SlideShare a Scribd company logo

When Cloud-Native Java meets Containers, Kubernetes and Istio

YK Chang, profile picture
YK Chang

The document discusses the integration of cloud-native Java with containers, Kubernetes, and Istio, providing an overview of each component's role in creating microservice applications. It highlights the benefits of using microprofile for application behavior, observability, and security, alongside Kubernetes for orchestration and Istio for traffic management. Additionally, it lists the twelve factors of cloud-native applications and offers resources for further exploration.

Technology
1 of 15
Download to read offline
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
When Cloud-Native Java meets Containers, Kubernetes and Istio — Yee-Kang Chang yeekangc@ca.ibm.com @yeekangc
Cloud-Native Java Java-based programming paradigm that is native or optimized for a cloud environment Containers “A container is a standard unit of software that packages up code and all its dependencies so the application runs quickly and reliably from one computing environment to another.” - Docker.com Kubernetes “Kubernetes (K8s) is an open-source system for automating deployment, scaling, and management of containerized applications.” - Kubernetes.io Istio “… service mesh is … the network of microservices that make up [distributed microservice] applications and the interactions between them. … Istio provides behavioral insights and operational control over the service mesh as a whole, offering a complete solution to satisfy the diverse requirements of microservice applications.” - Istio.io© 2020 IBM Corporation 2
3 Cloud-Native Microservices 1. RESTful – Like cattle not pet, communicative 2. Configurable 3. Fault tolerant 4. Discoverable 5. Secure 6. Observable 7. Cloud ready – Heartbeat with cloud infrastructure
Eclipse MicroProfile Config Fault Tolerance JWT Health Check MetricsOpen Tracing Open API JAX-RSJSON-PCDIRest Client JSON-B REST Foundation 100s of Microservices Operation Focus
Microservice Deployment Config Fault Tolerance JWT Health Check MetricsOpen Tracing Open API JAX-RSJSON-PCDIRest Client JSON-B
Eclipse MicroProfile Config Fault Tolerance JWT Health Check MetricsOpen Tracing Open API JAX-RSJSON-PCDIRest Client JSON-B REST Foundation 100s of Microservices Operation Focus
7 MicroProfile Config with Kubernetes A B env: - name: GREETING valueFrom: configMapKeyRef: name: greeting-config key: message kubectl create configmap greeting-config --from-literal message=Greetings... @Inject @ConfigProperty(name = "GREETING") private String greeting;
8 MicroProfile Health with Kubernetes A B readinessProbe: httpGet: path: /health/ready port: 9080 initialDelaySeconds: 15 periodSeconds: 5 failureThreshold: 1
9 MicroProfile Metrics with Kubernetes A B @POST @Counted(name="order", displayName="Order count", description="Number of times orders requested.") public Response orderCoffee(@Valid @NotNull CoffeeOrder order) { ... } Data in OpenMetrics format Collect and store data with Prometheus Visualize data with Grafana
10 MP OpenTracing with Kubernetes A B @Traced public void startBrew(CoffeeType coffeeType) { ... } JAX-RS methods are automatically traced by default Distributed tracing system that supports OpenTracing data Deploy and view traces with Zipkin or Jaeger
11 MicroProfile and Istio MicroProfile Istio Traffic Management N/A Routing rules • Use Istio for Blue-Green deployments, canary rollouts etc Fault Tolerance Application layer Retry, Timeout, Circuit Breaker, Bulkhead, Fallback Traffic between services Retry, Timeout, Circuit Breaker, Bulkhead • Istio for broader traffic management (and fault injection for testing) • Application-level fallback with MicroProfile Security Secure services with JWT Mutual TLS for transport Origin authentication with JWT • Use Istio’s origin authentication if services are not secured Observability or Telemetry API to instrument apps Roll your own Prometheus, Grafana, Zipkin, Jaeger etc Integration with Prometheus, Grafana, Jaeger, Zipkin • OOTB integration between MP-based services and Istio • View service mesh with Istio’s Kiali
THE 12 FACTORS 1. Codebase 2. Dependencies 3. Config 4. Backing Services 5. Build, Release, Run 6. Processes 7. Port binding 8. Concurrency 9. Disposability 10.Dev / Prod parity 11.Logs 12.Admin Processes THE 12 FACTORS 1. Codebase 2. Dependencies 3. Config 4. Backing Services 5. Build, Release, Run 6. Processes 7. Port binding 8. Concurrency 9. Disposability 10.Dev / Prod parity 11.Logs 12.Admin Processes
Istio to manage the services … Cloud-Native Java programming model like MicroProfile to code application behaviours easily for Cloud! Kubernetes to orchestrate the environment … Containerize your applications … Cloud-Native Java + Containers, Kubernetes and Istio = A Nice Match © 2020 IBM Corporation 13
Resources Further reading MicroProfile, the microservice programming model made for Istio https://www.eclipse.org/c ommunity/eclipse_newsle tter/2018/september/Micr oProfile_istio.php Try it out Configuring microservices in Kubernetes https://openliberty.io/guid es/kubernetes- microprofile-config.html Checking the health of microservices on Kubernetes https://openliberty.io/guid es/kubernetes- microprofile-health.html Managing microservice traffic using Istio https://openliberty.io/guid es/istio-intro.html Sample implementation https://github.com/ibm- cloud- architecture/refarch- cloudnative- kubernetes/blob/micropro file/docs/istio.md © 2020 IBM Corporation 14
When Cloud-Native Java meets Containers, Kubernetes and Istio

More Related Content

DOCX
Providing user security guarantees in public infrastructure clouds
Finalyearprojects Toall
 
PDF
Providing user security guarantees in public infrastructure clouds
Shakas Technologies
 
PPT
Calico and stars policy
Anirban Sen Chowdhary
 
PDF
Ignite 2015 NA Technology Breakout Session - "Security, Stability and Scalabi...
Elemica
 
PDF
Ignite 2015 EU - Technology Breakout Session "Security, Stability and Scalab...
Elemica
 
PPT
Calico and simple policy
Anirban Sen Chowdhary
 
PPTX
Design and Deploy Secure Clouds for Financial Services Use Cases
PLUMgrid
 
PDF
Automatize a detecção de ameaças e evite falsos positivos
Elasticsearch
 
Providing user security guarantees in public infrastructure clouds
Finalyearprojects Toall
 
Providing user security guarantees in public infrastructure clouds
Shakas Technologies
 
Calico and stars policy
Anirban Sen Chowdhary
 
Ignite 2015 NA Technology Breakout Session - "Security, Stability and Scalabi...
Elemica
 
Ignite 2015 EU - Technology Breakout Session "Security, Stability and Scalab...
Elemica
 
Calico and simple policy
Anirban Sen Chowdhary
 
Design and Deploy Secure Clouds for Financial Services Use Cases
PLUMgrid
 
Automatize a detecção de ameaças e evite falsos positivos
Elasticsearch
 

What's hot (19)

PDF
Kata containers workshop_openinfrasummit_denver_may2019
Hemanth Nakkina
 
PDF
Combining Logs, Metrics, and Traces for Unified Observability
Elasticsearch
 
PPTX
Hands-on Lab: Test Drive Your OpenStack Network
PLUMgrid
 
PPTX
Monitoring Security Policies for Container and OpenStack Clouds
PLUMgrid
 
PDF
Open source IoT gateway
Henryk Konsek
 
DOCX
AUTHENTICATION HANDOVER AND PRIVACY PROTECTION IN 5G HETNETS USING SOFTWARE-D...
I3E Technologies
 
PDF
SECURE DATA SHARING IN CLOUD COMPUTING USING REVOCABLE-STORAGE IDENTITY-BASED...
Nexgen Technology
 
PDF
ATTRIBUTE-BASED DATA SHARING SCHEME REVISITED IN CLOUD COMPUTING,bulk ieee pr...
Nexgen Technology
 
PDF
Pro active datacenter-infrastructures-ccie-bulent-morten-16.10.2014
Mustafa Kuğu
 
PPTX
MidoNet Differentiation and Overview
Midokura
 
PDF
FIWARE-IoT-Broker-introduction
gesslers
 
PPT
Calico and juju
Anirban Sen Chowdhary
 
PDF
Cloud Computing - ISO/IEC 17788
Hamid Reza Qavami
 
PPTX
Cloud computing
Quentin Petit
 
PPTX
OpenStack Opportunity - Citrix
Open Stack
 
PDF
IEEE NFV-SDN 2017 - On the establishment of trust in the cloud-based ETSI NFV...
Marco De Benedictis
 
PDF
Comparison: VNS3 vs Vyatta
Cohesive Networks
 
PDF
Enhancing the Techniques to Secure Grid Computing
ijtsrd
 
PDF
Hybrid Security Network for Cloud Information Centre (HSNIC)
Peace Asukwo
 
Kata containers workshop_openinfrasummit_denver_may2019
Hemanth Nakkina
 
Combining Logs, Metrics, and Traces for Unified Observability
Elasticsearch
 
Hands-on Lab: Test Drive Your OpenStack Network
PLUMgrid
 
Monitoring Security Policies for Container and OpenStack Clouds
PLUMgrid
 
Open source IoT gateway
Henryk Konsek
 
AUTHENTICATION HANDOVER AND PRIVACY PROTECTION IN 5G HETNETS USING SOFTWARE-D...
I3E Technologies
 
SECURE DATA SHARING IN CLOUD COMPUTING USING REVOCABLE-STORAGE IDENTITY-BASED...
Nexgen Technology
 
ATTRIBUTE-BASED DATA SHARING SCHEME REVISITED IN CLOUD COMPUTING,bulk ieee pr...
Nexgen Technology
 
Pro active datacenter-infrastructures-ccie-bulent-morten-16.10.2014
Mustafa Kuğu
 
MidoNet Differentiation and Overview
Midokura
 
FIWARE-IoT-Broker-introduction
gesslers
 
Calico and juju
Anirban Sen Chowdhary
 
Cloud Computing - ISO/IEC 17788
Hamid Reza Qavami
 
Cloud computing
Quentin Petit
 
OpenStack Opportunity - Citrix
Open Stack
 
IEEE NFV-SDN 2017 - On the establishment of trust in the cloud-based ETSI NFV...
Marco De Benedictis
 
Comparison: VNS3 vs Vyatta
Cohesive Networks
 
Enhancing the Techniques to Secure Grid Computing
ijtsrd
 
Hybrid Security Network for Cloud Information Centre (HSNIC)
Peace Asukwo
 
Ad

Similar to When Cloud-Native Java meets Containers, Kubernetes and Istio (20)

PDF
Amazon EKS 그리고 Service Mesh (김세호 솔루션즈 아키텍트, AWS) :: Gaming on AWS 2018
Amazon Web Services Korea
 
PPTX
Kubernetes And Istio and Azure AKS DevOps
Ofir Makmal
 
PPTX
Build12 factorappusingmp
Emily Jiang
 
PDF
[APIdays Paris 2019] API Management in Service Mesh Using Istio and WSO2 API ...
WSO2
 
PDF
Security & Resiliency of Cloud Native Apps with Weave GitOps & Tetrate Servic...
Weaveworks
 
PDF
An Introduction to Eclipse Kura - Eclipse Day Florence 2014
Eurotech
 
PDF
Istio as an Enabler for Migrating Monolithic Applications to Microservices v1.3
Ahmed Misbah
 
PDF
How to Make Istio Work with Your App
StackRox
 
PDF
How to Make Istio Work with Your App
KarenBruner
 
PPTX
MicroProfile as the Istio Programming Model | Virtual Eclipse Community Meetup
Stephanie Swart
 
PPTX
Federating Infrastructure as a Service cloud computing systems to create a un...
David Wallom
 
PPTX
Api service mesh and microservice tooling
Red Hat
 
PDF
DevOpsDays Houston 2024: Kubernetes at Scale Going Multi-Cluster with Istio
Divine Odazie
 
PDF
Kubernetes at Scale: Going Multi-Cluster with Istio
Severalnines
 
PDF
Istio Triangle Kubernetes Meetup Aug 2019
Ram Vennam
 
PDF
APIdays Paris 2019 - Cloud native API Management for Microservices on a Servi...
apidays
 
PDF
FIWARE Global Summit - Using ML/AI Techniques with FIWARE and Connected IoT D...
FIWARE
 
PDF
Istio: Using nginMesh as the service proxy
Lee Calcote
 
PPTX
Micro profile and istio
Emily Jiang
 
PPTX
Cloud Native Summit 2019 Summary
Everett Toews
 
Amazon EKS 그리고 Service Mesh (김세호 솔루션즈 아키텍트, AWS) :: Gaming on AWS 2018
Amazon Web Services Korea
 
Kubernetes And Istio and Azure AKS DevOps
Ofir Makmal
 
Build12 factorappusingmp
Emily Jiang
 
[APIdays Paris 2019] API Management in Service Mesh Using Istio and WSO2 API ...
WSO2
 
Security & Resiliency of Cloud Native Apps with Weave GitOps & Tetrate Servic...
Weaveworks
 
An Introduction to Eclipse Kura - Eclipse Day Florence 2014
Eurotech
 
Istio as an Enabler for Migrating Monolithic Applications to Microservices v1.3
Ahmed Misbah
 
How to Make Istio Work with Your App
StackRox
 
How to Make Istio Work with Your App
KarenBruner
 
MicroProfile as the Istio Programming Model | Virtual Eclipse Community Meetup
Stephanie Swart
 
Federating Infrastructure as a Service cloud computing systems to create a un...
David Wallom
 
Api service mesh and microservice tooling
Red Hat
 
DevOpsDays Houston 2024: Kubernetes at Scale Going Multi-Cluster with Istio
Divine Odazie
 
Kubernetes at Scale: Going Multi-Cluster with Istio
Severalnines
 
Istio Triangle Kubernetes Meetup Aug 2019
Ram Vennam
 
APIdays Paris 2019 - Cloud native API Management for Microservices on a Servi...
apidays
 
FIWARE Global Summit - Using ML/AI Techniques with FIWARE and Connected IoT D...
FIWARE
 
Istio: Using nginMesh as the service proxy
Lee Calcote
 
Micro profile and istio
Emily Jiang
 
Cloud Native Summit 2019 Summary
Everett Toews
 
Ad

Recently uploaded (20)

PDF
Chapter 3 Spatial Domain Image Processing.pdf
Getnet Tigabie Askale -(GM)
 
PDF
MIND Revenue Release Quarter 2 2025 Press Release
MIND CTI
 
PDF
Approach and Philosophy of On baking technology
30anthuong17
 
PDF
Electronic commerce courselecture one. Pdf
OmerMohamed64
 
PDF
The Rise and Fall of 3GPP – Time for a Sabbatical?
3G4G
 
PDF
Blue Purple Modern Animated Computer Science Presentation.pdf.pdf
Akar16
 
PPTX
20250228 LYD VKU AI Blended-Learning.pptx
DatVoNgoc
 
PDF
Dropbox Q2 2025 Financial Results & Investor Presentation
Dropbox
 
PDF
Encapsulation theory and applications.pdf
gurumoop
 
PDF
7 ChatGPT Prompts to Help You Define Your Ideal Customer Profile.pdf
SOFTTECHHUB
 
PDF
Build a system with the filesystem maintained by OSTree @ COSCUP 2025
Jian-Hong Pan
 
PDF
KodekX | Application Modernization Development
KodekX
 
PPT
Teaching material agriculture food technology
LiaRayya
 
PPTX
KOM of Painting work and Equipment Insulation REV00 update 25-dec.pptx
muhammadmuneebnaeem7
 
PDF
Architecting across the Boundaries of two Complex Domains - Healthcare & Tech...
Peter Tan
 
DOCX
The AUB Centre for AI in Media Proposal.docx
GAONE9
 
PPTX
Spectroscopy.pptx food analysis technology
nawahassan45
 
PPTX
VMware vSphere Foundation How to Sell Presentation-Ver1.4-2-14-2024.pptx
blackmambaettijean
 
PPTX
MYSQL Presentation for SQL database connectivity
Swati270511
 
PPTX
sap open course for s4hana steps from ECC to s4
sreeni2106invites
 
Chapter 3 Spatial Domain Image Processing.pdf
Getnet Tigabie Askale -(GM)
 
MIND Revenue Release Quarter 2 2025 Press Release
MIND CTI
 
Approach and Philosophy of On baking technology
30anthuong17
 
Electronic commerce courselecture one. Pdf
OmerMohamed64
 
The Rise and Fall of 3GPP – Time for a Sabbatical?
3G4G
 
Blue Purple Modern Animated Computer Science Presentation.pdf.pdf
Akar16
 
20250228 LYD VKU AI Blended-Learning.pptx
DatVoNgoc
 
Dropbox Q2 2025 Financial Results & Investor Presentation
Dropbox
 
Encapsulation theory and applications.pdf
gurumoop
 
7 ChatGPT Prompts to Help You Define Your Ideal Customer Profile.pdf
SOFTTECHHUB
 
Build a system with the filesystem maintained by OSTree @ COSCUP 2025
Jian-Hong Pan
 
KodekX | Application Modernization Development
KodekX
 
Teaching material agriculture food technology
LiaRayya
 
KOM of Painting work and Equipment Insulation REV00 update 25-dec.pptx
muhammadmuneebnaeem7
 
Architecting across the Boundaries of two Complex Domains - Healthcare & Tech...
Peter Tan
 
The AUB Centre for AI in Media Proposal.docx
GAONE9
 
Spectroscopy.pptx food analysis technology
nawahassan45
 
VMware vSphere Foundation How to Sell Presentation-Ver1.4-2-14-2024.pptx
blackmambaettijean
 
MYSQL Presentation for SQL database connectivity
Swati270511
 
sap open course for s4hana steps from ECC to s4
sreeni2106invites
 

When Cloud-Native Java meets Containers, Kubernetes and Istio

  • 1. When Cloud-Native Java meets Containers, Kubernetes and Istio — Yee-Kang Chang yeekangc@ca.ibm.com @yeekangc
  • 2. Cloud-Native Java Java-based programming paradigm that is native or optimized for a cloud environment Containers “A container is a standard unit of software that packages up code and all its dependencies so the application runs quickly and reliably from one computing environment to another.” - Docker.com Kubernetes “Kubernetes (K8s) is an open-source system for automating deployment, scaling, and management of containerized applications.” - Kubernetes.io Istio “… service mesh is … the network of microservices that make up [distributed microservice] applications and the interactions between them. … Istio provides behavioral insights and operational control over the service mesh as a whole, offering a complete solution to satisfy the diverse requirements of microservice applications.” - Istio.io© 2020 IBM Corporation 2
  • 3. 3 Cloud-Native Microservices 1. RESTful – Like cattle not pet, communicative 2. Configurable 3. Fault tolerant 4. Discoverable 5. Secure 6. Observable 7. Cloud ready – Heartbeat with cloud infrastructure
  • 4. Eclipse MicroProfile Config Fault Tolerance JWT Health Check MetricsOpen Tracing Open API JAX-RSJSON-PCDIRest Client JSON-B REST Foundation 100s of Microservices Operation Focus
  • 6. Eclipse MicroProfile Config Fault Tolerance JWT Health Check MetricsOpen Tracing Open API JAX-RSJSON-PCDIRest Client JSON-B REST Foundation 100s of Microservices Operation Focus
  • 7. 7 MicroProfile Config with Kubernetes A B env: - name: GREETING valueFrom: configMapKeyRef: name: greeting-config key: message kubectl create configmap greeting-config --from-literal message=Greetings... @Inject @ConfigProperty(name = "GREETING") private String greeting;
  • 8. 8 MicroProfile Health with Kubernetes A B readinessProbe: httpGet: path: /health/ready port: 9080 initialDelaySeconds: 15 periodSeconds: 5 failureThreshold: 1
  • 9. 9 MicroProfile Metrics with Kubernetes A B @POST @Counted(name="order", displayName="Order count", description="Number of times orders requested.") public Response orderCoffee(@Valid @NotNull CoffeeOrder order) { ... } Data in OpenMetrics format Collect and store data with Prometheus Visualize data with Grafana
  • 10. 10 MP OpenTracing with Kubernetes A B @Traced public void startBrew(CoffeeType coffeeType) { ... } JAX-RS methods are automatically traced by default Distributed tracing system that supports OpenTracing data Deploy and view traces with Zipkin or Jaeger
  • 11. 11 MicroProfile and Istio MicroProfile Istio Traffic Management N/A Routing rules • Use Istio for Blue-Green deployments, canary rollouts etc Fault Tolerance Application layer Retry, Timeout, Circuit Breaker, Bulkhead, Fallback Traffic between services Retry, Timeout, Circuit Breaker, Bulkhead • Istio for broader traffic management (and fault injection for testing) • Application-level fallback with MicroProfile Security Secure services with JWT Mutual TLS for transport Origin authentication with JWT • Use Istio’s origin authentication if services are not secured Observability or Telemetry API to instrument apps Roll your own Prometheus, Grafana, Zipkin, Jaeger etc Integration with Prometheus, Grafana, Jaeger, Zipkin • OOTB integration between MP-based services and Istio • View service mesh with Istio’s Kiali
  • 12. THE 12 FACTORS 1. Codebase 2. Dependencies 3. Config 4. Backing Services 5. Build, Release, Run 6. Processes 7. Port binding 8. Concurrency 9. Disposability 10.Dev / Prod parity 11.Logs 12.Admin Processes THE 12 FACTORS 1. Codebase 2. Dependencies 3. Config 4. Backing Services 5. Build, Release, Run 6. Processes 7. Port binding 8. Concurrency 9. Disposability 10.Dev / Prod parity 11.Logs 12.Admin Processes
  • 13. Istio to manage the services … Cloud-Native Java programming model like MicroProfile to code application behaviours easily for Cloud! Kubernetes to orchestrate the environment … Containerize your applications … Cloud-Native Java + Containers, Kubernetes and Istio = A Nice Match © 2020 IBM Corporation 13
  • 14. Resources Further reading MicroProfile, the microservice programming model made for Istio https://www.eclipse.org/c ommunity/eclipse_newsle tter/2018/september/Micr oProfile_istio.php Try it out Configuring microservices in Kubernetes https://openliberty.io/guid es/kubernetes- microprofile-config.html Checking the health of microservices on Kubernetes https://openliberty.io/guid es/kubernetes- microprofile-health.html Managing microservice traffic using Istio https://openliberty.io/guid es/istio-intro.html Sample implementation https://github.com/ibm- cloud- architecture/refarch- cloudnative- kubernetes/blob/micropro file/docs/istio.md © 2020 IBM Corporation 14