 Okay, I think it's the 345. First of all, thanks for being here on Friday at 345 p.m. So I was expecting I may have very few people Again today's talk is all about Kubernetes and Cloud Foundry I think if you look at the whole conference You might have heard about how Kubernetes and Cloud Foundry Are actually going to work together, you know, are they going to you know, like how? they actually mingle How we can actually have these two technologies, you know work together and also We just to add to that. We also have Istio the service mesh How many of you are familiar with Istio or heard about Istio? Yeah, a lot of you. That's that's really good actually Istio It's not even a year old, but still you know It is really taking taking off In fact, I jointly lead one of the work groups with Google on Istio So I'm going to talk about Some of the things about Cloud Foundry and And also the Kubernetes But also I would like to talk a little bit about, you know, how Istio Can be supported on Cloud Foundry and there's a lot of work a lot of work streams going on and Some of the things that I will actually I'm trying to put together The the point of view also so it may May not happen, but you know, that's the thing that we're going to talk about some futuristic stuff, too My name is Surya the gorilla. I'm from IBM. I work in Rochester labs so my main job is to Look at the IBM one cloud architecture So today we're going to talk about the enterprise applications because All of you are actually either running in multiple Industry domains and trying to use You know these cloud technologies end of the day any technology unless You can clearly use that in the industry. It's not going to succeed. So The one of the main things that we look at is we take different Industry domains and then see how these technologies the same kind of application When you deploy them in multiple technologies, whether it is Kubernetes or Cloud Foundry and use the service measure without using that So how These applications are performing scaling and how is the stability of the platform, you know all those things And then we will talk about some of the projects under Cloud Foundry you know that are actually trying to work both with Kubernetes as well as Cloud Foundry and Then of course is to you And then we will try to see whether we can actually combine those three and then see how the future is going to look like So some of the applications that we have thoroughly investigated are you know banking healthcare industry and airlines and also some of the Legacy traditional Java EE applications also right because most of the customers who are invested already on The Java EE type middleware kind of an applications They would like to get to cloud of course Cloud Foundry and Kubernetes, right? So how How the what is the? Performance and scalability characteristics of these applications when you move them to these platforms a brief Look at The healthcare kind of application. This is one of the things I think you might have attended my talk yesterday With Kaiser Permanente This is at a very high level. This is the kind of topology typically you can see from a cloud native kind of an application because you will have the Cloud piece that is Cloud Foundry or Kubernetes and then you will have The on-premise of course the data the data center. That's where you have the systems of recurred are there So how you integrate how the transaction flows when the transaction flows through? the friend or into the The the Cloud Foundry either Cloud Foundry or Kubernetes and then gets into the the main frame or other systems of recurred this is the whole you know transaction flow and we looked at that and if you look at some of the more famous microservices Patterns there one of them is the BFF Backends for front-end and most of you may be familiar with that So we looked at these kinds of applications when you deploy them on Cloud Foundry and then same thing You're going to deploy them on Kubernetes What are the different things that you're observing? You know, what are the strengths and what's the weaknesses of some of these platforms? And if there are some weaknesses, what are those and can we fix them? Another kind of application is the Online banking application like you know, we work on multiple banking applications banking and financial sectors One of them is the I think last year if some of you might have heard me talk about With the Royal Bank of Canada on online banking application, which is in production on Cloud Foundry and you know, it is Really rolled out to like 16 million customers So that's another application that we use to evaluate these technologies another Cloud native kind of application. This is actually we have developed internally in IBM. We have outsourced. I'm sorry open sourced it to If you go and look at blue perf Google it on blue perf. You can see that This is a polyglot microservice application More of a reservations and Ireland reservation stuff, right? This is the one that is being right now used for Istio development We have developed a Regression patrol and this is the application that runs on a daily build with Istio when Istio community turns a build This is the application that runs on a daily basis to understand the the performance implications of all the components of Istio So let's get to i'm going to show some of the performance data as well today just to put some perspective, right? on Cloud Foundry and Kubernetes So some of the based on our work Some of the main things that from a Cloud Foundry point of view These are some of the pain points that we have seen and in fact I'm closely working with the Cloud Foundry community to make sure that we fix Most of these things so that we will have these enterprise applications scale and perform First thing is the the good outer right as you know the good outer design If you look at just by default You don't have any kind of keep alive Or anything enabled of course we have worked on I think 253 Cloud Foundry version 253 and beyond we have the support but it is not enabled because of that Certain kind of applications like our kp's health health care applications. We have seen long tail latency The long tail latency for for for some of you who may not be familiar with that So that's the for microservices When you look at 90th percentile Latency and 99th percentile There will be a significant spread. So they may be up to like 10x or 8x or so. There will be significantly Higher latency at the 99th percentile and that will actually is not good for microservices. That is one of the things that's actually good outer Is actually in certain situations you see that And as I showed the bff the back ends for front end pattern again The bff if you look at the node bff will call the java api which in turn will call the systems of record So it's like kind of a three level three tier Networking like you know when you when you transaction goes through node to the java api and back to the systems of record What happens in cloud foundry because of the design So when java api one calls java api two or node calling the java api one It won't directly go because it has to go all the way out to the firewall and then get the Proxy or the you know front door and then gets into the go router and then it'll get into the next instance In a same cell or a different cell Because of that there are so many network hops that you go through and that will impact the scalability And we have some solutions for that. I'll get to that next Another thing that when you push when you do a cf push Especially for java applications You might have seen significant cpu spikes You you get a brief moment maybe three or four seconds, but you see significant cpu spike Sometimes that may have an impact Based on how contended your cells are It can cause some staging failures So that's one thing And then we have the c groups algorithm. I think dr. Jules was talking earlier The c groups algorithm is the core algorithm that Gives you how these applications there are application instances That are deployed In the garden containers How you segregate how these instances are isolated? They're all maintained by the c groups and when you push an app Also, you You push an app to a specific Cell based on memory So you don't kind of take into consideration the cpu That's there in that In the cell Because of that sometimes what happens is you have a very contented cell But still this application will be placed and staged in that. So that's another issue that we need to look at Then you have the service mesh right and as more and more cloud Foundry applications are more more of microservices in nature So you need the service mesh to manage All that right. So that's another thing that work is going on, but right now you don't have the The support for that So these are some of the these are the three Design features that are available now in cloud foundry. The last one the oca one is the I think it's dropped in 279 or so I think that's now the version names changed So the first one is go to our keep alive So the upstream channel keep alive is enabled right now. So because of that you can actually see the The long tail latency and those things result and you don't have any kind of a You know issues and that will really help Reduce pressure on the good order also if you go and observe good order You can see the kernel cpu high Very high. Maybe sometimes, you know based on the load You will see lots of Colonel cpu being churned on that. So this will solve that Um, then the second one is as I said bff How can you reduce these network hops the container to container? if you enable that With the policies that you set up so that you don't need to go all the way back to the Front door and then come back and then the oca layer. This is basically What exactly it is doing the oca? Phase one is already in What it is trying to do is actually the build pack mechanism is right now like kind of It will change from a flat file system to a docker type layered file system because of that the droplet size Will be significantly smaller and that will reduce the The the the cpu spike So you can see this is the healthcare application and you can see the scalability and then you can see the The throughput number right for the same workload You can see around 500 or 590 or 550 That's going and then you can see the knee of the curve there and then beyond that of course you reach the saturation for that instance, right? If you look at this on the same thing if you look at on cubanus You can see it's around around 1200 or 1170 or so so Because you have so many of these layers and so you can actually see the difference between the two And of course you have to enable all those features that I mentioned because they're not Enabled by default on cloud foundry Online banking application you can see this is again on cloud foundry Of course, you can see the scalability like you go from one instance to five instances You know you're going from you know like up to 3000 from 1700 So if you were to run the same thing On cubanus here Of course, you need to really look at The runtime Sometimes run runtime algorithms Will you know give you some regressions? You can see that the bottom line that you're seeing the bottom orange Line there That is if you have a java application runtime Which is not able to cope up with the backend service latency like the you know Your online banking application is actually talking to A mainframe or you know some other systems of record Then if the latency backend service latency is high Then you will have an issue there. So you need to adjust that runtime or bypass that algorithm issue Then you can see the the scalability that The line you have like the yellow one and the green one Again, not only you adjust that but also you have to tune that To so that you will get the required number of executed threads So the green one has enough executed threads provisioned or instantiated So that you can actually get the better performance But the point here is like you can see almost up to 5000 For the same kind of five instances you have seen 2700 in the previous one And now you're seeing 5000 And this is the main point If you really want to scale Kubernetes you can really go and you know scale you can see that almost You know 4.5 billion api calls You can see that here That is the kind of scalability you can get On on Kubernetes you're you're driving almost like 50 000 transactions or api calls per second So As you can see this like if you want to have massive scalability And you want to get that linear, you know with low latency, right? You know, you can clearly see that Kubernetes can provide that So Again with cube also, right? You can see the back-end service latency You need to take care of that as you increase the back-end service latency You can see from You know 500 to 100 right so 100 milliseconds if you have back-end service latency You can see the throughput and then if you reduce that from 500 to 100 you can you can see the The improvement so In your systems, you need to pay attention to How much is the back-end service latency like going from your application platform to the service of a recurred or Other any EI APIs This is with Istio. So the same online banking application Now what it is doing is actually you are applying you're injecting Istio now So right now we are actively as a as a community We're actually working to optimize the Istio components mixer pilot Onway and you know all these internal pieces But right now the way it stands at this point as of 0.8 version of Istio You have to allocate a little bit more Resources to get the exact same performance How much more You can see up to around 40 45 50 percent additional Resources you need to and we are trying to reduce that By we want our goal is to see whether we can actually get to less than 10 percent so with that I would like to see How we are actually going to what kind of projects that we have in cloud foundry that interact and actually the kind of I won't say blend but actually they're kind of they work together with kubernetes because you have seen The kind of scalability that kubernetes provides in the runtime platform That that you know all these microservices and also it has Features like the sidecar pattern so you can actually have you can inject Like a istio type service mesh there, right So you can see the these are the different projects that are going on right now That will interact with both cloud foundry as well as the kubernetes the first one Don has announced yesterday About the icfee or the ibm cloud foundry enterprise environment Basically, what it does is actually i will try to do some kind of a demo if it's possible here What it does is it will Basically deploy cloud foundry on kubernetes clusters There's ibm container service What it does you have the control plane and the data plane The control plane has all the q all the cloud foundry specific The fabric components And then the data plane the other worker node that will have just your applications or the dgo cells That's how it will try to create a kind of an isolation also And and then you'll have control to the second one is the the sip you have seen that kubernetes To cloud foundry integration scenarios Basically it is similar But actually you can see that I think sap has gone through this and another thing that The first two are basically you are still running everything on dgo scheduler The third one what it tries to do Is you will have cloud foundry when you do a cf push What it does is it will bypass that dgo scheduler and then it'll try to put that application on run on kubernetes cluster So that's the replacement of the scheduler. So that's the one that's a opi project. That's being worked on right now Another one Yeah, so the question is whether that will replace if the opi the intention of the opi is to Completely replace that whole garden the dgo scheduler. So there won't be any garden. It will be just docker like the parts like to So another thing is the susie, right? So say you have the Containerized cf control plane, right? That's another thing and then of course the cubo project from pivotal, right? There are multiple projects that are right now going through I didn't really mention here about istio. I'll get to that next but these are The things hopefully you will hear more updates on this. Maybe in basal and beyond that So this is a peak preview of like some other thing that don showed here You can see how that icf that ibm cloud foundry enterprise environment works here And this is some kind of early data from a performance point of view. What exactly it is actually getting You can see the the blue bar Is actually without any front door Again, it is showing the impact of front door on the overall application latency And then the middle one is the icf right the ibm cloud foundry enterprise environment That's where you have the front door But it goes through the cubes ingress controller, right? And then the the red one is the normal cloud foundry right now as we run, right? You can you can see The the value also in the icf one than the in the middle one, right? So let me see how I can I can show you here some of the Yeah, this is the live Cluster that we have right now Oops I think you guys can see this. This is the current icf cluster that is running there In our lab. So you can see the perf cluster here That's where if you look at This is a cluster. That's where the actual Diego cell with the applications that are running there And then if you go to the the Dell 12 cluster, this is where you have the Cloud foundry components that are actually deployed and you can this is a grafana dashboard that shows Everything what's happening inside both the control plane as well as the data plane So if I if I want to go and see like let's say pod metrics So you can actually see this In a worker nodes. So there are three. This is a three worker node cluster So you can see 50. This is the worker node that has all the data that is the cloud foundry Cells Diego cells And you can actually clearly see what is happening here in this So all the internal components internal pieces You can see this. So this is this is all some of the dashboard that we created for For our performance work. All right, so now I'll go back to So now let me talk about the cloud foundry future directions as I talked about So these are four different things that are actually happening The first one as I mentioned about the cfee or the ibm cloud foundry enterprise Environment that is running cloud foundry on top of Kubernetes The second one is the opi That is replaces that replaces basically the Diego scheduler with Kubernetes scheduler. So that is It's not running on but it is actually running in the Kubernetes right there And then you have the istio service mesh I'll talk a little bit about the istio service mesh the support. What's the plan and how Different projects are going on there Um, and then of course some of these optimizations that are already there and there are a few other things in the container technology Like oci phase two and those things are still working through So this is the istio's service mesh support On on cloud foundry here. You can see this This is a project. I think um, some of you might have attended Um a talk about this istio previously So you have the boss release that packages istio and envoy for cloud foundry Um, and you have a co pilot. I'm going to show all that stuff Basically, there are two parts to this istio support The first one is the north south traffic support And then the second one is the east west traffic support Northwest is being worked through right now East west um is the one that um, there are two separate initiatives going on there Basically there you have to have um, you know support for a sidecar pattern So that you can have the mixer support Um and mixer and um, you know envoy for the you know service sidecar So you might have seen this from Aaron yesterday He talked about how the istio support for cloud foundry is being planned at this point You can see this is from Aaron There are two different ways Either you can actually Go to the applications through go router Or through on why? On why is the The ingress for istio Right So you can actually either way you can actually reach to so basically if you were to go with istio Then you can actually replace go router as well So another piece that is actually being developed again, this is from Aaron Yesterday you might have seen this The co-pilot which will be the the control plane component that interacts with the pilot Which is again another control plane item with istio So to to get the support for the north south traffic And again for the east west where you want to have complete support for Istio Because you need to have support for the sidecar pattern also. So there is some work Dr. Jules and and others are working on on the On the Diego cell itself. You can re architect That container Also to support the sidecar kind of a pattern like are a part kind of a style right so that you can have You know two containers in a in a in a pod that because you need that In istio what happens is when you inject that so you have the microservice service in a container And then right next to that in another container you have the on why proxy So they both are together in one pod right, but right now the cloud phone redesign the architecture doesn't support that kind of Sidecar pattern So that's that work is going on with the current Diego architecture or container architecture work But if you go with opi That's another thing that's possible if we were to go with opi and if you replace the Diego scheduler with The cuban it is scheduler Then automatically you'll get that too. So these are the things that are being worked through there is Nothing that is finalized yet, but this is how you can actually get This is one way of getting the east-west traffic support for istio Yeah, that's those are some of the things that I would like to share. I think we have One more minute left any questions for me Okay, so the the question is Yeah, this question is Okay from an enterprise point of view Are these two communities like cloud foundry and cuban it is they're going to coexist or Are which one is going to take off or something that's the question right so right now as I mentioned here right right now There is a very good chance of actually Getting those two things work together. In fact even istio for that matter Because cloud foundry is pretty good in terms of the application, you know App experience like you know the cf push and you know that that's like it's a more of a pass typical true pass environment Whereas cubanities is more it's good for scalability for operations and stuff, but It lacks these advantages that cloud foundry has so If we can marry these two things together, I think that will be the best for an enterprise And of course as as as more and more microservices are being built And istio getting more popular because what istio brings to the table here is Um, you can as a developer you don't need to worry about How to get your application, you know like a how to manage your traffic How to manage the security how to manage the telemetry of all your services istio will take care of all that So your application can be dumb To to be put it frankly, but you will focus as an application developer you will focus more on On your domain Specific things and value added features to your specific industry and you don't need to worry about security or telemetrics or traffic patterns or a b testing canary testing and all that stuff Give all that stuff to istio That's exactly the reason why You know istio is getting more popular any any more questions And another thing I think week after we have a cube con Um, I'll be talking about if some of you are coming I'll be talking about the Google myself on vmware guys who can talk about istio on performance and scalability and what exactly is coming to So if some of you are coming there to Copenhagen, um, please stop by there as well. Thank you