?
No, due to limitations of other storage implementations. However, one can use Kibana + Elastic Search for the same.

Turn Off

Posted by Manish Panchmatia on Saturday, July 27, 2019 Labels: , , , , , / Comments: (0)

Today I came across an interesting website about all comics related to IT, computer, software etc. 

 Let me share my faviorte list

 K8s : http://turnoff.us/geek/the-depressed-developer-44/
Container : http://turnoff.us/geek/kernel-economics/

 Python : 
http://turnoff.us/geek/the-depressed-developer-35/
http://turnoff.us/geek/python-private-methods/
http://turnoff.us/geek/math-class-2018/

 Manager : http://turnoff.us/geek/the-realist-manager/
Social Media http://turnoff.us/geek/the-depressed-developer-23/
AI : 
http://turnoff.us/geek/python-robots/
http://turnoff.us/geek/chatbot/
http://turnoff.us/geek/sad-robot/
http://turnoff.us/geek/when-ai-meets-git/

 Debug: http://turnoff.us/geek/the-last-resort/
USB : http://turnoff.us/geek/tobbys-world/
CI/CD : http://turnoff.us/geek/deployment-pipeline/
GW API : http://turnoff.us/geek/distributed-architecture-drama/

 Computer Science concepts
Process v/s thread : http://turnoff.us/geek/dont-share-mutable-state/
Btree: http://turnoff.us/geek/binary-tree/
Zombie Process http://turnoff.us/geek/zombie-processes/
Idle CPU : http://turnoff.us/geek/idle/

Dockercon 2019 SFO Recap & Announcements

Posted by Manish Panchmatia on Thursday, June 20, 2019 Labels: , , , , , / Comments: (0)

This blog is just about key takeaway points from a Meetup Event : https://www.meetup.com/Docker-Bangalore/events/261474778/

 and

 https://github.com/collabnix/dockerbangalore/tree/master/slides/15th-June-2019-Dockercon19-Recap

 =================================================

 1. Dockercon 19 Recap & Announcement by 

Ajeet Singh Raina https://www.linkedin.com/in/ajeetsraina/




Importanat playlists



Docker Labs : https://github.com/collabnix/dockerlabs DockerLabs brings you tutorials that help you get hands-on experience using Docker & Kubernetes.

Ajeet discussed about Docker desktop enterprise and its feature application designer. Version Packs is used for backward compatibility.  https://blog.docker.com/2019/05/a-first-look-at-docker-desktop-enterprise/


"docker buildx" is useful to build Docker container image for various on-premises and cloud platform in one shot. At present, available only in enterprise version. 

One interesting webinar : "How Docker Simplifies Kubernetes for the Masses"


 =================================================

 2. Hardening and Securing your Kubernetes Platform – Munish Kumar Gupta

 cAdvisor, is agent running at worker node, which collect usage information. It is not secure. As part of hardening, it is disabled. 

 One should refer : Docker file best practicies https://docs.docker.com/develop/develop-images/dockerfile_best-practices/

 Important resources about security : Center for Internet Security (CIS)
https://en.wikipedia.org/wiki/Center_for_Internet_Security
https://www.cisecurity.org/

 If master node comes down, then also the application will be keep running. Yes, during deployment if master node come down then deployment got impacted. 

 We should sepeate network for control plane (between master node, worker nodes) and user plane (for pod to pod communication among microservices)

 We should have pod restart policy and health check API in plact at pod. 

 Munish kept camera icon on right top cornet to indicate picture time. Instead of taking notes, one can take picture of that important slide. 


Generally at VISA deployment the VMs are run with 30 to 40 % of capacity. Containers run with higher capacity. 

 https://github.com/collabnix/dockerbangalore/blob/master/slides/15th-June-2019-Dockercon19-Recap/-

 =================================================

 3. Next Gen Payments Platform For Evolving Digital Economy – Sachin Karjatkar & Prabhu Kadapenthangal Venkatesan




=================================================

 4. Sentiment Analysis using Stanford NLP , Docker , Helidon Microservice - Saiyam Pathak

 DockerHub can pull DOCKERFILE from github and build Docker container image with appropriate config settings at DockerHub website. 

 Saiyam's suggested to use his github repository for K8s autoscaller components. https://github.com/saiyam1814/autoscaler 
It is based on K8s git hub repository https://github.com/kubernetes/autoscaler

 Helidon is a collection of Java libraries for writing microservices that run on a fast web core powered by Netty. https://helidon.io

 Torando is a Python web framework and asynchronous networking library, https://www.tornadoweb.org

 https://stanfordnlp.github.io/CoreNLP/
https://nlp.stanford.edu/sentiment/
https://github.com/stanfordnlp/CoreNLP

 Nginx is a web server which can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.

 Want to port forward a resource:
kubectl port-forward TYPE/NAME [LOCAL_PORT:]REMOTE_PORT
kubectl  port-forward deployment/saiyam 8081:8080
=================================================

 5. Running Docker containers on IoT - Sangam Biradar

 Docker repository for Raspberry Pi https://hub.docker.com/u/arm32v7

 https://www.slideshare.net/sangambiradar370/docker-on-iot-dockercon19-sfo-recap-announcements-bangalore

Container Orchestration

Posted by Manish Panchmatia on Friday, June 14, 2019 Labels: , , / Comments: (0)

What is Container Orchestration ?

 - Fault tolerant
- Scaling
- Optimally use resources
- Discovery
- Access from outside world
- Update/rollback with 0 downtime

 What Container Orchestrators do?

 - cluster = multiple host together
- schedule container(pod) to run on host/node
- network among pod on different nodes
- bind container with storage
- services = group of containers
- keep resource usage in check and optimize if needed
- secure access to app running inside continer

 Deployment options

 on-premise v/s cloud
bare-matel v/s VM

 Container Orchestrators 

 - Kubernetes
- Docker Swarm
- Mesos Marathon
- Docker Compose : Single machine. Not for large scale. With one command, "docker compose up" it will bring up : containers, volumes, networks
- Hashicorp Nomad

 - Amazon ECS (Amazon EC2 container service)
1. Task == Pod
2. It has its own repository. 
3. Task can be part of CloudFormation stack. Task, Queue, EC2 Volume all together in 
4. CloudFormation to start and to cleanup
5. To get started https://aws.amazon.com/ecs/
- AWS Fargate https://aws.amazon.com/fargate
- Google Kubernetes Engine (^L = clear = cls at Google Cloud Shell)
- Microsoft Azure Kubernetes Services (AKS)
- Cloud Foundry
- Rackspace
- Oracle Cloud Infrastructure 
- Rancher

 K8s Features

 schedule pod based on resource usage and constrain with HA
self-healing
scaling
- service discovery + load balancing. 
- auto rollout and rollback
- secrets and config mgt
- storage orchstration with SDS
- batch execution
- RBAC

Service Catalog

Posted by Manish Panchmatia on Tuesday, March 26, 2019 Labels: , , , , / Comments: (0)

Introduction

 The Service Catalog offers :
- powerful abstractions to make services available in a Kubernetes cluster. 
These services are:
- typically third-party managed cloud offerings OR
- self-hosted services 

 Developers can focus on the applications without the need for managing complex services deployment.

 Service Catalog is list of (1) service class (or service offering) E.g services : database, messaging queue, API gateway, a log drain, or something else. Services are associated with (2) service plan The service plan is variant of service in terms of cost, size etc.

 Service Broker
Typically, a third party Service provider will expose a Service Broker on their own infrastructure

 Service configuration options using JSON schema to configure service and plan. Automatic form building is also possible. 

 Service Broker use cases

 1. Service breaker handle interactions from modern cloud native apps to legacy system for valueable data stored at legacy system.
2. OSBAPI allows interactions with multiple cloud provider. 

 Service broker can also implement web-based service dashboard

 A Service Broker is a piece of software (server) that implements the Open Service Broker APIs. These APIs are for
- listing catalog
- provisioning 
- deprovisioning
- binding service instance with application
- unbinding service instance from application

 These are secure APIs. Service broker implements OAuth etc on interface with application / container / platform. a service broker proxy can be used to support custom authentication flow. 

 For time consuming provisioning and deprovisioning, OSBAPI supports asynchronous operation. 

 The service broker first register with K8s.
K8s platform is like client software, that request service broker. The first request may be to get service catalog. Then K8s platform will ask to create new service instance

 on-demand : service instance is provisioned, when requested.

multi-tenant : service instance are pre-provisioned.

The service instance will be bind to K8s application/pod using Service BindingsTypically, a Service Binding will also provide credentials and connectivity information (IP and port) to the application to access the Service. These credentials will be managed by K8s as secrets. 

Here, service catalog is K8s resource and it has corresponding (1) Service Catalog Controller and (2) Service Catalog API Gateway. The end-user will interact with Service Catalog API gateway. The gateway will ask service broker to list out all the services (service offering/class + service plan). Then K8s will update (remove duplicate, add, delete, modify) the master service catalog and respond to application/platform client. 

Comparison


Open Service Broker API             Kubernetes servicecatalog.k8s.io Kinds
Platform                            Kubernetes
Service Broker                     ClusterServiceBroker
Service                             ClusterServiceClass
Plan                                ClusterServicePlan
Service Instance                    ServiceInstance
Service Binding                     ServiceBinding

Reference 

Cloud Native

Posted by Manish Panchmatia on Monday, March 25, 2019 Labels: , , / Comments: (0)

According to CNCF TOC (Technical Oversight Committee), following is the definition of Cloud Native:

 CNCF Cloud Native Definition v1.0 Approved by TOC: 2018-06-11

 “Cloud native technologies empower organizations to build and run scalable applications in modern, dynamic environments such as public, private, and hybrid clouds. Containers, service meshes, microservices, immutable infrastructure, and declarative APIs exemplify this approach.

 These techniques enable loosely coupled systems that are resilient, manageable, and observable. Combined with robust automation, they allow engineers to make high-impact changes frequently and predictably with minimal toil.
The Cloud Native Computing Foundation seeks to drive adoption of this paradigm by fostering and sustaining an ecosystem of open source, vendor-neutral projects. We democratize state-of-the-art patterns to make these innovations accessible for everyone”


 Cloud Native
- Promotes OpenSource
- MicroService Architecture
- Containers and container orchestration tools (Read: Docker and K8s)
- Agility
- Automation

 It is also about
- Infrastructure as a code
- CI/CD pipeline
- Monitoring tools

 Cloud Computing
- On demand computing on Internet
- Minimal Mgmt efforts
- Cost effective due to economies of scale.

 Serverless
- cloud-computing execution model
- dynamically managing resources.
- Pricing is based on resources consumed
- application, run in managed, ephemeral containers on a “Functions as a Service” (FaaS) platform. ” - Reduced operational cost, complexity and engineering lead time

 MicroService
- Software development technique
- A Variant of SOA
- loosely couples services
- fine grained services
- lightweight protocols
- modular design

 Service Oriented Architecture
- Service reusability
- Easy maintenance
- Greater reliability
- Platform independence

 MicroService  Benefits 
- Agility
- Fine-grained Scaling
- Technology Independence
- Parallel Development
- Better Fault Isolation
- Easier to Refactor
- Easy to Understand
- Faster Developer On boarding

 Micro Service Architecture Challenges
- Operational Complexity
- Performance Hit Due to Network Latency
- Increased Configuration Management
- Unsafe Communication Medium
- Harder to Troubleshoot
- Architectural Complexity
- Higher Costs
- Duplication of Developer Effort

 Cross cutting concerns
- Externalized configuration
- Logging
- Health checks
- Distributed tracing
- Boilerplate code for integrations with message broker, etc.

 API Design
REST over HTTP using JSON is common choice

 * One can have shared database among all services OR database per service. 

 Fault Tolerance 
The Circuit Breaker pattern can prevent an application from repeatedly trying to execute an operation that's likely to fail. It allows services to recover and limit cascading failures across multiple systems

 Log Aggregation
ELK
1. Logstash
2. Elastic Serach
3. Kibana

 Distributed Tracing
The correlation ID helps to understand flow of events across services. 

 Securing Micro Services
1. JSON Web Token (JWT) 
2. OAuth2. About resource access and sharing. 
3. OpenID Connect. About user authentication. It is on top of OAuth2

 K8S Deployment
https://container-solutions.com/kubernetes-deployment-strategies/
https://github.com/ContainerSolutions/k8s-deployment-strategies/

MicroService Structure

Posted by Manish Panchmatia on Monday, March 18, 2019 Labels: , / Comments: (0)

1. API

 * Operation
- Command to modify data
- Query to retrieve data

 * Types
- Synchronous
- Asynchronous 

 * Protocol
- gRPC
- RESTful

 Here the microservice is like server. Customer will invoke the service using API

 2. API client

 Here the microservice is like client. It will invoke another microservice using its API. 

 3. Event Publisher

 4. Event Consumer

 Event is typically DDD event.  

 5. Business logic

 6. Private Database

MicroServices : common characteristics

Posted by Manish Panchmatia Labels: , / Comments: (0)


- Automated Deployment

 - Componentization via Services : 
-- component is a unit of software that is independently replaceable and upgradeable.
-- A service may consist of multiple processes that will always be developed and deployed together
-- services are independently deployable.
-- Microservices have their own domain logic

 - Organized around Business Capabilities
-- No 3-tier

 - Products not Projects

 - Smart endpoints and dumb pipes
-- microservices aim to be as decoupled and as cohesive as possible
-- Microservices receiving a request, applying logic as appropriate and prois ducing a response
-- No Enterprise Service Bus (ESB), with sophisticated facilities for message routing, choreography, transformation, and applying business rules.

 - Decentralized Governance
-- difference component, different langugae
-- Patterns: Tolerant Reader and Consumer-Driven Contracts

 - Decentralized Data Management
-- Domain-Driven Design DDD divides a complex domain up into multiple bounded contexts and maps out the relationships between them.
-- Polyglot Persistence : Each service owns its database
-- Results in simpler upgrade of application. 
1. User sessions : Redis
2. Financial Data and Reporting : RDBMS
3. Shopping Cart : Riak
4. Recommendation : Neo4j
5. Product Catalog : MongoDB
6. Analytics and User activity logs : Cassandra

 - Infrastructure Automation
-- CI/CD Pipeline

 - Design for failure
-- The application should able to tolerate the failure of services
-- Real time monitoring (of circuit breaker status, current throughput and latency) and auto restore of services.
- Evolutionary Design
-- How to divide monolith : 
1. The key property of a component: independent replacement and upgradeability
2. drive modularity through the pattern of change: Most frequent changed code should be in one service. Least frequent changed, stable code in another service. The modules often changed to gather should be merged in single service. 
-- Avoid using versing of services
-- Example The Guardian website

 Reference
https://martinfowler.com/articles/microservices.html
https://martinfowler.com/bliki/PolyglotPersistence.html