Service Mesh Fundamentals with Linkerd
Decoupling at layer 5
Topic: System Administration
Organizations that have adopted containers and are running a handful (or more) of microservices often find tools to provide observability, control, and security lacking. Service meshes—the third phase in the microservices journey—have quickly entered the cloud native landscape, filling unmet service-level needs and providing a substrate of secure connectivity, uniform visibility, and granular control over service requests. Operating at layer 5, service meshes offer great value.
Lee Calcote walks you through advanced service mesh concepts and each and every aspect of the popular service mesh Linkerd. Over three hours, you’ll gain hands-on experience deploying Linkerd alongside microservices running in Kubernetes.
What you'll learn-and how you can apply it
By the end of this live online course, you’ll understand:
- Linkerd's methods for managing telemetry, monitoring, and reporting
- Approaches to canary deployments and securing communication with Linkerd
And you’ll be able to:
- Configure and operate Linkerd in context of an example workloads and their common use cases
- Manage traffic through load balancing and resilient communications
- Enforce policies and rate limiting
- Be confident in the third step of your cloud native journey with ongoing management of your service mesh
This training course is for you because...
- You’re an operator who wants uniform observability irrespective of the different languages and libraries that run your services.
- You’re a developer who wants to affect application behavior without code changes.
- You want to become a cloud native architect or level up as one.
- Familiarity with Docker and Kubernetes.
- A computer with Docker Desktop (or Docker) and Meshery installed locally.
- Access to local or remote Kubernetes cluster of any size, with cluster admin privileges. A local, single-node cluster running under Docker Desktop or Minikube.
- Take Introduction to Kubernetes (live online training course with Sébastien Goasguen)
- Read Kubernetes Cookbook (book) or Kubernetes: Up and Running (book)
- Read The Enterprise Path to Service Mesh Architectures (report)
- Read Istio: Up and Running (early release book)
About your instructor
Lee Calcote is an innovative product and technology leader, passionate about developer platforms and management software for clouds, containers, functions and applications. Advanced and emerging technologies have been a consistent focus through Calcote’s tenure at SolarWinds, Seagate, Cisco and Pelco. As founder of Layer5, he is also an advisor and author. Calcote is active in the community as a Docker Captain and Cloud Native Ambassador.
The timeframes are only estimates and may vary according to how the class is progressing
Service meshes and related technologies (20 minutes)
- Presentation: Service mesh concepts in the context of related technologies like container orchestrators, API gateways, and microservices frameworks; how the separation of service- and session-layer concerns from application code decouples developer and operators at layer 5
Kubernetes and Linkerd setup (30 minutes)
- Presentation: Service mesh deployment architectures
- Hands-on exercises: Set up Kubernetes and Linkerd on your local machine; deploy and explore Linkerd’s control and data plane components—web, tap, identity, destination, controller, proxy injector, and sidecar proxy
Break (5 minutes)
Deploying an app onto the mesh (30 minutes)
- Presentation: Linkerd’s canonical sample application; Linkerd’s requirements for onboarding an application onto the service mesh
- Hands-on exercises: Deploy the sample application and review its configuration for exposure through ingress and egress gateways and sidecar proxy; use Meshery as the service mesh management plane to understand performance and overhead characteristics of Linkerd
Observability (30 minutes)
- Presentation: Types of telemetry available within a service mesh
- Hands-on exercises: Using Linkerd tap to listen to a traffic stream for a resource; view distributed traces in Jaeger and service-level metrics in Prometheus; view service mesh-generated logs
Break (5 minutes)
Traffic control (30 minutes)
- Presentation: Traffic management with a service mesh
- Hands-on exercises: Manipulate Linkerd’s traffic routing and control capabilities using examples of traffic split, fault injection, circuit breaking, and canary testing
Security (20 minutes)
- Presentation: Linkerd’s service security capabilities
- Hands-on exercises: Enable mutual TLS between services and perform service identity verification
Wrap-up and Q&A (10 minutes)