It Simple Event Hub DBs SERVICE MESH Istio Ingress Istio Egress Other External Services Tracing Store Logging Store LB January 2019 PROD PoC March 2020 Innovation trigger Peak of inflated Disillusionment Slope of Enlightenment Plateau of Productivity Istio 1.1 Don’t Forget about HA & DR Tracing Store Logging Store Event Hub DBs Istio Egress Other External Services Istio Ingress OCP 4 of Disillusionment Slope of Enlightenment Plateau of Productivity Think about Multi-Tenancy Tracing Store Logging Store Event Hub DBs Other External Services OCP 4.4 OCP 4.4 LB LB LB Istio

Bitmain tech expert Service Mesh Meetup #4 上海海站 2018.11.25Observability CNCF LandscapeMetric, Tracing, LoggingOld game to observeService Mesh is comingProxy and SidecarIstio + Envoy Representative Service out of process adaptor Bypass adpator Adaptor In process Bypass adaptor SkyWalking backend Tracing Metric Receiver in gRPC/HTTP Analysis Core Query CoreIstio telemetry Attribute Vocabulary https://istio

Aspen Mesh. All rights reserved. Visibility, Observability, Debugging Uniform metrics and tracing for all CNF traffic Enforcement Primitives to Build Zero Trust Strong identity for users, workloads Tuning Istio to Meet 5G Security Requirements 12 ©2021 Aspen Mesh. All rights reserved. ● Augment tracing to surface 5G specific tags ● Optimize HTTP/2 stream and connection settings ● Configure sidecar

○ Machine Learning Platforms - Tensorflow, PyTorch, Jupyter Notebook, etc. ○ Central Logging & Tracing - Prometheus, ClickHouse, etc. ○ Messaging systems - Kafka, RabbitMQ, etc. ○ Programming Languages functions as features of the infrastructure - ○ Functions: TLS Termination, Traffic Management, Tracing, Rate Limiting, Protocol Adapter, Circuit breaker, Caching, etc. #IstioCon Service Mesh Journey

provide specific guidance for best practices. Mutual_TLS may be a sane default tracing Provide guidance on whether tracing should be enabled, the sensitive data that it collects in this mode (i.e. full

Canary Deployment ● Traffic Mirroring ● Rate Limiting ● TLS Termination ● Logging, Monitoring, Tracing API Gateway + Service Mesh together! Limitations of This Approach ● Maintaining Two Tools ● Maintaining

and secure microservices. SkyWalking is an observability power tool that provides distributed tracing, service mesh telemetry analysis, metric aggregation and visualization for cloud-native workloads

Mesh的基础 • 网络安全：兼容Spiffe标准实现 • 配置管理：为C++实现的Proxy接 入k8s的动态配置管理 • Attribute Machine: 授权，Quota ，Tracing，监控的基础 Istio管理下的微服务 • 右图是部署mock1.v1 Pod之后发生的事 情： • Sidecar Injection: 注入initContainer, Sidecar

• 应用规模较小 • 服务之间没有互相依赖 • 日志、性能指标都在单个主 机问题一：什么是用户想要的监控 什么是用户想要的监控？分布式监控的三个维度 Metrics Logging Tracing 指标监控 • 指标可被聚合 • 体现系统性能趋势 分布式追踪 • 和请求相关 • HTTP • SQL 日志系统 • 代码逻辑处理事件 • 异常、debug信息容器化和微服务下的监控需求

Stack Bypass ● eBPF ○ In-kernel virtual machine ○ Running user code in kernel space safety ○ Tracing, security ○ Networking ● Hooks ○ sock_ops ■ Construct map​ ○ sk_msg_md ■ Match & redirect