►
From YouTube: xDS in gRPC for Service Mesh - Megan Yahya, Google LLC
Description
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
xDS in gRPC for Service Mesh - Megan Yahya, Google LLC
This presentation will introduce the xDS functionality in gRPC and talk about the exciting development of service mesh features in gRPC.
A
A
So
let's
first
talk
about
grpc
and
microservices,
so
I
I'm
assuming
a
lot
of
you
are
familiar
with
grpc.
But
let's,
let's
talk
about
why
grpc
is
the
appropriate
way
of
communication
between
microservices
in
a
service
mesh.
So
grpc
is
a
very
high
performant
and
efficient
protocol.
So
if
you
know
already
it's
based
on
http
2
and
is
very
compatible
with
protobufs,
and
that
is
super
important
in
microservices,
because
when
we
are
talking
about
microservices,
we
are
talking
about
a
great
amount
of
east-west
traffic
versus
the
north-south
traffic.
A
So
you
might
have
python,
you
might
have
java,
you
might
have
c,
plus,
plus
you
might
have
a
lot
of
different
languages
as
part
of
the
same
organization
and
and
it's
important
for
these
languages
to
call
each
other
right.
So
so
the
fact
that
grpc
supports
all
these
languages
makes
it
easy
and
reduces
a
lot
of
code
that
your
developers
would
otherwise
have
to
write
by
just
auto
generating
this
code.
For
for
the
clients
and
services.
A
Grpc,
as
I
mentioned,
is
compatible
with
protobufs.
And,
of
course,
there
are
several
values
of
protobufs
like
if
you're
familiar
with
it.
You
basically
have
to
write
the
service
definition
first
and
that
that
that
creates
a
single
source
of
truth
for
your
service
and
that
it
makes
the
api
documentation
generation
easier
and
it
makes
getting
into
agreement
with
different
teams
easier.
So
there
are
a
lot
of
different
values
for
it,
protobufs
and,
of
course,
with
grpc.
A
But
let's
talk
about
grpc
applications
inside
the
service
mesh
right,
so
today
they're
like,
if
I
assume
you
you
want
to
deploy
your
grpc
application
as
part
of
a
service
mesh
that
you
have
chosen
right.
But
so
you
would
still
need
some
way
to
provide
service
discovery,
load,
balancing
security
and
all
that
right.
So
because
these
features
they
don't
come
as
part
of
grpc
at
least
until
today,
and
that
that's
a
topic
that
I'm
going
to
cover
today.
A
So
so,
let's
think
about
a
typical
service
mesh.
That's
out
there
today
and
and
they're
they're,
mainly
running
with
sidecar
proxies
right,
so
so
you're
a
for
example.
You're
familiar
with
istio
right,
like
either
envoy-based
sidecar
proxies,
which,
which
is
basically
you,
have
this
data
plane.
A
That
is
this,
this
proxy
that's
running
next
to
your
application
and
that
data
plane
is
intercepting
all
the
traffic
and
is
communicating
with
the
control
plane.
So
this
so
the
sidecar
proxy,
which
is
in
this
case
envoy,
for
example,
for
istio
they
they
are
receiving
the
configurations
from
this
service
mesh
control
plane
and
it
it's
they're,
helping
your
grpc
service
to
route
its
calls
and
they
provide
observability
and
all
the
other
features,
but
your
grpc
application.
A
So
so
this
is
what
a
grpc
application
looks
like
in
a
service
mesh
today
next
to
site.
If
it's
deployed
exercise
car
proxies,
but
then
it
has
limitations
right.
So,
if
you're
using
these
sidecar
proxies,
sidecar
proxies
are
just
like
any
other
binary
right.
So
if
you're
deploying
all
these
binaries
in
your
mesh,
there's
of
course
performance
overhead,
there's
been
a
bunch
of
benchmarks
and
all
of
them
show
significant
overhead
that
is
caused
in
terms
of
number
of
requests
per
seconds.
A
That's
that
can
be
made
between
your
services
in
case
that
you
have
the
proxy
or
you
don't
have
the
proxy
right
so
and
there's
a
lot
of
latency
that
is
applied
because
of
this
sidecar
proxies.
There
is
cpu
cost
overhead,
of
course,
and
and
then
one
of
the
other
important
parts
for
some
of
the
customers
is
the
security
part
right.
So
because,
when
you
have
these
sidecar
proxies
the
sidecar
proxies
insure
in
charge
of
terminating
the
secure
connection
and
your
application
is
actually
talking
plain
text
and
for
some
organizations
this
is.
A
This
is
not
that
acceptable.
So
and
of
course,
with
the
binaries
you
have
to
manage
the
binaries.
You
should
provide
health
checks
for
the
binaries.
You
should
upgrade
them
and
anything
that
applies
to
the
life
cycle
management
of
these
binaries.
So
so,
let's
talk
about
what
we've
built
just
recently
right.
So
what
we
have
built
is
jervis's
service
mesh,
but
in
a
proxy
let's
manner
so
so
there
are.
No
proxy
needs
is
needed
because
we
have
built
the
data
plane
functionality
into
grpc
itself.
A
So
what
it
means
is
that
now,
with
this
new
product
that
we
have
launched,
your
grpc
application
can
just
easily
become
part
of
the
service
mesh.
Assuming
you
have
a
control
plane
that
understands
xcs
and
can
talk
to
this
grpc
services
and
and
it
can
just
receive
the
policies
directly
from
the
control
plane.
So
no
sidecar
proxy
is
needed,
no
envoys
and
and
yeah
you,
you
get
all
the
value
with
the
service
measures
you
you
get
the
load,
balancing
and
service
discovery
and
the
observability
and
etc.
A
So,
let's
talk
about
xds
a
little
bit,
because
I
here
mentioned
that,
like
grpc
service
is
talking
to
the
control
plane,
but
you
might
ask
okay,
how
is
it
talking
to
the
control
plane?
And
that's
that
is
true,
xds
apis
and
you
might
ask
okay
what
is
xds
apis
xcs
apis
is
a
bunch
of
data
plane
apis
that
that
were
basically
invented
by
by
the
envoy
team.
A
So
when
they
launched
envoy,
the
xts
api
was
the
way
to
configure
your
own
voice
and,
and
it's
quite
par
and
envoy,
is
quite
popular
today
and
it's
used
in
many
open
source
projects
and
on
top
of
that,
xcs
is
also
open
and
there's
a
lot
of
values
to
xcs.
It
is
extensible,
it
has
strong
community
support
and
all
that
makes
this
makes
made
it
the
right
choice
for
us
for
this
service
mesh
integration
in
grpc.
So
so
exactly
the
same
way.
That
envoy
is
talking
to
the
control
plane
using
xcs.
A
Apis
grpc
is
now
able
to
talk
to
the
control
plane
using
the
same
xcs
apis.
So
let's
talk
about
xcs
and
grpc,
so
you
can
just
build
a
grpc
channel
with
xds
resolver
and
resolve
this
scheme.
So
it's
not
any
different
from
the
dns
really
like.
Instead
of
the
previous
version
you
just
put
xds
column
and-
and
that
takes
care
of
it
and
the
other
thing,
the
other
change
that
you
have
to
make
with
this
setup.
A
In
order
to
make
your
application
able
to
talk
to
the
control
plane
is
providing
a
bootstrap
file
so
and
all
the
bootstrap
file
is
doing
it's
just
providing
your
a
grpc
server
with
information
about
a
geophysical
service
with
information
about.
Where
is
this
control
plane
right?
So
where
should
it
initiate
this
connection
to
so
once
you
provide
that
bootstrap?
A
That's
it
like.
Now,
you
can
now
your
grpc
application
is
part
of
the
service
mesh
and
you
don't
need
to
deploy
anything
else.
It's
it's
very
easy.
It
makes
it
very
easy
to
adopt
to
add
up
service
mesh
for
customers,
and
the
other
cool
part
is
that
you
don't
have
to
like.
A
If,
for
example,
you
have
some
applications
who
still
not
support
this
or
or
some
features
that
are
not
available,
etc,
you
might
just
choose
to
migrate
slowly
like
by
by
having
some
communications
through
a
proxy
list
channel
and
some
communications
through
a
proxy
channel
like
still
keep
your
envoy
there.
So
this
hybrid
model
is
also
supported,
but,
of
course,
like
everything
else,
there's
some
limitations
with
our
product
today,
so
one
of
it
is
the
feature
gap
with
onward
right.
A
So,
of
course,
envoy
has
been
there
for
a
longer
time,
so
we're
still
trying
to
catch
up
with
all
the
features
that
envoy
has
and
I'm
going
to
talk
about
that
in
more
detail
in
a
few
slides
down
and
then
the
other
part
is
all
the
ecosystem
around
envoy
filters
right.
So
you
might
say:
oh,
but
enway
has
these
cool
filters
and
observability
tools.
A
We
are
trying
to
catch
up
with
those
as
well,
so
grpc
already
has
interceptors,
and
it
also
has
the
open
census
integration
so
that
that
covers
part
of
it,
but
we're
in
process
of
making
it
better
and
better
and
then,
of
course,
gr.
You
might
say:
okay,
grpc
applications
need
some
changes
right,
so
you
need
to
upgrade
your
grpc.
You
need
to
provide
it
with
strap,
etc.
A
So
so
the
challenge
with
upgrading
etc.
It
usually
applies
to
more
legacy
applications.
So
if
you're
a
modern
application,
you
just
you
already
have
great
ci
cd
pipelines,
so
it's
not
a
big
deal
and
then
there
is
another
downside
today,
which
is
limited
language
support.
So
the
stuff
we
have
launched
so
far
is
is
just
supported
in
this
number
of
languages,
which
are
which
we
have
realized
is
the
most
popular
languages
in
the
service
mesh
today.
A
So
here's
the
current
status,
so
we
first
released
the
first
version
in
june
2020
and
then
the
features
that
are
currently
supported
are
basically
ability
to
do
service
discovery
and
load,
balancing
and
and
also
route
matching
and
traffic
splitting,
and
we
have
a
bunch
of
other
features
in
development
that
are
just
about
to
be
launched
like,
for
example,
we
have
time
out
circuit
breaking
or
we
are
also
working
on
the
security
to
provide
like
tls
and
mtls,
using
the
control,
plane
policies,
basically
and
also
working
on
some
observability
features
and
and
xcs
integration.
A
So
this
is
a
link
here
that
you
can
basically
browse
to,
and
it
will
provide
you
with
the
latest
updates
on
our
features
like
where
we
are
I'm
sure
the
feature
is
upcoming,
etc.
So
you
might
ask
okay,
how
like
you're,
providing
the
data
plane
like
which
is
grpc,
so
how
about
control
plane?
Where
should
I
get
my
control
plane
to
get
started?
A
A
And
it
works
across
gc
and
gk,
so
so
this
works
out
of
the
box.
Today
you
can
just
go
ahead
and
use
it
right
away.
But
of
course
we
know
like
there
are
other
control
planes
that
are
popular
like
istio
and
we
have.
A
We
have
done
some
experimental
work
to
see
how
it
works
and
and
there's
a
test
here.
You
can
browse
to
and
try
it
out,
but
unfortunately
we
don't
yet
officially
support
this,
but
we
have
plans
to
in
the
future,
support
this
in
a
more
official
way.
So
and
then
there
is
also
there's
a
go:
control
plane
there.
There
is
an
issue,
that's
been
created
and
we
we
would
be
happy
to
see
more
progress
on
that
ticket
to
to
get
this
open
source
control
plane
compatible
with
the
grpc
proxilis
service
mesh.
A
Here
are
some
resources
if
you
just
want,
if
you're
interested
and
want
to
get
started
on
this,
so
these
are
the
grfcs
like
you
can
you
can
see
what
the
features
that
are
in
development
or
existing
ones,
and
then
you
can
have
that
link.
That
shows
you
all
the
features
and,
if
you're,
just
in
the
beginning
and
trying
to
learn
more
of
the
concepts
about
control,
plane
versus
data
plane
and
all
those
keywords,
you
can
try
some
of
these
links
in
this
slide.
So
that
is
it
like.
A
I'm
really
glad
I
got
a
chance
to
talk
to
you
all,
so
I'm
looking
forward
to
hearing
all
your
questions.
Thank
you.