SlideShare ist ein Scribd-Unternehmen logo

Gaps in the Serverless Mesh: Deployment, Discovery, and Auth

Als PPTX, PDF herunterladen
B
Ben Kehoe

Given at Serverlessconf SF 2018

Software
1 von 35
Gaps in the Serverless Mesh: Deployment, Discovery, and Auth Ben Kehoe Cloud Robotics Research Scientist at iRobot AWS Serverless Hero @ben11kehoe 2018-08-01
iRobot 2018 | 2@ben11kehoe Deployment
iRobot 2018 | 3@ben11kehoe
iRobot 2018 | 4@ben11kehoe Deployment • Red/black imposes requirements on clients • Blue/green is the direction providers are headed • Existing paradigm: • Blue/green controller is part of your component graph • Update component graph in-place • Controller manages roll-out
iRobot 2018 | 5@ben11kehoe What does blue/green deployment look like for a component graph? (i.e., a CloudFormation stack)
iRobot 2018 | 6@ben11kehoe A B1 A B2
iRobot 2018 | 7@ben11kehoe A B1 A B1Definition Reality A B1 B2 A B2 A B1 B2 A B2 “UPDATING” “DONE”
iRobot 2018 | 8@ben11kehoe Definition Reality “UPDATING” “DONE”A B1 Ctrl A B2 Ctrl Ctrl A B1 Ctrl A B1 B2 traffic Ctrl A B2
iRobot 2018 | 9@ben11kehoe API Function
iRobot 2018 | 10@ben11kehoe v1 Function version v2 Function router API
iRobot 2018 | 11@ben11kehoe API router v1 Function version v2 Function router API version v1 v2
iRobot 2018 | 12@ben11kehoe API router v1 Function version v2 API version v1 v2 Function/code versions must be first-class citizens in infrastructure
iRobot 2018 | 13@ben11kehoe API router v1 Function version v2 API version v1 v2 Function placeholder Function router
iRobot 2018 | 14@ben11kehoe C1 A B C2 A BC1 C2 A B
iRobot 2018 | 15@ben11kehoe D E1 A D E2 A D E1 A E2 ???
iRobot 2018 | 16@ben11kehoe D E1 A D E2 A D E1 A E2 A
iRobot 2018 | 17@ben11kehoe Function Role Policy
iRobot 2018 | 18@ben11kehoe v1 v1 Function Role Policy v2 v2 Continuity of role may be necessary v1 allow v1 deny both allow both deny v2 allow v2 deny both allow both deny ? ? ?
iRobot 2018 | 19@ben11kehoe v1 v1 Function Role Policy v1 v2 v2 v2 v1 allow v1 deny both allow both deny v2 allow v2 deny both allow both deny v1 allow v2 allow both allow both deny
iRobot 2018 | 20@ben11kehoe Source Deployed Tool Blue Blue Green Cyan Green
iRobot 2018 | 21@ben11kehoe Authentication and Authorization
iRobot 2018 | 22@ben11kehoe Policy Resource
iRobot 2018 | 23@ben11kehoe Policy Resource Problems: • Cross-account • # of policies attached
iRobot 2018 | 24@ben11kehoe Policy Resource Problems: • # of callers • Deployment to add permission
iRobot 2018 | 25@ben11kehoe Policy Resource Problems: • Coarse, or • 1-1 service-group Group/OU
iRobot 2018 | 26@ben11kehoe Policy Resource Problems: • Push the problem to AssumeRole permissions Role
iRobot 2018 | 27@ben11kehoe What do I really want? • Caller defines desired permissions • Service could provide standard polices • Checked against org rules • Attached to caller • Assuming x-acct and # policies issues don’t matter
iRobot 2018 | 28@ben11kehoe Auto-generated policies • Deriving policies from code is not a good idea • Permissions should help stop malicious code • But you’d derive malicious permissions from malicious code • Need explicit declarations • Then check against code for mismatch (in either direction)
iRobot 2018 | 29@ben11kehoe Discovery
iRobot 2018 | 30@ben11kehoe Containers have it easy A Mesh proxy B Mesh proxy Gossip
iRobot 2018 | 31@ben11kehoe Functions miss out Time Invocation Sync state Invocation Sync state #FOMO
iRobot 2018 | 32@ben11kehoe Config aaS • Requirements • Availability over consistency • Public/private • Cross-account • Consequence: long-lived resources → blue/green • AWS SSM Parameter Store
iRobot 2018 | 33@ben11kehoe Parameter Store for discovery • Each microservice has a space in the parameter hierarchy • Discoverable parameters are tagged as public • Public parameters are sync’d across all accounts (via a central account) • Sync is organizational infrastructure • Each microservice only needs to look at the account-local Parameter Store for discovery
iRobot 2018 | 34@ben11kehoe Details on cross-account Parameter Store sync • Set up as infrastructure; clients of Parameter Store don’t need to care where parameters are coming from • Each account: • Pushes to a central account’s Parameter Store • Subscribes to SNS topic of central store updates • Periodically queries central store
Questions?

Empfohlen

SFScon18 - Kurt Ranalter - Leonhard Holzer - API level regression testing: a ...
SFScon18 - Kurt Ranalter - Leonhard Holzer - API level regression testing: a ...SFScon18 - Kurt Ranalter - Leonhard Holzer - API level regression testing: a ...
SFScon18 - Kurt Ranalter - Leonhard Holzer - API level regression testing: a ...South Tyrol Free Software Conference
 
Cisco Project 1 Description
Cisco Project 1 DescriptionCisco Project 1 Description
Cisco Project 1 DescriptionEvaKeeling
 
GraphQL Basics
GraphQL BasicsGraphQL Basics
GraphQL BasicsLeanIX GmbH
 
GraphQL Advanced
GraphQL AdvancedGraphQL Advanced
GraphQL AdvancedLeanIX GmbH
 
LeanIX GraphQL Lessons Learned - CodeTalks 2017
LeanIX GraphQL Lessons Learned - CodeTalks 2017LeanIX GraphQL Lessons Learned - CodeTalks 2017
LeanIX GraphQL Lessons Learned - CodeTalks 2017LeanIX GmbH
 
SAP Integration for non developers Teched 2017
SAP Integration for non developers Teched 2017 SAP Integration for non developers Teched 2017
SAP Integration for non developers Teched 2017 Daniel Graversen
 
APIdays Zurich 2019 - Serverless architecture: focus on code, performance and...
APIdays Zurich 2019 - Serverless architecture: focus on code, performance and...APIdays Zurich 2019 - Serverless architecture: focus on code, performance and...
APIdays Zurich 2019 - Serverless architecture: focus on code, performance and...apidays
 
MuleSoft_Meetup_Datagraph and Async APIs.pptx.pdf
MuleSoft_Meetup_Datagraph and Async APIs.pptx.pdfMuleSoft_Meetup_Datagraph and Async APIs.pptx.pdf
MuleSoft_Meetup_Datagraph and Async APIs.pptx.pdfVikalp Bhalia
 

Empfohlen

SFScon18 - Kurt Ranalter - Leonhard Holzer - API level regression testing: a ...
SFScon18 - Kurt Ranalter - Leonhard Holzer - API level regression testing: a ...SFScon18 - Kurt Ranalter - Leonhard Holzer - API level regression testing: a ...
SFScon18 - Kurt Ranalter - Leonhard Holzer - API level regression testing: a ...South Tyrol Free Software Conference
 
Cisco Project 1 Description
Cisco Project 1 DescriptionCisco Project 1 Description
Cisco Project 1 DescriptionEvaKeeling
 
GraphQL Basics
GraphQL BasicsGraphQL Basics
GraphQL BasicsLeanIX GmbH
 
GraphQL Advanced
GraphQL AdvancedGraphQL Advanced
GraphQL AdvancedLeanIX GmbH
 
LeanIX GraphQL Lessons Learned - CodeTalks 2017
LeanIX GraphQL Lessons Learned - CodeTalks 2017LeanIX GraphQL Lessons Learned - CodeTalks 2017
LeanIX GraphQL Lessons Learned - CodeTalks 2017LeanIX GmbH
 
SAP Integration for non developers Teched 2017
SAP Integration for non developers Teched 2017 SAP Integration for non developers Teched 2017
SAP Integration for non developers Teched 2017 Daniel Graversen
 
APIdays Zurich 2019 - Serverless architecture: focus on code, performance and...
APIdays Zurich 2019 - Serverless architecture: focus on code, performance and...APIdays Zurich 2019 - Serverless architecture: focus on code, performance and...
APIdays Zurich 2019 - Serverless architecture: focus on code, performance and...apidays
 
MuleSoft_Meetup_Datagraph and Async APIs.pptx.pdf
MuleSoft_Meetup_Datagraph and Async APIs.pptx.pdfMuleSoft_Meetup_Datagraph and Async APIs.pptx.pdf
MuleSoft_Meetup_Datagraph and Async APIs.pptx.pdfVikalp Bhalia
 
Formal Verification with Ada/SPARK
Formal Verification with Ada/SPARKFormal Verification with Ada/SPARK
Formal Verification with Ada/SPARKTobias Philipp
 
GraphQL.net
GraphQL.netGraphQL.net
GraphQL.netTyler Ayers
 
Flink Forward San Francisco 2018: Xingzhong Xu - "Scaling Uber’s Realtime Opt...
Flink Forward San Francisco 2018: Xingzhong Xu - "Scaling Uber’s Realtime Opt...Flink Forward San Francisco 2018: Xingzhong Xu - "Scaling Uber’s Realtime Opt...
Flink Forward San Francisco 2018: Xingzhong Xu - "Scaling Uber’s Realtime Opt...Flink Forward
 
DevOps for SAP CPI presentation
DevOps for SAP CPI presentationDevOps for SAP CPI presentation
DevOps for SAP CPI presentationDaniel Graversen
 
apidays LIVE New York 2021 - Building Contextualized API Specifications by Bo...
apidays LIVE New York 2021 - Building Contextualized API Specifications by Bo...apidays LIVE New York 2021 - Building Contextualized API Specifications by Bo...
apidays LIVE New York 2021 - Building Contextualized API Specifications by Bo...apidays
 
Fifth elephant 2017 Data Pipeline workshop
Fifth elephant 2017 Data Pipeline workshopFifth elephant 2017 Data Pipeline workshop
Fifth elephant 2017 Data Pipeline workshopKetan Khairnar
 
Audit and syslog lightning talk
Audit and syslog lightning talkAudit and syslog lightning talk
Audit and syslog lightning talkIván Arroyo Escobar
 
We built this city: Behind the scenes of Apigee Edge
We built this city: Behind the scenes of Apigee EdgeWe built this city: Behind the scenes of Apigee Edge
We built this city: Behind the scenes of Apigee EdgeApigee | Google Cloud
 
Missed bin reports | Alex Stone | November 2014
Missed bin reports | Alex Stone | November 2014Missed bin reports | Alex Stone | November 2014
Missed bin reports | Alex Stone | November 2014Department for Communities and Local Government Local Digital Campaign
 
TuleapCon 2017-AIRBUS-Case-Study
TuleapCon 2017-AIRBUS-Case-StudyTuleapCon 2017-AIRBUS-Case-Study
TuleapCon 2017-AIRBUS-Case-StudyTuleap
 
Use the Reporting API to Supercharge Your Data
Use the Reporting API to Supercharge Your DataUse the Reporting API to Supercharge Your Data
Use the Reporting API to Supercharge Your DataSalesforce Developers
 
Cracking web development
Cracking web developmentCracking web development
Cracking web developmentEyal Kenig
 
Webinar: APPSeCONNECT Product Release 2018 - A Sneak Peek at Cloud Integration
Webinar: APPSeCONNECT Product Release 2018 - A Sneak Peek at Cloud IntegrationWebinar: APPSeCONNECT Product Release 2018 - A Sneak Peek at Cloud Integration
Webinar: APPSeCONNECT Product Release 2018 - A Sneak Peek at Cloud IntegrationAPPSeCONNECT
 
An open source, scalable queuing solution on top of apache kafka 2019
An open source, scalable queuing solution on top of apache kafka 2019An open source, scalable queuing solution on top of apache kafka 2019
An open source, scalable queuing solution on top of apache kafka 2019Yaniv Bronhaim
 
Webinar: APPSeCONNECT iPaaS Q3 2020 Release - Major Highlights and Walkthrough
Webinar: APPSeCONNECT iPaaS Q3 2020 Release - Major Highlights and WalkthroughWebinar: APPSeCONNECT iPaaS Q3 2020 Release - Major Highlights and Walkthrough
Webinar: APPSeCONNECT iPaaS Q3 2020 Release - Major Highlights and WalkthroughAPPSeCONNECT
 
Take Your Reports to Any Screen with Telerik Reporting
Take Your Reports to Any Screen with Telerik ReportingTake Your Reports to Any Screen with Telerik Reporting
Take Your Reports to Any Screen with Telerik ReportingLohith Goudagere Nagaraj
 
LeanIX Enterprise Architecture Management - Release Notes 3.3
LeanIX Enterprise Architecture Management - Release Notes 3.3LeanIX Enterprise Architecture Management - Release Notes 3.3
LeanIX Enterprise Architecture Management - Release Notes 3.3LeanIX GmbH
 
Support Office Hour Webinar - LivePerson API
Support Office Hour Webinar - LivePerson API Support Office Hour Webinar - LivePerson API
Support Office Hour Webinar - LivePerson API LivePerson
 
Graphql
GraphqlGraphql
GraphqlArnar Þór Sveinsson
 
Microsoft Flow - MS365DevBootcamp
Microsoft Flow - MS365DevBootcampMicrosoft Flow - MS365DevBootcamp
Microsoft Flow - MS365DevBootcampLucas Chies
 
Serverless Event-Driven Programming: Are We Ready for the Paradigm Shift?
Serverless Event-Driven Programming: Are We Ready for the Paradigm Shift?Serverless Event-Driven Programming: Are We Ready for the Paradigm Shift?
Serverless Event-Driven Programming: Are We Ready for the Paradigm Shift?Ben Kehoe
 
From Copycat Codelets to an AI Market Internet Protocol
From Copycat Codelets to an AI Market Internet ProtocolFrom Copycat Codelets to an AI Market Internet Protocol
From Copycat Codelets to an AI Market Internet ProtocolStefan Ianta
 

Weitere ähnliche Inhalte

Was ist angesagt?

Formal Verification with Ada/SPARK
Formal Verification with Ada/SPARKFormal Verification with Ada/SPARK
Formal Verification with Ada/SPARKTobias Philipp
 
Flink Forward San Francisco 2018: Xingzhong Xu - "Scaling Uber’s Realtime Opt...
Flink Forward San Francisco 2018: Xingzhong Xu - "Scaling Uber’s Realtime Opt...Flink Forward San Francisco 2018: Xingzhong Xu - "Scaling Uber’s Realtime Opt...
Flink Forward San Francisco 2018: Xingzhong Xu - "Scaling Uber’s Realtime Opt...Flink Forward
 
DevOps for SAP CPI presentation
DevOps for SAP CPI presentationDevOps for SAP CPI presentation
DevOps for SAP CPI presentationDaniel Graversen
 
apidays LIVE New York 2021 - Building Contextualized API Specifications by Bo...
apidays LIVE New York 2021 - Building Contextualized API Specifications by Bo...apidays LIVE New York 2021 - Building Contextualized API Specifications by Bo...
apidays LIVE New York 2021 - Building Contextualized API Specifications by Bo...apidays
 
Fifth elephant 2017 Data Pipeline workshop
Fifth elephant 2017 Data Pipeline workshopFifth elephant 2017 Data Pipeline workshop
Fifth elephant 2017 Data Pipeline workshopKetan Khairnar
 
We built this city: Behind the scenes of Apigee Edge
We built this city: Behind the scenes of Apigee EdgeWe built this city: Behind the scenes of Apigee Edge
We built this city: Behind the scenes of Apigee EdgeApigee | Google Cloud
 
TuleapCon 2017-AIRBUS-Case-Study
TuleapCon 2017-AIRBUS-Case-StudyTuleapCon 2017-AIRBUS-Case-Study
TuleapCon 2017-AIRBUS-Case-StudyTuleap
 
Use the Reporting API to Supercharge Your Data
Use the Reporting API to Supercharge Your DataUse the Reporting API to Supercharge Your Data
Use the Reporting API to Supercharge Your DataSalesforce Developers
 
Cracking web development
Cracking web developmentCracking web development
Cracking web developmentEyal Kenig
 
Webinar: APPSeCONNECT Product Release 2018 - A Sneak Peek at Cloud Integration
Webinar: APPSeCONNECT Product Release 2018 - A Sneak Peek at Cloud IntegrationWebinar: APPSeCONNECT Product Release 2018 - A Sneak Peek at Cloud Integration
Webinar: APPSeCONNECT Product Release 2018 - A Sneak Peek at Cloud IntegrationAPPSeCONNECT
 
An open source, scalable queuing solution on top of apache kafka 2019
An open source, scalable queuing solution on top of apache kafka 2019An open source, scalable queuing solution on top of apache kafka 2019
An open source, scalable queuing solution on top of apache kafka 2019Yaniv Bronhaim
 
Webinar: APPSeCONNECT iPaaS Q3 2020 Release - Major Highlights and Walkthrough
Webinar: APPSeCONNECT iPaaS Q3 2020 Release - Major Highlights and WalkthroughWebinar: APPSeCONNECT iPaaS Q3 2020 Release - Major Highlights and Walkthrough
Webinar: APPSeCONNECT iPaaS Q3 2020 Release - Major Highlights and WalkthroughAPPSeCONNECT
 
Take Your Reports to Any Screen with Telerik Reporting
Take Your Reports to Any Screen with Telerik ReportingTake Your Reports to Any Screen with Telerik Reporting
Take Your Reports to Any Screen with Telerik ReportingLohith Goudagere Nagaraj
 
LeanIX Enterprise Architecture Management - Release Notes 3.3
LeanIX Enterprise Architecture Management - Release Notes 3.3LeanIX Enterprise Architecture Management - Release Notes 3.3
LeanIX Enterprise Architecture Management - Release Notes 3.3LeanIX GmbH
 
Support Office Hour Webinar - LivePerson API
Support Office Hour Webinar - LivePerson API Support Office Hour Webinar - LivePerson API
Support Office Hour Webinar - LivePerson API LivePerson
 
Microsoft Flow - MS365DevBootcamp
Microsoft Flow - MS365DevBootcampMicrosoft Flow - MS365DevBootcamp
Microsoft Flow - MS365DevBootcampLucas Chies
 

Was ist angesagt? (20)

Formal Verification with Ada/SPARK
Formal Verification with Ada/SPARKFormal Verification with Ada/SPARK
Formal Verification with Ada/SPARK
 
GraphQL.net
GraphQL.netGraphQL.net
GraphQL.net
 
Flink Forward San Francisco 2018: Xingzhong Xu - "Scaling Uber’s Realtime Opt...
Flink Forward San Francisco 2018: Xingzhong Xu - "Scaling Uber’s Realtime Opt...Flink Forward San Francisco 2018: Xingzhong Xu - "Scaling Uber’s Realtime Opt...
Flink Forward San Francisco 2018: Xingzhong Xu - "Scaling Uber’s Realtime Opt...
 
DevOps for SAP CPI presentation
DevOps for SAP CPI presentationDevOps for SAP CPI presentation
DevOps for SAP CPI presentation
 
apidays LIVE New York 2021 - Building Contextualized API Specifications by Bo...
apidays LIVE New York 2021 - Building Contextualized API Specifications by Bo...apidays LIVE New York 2021 - Building Contextualized API Specifications by Bo...
apidays LIVE New York 2021 - Building Contextualized API Specifications by Bo...
 
Fifth elephant 2017 Data Pipeline workshop
Fifth elephant 2017 Data Pipeline workshopFifth elephant 2017 Data Pipeline workshop
Fifth elephant 2017 Data Pipeline workshop
 
Audit and syslog lightning talk
Audit and syslog lightning talkAudit and syslog lightning talk
Audit and syslog lightning talk
 
We built this city: Behind the scenes of Apigee Edge
We built this city: Behind the scenes of Apigee EdgeWe built this city: Behind the scenes of Apigee Edge
We built this city: Behind the scenes of Apigee Edge
 
Missed bin reports | Alex Stone | November 2014
Missed bin reports | Alex Stone | November 2014Missed bin reports | Alex Stone | November 2014
Missed bin reports | Alex Stone | November 2014
 
TuleapCon 2017-AIRBUS-Case-Study
TuleapCon 2017-AIRBUS-Case-StudyTuleapCon 2017-AIRBUS-Case-Study
TuleapCon 2017-AIRBUS-Case-Study
 
Use the Reporting API to Supercharge Your Data
Use the Reporting API to Supercharge Your DataUse the Reporting API to Supercharge Your Data
Use the Reporting API to Supercharge Your Data
 
Cracking web development
Cracking web developmentCracking web development
Cracking web development
 
Webinar: APPSeCONNECT Product Release 2018 - A Sneak Peek at Cloud Integration
Webinar: APPSeCONNECT Product Release 2018 - A Sneak Peek at Cloud IntegrationWebinar: APPSeCONNECT Product Release 2018 - A Sneak Peek at Cloud Integration
Webinar: APPSeCONNECT Product Release 2018 - A Sneak Peek at Cloud Integration
 
An open source, scalable queuing solution on top of apache kafka 2019
An open source, scalable queuing solution on top of apache kafka 2019An open source, scalable queuing solution on top of apache kafka 2019
An open source, scalable queuing solution on top of apache kafka 2019
 
Webinar: APPSeCONNECT iPaaS Q3 2020 Release - Major Highlights and Walkthrough
Webinar: APPSeCONNECT iPaaS Q3 2020 Release - Major Highlights and WalkthroughWebinar: APPSeCONNECT iPaaS Q3 2020 Release - Major Highlights and Walkthrough
Webinar: APPSeCONNECT iPaaS Q3 2020 Release - Major Highlights and Walkthrough
 
Take Your Reports to Any Screen with Telerik Reporting
Take Your Reports to Any Screen with Telerik ReportingTake Your Reports to Any Screen with Telerik Reporting
Take Your Reports to Any Screen with Telerik Reporting
 
LeanIX Enterprise Architecture Management - Release Notes 3.3
LeanIX Enterprise Architecture Management - Release Notes 3.3LeanIX Enterprise Architecture Management - Release Notes 3.3
LeanIX Enterprise Architecture Management - Release Notes 3.3
 
Support Office Hour Webinar - LivePerson API
Support Office Hour Webinar - LivePerson API Support Office Hour Webinar - LivePerson API
Support Office Hour Webinar - LivePerson API
 
Graphql
GraphqlGraphql
Graphql
 
Microsoft Flow - MS365DevBootcamp
Microsoft Flow - MS365DevBootcampMicrosoft Flow - MS365DevBootcamp
Microsoft Flow - MS365DevBootcamp
 

Ähnlich wie Gaps in the Serverless Mesh: Deployment, Discovery, and Auth

Serverless Event-Driven Programming: Are We Ready for the Paradigm Shift?
Serverless Event-Driven Programming: Are We Ready for the Paradigm Shift?Serverless Event-Driven Programming: Are We Ready for the Paradigm Shift?
Serverless Event-Driven Programming: Are We Ready for the Paradigm Shift?Ben Kehoe
 
From Copycat Codelets to an AI Market Internet Protocol
From Copycat Codelets to an AI Market Internet ProtocolFrom Copycat Codelets to an AI Market Internet Protocol
From Copycat Codelets to an AI Market Internet ProtocolStefan Ianta
 
Growing an API Culture - APIdays LIVE AU 2020
Growing an API Culture - APIdays LIVE AU 2020Growing an API Culture - APIdays LIVE AU 2020
Growing an API Culture - APIdays LIVE AU 2020Saul Caganoff
 
apidays LIVE Paris - Growing an API Culture by Saul Caganoff & Liz Douglass
apidays LIVE Paris - Growing an API Culture by Saul Caganoff & Liz Douglassapidays LIVE Paris - Growing an API Culture by Saul Caganoff & Liz Douglass
apidays LIVE Paris - Growing an API Culture by Saul Caganoff & Liz Douglassapidays
 
apidays LIVE Australia 2020 - Growing an API Culture by Liz Douglass & Saul C...
apidays LIVE Australia 2020 - Growing an API Culture by Liz Douglass & Saul C...apidays LIVE Australia 2020 - Growing an API Culture by Liz Douglass & Saul C...
apidays LIVE Australia 2020 - Growing an API Culture by Liz Douglass & Saul C...apidays
 
Meetic back end redesign - Meetup microservices
Meetic back end redesign - Meetup microservicesMeetic back end redesign - Meetup microservices
Meetic back end redesign - Meetup microservicesinovia
 
Gerrit Analytics applied to Android source code
Gerrit Analytics applied to Android source codeGerrit Analytics applied to Android source code
Gerrit Analytics applied to Android source codeLuca Milanesio
 
Stop Caring About Kubernetes
Stop Caring About KubernetesStop Caring About Kubernetes
Stop Caring About KubernetesDavid Lewis
 
Engage 2020-nerd-for-move-on-from-x pages
Engage 2020-nerd-for-move-on-from-x pagesEngage 2020-nerd-for-move-on-from-x pages
Engage 2020-nerd-for-move-on-from-x pagesHeiko Voigt
 
API Trends & Use Cases
API Trends & Use CasesAPI Trends & Use Cases
API Trends & Use CasesSmartWave
 
Ros: 站在巨人的肩膀上
Ros: 站在巨人的肩膀上Ros: 站在巨人的肩膀上
Ros: 站在巨人的肩膀上建銘 林
 
Refining Your API Design - Architecture and Modeling Learning Event
Refining Your API Design - Architecture and Modeling Learning EventRefining Your API Design - Architecture and Modeling Learning Event
Refining Your API Design - Architecture and Modeling Learning EventLaunchAny
 
Microservices at Scale with Istio
Microservices at Scale with IstioMicroservices at Scale with Istio
Microservices at Scale with IstioJesse Butler
 
EVERYTHING AS CODE: API-GATEWAY, DEVELOPER PORTAL UND GRAPHQL
EVERYTHING AS CODE: API-GATEWAY, DEVELOPER PORTAL UND GRAPHQLEVERYTHING AS CODE: API-GATEWAY, DEVELOPER PORTAL UND GRAPHQL
EVERYTHING AS CODE: API-GATEWAY, DEVELOPER PORTAL UND GRAPHQLjuliebardinjimenez1
 
GOTOpia 2020: "The Past, Present, and Future of Cloud Native API Gateways"
GOTOpia 2020: "The Past, Present, and Future of Cloud Native API Gateways"GOTOpia 2020: "The Past, Present, and Future of Cloud Native API Gateways"
GOTOpia 2020: "The Past, Present, and Future of Cloud Native API Gateways"Daniel Bryant
 
Akachain Hyperledger Fabric best practices
Akachain Hyperledger Fabric best practicesAkachain Hyperledger Fabric best practices
Akachain Hyperledger Fabric best practicesEledra Nguyen
 
Hybrid Cloud Integration - Connecting Taleo Enterprise Edition With E-Busines...
Hybrid Cloud Integration - Connecting Taleo Enterprise Edition With E-Busines...Hybrid Cloud Integration - Connecting Taleo Enterprise Edition With E-Busines...
Hybrid Cloud Integration - Connecting Taleo Enterprise Edition With E-Busines...Kyle Lambert
 
Accessible UX in Government - OZeWAI 2015
Accessible UX in Government - OZeWAI 2015Accessible UX in Government - OZeWAI 2015
Accessible UX in Government - OZeWAI 2015Ross Mullen
 

Ähnlich wie Gaps in the Serverless Mesh: Deployment, Discovery, and Auth (20)

Serverless Event-Driven Programming: Are We Ready for the Paradigm Shift?
Serverless Event-Driven Programming: Are We Ready for the Paradigm Shift?Serverless Event-Driven Programming: Are We Ready for the Paradigm Shift?
Serverless Event-Driven Programming: Are We Ready for the Paradigm Shift?
 
From Copycat Codelets to an AI Market Internet Protocol
From Copycat Codelets to an AI Market Internet ProtocolFrom Copycat Codelets to an AI Market Internet Protocol
From Copycat Codelets to an AI Market Internet Protocol
 
Growing an API Culture - APIdays LIVE AU 2020
Growing an API Culture - APIdays LIVE AU 2020Growing an API Culture - APIdays LIVE AU 2020
Growing an API Culture - APIdays LIVE AU 2020
 
apidays LIVE Paris - Growing an API Culture by Saul Caganoff & Liz Douglass
apidays LIVE Paris - Growing an API Culture by Saul Caganoff & Liz Douglassapidays LIVE Paris - Growing an API Culture by Saul Caganoff & Liz Douglass
apidays LIVE Paris - Growing an API Culture by Saul Caganoff & Liz Douglass
 
apidays LIVE Australia 2020 - Growing an API Culture by Liz Douglass & Saul C...
apidays LIVE Australia 2020 - Growing an API Culture by Liz Douglass & Saul C...apidays LIVE Australia 2020 - Growing an API Culture by Liz Douglass & Saul C...
apidays LIVE Australia 2020 - Growing an API Culture by Liz Douglass & Saul C...
 
Meetic back end redesign - Meetup microservices
Meetic back end redesign - Meetup microservicesMeetic back end redesign - Meetup microservices
Meetic back end redesign - Meetup microservices
 
Gerrit Analytics applied to Android source code
Gerrit Analytics applied to Android source codeGerrit Analytics applied to Android source code
Gerrit Analytics applied to Android source code
 
FinOps introduction
FinOps introductionFinOps introduction
FinOps introduction
 
Stop Caring About Kubernetes
Stop Caring About KubernetesStop Caring About Kubernetes
Stop Caring About Kubernetes
 
Engage 2020-nerd-for-move-on-from-x pages
Engage 2020-nerd-for-move-on-from-x pagesEngage 2020-nerd-for-move-on-from-x pages
Engage 2020-nerd-for-move-on-from-x pages
 
API Trends & Use Cases
API Trends & Use CasesAPI Trends & Use Cases
API Trends & Use Cases
 
Ros: 站在巨人的肩膀上
Ros: 站在巨人的肩膀上Ros: 站在巨人的肩膀上
Ros: 站在巨人的肩膀上
 
Netflix MSA and Pivotal
Netflix MSA and PivotalNetflix MSA and Pivotal
Netflix MSA and Pivotal
 
Refining Your API Design - Architecture and Modeling Learning Event
Refining Your API Design - Architecture and Modeling Learning EventRefining Your API Design - Architecture and Modeling Learning Event
Refining Your API Design - Architecture and Modeling Learning Event
 
Microservices at Scale with Istio
Microservices at Scale with IstioMicroservices at Scale with Istio
Microservices at Scale with Istio
 
EVERYTHING AS CODE: API-GATEWAY, DEVELOPER PORTAL UND GRAPHQL
EVERYTHING AS CODE: API-GATEWAY, DEVELOPER PORTAL UND GRAPHQLEVERYTHING AS CODE: API-GATEWAY, DEVELOPER PORTAL UND GRAPHQL
EVERYTHING AS CODE: API-GATEWAY, DEVELOPER PORTAL UND GRAPHQL
 
GOTOpia 2020: "The Past, Present, and Future of Cloud Native API Gateways"
GOTOpia 2020: "The Past, Present, and Future of Cloud Native API Gateways"GOTOpia 2020: "The Past, Present, and Future of Cloud Native API Gateways"
GOTOpia 2020: "The Past, Present, and Future of Cloud Native API Gateways"
 
Akachain Hyperledger Fabric best practices
Akachain Hyperledger Fabric best practicesAkachain Hyperledger Fabric best practices
Akachain Hyperledger Fabric best practices
 
Hybrid Cloud Integration - Connecting Taleo Enterprise Edition With E-Busines...
Hybrid Cloud Integration - Connecting Taleo Enterprise Edition With E-Busines...Hybrid Cloud Integration - Connecting Taleo Enterprise Edition With E-Busines...
Hybrid Cloud Integration - Connecting Taleo Enterprise Edition With E-Busines...
 
Accessible UX in Government - OZeWAI 2015
Accessible UX in Government - OZeWAI 2015Accessible UX in Government - OZeWAI 2015
Accessible UX in Government - OZeWAI 2015
 

Kürzlich hochgeladen

How To Troubleshoot Collaboration Apps for the Modern Connected Worker
How To Troubleshoot Collaboration Apps for the Modern Connected WorkerHow To Troubleshoot Collaboration Apps for the Modern Connected Worker
How To Troubleshoot Collaboration Apps for the Modern Connected WorkerThousandEyes
 
Optimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTVOptimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTVshikhaohhpro
 
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...MyIntelliSource, Inc.
 
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AI
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AISyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AI
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AIABDERRAOUF MEHENNI
 
The Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdfThe Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdfkalichargn70th171
 
CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️
CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️
CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️anilsa9823
 
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...OnePlan Solutions
 
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...Steffen Staab
 
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️Delhi Call girls
 
Unlocking the Future of AI Agents with Large Language Models
Unlocking the Future of AI Agents with Large Language ModelsUnlocking the Future of AI Agents with Large Language Models
Unlocking the Future of AI Agents with Large Language Modelsaagamshah0812
 
Hand gesture recognition PROJECT PPT.pptx
Hand gesture recognition PROJECT PPT.pptxHand gesture recognition PROJECT PPT.pptx
Hand gesture recognition PROJECT PPT.pptxbodapatigopi8531
 
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdfLearn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdfkalichargn70th171
 
How To Use Server-Side Rendering with Nuxt.js
How To Use Server-Side Rendering with Nuxt.jsHow To Use Server-Side Rendering with Nuxt.js
How To Use Server-Side Rendering with Nuxt.jsAndolasoft Inc
 
Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time ApplicationsUnveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time ApplicationsAlberto González Trastoy
 
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...Health
 
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...ICS
 
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...panagenda
 
Software Quality Assurance Interview Questions
Software Quality Assurance Interview QuestionsSoftware Quality Assurance Interview Questions
Software Quality Assurance Interview QuestionsArshad QA
 

Kürzlich hochgeladen (20)

How To Troubleshoot Collaboration Apps for the Modern Connected Worker
How To Troubleshoot Collaboration Apps for the Modern Connected WorkerHow To Troubleshoot Collaboration Apps for the Modern Connected Worker
How To Troubleshoot Collaboration Apps for the Modern Connected Worker
 
Optimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTVOptimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTV
 
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
 
Microsoft AI Transformation Partner Playbook.pdf
Microsoft AI Transformation Partner Playbook.pdfMicrosoft AI Transformation Partner Playbook.pdf
Microsoft AI Transformation Partner Playbook.pdf
 
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AI
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AISyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AI
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AI
 
The Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdfThe Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdf
 
CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️
CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️
CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️
 
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
 
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
 
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
 
Unlocking the Future of AI Agents with Large Language Models
Unlocking the Future of AI Agents with Large Language ModelsUnlocking the Future of AI Agents with Large Language Models
Unlocking the Future of AI Agents with Large Language Models
 
Hand gesture recognition PROJECT PPT.pptx
Hand gesture recognition PROJECT PPT.pptxHand gesture recognition PROJECT PPT.pptx
Hand gesture recognition PROJECT PPT.pptx
 
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdfLearn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
 
CHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
CHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICECHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
CHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
 
How To Use Server-Side Rendering with Nuxt.js
How To Use Server-Side Rendering with Nuxt.jsHow To Use Server-Side Rendering with Nuxt.js
How To Use Server-Side Rendering with Nuxt.js
 
Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time ApplicationsUnveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
 
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
 
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
 
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
 
Software Quality Assurance Interview Questions
Software Quality Assurance Interview QuestionsSoftware Quality Assurance Interview Questions
Software Quality Assurance Interview Questions
 

Gaps in the Serverless Mesh: Deployment, Discovery, and Auth

  • 1. Gaps in the Serverless Mesh: Deployment, Discovery, and Auth Ben Kehoe Cloud Robotics Research Scientist at iRobot AWS Serverless Hero @ben11kehoe 2018-08-01
  • 2. iRobot 2018 | 2@ben11kehoe Deployment
  • 3. iRobot 2018 | 3@ben11kehoe
  • 4. iRobot 2018 | 4@ben11kehoe Deployment • Red/black imposes requirements on clients • Blue/green is the direction providers are headed • Existing paradigm: • Blue/green controller is part of your component graph • Update component graph in-place • Controller manages roll-out
  • 5. iRobot 2018 | 5@ben11kehoe What does blue/green deployment look like for a component graph? (i.e., a CloudFormation stack)
  • 6. iRobot 2018 | 6@ben11kehoe A B1 A B2
  • 7. iRobot 2018 | 7@ben11kehoe A B1 A B1Definition Reality A B1 B2 A B2 A B1 B2 A B2 “UPDATING” “DONE”
  • 8. iRobot 2018 | 8@ben11kehoe Definition Reality “UPDATING” “DONE”A B1 Ctrl A B2 Ctrl Ctrl A B1 Ctrl A B1 B2 traffic Ctrl A B2
  • 9. iRobot 2018 | 9@ben11kehoe API Function
  • 10. iRobot 2018 | 10@ben11kehoe v1 Function version v2 Function router API
  • 11. iRobot 2018 | 11@ben11kehoe API router v1 Function version v2 Function router API version v1 v2
  • 12. iRobot 2018 | 12@ben11kehoe API router v1 Function version v2 API version v1 v2 Function/code versions must be first-class citizens in infrastructure
  • 13. iRobot 2018 | 13@ben11kehoe API router v1 Function version v2 API version v1 v2 Function placeholder Function router
  • 14. iRobot 2018 | 14@ben11kehoe C1 A B C2 A BC1 C2 A B
  • 15. iRobot 2018 | 15@ben11kehoe D E1 A D E2 A D E1 A E2 ???
  • 16. iRobot 2018 | 16@ben11kehoe D E1 A D E2 A D E1 A E2 A
  • 17. iRobot 2018 | 17@ben11kehoe Function Role Policy
  • 18. iRobot 2018 | 18@ben11kehoe v1 v1 Function Role Policy v2 v2 Continuity of role may be necessary v1 allow v1 deny both allow both deny v2 allow v2 deny both allow both deny ? ? ?
  • 19. iRobot 2018 | 19@ben11kehoe v1 v1 Function Role Policy v1 v2 v2 v2 v1 allow v1 deny both allow both deny v2 allow v2 deny both allow both deny v1 allow v2 allow both allow both deny
  • 20. iRobot 2018 | 20@ben11kehoe Source Deployed Tool Blue Blue Green Cyan Green
  • 21. iRobot 2018 | 21@ben11kehoe Authentication and Authorization
  • 22. iRobot 2018 | 22@ben11kehoe Policy Resource
  • 23. iRobot 2018 | 23@ben11kehoe Policy Resource Problems: • Cross-account • # of policies attached
  • 24. iRobot 2018 | 24@ben11kehoe Policy Resource Problems: • # of callers • Deployment to add permission
  • 25. iRobot 2018 | 25@ben11kehoe Policy Resource Problems: • Coarse, or • 1-1 service-group Group/OU
  • 26. iRobot 2018 | 26@ben11kehoe Policy Resource Problems: • Push the problem to AssumeRole permissions Role
  • 27. iRobot 2018 | 27@ben11kehoe What do I really want? • Caller defines desired permissions • Service could provide standard polices • Checked against org rules • Attached to caller • Assuming x-acct and # policies issues don’t matter
  • 28. iRobot 2018 | 28@ben11kehoe Auto-generated policies • Deriving policies from code is not a good idea • Permissions should help stop malicious code • But you’d derive malicious permissions from malicious code • Need explicit declarations • Then check against code for mismatch (in either direction)
  • 29. iRobot 2018 | 29@ben11kehoe Discovery
  • 30. iRobot 2018 | 30@ben11kehoe Containers have it easy A Mesh proxy B Mesh proxy Gossip
  • 31. iRobot 2018 | 31@ben11kehoe Functions miss out Time Invocation Sync state Invocation Sync state #FOMO
  • 32. iRobot 2018 | 32@ben11kehoe Config aaS • Requirements • Availability over consistency • Public/private • Cross-account • Consequence: long-lived resources → blue/green • AWS SSM Parameter Store
  • 33. iRobot 2018 | 33@ben11kehoe Parameter Store for discovery • Each microservice has a space in the parameter hierarchy • Discoverable parameters are tagged as public • Public parameters are sync’d across all accounts (via a central account) • Sync is organizational infrastructure • Each microservice only needs to look at the account-local Parameter Store for discovery
  • 34. iRobot 2018 | 34@ben11kehoe Details on cross-account Parameter Store sync • Set up as infrastructure; clients of Parameter Store don’t need to care where parameters are coming from • Each account: • Pushes to a central account’s Parameter Store • Subscribes to SNS topic of central store updates • Periodically queries central store

Hinweis der Redaktion

  1. Red-black entire system Ok, since you never pay for idle Scalable in number of services, but not cadence Two entire systems: how do you switch clients over?
  2. Policies could be on versions