SlideShare ist ein Scribd-Unternehmen logo

Service Mesh: Two Big Words But Do You Need It?

DevOps.com
DevOps.com

Today, one of the big concepts buzzing in the app development world is service mesh. A service mesh is a configurable infrastructure layer for microservices application that makes communication flexible, reliable and fast. Let’s take a step back, though, and answer this question: Do you need a service mesh? Join this webinar to learn: What a service mesh is; when and why you need it — or when and why you may not App modernization journey and traffic management approaches for microservices-based apps How to make an informed decision based on cost and complexity before adopting service mesh Learn about NGINX Service Mesh in a live demo, and how it provides the best service mesh option for container-based L7 traffic management

Technologie
1 von 39
Downloaden Sie, um offline zu lesen
Service Mesh TWO BIG WORDS BUT DO YOU NEED IT?
| ©2020 F52 About Speaker - 10 years working with distributed systems. - Long time NGINX user, joined NGINX team early 2020 Ravi Vagadia - Solutions Engineer, F5 (NGINX BU) @ravirdv https://www.linkedin.com/in/ravi-vagadia/
| ©2020 F53 Agenda • Modern Application Overview • What is a Service Mesh? • What does a Service Mesh solve? • When do you need it?
| ©2020 F54 Modern Application Overview
| ©2020 F55 Kubernetes becoming platform for developing, testing and running applications Traditional CI/CD products being retrofitted to run on Kubernetes Emergenceof Kubernetes-native CI/CD tools for defining and running pipelines on Kubernetes using native Kubernetes constructs Portability makes this particularly attractive Kubernetes in production is growing rapidly NGINX Survey: about half of customers use Kubernetes in production CNCF 2019 survey: 84% use containers in production What we see in the market KUBERNETES-CENTRIC PERSPECTIVE SOURCE: INFORMATIONEXAMPLE Adoption of managed and commercial Kubernetes platforms We see rapid adoption of OpenShiftand Rancher in the private cloud space EKS and GKE adoption in public cloud
42% Actively using Microservices in Production 37% Investigating or using in pre-production NGINX User Survey 2018, 2019 Who is using Microservices in Production?
| ©2020 F57 ModernApps Require a ModernArchitecture From Monolithic ... ... to Dynamic Three-tier, J2EE-style architectures Complex protocols (HTML, SOAP) Persistent deployments Fixed, static Infrastructure Big-bang releases Silo’ed teams (Dev, Test, Ops) Microservices Lightweight (REST, gRPC, GraphQL) Containers, VMs, Functions Infrastructure as Code Continuous delivery DevOps Culture
| ©2020 F58 Operating a distributed application is hard Static, Predictable Monolith: Dynamic, Distributed App: Fast, reliable function calls Local debugging Local profiling Calendared, big-bang upgrades ‘Integration hell’ contained in dev Slow, unreliable API calls Distributed fault finding Distributed tracing In-place dynamic updates ‘Continuous integration’ live in prod More things can go wrong, it’s harder to find the faults, everything happens live
| ©2020 F59 What’s In A Service Mesh!
| ©2020 F510 WHAT’S MISSING IN K8S AND WHAT DO YOU REALLY WANT AND NEED FROM A MESH? What Is A Service Mesh? Service mesh aims to improve application traffic control, observability and security for distributed systems. - The New Stack
| ©2020 F511 L7 Logic (Ingress) L3-L4 Networking L3 – L7 Network Management == Service Mesh An Overly Simplified Picture
| ©2020 F512 WHAT’S MISSING IN K8S AND WHAT DO YOU REALLY WANT AND NEED FROM A MESH? What Is A Service Mesh? • A service mesh adds L7 traffic management & security: • sidecar deployment • policy management • application availability/health, • Service mesh isn’t just one “thing”, it’s a lot of managed and dependent components • Takes over where K8s networking stops (service/pod IP endpoints) • “Traffic management for containers”
| ©2020 F513 What DoesA Service Mesh Do? Service Mesh controls communications between pods and external apps Secure Traffic End-to-end encryption (Mutual TLS / mTLS), ACLs Manage All Service Traffic Load Balance, Circuit breaker, B|G, Rate Limiting… Orchestration Injection and sidecar management, K8s API integration Measure Traffic Generate transaction traces and real-time monitoring
| ©2020 F514 What Is A Sidecar? A Sidecar is a containerized service that another containerized service depends on for some function: “Helper Containers” • Not just networking, can be used for any separationof process:API GW, logging, data mining, etc. In our world, a Sidecar would be a reverse proxy that sits beside an application service container (in the same pod) and provides all inbound and outbound network routing to that application container App Pod
| ©2020 F515 HowAre Sidecars Deployed? Separate Container In The App Pod • The separate container is attached to the app service container in a pod • Networking in the app container is altered via a policy from the mesh that tells the app “You can only talk to your sidecar for network access.” • Policy and architecture are defined and orchestrated via the control plane,managed with a combo of ConfigMap and control plane. • A Service Mesh takes care of auto-associating the sidecar with the app container in the same pod via Sidecar Injection App Pod
| ©2020 F516 Use Cases – Securing InternalTraffic (mTLS) Pod A Pod B Pod A Pod B NSM Traffic Flow Without Service Mesh: Traffic Flow With Service Mesh:
| ©2020 F517 Use Cases – Control Traffic Flow Target-svc Target-v1 Target-v2 0% 100%
| ©2020 F518 Use Cases – Telemetry | Tracing Pod A Pod B Pod C
| ©2020 F519 Service Mesh Policies © 2017 F5 Networks Network Policy • Serviceto servicerouting • Serviceavailability • Servicediscovery Access Policy • IP allow/deny • Allow/Deny • JWT Security Policy • SSL/mTLSTermination • DDoS • WAF E F THE MOST IMPORTANT (AND DIFFICULT) PART
| ©2020 F520 NSM Service Mesh The “Data Plane” Service Mesh
| ©2020 F521 What is the NGINX Service Mesh? Data Plane East/West traffic Control Plane Management Plane Infrastructure Kubernetes VMware AWS Bare Metal SVC SVCSVCSVCSVC SVC Conf DbKubernetes Service Registry Inventory VMware, AWS… Inventory
| ©2020 F522 What is the NGINX Service Mesh? Data Plane East/West traffic Control Plane Management Plane Infrastructure Kubernetes VMware AWS Bare Metal Conf DbKubernetes Service Registry Inventory VMware, AWS… Inventory SVC SVCSVCSVCSVC SVC
| ©2020 F523 What is the NGINX Service Mesh? Data Plane East/West traffic Control Plane Management Plane Infrastructure Kubernetes VMware AWS Bare Metal NGINX Service Mesh control plane SVC SVCSVCSVCSVC SVC Topology Policies Conf DbKubernetes Service Registry Inventory VMware, AWS… InventoryCLI / API $>_
| ©2020 F524 What is the NGINX Service Mesh? Data Plane East/West traffic Control Plane Management Plane Infrastructure Kubernetes VMware AWS Bare Metal NGINX Service Mesh control plane Topology Policies Conf DbKubernetes Service Registry Inventory VMware, AWS… Inventory SPIRE SVC SVCSVCSVCSVC SVC CLI / API $>_
| ©2020 F525 What is the NGINX Service Mesh? Data Plane East/West traffic Control Plane Management Plane Infrastructure Kubernetes VMware AWS Bare Metal NGINX Service Mesh control plane Topology Policies Conf DbKubernetes Service Registry Inventory VMware, AWS… Inventory SPIRE Grafana OpenTracing SVC SVCSVCSVCSVC SVC CLI / API $>_
| ©2020 F526 What is the NGINX Service Mesh? Data Plane East/West traffic Control Plane Management Plane Infrastructure Kubernetes VMware AWS Bare Metal NGINX Service Mesh control plane Topology Policies Conf DbKubernetes Service Registry Inventory VMware, AWS… Inventory SPIRE Grafana OpenTracing SVC SVCSVCSVCSVC SVC CLI / API $>_ NGINX Ingress NGINX Egress
| ©2020 F527 What is the NGINX Service Mesh? Data Plane East/West traffic Control Plane Management Plane Infrastructure Kubernetes VMware AWS Bare Metal NGINX Service Mesh control plane Topology Policies Conf DbKubernetes Service Registry Inventory VMware, AWS… Inventory SPIRE Grafana OpenTracing NGINX Controller Centralized management Service Mesh connector Integrations SVC SVCSVCSVCSVC SVC CLI / API $>_ NGINX Ingress NGINX Egress
| ©2020 F528 NSM Components • NSM runs within a K8s cluster • Securely manages ingress/egress traffic to external services • Can be deployed in any K8s cluster platform
| ©2020 F529 NSM Features
| ©2020 F530 Security • Zero-trust model • mTLS enforcement • Service identity • Access control CRDs • Access control via mTLS • Single source of truth for network (K8s) and identity (Spire) • Ingress mTLS • Egress opt-in allowlist SVC
| ©2020 F531 Integrated N/S Ingress/Egress • NGINX Plus for sidecars and KIC • Ingress traffic treated as S2S service traffic • Full integration with Spire identity and SSL key store • mTLS for ingress into NSM • Egress name service support
| ©2020 F532 Traffic Management • Full support for microservice traffic models − Circuit Breaker − Blue/Green − Canary − Weighted distribution • Rate shaping and QoS/priority queueing • Container-based load balancing • Dynamic service availability • SSL keepalive for performance SVC
| ©2020 F533 Lightweight andAgile • Control plane designed to optimize NGINX Plus data plane • Standards-based: SPIFFE, SMI- spec • Single CLI for management of all mesh services • CI/CD pipeline’able for orchestrated deployment and policy management
| ©2020 F534 Demo!
| ©2020 F535 A reality check… Service Mesh technology addresses one specific set of problems It’s not a magic bullet that makes all applications ‘better’ There are many other, well-proven ways to address the same problems Service Mesh technology is very complex ever-evolving Cost of operating a mesh in production can be high, and there can be many risks
| ©2020 F536 WhenAm I Ready For A Service Mesh? ✓ You have a mature, fully-automated CI/CD pipeline (GitOps-enabled) ✓ You are fully invested in microservices and using Kubernetes ✓ You are deploying frequently to production (at least once per day) ✓ You have a zero-trust production environment (so need mTLS) ✓ You need/want additional visibility of container traffic interaction
| ©2020 F537 • Flexible Traffic Management • Secure Internal Communication • In-depth monitoring and distributed tracing • NGINX Service Mesh is available as free download,check this link for more info : NGINX Service Mesh CONFIDENTIAL Download NGINX Service Mesh
| ©2020 F538 Questions?
Service Mesh: Two Big Words But Do You Need It?

Empfohlen

Microservices at Scale: How to Reduce Overhead and Increase Developer Product...
Microservices at Scale: How to Reduce Overhead and Increase Developer Product...Microservices at Scale: How to Reduce Overhead and Increase Developer Product...
Microservices at Scale: How to Reduce Overhead and Increase Developer Product...
DevOps.com
 
Cloud-Native Patterns and the Benefits of MySQL as a Platform Managed Service
Cloud-Native Patterns and the Benefits of MySQL as a Platform Managed ServiceCloud-Native Patterns and the Benefits of MySQL as a Platform Managed Service
Cloud-Native Patterns and the Benefits of MySQL as a Platform Managed Service
VMware Tanzu
 
Achieving DevSecOps Outcomes with Tanzu Advanced- May 25, 2021
Achieving DevSecOps Outcomes with Tanzu Advanced- May 25, 2021Achieving DevSecOps Outcomes with Tanzu Advanced- May 25, 2021
Achieving DevSecOps Outcomes with Tanzu Advanced- May 25, 2021
VMware Tanzu
 
A Leader’s Guide to DevOps Practices and Culture
A Leader’s Guide to DevOps Practices and CultureA Leader’s Guide to DevOps Practices and Culture
A Leader’s Guide to DevOps Practices and Culture
VMware Tanzu
 
Running Persistent Data in a Multi-Cloud Architecture
Running Persistent Data in a Multi-Cloud ArchitectureRunning Persistent Data in a Multi-Cloud Architecture
Running Persistent Data in a Multi-Cloud Architecture
VMware Tanzu
 
Distribute Your App and Engage Your Community with a Helm Repository
Distribute Your App and Engage Your Community with a Helm RepositoryDistribute Your App and Engage Your Community with a Helm Repository
Distribute Your App and Engage Your Community with a Helm Repository
VMware Tanzu
 
Migrating from Self-Managed Kubernetes on EC2 to a GitOps Enabled EKS
Migrating from Self-Managed Kubernetes on EC2 to a GitOps Enabled EKSMigrating from Self-Managed Kubernetes on EC2 to a GitOps Enabled EKS
Migrating from Self-Managed Kubernetes on EC2 to a GitOps Enabled EKS
Weaveworks
 
Delivering-Off-The-Shelf Software with Kubernetes- November 12, 2020
Delivering-Off-The-Shelf Software with Kubernetes- November 12, 2020Delivering-Off-The-Shelf Software with Kubernetes- November 12, 2020
Delivering-Off-The-Shelf Software with Kubernetes- November 12, 2020
VMware Tanzu
 

Empfohlen

Microservices at Scale: How to Reduce Overhead and Increase Developer Product...
Microservices at Scale: How to Reduce Overhead and Increase Developer Product...Microservices at Scale: How to Reduce Overhead and Increase Developer Product...
Microservices at Scale: How to Reduce Overhead and Increase Developer Product...
DevOps.com
 
Cloud-Native Patterns and the Benefits of MySQL as a Platform Managed Service
Cloud-Native Patterns and the Benefits of MySQL as a Platform Managed ServiceCloud-Native Patterns and the Benefits of MySQL as a Platform Managed Service
Cloud-Native Patterns and the Benefits of MySQL as a Platform Managed Service
VMware Tanzu
 
Achieving DevSecOps Outcomes with Tanzu Advanced- May 25, 2021
Achieving DevSecOps Outcomes with Tanzu Advanced- May 25, 2021Achieving DevSecOps Outcomes with Tanzu Advanced- May 25, 2021
Achieving DevSecOps Outcomes with Tanzu Advanced- May 25, 2021
VMware Tanzu
 
A Leader’s Guide to DevOps Practices and Culture
A Leader’s Guide to DevOps Practices and CultureA Leader’s Guide to DevOps Practices and Culture
A Leader’s Guide to DevOps Practices and Culture
VMware Tanzu
 
Running Persistent Data in a Multi-Cloud Architecture
Running Persistent Data in a Multi-Cloud ArchitectureRunning Persistent Data in a Multi-Cloud Architecture
Running Persistent Data in a Multi-Cloud Architecture
VMware Tanzu
 
Distribute Your App and Engage Your Community with a Helm Repository
Distribute Your App and Engage Your Community with a Helm RepositoryDistribute Your App and Engage Your Community with a Helm Repository
Distribute Your App and Engage Your Community with a Helm Repository
VMware Tanzu
 
Migrating from Self-Managed Kubernetes on EC2 to a GitOps Enabled EKS
Migrating from Self-Managed Kubernetes on EC2 to a GitOps Enabled EKSMigrating from Self-Managed Kubernetes on EC2 to a GitOps Enabled EKS
Migrating from Self-Managed Kubernetes on EC2 to a GitOps Enabled EKS
Weaveworks
 
Delivering-Off-The-Shelf Software with Kubernetes- November 12, 2020
Delivering-Off-The-Shelf Software with Kubernetes- November 12, 2020Delivering-Off-The-Shelf Software with Kubernetes- November 12, 2020
Delivering-Off-The-Shelf Software with Kubernetes- November 12, 2020
VMware Tanzu
 
Ravello – the Easiest Way to Cloud
Ravello – the Easiest Way to CloudRavello – the Easiest Way to Cloud
Ravello – the Easiest Way to Cloud
MarketingArrowECS_CZ
 
Enterprise Application Migration
Enterprise Application MigrationEnterprise Application Migration
Enterprise Application Migration
VMware Tanzu
 
Next Generation Vulnerability Assessment Using Datadog and Snyk
Next Generation Vulnerability Assessment Using Datadog and SnykNext Generation Vulnerability Assessment Using Datadog and Snyk
Next Generation Vulnerability Assessment Using Datadog and Snyk
DevOps.com
 
InfoSec: Evolve Thyself to Keep Pace in the Age of DevOps
InfoSec: Evolve Thyself to Keep Pace in the Age of DevOpsInfoSec: Evolve Thyself to Keep Pace in the Age of DevOps
InfoSec: Evolve Thyself to Keep Pace in the Age of DevOps
VMware Tanzu
 
Application Security in the Cloud - Best Practices
Application Security in the Cloud - Best PracticesApplication Security in the Cloud - Best Practices
Application Security in the Cloud - Best Practices
RightScale
 
DevOps to DevSecOps Journey..
DevOps to DevSecOps Journey..DevOps to DevSecOps Journey..
DevOps to DevSecOps Journey..
Siddharth Joshi
 
Infrastructure less development with Azure Service Fabric
Infrastructure less development with Azure Service FabricInfrastructure less development with Azure Service Fabric
Infrastructure less development with Azure Service Fabric
Saba Jamalian
 
App-First & Cloud-Native: How InterMiles Boosted CX with AWS & Infostretch
App-First & Cloud-Native: How InterMiles Boosted CX with AWS & InfostretchApp-First & Cloud-Native: How InterMiles Boosted CX with AWS & Infostretch
App-First & Cloud-Native: How InterMiles Boosted CX with AWS & Infostretch
Infostretch
 
Lo Scenario Cloud-Native (Pivotal Cloud-Native Workshop: Milan)
Lo Scenario Cloud-Native (Pivotal Cloud-Native Workshop: Milan)Lo Scenario Cloud-Native (Pivotal Cloud-Native Workshop: Milan)
Lo Scenario Cloud-Native (Pivotal Cloud-Native Workshop: Milan)
VMware Tanzu
 
July 30: How User-Centered Design Drives Impactful Products and Services
July 30: How User-Centered Design Drives Impactful Products and ServicesJuly 30: How User-Centered Design Drives Impactful Products and Services
July 30: How User-Centered Design Drives Impactful Products and Services
VMware Tanzu
 
Monitoring Your AWS EKS Environment with Datadog
Monitoring Your AWS EKS Environment with DatadogMonitoring Your AWS EKS Environment with Datadog
Monitoring Your AWS EKS Environment with Datadog
DevOps.com
 
Four considerations when monitoring microservices
Four considerations when monitoring microservicesFour considerations when monitoring microservices
Four considerations when monitoring microservices
Jason Bloomberg
 
Getting Started with Runtime Security on Azure Kubernetes Service (AKS)
Getting Started with Runtime Security on Azure Kubernetes Service (AKS)Getting Started with Runtime Security on Azure Kubernetes Service (AKS)
Getting Started with Runtime Security on Azure Kubernetes Service (AKS)
DevOps.com
 
Build cloud native solution using open source
Build cloud native solution using open source Build cloud native solution using open source
Build cloud native solution using open source
Nitesh Jadhav
 
Cloud Native DevOps
Cloud Native DevOpsCloud Native DevOps
Cloud Native DevOps
Jim Bugwadia
 
Stability anti patterns in cloud-native applications
Stability anti patterns in cloud-native applicationsStability anti patterns in cloud-native applications
Stability anti patterns in cloud-native applications
Ana-Maria Mihalceanu
 
Tectonic Summit 2016: Ticketmaster's Public Cloud & Kubernetes Strategy
Tectonic Summit 2016: Ticketmaster's Public Cloud & Kubernetes StrategyTectonic Summit 2016: Ticketmaster's Public Cloud & Kubernetes Strategy
Tectonic Summit 2016: Ticketmaster's Public Cloud & Kubernetes Strategy
CoreOS
 
Tectonic Summit 2016: Preparing for Cloud Native
Tectonic Summit 2016: Preparing for Cloud Native Tectonic Summit 2016: Preparing for Cloud Native
Tectonic Summit 2016: Preparing for Cloud Native
CoreOS
 
Using Pivotal Cloud Foundry with Google’s BigQuery and Cloud Vision API
Using Pivotal Cloud Foundry with Google’s BigQuery and Cloud Vision APIUsing Pivotal Cloud Foundry with Google’s BigQuery and Cloud Vision API
Using Pivotal Cloud Foundry with Google’s BigQuery and Cloud Vision API
VMware Tanzu
 
Adopting Azure, Cloud Foundry and Microservice Architecture at Merrill Corpor...
Adopting Azure, Cloud Foundry and Microservice Architecture at Merrill Corpor...Adopting Azure, Cloud Foundry and Microservice Architecture at Merrill Corpor...
Adopting Azure, Cloud Foundry and Microservice Architecture at Merrill Corpor...
VMware Tanzu
 
Data Plane Matters! A Deep Dive and Demo on NGINX Service Mesh
Data Plane Matters! A Deep Dive and Demo on NGINX Service MeshData Plane Matters! A Deep Dive and Demo on NGINX Service Mesh
Data Plane Matters! A Deep Dive and Demo on NGINX Service Mesh
NGINX, Inc.
 
Get the Most Out of Kubernetes with NGINX
Get the Most Out of Kubernetes with NGINXGet the Most Out of Kubernetes with NGINX
Get the Most Out of Kubernetes with NGINX
NGINX, Inc.
 

Weitere ähnliche Inhalte

Was ist angesagt?

Next Generation Vulnerability Assessment Using Datadog and Snyk
Next Generation Vulnerability Assessment Using Datadog and SnykNext Generation Vulnerability Assessment Using Datadog and Snyk
Next Generation Vulnerability Assessment Using Datadog and Snyk
DevOps.com
 
InfoSec: Evolve Thyself to Keep Pace in the Age of DevOps
InfoSec: Evolve Thyself to Keep Pace in the Age of DevOpsInfoSec: Evolve Thyself to Keep Pace in the Age of DevOps
InfoSec: Evolve Thyself to Keep Pace in the Age of DevOps
VMware Tanzu
 
App-First & Cloud-Native: How InterMiles Boosted CX with AWS & Infostretch
App-First & Cloud-Native: How InterMiles Boosted CX with AWS & InfostretchApp-First & Cloud-Native: How InterMiles Boosted CX with AWS & Infostretch
App-First & Cloud-Native: How InterMiles Boosted CX with AWS & Infostretch
Infostretch
 
Using Pivotal Cloud Foundry with Google’s BigQuery and Cloud Vision API
Using Pivotal Cloud Foundry with Google’s BigQuery and Cloud Vision APIUsing Pivotal Cloud Foundry with Google’s BigQuery and Cloud Vision API
Using Pivotal Cloud Foundry with Google’s BigQuery and Cloud Vision API
VMware Tanzu
 

Was ist angesagt? (20)

Ravello – the Easiest Way to Cloud
Ravello – the Easiest Way to CloudRavello – the Easiest Way to Cloud
Ravello – the Easiest Way to Cloud
 
Enterprise Application Migration
Enterprise Application MigrationEnterprise Application Migration
Enterprise Application Migration
 
Next Generation Vulnerability Assessment Using Datadog and Snyk
Next Generation Vulnerability Assessment Using Datadog and SnykNext Generation Vulnerability Assessment Using Datadog and Snyk
Next Generation Vulnerability Assessment Using Datadog and Snyk
 
InfoSec: Evolve Thyself to Keep Pace in the Age of DevOps
InfoSec: Evolve Thyself to Keep Pace in the Age of DevOpsInfoSec: Evolve Thyself to Keep Pace in the Age of DevOps
InfoSec: Evolve Thyself to Keep Pace in the Age of DevOps
 
Application Security in the Cloud - Best Practices
Application Security in the Cloud - Best PracticesApplication Security in the Cloud - Best Practices
Application Security in the Cloud - Best Practices
 
DevOps to DevSecOps Journey..
DevOps to DevSecOps Journey..DevOps to DevSecOps Journey..
DevOps to DevSecOps Journey..
 
Infrastructure less development with Azure Service Fabric
Infrastructure less development with Azure Service FabricInfrastructure less development with Azure Service Fabric
Infrastructure less development with Azure Service Fabric
 
App-First & Cloud-Native: How InterMiles Boosted CX with AWS & Infostretch
App-First & Cloud-Native: How InterMiles Boosted CX with AWS & InfostretchApp-First & Cloud-Native: How InterMiles Boosted CX with AWS & Infostretch
App-First & Cloud-Native: How InterMiles Boosted CX with AWS & Infostretch
 
Lo Scenario Cloud-Native (Pivotal Cloud-Native Workshop: Milan)
Lo Scenario Cloud-Native (Pivotal Cloud-Native Workshop: Milan)Lo Scenario Cloud-Native (Pivotal Cloud-Native Workshop: Milan)
Lo Scenario Cloud-Native (Pivotal Cloud-Native Workshop: Milan)
 
July 30: How User-Centered Design Drives Impactful Products and Services
July 30: How User-Centered Design Drives Impactful Products and ServicesJuly 30: How User-Centered Design Drives Impactful Products and Services
July 30: How User-Centered Design Drives Impactful Products and Services
 
Monitoring Your AWS EKS Environment with Datadog
Monitoring Your AWS EKS Environment with DatadogMonitoring Your AWS EKS Environment with Datadog
Monitoring Your AWS EKS Environment with Datadog
 
Four considerations when monitoring microservices
Four considerations when monitoring microservicesFour considerations when monitoring microservices
Four considerations when monitoring microservices
 
Getting Started with Runtime Security on Azure Kubernetes Service (AKS)
Getting Started with Runtime Security on Azure Kubernetes Service (AKS)Getting Started with Runtime Security on Azure Kubernetes Service (AKS)
Getting Started with Runtime Security on Azure Kubernetes Service (AKS)
 
Build cloud native solution using open source
Build cloud native solution using open source Build cloud native solution using open source
Build cloud native solution using open source
 
Cloud Native DevOps
Cloud Native DevOpsCloud Native DevOps
Cloud Native DevOps
 
Stability anti patterns in cloud-native applications
Stability anti patterns in cloud-native applicationsStability anti patterns in cloud-native applications
Stability anti patterns in cloud-native applications
 
Tectonic Summit 2016: Ticketmaster's Public Cloud & Kubernetes Strategy
Tectonic Summit 2016: Ticketmaster's Public Cloud & Kubernetes StrategyTectonic Summit 2016: Ticketmaster's Public Cloud & Kubernetes Strategy
Tectonic Summit 2016: Ticketmaster's Public Cloud & Kubernetes Strategy
 
Tectonic Summit 2016: Preparing for Cloud Native
Tectonic Summit 2016: Preparing for Cloud Native Tectonic Summit 2016: Preparing for Cloud Native
Tectonic Summit 2016: Preparing for Cloud Native
 
Using Pivotal Cloud Foundry with Google’s BigQuery and Cloud Vision API
Using Pivotal Cloud Foundry with Google’s BigQuery and Cloud Vision APIUsing Pivotal Cloud Foundry with Google’s BigQuery and Cloud Vision API
Using Pivotal Cloud Foundry with Google’s BigQuery and Cloud Vision API
 
Adopting Azure, Cloud Foundry and Microservice Architecture at Merrill Corpor...
Adopting Azure, Cloud Foundry and Microservice Architecture at Merrill Corpor...Adopting Azure, Cloud Foundry and Microservice Architecture at Merrill Corpor...
Adopting Azure, Cloud Foundry and Microservice Architecture at Merrill Corpor...
 

Ähnlich wie Service Mesh: Two Big Words But Do You Need It?

Get the Most Out of Kubernetes with NGINX
Get the Most Out of Kubernetes with NGINXGet the Most Out of Kubernetes with NGINX
Get the Most Out of Kubernetes with NGINX
NGINX, Inc.
 
Control Kubernetes Ingress and Egress Together with NGINX
Control Kubernetes Ingress and Egress Together with NGINXControl Kubernetes Ingress and Egress Together with NGINX
Control Kubernetes Ingress and Egress Together with NGINX
NGINX, Inc.
 
Control Kubernetes Ingress and Egress Together with NGINX
Control Kubernetes Ingress and Egress Together with NGINXControl Kubernetes Ingress and Egress Together with NGINX
Control Kubernetes Ingress and Egress Together with NGINX
NGINX, Inc.
 
Juniper Networks®, Tech Mahindra & CA Discuss New Perspectives & Partnership...
Juniper Networks®, Tech Mahindra & CA Discuss New Perspectives & Partnership...Juniper Networks®, Tech Mahindra & CA Discuss New Perspectives & Partnership...
Juniper Networks®, Tech Mahindra & CA Discuss New Perspectives & Partnership...
CA Technologies
 
API Gateway or Service mesh - Complementary or excluding concepts
API Gateway or Service mesh - Complementary or excluding conceptsAPI Gateway or Service mesh - Complementary or excluding concepts
API Gateway or Service mesh - Complementary or excluding concepts
Sven Bernhardt
 
API Gateway or Service Mesh - Complementary or excluding concepts
API Gateway or Service Mesh - Complementary or excluding conceptsAPI Gateway or Service Mesh - Complementary or excluding concepts
API Gateway or Service Mesh - Complementary or excluding concepts
Sven Bernhardt
 
Enterprise Network Transformation Powered by OrangeX, with Nokia Nuage and AW...
Enterprise Network Transformation Powered by OrangeX, with Nokia Nuage and AW...Enterprise Network Transformation Powered by OrangeX, with Nokia Nuage and AW...
Enterprise Network Transformation Powered by OrangeX, with Nokia Nuage and AW...
Amazon Web Services
 

Ähnlich wie Service Mesh: Two Big Words But Do You Need It? (20)

Data Plane Matters! A Deep Dive and Demo on NGINX Service Mesh
Data Plane Matters! A Deep Dive and Demo on NGINX Service MeshData Plane Matters! A Deep Dive and Demo on NGINX Service Mesh
Data Plane Matters! A Deep Dive and Demo on NGINX Service Mesh
 
Get the Most Out of Kubernetes with NGINX
Get the Most Out of Kubernetes with NGINXGet the Most Out of Kubernetes with NGINX
Get the Most Out of Kubernetes with NGINX
 
Next Generation DDoS Services – can we do this with NFV? - CF Chui
Next Generation DDoS Services – can we do this with NFV? - CF ChuiNext Generation DDoS Services – can we do this with NFV? - CF Chui
Next Generation DDoS Services – can we do this with NFV? - CF Chui
 
apidays LIVE Hong Kong 2021 - Zero Trust security with Service Mesh by Lauren...
apidays LIVE Hong Kong 2021 - Zero Trust security with Service Mesh by Lauren...apidays LIVE Hong Kong 2021 - Zero Trust security with Service Mesh by Lauren...
apidays LIVE Hong Kong 2021 - Zero Trust security with Service Mesh by Lauren...
 
Control Kubernetes Ingress and Egress Together with NGINX
Control Kubernetes Ingress and Egress Together with NGINXControl Kubernetes Ingress and Egress Together with NGINX
Control Kubernetes Ingress and Egress Together with NGINX
 
Cisco Connect Toronto 2017 - NFV/SDN Platform for Orchestrating Cloud and vBr...
Cisco Connect Toronto 2017 - NFV/SDN Platform for Orchestrating Cloud and vBr...Cisco Connect Toronto 2017 - NFV/SDN Platform for Orchestrating Cloud and vBr...
Cisco Connect Toronto 2017 - NFV/SDN Platform for Orchestrating Cloud and vBr...
 
Securing Kubernetes Clusters with NGINX Plus Ingress Controller & NAP
Securing Kubernetes Clusters with NGINX Plus Ingress Controller & NAPSecuring Kubernetes Clusters with NGINX Plus Ingress Controller & NAP
Securing Kubernetes Clusters with NGINX Plus Ingress Controller & NAP
 
F5 and HashiCorp Multi-Cloud
F5 and HashiCorp Multi-CloudF5 and HashiCorp Multi-Cloud
F5 and HashiCorp Multi-Cloud
 
Control Kubernetes Ingress and Egress Together with NGINX
Control Kubernetes Ingress and Egress Together with NGINXControl Kubernetes Ingress and Egress Together with NGINX
Control Kubernetes Ingress and Egress Together with NGINX
 
Cisco Connect Toronto 2018 sd-wan - delivering intent-based networking to t...
Cisco Connect Toronto 2018 sd-wan - delivering intent-based networking to t...Cisco Connect Toronto 2018 sd-wan - delivering intent-based networking to t...
Cisco Connect Toronto 2018 sd-wan - delivering intent-based networking to t...
 
Juniper Networks®, Tech Mahindra & CA Discuss New Perspectives & Partnership...
Juniper Networks®, Tech Mahindra & CA Discuss New Perspectives & Partnership...Juniper Networks®, Tech Mahindra & CA Discuss New Perspectives & Partnership...
Juniper Networks®, Tech Mahindra & CA Discuss New Perspectives & Partnership...
 
Cisco Connect 2018 Malaysia - Innovation towards SP transformation
Cisco Connect 2018 Malaysia - Innovation towards SP transformationCisco Connect 2018 Malaysia - Innovation towards SP transformation
Cisco Connect 2018 Malaysia - Innovation towards SP transformation
 
The Future of Service Mesh
The Future of Service MeshThe Future of Service Mesh
The Future of Service Mesh
 
Modernizing Application Deployments with HashiCorp Consul on Microsoft Azure
Modernizing Application Deployments with HashiCorp Consul on Microsoft AzureModernizing Application Deployments with HashiCorp Consul on Microsoft Azure
Modernizing Application Deployments with HashiCorp Consul on Microsoft Azure
 
API Gateway or Service mesh - Complementary or excluding concepts
API Gateway or Service mesh - Complementary or excluding conceptsAPI Gateway or Service mesh - Complementary or excluding concepts
API Gateway or Service mesh - Complementary or excluding concepts
 
API Gateway or Service Mesh - Complementary or excluding concepts
API Gateway or Service Mesh - Complementary or excluding conceptsAPI Gateway or Service Mesh - Complementary or excluding concepts
API Gateway or Service Mesh - Complementary or excluding concepts
 
Cisco Connect 2018 Thailand - Innovation towards sp transformation mr.sean wa...
Cisco Connect 2018 Thailand - Innovation towards sp transformation mr.sean wa...Cisco Connect 2018 Thailand - Innovation towards sp transformation mr.sean wa...
Cisco Connect 2018 Thailand - Innovation towards sp transformation mr.sean wa...
 
The Current And Future State Of Service Mesh
The Current And Future State Of Service MeshThe Current And Future State Of Service Mesh
The Current And Future State Of Service Mesh
 
Enterprise Network Transformation Powered by OrangeX, with Nokia Nuage and AW...
Enterprise Network Transformation Powered by OrangeX, with Nokia Nuage and AW...Enterprise Network Transformation Powered by OrangeX, with Nokia Nuage and AW...
Enterprise Network Transformation Powered by OrangeX, with Nokia Nuage and AW...
 
Cisco connect montreal 2018 sd wan - delivering intent-based networking to th...
Cisco connect montreal 2018 sd wan - delivering intent-based networking to th...Cisco connect montreal 2018 sd wan - delivering intent-based networking to th...
Cisco connect montreal 2018 sd wan - delivering intent-based networking to th...
 

Mehr von DevOps.com

Modernizing on IBM Z Made Easier With Open Source Software
Modernizing on IBM Z Made Easier With Open Source SoftwareModernizing on IBM Z Made Easier With Open Source Software
Modernizing on IBM Z Made Easier With Open Source Software
DevOps.com
 
Comparing Microsoft SQL Server 2019 Performance Across Various Kubernetes Pla...
Comparing Microsoft SQL Server 2019 Performance Across Various Kubernetes Pla...Comparing Microsoft SQL Server 2019 Performance Across Various Kubernetes Pla...
Comparing Microsoft SQL Server 2019 Performance Across Various Kubernetes Pla...
DevOps.com
 
Comparing Microsoft SQL Server 2019 Performance Across Various Kubernetes Pla...
Comparing Microsoft SQL Server 2019 Performance Across Various Kubernetes Pla...Comparing Microsoft SQL Server 2019 Performance Across Various Kubernetes Pla...
Comparing Microsoft SQL Server 2019 Performance Across Various Kubernetes Pla...
DevOps.com
 
Vulnerability Discovery in the Cloud
Vulnerability Discovery in the CloudVulnerability Discovery in the Cloud
Vulnerability Discovery in the Cloud
DevOps.com
 
2021 Open Source Governance: Top Ten Trends and Predictions
2021 Open Source Governance: Top Ten Trends and Predictions2021 Open Source Governance: Top Ten Trends and Predictions
2021 Open Source Governance: Top Ten Trends and Predictions
DevOps.com
 
Don't Panic! Effective Incident Response
Don't Panic! Effective Incident ResponseDon't Panic! Effective Incident Response
Don't Panic! Effective Incident Response
DevOps.com
 
Creating a Culture of Chaos: Chaos Engineering Is Not Just Tools, It's Culture
Creating a Culture of Chaos: Chaos Engineering Is Not Just Tools, It's CultureCreating a Culture of Chaos: Chaos Engineering Is Not Just Tools, It's Culture
Creating a Culture of Chaos: Chaos Engineering Is Not Just Tools, It's Culture
DevOps.com
 
Deliver your App Anywhere … Publicly or Privately
Deliver your App Anywhere … Publicly or PrivatelyDeliver your App Anywhere … Publicly or Privately
Deliver your App Anywhere … Publicly or Privately
DevOps.com
 
The Evolving Role of the Developer in 2021
The Evolving Role of the Developer in 2021The Evolving Role of the Developer in 2021
The Evolving Role of the Developer in 2021
DevOps.com
 
How to Govern Identities and Access in Cloud Infrastructure: AppsFlyer Case S...
How to Govern Identities and Access in Cloud Infrastructure: AppsFlyer Case S...How to Govern Identities and Access in Cloud Infrastructure: AppsFlyer Case S...
How to Govern Identities and Access in Cloud Infrastructure: AppsFlyer Case S...
DevOps.com
 
Elevate Your Enterprise Python and R AI, ML Software Strategy with Anaconda T...
Elevate Your Enterprise Python and R AI, ML Software Strategy with Anaconda T...Elevate Your Enterprise Python and R AI, ML Software Strategy with Anaconda T...
Elevate Your Enterprise Python and R AI, ML Software Strategy with Anaconda T...
DevOps.com
 
Hotels, Hookups and Video Conferencing: A Top 10 Countdown to 2020's Worst Da...
Hotels, Hookups and Video Conferencing: A Top 10 Countdown to 2020's Worst Da...Hotels, Hookups and Video Conferencing: A Top 10 Countdown to 2020's Worst Da...
Hotels, Hookups and Video Conferencing: A Top 10 Countdown to 2020's Worst Da...
DevOps.com
 
How IBM's Massive POWER9 UNIX Servers Benefit from InfluxDB and Grafana Techn...
How IBM's Massive POWER9 UNIX Servers Benefit from InfluxDB and Grafana Techn...How IBM's Massive POWER9 UNIX Servers Benefit from InfluxDB and Grafana Techn...
How IBM's Massive POWER9 UNIX Servers Benefit from InfluxDB and Grafana Techn...
DevOps.com
 
The Importance of Visibility and Security of Critical Applications in Cloud E...
The Importance of Visibility and Security of Critical Applications in Cloud E...The Importance of Visibility and Security of Critical Applications in Cloud E...
The Importance of Visibility and Security of Critical Applications in Cloud E...
DevOps.com
 

Mehr von DevOps.com (20)

Modernizing on IBM Z Made Easier With Open Source Software
Modernizing on IBM Z Made Easier With Open Source SoftwareModernizing on IBM Z Made Easier With Open Source Software
Modernizing on IBM Z Made Easier With Open Source Software
 
Comparing Microsoft SQL Server 2019 Performance Across Various Kubernetes Pla...
Comparing Microsoft SQL Server 2019 Performance Across Various Kubernetes Pla...Comparing Microsoft SQL Server 2019 Performance Across Various Kubernetes Pla...
Comparing Microsoft SQL Server 2019 Performance Across Various Kubernetes Pla...
 
Comparing Microsoft SQL Server 2019 Performance Across Various Kubernetes Pla...
Comparing Microsoft SQL Server 2019 Performance Across Various Kubernetes Pla...Comparing Microsoft SQL Server 2019 Performance Across Various Kubernetes Pla...
Comparing Microsoft SQL Server 2019 Performance Across Various Kubernetes Pla...
 
Vulnerability Discovery in the Cloud
Vulnerability Discovery in the CloudVulnerability Discovery in the Cloud
Vulnerability Discovery in the Cloud
 
2021 Open Source Governance: Top Ten Trends and Predictions
2021 Open Source Governance: Top Ten Trends and Predictions2021 Open Source Governance: Top Ten Trends and Predictions
2021 Open Source Governance: Top Ten Trends and Predictions
 
A New Year’s Ransomware Resolution
A New Year’s Ransomware ResolutionA New Year’s Ransomware Resolution
A New Year’s Ransomware Resolution
 
Don't Panic! Effective Incident Response
Don't Panic! Effective Incident ResponseDon't Panic! Effective Incident Response
Don't Panic! Effective Incident Response
 
Creating a Culture of Chaos: Chaos Engineering Is Not Just Tools, It's Culture
Creating a Culture of Chaos: Chaos Engineering Is Not Just Tools, It's CultureCreating a Culture of Chaos: Chaos Engineering Is Not Just Tools, It's Culture
Creating a Culture of Chaos: Chaos Engineering Is Not Just Tools, It's Culture
 
Role Based Access Controls (RBAC) for SSH and Kubernetes Access with Teleport
Role Based Access Controls (RBAC) for SSH and Kubernetes Access with TeleportRole Based Access Controls (RBAC) for SSH and Kubernetes Access with Teleport
Role Based Access Controls (RBAC) for SSH and Kubernetes Access with Teleport
 
Monitoring Serverless Applications with Datadog
Monitoring Serverless Applications with DatadogMonitoring Serverless Applications with Datadog
Monitoring Serverless Applications with Datadog
 
Deliver your App Anywhere … Publicly or Privately
Deliver your App Anywhere … Publicly or PrivatelyDeliver your App Anywhere … Publicly or Privately
Deliver your App Anywhere … Publicly or Privately
 
Securing medical apps in the age of covid final
Securing medical apps in the age of covid finalSecuring medical apps in the age of covid final
Securing medical apps in the age of covid final
 
How to Build a Healthy On-Call Culture
How to Build a Healthy On-Call CultureHow to Build a Healthy On-Call Culture
How to Build a Healthy On-Call Culture
 
The Evolving Role of the Developer in 2021
The Evolving Role of the Developer in 2021The Evolving Role of the Developer in 2021
The Evolving Role of the Developer in 2021
 
Secure Data Sharing in OpenShift Environments
Secure Data Sharing in OpenShift EnvironmentsSecure Data Sharing in OpenShift Environments
Secure Data Sharing in OpenShift Environments
 
How to Govern Identities and Access in Cloud Infrastructure: AppsFlyer Case S...
How to Govern Identities and Access in Cloud Infrastructure: AppsFlyer Case S...How to Govern Identities and Access in Cloud Infrastructure: AppsFlyer Case S...
How to Govern Identities and Access in Cloud Infrastructure: AppsFlyer Case S...
 
Elevate Your Enterprise Python and R AI, ML Software Strategy with Anaconda T...
Elevate Your Enterprise Python and R AI, ML Software Strategy with Anaconda T...Elevate Your Enterprise Python and R AI, ML Software Strategy with Anaconda T...
Elevate Your Enterprise Python and R AI, ML Software Strategy with Anaconda T...
 
Hotels, Hookups and Video Conferencing: A Top 10 Countdown to 2020's Worst Da...
Hotels, Hookups and Video Conferencing: A Top 10 Countdown to 2020's Worst Da...Hotels, Hookups and Video Conferencing: A Top 10 Countdown to 2020's Worst Da...
Hotels, Hookups and Video Conferencing: A Top 10 Countdown to 2020's Worst Da...
 
How IBM's Massive POWER9 UNIX Servers Benefit from InfluxDB and Grafana Techn...
How IBM's Massive POWER9 UNIX Servers Benefit from InfluxDB and Grafana Techn...How IBM's Massive POWER9 UNIX Servers Benefit from InfluxDB and Grafana Techn...
How IBM's Massive POWER9 UNIX Servers Benefit from InfluxDB and Grafana Techn...
 
The Importance of Visibility and Security of Critical Applications in Cloud E...
The Importance of Visibility and Security of Critical Applications in Cloud E...The Importance of Visibility and Security of Critical Applications in Cloud E...
The Importance of Visibility and Security of Critical Applications in Cloud E...
 

Kürzlich hochgeladen

Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
panagenda
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
WSO2
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Victor Rentea
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Victor Rentea
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
?#DUbAI#??##{{(☎️+971_581248768%)**%*]'#abortion pills for sale in dubai@
 

Kürzlich hochgeladen (20)

Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Six Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal OntologySix Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal Ontology
 
[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challenges
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)
 
Understanding the FAA Part 107 License ..
Understanding the FAA Part 107 License ..Understanding the FAA Part 107 License ..
Understanding the FAA Part 107 License ..
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 

Service Mesh: Two Big Words But Do You Need It?

  • 1. Service Mesh TWO BIG WORDS BUT DO YOU NEED IT?
  • 2. | ©2020 F52 About Speaker - 10 years working with distributed systems. - Long time NGINX user, joined NGINX team early 2020 Ravi Vagadia - Solutions Engineer, F5 (NGINX BU) @ravirdv https://www.linkedin.com/in/ravi-vagadia/
  • 3. | ©2020 F53 Agenda • Modern Application Overview • What is a Service Mesh? • What does a Service Mesh solve? • When do you need it?
  • 4. | ©2020 F54 Modern Application Overview
  • 5. | ©2020 F55 Kubernetes becoming platform for developing, testing and running applications Traditional CI/CD products being retrofitted to run on Kubernetes Emergenceof Kubernetes-native CI/CD tools for defining and running pipelines on Kubernetes using native Kubernetes constructs Portability makes this particularly attractive Kubernetes in production is growing rapidly NGINX Survey: about half of customers use Kubernetes in production CNCF 2019 survey: 84% use containers in production What we see in the market KUBERNETES-CENTRIC PERSPECTIVE SOURCE: INFORMATIONEXAMPLE Adoption of managed and commercial Kubernetes platforms We see rapid adoption of OpenShiftand Rancher in the private cloud space EKS and GKE adoption in public cloud
  • 6. 42% Actively using Microservices in Production 37% Investigating or using in pre-production NGINX User Survey 2018, 2019 Who is using Microservices in Production?
  • 7. | ©2020 F57 ModernApps Require a ModernArchitecture From Monolithic ... ... to Dynamic Three-tier, J2EE-style architectures Complex protocols (HTML, SOAP) Persistent deployments Fixed, static Infrastructure Big-bang releases Silo’ed teams (Dev, Test, Ops) Microservices Lightweight (REST, gRPC, GraphQL) Containers, VMs, Functions Infrastructure as Code Continuous delivery DevOps Culture
  • 8. | ©2020 F58 Operating a distributed application is hard Static, Predictable Monolith: Dynamic, Distributed App: Fast, reliable function calls Local debugging Local profiling Calendared, big-bang upgrades ‘Integration hell’ contained in dev Slow, unreliable API calls Distributed fault finding Distributed tracing In-place dynamic updates ‘Continuous integration’ live in prod More things can go wrong, it’s harder to find the faults, everything happens live
  • 9. | ©2020 F59 What’s In A Service Mesh!
  • 10. | ©2020 F510 WHAT’S MISSING IN K8S AND WHAT DO YOU REALLY WANT AND NEED FROM A MESH? What Is A Service Mesh? Service mesh aims to improve application traffic control, observability and security for distributed systems. - The New Stack
  • 11. | ©2020 F511 L7 Logic (Ingress) L3-L4 Networking L3 – L7 Network Management == Service Mesh An Overly Simplified Picture
  • 12. | ©2020 F512 WHAT’S MISSING IN K8S AND WHAT DO YOU REALLY WANT AND NEED FROM A MESH? What Is A Service Mesh? • A service mesh adds L7 traffic management & security: • sidecar deployment • policy management • application availability/health, • Service mesh isn’t just one “thing”, it’s a lot of managed and dependent components • Takes over where K8s networking stops (service/pod IP endpoints) • “Traffic management for containers”
  • 13. | ©2020 F513 What DoesA Service Mesh Do? Service Mesh controls communications between pods and external apps Secure Traffic End-to-end encryption (Mutual TLS / mTLS), ACLs Manage All Service Traffic Load Balance, Circuit breaker, B|G, Rate Limiting… Orchestration Injection and sidecar management, K8s API integration Measure Traffic Generate transaction traces and real-time monitoring
  • 14. | ©2020 F514 What Is A Sidecar? A Sidecar is a containerized service that another containerized service depends on for some function: “Helper Containers” • Not just networking, can be used for any separationof process:API GW, logging, data mining, etc. In our world, a Sidecar would be a reverse proxy that sits beside an application service container (in the same pod) and provides all inbound and outbound network routing to that application container App Pod
  • 15. | ©2020 F515 HowAre Sidecars Deployed? Separate Container In The App Pod • The separate container is attached to the app service container in a pod • Networking in the app container is altered via a policy from the mesh that tells the app “You can only talk to your sidecar for network access.” • Policy and architecture are defined and orchestrated via the control plane,managed with a combo of ConfigMap and control plane. • A Service Mesh takes care of auto-associating the sidecar with the app container in the same pod via Sidecar Injection App Pod
  • 16. | ©2020 F516 Use Cases – Securing InternalTraffic (mTLS) Pod A Pod B Pod A Pod B NSM Traffic Flow Without Service Mesh: Traffic Flow With Service Mesh:
  • 17. | ©2020 F517 Use Cases – Control Traffic Flow Target-svc Target-v1 Target-v2 0% 100%
  • 18. | ©2020 F518 Use Cases – Telemetry | Tracing Pod A Pod B Pod C
  • 19. | ©2020 F519 Service Mesh Policies © 2017 F5 Networks Network Policy • Serviceto servicerouting • Serviceavailability • Servicediscovery Access Policy • IP allow/deny • Allow/Deny • JWT Security Policy • SSL/mTLSTermination • DDoS • WAF E F THE MOST IMPORTANT (AND DIFFICULT) PART
  • 20. | ©2020 F520 NSM Service Mesh The “Data Plane” Service Mesh
  • 21. | ©2020 F521 What is the NGINX Service Mesh? Data Plane East/West traffic Control Plane Management Plane Infrastructure Kubernetes VMware AWS Bare Metal SVC SVCSVCSVCSVC SVC Conf DbKubernetes Service Registry Inventory VMware, AWS… Inventory
  • 22. | ©2020 F522 What is the NGINX Service Mesh? Data Plane East/West traffic Control Plane Management Plane Infrastructure Kubernetes VMware AWS Bare Metal Conf DbKubernetes Service Registry Inventory VMware, AWS… Inventory SVC SVCSVCSVCSVC SVC
  • 23. | ©2020 F523 What is the NGINX Service Mesh? Data Plane East/West traffic Control Plane Management Plane Infrastructure Kubernetes VMware AWS Bare Metal NGINX Service Mesh control plane SVC SVCSVCSVCSVC SVC Topology Policies Conf DbKubernetes Service Registry Inventory VMware, AWS… InventoryCLI / API $>_
  • 24. | ©2020 F524 What is the NGINX Service Mesh? Data Plane East/West traffic Control Plane Management Plane Infrastructure Kubernetes VMware AWS Bare Metal NGINX Service Mesh control plane Topology Policies Conf DbKubernetes Service Registry Inventory VMware, AWS… Inventory SPIRE SVC SVCSVCSVCSVC SVC CLI / API $>_
  • 25. | ©2020 F525 What is the NGINX Service Mesh? Data Plane East/West traffic Control Plane Management Plane Infrastructure Kubernetes VMware AWS Bare Metal NGINX Service Mesh control plane Topology Policies Conf DbKubernetes Service Registry Inventory VMware, AWS… Inventory SPIRE Grafana OpenTracing SVC SVCSVCSVCSVC SVC CLI / API $>_
  • 26. | ©2020 F526 What is the NGINX Service Mesh? Data Plane East/West traffic Control Plane Management Plane Infrastructure Kubernetes VMware AWS Bare Metal NGINX Service Mesh control plane Topology Policies Conf DbKubernetes Service Registry Inventory VMware, AWS… Inventory SPIRE Grafana OpenTracing SVC SVCSVCSVCSVC SVC CLI / API $>_ NGINX Ingress NGINX Egress
  • 27. | ©2020 F527 What is the NGINX Service Mesh? Data Plane East/West traffic Control Plane Management Plane Infrastructure Kubernetes VMware AWS Bare Metal NGINX Service Mesh control plane Topology Policies Conf DbKubernetes Service Registry Inventory VMware, AWS… Inventory SPIRE Grafana OpenTracing NGINX Controller Centralized management Service Mesh connector Integrations SVC SVCSVCSVCSVC SVC CLI / API $>_ NGINX Ingress NGINX Egress
  • 28. | ©2020 F528 NSM Components • NSM runs within a K8s cluster • Securely manages ingress/egress traffic to external services • Can be deployed in any K8s cluster platform
  • 29. | ©2020 F529 NSM Features
  • 30. | ©2020 F530 Security • Zero-trust model • mTLS enforcement • Service identity • Access control CRDs • Access control via mTLS • Single source of truth for network (K8s) and identity (Spire) • Ingress mTLS • Egress opt-in allowlist SVC
  • 31. | ©2020 F531 Integrated N/S Ingress/Egress • NGINX Plus for sidecars and KIC • Ingress traffic treated as S2S service traffic • Full integration with Spire identity and SSL key store • mTLS for ingress into NSM • Egress name service support
  • 32. | ©2020 F532 Traffic Management • Full support for microservice traffic models − Circuit Breaker − Blue/Green − Canary − Weighted distribution • Rate shaping and QoS/priority queueing • Container-based load balancing • Dynamic service availability • SSL keepalive for performance SVC
  • 33. | ©2020 F533 Lightweight andAgile • Control plane designed to optimize NGINX Plus data plane • Standards-based: SPIFFE, SMI- spec • Single CLI for management of all mesh services • CI/CD pipeline’able for orchestrated deployment and policy management
  • 35. | ©2020 F535 A reality check… Service Mesh technology addresses one specific set of problems It’s not a magic bullet that makes all applications ‘better’ There are many other, well-proven ways to address the same problems Service Mesh technology is very complex ever-evolving Cost of operating a mesh in production can be high, and there can be many risks
  • 36. | ©2020 F536 WhenAm I Ready For A Service Mesh? ✓ You have a mature, fully-automated CI/CD pipeline (GitOps-enabled) ✓ You are fully invested in microservices and using Kubernetes ✓ You are deploying frequently to production (at least once per day) ✓ You have a zero-trust production environment (so need mTLS) ✓ You need/want additional visibility of container traffic interaction
  • 37. | ©2020 F537 • Flexible Traffic Management • Secure Internal Communication • In-depth monitoring and distributed tracing • NGINX Service Mesh is available as free download,check this link for more info : NGINX Service Mesh CONFIDENTIAL Download NGINX Service Mesh