►
Description
Los microservicios están acá para quedarse. Pero depurar problemas en un sistema distribuido puede ser desalentador. A través de un demo, en el contexto de Kubernetes, veremos cómo con un service mesh como Linkerd podemos analizar el tráfico y encontrar la fuente de un problema.
Contacta a Alejandro en:
- https://www.linkedin.com/in/alpeb
- https://twitter.com/alpeb
A
B
B
Bojan
is
the
company
that
is
the
main
maintainer
of
the
clinker
open
source
linker
project,
and
it
is
the
only
science
month
service
that
has
graduated.
Here
I
present.
Some
of
my
coordinates
on
social
networks,,
twitter,,
guido,
and
on
our
inter
and
slack
channel.
If
you
have
any
questions
after
the
presentation
or
when
you
are
there,
if
you
are
interested
in
the
project
and
want
to
do
the
tutorial,
that
channel
is
quite
crowded
and
anyone
from
bojan
or
the
community
will
gladly
answer
any
question.
B
I
guess,
Many
of
you
are
already
familiar
with
the
concept
of
services,.
However,
I
would
like
to
do
a
quick
introduction
so
that
we
can
level
the
playing
field
without
a
doubt..
All
of
us
here
at
the
conference
know
that
Vernet
has
become
a
fundamental
element
in
enterprise
infrastructure.
however,.
Keep
in
mind
that
the
main
objective
of
cover
need
is
is
to
be
a
container
registrar
and
all
the
things
that
go
above
this
are
usually
provided
by
external
projects.
B
In
the
particular
case
of
the
service
month.
We
want
to
close
the
gap
in
especially
for
the
following
three
fundamental
pillars
that
are
security,
reliability
and
observe
ability
here,
I
present
a
very
simple
diagram
of
a
cluster
with
several
microservices
and
what
the
service
month
does,
and
it
is
like
putting
a
mesh
on
top
of
proxies.
That
is
why
we
call
it
service
plus
or
service
mesh
in
Spanish
and
within
each
pod.
A
small
proxy
is
added
as
a
way
to
extract,
and
these
proxies
are
then
left
with
a
very
privileged
position
within
the
cluster.
B
They
know
exactly
what
was
happening.
First
of
all,
in
terms
of
security,
they
make
sure
that
all
connections
between
proxies
are
secure.
How
much
reliability
can
be
configured
policies,
for
example,
retries
time
outs,
load,
balancing
is
more
efficient
than
the
one
provided
by
cover
mente.
It
is
by
default
as
soon
as
it
observes
ability,
as
obviously
these
proxies
are
privileged
to
know
what
is
happening.
Not
only
at
the
individual
level
for
each
post,
but
in
an
aggregated
way
throughout
the
cluster
these
proxies.
B
It
is
important
to
note
that
they
are
written
in
the
rost
language,
which
means
that
we
have
some
guarantees.
First,
in
terms
of
security
with
a
face,
it
can
be
declarative,
say
how
memory
is
accessed,
and
this
allows
us
to
avoid
improper
access
to
memory,
as
happens,
for
example,
in
robert
clouse
buffer,
that
is
in
common
in
weeks,
but
expires
and,
on
the
other
hand,
rost
compiles
to
native
code,
which
offers
us
guarantees
as
to
Due
to
performance
and
low
consumption
of
resources,.
B
There
is
no
round
time
to
do
gar
bases,
collection
and
nothing
like
that,,
so
first,
security
allows
us
to
have
the
hot
path
of
all
the
connections
within
the
cluster
always
next
to
it,.
It
is
very
important
that
be
ultra
secure
and
second,.
The
low
consumption
of
resources
allows
us
to
deploy
it
in
all
the
posts
in
our
closet,
without
worrying
so
much
about
excessive
consumption
of
resources.
B
This
set
of
proxies
next
to
each
post
of
the
closer
application
is
what
we
call
the
data
plane
of
the
service
month.
Another
important
component
is
the
control
plane
that
is
next
to
the
application
below
we
see
again
the
data
plane
and
above
the
control
plane
that
is
responsible
for
configuring
and
extracting
data
from
the
next
one.
The
first
component
of
the
control
plane
is
the
injector
each
Once
a
bot
persists
in
the
cluster,.
The
injector
captures
that
event,
adds
the
next
one,
injects
the
pod
before
it
ends
its
existence,.
B
Then
there
is
the
identity
that
is
in
charge
of
configuring,
the
minute
to
tlc
between
all
the
proxies
and
it
does
it
in
a
fully
automatic
and
applications
can
take
advantage
of
that
mechanism.
Without
having
to
do
anything,
then
there
is
the
estimation
component,
which
is
more
or
less
like
the
service
discovery
offered
by
default.
B
Right
hand
above
is
made
up
of
an
averages
component
that
is
delivered
by
default,
but
users
can
also
provide
their
own
instance
that
what
it
does
is
extract.
The
metrics
from
each
of
the
proxies.
These
metrics,
are
added
to
the
metrix
and
pay
component,
and
the
We
can
check
whether
they
had
been
through
the
'linked'
dashboard
and
its
command
line
or
see
its
historical
behavior
with
the
graph
component.
B
Produce
face-written
components,
such
is
the
case
of
the
police
component
that
we
just
removed
in
the
latest
stable
version,.
Now
we
are
going
to
demo
it,.
Let's
see
how
to
use
it,
bi
linker
to
debug
a
test
application
here.
I
have
my
console
at
the
top.
You
can
see
the
messages
that
I
have
in
a
local
cluster.
It
has
almost
nothing
at
the
moment
and
we
are
going
to
install
through
cook
control,
apply
that
I
have
here
abbreviated
with
here.
The
call
of
an
application
called
emoji
vote.
B
B
C
B
It
and
this
is
simply
an
application
that
allows
us
to
vote
for
our
favorite
hemolysis.
If
we
choose
them
and
we
can
see
the
table
of
positions
and
the
components
of
This
application
is
the
front
end,,
which
is
this
one
here,.
We
have
12
backends,,
one
that
we
are
in,
and
that
gives
us
the
list
of
mochis
boating,,
which
is
the
one
that
receives
the
votes
and
persists.
Them,
and
an
auxiliary
component
is
pot
boat
that
generates
test
traffic,
so
that
so
we
have
metrics
that
we
can
see
in
this
demo.
B
Suppose
we
have
this.
Application
deployed
in
production
and
users
are
reporting
failures,
but
as
we
could
see,
it
was
working
perfectly
then
no,
and
since
the
application
does
not
have
any
kind
of
observability
traceability,
then
we
don't
know
what
to
do
for
that
is
the
service
month.
Without
modifying
the
application,
we
are
going
to
use
it
to
intervene
to
observe.
So
the
first
thing
we
do
is
install
linker
and
ricard
install
returns,
the
jamal
of
the
cover
components
of
link
ervin.
B
While
this
starts
here,
we
see
the
string
components
intervene
that
the
stable
before
the
next
injector
identity
destination,
the
police
component
is
tucked
into
destination,
and
here
the
bis
components
appear.
Something
important
to
note
here
is
that
each
one
of
these
posts
has
at
least
two
containers
jacqueline
kervin
from
the
beginning,
since
it
is
installed,
it
auto
injects
each
one
of
these
spots
already
has
the
next
11.
If
we
have
problems
with
link,
erbil
link,
erdi
itself
helps
us
to
debug
the
same
ready.
Then
now
we
go
to
the
bash
board.
The
internet.
B
We
see
this
in
the
background.
We
are
going
to
open
it
if
everything
goes
in
order
in
the
chat
comments.
Very
good,
ok,
the
first
thing
we
see
in
the
dashboard
is
the
list
of
names.
Page
is
that
we
have
in
our
cluster
and
some
fundamental
metrics,,
which
are
the
success
rate,,
the
orders
per
second,,
the
latency
distribution,,
the
50th,
95th,
and
99th
percentiles,,
as
I
told
you,,
linker,
dillinger,
vivís,,
self-injects
itself,,
so
the
metrics
are
exposed,.
We
can
see
them
here,
emotive,.
It
has
not
yet
been
injected,,
so
we
don't
see
anything
else.
B
B
Possibly-
and
we
simply
send
it
to
the
herbinger
link
that
all
it
does
is
add
an
annotation
that
marks
those
posts
to
be
injected.
As
I
told
you
before,
jim
curley
injects
captures
the
event
when
new
spots
are
created
and
if
you
want
annotations
exist,
add
the
proxy.
Otherwise
it
doesn't
do
this
and
that
then
we
send
it
to
kurt
control
to
flight
rock,
and
we
should
start
to
see
a
roll
out
of
the
molle
components
vote
here.
B
You
can
see
that
the
new
components
are
already
starting
to
appear
with
two
containers,
one
of
which
is
the
next
one,
and
if
we
go
back
to
the
dashboard,
we
should
soon
start
to
see
the
metrics
okay
here,
We
see
them
for
the
moment.
Everything
works
very
well.
We
don't
know
what
the
users
are
reporting.
We.
B
It
is
in
order
for
the
moment
good.
In
the
meantime,
I
am
going
to
show
you.
What
is
the
equivalent
command
in
the
console
to
see
this
same
information
is.
Link
boil
has
been
applied
to
the
emotional
names
page
for
all
the
opinions.
We
will
tell
you
the
same
information,
the
value
that
we
see,
that
there
are
some
and
services
that
are
failing
are
not
100%.
If
we
see
what
Even,
if
we
go
back
here,,
we
see
them
start
to
fail
a
bit,.
B
B
B
But
hey,
we
already
have
something
to
say
to
the
developers.
We
can
get
more
information
if
we
use
output
jameson
this
command
and
It
gives
us
additional
information,
such
as
the
number
of
bytes
that
are
going
through
that
message
and
if
we
click
on
the
web,
for
example,.
We
see
this
diagram
of
the
dependencies
of
the
services,,
which
is
very
useful..
It
is
important
to
always
note
that
it
was
not
necessary
to
modify
the
application
to
obtain
all
that
information.
additional
information,
usually
traditionally
to
obtain
this
type
of
diagrams.
B
What
tracing
is
known,
but
that
always
means
modifying
the
application,
because
it
is
necessary
for
the
application
to
capture
the
duration
of
the
connections.
Add
them
and
send
them
to
a
central
collector
link.
Erdi
has
support
for
this
type
of
trading
through
an
extension
called
the
erdinger
link.
But
at
this
moment
it
is
not
necessary
to
use
that,
and
we
can
simply
use
this.
B
So
the
problem
is
with
egg
with
boating.
It
is
probably
in
bowling
which
has
a
worse
performance
here,
and
the
problem
well,
I
have
reflected
up
in
the
dependencies.
So,
let's
click
on
austin,
and
here
we
see
the
real
time
the
routes
that
this
service
is
receiving
and
its
status
is
the
equivalent
in
the
command
line.
Is
the
inter
vivis
hop
applied
to
the
main
stage
and
motivated
for
the
diplomas
for
the
cycle,
walking.
B
Good
for
now,
everything
is
in
order
now
Let's
go
back
to
the
application.
In
the
meantime,
it's
something
again
by
forward
at
a
surcharge,
Let's
go
back
when
we
give
it
a
go
and
see
if
we
already
see
the
problems,.
Nothing
is
very
good
for
now,
but
here
it
continues
to
appear
95%
good,.
Ideally
we
could
see
not
only
what
is
happening
right
now,
if
not
for
all
possible
fruits,
see
what
their
status
is.
This
only
shows
us
the
last
10
routes
that
have
been
called.
B
That's
what
the
route
metrics
tab
is
for,
but
lynn
wanted
right
now.
She
has
no
way
of
knowing
what
all
the
possible
routes
for
that
you
have
to
configure
it
with
a
resource
called
service
profile.
I
already
have
one
ready
here,
the
first
one
for
bowling,
and
this
is
simply
a
list
of
all
the
possible
routes
for
this
service.
Here.
The
main
directive
is
pat
riley
ex,
which
allows
a
regular
expression
for
the
route.
So
we
can
add
different
routes
in
a
single
item,
but
here
we
have
them
all
listed
in
a
static
way.
B
If
we
apply
this
and
we
go
to
the
dashboard
now,
if
all
the
routes
appear,
obviously
as
we
just
persisted
that
resource
All,
the
information
has
not
yet
been
captured,
but
since
in
production,
this
has
already
been
installed
from
the
beginning.
We
should
see
all
the
data.
If
we
wait
a
little
longer,
we
should
start
to
see
them.
B
B
B
If
it's
working
for
me
and
it
stopped
working,
then
it's
not
always
working.
There
is
a
problem.
If
we
already
have
more
tracks,
we
would
like
to
have
a
little
more
information
that
we
could
send
to
the
developers
for
that.
We
use
the
command
that
communicates
with
the
proxy
that
we
want
in
this
case
the
game
page
simonyi
vote
for
the
diplo
in
the
code,
and
specifically,
we
want
to
obtain
information
about
the
route
to
vote
for
the
donut.
B
C
B
Is
working
better
than
it
should
finally
ready
here
there
was
a
failure
rp.
That
status
does
not
mean
that
there
is
something
wrong,
even
though
the
http
status
is
200
and
lg
is
heavy
efe
rp.
That
status
is
not.
Ok
is
that
something
is
wrong,
and
indeed
the
law,
the
size
of
the
response
is
zero.
If
we
want
more
information,
we
ask
for
output
team
jason.
We.
B
Wait
a
few
moments
from
here:
it
returns
a
lot
of
information.
For
example.
Here
we
have
the
value
of
all.
The
genes
also
have
the
data
of
the
message
that
generated
that
danish
request.
If,
for
example,,
we
have
several
replicas
and
only
one
of
them
is
failing,
well
here
it
tells
us
exactly
which
ones.
B
Let's
say,
then
that
the
developers
are
not
available
in
this
moment
and
it
is
our
responsibility
that
the
service
works,
so
one
thing
we
can
do
is
use
the
retry
policy
suppose
that,
when
a
request
to
vote
for
the
donut
does
not
work,
we
can
retry
it
without
any
problem.
Let's
say
that
this
does
not
generate
duplicate
entries
in
the
database
or
anything
like
that.
If
that
is
the
case,
then
we
are
going
to
modify
that
this
profile.
The
service
profile.
B
How
is
the
path
of
the
donut
here
it
is?
I
have
commented
on
this,
this
item
that
is
and
sweet
ride
world.
If
you
enabled
it,
then
every
time
you
there
is
a
problem
with
that
route,
it
is
going
to
be
retried.
We
can
also
have
said
in
passing
here
to
configure
the
timer,
but
for
now
we
are
not
going
to
do
that.
B
However,
it
is
important
to
keep
in
mind
that
we
cannot
retry
indefinitely,
because
that
can
generate
a
storm
of
retracts
It
is
that
the
service
can
completely
throw
us
to
the
ground,,
so
this
configuration
is
done
at
the
general
level
of
the
service
in
the
upper
part
of
Estella
Mal,.
We
have
the
entries
with
fire
with
fire
grades,
20
percent,,
which
means
that
delays
cannot
be
generated
due
to
more
than
20
percent
of
the
normal
traffic
of
the
routes,
however,.
B
B
B
Before
continuing
,,
obviously
one
has
to
generate
these
service
profiles
manually,
but
there
is
a
shortcut,
and
that
is
that
we
can
use
tab
to
capture
all
the
requests
to
our
pod
and
based
on
that
generate
that
resource.
So
let's
do
an
example
of
that
then,
with
the
service
profile,
chopped
administration
and
vote
and
we're
going
to
call.
B
We
are
interested
in.
There
are
other
ways
to
do
it
with
swagger
schwager
file
that
declare
all
our
routes
or
with
files
robots
protocol
files
that
also
declare
all
the
routes.
Here
we
are
going
to
do
it
simply
contact
for
10
seconds
because
we
are
in
a
demo
and
obviously
this
is
going
to
return
only
a
partial
list
of
the
routes,
because
there
was
not
enough
time
to
capture
all
the
information
what's
ready
and
we
have
our
partial
route.
B
B
Are
going
to
do
this
by
going
to
the
vehicle
in
the
middle
good,
because
the
retry
policy
is
applied
on
the
client
side?
Obviously,
the
client
is
the
one
that
retries
and
the
client
in
our
case
of
the
walking
service
is
the
web
front.
We
want
to
know
what
happens
in
the
web
front
end
when
it
is
directed
when
it
makes
directed
requests.
Logically,
the
austin
verb.
We
want
the
greatest
1,
the
greatest
amount
of
information
and
we
say,
output
white.
B
See
it
that
means
that,
from
the
user's
point
of
view,
the
service
is
working
at
100%
and
that
there
are
0.1
and
2
per
second,
but
actually
this
right
here
tells
us
that
it's
44%,
working
and
63-odd
percent
percent
is
failing
and
the
amount
of
traffic
you're
actually
getting
is
three
times
what
you
it
is
experienced
by
the
user.
Here
we
see
that
list.
B
The
main
lesson
is
that
it
is
not
necessary
to
modify
the
application
to
get
all
these
benefits
are
left
in
the
pipeline.
Other
very
important
issues
that
you
can
use
with
linkedin.
The
first
of
them
is
traffic
splits
that
this
allows
you
to
search
for
the
calls
if
the
traffic
from
one
proxy
to
another,
for
example.
B
If
the
success
rate
is
above
a
threshold
that
we
specify,
then
all
the
traffic
is
continued
until
all
the
traffic
is
in
the
new
version
if,
on
the
contrary,
the
success
rate
successes
is
below
the
threshold.
So
we
return
the
process
and
do
not
allow
the
new
version
to
be
fully
deployed.
Another
important
issue
multi
cluster-
this
allows
us
to
manage
different
clusters
in
different
data.
Centers,
for
example,
communicate
with
each
other
through
the
minute
to
kiel
is
this.
Sometimes
It
can
be
used
with
traffic
splits,
for
example,.
B
We
can
also
have
everything
configured
to
detect
if
one
of
our
regions
goes,
down,
then
redirect
the
traffic
to
another
region
and
finally,
policy
or
policies
that
allow
us
to
configure
that
the
request
accepts
a
pool,
as
I
told
you
before,
depending
on
the
source
of
the
requests
and
their
identity
ready.
This
is
all
I
had
to
tell
you
for
today
any
question
you
can
send
it
to
me
with
great
pleasure.
I
will
answer
it
there,
but
for
now,
I
think
we
have
some
time
for.
D
D
D
This
I
feel
that
it
is
super
organized.
The
documentation
is
well
designed.
They
respond
quickly.
You
enter
the
l'acte
help
and
I
had
some
contact
with
clean
deep,
notice.
That
linkedin
is
very
open
to
you
being
able
to
contribute
to
the
project
a
hip,
hop
and
coding,
and
all
that,
but
I
also
want
to
mention
that
it's
not
exactly
always
coding.
You
can
support
a
project
either
link
erdi
and
all
the
projects
that
you
have
heard
here,
giving
a
conference
and
taking
that
role
of
evangelism
within
the
community
to
publicize
a
technology
of
this
type.
D
That
was
how
I
became
already
verón.
What
a
correct
position
alcosa
revolved
packer
from
the
inter
gave,
so
you
can't,
there's
no
way.
I
could
say
there
I'm,
not
quick
and
old
I'm.
A
teacher
I,
don't
have
anything
interesting
so,,
but
if
you
take
the
time
to
support
a
project,,
not
just
coding,
because
it
can
be
the
best
coded
project
in
the
world.
But
if
you
do
n't
know
it
and
adopting
it
is
useless,
then
you
can
also
support
a
project
by
giving
talks
in
your
countries
at
congresses,
etc.
D
then
link
erdi
is
open
then,
and
more
than
all
of
us,
we
also
need
latinos
to
enter
the
open
source
community.
Alejandro
It
is
one
of
the
few
in
all
the
science
projects
that
is
Latino,
that
is,,
if
we
add
up
there,
are
several,,
but
if
we
compare
it
against
the
number
of
other
countries,,
they
are
the
minimum,.
So
we
need
more
Latino
people
involved,.
So
we
are
going
to
express
the
technical
questions
that
are
discussed
here,,
let's
see.
angel,
that
touches
thanks
him.
B
B
B
B
Excellent
question,
no,
the
model
is
having
control
plane
in
all.
Your
clusters
is
very
small,
however,,
so
it
is
worth
doing
it,.
It
does
not
consume
much
more
resources
if
that
is
done,,
because
the
communication
between
clusters
is
only
the
communication
of
the
services
as
such,,
they
are
not,.
It
is
not
communication
of
management
of
the
proxies
that
is
done
within
each
within
each
class
separately.
A
D
B
If
the
advantage
of
the
site
car
model
is
that
it
gives
you,
the
security
offered
by
q,
vernet
is
for
all
its
work
clouds.
The
next
one
can
the
security
perimeter
of
the
next
one,
the
same
perimeter
of
power
while
and
vitier.
If
you
are
already
much
lower
in
the
stack,
then
it
does
not
make
much
sense.
B
D
Seems
very
seems
to
me:
let's
do,
let's
see
a
banner
if
it
is
in
the
the
linkedin
community,
will
do
it
to
put
the
champion
linkedin.
You
can
see
it
in
the
link.
The
newspaper
here.
You
can
see
how
product
project
progress,
like
any
project,
could
be
said,
not
the
general
rule,
but
almost
all
science
projects
and
opensource
projects
have
their
page
almost
always
end
in
May
the
most.
D
If
you
can't
see
on
the
science
page
detailed
in
the
part
of
the
projects,
both
five
berlingo
grade
age
regularly
is
up
or
in
a
corner
up
or
down
always
says
the
slack
to
contact
chat.
People
in
this
community
have
the
hip
hop
link,
always
in
those
hip
hop
within
the
repositories.
There
is
always
a
contribution
guide
or
a
link
within
the
documentation
of
the
project
sites.
So,
for
example,
if
you
call
them
link
erding,
you
want
to
contribute,
then
you
can
visit
the
daily
link
er
the
documentation.
D
He
is
the
one
to
start
asking
and
start
to
see
what
is
there
now
then
also
as
something
that
attracts
a
lot
of
attention.
There
are
many
companies
that
are
looking
for
people
to
contribute.
Yes,
then
it
is
like
a
checklist.
For
example,
I
am
a
student
or
I
am
a
new
professional,
but
I
don't
have
experience,
but
it
takes
a
lot
into
account
to
contribute
because
they
are
really
running
into
a
remote
team
that
is
trying
to
build
software,
and
it's
like
a
free
developer
experience.
It's
not
like
an
internship
perez.
D
It
comes
from
me
to
get
involved
and
get
involved.
Before
that,,
it
would
be
a
very
good
idea.
Is
that
I
as
a
person
look
for
a
science
project
or
linkedin,
for
example,
that
is
very
nice
and
start
contributing,
so
that
I
can
then
get
involved
with
people,
and
it
is
not
like
contributing
to
get
a
job,
but
it
may
be
that
suddenly
you
until
they
can
find
a
job
contributing
it's
not
the
end,
let's
say,
but
sometimes
it
happens.
So
yes,
in
fact,
in.
B
Also
for
a
while,
we
were
with
the
google
summer
of
code
also
that
is
a
gateway
to
this
type
of
project
and
also,
if
you
are
interested
in
the
project,
there
are
ways
Easier
to
enter.
Obviously,
in
the
set
of
all
the
code
is
quite
complex,
but
there
are
ways
to
start,
for
example,
the
command
line,
the
documentation
to
contribute
to
the
communicated
with
the
documentation.
From
the
point
of
view
of
the
end
user
and
whether
to
be
aware
of
the
slam,
there
are
specialized
channels
for
contributors.
D
B
Not
linkedin,
or
it
simply
does
not
have
its
own
implementation
of
English,
use
third-party
projects
that
I
mentioned
before,
any
really,,
but
we
give
documentation
to
pack
traffic
angie
next
and
well,.
The
philosophy
up
to
now
has
been
that
each
project
is
focus
on
what
you
do
best.
English
are
quite
complex.
You
can
configure
them
in
different
ways
and
we
integrate
simply
allowing
the
proxy
to
inject
them
and
thus
get
more
information
about
what
is
happening
with
english.
But
the
next
linkedin
does
not
implement
an
english
as
such.