SlideShare ist ein Scribd-Unternehmen logo

Open-source Infrastructure at Lyft: Confidant, Discovery, Ratelimit, Envoy

D
Daniel Hochman

Lyft open sources several infrastructure projects including Confidant for securely storing secrets, Discovery for service registration and lookup, Ratelimit for rate limiting requests, and Envoy as an edge and internal proxy. Envoy handles all service to service communication at Lyft and provides observability, load balancing, and integration with other services. These projects help Lyft build and operate a microservices architecture at large scale.

Ingenieurwesen
1 von 31
Downloaden Sie, um offline zu lesen
Open-source Infrastructure at Lyft Constance Caramanolis Daniel Hochman July 2017
Overview of Lyft Architecture Open-source Infrastructure Projects - Confidant - Discovery - Ratelimit - Envoy Q&A Agenda
Architecture (simplified) Front Envoy Application Envoy DiscoveryConfidant >100 Clusters Ratelimit
Python lyft / confidant Your secret keeper. Stores secrets in Dynamo, encrypted at rest. 1,105 12 contributors November 2015
How is a service configured? lyft / location-service Private common: PORT: 8080 TIMEOUT_MS: 15000 development: USE_AUTH: False staging: API_KEY: secret_key_igjq3i494fqq234qbc production: API_KEY: secret_key_ojajf823jj49ij8h environment.yaml
Service location-service Confidant to the rescue! Credential api_key: password123
Behind the scenes Application IAM Role EC2 Instance Credential api_key: password123 api_key = os.getenv('CREDENTIAL_API_KEY') KMS DynamoDB Confidant
Server-blind secrets Highly sensitive secrets are encrypted and decrypted by the end-users. Confidant stores but can't read them. Confidant KMS IAM Role EC2 Instance
lyft / discovery Provides a REST interface for querying for the list of hosts that belong to a microservices 54 6 contributors Python August 2016
POST /v1/registration/location-service { "ip": "10.0.0.1", "port": 80, "revision": "da08f35b", "tags": { "id": "i-910203", "az": "us-east-1a", "canary": true } } Tracking hosts * * * * *
- Hosts are stored in DynamoDB - Storage support is abstract - Hosts removed if not reporting since now - HOST_TTL - Ecosystem designed to tolerate eventual consistency unlike Zookeeper, etcd, Consul - Pair with active healthchecks Storage DynamoDB
GET /v1/registration/<service> { "hosts": [ { "ip": "10.0.0.1", "port": 80, "revision": "da08f35b", "tags": {"id": "i-910203", "az": "us-east-1a", "canary": true} }, ... { "ip": "10.0.0.2", "port": 80, "revision": "da08f35b", "tags": {"id": "i-121286", "az": "us-east-1d"} } ] } Fetching hosts
Services list the hosts they want to talk to! internal_hosts: - jobscheduler - roads external_hosts: - dynamodb_iad - kinesis_iad Envoy per-service configuration location-service/envoy.yaml /etc/envoy.conf (on the box)
Active Healthcheck Application Envoy Discovery jobscheduler roads GET /healthcheck Application Envoy GET GET Every host healthchecks every host in a destination cluster location-service
lyft / ratelimit Go/gRPC service designed to enable generic rate limit scenarios 224 6 contributors Go January 2017
Why rate limit? - Control flow - Protect against attacks - Bad actors - Accidents happen oops!
Rate Limit Service - Written in Go - Enable generic rate limit scenarios - Decisions based on a domain and set of descriptors - Settings configured at runtime - Backed by Redis Ratelimit ? INCR
Domains and descriptors Domain Defines a container for a set of rate limits Globally unique e.g. "envoy_front" Descriptors Ordered list of key/value pairs Case sensitive e.g. ("destination_cluster", "location-service"), ("user_id", "1234")
Limit definition Runtime Setting Defines the request per unit for a descriptor.
Request flow example Rq1: (“user_id”, “1234”) Redis state: user_id_1234 : 1 Rs1: RateLimitResponse_OK Rq2: (“user_id”, “9876”) Redis state: user_id_1234: 1, user_id_9876 : 1 Rs2: RateLimitResponse_OK Rq3: (“user_id”, “1234) Redis state: user_id_1234: 2, user_id_9876 : 1 Rs3: RateLimitResponse_OVER_LIMIT Definition domain: test_domain key: user_id rate_limit: unit: hour requests_per_unit: 1
Ratelimit Client from lyft_idl.client.ratelimit.ratelimit_client import RateLimitClient ratelimit_client = RateLimitClient(settings.LYFT_API_USER_AGENT) # Determines whether or not to limit jsonp_messages_post according to ratelimit service. def should_allow_jsonp_messages_post(ip_address, phone_number): domain = settings.get('RATE_LIMIT_DOMAIN') ip_descriptors = [(('jsonp_messages_post_from_ip_address', ip_address), )] phone_descriptors = [(('jsonp_messages_post_from_phone_number', phone_number), )] return ( ratelimit_client.is_request_allowed(domain, ip_descriptors) and ratelimit_client.is_request_allowed(domain, phone_descriptors) )
lyft / envoy Front/service L7 proxy 1,924 62 contributors C++ September 2016
Why Envoy? Service Oriented Architecture - Many languages and frameworks - Protocols (HTTP/1, HTTP/2, databases, caching, etc…) - Partial implementation of SoA best practices (retries, timeouts, …) - Observability - Load balancers (AWS, F5)
What is Envoy? The network should be transparent to applications. When network and application problems do occur it should be easy to determine the source of the problem.
What is Envoy? - Modern C++11 - Runs alongside applications - Service discovery integration - Rate Limit integration - HTTP2 first (get gRPC!) - Act as front/edge proxy - Stats, Stats, Stats - Logging
Observability: Global Health
Observability: Service to Service
Envoy Client in Python (internal) from lyft.api_client import EnvoyClient switchboard_client = EnvoyClient( service='switchboard' ) switchboard_client.post( "/v2/messages", data={ 'template': 'welcome' }, headers={ 'x-lyft-user-id': 12345647363394 } )
Envoy deployment @Lyft - > 100 services - > 10,000 hosts - > 2,000,000 RPS - All service to service traffic (REST and gRPC) - MongoDB, DynamoDB, Redis proxy - External service proxy (AWS and other partners) - Kibana/Elastic Search for logging. - LightStep for tracing - Wavefront for stats
Architecture Revisited Front Envoy Application Envoy DiscoveryConfidant >100 Clusters Ratelimit
Done! - Lyft is hiring. If you want to work on large-scale problems in a fast-moving, high-growth company visit lyft.com/jobs - Visit github.com/lyft - Slides available at slideshare.net/danielhochman - Q&A

Empfohlen

RedisConf18 - 2,000 Instances and Beyond
RedisConf18 - 2,000 Instances and BeyondRedisConf18 - 2,000 Instances and Beyond
RedisConf18 - 2,000 Instances and BeyondRedis Labs
 
Instrumenting and Scaling Databases with Envoy
Instrumenting and Scaling Databases with EnvoyInstrumenting and Scaling Databases with Envoy
Instrumenting and Scaling Databases with EnvoyDaniel Hochman
 
Geospatial Indexing at Scale: The 15 Million QPS Redis Architecture Powering ...
Geospatial Indexing at Scale: The 15 Million QPS Redis Architecture Powering ...Geospatial Indexing at Scale: The 15 Million QPS Redis Architecture Powering ...
Geospatial Indexing at Scale: The 15 Million QPS Redis Architecture Powering ...Daniel Hochman
 
RedisConf17 - Geofencing using Redis Geospatial Queries
RedisConf17 - Geofencing using Redis Geospatial QueriesRedisConf17 - Geofencing using Redis Geospatial Queries
RedisConf17 - Geofencing using Redis Geospatial QueriesRedis Labs
 
Data Streaming Ecosystem Management at Booking.com
Data Streaming Ecosystem Management at Booking.com Data Streaming Ecosystem Management at Booking.com
Data Streaming Ecosystem Management at Booking.com confluent
 
Tailoring Redis Modules For Your Users’ Needs
Tailoring Redis Modules For Your Users’ NeedsTailoring Redis Modules For Your Users’ Needs
Tailoring Redis Modules For Your Users’ NeedsRedis Labs
 
RedisConf17 - Lyft - Geospatial at Scale - Daniel Hochman
RedisConf17 - Lyft - Geospatial at Scale - Daniel HochmanRedisConf17 - Lyft - Geospatial at Scale - Daniel Hochman
RedisConf17 - Lyft - Geospatial at Scale - Daniel HochmanRedis Labs
 
Redis Streams
Redis Streams Redis Streams
Redis Streams Redis Labs
 

Empfohlen

RedisConf18 - 2,000 Instances and Beyond
RedisConf18 - 2,000 Instances and BeyondRedisConf18 - 2,000 Instances and Beyond
RedisConf18 - 2,000 Instances and BeyondRedis Labs
 
Instrumenting and Scaling Databases with Envoy
Instrumenting and Scaling Databases with EnvoyInstrumenting and Scaling Databases with Envoy
Instrumenting and Scaling Databases with EnvoyDaniel Hochman
 
Geospatial Indexing at Scale: The 15 Million QPS Redis Architecture Powering ...
Geospatial Indexing at Scale: The 15 Million QPS Redis Architecture Powering ...Geospatial Indexing at Scale: The 15 Million QPS Redis Architecture Powering ...
Geospatial Indexing at Scale: The 15 Million QPS Redis Architecture Powering ...Daniel Hochman
 
RedisConf17 - Geofencing using Redis Geospatial Queries
RedisConf17 - Geofencing using Redis Geospatial QueriesRedisConf17 - Geofencing using Redis Geospatial Queries
RedisConf17 - Geofencing using Redis Geospatial QueriesRedis Labs
 
Data Streaming Ecosystem Management at Booking.com
Data Streaming Ecosystem Management at Booking.com Data Streaming Ecosystem Management at Booking.com
Data Streaming Ecosystem Management at Booking.com confluent
 
Tailoring Redis Modules For Your Users’ Needs
Tailoring Redis Modules For Your Users’ NeedsTailoring Redis Modules For Your Users’ Needs
Tailoring Redis Modules For Your Users’ NeedsRedis Labs
 
RedisConf17 - Lyft - Geospatial at Scale - Daniel Hochman
RedisConf17 - Lyft - Geospatial at Scale - Daniel HochmanRedisConf17 - Lyft - Geospatial at Scale - Daniel Hochman
RedisConf17 - Lyft - Geospatial at Scale - Daniel HochmanRedis Labs
 
Redis Streams
Redis Streams Redis Streams
Redis Streams Redis Labs
 
RedisConf17 - Operationalizing Redis at Scale
RedisConf17 - Operationalizing Redis at ScaleRedisConf17 - Operationalizing Redis at Scale
RedisConf17 - Operationalizing Redis at ScaleRedis Labs
 
HBaseCon2017 Data Product at AirBnB
HBaseCon2017 Data Product at AirBnBHBaseCon2017 Data Product at AirBnB
HBaseCon2017 Data Product at AirBnBHBaseCon
 
Serverless ETL and Optimization on ML pipeline
Serverless ETL and Optimization on ML pipelineServerless ETL and Optimization on ML pipeline
Serverless ETL and Optimization on ML pipelineShu-Jeng Hsieh
 
A New Chapter of Data Processing with CDK
A New Chapter of Data Processing with CDKA New Chapter of Data Processing with CDK
A New Chapter of Data Processing with CDKShu-Jeng Hsieh
 
RedisConf17 - Turbo-charge your apps with Amazon Elasticache for Redis
RedisConf17 - Turbo-charge your apps with Amazon Elasticache for RedisRedisConf17 - Turbo-charge your apps with Amazon Elasticache for Redis
RedisConf17 - Turbo-charge your apps with Amazon Elasticache for RedisRedis Labs
 
Druid realtime indexing
Druid realtime indexingDruid realtime indexing
Druid realtime indexingSeoeun Park
 
FlinkDTW: Time-series Pattern Search at Scale Using Dynamic Time Warping - Ch...
FlinkDTW: Time-series Pattern Search at Scale Using Dynamic Time Warping - Ch...FlinkDTW: Time-series Pattern Search at Scale Using Dynamic Time Warping - Ch...
FlinkDTW: Time-series Pattern Search at Scale Using Dynamic Time Warping - Ch...Flink Forward
 
Scaling Redis To 1M Ops/Sec: Jane Paek
Scaling Redis To 1M Ops/Sec: Jane PaekScaling Redis To 1M Ops/Sec: Jane Paek
Scaling Redis To 1M Ops/Sec: Jane PaekRedis Labs
 
Spark Summit EU talk by Sebastian Schroeder and Ralf Sigmund
Spark Summit EU talk by Sebastian Schroeder and Ralf SigmundSpark Summit EU talk by Sebastian Schroeder and Ralf Sigmund
Spark Summit EU talk by Sebastian Schroeder and Ralf SigmundSpark Summit
 
RedisConf17 - Redis Enterprise: Continuous Availability, Unlimited Scaling, S...
RedisConf17 - Redis Enterprise: Continuous Availability, Unlimited Scaling, S...RedisConf17 - Redis Enterprise: Continuous Availability, Unlimited Scaling, S...
RedisConf17 - Redis Enterprise: Continuous Availability, Unlimited Scaling, S...Redis Labs
 
Tales from Taming the Long Tail
Tales from Taming the Long TailTales from Taming the Long Tail
Tales from Taming the Long TailHBaseCon
 
How cdk and projen benefit to A team
How cdk and projen benefit to A teamHow cdk and projen benefit to A team
How cdk and projen benefit to A teamShu-Jeng Hsieh
 
A Fast Intro to Fast Query with ClickHouse, by Robert Hodges
A Fast Intro to Fast Query with ClickHouse, by Robert HodgesA Fast Intro to Fast Query with ClickHouse, by Robert Hodges
A Fast Intro to Fast Query with ClickHouse, by Robert HodgesAltinity Ltd
 
Building large-scale analytics platform with Storm, Kafka and Cassandra - NYC...
Building large-scale analytics platform with Storm, Kafka and Cassandra - NYC...Building large-scale analytics platform with Storm, Kafka and Cassandra - NYC...
Building large-scale analytics platform with Storm, Kafka and Cassandra - NYC...Alexey Kharlamov
 
Counters At Scale - A Cautionary Tale
Counters At Scale - A Cautionary TaleCounters At Scale - A Cautionary Tale
Counters At Scale - A Cautionary TaleEric Lubow
 
Microservices @ Work - A Practice Report of Developing Microservices
Microservices @ Work - A Practice Report of Developing MicroservicesMicroservices @ Work - A Practice Report of Developing Microservices
Microservices @ Work - A Practice Report of Developing MicroservicesQAware GmbH
 
Azure Functions - Get rid of your servers, use functions!
Azure Functions - Get rid of your servers, use functions!Azure Functions - Get rid of your servers, use functions!
Azure Functions - Get rid of your servers, use functions!QAware GmbH
 
Taking Your Database Beyond the Border of a Single Kubernetes Cluster
Taking Your Database Beyond the Border of a Single Kubernetes ClusterTaking Your Database Beyond the Border of a Single Kubernetes Cluster
Taking Your Database Beyond the Border of a Single Kubernetes ClusterChristopher Bradford
 
Envoy @ Lyft: Developer Productivity
Envoy @ Lyft: Developer ProductivityEnvoy @ Lyft: Developer Productivity
Envoy @ Lyft: Developer ProductivityJose Ulises Nino Rivera
 
Optimizing InfluxDB Performance in the Real World by Dean Sheehan, Senior Dir...
Optimizing InfluxDB Performance in the Real World by Dean Sheehan, Senior Dir...Optimizing InfluxDB Performance in the Real World by Dean Sheehan, Senior Dir...
Optimizing InfluxDB Performance in the Real World by Dean Sheehan, Senior Dir...InfluxData
 
Building Real-Time Applications with Android and WebSockets
Building Real-Time Applications with Android and WebSocketsBuilding Real-Time Applications with Android and WebSockets
Building Real-Time Applications with Android and WebSocketsSergi Almar i Graupera
 
Taxi Startup Presentation for Taxi Company
Taxi Startup Presentation for Taxi CompanyTaxi Startup Presentation for Taxi Company
Taxi Startup Presentation for Taxi CompanyEugene Suslo
 

Weitere ähnliche Inhalte

Was ist angesagt?

RedisConf17 - Operationalizing Redis at Scale
RedisConf17 - Operationalizing Redis at ScaleRedisConf17 - Operationalizing Redis at Scale
RedisConf17 - Operationalizing Redis at ScaleRedis Labs
 
HBaseCon2017 Data Product at AirBnB
HBaseCon2017 Data Product at AirBnBHBaseCon2017 Data Product at AirBnB
HBaseCon2017 Data Product at AirBnBHBaseCon
 
Serverless ETL and Optimization on ML pipeline
Serverless ETL and Optimization on ML pipelineServerless ETL and Optimization on ML pipeline
Serverless ETL and Optimization on ML pipelineShu-Jeng Hsieh
 
A New Chapter of Data Processing with CDK
A New Chapter of Data Processing with CDKA New Chapter of Data Processing with CDK
A New Chapter of Data Processing with CDKShu-Jeng Hsieh
 
RedisConf17 - Turbo-charge your apps with Amazon Elasticache for Redis
RedisConf17 - Turbo-charge your apps with Amazon Elasticache for RedisRedisConf17 - Turbo-charge your apps with Amazon Elasticache for Redis
RedisConf17 - Turbo-charge your apps with Amazon Elasticache for RedisRedis Labs
 
Druid realtime indexing
Druid realtime indexingDruid realtime indexing
Druid realtime indexingSeoeun Park
 
FlinkDTW: Time-series Pattern Search at Scale Using Dynamic Time Warping - Ch...
FlinkDTW: Time-series Pattern Search at Scale Using Dynamic Time Warping - Ch...FlinkDTW: Time-series Pattern Search at Scale Using Dynamic Time Warping - Ch...
FlinkDTW: Time-series Pattern Search at Scale Using Dynamic Time Warping - Ch...Flink Forward
 
Scaling Redis To 1M Ops/Sec: Jane Paek
Scaling Redis To 1M Ops/Sec: Jane PaekScaling Redis To 1M Ops/Sec: Jane Paek
Scaling Redis To 1M Ops/Sec: Jane PaekRedis Labs
 
Spark Summit EU talk by Sebastian Schroeder and Ralf Sigmund
Spark Summit EU talk by Sebastian Schroeder and Ralf SigmundSpark Summit EU talk by Sebastian Schroeder and Ralf Sigmund
Spark Summit EU talk by Sebastian Schroeder and Ralf SigmundSpark Summit
 
RedisConf17 - Redis Enterprise: Continuous Availability, Unlimited Scaling, S...
RedisConf17 - Redis Enterprise: Continuous Availability, Unlimited Scaling, S...RedisConf17 - Redis Enterprise: Continuous Availability, Unlimited Scaling, S...
RedisConf17 - Redis Enterprise: Continuous Availability, Unlimited Scaling, S...Redis Labs
 
Tales from Taming the Long Tail
Tales from Taming the Long TailTales from Taming the Long Tail
Tales from Taming the Long TailHBaseCon
 
How cdk and projen benefit to A team
How cdk and projen benefit to A teamHow cdk and projen benefit to A team
How cdk and projen benefit to A teamShu-Jeng Hsieh
 
A Fast Intro to Fast Query with ClickHouse, by Robert Hodges
A Fast Intro to Fast Query with ClickHouse, by Robert HodgesA Fast Intro to Fast Query with ClickHouse, by Robert Hodges
A Fast Intro to Fast Query with ClickHouse, by Robert HodgesAltinity Ltd
 
Building large-scale analytics platform with Storm, Kafka and Cassandra - NYC...
Building large-scale analytics platform with Storm, Kafka and Cassandra - NYC...Building large-scale analytics platform with Storm, Kafka and Cassandra - NYC...
Building large-scale analytics platform with Storm, Kafka and Cassandra - NYC...Alexey Kharlamov
 
Counters At Scale - A Cautionary Tale
Counters At Scale - A Cautionary TaleCounters At Scale - A Cautionary Tale
Counters At Scale - A Cautionary TaleEric Lubow
 
Microservices @ Work - A Practice Report of Developing Microservices
Microservices @ Work - A Practice Report of Developing MicroservicesMicroservices @ Work - A Practice Report of Developing Microservices
Microservices @ Work - A Practice Report of Developing MicroservicesQAware GmbH
 
Azure Functions - Get rid of your servers, use functions!
Azure Functions - Get rid of your servers, use functions!Azure Functions - Get rid of your servers, use functions!
Azure Functions - Get rid of your servers, use functions!QAware GmbH
 
Taking Your Database Beyond the Border of a Single Kubernetes Cluster
Taking Your Database Beyond the Border of a Single Kubernetes ClusterTaking Your Database Beyond the Border of a Single Kubernetes Cluster
Taking Your Database Beyond the Border of a Single Kubernetes ClusterChristopher Bradford
 
Optimizing InfluxDB Performance in the Real World by Dean Sheehan, Senior Dir...
Optimizing InfluxDB Performance in the Real World by Dean Sheehan, Senior Dir...Optimizing InfluxDB Performance in the Real World by Dean Sheehan, Senior Dir...
Optimizing InfluxDB Performance in the Real World by Dean Sheehan, Senior Dir...InfluxData
 

Was ist angesagt? (20)

RedisConf17 - Operationalizing Redis at Scale
RedisConf17 - Operationalizing Redis at ScaleRedisConf17 - Operationalizing Redis at Scale
RedisConf17 - Operationalizing Redis at Scale
 
HBaseCon2017 Data Product at AirBnB
HBaseCon2017 Data Product at AirBnBHBaseCon2017 Data Product at AirBnB
HBaseCon2017 Data Product at AirBnB
 
Serverless ETL and Optimization on ML pipeline
Serverless ETL and Optimization on ML pipelineServerless ETL and Optimization on ML pipeline
Serverless ETL and Optimization on ML pipeline
 
A New Chapter of Data Processing with CDK
A New Chapter of Data Processing with CDKA New Chapter of Data Processing with CDK
A New Chapter of Data Processing with CDK
 
RedisConf17 - Turbo-charge your apps with Amazon Elasticache for Redis
RedisConf17 - Turbo-charge your apps with Amazon Elasticache for RedisRedisConf17 - Turbo-charge your apps with Amazon Elasticache for Redis
RedisConf17 - Turbo-charge your apps with Amazon Elasticache for Redis
 
Druid realtime indexing
Druid realtime indexingDruid realtime indexing
Druid realtime indexing
 
FlinkDTW: Time-series Pattern Search at Scale Using Dynamic Time Warping - Ch...
FlinkDTW: Time-series Pattern Search at Scale Using Dynamic Time Warping - Ch...FlinkDTW: Time-series Pattern Search at Scale Using Dynamic Time Warping - Ch...
FlinkDTW: Time-series Pattern Search at Scale Using Dynamic Time Warping - Ch...
 
Scaling Redis To 1M Ops/Sec: Jane Paek
Scaling Redis To 1M Ops/Sec: Jane PaekScaling Redis To 1M Ops/Sec: Jane Paek
Scaling Redis To 1M Ops/Sec: Jane Paek
 
Spark Summit EU talk by Sebastian Schroeder and Ralf Sigmund
Spark Summit EU talk by Sebastian Schroeder and Ralf SigmundSpark Summit EU talk by Sebastian Schroeder and Ralf Sigmund
Spark Summit EU talk by Sebastian Schroeder and Ralf Sigmund
 
RedisConf17 - Redis Enterprise: Continuous Availability, Unlimited Scaling, S...
RedisConf17 - Redis Enterprise: Continuous Availability, Unlimited Scaling, S...RedisConf17 - Redis Enterprise: Continuous Availability, Unlimited Scaling, S...
RedisConf17 - Redis Enterprise: Continuous Availability, Unlimited Scaling, S...
 
Tales from Taming the Long Tail
Tales from Taming the Long TailTales from Taming the Long Tail
Tales from Taming the Long Tail
 
How cdk and projen benefit to A team
How cdk and projen benefit to A teamHow cdk and projen benefit to A team
How cdk and projen benefit to A team
 
A Fast Intro to Fast Query with ClickHouse, by Robert Hodges
A Fast Intro to Fast Query with ClickHouse, by Robert HodgesA Fast Intro to Fast Query with ClickHouse, by Robert Hodges
A Fast Intro to Fast Query with ClickHouse, by Robert Hodges
 
Building large-scale analytics platform with Storm, Kafka and Cassandra - NYC...
Building large-scale analytics platform with Storm, Kafka and Cassandra - NYC...Building large-scale analytics platform with Storm, Kafka and Cassandra - NYC...
Building large-scale analytics platform with Storm, Kafka and Cassandra - NYC...
 
Counters At Scale - A Cautionary Tale
Counters At Scale - A Cautionary TaleCounters At Scale - A Cautionary Tale
Counters At Scale - A Cautionary Tale
 
Microservices @ Work - A Practice Report of Developing Microservices
Microservices @ Work - A Practice Report of Developing MicroservicesMicroservices @ Work - A Practice Report of Developing Microservices
Microservices @ Work - A Practice Report of Developing Microservices
 
Azure Functions - Get rid of your servers, use functions!
Azure Functions - Get rid of your servers, use functions!Azure Functions - Get rid of your servers, use functions!
Azure Functions - Get rid of your servers, use functions!
 
Taking Your Database Beyond the Border of a Single Kubernetes Cluster
Taking Your Database Beyond the Border of a Single Kubernetes ClusterTaking Your Database Beyond the Border of a Single Kubernetes Cluster
Taking Your Database Beyond the Border of a Single Kubernetes Cluster
 
Envoy @ Lyft: Developer Productivity
Envoy @ Lyft: Developer ProductivityEnvoy @ Lyft: Developer Productivity
Envoy @ Lyft: Developer Productivity
 
Optimizing InfluxDB Performance in the Real World by Dean Sheehan, Senior Dir...
Optimizing InfluxDB Performance in the Real World by Dean Sheehan, Senior Dir...Optimizing InfluxDB Performance in the Real World by Dean Sheehan, Senior Dir...
Optimizing InfluxDB Performance in the Real World by Dean Sheehan, Senior Dir...
 

Andere mochten auch

Building Real-Time Applications with Android and WebSockets
Building Real-Time Applications with Android and WebSocketsBuilding Real-Time Applications with Android and WebSockets
Building Real-Time Applications with Android and WebSocketsSergi Almar i Graupera
 
Taxi Startup Presentation for Taxi Company
Taxi Startup Presentation for Taxi CompanyTaxi Startup Presentation for Taxi Company
Taxi Startup Presentation for Taxi CompanyEugene Suslo
 
Just Add Reality: Managing Logistics with the Uber Developer Platform
Just Add Reality: Managing Logistics with the Uber Developer PlatformJust Add Reality: Managing Logistics with the Uber Developer Platform
Just Add Reality: Managing Logistics with the Uber Developer PlatformApigee | Google Cloud
 
"Building Data Foundations and Analytics Tools Across The Product" by Crystal...
"Building Data Foundations and Analytics Tools Across The Product" by Crystal..."Building Data Foundations and Analytics Tools Across The Product" by Crystal...
"Building Data Foundations and Analytics Tools Across The Product" by Crystal...Tech in Asia ID
 
Uber's new mobile architecture
Uber's new mobile architectureUber's new mobile architecture
Uber's new mobile architectureDhaval Patel
 
Kafka + Uber- The World’s Realtime Transit Infrastructure, Aaron Schildkrout
Kafka + Uber- The World’s Realtime Transit Infrastructure, Aaron SchildkroutKafka + Uber- The World’s Realtime Transit Infrastructure, Aaron Schildkrout
Kafka + Uber- The World’s Realtime Transit Infrastructure, Aaron Schildkroutconfluent
 
Cassandra on Mesos Across Multiple Datacenters at Uber (Abhishek Verma) | C* ...
Cassandra on Mesos Across Multiple Datacenters at Uber (Abhishek Verma) | C* ...Cassandra on Mesos Across Multiple Datacenters at Uber (Abhishek Verma) | C* ...
Cassandra on Mesos Across Multiple Datacenters at Uber (Abhishek Verma) | C* ...DataStax
 

Andere mochten auch (8)

Building Real-Time Applications with Android and WebSockets
Building Real-Time Applications with Android and WebSocketsBuilding Real-Time Applications with Android and WebSockets
Building Real-Time Applications with Android and WebSockets
 
Taxi Startup Presentation for Taxi Company
Taxi Startup Presentation for Taxi CompanyTaxi Startup Presentation for Taxi Company
Taxi Startup Presentation for Taxi Company
 
Just Add Reality: Managing Logistics with the Uber Developer Platform
Just Add Reality: Managing Logistics with the Uber Developer PlatformJust Add Reality: Managing Logistics with the Uber Developer Platform
Just Add Reality: Managing Logistics with the Uber Developer Platform
 
"Building Data Foundations and Analytics Tools Across The Product" by Crystal...
"Building Data Foundations and Analytics Tools Across The Product" by Crystal..."Building Data Foundations and Analytics Tools Across The Product" by Crystal...
"Building Data Foundations and Analytics Tools Across The Product" by Crystal...
 
Uber's new mobile architecture
Uber's new mobile architectureUber's new mobile architecture
Uber's new mobile architecture
 
Kafka + Uber- The World’s Realtime Transit Infrastructure, Aaron Schildkrout
Kafka + Uber- The World’s Realtime Transit Infrastructure, Aaron SchildkroutKafka + Uber- The World’s Realtime Transit Infrastructure, Aaron Schildkrout
Kafka + Uber- The World’s Realtime Transit Infrastructure, Aaron Schildkrout
 
31 - IDNOG03 - Bergas Bimo Branarto (GOJEK) - Scaling Gojek
31 - IDNOG03 - Bergas Bimo Branarto (GOJEK) - Scaling Gojek31 - IDNOG03 - Bergas Bimo Branarto (GOJEK) - Scaling Gojek
31 - IDNOG03 - Bergas Bimo Branarto (GOJEK) - Scaling Gojek
 
Cassandra on Mesos Across Multiple Datacenters at Uber (Abhishek Verma) | C* ...
Cassandra on Mesos Across Multiple Datacenters at Uber (Abhishek Verma) | C* ...Cassandra on Mesos Across Multiple Datacenters at Uber (Abhishek Verma) | C* ...
Cassandra on Mesos Across Multiple Datacenters at Uber (Abhishek Verma) | C* ...
 

Ähnlich wie Open-source Infrastructure at Lyft: Confidant, Discovery, Ratelimit, Envoy

DEF CON 23 - Sean - metcalf - red vs blue ad attack and defense
DEF CON 23 - Sean - metcalf - red vs blue ad attack and defenseDEF CON 23 - Sean - metcalf - red vs blue ad attack and defense
DEF CON 23 - Sean - metcalf - red vs blue ad attack and defenseFelipe Prado
 
Horizontal Scaling for Millions of Customers!
Horizontal Scaling for Millions of Customers! Horizontal Scaling for Millions of Customers!
Horizontal Scaling for Millions of Customers! elangovans
 
Deconstructing SaaS: Deep Dive into Building Multi-Tenant Solutions on AWS (A...
Deconstructing SaaS: Deep Dive into Building Multi-Tenant Solutions on AWS (A...Deconstructing SaaS: Deep Dive into Building Multi-Tenant Solutions on AWS (A...
Deconstructing SaaS: Deep Dive into Building Multi-Tenant Solutions on AWS (A...Amazon Web Services
 
Advanced RingCentral API Use Cases
Advanced RingCentral API Use CasesAdvanced RingCentral API Use Cases
Advanced RingCentral API Use CasesByrne Reese
 
R2D2 slides from Velocity Conference London 2013
R2D2 slides from Velocity Conference London 2013R2D2 slides from Velocity Conference London 2013
R2D2 slides from Velocity Conference London 2013Oby Sumampouw
 
Consul: Service Mesh for Microservices
Consul: Service Mesh for MicroservicesConsul: Service Mesh for Microservices
Consul: Service Mesh for MicroservicesArmonDadgar
 
CloudWatch hidden features for debugging serverless application
CloudWatch hidden features for debugging serverless applicationCloudWatch hidden features for debugging serverless application
CloudWatch hidden features for debugging serverless applicationMarko (ServerlessLife)
 
Low latency microservices in java QCon New York 2016
Low latency microservices in java QCon New York 2016Low latency microservices in java QCon New York 2016
Low latency microservices in java QCon New York 2016Peter Lawrey
 
Logisland "Event Mining at scale"
Logisland "Event Mining at scale"Logisland "Event Mining at scale"
Logisland "Event Mining at scale"Thomas Bailet
 
Serverless Multi Region Cache Replication
Serverless Multi Region Cache ReplicationServerless Multi Region Cache Replication
Serverless Multi Region Cache ReplicationSanghyun Lee
 
コマンドラインで始める SoftLayer (May 23, 2014)
コマンドラインで始める SoftLayer (May 23, 2014)コマンドラインで始める SoftLayer (May 23, 2014)
コマンドラインで始める SoftLayer (May 23, 2014)隆明 中島
 
Samza at LinkedIn
Samza at LinkedInSamza at LinkedIn
Samza at LinkedInVenu Ryali
 
Implementare e gestire soluzioni per l'Internet of Things (IoT) in modo rapid...
Implementare e gestire soluzioni per l'Internet of Things (IoT) in modo rapid...Implementare e gestire soluzioni per l'Internet of Things (IoT) in modo rapid...
Implementare e gestire soluzioni per l'Internet of Things (IoT) in modo rapid...Amazon Web Services
 
New Design Patterns in Microservice Solutions
New Design Patterns in Microservice SolutionsNew Design Patterns in Microservice Solutions
New Design Patterns in Microservice SolutionsMichel Burger
 
以Device Shadows與Rules Engine串聯實體世界
以Device Shadows與Rules Engine串聯實體世界以Device Shadows與Rules Engine串聯實體世界
以Device Shadows與Rules Engine串聯實體世界Amazon Web Services
 
One App, Many Clients: Converting an APEX Application to Multi-Tenant
One App, Many Clients: Converting an APEX Application to Multi-TenantOne App, Many Clients: Converting an APEX Application to Multi-Tenant
One App, Many Clients: Converting an APEX Application to Multi-TenantJeffrey Kemp
 
Troubleshooting Strategies for CloudStack Installations by Kirk Kosinski
Troubleshooting Strategies for CloudStack Installations by Kirk Kosinski Troubleshooting Strategies for CloudStack Installations by Kirk Kosinski
Troubleshooting Strategies for CloudStack Installations by Kirk Kosinski buildacloud
 

Ähnlich wie Open-source Infrastructure at Lyft: Confidant, Discovery, Ratelimit, Envoy (20)

DEF CON 23 - Sean - metcalf - red vs blue ad attack and defense
DEF CON 23 - Sean - metcalf - red vs blue ad attack and defenseDEF CON 23 - Sean - metcalf - red vs blue ad attack and defense
DEF CON 23 - Sean - metcalf - red vs blue ad attack and defense
 
Horizontal Scaling for Millions of Customers!
Horizontal Scaling for Millions of Customers! Horizontal Scaling for Millions of Customers!
Horizontal Scaling for Millions of Customers!
 
Deconstructing SaaS: Deep Dive into Building Multi-Tenant Solutions on AWS (A...
Deconstructing SaaS: Deep Dive into Building Multi-Tenant Solutions on AWS (A...Deconstructing SaaS: Deep Dive into Building Multi-Tenant Solutions on AWS (A...
Deconstructing SaaS: Deep Dive into Building Multi-Tenant Solutions on AWS (A...
 
Advanced RingCentral API Use Cases
Advanced RingCentral API Use CasesAdvanced RingCentral API Use Cases
Advanced RingCentral API Use Cases
 
R2D2 slides from Velocity Conference London 2013
R2D2 slides from Velocity Conference London 2013R2D2 slides from Velocity Conference London 2013
R2D2 slides from Velocity Conference London 2013
 
Consul: Service Mesh for Microservices
Consul: Service Mesh for MicroservicesConsul: Service Mesh for Microservices
Consul: Service Mesh for Microservices
 
Aplicaciones distribuidas con Dapr
Aplicaciones distribuidas con DaprAplicaciones distribuidas con Dapr
Aplicaciones distribuidas con Dapr
 
CloudWatch hidden features for debugging serverless application
CloudWatch hidden features for debugging serverless applicationCloudWatch hidden features for debugging serverless application
CloudWatch hidden features for debugging serverless application
 
Low latency microservices in java QCon New York 2016
Low latency microservices in java QCon New York 2016Low latency microservices in java QCon New York 2016
Low latency microservices in java QCon New York 2016
 
Logisland "Event Mining at scale"
Logisland "Event Mining at scale"Logisland "Event Mining at scale"
Logisland "Event Mining at scale"
 
Serverless Multi Region Cache Replication
Serverless Multi Region Cache ReplicationServerless Multi Region Cache Replication
Serverless Multi Region Cache Replication
 
MySQL under the siege
MySQL under the siegeMySQL under the siege
MySQL under the siege
 
コマンドラインで始める SoftLayer (May 23, 2014)
コマンドラインで始める SoftLayer (May 23, 2014)コマンドラインで始める SoftLayer (May 23, 2014)
コマンドラインで始める SoftLayer (May 23, 2014)
 
AWS IoT Deep Dive
AWS IoT Deep DiveAWS IoT Deep Dive
AWS IoT Deep Dive
 
Samza at LinkedIn
Samza at LinkedInSamza at LinkedIn
Samza at LinkedIn
 
Implementare e gestire soluzioni per l'Internet of Things (IoT) in modo rapid...
Implementare e gestire soluzioni per l'Internet of Things (IoT) in modo rapid...Implementare e gestire soluzioni per l'Internet of Things (IoT) in modo rapid...
Implementare e gestire soluzioni per l'Internet of Things (IoT) in modo rapid...
 
New Design Patterns in Microservice Solutions
New Design Patterns in Microservice SolutionsNew Design Patterns in Microservice Solutions
New Design Patterns in Microservice Solutions
 
以Device Shadows與Rules Engine串聯實體世界
以Device Shadows與Rules Engine串聯實體世界以Device Shadows與Rules Engine串聯實體世界
以Device Shadows與Rules Engine串聯實體世界
 
One App, Many Clients: Converting an APEX Application to Multi-Tenant
One App, Many Clients: Converting an APEX Application to Multi-TenantOne App, Many Clients: Converting an APEX Application to Multi-Tenant
One App, Many Clients: Converting an APEX Application to Multi-Tenant
 
Troubleshooting Strategies for CloudStack Installations by Kirk Kosinski
Troubleshooting Strategies for CloudStack Installations by Kirk Kosinski Troubleshooting Strategies for CloudStack Installations by Kirk Kosinski
Troubleshooting Strategies for CloudStack Installations by Kirk Kosinski
 

Kürzlich hochgeladen

Instrumentation, measurement and control of bio process parameters ( Temperat...
Instrumentation, measurement and control of bio process parameters ( Temperat...Instrumentation, measurement and control of bio process parameters ( Temperat...
Instrumentation, measurement and control of bio process parameters ( Temperat...121011101441
 
Call Girls Narol 7397865700 Independent Call Girls
Call Girls Narol 7397865700 Independent Call GirlsCall Girls Narol 7397865700 Independent Call Girls
Call Girls Narol 7397865700 Independent Call Girlsssuser7cb4ff
 
Vishratwadi & Ghorpadi Bridge Tender documents
Vishratwadi & Ghorpadi Bridge Tender documentsVishratwadi & Ghorpadi Bridge Tender documents
Vishratwadi & Ghorpadi Bridge Tender documentsSachinPawar510423
 
Risk Assessment For Installation of Drainage Pipes.pdf
Risk Assessment For Installation of Drainage Pipes.pdfRisk Assessment For Installation of Drainage Pipes.pdf
Risk Assessment For Installation of Drainage Pipes.pdfROCENODodongVILLACER
 
Application of Residue Theorem to evaluate real integrations.pptx
Application of Residue Theorem to evaluate real integrations.pptxApplication of Residue Theorem to evaluate real integrations.pptx
Application of Residue Theorem to evaluate real integrations.pptx959SahilShah
 
Indian Dairy Industry Present Status and.ppt
Indian Dairy Industry Present Status and.pptIndian Dairy Industry Present Status and.ppt
Indian Dairy Industry Present Status and.pptMadan Karki
 
Gurgaon ✡️9711147426✨Call In girls Gurgaon Sector 51 escort service
Gurgaon ✡️9711147426✨Call In girls Gurgaon Sector 51 escort serviceGurgaon ✡️9711147426✨Call In girls Gurgaon Sector 51 escort service
Gurgaon ✡️9711147426✨Call In girls Gurgaon Sector 51 escort servicejennyeacort
 
Software and Systems Engineering Standards: Verification and Validation of Sy...
Software and Systems Engineering Standards: Verification and Validation of Sy...Software and Systems Engineering Standards: Verification and Validation of Sy...
Software and Systems Engineering Standards: Verification and Validation of Sy...VICTOR MAESTRE RAMIREZ
 
An experimental study in using natural admixture as an alternative for chemic...
An experimental study in using natural admixture as an alternative for chemic...An experimental study in using natural admixture as an alternative for chemic...
An experimental study in using natural admixture as an alternative for chemic...Chandu841456
 
computer application and construction management
computer application and construction managementcomputer application and construction management
computer application and construction managementMariconPadriquez1
 
Oxy acetylene welding presentation note.
Oxy acetylene welding presentation note.Oxy acetylene welding presentation note.
Oxy acetylene welding presentation note.eptoze12
 
Introduction-To-Agricultural-Surveillance-Rover.pptx
Introduction-To-Agricultural-Surveillance-Rover.pptxIntroduction-To-Agricultural-Surveillance-Rover.pptx
Introduction-To-Agricultural-Surveillance-Rover.pptxk795866
 
Unit7-DC_Motors nkkjnsdkfnfcdfknfdgfggfg
Unit7-DC_Motors nkkjnsdkfnfcdfknfdgfggfgUnit7-DC_Motors nkkjnsdkfnfcdfknfdgfggfg
Unit7-DC_Motors nkkjnsdkfnfcdfknfdgfggfgsaravananr517913
 
Transport layer issues and challenges - Guide
Transport layer issues and challenges - GuideTransport layer issues and challenges - Guide
Transport layer issues and challenges - GuideGOPINATHS437943
 
UNIT III ANALOG ELECTRONICS (BASIC ELECTRONICS)
UNIT III ANALOG ELECTRONICS (BASIC ELECTRONICS)UNIT III ANALOG ELECTRONICS (BASIC ELECTRONICS)
UNIT III ANALOG ELECTRONICS (BASIC ELECTRONICS)Dr SOUNDIRARAJ N
 
Solving The Right Triangles PowerPoint 2.ppt
Solving The Right Triangles PowerPoint 2.pptSolving The Right Triangles PowerPoint 2.ppt
Solving The Right Triangles PowerPoint 2.pptJasonTagapanGulla
 

Kürzlich hochgeladen (20)

Instrumentation, measurement and control of bio process parameters ( Temperat...
Instrumentation, measurement and control of bio process parameters ( Temperat...Instrumentation, measurement and control of bio process parameters ( Temperat...
Instrumentation, measurement and control of bio process parameters ( Temperat...
 
Call Girls Narol 7397865700 Independent Call Girls
Call Girls Narol 7397865700 Independent Call GirlsCall Girls Narol 7397865700 Independent Call Girls
Call Girls Narol 7397865700 Independent Call Girls
 
Vishratwadi & Ghorpadi Bridge Tender documents
Vishratwadi & Ghorpadi Bridge Tender documentsVishratwadi & Ghorpadi Bridge Tender documents
Vishratwadi & Ghorpadi Bridge Tender documents
 
Exploring_Network_Security_with_JA3_by_Rakesh Seal.pptx
Exploring_Network_Security_with_JA3_by_Rakesh Seal.pptxExploring_Network_Security_with_JA3_by_Rakesh Seal.pptx
Exploring_Network_Security_with_JA3_by_Rakesh Seal.pptx
 
Risk Assessment For Installation of Drainage Pipes.pdf
Risk Assessment For Installation of Drainage Pipes.pdfRisk Assessment For Installation of Drainage Pipes.pdf
Risk Assessment For Installation of Drainage Pipes.pdf
 
Application of Residue Theorem to evaluate real integrations.pptx
Application of Residue Theorem to evaluate real integrations.pptxApplication of Residue Theorem to evaluate real integrations.pptx
Application of Residue Theorem to evaluate real integrations.pptx
 
Indian Dairy Industry Present Status and.ppt
Indian Dairy Industry Present Status and.pptIndian Dairy Industry Present Status and.ppt
Indian Dairy Industry Present Status and.ppt
 
Gurgaon ✡️9711147426✨Call In girls Gurgaon Sector 51 escort service
Gurgaon ✡️9711147426✨Call In girls Gurgaon Sector 51 escort serviceGurgaon ✡️9711147426✨Call In girls Gurgaon Sector 51 escort service
Gurgaon ✡️9711147426✨Call In girls Gurgaon Sector 51 escort service
 
Software and Systems Engineering Standards: Verification and Validation of Sy...
Software and Systems Engineering Standards: Verification and Validation of Sy...Software and Systems Engineering Standards: Verification and Validation of Sy...
Software and Systems Engineering Standards: Verification and Validation of Sy...
 
An experimental study in using natural admixture as an alternative for chemic...
An experimental study in using natural admixture as an alternative for chemic...An experimental study in using natural admixture as an alternative for chemic...
An experimental study in using natural admixture as an alternative for chemic...
 
computer application and construction management
computer application and construction managementcomputer application and construction management
computer application and construction management
 
Oxy acetylene welding presentation note.
Oxy acetylene welding presentation note.Oxy acetylene welding presentation note.
Oxy acetylene welding presentation note.
 
Introduction-To-Agricultural-Surveillance-Rover.pptx
Introduction-To-Agricultural-Surveillance-Rover.pptxIntroduction-To-Agricultural-Surveillance-Rover.pptx
Introduction-To-Agricultural-Surveillance-Rover.pptx
 
Unit7-DC_Motors nkkjnsdkfnfcdfknfdgfggfg
Unit7-DC_Motors nkkjnsdkfnfcdfknfdgfggfgUnit7-DC_Motors nkkjnsdkfnfcdfknfdgfggfg
Unit7-DC_Motors nkkjnsdkfnfcdfknfdgfggfg
 
Transport layer issues and challenges - Guide
Transport layer issues and challenges - GuideTransport layer issues and challenges - Guide
Transport layer issues and challenges - Guide
 
young call girls in Green Park🔝 9953056974 🔝 escort Service
young call girls in Green Park🔝 9953056974 🔝 escort Serviceyoung call girls in Green Park🔝 9953056974 🔝 escort Service
young call girls in Green Park🔝 9953056974 🔝 escort Service
 
9953056974 Call Girls In South Ex, Escorts (Delhi) NCR.pdf
9953056974 Call Girls In South Ex, Escorts (Delhi) NCR.pdf9953056974 Call Girls In South Ex, Escorts (Delhi) NCR.pdf
9953056974 Call Girls In South Ex, Escorts (Delhi) NCR.pdf
 
Design and analysis of solar grass cutter.pdf
Design and analysis of solar grass cutter.pdfDesign and analysis of solar grass cutter.pdf
Design and analysis of solar grass cutter.pdf
 
UNIT III ANALOG ELECTRONICS (BASIC ELECTRONICS)
UNIT III ANALOG ELECTRONICS (BASIC ELECTRONICS)UNIT III ANALOG ELECTRONICS (BASIC ELECTRONICS)
UNIT III ANALOG ELECTRONICS (BASIC ELECTRONICS)
 
Solving The Right Triangles PowerPoint 2.ppt
Solving The Right Triangles PowerPoint 2.pptSolving The Right Triangles PowerPoint 2.ppt
Solving The Right Triangles PowerPoint 2.ppt
 

Open-source Infrastructure at Lyft: Confidant, Discovery, Ratelimit, Envoy

  • 1. Open-source Infrastructure at Lyft Constance Caramanolis Daniel Hochman July 2017
  • 2. Overview of Lyft Architecture Open-source Infrastructure Projects - Confidant - Discovery - Ratelimit - Envoy Q&A Agenda
  • 4. Python lyft / confidant Your secret keeper. Stores secrets in Dynamo, encrypted at rest. 1,105 12 contributors November 2015
  • 5. How is a service configured? lyft / location-service Private common: PORT: 8080 TIMEOUT_MS: 15000 development: USE_AUTH: False staging: API_KEY: secret_key_igjq3i494fqq234qbc production: API_KEY: secret_key_ojajf823jj49ij8h environment.yaml
  • 6. Service location-service Confidant to the rescue! Credential api_key: password123
  • 7. Behind the scenes Application IAM Role EC2 Instance Credential api_key: password123 api_key = os.getenv('CREDENTIAL_API_KEY') KMS DynamoDB Confidant
  • 8. Server-blind secrets Highly sensitive secrets are encrypted and decrypted by the end-users. Confidant stores but can't read them. Confidant KMS IAM Role EC2 Instance
  • 9. lyft / discovery Provides a REST interface for querying for the list of hosts that belong to a microservices 54 6 contributors Python August 2016
  • 10. POST /v1/registration/location-service { "ip": "10.0.0.1", "port": 80, "revision": "da08f35b", "tags": { "id": "i-910203", "az": "us-east-1a", "canary": true } } Tracking hosts * * * * *
  • 11. - Hosts are stored in DynamoDB - Storage support is abstract - Hosts removed if not reporting since now - HOST_TTL - Ecosystem designed to tolerate eventual consistency unlike Zookeeper, etcd, Consul - Pair with active healthchecks Storage DynamoDB
  • 12. GET /v1/registration/<service> { "hosts": [ { "ip": "10.0.0.1", "port": 80, "revision": "da08f35b", "tags": {"id": "i-910203", "az": "us-east-1a", "canary": true} }, ... { "ip": "10.0.0.2", "port": 80, "revision": "da08f35b", "tags": {"id": "i-121286", "az": "us-east-1d"} } ] } Fetching hosts
  • 13. Services list the hosts they want to talk to! internal_hosts: - jobscheduler - roads external_hosts: - dynamodb_iad - kinesis_iad Envoy per-service configuration location-service/envoy.yaml /etc/envoy.conf (on the box)
  • 14. Active Healthcheck Application Envoy Discovery jobscheduler roads GET /healthcheck Application Envoy GET GET Every host healthchecks every host in a destination cluster location-service
  • 15. lyft / ratelimit Go/gRPC service designed to enable generic rate limit scenarios 224 6 contributors Go January 2017
  • 16. Why rate limit? - Control flow - Protect against attacks - Bad actors - Accidents happen oops!
  • 17. Rate Limit Service - Written in Go - Enable generic rate limit scenarios - Decisions based on a domain and set of descriptors - Settings configured at runtime - Backed by Redis Ratelimit ? INCR
  • 18. Domains and descriptors Domain Defines a container for a set of rate limits Globally unique e.g. "envoy_front" Descriptors Ordered list of key/value pairs Case sensitive e.g. ("destination_cluster", "location-service"), ("user_id", "1234")
  • 19. Limit definition Runtime Setting Defines the request per unit for a descriptor.
  • 20. Request flow example Rq1: (“user_id”, “1234”) Redis state: user_id_1234 : 1 Rs1: RateLimitResponse_OK Rq2: (“user_id”, “9876”) Redis state: user_id_1234: 1, user_id_9876 : 1 Rs2: RateLimitResponse_OK Rq3: (“user_id”, “1234) Redis state: user_id_1234: 2, user_id_9876 : 1 Rs3: RateLimitResponse_OVER_LIMIT Definition domain: test_domain key: user_id rate_limit: unit: hour requests_per_unit: 1
  • 21. Ratelimit Client from lyft_idl.client.ratelimit.ratelimit_client import RateLimitClient ratelimit_client = RateLimitClient(settings.LYFT_API_USER_AGENT) # Determines whether or not to limit jsonp_messages_post according to ratelimit service. def should_allow_jsonp_messages_post(ip_address, phone_number): domain = settings.get('RATE_LIMIT_DOMAIN') ip_descriptors = [(('jsonp_messages_post_from_ip_address', ip_address), )] phone_descriptors = [(('jsonp_messages_post_from_phone_number', phone_number), )] return ( ratelimit_client.is_request_allowed(domain, ip_descriptors) and ratelimit_client.is_request_allowed(domain, phone_descriptors) )
  • 22. lyft / envoy Front/service L7 proxy 1,924 62 contributors C++ September 2016
  • 23. Why Envoy? Service Oriented Architecture - Many languages and frameworks - Protocols (HTTP/1, HTTP/2, databases, caching, etc…) - Partial implementation of SoA best practices (retries, timeouts, …) - Observability - Load balancers (AWS, F5)
  • 24. What is Envoy? The network should be transparent to applications. When network and application problems do occur it should be easy to determine the source of the problem.
  • 25. What is Envoy? - Modern C++11 - Runs alongside applications - Service discovery integration - Rate Limit integration - HTTP2 first (get gRPC!) - Act as front/edge proxy - Stats, Stats, Stats - Logging
  • 28. Envoy Client in Python (internal) from lyft.api_client import EnvoyClient switchboard_client = EnvoyClient( service='switchboard' ) switchboard_client.post( "/v2/messages", data={ 'template': 'welcome' }, headers={ 'x-lyft-user-id': 12345647363394 } )
  • 29. Envoy deployment @Lyft - > 100 services - > 10,000 hosts - > 2,000,000 RPS - All service to service traffic (REST and gRPC) - MongoDB, DynamoDB, Redis proxy - External service proxy (AWS and other partners) - Kibana/Elastic Search for logging. - LightStep for tracing - Wavefront for stats
  • 31. Done! - Lyft is hiring. If you want to work on large-scale problems in a fast-moving, high-growth company visit lyft.com/jobs - Visit github.com/lyft - Slides available at slideshare.net/danielhochman - Q&A