SlideShare ist ein Scribd-Unternehmen logo

Rethinking Cloud Proxies

Als PPTX, PDF herunterladen
Mikey Cohen - Hiring Amazing Engineers
Mikey Cohen - Hiring Amazing Engineers

An edge gateway is an essential piece of infrastructure for large scale cloud based services. This presentation details the purpose, benefits and use cases for an edge gateway to provide security, traffic management and cloud cross region resiliency. How a gateway can be used to enhance continuous deployment, and help testing of new service versions and get service insights and more are discussed. Philosophical and architectural approaches to what belongs in a gateway vs what should be in services will be discussed. Real examples of how gateway services are used in front of nearly all of Netflix's consumer facing traffic will show how gateway infrastructure is used in real highly available, massive scale services.

Ingenieurwesen
1 von 56
A Cloud Gateway - A Large Scale Company’s First Line of Defense Mikey Cohen Manager - Edge Gateway Netflix
Today, more than 36% of North America’s internet traffic is controlled by systems in the Amazon Cloud
Global Streaming of TV Shows and Movies
Nearly 70 Million Subscribers In over 80 Countries
Netflix accounts for over 36% of Downstream Traffic in North America
From the Internet to Services in the Cloud Gateway Gateway ????? Origin (API) Origin (API) API Origin (API) Origin (API) Website
Our Edge Gateway @ Netflix Handles most netflix.com hosts Over 20 production Zuul clusters ~ 50 elbs Gateway handles ~10 origin services
Netflix Gateway Scale Tens of billions of requests per day 3 AWS regions Over 1000 device types Hundreds of permutations of protocols and device versions
Success Evolution Scale Failure Our Journey
So What!? - Change your perspective!!
Traditional Cloud Proxy Mission Simple static rule-based routing API portal Request authentication Throttling - request caps Monitoring Caching
The Gateway - a grown-up proxy! ●Dynamic routing ●Deep Insights ●Load balancing ●Availability focused ●Service protection ●Quality assurance tool
Evolving to a Gateway
Netflix’s Public API Late 2008 Mashery Datacenter
Streaming Devices using public API Early Streaming Devices - 2009 Windows Media Center XBox PS3
Migration to AWS 2010 Sonoa / Apigee proxy Device traffic, not public Controlling DC -> cloud migration Running in AWS Under Netflix control
Streaming Success 2011 Chaos Complexity Failure Success Leveraging Cloud benefits
Anti-patterns of most cloud proxies Static configurations Service push needed to change behavior Limited range of functionality Limited to HTTP
Zuul Created 2012 Dynamically injected and compiled filters Manipulate requests and responses Headers / Body / etc Change routing Add metrics and other functions Built on Netflix’s OSS stack Open Sourced
Zuul - A Victim of Success Easy and convenient Instant results High adoption Happy customers Business logic in proxy Affects system resiliency Zuul team in critical path
Creating a Gateway Strategy
Principles of Netflix’s Gateway Strategy Creative Routing Dynamic Routing Delivery Focused Traffic Shaping React Fast Insights
Creative Routing - Subclusters with Purpose Gateway Gateway Gateway Origin (API) v1 v2 test debug Instrumented squeeze “sticky” canarybaseline “sticky” baseline v1 v2 test debug baseline canary “sticky” canary “sticky” baselineFIT Instrumented squeeze
Red / Green Deployments Gateway Gateway Gateway Origin (API) v1 v2 test debug canary Instrumented squeeze “sticky” canarybaseline “sticky” baseline v1 v2 test debug baseline canary “sticky” canary “sticky” baselineFIT Instrumented Instrumented squeeze squeeze
Developer Test Branches Gateway Gateway Gateway Origin (API) v1 v2 test debug canary Instrumented squeeze “sticky” canarybaseline “sticky” baseline v1 v2 test debug baseline canary “sticky” canary “sticky” baselineFIT Instrumented Instrumented squeeze squeeze
Instrumented Clusters Gateway Gateway Gateway Origin (API) v1 v2 test debug canary Instrumented squeeze “sticky” canarybaseline “sticky” baseline v1 v2 test debug baseline canary “sticky” canary “sticky” baselineFIT Instrumented squeeze squeeze
Squeeze Testing Gateway Gateway Gateway Origin (API) v1 v2 test debug canary Instrumented squeeze “sticky” canarybaseline “sticky” baseline v1 v2 test debug baseline canary “sticky” canary “sticky” baselineFIT Instrumented squeeze
Targeted Routing Gateway Gateway Gateway Origin (API) v1 v2 test debug canary Instrumented squeeze “sticky” canarybaseline “sticky” baseline v1 v2 test debu g baseline canary “sticky” canary “sticky” baselineFIT Instrumented squeeze
Service “Canarying” Gateway Gateway Gateway Origin (API) v1 v2 test debug canary Instrumented squeeze “sticky” canarybaseline “sticky” baseline v1 v2 test debug baseline canary “sticky” canary “sticky” baselineFIT Instrumented squeeze squeeze
“Sticky” Canary Gateway Gateway Gateway Origin (API) v1 v2 test debug canary Instrumented squeeze “sticky” canarybaseline “sticky” baseline v1 v2 test debug baseline canary “sticky” canary “sticky” baselineFIT Instrumented squeeze squeeze
Failure Injection Testing Gateway Gateway Gateway Origin (API) v1 v2 test debug Instrumented squeeze “sticky” canarybaseline “sticky” baseline v1 v2 test debug baseline canary “sticky” canary “sticky” baselineFIT Instrumented squeeze squeeze
Degraded Experience Testing Gateway Gateway Gateway Origin (API) v1 v2 test debug Instrumented squeeze “sticky” canarybaseline “sticky” baseline v1 v2 test debug baseline canary “sticky” canary “sticky” baselineFIT Instrumented squeeze squeeze
Traffic Shaping
A Global Cloud Deployment Persistence Tier Business services Tier Presentation Tier Network Tier Websites API Proxy DB Persistence Tier Business services Tier Presentation Tier Network Tier Websites API Proxy DB Persistence Tier Business services Tier Presentation Tier Network Tier Websites API Proxy DB
Global Cloud Routing Persistence Tier Business services Tier Presentation Tier Network Tier Websites API Proxy DB Persistence Tier Business services Tier Presentation Tier Network Tier Websites API Proxy DB Persistence Tier Business services Tier Presentation Tier Network Tier Websites API Proxy DB
A Failing region Persistence Tier Business services Tier Presentation Tier Network Tier Websites API Proxy DB Persistence Tier Business services Tier Presentation Tier Network Tier Websites API Proxy DB Persistence Tier Business services Tier Presentation Tier Network Tier Websites API Proxy DB
Gateway routing to other regions Persistence Tier Business services Tier Presentation Tier Network Tier Websites API Proxy DB Persistence Tier Business services Tier Presentation Tier Network Tier Websites API Proxy DB Persistence Tier Business services Tier Presentation Tier Network Tier Websites API Proxy DB
Attack prevention Gateway Gateway Gateway Origin (API) Origin (API) API Origin (API) Origin (API) Website
Smart Load Balancing Gateway Gateway Gateway Origin (API)
Smart Load Balancing - Bad Nodes Gateway Gateway Gateway Origin (API)
Gateway Backoff and Blacklists Bad Nodes Gateway Gateway Gateway Origin (API)
Zone Failure - Blacklist the Zone automatically Gateway Gateway Gateway Origin (API)
React Quickly - Runtime Filter changes Gateway Gateway Gateway Origin (API) Origin (API) API Origin (API) Origin (API) Website Runtime Policy Injection
A Room with a View - Insights Gateway Gateway Gateway Origin (API) Origin (API) API Origin (API) Origin (API) Website Insights
What’s Next for Netflix’s Gateway? Gateway as a service Self-service dynamic routing / route validation Control APIs for special routing functions Netty Based Zuul (using RxNetty) Handling persistent connections non-blocking, async Transport protocol agnostic routing Reactive Socket http://reactivesocket.io/
Top Ten Lessons Learned
Build for handling Failures
Expect the Unexpected
Using Routing Creatively
Shard to Reduce Blast Radius
Devices are Weird Protocols are Weird
Devices are Forever Protocols are Forever
It will be built “wrong”
Keep Business Logic out of your Gateway
For More Info... Zuul OSS Netflix Tech Blog RxNetty Jobs

Empfohlen

Scaling Push Messaging for Millions of Netflix Devices
Scaling Push Messaging for Millions of Netflix DevicesScaling Push Messaging for Millions of Netflix Devices
Scaling Push Messaging for Millions of Netflix DevicesSusheel Aroskar
 
Zuul @ Netflix SpringOne Platform
Zuul @ Netflix SpringOne PlatformZuul @ Netflix SpringOne Platform
Zuul @ Netflix SpringOne PlatformMikey Cohen - Hiring Amazing Engineers
 
Service Mesh on Kubernetes with Istio
Service Mesh on Kubernetes with IstioService Mesh on Kubernetes with Istio
Service Mesh on Kubernetes with IstioMichelle Holley
 
Observability on Kubernetes - High Availability on Prometheus
Observability on Kubernetes - High Availability on PrometheusObservability on Kubernetes - High Availability on Prometheus
Observability on Kubernetes - High Availability on PrometheusJulian Alarcon Alarcon
 
Edge architecture ieee international conference on cloud engineering
Edge architecture ieee international conference on cloud engineeringEdge architecture ieee international conference on cloud engineering
Edge architecture ieee international conference on cloud engineeringMikey Cohen - Hiring Amazing Engineers
 
Introduction to openshift
Introduction to openshiftIntroduction to openshift
Introduction to openshiftMamathaBusi
 
Istio service mesh introduction
Istio service mesh introductionIstio service mesh introduction
Istio service mesh introductionKyohei Mizumoto
 
Open shift 4 infra deep dive
Open shift 4 infra deep diveOpen shift 4 infra deep dive
Open shift 4 infra deep diveWinton Winton
 

Empfohlen

Scaling Push Messaging for Millions of Netflix Devices
Scaling Push Messaging for Millions of Netflix DevicesScaling Push Messaging for Millions of Netflix Devices
Scaling Push Messaging for Millions of Netflix DevicesSusheel Aroskar
 
Zuul @ Netflix SpringOne Platform
Zuul @ Netflix SpringOne PlatformZuul @ Netflix SpringOne Platform
Zuul @ Netflix SpringOne PlatformMikey Cohen - Hiring Amazing Engineers
 
Service Mesh on Kubernetes with Istio
Service Mesh on Kubernetes with IstioService Mesh on Kubernetes with Istio
Service Mesh on Kubernetes with IstioMichelle Holley
 
Observability on Kubernetes - High Availability on Prometheus
Observability on Kubernetes - High Availability on PrometheusObservability on Kubernetes - High Availability on Prometheus
Observability on Kubernetes - High Availability on PrometheusJulian Alarcon Alarcon
 
Edge architecture ieee international conference on cloud engineering
Edge architecture ieee international conference on cloud engineeringEdge architecture ieee international conference on cloud engineering
Edge architecture ieee international conference on cloud engineeringMikey Cohen - Hiring Amazing Engineers
 
Introduction to openshift
Introduction to openshiftIntroduction to openshift
Introduction to openshiftMamathaBusi
 
Istio service mesh introduction
Istio service mesh introductionIstio service mesh introduction
Istio service mesh introductionKyohei Mizumoto
 
Open shift 4 infra deep dive
Open shift 4 infra deep diveOpen shift 4 infra deep dive
Open shift 4 infra deep diveWinton Winton
 
Pivotal Container Service Overview
Pivotal Container Service Overview Pivotal Container Service Overview
Pivotal Container Service Overview VMware Tanzu
 
Istio : Service Mesh
Istio : Service MeshIstio : Service Mesh
Istio : Service MeshKnoldus Inc.
 
Microservices
MicroservicesMicroservices
MicroservicesStephan Lindauer
 
Building an Event Streaming Architecture with Apache Pulsar
Building an Event Streaming Architecture with Apache PulsarBuilding an Event Streaming Architecture with Apache Pulsar
Building an Event Streaming Architecture with Apache PulsarScyllaDB
 
Drive into calico architecture
Drive into calico architectureDrive into calico architecture
Drive into calico architectureAnirban Sen Chowdhary
 
Dataflow with Apache NiFi
Dataflow with Apache NiFiDataflow with Apache NiFi
Dataflow with Apache NiFiDataWorks Summit/Hadoop Summit
 
OpenTelemetry For Operators
OpenTelemetry For OperatorsOpenTelemetry For Operators
OpenTelemetry For OperatorsKevin Brockhoff
 
OpenStack vs VMware vCloud
OpenStack vs VMware vCloudOpenStack vs VMware vCloud
OpenStack vs VMware vCloudRoozbeh Shafiee
 
Optimizing Kubernetes Resource Requests/Limits for Cost-Efficiency and Latenc...
Optimizing Kubernetes Resource Requests/Limits for Cost-Efficiency and Latenc...Optimizing Kubernetes Resource Requests/Limits for Cost-Efficiency and Latenc...
Optimizing Kubernetes Resource Requests/Limits for Cost-Efficiency and Latenc...Henning Jacobs
 
Introduction to Apache NiFi 1.11.4
Introduction to Apache NiFi 1.11.4Introduction to Apache NiFi 1.11.4
Introduction to Apache NiFi 1.11.4Timothy Spann
 
Red Hat OpenShift Container Platform Overview
Red Hat OpenShift Container Platform OverviewRed Hat OpenShift Container Platform Overview
Red Hat OpenShift Container Platform OverviewJames Falkner
 
OpenShift 4 installation
OpenShift 4 installationOpenShift 4 installation
OpenShift 4 installationRobert Bohne
 
AWS Connectivity, VPC Design and Security Pro Tips
AWS Connectivity, VPC Design and Security Pro TipsAWS Connectivity, VPC Design and Security Pro Tips
AWS Connectivity, VPC Design and Security Pro TipsShiva Narayanaswamy
 
Neutron packet logging framework
Neutron packet logging frameworkNeutron packet logging framework
Neutron packet logging frameworkVietnam Open Infrastructure User Group
 
Room 3 - 1 - Nguyễn Xuân Trường Lâm - Zero touch on-premise storage infrastru...
Room 3 - 1 - Nguyễn Xuân Trường Lâm - Zero touch on-premise storage infrastru...Room 3 - 1 - Nguyễn Xuân Trường Lâm - Zero touch on-premise storage infrastru...
Room 3 - 1 - Nguyễn Xuân Trường Lâm - Zero touch on-premise storage infrastru...Vietnam Open Infrastructure User Group
 
OpenStack Architecture
OpenStack ArchitectureOpenStack Architecture
OpenStack ArchitectureMirantis
 
Cloud Native Identity with SPIFFE
Cloud Native Identity with SPIFFECloud Native Identity with SPIFFE
Cloud Native Identity with SPIFFEPrabath Siriwardena
 
HelloCloud.io - Introduction to IaC & Terraform
HelloCloud.io - Introduction to IaC & TerraformHelloCloud.io - Introduction to IaC & Terraform
HelloCloud.io - Introduction to IaC & TerraformHello Cloud
 
StarlingX - A Platform for the Distributed Edge | Ildiko Vancsa
StarlingX - A Platform for the Distributed Edge | Ildiko VancsaStarlingX - A Platform for the Distributed Edge | Ildiko Vancsa
StarlingX - A Platform for the Distributed Edge | Ildiko VancsaVietnam Open Infrastructure User Group
 
Introduction to the Container Network Interface (CNI)
Introduction to the Container Network Interface (CNI)Introduction to the Container Network Interface (CNI)
Introduction to the Container Network Interface (CNI)Weaveworks
 
What is a Service Mesh and what can it do for your Microservices
What is a Service Mesh and what can it do for your MicroservicesWhat is a Service Mesh and what can it do for your Microservices
What is a Service Mesh and what can it do for your MicroservicesMatt Turner
 
Stranger Things: The Forces that Disrupt Netflix
Stranger Things: The Forces that Disrupt NetflixStranger Things: The Forces that Disrupt Netflix
Stranger Things: The Forces that Disrupt NetflixC4Media
 

Weitere ähnliche Inhalte

Was ist angesagt?

Pivotal Container Service Overview
Pivotal Container Service Overview Pivotal Container Service Overview
Pivotal Container Service Overview VMware Tanzu
 
Istio : Service Mesh
Istio : Service MeshIstio : Service Mesh
Istio : Service MeshKnoldus Inc.
 
Building an Event Streaming Architecture with Apache Pulsar
Building an Event Streaming Architecture with Apache PulsarBuilding an Event Streaming Architecture with Apache Pulsar
Building an Event Streaming Architecture with Apache PulsarScyllaDB
 
OpenTelemetry For Operators
OpenTelemetry For OperatorsOpenTelemetry For Operators
OpenTelemetry For OperatorsKevin Brockhoff
 
OpenStack vs VMware vCloud
OpenStack vs VMware vCloudOpenStack vs VMware vCloud
OpenStack vs VMware vCloudRoozbeh Shafiee
 
Optimizing Kubernetes Resource Requests/Limits for Cost-Efficiency and Latenc...
Optimizing Kubernetes Resource Requests/Limits for Cost-Efficiency and Latenc...Optimizing Kubernetes Resource Requests/Limits for Cost-Efficiency and Latenc...
Optimizing Kubernetes Resource Requests/Limits for Cost-Efficiency and Latenc...Henning Jacobs
 
Introduction to Apache NiFi 1.11.4
Introduction to Apache NiFi 1.11.4Introduction to Apache NiFi 1.11.4
Introduction to Apache NiFi 1.11.4Timothy Spann
 
Red Hat OpenShift Container Platform Overview
Red Hat OpenShift Container Platform OverviewRed Hat OpenShift Container Platform Overview
Red Hat OpenShift Container Platform OverviewJames Falkner
 
OpenShift 4 installation
OpenShift 4 installationOpenShift 4 installation
OpenShift 4 installationRobert Bohne
 
AWS Connectivity, VPC Design and Security Pro Tips
AWS Connectivity, VPC Design and Security Pro TipsAWS Connectivity, VPC Design and Security Pro Tips
AWS Connectivity, VPC Design and Security Pro TipsShiva Narayanaswamy
 
Room 3 - 1 - Nguyễn Xuân Trường Lâm - Zero touch on-premise storage infrastru...
Room 3 - 1 - Nguyễn Xuân Trường Lâm - Zero touch on-premise storage infrastru...Room 3 - 1 - Nguyễn Xuân Trường Lâm - Zero touch on-premise storage infrastru...
Room 3 - 1 - Nguyễn Xuân Trường Lâm - Zero touch on-premise storage infrastru...Vietnam Open Infrastructure User Group
 
OpenStack Architecture
OpenStack ArchitectureOpenStack Architecture
OpenStack ArchitectureMirantis
 
Cloud Native Identity with SPIFFE
Cloud Native Identity with SPIFFECloud Native Identity with SPIFFE
Cloud Native Identity with SPIFFEPrabath Siriwardena
 
HelloCloud.io - Introduction to IaC & Terraform
HelloCloud.io - Introduction to IaC & TerraformHelloCloud.io - Introduction to IaC & Terraform
HelloCloud.io - Introduction to IaC & TerraformHello Cloud
 
Introduction to the Container Network Interface (CNI)
Introduction to the Container Network Interface (CNI)Introduction to the Container Network Interface (CNI)
Introduction to the Container Network Interface (CNI)Weaveworks
 

Was ist angesagt? (20)

Pivotal Container Service Overview
Pivotal Container Service Overview Pivotal Container Service Overview
Pivotal Container Service Overview
 
Istio : Service Mesh
Istio : Service MeshIstio : Service Mesh
Istio : Service Mesh
 
Microservices
MicroservicesMicroservices
Microservices
 
Building an Event Streaming Architecture with Apache Pulsar
Building an Event Streaming Architecture with Apache PulsarBuilding an Event Streaming Architecture with Apache Pulsar
Building an Event Streaming Architecture with Apache Pulsar
 
Drive into calico architecture
Drive into calico architectureDrive into calico architecture
Drive into calico architecture
 
Dataflow with Apache NiFi
Dataflow with Apache NiFiDataflow with Apache NiFi
Dataflow with Apache NiFi
 
OpenTelemetry For Operators
OpenTelemetry For OperatorsOpenTelemetry For Operators
OpenTelemetry For Operators
 
OpenStack vs VMware vCloud
OpenStack vs VMware vCloudOpenStack vs VMware vCloud
OpenStack vs VMware vCloud
 
Optimizing Kubernetes Resource Requests/Limits for Cost-Efficiency and Latenc...
Optimizing Kubernetes Resource Requests/Limits for Cost-Efficiency and Latenc...Optimizing Kubernetes Resource Requests/Limits for Cost-Efficiency and Latenc...
Optimizing Kubernetes Resource Requests/Limits for Cost-Efficiency and Latenc...
 
Introduction to Apache NiFi 1.11.4
Introduction to Apache NiFi 1.11.4Introduction to Apache NiFi 1.11.4
Introduction to Apache NiFi 1.11.4
 
Red Hat OpenShift Container Platform Overview
Red Hat OpenShift Container Platform OverviewRed Hat OpenShift Container Platform Overview
Red Hat OpenShift Container Platform Overview
 
OpenShift 4 installation
OpenShift 4 installationOpenShift 4 installation
OpenShift 4 installation
 
AWS Connectivity, VPC Design and Security Pro Tips
AWS Connectivity, VPC Design and Security Pro TipsAWS Connectivity, VPC Design and Security Pro Tips
AWS Connectivity, VPC Design and Security Pro Tips
 
Neutron packet logging framework
Neutron packet logging frameworkNeutron packet logging framework
Neutron packet logging framework
 
Room 3 - 1 - Nguyễn Xuân Trường Lâm - Zero touch on-premise storage infrastru...
Room 3 - 1 - Nguyễn Xuân Trường Lâm - Zero touch on-premise storage infrastru...Room 3 - 1 - Nguyễn Xuân Trường Lâm - Zero touch on-premise storage infrastru...
Room 3 - 1 - Nguyễn Xuân Trường Lâm - Zero touch on-premise storage infrastru...
 
OpenStack Architecture
OpenStack ArchitectureOpenStack Architecture
OpenStack Architecture
 
Cloud Native Identity with SPIFFE
Cloud Native Identity with SPIFFECloud Native Identity with SPIFFE
Cloud Native Identity with SPIFFE
 
HelloCloud.io - Introduction to IaC & Terraform
HelloCloud.io - Introduction to IaC & TerraformHelloCloud.io - Introduction to IaC & Terraform
HelloCloud.io - Introduction to IaC & Terraform
 
StarlingX - A Platform for the Distributed Edge | Ildiko Vancsa
StarlingX - A Platform for the Distributed Edge | Ildiko VancsaStarlingX - A Platform for the Distributed Edge | Ildiko Vancsa
StarlingX - A Platform for the Distributed Edge | Ildiko Vancsa
 
Introduction to the Container Network Interface (CNI)
Introduction to the Container Network Interface (CNI)Introduction to the Container Network Interface (CNI)
Introduction to the Container Network Interface (CNI)
 

Ähnlich wie Rethinking Cloud Proxies

What is a Service Mesh and what can it do for your Microservices
What is a Service Mesh and what can it do for your MicroservicesWhat is a Service Mesh and what can it do for your Microservices
What is a Service Mesh and what can it do for your MicroservicesMatt Turner
 
Stranger Things: The Forces that Disrupt Netflix
Stranger Things: The Forces that Disrupt NetflixStranger Things: The Forces that Disrupt Netflix
Stranger Things: The Forces that Disrupt NetflixC4Media
 
Evolving big microservice architectures
Evolving big microservice architecturesEvolving big microservice architectures
Evolving big microservice architecturesNikolay Stoitsev
 
Maintaining the Front Door to Netflix : The Netflix API
Maintaining the Front Door to Netflix : The Netflix APIMaintaining the Front Door to Netflix : The Netflix API
Maintaining the Front Door to Netflix : The Netflix APIDaniel Jacobson
 
QConSF2016-JoshEvans-MasteringChaosANetflixGuidetoMicroservices-compressed.pdf
QConSF2016-JoshEvans-MasteringChaosANetflixGuidetoMicroservices-compressed.pdfQConSF2016-JoshEvans-MasteringChaosANetflixGuidetoMicroservices-compressed.pdf
QConSF2016-JoshEvans-MasteringChaosANetflixGuidetoMicroservices-compressed.pdfSimranjyotSuri
 
Testing applications with traffic control in containers / Alban Crequy (Kinvolk)
Testing applications with traffic control in containers / Alban Crequy (Kinvolk)Testing applications with traffic control in containers / Alban Crequy (Kinvolk)
Testing applications with traffic control in containers / Alban Crequy (Kinvolk)Ontico
 
Mastering Chaos - A Netflix Guide to Microservices
Mastering Chaos - A Netflix Guide to MicroservicesMastering Chaos - A Netflix Guide to Microservices
Mastering Chaos - A Netflix Guide to MicroservicesJosh Evans
 
AWS Serverless API Management - Meetup
AWS Serverless API Management - MeetupAWS Serverless API Management - Meetup
AWS Serverless API Management - MeetupSamuel Vandecasteele
 
Let’s get Connected_ Exploring Connectivity in your Cloud Journey
Let’s get Connected_ Exploring Connectivity in your Cloud JourneyLet’s get Connected_ Exploring Connectivity in your Cloud Journey
Let’s get Connected_ Exploring Connectivity in your Cloud JourneyAmazon Web Services
 
Netflix Women Living on the "Edge" - WiT event
Netflix Women Living on the "Edge" - WiT eventNetflix Women Living on the "Edge" - WiT event
Netflix Women Living on the "Edge" - WiT eventSangeeta Narayanan
 
Best practices for enterprise-grade microservices implementations with Google...
Best practices for enterprise-grade microservices implementations with Google...Best practices for enterprise-grade microservices implementations with Google...
Best practices for enterprise-grade microservices implementations with Google...Grid Dynamics
 
Best practices for enterprise-grade microservices implementations with Google...
Best practices for enterprise-grade microservices implementations with Google...Best practices for enterprise-grade microservices implementations with Google...
Best practices for enterprise-grade microservices implementations with Google...Grid Dynamics
 
Techniques for Scaling the Netflix API - QCon SF
Techniques for Scaling the Netflix API - QCon SFTechniques for Scaling the Netflix API - QCon SF
Techniques for Scaling the Netflix API - QCon SFDaniel Jacobson
 
Building a Service Mesh with NGINX Owen Garrett.pptx
Building a Service Mesh with NGINX Owen Garrett.pptxBuilding a Service Mesh with NGINX Owen Garrett.pptx
Building a Service Mesh with NGINX Owen Garrett.pptxPINGXIONG3
 
Amazon VPC: Security at the Speed Of Light (NET313) - AWS re:Invent 2018
Amazon VPC: Security at the Speed Of Light (NET313) - AWS re:Invent 2018Amazon VPC: Security at the Speed Of Light (NET313) - AWS re:Invent 2018
Amazon VPC: Security at the Speed Of Light (NET313) - AWS re:Invent 2018Amazon Web Services
 
2016 06 - design your api management strategy - axway - Api Management
2016 06 - design your api management strategy - axway - Api Management2016 06 - design your api management strategy - axway - Api Management
2016 06 - design your api management strategy - axway - Api ManagementSmartWave
 
Slaying Monoliths with Node and Docker
Slaying Monoliths with Node and DockerSlaying Monoliths with Node and Docker
Slaying Monoliths with Node and DockerYunong Xiao
 
Networking @Scale'19 - Getting a Taste of Your Network - Sergey Fedorov
Networking @Scale'19 - Getting a Taste of Your Network - Sergey FedorovNetworking @Scale'19 - Getting a Taste of Your Network - Sergey Fedorov
Networking @Scale'19 - Getting a Taste of Your Network - Sergey FedorovSergey Fedorov
 

Ähnlich wie Rethinking Cloud Proxies (20)

What is a Service Mesh and what can it do for your Microservices
What is a Service Mesh and what can it do for your MicroservicesWhat is a Service Mesh and what can it do for your Microservices
What is a Service Mesh and what can it do for your Microservices
 
Stranger Things: The Forces that Disrupt Netflix
Stranger Things: The Forces that Disrupt NetflixStranger Things: The Forces that Disrupt Netflix
Stranger Things: The Forces that Disrupt Netflix
 
Evolving big microservice architectures
Evolving big microservice architecturesEvolving big microservice architectures
Evolving big microservice architectures
 
Evolving the Netflix API
Evolving the Netflix APIEvolving the Netflix API
Evolving the Netflix API
 
Maintaining the Front Door to Netflix : The Netflix API
Maintaining the Front Door to Netflix : The Netflix APIMaintaining the Front Door to Netflix : The Netflix API
Maintaining the Front Door to Netflix : The Netflix API
 
QConSF2016-JoshEvans-MasteringChaosANetflixGuidetoMicroservices-compressed.pdf
QConSF2016-JoshEvans-MasteringChaosANetflixGuidetoMicroservices-compressed.pdfQConSF2016-JoshEvans-MasteringChaosANetflixGuidetoMicroservices-compressed.pdf
QConSF2016-JoshEvans-MasteringChaosANetflixGuidetoMicroservices-compressed.pdf
 
Testing applications with traffic control in containers / Alban Crequy (Kinvolk)
Testing applications with traffic control in containers / Alban Crequy (Kinvolk)Testing applications with traffic control in containers / Alban Crequy (Kinvolk)
Testing applications with traffic control in containers / Alban Crequy (Kinvolk)
 
easemesh-architecture.pptx
easemesh-architecture.pptxeasemesh-architecture.pptx
easemesh-architecture.pptx
 
Mastering Chaos - A Netflix Guide to Microservices
Mastering Chaos - A Netflix Guide to MicroservicesMastering Chaos - A Netflix Guide to Microservices
Mastering Chaos - A Netflix Guide to Microservices
 
AWS Serverless API Management - Meetup
AWS Serverless API Management - MeetupAWS Serverless API Management - Meetup
AWS Serverless API Management - Meetup
 
Let’s get Connected_ Exploring Connectivity in your Cloud Journey
Let’s get Connected_ Exploring Connectivity in your Cloud JourneyLet’s get Connected_ Exploring Connectivity in your Cloud Journey
Let’s get Connected_ Exploring Connectivity in your Cloud Journey
 
Netflix Women Living on the "Edge" - WiT event
Netflix Women Living on the "Edge" - WiT eventNetflix Women Living on the "Edge" - WiT event
Netflix Women Living on the "Edge" - WiT event
 
Best practices for enterprise-grade microservices implementations with Google...
Best practices for enterprise-grade microservices implementations with Google...Best practices for enterprise-grade microservices implementations with Google...
Best practices for enterprise-grade microservices implementations with Google...
 
Best practices for enterprise-grade microservices implementations with Google...
Best practices for enterprise-grade microservices implementations with Google...Best practices for enterprise-grade microservices implementations with Google...
Best practices for enterprise-grade microservices implementations with Google...
 
Techniques for Scaling the Netflix API - QCon SF
Techniques for Scaling the Netflix API - QCon SFTechniques for Scaling the Netflix API - QCon SF
Techniques for Scaling the Netflix API - QCon SF
 
Building a Service Mesh with NGINX Owen Garrett.pptx
Building a Service Mesh with NGINX Owen Garrett.pptxBuilding a Service Mesh with NGINX Owen Garrett.pptx
Building a Service Mesh with NGINX Owen Garrett.pptx
 
Amazon VPC: Security at the Speed Of Light (NET313) - AWS re:Invent 2018
Amazon VPC: Security at the Speed Of Light (NET313) - AWS re:Invent 2018Amazon VPC: Security at the Speed Of Light (NET313) - AWS re:Invent 2018
Amazon VPC: Security at the Speed Of Light (NET313) - AWS re:Invent 2018
 
2016 06 - design your api management strategy - axway - Api Management
2016 06 - design your api management strategy - axway - Api Management2016 06 - design your api management strategy - axway - Api Management
2016 06 - design your api management strategy - axway - Api Management
 
Slaying Monoliths with Node and Docker
Slaying Monoliths with Node and DockerSlaying Monoliths with Node and Docker
Slaying Monoliths with Node and Docker
 
Networking @Scale'19 - Getting a Taste of Your Network - Sergey Fedorov
Networking @Scale'19 - Getting a Taste of Your Network - Sergey FedorovNetworking @Scale'19 - Getting a Taste of Your Network - Sergey Fedorov
Networking @Scale'19 - Getting a Taste of Your Network - Sergey Fedorov
 

Kürzlich hochgeladen

BSides Seattle 2024 - Stopping Ethan Hunt From Taking Your Data.pptx
BSides Seattle 2024 - Stopping Ethan Hunt From Taking Your Data.pptxBSides Seattle 2024 - Stopping Ethan Hunt From Taking Your Data.pptx
BSides Seattle 2024 - Stopping Ethan Hunt From Taking Your Data.pptxfenichawla
 
Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...
Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...
Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...Dr.Costas Sachpazis
 
MANUFACTURING PROCESS-II UNIT-5 NC MACHINE TOOLS
MANUFACTURING PROCESS-II UNIT-5 NC MACHINE TOOLSMANUFACTURING PROCESS-II UNIT-5 NC MACHINE TOOLS
MANUFACTURING PROCESS-II UNIT-5 NC MACHINE TOOLSSIVASHANKAR N
 
ONLINE FOOD ORDER SYSTEM PROJECT REPORT.pdf
ONLINE FOOD ORDER SYSTEM PROJECT REPORT.pdfONLINE FOOD ORDER SYSTEM PROJECT REPORT.pdf
ONLINE FOOD ORDER SYSTEM PROJECT REPORT.pdfKamal Acharya
 
MANUFACTURING PROCESS-II UNIT-1 THEORY OF METAL CUTTING
MANUFACTURING PROCESS-II UNIT-1 THEORY OF METAL CUTTINGMANUFACTURING PROCESS-II UNIT-1 THEORY OF METAL CUTTING
MANUFACTURING PROCESS-II UNIT-1 THEORY OF METAL CUTTINGSIVASHANKAR N
 
Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...
Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...
Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...Christo Ananth
 
(ANJALI) Dange Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANJALI) Dange Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...(ANJALI) Dange Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANJALI) Dange Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...ranjana rawat
 
MANUFACTURING PROCESS-II UNIT-2 LATHE MACHINE
MANUFACTURING PROCESS-II UNIT-2 LATHE MACHINEMANUFACTURING PROCESS-II UNIT-2 LATHE MACHINE
MANUFACTURING PROCESS-II UNIT-2 LATHE MACHINESIVASHANKAR N
 
UNIT-III FMM. DIMENSIONAL ANALYSIS
UNIT-III FMM. DIMENSIONAL ANALYSISUNIT-III FMM. DIMENSIONAL ANALYSIS
UNIT-III FMM. DIMENSIONAL ANALYSISrknatarajan
 
(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...ranjana rawat
 
High Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur EscortsHigh Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur Escortsranjana rawat
 
Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...
Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...
Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...Call Girls in Nagpur High Profile
 
College Call Girls Nashik Nehal 7001305949 Independent Escort Service Nashik
College Call Girls Nashik Nehal 7001305949 Independent Escort Service NashikCollege Call Girls Nashik Nehal 7001305949 Independent Escort Service Nashik
College Call Girls Nashik Nehal 7001305949 Independent Escort Service NashikCall Girls in Nagpur High Profile
 
Introduction to IEEE STANDARDS and its different types.pptx
Introduction to IEEE STANDARDS and its different types.pptxIntroduction to IEEE STANDARDS and its different types.pptx
Introduction to IEEE STANDARDS and its different types.pptxupamatechverse
 
result management system report for college project
result management system report for college projectresult management system report for college project
result management system report for college projectTonystark477637
 
The Most Attractive Pune Call Girls Manchar 8250192130 Will You Miss This Cha...
The Most Attractive Pune Call Girls Manchar 8250192130 Will You Miss This Cha...The Most Attractive Pune Call Girls Manchar 8250192130 Will You Miss This Cha...
The Most Attractive Pune Call Girls Manchar 8250192130 Will You Miss This Cha...ranjana rawat
 
Call Girls in Nagpur Suman Call 7001035870 Meet With Nagpur Escorts
Call Girls in Nagpur Suman Call 7001035870 Meet With Nagpur EscortsCall Girls in Nagpur Suman Call 7001035870 Meet With Nagpur Escorts
Call Girls in Nagpur Suman Call 7001035870 Meet With Nagpur EscortsCall Girls in Nagpur High Profile
 

Kürzlich hochgeladen (20)

BSides Seattle 2024 - Stopping Ethan Hunt From Taking Your Data.pptx
BSides Seattle 2024 - Stopping Ethan Hunt From Taking Your Data.pptxBSides Seattle 2024 - Stopping Ethan Hunt From Taking Your Data.pptx
BSides Seattle 2024 - Stopping Ethan Hunt From Taking Your Data.pptx
 
Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...
Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...
Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...
 
MANUFACTURING PROCESS-II UNIT-5 NC MACHINE TOOLS
MANUFACTURING PROCESS-II UNIT-5 NC MACHINE TOOLSMANUFACTURING PROCESS-II UNIT-5 NC MACHINE TOOLS
MANUFACTURING PROCESS-II UNIT-5 NC MACHINE TOOLS
 
ONLINE FOOD ORDER SYSTEM PROJECT REPORT.pdf
ONLINE FOOD ORDER SYSTEM PROJECT REPORT.pdfONLINE FOOD ORDER SYSTEM PROJECT REPORT.pdf
ONLINE FOOD ORDER SYSTEM PROJECT REPORT.pdf
 
MANUFACTURING PROCESS-II UNIT-1 THEORY OF METAL CUTTING
MANUFACTURING PROCESS-II UNIT-1 THEORY OF METAL CUTTINGMANUFACTURING PROCESS-II UNIT-1 THEORY OF METAL CUTTING
MANUFACTURING PROCESS-II UNIT-1 THEORY OF METAL CUTTING
 
(INDIRA) Call Girl Aurangabad Call Now 8617697112 Aurangabad Escorts 24x7
(INDIRA) Call Girl Aurangabad Call Now 8617697112 Aurangabad Escorts 24x7(INDIRA) Call Girl Aurangabad Call Now 8617697112 Aurangabad Escorts 24x7
(INDIRA) Call Girl Aurangabad Call Now 8617697112 Aurangabad Escorts 24x7
 
Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...
Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...
Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...
 
(ANJALI) Dange Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANJALI) Dange Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...(ANJALI) Dange Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANJALI) Dange Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
 
MANUFACTURING PROCESS-II UNIT-2 LATHE MACHINE
MANUFACTURING PROCESS-II UNIT-2 LATHE MACHINEMANUFACTURING PROCESS-II UNIT-2 LATHE MACHINE
MANUFACTURING PROCESS-II UNIT-2 LATHE MACHINE
 
UNIT-III FMM. DIMENSIONAL ANALYSIS
UNIT-III FMM. DIMENSIONAL ANALYSISUNIT-III FMM. DIMENSIONAL ANALYSIS
UNIT-III FMM. DIMENSIONAL ANALYSIS
 
(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
 
High Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur EscortsHigh Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur Escorts
 
Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...
Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...
Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...
 
DJARUM4D - SLOT GACOR ONLINE | SLOT DEMO ONLINE
DJARUM4D - SLOT GACOR ONLINE | SLOT DEMO ONLINEDJARUM4D - SLOT GACOR ONLINE | SLOT DEMO ONLINE
DJARUM4D - SLOT GACOR ONLINE | SLOT DEMO ONLINE
 
College Call Girls Nashik Nehal 7001305949 Independent Escort Service Nashik
College Call Girls Nashik Nehal 7001305949 Independent Escort Service NashikCollege Call Girls Nashik Nehal 7001305949 Independent Escort Service Nashik
College Call Girls Nashik Nehal 7001305949 Independent Escort Service Nashik
 
Introduction to IEEE STANDARDS and its different types.pptx
Introduction to IEEE STANDARDS and its different types.pptxIntroduction to IEEE STANDARDS and its different types.pptx
Introduction to IEEE STANDARDS and its different types.pptx
 
result management system report for college project
result management system report for college projectresult management system report for college project
result management system report for college project
 
The Most Attractive Pune Call Girls Manchar 8250192130 Will You Miss This Cha...
The Most Attractive Pune Call Girls Manchar 8250192130 Will You Miss This Cha...The Most Attractive Pune Call Girls Manchar 8250192130 Will You Miss This Cha...
The Most Attractive Pune Call Girls Manchar 8250192130 Will You Miss This Cha...
 
Call Girls in Nagpur Suman Call 7001035870 Meet With Nagpur Escorts
Call Girls in Nagpur Suman Call 7001035870 Meet With Nagpur EscortsCall Girls in Nagpur Suman Call 7001035870 Meet With Nagpur Escorts
Call Girls in Nagpur Suman Call 7001035870 Meet With Nagpur Escorts
 
Water Industry Process Automation & Control Monthly - April 2024
Water Industry Process Automation & Control Monthly - April 2024Water Industry Process Automation & Control Monthly - April 2024
Water Industry Process Automation & Control Monthly - April 2024
 

Rethinking Cloud Proxies

Hinweis der Redaktion

  1. Our gateway strategy will change the way you think about resiliency, debugging, continuous delivery, service operations, and insights.
  2. Devices slow to update Need emergency policies Fast action
  3. Limited range of functionality Hard to program Authentication Authorization Static responses / Origin specific headers Why? Federation of logic across systems creates complexity Minimize gateway dependencies to maximize availability
  4. Origin services run many clusters Route to service clusters based on dynamic routing rules Shape or reject traffic based on service, regional health, or attack React fast in emergencies Realtime analytics and insights Ensures request delivery from internet to services running in the cloud Dynamically changes routing behaviors Routes to services Services have multiple clusters Clusters have dynamically changing nodes Bridges multiple cloud regions and data centers Provides system Insights
  5. Same service: Subclusters for many purposes Set up by filters in Zuul Self serviceable by cluster owners Automated Quality assurance / Test Automation Targeted debugging Test Automation Canary / Baseline A/B testing of service behavior per build Squeeze Testing Service capacity testing Trickle traffic Instrumented builds Sticky Canary A/B testing of client behavior per origin build
  6. Trickling traffic into clusters High Overhead profiling tools “Coalmine” verbose logging
  7. Server capacity testing Gateway gradually increases traffic until performance degradation is detected Automated or manual
  8. Isolate requests by customer, route, type of device, or any routing rule Debug node(s) are often instrumented to give verbose logging Custom Request Routing
  9. Compare server behavior and metrics Equal traffic rates hit both clusters Automated part of production push process Error rates CPU for equivalent work Automated metrics analysis returns a score of how well the canary cluster performed A poor score stops the push process
  10. Servers may be healthy data may be bad API changes that affect devices Data changes certain devices can’t interpret Protocol and transport changes that some devices can’t accept Testing 1000’s of types of devices would be a time consuming, tedious process. Sticky Canary idea - Stick all requests for a small subset of customers for a limited time to a “sticky canary” or “sticky baseline” If servers are equivalent, there should be no behavioral differences. Insights can help find these anomalies Limited scope of impact - a very small subset of customers could be affected but only for a short period of time
  11. Reroute to the closer region to the client - DNS accuracy issues, etc Reroute due to region failure.
  12. Speedbump Dynamic DDOS prevention