Teleporting And Intercepting Microservices With CodeZero

Video Statistics and Information

Video
Captions Word Cloud
Reddit Comments
Captions
how do you develop microservices now that's very broad question you might answer by writing code so let me be more precise how do you manage dependencies of the service that you're developing there could be one or two or five for tens or hundreds of services that you need to communicate with while developing a single one of them here's the problem when working with microservices we have many of them and you might not be able to run them all locally you might not be able to run locally even those that you have direct dependencies with so you're likely going to run them in a remote kubernetes cluster maybe in a staging environment or maybe even in production while developing a single micro service you might need to connect that service with others running somewhere else some of them might be in a local kubernetes cluster but some might be somewhere else and we need to figure out how to connect what you're developing with these dependencies running somewhere else or maybe even spread across multiple clusters and environments what we need to do in those situations is connect the application or the microservice that we are developing with those running somewhere else and it can get even more complicated because we can have dependencies in such a way that the remote service might need to come back to us so it's not only us connecting to services running somewhere else but services running elsewhere connecting back to us so the directions can be inbound or outbound or both depending on what we really need and what we are working on today we are going to explore a solution that might help with that problem and that solution is called code zero and it contains of two different components teleport and intercept we're going to see them both and afterwards comment and discuss whether such a project is worthwhile using or not the only thing i did before i started recording this session was to create a kubernetes cluster that's a cluster where i will deploy the dependencies later on for now the only thing i have is a kubernetes cluster the first thing i will do is install code zero cli and i will do that by executing npm install and this is the first thing i do not like from the very get-go the thing i do not like about code zero is that the installation goes through npm there's nothing wrong with mpm there is nothing wrong with javascript the issue is that i believe that installation of cli should be simpler than that i'm using mac so i would expect brew install or i might be using chocolaty and windows and so on and so forth it all really depends on what your operating system is and i do not even need the package management i would be fine with the single binary that i downloaded put in usr bin or wherever you're putting binaries i do not think that it makes sense to have such dependencies as hey you need mpm to install this and then you need python to install that and maybe you will need go for the third cli to compile it and install it and so on and so forth cli should be compiled to binaries and not 10 pm or python or whatever the language is in which the cli was written you know on the other hand it's not such a big deal almost everybody has npm already in their operating system and i'm probably finding issues where there are no really issues however if you're watching this channel you know how i operate i like to tell you about things i like but also things i don't like okay now that i installed the cli i need to initialize it and i need to do that as sudo because it will write some things to the hosts file and to do that it needs privileged access to the host file so it needs to be sudo it's not ideal but it's understandable next i will deploy a silly application call it a microservice to a cluster that i'm running and we will use that microservice to explore how we can connect what i'm developing locally with that service later on we are going to come up with slightly more complicated example but for now all i want to see is how to connect the application working on to the application running somewhere else and you will see soon why that might be a problem why that might be an issue and for you to understand why that might be more complicated than it might seem i'm going to list all the resources that i deployed and you will see that there is something missing intentionally missing over there i have a deployment which created a replica set which created pods i have horizontal port auto scaler and i have a service now servicing question is the key to the problem or understanding the issue it is said to be cluster ip and that means that that service is accessible only through other services running in the same cluster and that's normal for back-end applications if this would be front-end or some application that is accessible from outside of the cluster i would create ingress and then it would be accessible from outside and then i would not have a problem that i'm having right now but this application microservice is an internal one it is supposed to be accessible only from within the cluster and that's a common pattern why would they expose that service to the outside world if there is no reason to do that however the issue is that i cannot access that application it is not exposed to the world outside that cluster and i do need to connect to it because it could be a dependency of the application i'm developing and this is where code0 comes to the rescue i will teleport into that application i will enable that application to be accessible to me and only to me so i will not make it accessible globally nobody else will be able to reach that application except me and the command is cz cuttle deployment teleport and the name of the application i want to connect to is called silly demo and it is in the staging namespace and we can see from the output that it started a tunnel into staging when that's not really correct it started a tunnel into the application running in the staging namespace so let me try it out and before i do remember i did not expose this application outside the cluster the type of the associated service is local ip and there is no english so it is not accessible to outside world or at least it wasn't before i teleported into it so let's see whether it works i will skip the whole deal of showing you how i would do it from the application i will just execute a simple c url command into silly demo on port 8080 and there we go i got the response it says this is a silly demo version 100. remember the version it will become important later i can also be more specific and say hey send a request to silly demo in the namespace staging on the port 8080 and the result is the same because i sent a request to the same service i just used a different host of that service because code0 created quite a few hosts actually let me show you all the hosts by listing the contents of the hosts file and we can see that there is silly demo silly demo.staging silico.staging.svc and so on and so forth there are all the variations of the host through which we can access that service and you're probably going to use just the name of the service or the name of the service in the namespace now let's see what happens if i have the same service running in multiple namespaces would i be able to choose which phone i want to connect to will i be able to connect to both of them i'm not sure whether there is a use case for something like that but let me check it out nevertheless so i will deploy the same application to the default namespace the the one that is already running is in staging so i will create a copy of that application in the default namespace and let's see what will happen all i have to do is execute cz cuttle i mean it's hard to pronounce right c z cuttle uh i don't like the name i don't like things that are complicated to pronounce easy cuddles maybe it will grow on me we'll see anyways i will execute cz cattle deployment teleport silly demo that's the same as before but this time i'm going to specify the namespace default and it cannot do it it's complaining that hey you already have the same services service with the same name running in a different namespace in staging and i cannot do the same thing for the default namespace and that's a bit silly because as you saw before it allows us to specify the namespace in the host of the application we're trying to access so i see no good reason why i shouldn't be able to teleport into both of them and choose which i'm going to use on the other hand the chances that you will try to teleport into the same service running in different name spaces like staging a production for example are very low you're probably going to use one or the other so this is me again finding the issues where there are no issues but hey i like to try different things now let's imagine a slightly more complicated scenario let's say that i have a service in a cluster running somewhere that should communicate with the service that i'm developing with the application on my laptop in production it would be something like hey there is application a that communicates with application b running in the same cluster but if i'm developing application b then i need the first one the application a running in a remote cluster to talk to the one running on my laptop which is more complicated scenario than the previous one because i could still overcome the issues with the first one the first scenario by exposing that application through node port or something like that but this is something different i do not want to communicate with the service from my laptop i want the one running remotely somewhere else to talk to me so let me run the dependent service the service b on my laptop first it will be the same application that is currently running in a cluster and that's the application that i want to run now locally i'm simulating that i'm developing it and to do that i will pass a couple of variables i will set the version to 101 and i will set the port to 8081 and then execute go run which will run my application locally don't worry i'm not teaching you go today this is just a demo right you could apply the same thing to any language the important thing is that version 100 is running in a remote cluster and version 101 is running locally we will use the version to distinguish one from the other now let's see what happens if i create another application application a in that same cluster that should communicate with application b that is running both inside the cluster but also locally i could not make myself write many lines of go code or something like that so i will simulate that application by executing c url from a pod inside of that cluster and the output says this is a silly demo version 100 and that outcome was to be expected there is something running in a remote cluster that tries to communicate with something else running in that same remote cluster and it got a response and that's version 100 running in that remote cluster but that is not what i want i want the application in that cluster to communicate with the application running locally imagine that i'm developing a backend and i want front-end running in a cluster to speak with the back end running in my laptop what matters is for you to remember that version 100 is running in a cluster and version 101 is running locally on my computer now to solve this problem this issue i will execute cz cattle service intercept and the namespace is staging and the application that should be intercepted is silly demo and it is running right now on my computer on a local port 8081 and should be accessible from remote applications on port 8080 and there is a header saying silly column demo this header is important and i will explain why later without the header the results would be horrible and let me explain why if i want to redirect all the requests going to that application to my local computer then i would affect everybody and everything that is communicating with that application because there might be other apps in that cluster that speak with it and there might be other people sending requests to that application there might be many entities that are using that application right now and i do not want to redirect all of them to my local copy of the application the one i'm developing i want to intercept and forward requests only when i'm sending them and i can distinguish my requests from all other requests by adding a header and telling code0 that it should intercept only the requests that have a specific header now let's see if i start the container in that cluster that will send the same request as before what will happen remember my mission is not to affect anybody but me so the first thing i want to see is what happens when the normal request is sent to that application and nothing special happened i'm still getting response from the remote application running in a cluster and i know that through the version it says 100 and now comes the real test what will happen if i send the same request but add the header silicon demo or whatever the header is whatever was specified in the intercept command and this time the response says this is a silly demo version 101 so an entity a process running in my cluster we sent a request to the application running in the same cluster but code0 intercepted that request and forwarded it to the application running on my laptop and that is absolutely awesome that gives me all the communication parts that i might need when i need something on my laptop to communicate with an application running in a cluster that is not exposed to the outside world i can just execute cc cattle teleport and when i want to intercept requests that other applications are making to that application and forward them to the copy running on my computer i can just execute ccl intercept which will intercept those requests and if there is a specific header forward and to me while everybody else would be oblivious that anything is intercepting anything for everybody else the world continues working as if nothing happened all that magic is happening by a combination of the cli on my laptop and a pod that was created in that specific namespace you can see interceptor silly demo running over there which is great because that pod is intercepting the requests and forwarding them wherever they should go or not depending on whether there is or there isn't a specific header and the only potential issue i see with that is if i would like to intercept applications microservices running in production i would probably not be allowed it probably wouldn't be wise to run random pods in production but this is a tool that is specifically aimed at developing and we are usually not developing or working with dependencies running in production but rather staging or pre-production or a production-like environment in any case i could not even imagine a solution to the problem without something running in a cluster in other words there must be an entity that is taking care of intercepting requests and forwarding them to wherever you are working on once we are finished working once we do not need those dependencies or communication with those dependencies we can just execute cc cattle session close and either specify which session we want to close or set the dash all to close all the sessions and then everything goes back to where it was before we started there is actually one more thing that i want to check before we talk about code zero and that's the hosts file i closed all the sessions and i hope that code zero did not leave garbage in that file uh i really hate garbage i had when somebody pollutes my file system without cleaning up afterwards and yeah it cleaned up everything there is no garbage big plus i mean tiny plus right but i like clean systems and that's more or less it that's all it does and that's good i like small tools that are very specific fulfill certain objectives and help me with certain tasks without becoming monsters that do too many things and are hard to learn and i don't like them because not all the things are great code zero mission at least at this moment is very simple and that's what makes it great it allows us to send requests or communicate with applications running somewhere else without those applications being exposed to the world outside the clusters where they are running it allows us to intercept requests made from applications running in the same cluster and forward those requests to the application running local and it does that only if there is a specific header involved in those requests so that nobody else is affected by those actions or those tasks if you exclude the installation done through mpm there is nothing bad to say about it i think it's absolutely awesome so let's talk about pros and cons and let's start with what should i start with let's say cons stocks are not really detailed they do not explain well what's going on and how it's working and so on and so forth so if you're into reading good documentation as literature then code zero might fail you i do not like that installation is done through npm and i do not like the fact that i cannot teleport into the same application or same service running in multiple namespaces or to be more precise i can teleport into an application running in multiple namespaces but i cannot do that there's two separate actions it's a weird situation nevertheless with the exception of documentation which i'm going to comment a bit more in a minute or two none of those downsides are really important that's only me nitpicking and finding faults in something that's actually working pretty pretty pretty well and in that spirit let's move to advantages or pros of code zero and the first one is documentation now you might be confused i said hey documentation is not great and now i'm saying the documentation is great and let me explain why i'm saying that documentation is not very detailed and i kind of like it because sometimes i feel the documentation is insulting my intelligence by writing paragraphs and paragraphs and paragraphs of something that is kind of obvious this is a small tool you can figure it out without docs just by executing cli and the docs are mostly based on hey this is the command execute this this is what will happen you're a big boy you will understand what it means and i like it because it forced me to try it out instead of just reading documentation because reading documentation will not give you the real picture of what's going on you need to try it out and documentation is guiding you well in how to try it another one is simplicity it's simple it's easy it does what it's supposed to do and it doesn't do anything else and that's kind of brilliant and the last one and this is a big one it does not use vpns or anything of the sorts and they really really really dislike vpns or virtual private networks they're always slow buggy they complicate things code zero does not use vpns and that's kind of brilliant and the only real competition i know to code zero at least in its current state would be telepresence i'm not going to compare it with telepresence at least not in this video let me know if that's something you're looking for and if it is i will do something like telepresence versus code zero and then go through pros and cons and let you know which one you should use for now all i can say is that code zero does what it's supposed to do it is simple it is easy and you should try it out go ahead try it out i'll wait actually i will not wait but what i will do is tell you that i opened memberships to the channel so if you want to show the support for the channel uh then you might want to become a member and that helps a lot keeping the lights on and it helps keeping this channel going and me paying all the expenses and there are a lot of expenses anyways thanks for watching see you in the next video cheers you
Info
Channel: DevOps Toolkit by Viktor Farcic
Views: 318
Rating: 5 out of 5
Keywords: microservices, codezero, intercept, teleport, intercept microservices, teleport microservice, developing microservices, develop microservice, microservice development, kubernetes, k8s, devops, devops toolkit, review, tutorial, viktor farcic, microservices testing, microservice development process
Id: bt5lQqRJxlE
Channel Id: undefined
Length: 22min 2sec (1322 seconds)
Published: Mon Oct 04 2021
Related Videos
How To Create Virtual Kubernetes Clusters With vcluster By loft
DevOps Toolkit by Viktor Farcic
2.2K
How Hidden Technology Transformed Bowling
Veritasium
5.2M
Design Microservice Architectures the Right Way
InfoQ
533K
OpenCV Course - Full Tutorial with Python
freeCodeCamp.org
1.2M
Installing Debian Linux 2.1 From 1999 Was A Painful Experience ...
NCommander
96K
Ask Me Anything
DevOps Toolkit by Viktor Farcic
1.4K
Substack Founder on How to Monetize Your Ideas @Chris Best | The Quest Pod with Justin Kan
The Quest Media
2.5K
Predicting the Future of the Web Development (2020 and 2025)
Coding Tech
968K
Can YOU Fix Climate Change?
Kurzgesagt – In a Nutshell
7.5M
Build Your Website with Org Mode
System Crafters
5.3K
Kubernetes Tutorial for Beginners [FULL COURSE in 4 Hours]
TechWorld with Nana
2.1M
Continually Variable Transmission with Clutch & Reverse
James Bruton
228K
Fly - NoOps Application Management All Over The World
DevOps Toolkit by Viktor Farcic
1.7K
VoiP DDoS Mitigation Explained With Ray Orsini from OITVoiP
Lawrence Systems
13K
Learn React Redux with Project | Redux Axios REST API Tutorial | React Redux Tutorial For Beginners
Dipesh Malvia
124K
Note
Please note that this website is currently a work in progress! Lots of interesting data and statistics to come.