Oh youtubers welcome to this video i am ben cat and this is just me an open source channel right in this video we are going to look at sta service mesh and i received lots of requests from viewers about using this tear in cuban artists which is service mesh and so i started doing videos on east year and i'm already started recording various topics around east here so my next few videos i'm not sure how many videos i'm gonna do on this tear but starting from this video the next few videos will be around the east your topic so there you go so this is the first of the east yo videos ok so what is this year east here is a service mesh what do we need it ok so you've written your web application as a micro service and there are multiple services you know you were broken down the big monolithic application into multiple micro services and that's ok if you've got like handful of micro services but as you have increased the complexity of your application and you've got loads of micro services depending on each other then it becomes increasingly difficult to do service discovery and inter-service communication and so on so sto is one of the service mesh architecture it tries to ease out it tries to make your life easier by adding a layer on top of your application so some of the things you can do with this tier or traffic management so the the the requests that are coming in you can do routing policies you can route the traffic based on many different criteria so basically for traffic management authentication between services between your different micro services access control authorization even secure communication between the micro services so again observability so you can also use it to trace the requests going through going between different micro services in your application you can monitor you can use graph owner and there's some other thing that i will cover in the later video visualizing your servus mesh what's going on inside your application bad Oracle's are coming from that requests are going what's our of access control authorization and so on so you will be able to completely visualize your that will give you more insight into your application you can also do logging and so on so service discovery load-balancing or other features so the important thing to use is teo the main benefit is that it requires no change to your application code if you want to do all the features that easier provides yourself you have to rewrite your application and the complexity will grow so sto makes it easier to deploy the traffic management and all its features on top of your applications so you don't have to change your application you just install ECM and then configure policies whatever you need to do it and there you go that's it you don't have to touch your application you can bring your existing application break down into multiple micro services and then you can make use of easier as a service mesh to interrelate your micro services ok so that's a brief history or a brief introduction of each tier I could just dive straight into a hands-on demo to show this is how history works but it's very important because it involves a lot of components it's very important to understand the East EO architecture so when it comes to troubleshooting or anything you know which component is responsible for what part of it and so on ok so this is a classic example so consider an e-commerce website it's it is split into multiple micro services for example these two are web front-ends so there is an orders page when you visit a page orders page that order page is served by a micro service and there is a reviews page when you click a review when you click are reviews on our product it takes you to another micro service application and there's this database as a separate micro service so these are different micro services for your e-commerce website and these inter communicate with each other or so in a typical Cuban itis example you deploy that as a deployment with multiple pots for each of those micro-services and you create a service to expose that to other micro service or to the outside world outside of your Cuban or this cluster okay so that's ecommerce website if you were to use East EO in this existing architecture in this application architecture how would you do it you don't have to change any of your parts deployment service or anything you can just go ahead with using what you've got and so that's how steo works okay so you install a sidecar container or nny proxy so that gets deployed onto each of your micro service so your service is not exposed by default you don't expose your service but all the traffic all the requests the micro service gets will be obtained will be received by the sidecar the sidecar sits in the front end as a front line so it receives the request and then it proxies a request to the back-end services and this is where you configure all your policies authentication authorization traffic routing and everything so it's a completely different thing which you can configure so you don't have to touch your application you can bring your existing application so that that's how it actually works in simple terms let's look at the architecture for a while okay so that's it looks big it has got multiple components but it's quite simple okay so that's one of your micro service and that's another micro service so this is a service a that is service B got parts running as a deployment with certain number of replicas you expose that as a service and then when you deploy sto on it it will deploy a sidecar called a proxy onto each of the service and we've got pilot galley Citadel mixer and these are all components of Sto for example mixer mixer you can use that as a telemetry provider matrix provider so it collects metrics the proxy that you install that gets installed on all your deployments collects information about the service and then it stores the service stores all those metrics policy checks telemetry metric any matrix in mixer okay so pilot is the one that sends the configuration data to the proxy so whenever you define a policy in Sto so pilot component is the one that's responsible to send that configuration to the proxy and we've got galley galleys the one that verifies or validates all the configuration injecting configuration into different components and so on and citadel is responsible for securing the connection between the micro services you can use TLS certificates to encrypt the connection between the micro services and so on so that's Citadel yeah that's it ok so let's try our first hands-on so the first media is going to be how to install East your CTL in your cuban it is cluster ok so I'm going to close this and then I start a terminal ok so I've got my cuban it is cluster running cube CD l get notes carry export cube CD l get nodes so I've got three nodes one master on two worker node so I'm using a Cuban it is in docker kind I've done a video on that so that's the cluster kubernetes cluster I'm using for this demo and apart from having a Cuban itis cluster I've done three other things you need to install helm until ur helm is the binary that you install on your local workstation tiller is the server side component I've done a video on getting started with helm so you have to follow that to get in helmand tiller installed so cuban ideas cluster Hellman tiller you don't need dynamic NFS provisioning dynamic storage provisioning for this demo or for any of the videos I'm going to do in this series but I've installed dynamic NFS provisioning if I do cube CTL get storage class so go to manage jennifer storage that's the default storage class so if i about deploy any deployment or any application that needs a persistent volume a persistent volume gets automatically created based on dynamic NFS provisioner and the final thing you need is a load balancing capability because I'm running it on a bare metal cluster I can't go with any of the solution there are a handful of solutions so the one I'm using is called metal lb I've also done a video on metal lb how to get your balancing working on your Cuban at its cluster so you have to follow that as well if you want to follow along these demos that I'm going to do in this series ok ISO cube CDL get namespace I've got the metal lb system so that's that's the namespace where all the metal lb related components goes in I've got the storage namespace for which all the NFS provisioning kind of resources goes in so to follow along the bare minimum you need a Cuban it is cluster helm installed and then a load balancing solution for example metal lb ok so the first thing is to install sto CTL the command line you need to install that on your host machine we are not going to be using these TOC DL command a lot but the first step is to get that installed because in the future we might need it to configure the traffic management in all those details so it's good to get that installed now and then we will look at how to install the easier components onto your onto our communities cluster okay I'm gonna start a browser I'm going to search for install sto in Cuba netis ok so sto installing on Cuba notice that's from the east EO dot io dots ok so if I click that one what I'm going to do is go down downloading the release so there's a simple command here that I'm gonna copy and paste it here so curl - L and then 8 downloads an install script and then we pass it to the show so this will download the sto CDL binary and then you need to add that to your part it also downloads the sample applications and everything ok so let's see what it has done city to sto so that's the version we are using is 1.2 dot four okay so I've logged into that one and if I do LS LS bin so it's do-si-do so that's the binary you need either you can add the part for this location present working directory is home bank 18 is to your city a little banner where you've downloaded under the bin directory is the history of CTL either you can add that part to your environment spot variable to have is to your CTL in your command line or you can move it to use a local bin which is what I prefer to do sudo move bin sto CTO to user local bin okay so we've got is to your CTL and if you look at the samples free samples so these are various samples that we can use for getting started guide so I'll be using this one book info application that comes packaged here that comes with different manifests to try out different concepts of Sto so in my later videos I'll be using this book info sample application to demonstrate you various features of sta they carry so let's concentrate on this video which is to get the Cuban artists in sto installed on Cuban artists okay so that's done and if I do is to your CTL help so that's sto see do verify install so the first command I'm going to do is I'm going to run sto CTL verify install so that's gonna do some preliminary checks on your Cuba notice cluster to see if is your CTL can be installed in your cluster okay so it has done some checks and it can see can initialize the cuban artists client it can query the cuban at is AP server and the sto is compatible with the Cuban Ida's version 1.15 so it has found what version of Cuban it is we have installed so which is 1.15 dot zero sto existence so it checks whether sto is already installed or not sto will be installed in the sto system namespace Cuban it is setup can create necessary kubernetes configuration when you install is teo in cuba notice it's going to deploy a bunch of resources like namespace role role binding CR DS role service account service deployments config mat a lot of things sidecar injector ok install pre-check pass the cluster is ready for his tier installation so that's good so it's always a good idea to check whether there is any problem by running this command so that will tell you if you've got any problem or not for example sta will be installed in the sto system name specified to cube CTL create namespace sto system ok history of system is create a namespace and if I run history of CTL verify install say it says error one occur sto cannot be installed because the East your namespace is already in use so that's the kind of thing that it will check so it's always a good idea to check that cube city I'll delete namespace sto - system ok so while it's getting deleted let's go ahead and install that on the Kuban at it so what you've done so far is just installed the sto CTL binary on our host machine on our local workstation and we've downloaded the samples application and all the supporting documents ok so if I scroll a bow so there are a few different types of insulation if you if you are new to give if you're new to East here and if you are just trying it out there's a demo installation custom installation with helm because I've gone home and tiller install I'm gonna go with the custom installation with him and this is recommended for production use or for performance evaluation so that sounds like a better option for me so custom installation with helm in here I'm gonna go with option two because I've got both helm until er if you don't have tiller if you just have helm there is a helm template command to install the helm charts so since we have a helm until er I'm going to go with this option and the first two commands are okay that's just installing helm and tiller on your cluster which we've already got and the actual command is this one helm install install Kuban it is hell missed here so instead of copying it I'm gonna show you how to run it so City to sto 12.4 so when you run the curl command it would have created this directory and copy all the files so I'm logging in to that directory so the command is helm install install kubernetes helm is to you in it okay it's here in it - - name is is to you in it - - namespace is sto system okay so that's the command that we are going to run maybe I should watch cube CDL - n sto system get all so I can I need initialize my cube config okay so now so no resource found because sto system namespace it's not there okay let's try to do that so there are two helm shots to install the first one is sto - in it and the second one is east here so the first one runs a few jobs to set up the environment to install the custom resource definitions and so on let's go ahead and install the first chart sto in it okay so that's done so as you can see here it has created three jobs and a part for each of the jobs so that's the the basic one that's setting up the needed things the required things it's kind of setting up your environment before you are running the actual sto helm chart okay so that's containers contain is getting created so these are basically jobs so I've done a video on cron jobs and jobs if you want more information on that he can watch that video as well all right the three jobs have been completely can see completions one of one and if you do he'll status steel in it three config maps three jobs and three points for each of those jobs and they're all completed so that's good so now we can go ahead and install the second one so that should have let's verify this as well so by installing that helm chart or helm files it should have created 23 hdl-c our DS customer sauce definitions let's go ahead and check that cube CDL get see our DS grab for HT oh okay cool so we have these custom resource definitions that has been deployed to our kubernetes cluster and if I - WC - L you can see there are 23 custom resource definition so verify that all 23 is TOC are these are committed to the curators API server so that's done we are good to go the next command so now we are going to install the actual history of itself okay cube CTL create - F are sorry helm helm install install cube Annette is how sto - - name is sto - - namespace we are going to install this again in the same namespace sto system okay so this is going to install lots of parts as you can see down here it's creating the container and as you can see here at the conference that we talked about in my little notes that is the Citadel for secure communication between the micro services there is galley for validating the history or configurations sto ingress gateway so increase gateway is a component by which you access your application like nginx ingress we have an ingress gateway so that's a custom resource definition that gets installed when you initiate the helm so if I to cube City I'll get crts you should be able to see in the next ingress virtual service destination rules gateway gateway yeah gateway gateway stored ain't working so that's the ingress period that's the customer source definition so that's how you access your application so you install engineer sorry you install East your CTL on top of your application and then you create a gateway for your application so that's the way to access your application okay ingress gateway we've got pilot we've got history of policy sight car telemetry we've also got Prometheus operator install so all of them are running accepting risk gateway so let's give it a few more minutes zero of one ok so that's also running now we are good to go okay so let's do a quick verification cube CDL get fonts - n sto system so all of them are good cube CDL gets service - n sto system so we have these services Citadel galley ingress gateway policy sidecar telemetry and Prometheus okay so this one is interesting sto ingress gateway so the type is load balancer so it's because of this you need to have a load balancing solution installed on your cue Redis cluster if you don't it's also possible to access the service using node port but it would be easy for you if you can install a load balancing solution like metal lb on your Cuba nearest cluster so the external IP does automatically assigned an external IP on the range that I defined in my metal lb configuration so through that you'll be accessing all your applications that are east you enabled okay so that's how you install its T and if you have to delete your sto from your Cuban Redis cluster there are two commands helm delete - - purge helm delete - - verge sto so that's one command and the other one is hell delete - - purge is still in it so that's going to delete all your estion sto - in it resources that has been deployed ok so cool so that's how we install st on your cuban I discussed are the requirements are given at this cluster helm until are installed and metal lb if you want to follow along my videos in this series ok so I don't want to drag this video I just want to cut it here this is just about a quick introduction to sto service mesh and how to install the HT or CDL binary and the East EO CTL on your Cuban it is cluster right in my next video I'm going to deploy the sample application book info and I'm gonna go through what that application is actually and what are all the components and how we are going to test various features of East EO keeping book info as an example for illustration right ok so this one you need to get this one right so watch this video carefully and get the system right and if you've got any questions or any issues setting up this environment don't hesitate to leave me a comment I'll be able to get back to you as early as possible and all the other videos that I'm going to be doing will be based on this setup so in my next video let's see how to install the or deploy the book info application right if you like this video please share with your friends and don't forget to subscribe to my channel and I will I will see you all in my next video bye bye