SlideShare a Scribd company logo

Do I Need A Service Mesh.pptx

Download as PPTX, PDF
P
PINGXIONG3

How do you make a decision when you want to manage east-west traffic?

Technology
1 of 44
Do You Need A Service Mesh Rick Nelson RVP Professional Services, NGINX
Why Microservices? • Best practices for extending existing applications Why might you need a Service Mesh? • Alternatives – how to tell when you’re ready The Landscape • Istio and others Summary • Next steps 1 2 3 4 Agenda
Why Microservices?
Modern Apps Require a Modern Architecture From Monolithic ... ... to Dynamic Three-tier, J2EE-style architectures Complex protocols (HTML, SOAP) Persistent deployments Fixed, static Infrastructure Big-bang releases Silo’ed teams (Dev, Test, Ops) Microservices Lightweight (REST, JSON) Containers, VMs, Functions Infrastructure as Code Continuous delivery DevOps Culture
6 Architectural Changes: Monolith
7 Architectural Changes: Monolith to Microservices
Microservices 8 "An approach to developing a single application as a suite of small services, each running in its own process and communicating with lightweight mechanisms, often an HTTP resource API”. Martin Fowler, 12-Factor App
In practice 9 • Use the “Strangler Pattern” to extend your Monolith to using Microservices: 1. Add small pieces of functionality in Microservices. 2. Repeat as needed • Organize team structure around service ownership. • Adopt DevOps mentality – automate when possible.
Evolution in Action 10 Your Existing Application Existing Monolith Application Desktop or Web Client
Evolution in Action 11 You have New Use Cases New applications are needed New datasources and business processes are added How do we add the new use cases without large-scale rewrites?
Evolution in Action 12 Implement Hybrid/Strangler Pattern 1. Implement connector microservices to provide API abstractions for external dependencies
Evolution in Action 13 Implement Hybrid/Strangler Pattern 2. Implement business-logic microservices for each business process
Evolution in Action 14 Implement Hybrid/Strangler Pattern 3. Implement presentation-layer microservices that are accessed externally
Evolution in Action 15 Implement Hybrid/Strangler Pattern 4. Use NGINX Ingress Controller for external- internal connectivity
Evolution in Action 16 Implement Hybrid/Strangler Pattern 5. Use NGINX Router Mesh for internal connectivity
Evolution 17 Successful Hybrid/Strangler Implementation
Why do I need a Service Mesh? (and do I need one now?) 2
Modern Apps Require a Modern Architecture From Monolithic ... ... to Dynamic Three-tier, J2EE-style architectures Complex protocols (HTML, SOAP) Persistent deployments Fixed, static Infrastructure Big-bang releases Silo’ed teams (Dev, Test, Ops) Microservices Lightweight (REST, JSON) Containers, VMs, Functions Infrastructure as Code Continuous delivery DevOps Culture
Operating a distributed application is hard Static, Predictable Monolith: Dynamic, Distributed App: Fast, reliable function calls Local debugging Local profiling Calendared, big-bang upgrades ‘Integration hell’ contained in dev Slow, unreliable API calls Distributed fault finding Distributed tracing In-place dynamic updates ‘Continuous integration’ live in prod
Why do I need a Service Mesh? 21 • In most cases, you do not need a service mesh (at least, not yet) • Your applications will go through a maturity journey: 1. Pre- or early-production applications, mature ‘mode 1’ applications 2. Single simple, business-critical production applications 3. Multiple complex, distributed applications This is where you may need a service mesh
Maturity Journey – Step 1 22 • Pre- and Early-Production Applications, Established Apps ◦ My applications are simple and well understood ◦ I don’t make disruptive changes in production • Kubernetes provides the capabilities you need: ◦ Service Discovery and Scaling ◦ Load Balancing and Health Checks ◦ Access Control ◦ Ingress Load Balancing For example, legacy ‘monolithic’ or 3-tier apps that have been containerized Many production applications start and finish here
Maturity Journey – Step 1 23 Rely on Kubernetes for: • DNS-based Service Discovery • Scaling and reconfiguration • KubeProxy-based load balancing • Health Checks • Network Policies for Access Control Use a third-party Ingress Router Many production applications start and finish here Simple Ingress Router, Kubernetes Networking
What is an Ingress Controller? 24 Kubernetes Master API Server Scheduler Controller- Manager etcd Kubernetes Node Kubelet Kubeproxy Kubernetes Node Kubelet Kubeproxy Kubernetes Node Kubelet Kubeproxy Internal Network Why do you need an Ingress Controller?
Ingress Resource apiVersion: extensions/v1beta1 kind: Ingress metadata: name: hello-ingress spec: tls: - hosts: - hello.example.com secretName: hello-secret rules: - host: hello.example.com http: paths: - path: / backend: serviceName: hello-svc servicePort: 80 25 • Ingress: ◦ Built-in Kubernetes resource ◦ Configuration for an edge load balancer (or ADC) • Ingress features: ◦ L7 routing based on the host header and URI ◦ TLS termination
Maturity Journey – Step 2 26 • More complex, business-critical applications ◦ Applications have multiple, distributed components ◦ Changes in production are frequent ◦ Users need more control and visibility over the app • Individual services can be enhanced with: ◦ Mutual TLS for encryption and authentication ◦ Metrics and Tracing (Prometheus, OpenTracing etc) ◦ Proxies for load balancing, rate limiting, access control, traffic management Most production apps running in containers over the last ~3 years have taken this approach
Maturity Journey – Step 2 27 Enhance applications with: • Prometheus metrics • OpenTracing tracers • mTLS or SPIFFE ssl Use per-service proxies for specific services Use central router-mesh proxy load balancer Ingress Router, Per-Service Load Balancer, Router-mesh Load Balancer P O T S Most production apps running in containers over the last ~3 years have taken this approach
But… this approach gets expensive to manage 28 The operational complexity and cost of developing bespoke libraries across languages, frameworks, and runtimes is prohibitive for most organizations, especially those with heterogenous applications and polyglot programming languages. IDC Market Perspective: Vendors Stake Out Positions in Emerging Istio Service Mesh Landscape
Maturity Journey – Step 3 29 • Multiple interdependent applications ◦ Diverse application stacks (challenging to extend consistently) ◦ Frequent, hard-to-control changes (need rapid troubleshooting) • Service Mesh provides enhancements, invisibly ◦ Intercepts all network traffic for each service ◦ Injects security (mutual TLS) ◦ Generates metrics and traces ◦ Can support L7 policies e.g. authentication, rate limiting, traffic management A service mesh provides standard functionality and services in an invisible, universal fashion
Maturity Journey – Step 3 30 Embed proxy into every container Proxy intercepts all traffic and applies advanced functionality Proxy implements L7 policies Requires a comprehensive control plane A service mesh provides standard functionality and services in an invisible, universal fashion Every container has an embedded proxy
A Service Mesh sounds great….? 31 • Service Mesh implementations are new and not yet mature. Implementations are changing rapidly and some may be obsoleted quickly. • Service Mesh has a cost, adding complexity, resource requirements and latency (network hops). ROI is not clear Don’t let the lack of a stable, mature service mesh delay your container and microservice initiatives
Find the balance 32 Cost to operate Complexity, Interdependencies, Speed of Change Single simple app Many complex, interdependent apps Using native Kubernetes and other services Using service mesh As service meshes mature, their cost will go down
Service Mesh Landscape 3
Current Landscape as Aug 2019 34 • Pure-play Service Meshes ◦ Istio, Linkerd, Consul Connect, … • Cloud Platform Service Meshes ◦ Amazon App Mesh, GCP Traffic Director, … • Meta-Meshes ◦ SMI, Solo.io SuperGloo, …
35
36
Hype Cycle Visibility Time Technology Trigger Peak of Inflated Expectations Trough of Disillusionment Slope of Enlightenment Plateau of Productivity
Summary 4
Summary 39 • There is a tipping point, before which, a service mesh is not advised • As service meshes become easier to deploy and more mature, the tipping point gets closer • Service Mesh technology is changing rapidly – it’s very early to place a bet Cost to operate Complexity, Interdependencies, Speed of Change Single simple app Many complex, interdependent apps Using native Kubernetes and other services Using service mesh As service meshes mature, their cost will go down
Recommendations 40 • Investigating – too early to devote significant resources • PoC – commercial Istio builds, open source Consul and Linkerd • Production – are you ready to build an F1 pit crew?
F5 and NGINX 41 Aspen Mesh provides an easy-to- use distribution of Istio with added enterprise features. NGINX provides an advanced Ingress Controller, Microservices Proxy and innovative App Server:
F5 and NGINX 42 Aspen Mesh provides an easy-to-use distribution of Istio with added enterprise features. • Enterprise Service Mesh • Validates Configuration • Observability and Insights • SaaS-based dashboard • Tracing, Alerting • Expert Support
F5 and NGINX 43 NGINX provides an advanced Ingress Controller, Microservices Proxy and innovative App Server: • K8s Ingress Controller • NGINX Router • Unit • Future service mesh initiatives
Contact information here rick@nginx.com Thank you

Recommended

Do You Need A Service Mesh?
Do You Need A Service Mesh?Do You Need A Service Mesh?
Do You Need A Service Mesh?
NGINX, Inc.
 
Service Mesh Talk for CTO Forum
Service Mesh Talk for CTO ForumService Mesh Talk for CTO Forum
Service Mesh Talk for CTO Forum
Rick Hightower
 
Microservices-101
Microservices-101Microservices-101
Microservices-101
Subhashish Bhattacharjee
 
Disruptive Trends in Application Development
Disruptive Trends in Application DevelopmentDisruptive Trends in Application Development
Disruptive Trends in Application Development
WaveMaker, Inc.
 
Migrating to Microservices Patterns and Technologies (edition 2023)
Migrating to Microservices Patterns and Technologies (edition 2023) Migrating to Microservices Patterns and Technologies (edition 2023)
Migrating to Microservices Patterns and Technologies (edition 2023)
Ahmed Misbah
 
Istio as an enabler for migrating to microservices (edition 2022)
Istio as an enabler for migrating to microservices (edition 2022)Istio as an enabler for migrating to microservices (edition 2022)
Istio as an enabler for migrating to microservices (edition 2022)
Ahmed Misbah
 
Introduction to Microservices
Introduction to MicroservicesIntroduction to Microservices
Introduction to Microservices
MahmoudZidan41
 
Service Mesh CTO Forum (Draft 3)
Service Mesh CTO Forum (Draft 3)Service Mesh CTO Forum (Draft 3)
Service Mesh CTO Forum (Draft 3)
Rick Hightower
 

Recommended

Do You Need A Service Mesh?
Do You Need A Service Mesh?Do You Need A Service Mesh?
Do You Need A Service Mesh?
NGINX, Inc.
 
Service Mesh Talk for CTO Forum
Service Mesh Talk for CTO ForumService Mesh Talk for CTO Forum
Service Mesh Talk for CTO Forum
Rick Hightower
 
Microservices-101
Microservices-101Microservices-101
Microservices-101
Subhashish Bhattacharjee
 
Disruptive Trends in Application Development
Disruptive Trends in Application DevelopmentDisruptive Trends in Application Development
Disruptive Trends in Application Development
WaveMaker, Inc.
 
Migrating to Microservices Patterns and Technologies (edition 2023)
Migrating to Microservices Patterns and Technologies (edition 2023) Migrating to Microservices Patterns and Technologies (edition 2023)
Migrating to Microservices Patterns and Technologies (edition 2023)
Ahmed Misbah
 
Istio as an enabler for migrating to microservices (edition 2022)
Istio as an enabler for migrating to microservices (edition 2022)Istio as an enabler for migrating to microservices (edition 2022)
Istio as an enabler for migrating to microservices (edition 2022)
Ahmed Misbah
 
Introduction to Microservices
Introduction to MicroservicesIntroduction to Microservices
Introduction to Microservices
MahmoudZidan41
 
Service Mesh CTO Forum (Draft 3)
Service Mesh CTO Forum (Draft 3)Service Mesh CTO Forum (Draft 3)
Service Mesh CTO Forum (Draft 3)
Rick Hightower
 
Application Centric Microservices from Redhat Summit 2015
Application Centric Microservices from Redhat Summit 2015Application Centric Microservices from Redhat Summit 2015
Application Centric Microservices from Redhat Summit 2015
Ken Owens
 
Microservices for Application Modernisation
Microservices for Application ModernisationMicroservices for Application Modernisation
Microservices for Application Modernisation
Ajay Kumar Uppal
 
Istio as an Enabler for Migrating Monolithic Applications to Microservices v1.3
Istio as an Enabler for Migrating Monolithic Applications to Microservices v1.3Istio as an Enabler for Migrating Monolithic Applications to Microservices v1.3
Istio as an Enabler for Migrating Monolithic Applications to Microservices v1.3
Ahmed Misbah
 
Microservices architecture
Microservices architectureMicroservices architecture
Microservices architecture
Faren faren
 
170215 msa intro
170215 msa intro170215 msa intro
170215 msa intro
Sonic leigh
 
#ATAGTR2020 Presentation - Microservices – Explored
#ATAGTR2020 Presentation - Microservices – Explored#ATAGTR2020 Presentation - Microservices – Explored
#ATAGTR2020 Presentation - Microservices – Explored
Agile Testing Alliance
 
Microservice Architecture
Microservice ArchitectureMicroservice Architecture
Microservice Architecture
Engin Yoeyen
 
MICROSERVICES ARCHITECTURE unit -2.pptx
MICROSERVICES ARCHITECTURE unit -2.pptxMICROSERVICES ARCHITECTURE unit -2.pptx
MICROSERVICES ARCHITECTURE unit -2.pptx
MohammedShahid562503
 
Microservices.pdf
Microservices.pdfMicroservices.pdf
Microservices.pdf
SelmaJelovac1
 
[APIdays Paris 2019] API Management in Service Mesh Using Istio and WSO2 API ...
[APIdays Paris 2019] API Management in Service Mesh Using Istio and WSO2 API ...[APIdays Paris 2019] API Management in Service Mesh Using Istio and WSO2 API ...
[APIdays Paris 2019] API Management in Service Mesh Using Istio and WSO2 API ...
WSO2
 
MuleSoft Manchester Meetup #4 slides 11th February 2021
MuleSoft Manchester Meetup #4 slides 11th February 2021MuleSoft Manchester Meetup #4 slides 11th February 2021
MuleSoft Manchester Meetup #4 slides 11th February 2021
Ieva Navickaite
 
Over view of software artitecture
Over view of software artitectureOver view of software artitecture
Over view of software artitecture
ABDEL RAHMAN KARIM
 
Architecting for Scale
Architecting for ScaleArchitecting for Scale
Architecting for Scale
Pooyan Jamshidi
 
APIdays Paris 2019 - Cloud native API Management for Microservices on a Servi...
APIdays Paris 2019 - Cloud native API Management for Microservices on a Servi...APIdays Paris 2019 - Cloud native API Management for Microservices on a Servi...
APIdays Paris 2019 - Cloud native API Management for Microservices on a Servi...
apidays
 
Webinar : Microservices and Containerization
Webinar : Microservices and ContainerizationWebinar : Microservices and Containerization
Webinar : Microservices and Containerization
Newt Global Consulting LLC
 
Microservice Pattern Launguage
Microservice Pattern LaunguageMicroservice Pattern Launguage
Microservice Pattern Launguage
Inho Kang
 
The elegant way of implementing microservices with istio
The elegant way of implementing microservices with istioThe elegant way of implementing microservices with istio
The elegant way of implementing microservices with istio
Inho Kang
 
12월 16일 Meetup [Deep Dive] Microservice 트래픽 관리를 위한 Istio 알아보기 | 강인호 컨설턴트, 오라클
12월 16일 Meetup [Deep Dive] Microservice 트래픽 관리를 위한 Istio 알아보기 | 강인호 컨설턴트, 오라클12월 16일 Meetup [Deep Dive] Microservice 트래픽 관리를 위한 Istio 알아보기 | 강인호 컨설턴트, 오라클
12월 16일 Meetup [Deep Dive] Microservice 트래픽 관리를 위한 Istio 알아보기 | 강인호 컨설턴트, 오라클
Oracle Korea
 
Agile Tour Pune 2015: Agility with Microservices and Devops: Archana Joshi an...
Agile Tour Pune 2015: Agility with Microservices and Devops: Archana Joshi an...Agile Tour Pune 2015: Agility with Microservices and Devops: Archana Joshi an...
Agile Tour Pune 2015: Agility with Microservices and Devops: Archana Joshi an...
India Scrum Enthusiasts Community
 
Testing the Migration of Monolithic Applications to Microservices on the Cloud
Testing the Migration of Monolithic Applications to Microservices on the CloudTesting the Migration of Monolithic Applications to Microservices on the Cloud
Testing the Migration of Monolithic Applications to Microservices on the Cloud
Nagarro
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
RTylerCroy
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
Delhi Call girls
 

More Related Content

Similar to Do I Need A Service Mesh.pptx

Application Centric Microservices from Redhat Summit 2015
Application Centric Microservices from Redhat Summit 2015Application Centric Microservices from Redhat Summit 2015
Application Centric Microservices from Redhat Summit 2015
Ken Owens
 
Istio as an Enabler for Migrating Monolithic Applications to Microservices v1.3
Istio as an Enabler for Migrating Monolithic Applications to Microservices v1.3Istio as an Enabler for Migrating Monolithic Applications to Microservices v1.3
Istio as an Enabler for Migrating Monolithic Applications to Microservices v1.3
Ahmed Misbah
 
MICROSERVICES ARCHITECTURE unit -2.pptx
MICROSERVICES ARCHITECTURE unit -2.pptxMICROSERVICES ARCHITECTURE unit -2.pptx
MICROSERVICES ARCHITECTURE unit -2.pptx
MohammedShahid562503
 
Agile Tour Pune 2015: Agility with Microservices and Devops: Archana Joshi an...
Agile Tour Pune 2015: Agility with Microservices and Devops: Archana Joshi an...Agile Tour Pune 2015: Agility with Microservices and Devops: Archana Joshi an...
Agile Tour Pune 2015: Agility with Microservices and Devops: Archana Joshi an...
India Scrum Enthusiasts Community
 

Similar to Do I Need A Service Mesh.pptx (20)

Application Centric Microservices from Redhat Summit 2015
Application Centric Microservices from Redhat Summit 2015Application Centric Microservices from Redhat Summit 2015
Application Centric Microservices from Redhat Summit 2015
 
Microservices for Application Modernisation
Microservices for Application ModernisationMicroservices for Application Modernisation
Microservices for Application Modernisation
 
Istio as an Enabler for Migrating Monolithic Applications to Microservices v1.3
Istio as an Enabler for Migrating Monolithic Applications to Microservices v1.3Istio as an Enabler for Migrating Monolithic Applications to Microservices v1.3
Istio as an Enabler for Migrating Monolithic Applications to Microservices v1.3
 
Microservices architecture
Microservices architectureMicroservices architecture
Microservices architecture
 
170215 msa intro
170215 msa intro170215 msa intro
170215 msa intro
 
#ATAGTR2020 Presentation - Microservices – Explored
#ATAGTR2020 Presentation - Microservices – Explored#ATAGTR2020 Presentation - Microservices – Explored
#ATAGTR2020 Presentation - Microservices – Explored
 
Microservice Architecture
Microservice ArchitectureMicroservice Architecture
Microservice Architecture
 
MICROSERVICES ARCHITECTURE unit -2.pptx
MICROSERVICES ARCHITECTURE unit -2.pptxMICROSERVICES ARCHITECTURE unit -2.pptx
MICROSERVICES ARCHITECTURE unit -2.pptx
 
Microservices.pdf
Microservices.pdfMicroservices.pdf
Microservices.pdf
 
[APIdays Paris 2019] API Management in Service Mesh Using Istio and WSO2 API ...
[APIdays Paris 2019] API Management in Service Mesh Using Istio and WSO2 API ...[APIdays Paris 2019] API Management in Service Mesh Using Istio and WSO2 API ...
[APIdays Paris 2019] API Management in Service Mesh Using Istio and WSO2 API ...
 
MuleSoft Manchester Meetup #4 slides 11th February 2021
MuleSoft Manchester Meetup #4 slides 11th February 2021MuleSoft Manchester Meetup #4 slides 11th February 2021
MuleSoft Manchester Meetup #4 slides 11th February 2021
 
Over view of software artitecture
Over view of software artitectureOver view of software artitecture
Over view of software artitecture
 
Architecting for Scale
Architecting for ScaleArchitecting for Scale
Architecting for Scale
 
APIdays Paris 2019 - Cloud native API Management for Microservices on a Servi...
APIdays Paris 2019 - Cloud native API Management for Microservices on a Servi...APIdays Paris 2019 - Cloud native API Management for Microservices on a Servi...
APIdays Paris 2019 - Cloud native API Management for Microservices on a Servi...
 
Webinar : Microservices and Containerization
Webinar : Microservices and ContainerizationWebinar : Microservices and Containerization
Webinar : Microservices and Containerization
 
Microservice Pattern Launguage
Microservice Pattern LaunguageMicroservice Pattern Launguage
Microservice Pattern Launguage
 
The elegant way of implementing microservices with istio
The elegant way of implementing microservices with istioThe elegant way of implementing microservices with istio
The elegant way of implementing microservices with istio
 
12월 16일 Meetup [Deep Dive] Microservice 트래픽 관리를 위한 Istio 알아보기 | 강인호 컨설턴트, 오라클
12월 16일 Meetup [Deep Dive] Microservice 트래픽 관리를 위한 Istio 알아보기 | 강인호 컨설턴트, 오라클12월 16일 Meetup [Deep Dive] Microservice 트래픽 관리를 위한 Istio 알아보기 | 강인호 컨설턴트, 오라클
12월 16일 Meetup [Deep Dive] Microservice 트래픽 관리를 위한 Istio 알아보기 | 강인호 컨설턴트, 오라클
 
Agile Tour Pune 2015: Agility with Microservices and Devops: Archana Joshi an...
Agile Tour Pune 2015: Agility with Microservices and Devops: Archana Joshi an...Agile Tour Pune 2015: Agility with Microservices and Devops: Archana Joshi an...
Agile Tour Pune 2015: Agility with Microservices and Devops: Archana Joshi an...
 
Testing the Migration of Monolithic Applications to Microservices on the Cloud
Testing the Migration of Monolithic Applications to Microservices on the CloudTesting the Migration of Monolithic Applications to Microservices on the Cloud
Testing the Migration of Monolithic Applications to Microservices on the Cloud
 

Recently uploaded

08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
Delhi Call girls
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
Delhi Call girls
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Miguel Araújo
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
Delhi Call girls
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
giselly40
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
vu2urc
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
Enterprise Knowledge
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
Joaquim Jorge
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
UK Journal
 

Recently uploaded (20)

🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 

Do I Need A Service Mesh.pptx

  • 1.
  • 2. Do You Need A Service Mesh Rick Nelson RVP Professional Services, NGINX
  • 3. Why Microservices? • Best practices for extending existing applications Why might you need a Service Mesh? • Alternatives – how to tell when you’re ready The Landscape • Istio and others Summary • Next steps 1 2 3 4 Agenda
  • 5. Modern Apps Require a Modern Architecture From Monolithic ... ... to Dynamic Three-tier, J2EE-style architectures Complex protocols (HTML, SOAP) Persistent deployments Fixed, static Infrastructure Big-bang releases Silo’ed teams (Dev, Test, Ops) Microservices Lightweight (REST, JSON) Containers, VMs, Functions Infrastructure as Code Continuous delivery DevOps Culture
  • 8. Microservices 8 "An approach to developing a single application as a suite of small services, each running in its own process and communicating with lightweight mechanisms, often an HTTP resource API”. Martin Fowler, 12-Factor App
  • 9. In practice 9 • Use the “Strangler Pattern” to extend your Monolith to using Microservices: 1. Add small pieces of functionality in Microservices. 2. Repeat as needed • Organize team structure around service ownership. • Adopt DevOps mentality – automate when possible.
  • 10. Evolution in Action 10 Your Existing Application Existing Monolith Application Desktop or Web Client
  • 11. Evolution in Action 11 You have New Use Cases New applications are needed New datasources and business processes are added How do we add the new use cases without large-scale rewrites?
  • 12. Evolution in Action 12 Implement Hybrid/Strangler Pattern 1. Implement connector microservices to provide API abstractions for external dependencies
  • 13. Evolution in Action 13 Implement Hybrid/Strangler Pattern 2. Implement business-logic microservices for each business process
  • 14. Evolution in Action 14 Implement Hybrid/Strangler Pattern 3. Implement presentation-layer microservices that are accessed externally
  • 15. Evolution in Action 15 Implement Hybrid/Strangler Pattern 4. Use NGINX Ingress Controller for external- internal connectivity
  • 16. Evolution in Action 16 Implement Hybrid/Strangler Pattern 5. Use NGINX Router Mesh for internal connectivity
  • 18. Why do I need a Service Mesh? (and do I need one now?) 2
  • 19. Modern Apps Require a Modern Architecture From Monolithic ... ... to Dynamic Three-tier, J2EE-style architectures Complex protocols (HTML, SOAP) Persistent deployments Fixed, static Infrastructure Big-bang releases Silo’ed teams (Dev, Test, Ops) Microservices Lightweight (REST, JSON) Containers, VMs, Functions Infrastructure as Code Continuous delivery DevOps Culture
  • 20. Operating a distributed application is hard Static, Predictable Monolith: Dynamic, Distributed App: Fast, reliable function calls Local debugging Local profiling Calendared, big-bang upgrades ‘Integration hell’ contained in dev Slow, unreliable API calls Distributed fault finding Distributed tracing In-place dynamic updates ‘Continuous integration’ live in prod
  • 21. Why do I need a Service Mesh? 21 • In most cases, you do not need a service mesh (at least, not yet) • Your applications will go through a maturity journey: 1. Pre- or early-production applications, mature ‘mode 1’ applications 2. Single simple, business-critical production applications 3. Multiple complex, distributed applications This is where you may need a service mesh
  • 22. Maturity Journey – Step 1 22 • Pre- and Early-Production Applications, Established Apps ◦ My applications are simple and well understood ◦ I don’t make disruptive changes in production • Kubernetes provides the capabilities you need: ◦ Service Discovery and Scaling ◦ Load Balancing and Health Checks ◦ Access Control ◦ Ingress Load Balancing For example, legacy ‘monolithic’ or 3-tier apps that have been containerized Many production applications start and finish here
  • 23. Maturity Journey – Step 1 23 Rely on Kubernetes for: • DNS-based Service Discovery • Scaling and reconfiguration • KubeProxy-based load balancing • Health Checks • Network Policies for Access Control Use a third-party Ingress Router Many production applications start and finish here Simple Ingress Router, Kubernetes Networking
  • 24. What is an Ingress Controller? 24 Kubernetes Master API Server Scheduler Controller- Manager etcd Kubernetes Node Kubelet Kubeproxy Kubernetes Node Kubelet Kubeproxy Kubernetes Node Kubelet Kubeproxy Internal Network Why do you need an Ingress Controller?
  • 25. Ingress Resource apiVersion: extensions/v1beta1 kind: Ingress metadata: name: hello-ingress spec: tls: - hosts: - hello.example.com secretName: hello-secret rules: - host: hello.example.com http: paths: - path: / backend: serviceName: hello-svc servicePort: 80 25 • Ingress: ◦ Built-in Kubernetes resource ◦ Configuration for an edge load balancer (or ADC) • Ingress features: ◦ L7 routing based on the host header and URI ◦ TLS termination
  • 26. Maturity Journey – Step 2 26 • More complex, business-critical applications ◦ Applications have multiple, distributed components ◦ Changes in production are frequent ◦ Users need more control and visibility over the app • Individual services can be enhanced with: ◦ Mutual TLS for encryption and authentication ◦ Metrics and Tracing (Prometheus, OpenTracing etc) ◦ Proxies for load balancing, rate limiting, access control, traffic management Most production apps running in containers over the last ~3 years have taken this approach
  • 27. Maturity Journey – Step 2 27 Enhance applications with: • Prometheus metrics • OpenTracing tracers • mTLS or SPIFFE ssl Use per-service proxies for specific services Use central router-mesh proxy load balancer Ingress Router, Per-Service Load Balancer, Router-mesh Load Balancer P O T S Most production apps running in containers over the last ~3 years have taken this approach
  • 28. But… this approach gets expensive to manage 28 The operational complexity and cost of developing bespoke libraries across languages, frameworks, and runtimes is prohibitive for most organizations, especially those with heterogenous applications and polyglot programming languages. IDC Market Perspective: Vendors Stake Out Positions in Emerging Istio Service Mesh Landscape
  • 29. Maturity Journey – Step 3 29 • Multiple interdependent applications ◦ Diverse application stacks (challenging to extend consistently) ◦ Frequent, hard-to-control changes (need rapid troubleshooting) • Service Mesh provides enhancements, invisibly ◦ Intercepts all network traffic for each service ◦ Injects security (mutual TLS) ◦ Generates metrics and traces ◦ Can support L7 policies e.g. authentication, rate limiting, traffic management A service mesh provides standard functionality and services in an invisible, universal fashion
  • 30. Maturity Journey – Step 3 30 Embed proxy into every container Proxy intercepts all traffic and applies advanced functionality Proxy implements L7 policies Requires a comprehensive control plane A service mesh provides standard functionality and services in an invisible, universal fashion Every container has an embedded proxy
  • 31. A Service Mesh sounds great….? 31 • Service Mesh implementations are new and not yet mature. Implementations are changing rapidly and some may be obsoleted quickly. • Service Mesh has a cost, adding complexity, resource requirements and latency (network hops). ROI is not clear Don’t let the lack of a stable, mature service mesh delay your container and microservice initiatives
  • 32. Find the balance 32 Cost to operate Complexity, Interdependencies, Speed of Change Single simple app Many complex, interdependent apps Using native Kubernetes and other services Using service mesh As service meshes mature, their cost will go down
  • 34. Current Landscape as Aug 2019 34 • Pure-play Service Meshes ◦ Istio, Linkerd, Consul Connect, … • Cloud Platform Service Meshes ◦ Amazon App Mesh, GCP Traffic Director, … • Meta-Meshes ◦ SMI, Solo.io SuperGloo, …
  • 35. 35
  • 36. 36
  • 37. Hype Cycle Visibility Time Technology Trigger Peak of Inflated Expectations Trough of Disillusionment Slope of Enlightenment Plateau of Productivity
  • 39. Summary 39 • There is a tipping point, before which, a service mesh is not advised • As service meshes become easier to deploy and more mature, the tipping point gets closer • Service Mesh technology is changing rapidly – it’s very early to place a bet Cost to operate Complexity, Interdependencies, Speed of Change Single simple app Many complex, interdependent apps Using native Kubernetes and other services Using service mesh As service meshes mature, their cost will go down
  • 40. Recommendations 40 • Investigating – too early to devote significant resources • PoC – commercial Istio builds, open source Consul and Linkerd • Production – are you ready to build an F1 pit crew?
  • 41. F5 and NGINX 41 Aspen Mesh provides an easy-to- use distribution of Istio with added enterprise features. NGINX provides an advanced Ingress Controller, Microservices Proxy and innovative App Server:
  • 42. F5 and NGINX 42 Aspen Mesh provides an easy-to-use distribution of Istio with added enterprise features. • Enterprise Service Mesh • Validates Configuration • Observability and Insights • SaaS-based dashboard • Tracing, Alerting • Expert Support
  • 43. F5 and NGINX 43 NGINX provides an advanced Ingress Controller, Microservices Proxy and innovative App Server: • K8s Ingress Controller • NGINX Router • Unit • Future service mesh initiatives