SlideShare ist ein Scribd-Unternehmen logo

SACON EU 2019 "API Gateways and Service Meshes: Opening the Door to Application Modernisation"

Als PPTX, PDF herunterladen
Daniel Bryant
Daniel Bryant

This document discusses how an API gateway and service mesh can help with incrementally decoupling applications from infrastructure during application modernization. An API gateway handles ingress traffic and exposes internal services to end users, while a service mesh handles communication between services and provides observability, reliability, and security at the service layer. There are two common patterns for decoupling applications: using an API gateway in an outside-in migration approach or using a service mesh within a segmented set of services in a balkanization approach.

Software
1 von 38
API Gateways and Service Meshes: Opening the Door to Application Modernisation Daniel Bryant Product Architect, Datawire
tl;dr ▪ App modernisation is often about incrementally decoupling apps from infra – An API gateway and service mesh can help with this migration ▪ API gateway handles ingress traffic ▪ Service mesh handles service-to-service comms ▪ You can decouple apps via two patterns – Outside-in, using an API gateway – Balkanization, using a service mesh on a segment of services
Product Architect at Datawire Freelance Tech Consultant and Writer @danielbryantuk
Why App Modernisation? ▪ Lead time ▪ Deployment frequency ▪ Mean time to restore (MTTR) ▪ Change fail percentage CIOs: “We want to go faster, and not fall over (and if it breaks we want to detect and fix it fast)”
App Modernisation ▪ Refactoring, repurposing, or consolidation of heritage software to align it more closely with current business needs ▪ Decoupling applications from infrastructure – Moving workloads to take advantage of cloud-based (AI) services – Retiring old systems (saving infra/hosting costs) – Reducing operational burden (e.g. toil and security patching)
App Modernisation ▪ Microservices! ▪ Cloud! ▪ Containers! ▪ Kubernetes!
App modernisation: Not an overnight thing
Decoupling Infrastructure Strategies ▪ Bring the cloud hardware to you ▪ Bring the cloud experience to you ▪ Bring the cloud software to you ▪ Bring the cloud traffic management to you
Decoupling Infrastructure Strategies ▪ Bring the cloud hardware to you: – AWS Outposts; custom hardware that is fully managed by AWS. ▪ Bring the cloud experience to you: – Azure Stack; run hybrid applications across the Azure cloud and via on- premises hardware.
Decoupling Infrastructure Strategies ▪ Bring the cloud software to you: – Google Anthos; software abstraction (VMware -> k8s/GKE, Istio, Stackdriver) ▪ Bring the cloud traffic management to you: – API gateway + service mesh; dynamically route traffic across any infrastructure (which is routable via the network)
Software-focusedHardware-focused Small commitmentBig commitment Complete access to cloud primitives Reliance on abstractions
Decoupling Infrastructure Strategies ▪ Bring the cloud hardware to you ▪ Bring the cloud experience to you ▪ Bring the cloud software to you ▪ Bring the cloud traffic management to you
Outside-in migration: API gateway
Outside-in migration: API gateway
Outside-in migration: API gateway
API Gateway: Edge proxy, ingress, ADC... ▪ Exposes internal services to end-users (often via multiple domains) ▪ Encapsulates backends: k8s, VMs, bare metal etc. ▪ Focused on managing ingress (“north-south”) traffic
https://bit.ly/2NnUXt9 https://www.getambassador.io/resources/challenges-api-gateway-kubernetes
API Gateway: Edge proxy, ingress, ADC... ▪ Exposes internal services to end-users (often via multiple domains) ▪ Encapsulates backends: k8s, VMs, bare metal etc. ▪ Focused on managing ingress (“north-south”) traffic ▪ Engineer-driven product release (often) happens here ▪ You don’t control the client
API Gateway: Self-Serve Routing & Security ▪ Self-serve routing – Traffic routing, splitting, and shaping (to dynamic backends) – Release functionality (A/B, canary, dark launch etc) ▪ Security – End-user authentication/authorization – TLS termination, rate limiting, WAF, DDoS protection, etc
API Gateway Options
Ambassador config
Balkanization: service-to-service comms
“Service mesh”, you say? https://twitter.com/cesarTronLozai/status/1175327326218915840 https://twitter.com/wm/status/1173350339946274816
Service Mesh: Proxy mesh, Fabric model... ▪ Exposes internal services to internal consumers ▪ Encapsulates service infra: across k8s, VMs, bare metal etc ▪ Dynamic routing for service-to-service (“east-west”) traffic ▪ Ops apply “sane defaults” and top-level platform monitoring ▪ You generally control the client (or at least can influence this...)
Service mesh architecture: Envoy Proxy
Service Mesh: Three Pillars ▪ Observability – “Golden signals”: latency, errors, traffic, saturation (USE, RED) – Both global and service-to-service ▪ Reliability – Abstracting health checks, retries, circuit breakers etc. – Providing sane default to protect system ▪ Security – Authn/z propagation, mTLS, ACLs, network segmentation
Service Mesh: Three Pillars ▪ Observability – “Golden signals”: latency, errors, traffic, saturation (USE, RED) – Both global and service-to-service ▪ Reliability – Abstracting health checks, retries, circuit breakers etc. – Providing sane default to protect system ▪ Security – Authn/z propagation, mTLS, ACLs, network segmentation https://www.infoq.com/podcasts/
Service Mesh Options
Consul config
Migration tactics: Outside-in
Balkanization: service-to-service comms
Migration tactics ▪ Outside in – Start with an API gateway – Identify a endpoint/service ▪ Balkanization – Start with a service mesh – Identify a service segment ▪ Easy install ▪ Conceptually easy to understand ▪ Less intrusive for all platforms ▪ (Potentially) higher blast radius ▪ Less new functionality ▪ Potentially higher value functionality ▪ “Easy” to deploy in Kubernetes ▪ Can support multicluster (beta) ▪ Operationally complex ▪ (Potentially) challenging to unwind ▪ Expectation management… :-)
bit.ly/2mr58C1 Learn more
Explore in your browser https://instruqt.com/hashicorp/tracks/sock-shop-tutorial
Conclusion ▪ App modernisation is often about decoupling apps from infra – One way to do this is via an API gateway and service mesh ▪ API gateway handles ingress traffic ▪ Service mesh handles service-to-service comms ▪ You can decouple apps via two patterns – Outside-in, using an API gateway – Balkanization, using a service mesh
References ▪ Context: – https://www.infoq.com/articles/api-gateway-service-mesh-app-modernisation/ ▪ Reference: – https://www.getambassador.io/user-guide/consul-connect-ambassador/ – https://www.getambassador.io/user-guide/consul/ – https://www.consul.io/docs/platform/k8s/ambassador.html – https://www.hashicorp.com/blog/hashicorp-consul-supports-microsoft-s-new-service-mesh-framework Experiment in an Instruqt sandbox: https://instruqt.com/hashicorp/tracks/sock-shop-tutorial Code examples: https://github.com/emojify-app
Copyright © 2019 HashiCorp Thanks! @danielbryantuk

Empfohlen

CloudNativeLondon 2019 "API Gateways and Service Meshes: Opening the Door to ...
CloudNativeLondon 2019 "API Gateways and Service Meshes: Opening the Door to ...CloudNativeLondon 2019 "API Gateways and Service Meshes: Opening the Door to ...
CloudNativeLondon 2019 "API Gateways and Service Meshes: Opening the Door to ...
Daniel Bryant
 
JAX London 2019 "Cloud Native Communication: Using an API Gateway and Service...
JAX London 2019 "Cloud Native Communication: Using an API Gateway and Service...JAX London 2019 "Cloud Native Communication: Using an API Gateway and Service...
JAX London 2019 "Cloud Native Communication: Using an API Gateway and Service...
Daniel Bryant
 
[SC London] "Testing Microservices: from Development to Production
[SC London] "Testing Microservices: from Development to Production[SC London] "Testing Microservices: from Development to Production
[SC London] "Testing Microservices: from Development to Production
Daniel Bryant
 
NFV Testing
NFV TestingNFV Testing
NFV Testing
Open Networking Summit
 
Digital Transformation through Open Software Defined Infrastructure
Digital Transformation through Open Software Defined InfrastructureDigital Transformation through Open Software Defined Infrastructure
Digital Transformation through Open Software Defined Infrastructure
Open Networking Summit
 
A Software Defined WAN Architecture
A Software Defined WAN ArchitectureA Software Defined WAN Architecture
A Software Defined WAN Architecture
Open Networking Summits
 
SAP FIORI COEP Pune - pavan golesar (ppt)
SAP FIORI COEP Pune - pavan golesar (ppt)SAP FIORI COEP Pune - pavan golesar (ppt)
SAP FIORI COEP Pune - pavan golesar (ppt)
Pavan Golesar
 
State of the OpenDaylight Union
State of the OpenDaylight UnionState of the OpenDaylight Union
State of the OpenDaylight Union
Open Networking Summit
 

Empfohlen

CloudNativeLondon 2019 "API Gateways and Service Meshes: Opening the Door to ...
CloudNativeLondon 2019 "API Gateways and Service Meshes: Opening the Door to ...CloudNativeLondon 2019 "API Gateways and Service Meshes: Opening the Door to ...
CloudNativeLondon 2019 "API Gateways and Service Meshes: Opening the Door to ...
Daniel Bryant
 
JAX London 2019 "Cloud Native Communication: Using an API Gateway and Service...
JAX London 2019 "Cloud Native Communication: Using an API Gateway and Service...JAX London 2019 "Cloud Native Communication: Using an API Gateway and Service...
JAX London 2019 "Cloud Native Communication: Using an API Gateway and Service...
Daniel Bryant
 
[SC London] "Testing Microservices: from Development to Production
[SC London] "Testing Microservices: from Development to Production[SC London] "Testing Microservices: from Development to Production
[SC London] "Testing Microservices: from Development to Production
Daniel Bryant
 
NFV Testing
NFV TestingNFV Testing
NFV Testing
Open Networking Summit
 
Digital Transformation through Open Software Defined Infrastructure
Digital Transformation through Open Software Defined InfrastructureDigital Transformation through Open Software Defined Infrastructure
Digital Transformation through Open Software Defined Infrastructure
Open Networking Summit
 
A Software Defined WAN Architecture
A Software Defined WAN ArchitectureA Software Defined WAN Architecture
A Software Defined WAN Architecture
Open Networking Summits
 
SAP FIORI COEP Pune - pavan golesar (ppt)
SAP FIORI COEP Pune - pavan golesar (ppt)SAP FIORI COEP Pune - pavan golesar (ppt)
SAP FIORI COEP Pune - pavan golesar (ppt)
Pavan Golesar
 
State of the OpenDaylight Union
State of the OpenDaylight UnionState of the OpenDaylight Union
State of the OpenDaylight Union
Open Networking Summit
 
ONAP TOSCA Orchestration with Cloudify
ONAP TOSCA Orchestration with CloudifyONAP TOSCA Orchestration with Cloudify
ONAP TOSCA Orchestration with Cloudify
Cloudify Community
 
Software-Defined WAN: A Real World Success Story
Software-Defined WAN: A Real World Success StorySoftware-Defined WAN: A Real World Success Story
Software-Defined WAN: A Real World Success Story
Cisco Enterprise Networks
 
How to create custom dashboards in Elastic Search / Kibana with Performance V...
How to create custom dashboards in Elastic Search / Kibana with Performance V...How to create custom dashboards in Elastic Search / Kibana with Performance V...
How to create custom dashboards in Elastic Search / Kibana with Performance V...
PerformanceVision (previously SecurActive)
 
The Interoperability Challenge in Telecom and NFS Environments
The Interoperability Challenge in Telecom and NFS EnvironmentsThe Interoperability Challenge in Telecom and NFS Environments
The Interoperability Challenge in Telecom and NFS Environments
Open Networking Summit
 
PLNOG16: The visionary style of ADC, Detlef Lilje
PLNOG16: The visionary style of ADC, Detlef LiljePLNOG16: The visionary style of ADC, Detlef Lilje
PLNOG16: The visionary style of ADC, Detlef Lilje
PROIDEA
 
Cloud computing-2 (1)
Cloud computing-2 (1)Cloud computing-2 (1)
Cloud computing-2 (1)
JUDYFLAVIAB
 
Workshop on CIFS / SMB Protocol Performance Analysis
Workshop on CIFS / SMB Protocol Performance AnalysisWorkshop on CIFS / SMB Protocol Performance Analysis
Workshop on CIFS / SMB Protocol Performance Analysis
PerformanceVision (previously SecurActive)
 
Atf 3 q15-5 - streamlining and automating virtual network control
Atf 3 q15-5 - streamlining and automating virtual network controlAtf 3 q15-5 - streamlining and automating virtual network control
Atf 3 q15-5 - streamlining and automating virtual network control
Mason Mei
 
Cloud Automation Manager
Cloud Automation ManagerCloud Automation Manager
Cloud Automation Manager
Nithin Babu
 
Introducing ONAP for OpenStack St Louis Meetup
Introducing ONAP for OpenStack St Louis MeetupIntroducing ONAP for OpenStack St Louis Meetup
Introducing ONAP for OpenStack St Louis Meetup
djzook
 
Cloud integration patterns for it pros - itprceed
Cloud integration patterns for it pros - itprceedCloud integration patterns for it pros - itprceed
Cloud integration patterns for it pros - itprceed
Sam Vanhoutte
 
Orchestration of Microservices - Google dev fest 2017 Berlin
Orchestration of Microservices - Google dev fest 2017 BerlinOrchestration of Microservices - Google dev fest 2017 Berlin
Orchestration of Microservices - Google dev fest 2017 Berlin
Zeebe
 
Micro service architecture
Micro service architecture Micro service architecture
Micro service architecture
Ayyappan Paramesh
 
Shedding Light on LINE Token Economy You Won't Find in Our White Paper
Shedding Light on LINE Token Economy You Won't Find in Our White PaperShedding Light on LINE Token Economy You Won't Find in Our White Paper
Shedding Light on LINE Token Economy You Won't Find in Our White Paper
LINE Corporation
 
Microservice Powered Orchestration
Microservice Powered OrchestrationMicroservice Powered Orchestration
Microservice Powered Orchestration
Open Networking Summit
 
Building Hyperscale Networks
Building Hyperscale NetworksBuilding Hyperscale Networks
Building Hyperscale Networks
Open Networking Summit
 
The Power to Declare Network Independence - VeloCloud
The Power to Declare Network Independence - VeloCloudThe Power to Declare Network Independence - VeloCloud
The Power to Declare Network Independence - VeloCloud
VeloCloud Networks, Inc.
 
Anatomy of the modern application stack
Anatomy of the modern application stackAnatomy of the modern application stack
Anatomy of the modern application stack
Boyan Dimitrov
 
Microservices with .Net - NDC Sydney, 2016
Microservices with .Net - NDC Sydney, 2016Microservices with .Net - NDC Sydney, 2016
Microservices with .Net - NDC Sydney, 2016
Richard Banks
 
Ss Esb
Ss EsbSs Esb
Ss Esb
WSO2
 
ISTIO Deep Dive
ISTIO Deep DiveISTIO Deep Dive
ISTIO Deep Dive
Yong Feng
 
Changing Views on Integration (AUSOUG Webinar Series, May 2020)
Changing Views on Integration (AUSOUG Webinar Series, May 2020)Changing Views on Integration (AUSOUG Webinar Series, May 2020)
Changing Views on Integration (AUSOUG Webinar Series, May 2020)
Lucas Jellema
 

Weitere ähnliche Inhalte

Was ist angesagt?

The Interoperability Challenge in Telecom and NFS Environments
The Interoperability Challenge in Telecom and NFS EnvironmentsThe Interoperability Challenge in Telecom and NFS Environments
The Interoperability Challenge in Telecom and NFS Environments
Open Networking Summit
 
Atf 3 q15-5 - streamlining and automating virtual network control
Atf 3 q15-5 - streamlining and automating virtual network controlAtf 3 q15-5 - streamlining and automating virtual network control
Atf 3 q15-5 - streamlining and automating virtual network control
Mason Mei
 
Ss Esb
Ss EsbSs Esb
Ss Esb
WSO2
 

Was ist angesagt? (20)

ONAP TOSCA Orchestration with Cloudify
ONAP TOSCA Orchestration with CloudifyONAP TOSCA Orchestration with Cloudify
ONAP TOSCA Orchestration with Cloudify
 
Software-Defined WAN: A Real World Success Story
Software-Defined WAN: A Real World Success StorySoftware-Defined WAN: A Real World Success Story
Software-Defined WAN: A Real World Success Story
 
How to create custom dashboards in Elastic Search / Kibana with Performance V...
How to create custom dashboards in Elastic Search / Kibana with Performance V...How to create custom dashboards in Elastic Search / Kibana with Performance V...
How to create custom dashboards in Elastic Search / Kibana with Performance V...
 
The Interoperability Challenge in Telecom and NFS Environments
The Interoperability Challenge in Telecom and NFS EnvironmentsThe Interoperability Challenge in Telecom and NFS Environments
The Interoperability Challenge in Telecom and NFS Environments
 
PLNOG16: The visionary style of ADC, Detlef Lilje
PLNOG16: The visionary style of ADC, Detlef LiljePLNOG16: The visionary style of ADC, Detlef Lilje
PLNOG16: The visionary style of ADC, Detlef Lilje
 
Cloud computing-2 (1)
Cloud computing-2 (1)Cloud computing-2 (1)
Cloud computing-2 (1)
 
Workshop on CIFS / SMB Protocol Performance Analysis
Workshop on CIFS / SMB Protocol Performance AnalysisWorkshop on CIFS / SMB Protocol Performance Analysis
Workshop on CIFS / SMB Protocol Performance Analysis
 
Atf 3 q15-5 - streamlining and automating virtual network control
Atf 3 q15-5 - streamlining and automating virtual network controlAtf 3 q15-5 - streamlining and automating virtual network control
Atf 3 q15-5 - streamlining and automating virtual network control
 
Cloud Automation Manager
Cloud Automation ManagerCloud Automation Manager
Cloud Automation Manager
 
Introducing ONAP for OpenStack St Louis Meetup
Introducing ONAP for OpenStack St Louis MeetupIntroducing ONAP for OpenStack St Louis Meetup
Introducing ONAP for OpenStack St Louis Meetup
 
Cloud integration patterns for it pros - itprceed
Cloud integration patterns for it pros - itprceedCloud integration patterns for it pros - itprceed
Cloud integration patterns for it pros - itprceed
 
Orchestration of Microservices - Google dev fest 2017 Berlin
Orchestration of Microservices - Google dev fest 2017 BerlinOrchestration of Microservices - Google dev fest 2017 Berlin
Orchestration of Microservices - Google dev fest 2017 Berlin
 
Micro service architecture
Micro service architecture Micro service architecture
Micro service architecture
 
Shedding Light on LINE Token Economy You Won't Find in Our White Paper
Shedding Light on LINE Token Economy You Won't Find in Our White PaperShedding Light on LINE Token Economy You Won't Find in Our White Paper
Shedding Light on LINE Token Economy You Won't Find in Our White Paper
 
Microservice Powered Orchestration
Microservice Powered OrchestrationMicroservice Powered Orchestration
Microservice Powered Orchestration
 
Building Hyperscale Networks
Building Hyperscale NetworksBuilding Hyperscale Networks
Building Hyperscale Networks
 
The Power to Declare Network Independence - VeloCloud
The Power to Declare Network Independence - VeloCloudThe Power to Declare Network Independence - VeloCloud
The Power to Declare Network Independence - VeloCloud
 
Anatomy of the modern application stack
Anatomy of the modern application stackAnatomy of the modern application stack
Anatomy of the modern application stack
 
Microservices with .Net - NDC Sydney, 2016
Microservices with .Net - NDC Sydney, 2016Microservices with .Net - NDC Sydney, 2016
Microservices with .Net - NDC Sydney, 2016
 
Ss Esb
Ss EsbSs Esb
Ss Esb
 

Ähnlich wie SACON EU 2019 "API Gateways and Service Meshes: Opening the Door to Application Modernisation"

Changing Views on Integration (AUSOUG Webinar Series, May 2020)
Changing Views on Integration (AUSOUG Webinar Series, May 2020)Changing Views on Integration (AUSOUG Webinar Series, May 2020)
Changing Views on Integration (AUSOUG Webinar Series, May 2020)
Lucas Jellema
 
AWS User Group Sydney - Meetup #60
AWS User Group Sydney - Meetup #60AWS User Group Sydney - Meetup #60
AWS User Group Sydney - Meetup #60
PolarSeven Pty Ltd
 
Next-Generation Security Operations with AWS
Next-Generation Security Operations with AWSNext-Generation Security Operations with AWS
Next-Generation Security Operations with AWS
Amazon Web Services
 

Ähnlich wie SACON EU 2019 "API Gateways and Service Meshes: Opening the Door to Application Modernisation" (20)

ISTIO Deep Dive
ISTIO Deep DiveISTIO Deep Dive
ISTIO Deep Dive
 
Changing Views on Integration (AUSOUG Webinar Series, May 2020)
Changing Views on Integration (AUSOUG Webinar Series, May 2020)Changing Views on Integration (AUSOUG Webinar Series, May 2020)
Changing Views on Integration (AUSOUG Webinar Series, May 2020)
 
Winning Governance Strategies for the Technology Disruptions of our Time
Winning Governance Strategies for the Technology Disruptions of our TimeWinning Governance Strategies for the Technology Disruptions of our Time
Winning Governance Strategies for the Technology Disruptions of our Time
 
AWS User Group Sydney - Meetup #60
AWS User Group Sydney - Meetup #60AWS User Group Sydney - Meetup #60
AWS User Group Sydney - Meetup #60
 
Istio Service Mesh for Developers and Platform Engineers
Istio Service Mesh for Developers and Platform EngineersIstio Service Mesh for Developers and Platform Engineers
Istio Service Mesh for Developers and Platform Engineers
 
Service Oriented Architecture & Beyond
Service Oriented Architecture & BeyondService Oriented Architecture & Beyond
Service Oriented Architecture & Beyond
 
Cloud Computing E-Lect.ppt
Cloud Computing E-Lect.pptCloud Computing E-Lect.ppt
Cloud Computing E-Lect.ppt
 
Session
SessionSession
Session
 
Introduction To Cloud Computing
Introduction To Cloud ComputingIntroduction To Cloud Computing
Introduction To Cloud Computing
 
Introduction to Cloud Computing
Introduction to Cloud ComputingIntroduction to Cloud Computing
Introduction to Cloud Computing
 
Salesforce - classification of cloud computing
Salesforce - classification of cloud computingSalesforce - classification of cloud computing
Salesforce - classification of cloud computing
 
Next-Generation Security Operations with AWS
Next-Generation Security Operations with AWSNext-Generation Security Operations with AWS
Next-Generation Security Operations with AWS
 
Cloud and its job oppertunities
Cloud and its job oppertunitiesCloud and its job oppertunities
Cloud and its job oppertunities
 
Nuage meetup - Flexible and agile Software Defined Networking (SDN)
Nuage meetup - Flexible and agile Software Defined Networking (SDN)Nuage meetup - Flexible and agile Software Defined Networking (SDN)
Nuage meetup - Flexible and agile Software Defined Networking (SDN)
 
Embracing SDN in the Next Gen Network
Embracing SDN in the Next Gen NetworkEmbracing SDN in the Next Gen Network
Embracing SDN in the Next Gen Network
 
Is your MQTT broker IoT ready?
Is your MQTT broker IoT ready?Is your MQTT broker IoT ready?
Is your MQTT broker IoT ready?
 
lect15_cloud.ppt
lect15_cloud.pptlect15_cloud.ppt
lect15_cloud.ppt
 
Taw opening session
Taw opening sessionTaw opening session
Taw opening session
 
Monitoring microservices platform
Monitoring microservices platformMonitoring microservices platform
Monitoring microservices platform
 
Agile integration: Decomposing the monolith
Agile integration: Decomposing the monolith Agile integration: Decomposing the monolith
Agile integration: Decomposing the monolith
 

Mehr von Daniel Bryant

ITKonekt 2023: The Busy Platform Engineers Guide to API Gateways
ITKonekt 2023: The Busy Platform Engineers Guide to API GatewaysITKonekt 2023: The Busy Platform Engineers Guide to API Gateways
ITKonekt 2023: The Busy Platform Engineers Guide to API Gateways
Daniel Bryant
 
CraftConf 2023 "Microservice Testing Techniques: Mocks vs Service Virtualizat...
CraftConf 2023 "Microservice Testing Techniques: Mocks vs Service Virtualizat...CraftConf 2023 "Microservice Testing Techniques: Mocks vs Service Virtualizat...
CraftConf 2023 "Microservice Testing Techniques: Mocks vs Service Virtualizat...
Daniel Bryant
 
PlatformCon 23: "The Busy Platform Engineers Guide to API Gateways"
PlatformCon 23: "The Busy Platform Engineers Guide to API Gateways"PlatformCon 23: "The Busy Platform Engineers Guide to API Gateways"
PlatformCon 23: "The Busy Platform Engineers Guide to API Gateways"
Daniel Bryant
 
Java Meetup 23: 'Debugging Microservices "Remocally" in Kubernetes with Telep...
Java Meetup 23: 'Debugging Microservices "Remocally" in Kubernetes with Telep...Java Meetup 23: 'Debugging Microservices "Remocally" in Kubernetes with Telep...
Java Meetup 23: 'Debugging Microservices "Remocally" in Kubernetes with Telep...
Daniel Bryant
 
DevRelCon 2022: "Is Product Led Growth (PLG) the “DevOps” of the DevRel World"
DevRelCon 2022: "Is Product Led Growth (PLG) the “DevOps” of the DevRel World"DevRelCon 2022: "Is Product Led Growth (PLG) the “DevOps” of the DevRel World"
DevRelCon 2022: "Is Product Led Growth (PLG) the “DevOps” of the DevRel World"
Daniel Bryant
 
Fall 22: "From Kubernetes to PaaS to... err, what's next"
Fall 22: "From Kubernetes to PaaS to... err, what's next"Fall 22: "From Kubernetes to PaaS to... err, what's next"
Fall 22: "From Kubernetes to PaaS to... err, what's next"
Daniel Bryant
 
Building Microservice Systems Without Cooking Your Laptop: Going “Remocal” wi...
Building Microservice Systems Without Cooking Your Laptop: Going “Remocal” wi...Building Microservice Systems Without Cooking Your Laptop: Going “Remocal” wi...
Building Microservice Systems Without Cooking Your Laptop: Going “Remocal” wi...
Daniel Bryant
 
KubeCrash 22: Debugging Microservices "Remocally" in Kubernetes with Telepres...
KubeCrash 22: Debugging Microservices "Remocally" in Kubernetes with Telepres...KubeCrash 22: Debugging Microservices "Remocally" in Kubernetes with Telepres...
KubeCrash 22: Debugging Microservices "Remocally" in Kubernetes with Telepres...
Daniel Bryant
 
JAX London 22: Debugging Microservices "Remocally" in Kubernetes with Telepre...
JAX London 22: Debugging Microservices "Remocally" in Kubernetes with Telepre...JAX London 22: Debugging Microservices "Remocally" in Kubernetes with Telepre...
JAX London 22: Debugging Microservices "Remocally" in Kubernetes with Telepre...
Daniel Bryant
 
KubeCon EU 2022: From Kubernetes to PaaS to Err What's Next
KubeCon EU 2022: From Kubernetes to PaaS to Err What's NextKubeCon EU 2022: From Kubernetes to PaaS to Err What's Next
KubeCon EU 2022: From Kubernetes to PaaS to Err What's Next
Daniel Bryant
 
Devoxx UK 22: Debugging Java Microservices "Remocally" in Kubernetes with Tel...
Devoxx UK 22: Debugging Java Microservices "Remocally" in Kubernetes with Tel...Devoxx UK 22: Debugging Java Microservices "Remocally" in Kubernetes with Tel...
Devoxx UK 22: Debugging Java Microservices "Remocally" in Kubernetes with Tel...
Daniel Bryant
 
DevXDay KubeCon NA 2021: "From Kubernetes to PaaS to Developer Control Planes"
DevXDay KubeCon NA 2021: "From Kubernetes to PaaS to Developer Control Planes"DevXDay KubeCon NA 2021: "From Kubernetes to PaaS to Developer Control Planes"
DevXDay KubeCon NA 2021: "From Kubernetes to PaaS to Developer Control Planes"
Daniel Bryant
 
JAX London 2021: Jumpstart Your Cloud Native Development: An Overview of Prac...
JAX London 2021: Jumpstart Your Cloud Native Development: An Overview of Prac...JAX London 2021: Jumpstart Your Cloud Native Development: An Overview of Prac...
JAX London 2021: Jumpstart Your Cloud Native Development: An Overview of Prac...
Daniel Bryant
 
Container Days: Easy Debugging of Microservices Running on Kubernetes with Te...
Container Days: Easy Debugging of Microservices Running on Kubernetes with Te...Container Days: Easy Debugging of Microservices Running on Kubernetes with Te...
Container Days: Easy Debugging of Microservices Running on Kubernetes with Te...
Daniel Bryant
 
Canadian CNCF: "Emissary-ingress 101: An introduction to the CNCF incubation-...
Canadian CNCF: "Emissary-ingress 101: An introduction to the CNCF incubation-...Canadian CNCF: "Emissary-ingress 101: An introduction to the CNCF incubation-...
Canadian CNCF: "Emissary-ingress 101: An introduction to the CNCF incubation-...
Daniel Bryant
 
MJC 2021: "Debugging Java Microservices Running on Kubernetes with Telepresence"
MJC 2021: "Debugging Java Microservices Running on Kubernetes with Telepresence"MJC 2021: "Debugging Java Microservices Running on Kubernetes with Telepresence"
MJC 2021: "Debugging Java Microservices Running on Kubernetes with Telepresence"
Daniel Bryant
 
LJC 4/21"Easy Debugging of Java Microservices Running on Kubernetes with Tele...
LJC 4/21"Easy Debugging of Java Microservices Running on Kubernetes with Tele...LJC 4/21"Easy Debugging of Java Microservices Running on Kubernetes with Tele...
LJC 4/21"Easy Debugging of Java Microservices Running on Kubernetes with Tele...
Daniel Bryant
 
GOTOpia 2/2021 "Cloud Native Development Without the Toil: An Overview of Pra...
GOTOpia 2/2021 "Cloud Native Development Without the Toil: An Overview of Pra...GOTOpia 2/2021 "Cloud Native Development Without the Toil: An Overview of Pra...
GOTOpia 2/2021 "Cloud Native Development Without the Toil: An Overview of Pra...
Daniel Bryant
 

Mehr von Daniel Bryant (20)

ITKonekt 2023: The Busy Platform Engineers Guide to API Gateways
ITKonekt 2023: The Busy Platform Engineers Guide to API GatewaysITKonekt 2023: The Busy Platform Engineers Guide to API Gateways
ITKonekt 2023: The Busy Platform Engineers Guide to API Gateways
 
CraftConf 2023 "Microservice Testing Techniques: Mocks vs Service Virtualizat...
CraftConf 2023 "Microservice Testing Techniques: Mocks vs Service Virtualizat...CraftConf 2023 "Microservice Testing Techniques: Mocks vs Service Virtualizat...
CraftConf 2023 "Microservice Testing Techniques: Mocks vs Service Virtualizat...
 
PlatformCon 23: "The Busy Platform Engineers Guide to API Gateways"
PlatformCon 23: "The Busy Platform Engineers Guide to API Gateways"PlatformCon 23: "The Busy Platform Engineers Guide to API Gateways"
PlatformCon 23: "The Busy Platform Engineers Guide to API Gateways"
 
Java Meetup 23: 'Debugging Microservices "Remocally" in Kubernetes with Telep...
Java Meetup 23: 'Debugging Microservices "Remocally" in Kubernetes with Telep...Java Meetup 23: 'Debugging Microservices "Remocally" in Kubernetes with Telep...
Java Meetup 23: 'Debugging Microservices "Remocally" in Kubernetes with Telep...
 
DevRelCon 2022: "Is Product Led Growth (PLG) the “DevOps” of the DevRel World"
DevRelCon 2022: "Is Product Led Growth (PLG) the “DevOps” of the DevRel World"DevRelCon 2022: "Is Product Led Growth (PLG) the “DevOps” of the DevRel World"
DevRelCon 2022: "Is Product Led Growth (PLG) the “DevOps” of the DevRel World"
 
Fall 22: "From Kubernetes to PaaS to... err, what's next"
Fall 22: "From Kubernetes to PaaS to... err, what's next"Fall 22: "From Kubernetes to PaaS to... err, what's next"
Fall 22: "From Kubernetes to PaaS to... err, what's next"
 
Building Microservice Systems Without Cooking Your Laptop: Going “Remocal” wi...
Building Microservice Systems Without Cooking Your Laptop: Going “Remocal” wi...Building Microservice Systems Without Cooking Your Laptop: Going “Remocal” wi...
Building Microservice Systems Without Cooking Your Laptop: Going “Remocal” wi...
 
KubeCrash 22: Debugging Microservices "Remocally" in Kubernetes with Telepres...
KubeCrash 22: Debugging Microservices "Remocally" in Kubernetes with Telepres...KubeCrash 22: Debugging Microservices "Remocally" in Kubernetes with Telepres...
KubeCrash 22: Debugging Microservices "Remocally" in Kubernetes with Telepres...
 
JAX London 22: Debugging Microservices "Remocally" in Kubernetes with Telepre...
JAX London 22: Debugging Microservices "Remocally" in Kubernetes with Telepre...JAX London 22: Debugging Microservices "Remocally" in Kubernetes with Telepre...
JAX London 22: Debugging Microservices "Remocally" in Kubernetes with Telepre...
 
CloudBuilders 2022: "The Past, Present, and Future of Cloud Native API Gateways"
CloudBuilders 2022: "The Past, Present, and Future of Cloud Native API Gateways"CloudBuilders 2022: "The Past, Present, and Future of Cloud Native API Gateways"
CloudBuilders 2022: "The Past, Present, and Future of Cloud Native API Gateways"
 
KubeCon EU 2022: From Kubernetes to PaaS to Err What's Next
KubeCon EU 2022: From Kubernetes to PaaS to Err What's NextKubeCon EU 2022: From Kubernetes to PaaS to Err What's Next
KubeCon EU 2022: From Kubernetes to PaaS to Err What's Next
 
Devoxx UK 22: Debugging Java Microservices "Remocally" in Kubernetes with Tel...
Devoxx UK 22: Debugging Java Microservices "Remocally" in Kubernetes with Tel...Devoxx UK 22: Debugging Java Microservices "Remocally" in Kubernetes with Tel...
Devoxx UK 22: Debugging Java Microservices "Remocally" in Kubernetes with Tel...
 
DevXDay KubeCon NA 2021: "From Kubernetes to PaaS to Developer Control Planes"
DevXDay KubeCon NA 2021: "From Kubernetes to PaaS to Developer Control Planes"DevXDay KubeCon NA 2021: "From Kubernetes to PaaS to Developer Control Planes"
DevXDay KubeCon NA 2021: "From Kubernetes to PaaS to Developer Control Planes"
 
JAX London 2021: Jumpstart Your Cloud Native Development: An Overview of Prac...
JAX London 2021: Jumpstart Your Cloud Native Development: An Overview of Prac...JAX London 2021: Jumpstart Your Cloud Native Development: An Overview of Prac...
JAX London 2021: Jumpstart Your Cloud Native Development: An Overview of Prac...
 
Container Days: Easy Debugging of Microservices Running on Kubernetes with Te...
Container Days: Easy Debugging of Microservices Running on Kubernetes with Te...Container Days: Easy Debugging of Microservices Running on Kubernetes with Te...
Container Days: Easy Debugging of Microservices Running on Kubernetes with Te...
 
Canadian CNCF: "Emissary-ingress 101: An introduction to the CNCF incubation-...
Canadian CNCF: "Emissary-ingress 101: An introduction to the CNCF incubation-...Canadian CNCF: "Emissary-ingress 101: An introduction to the CNCF incubation-...
Canadian CNCF: "Emissary-ingress 101: An introduction to the CNCF incubation-...
 
MJC 2021: "Debugging Java Microservices Running on Kubernetes with Telepresence"
MJC 2021: "Debugging Java Microservices Running on Kubernetes with Telepresence"MJC 2021: "Debugging Java Microservices Running on Kubernetes with Telepresence"
MJC 2021: "Debugging Java Microservices Running on Kubernetes with Telepresence"
 
LJC 4/21"Easy Debugging of Java Microservices Running on Kubernetes with Tele...
LJC 4/21"Easy Debugging of Java Microservices Running on Kubernetes with Tele...LJC 4/21"Easy Debugging of Java Microservices Running on Kubernetes with Tele...
LJC 4/21"Easy Debugging of Java Microservices Running on Kubernetes with Tele...
 
GOTOpia 2/2021 "Cloud Native Development Without the Toil: An Overview of Pra...
GOTOpia 2/2021 "Cloud Native Development Without the Toil: An Overview of Pra...GOTOpia 2/2021 "Cloud Native Development Without the Toil: An Overview of Pra...
GOTOpia 2/2021 "Cloud Native Development Without the Toil: An Overview of Pra...
 
HashiCorp Webinar: "Getting started with Ambassador and Consul on Kubernetes ...
HashiCorp Webinar: "Getting started with Ambassador and Consul on Kubernetes ...HashiCorp Webinar: "Getting started with Ambassador and Consul on Kubernetes ...
HashiCorp Webinar: "Getting started with Ambassador and Consul on Kubernetes ...
 

Kürzlich hochgeladen

What Goes Wrong with Language Definitions and How to Improve the Situation
What Goes Wrong with Language Definitions and How to Improve the SituationWhat Goes Wrong with Language Definitions and How to Improve the Situation
What Goes Wrong with Language Definitions and How to Improve the Situation
Juha-Pekka Tolvanen
 
%+27788225528 love spells in Boston Psychic Readings, Attraction spells,Bring...
%+27788225528 love spells in Boston Psychic Readings, Attraction spells,Bring...%+27788225528 love spells in Boston Psychic Readings, Attraction spells,Bring...
%+27788225528 love spells in Boston Psychic Readings, Attraction spells,Bring...
masabamasaba
 
AI & Machine Learning Presentation Template
AI & Machine Learning Presentation TemplateAI & Machine Learning Presentation Template
AI & Machine Learning Presentation Template
Presentation.STUDIO
 
Abortion Pills In Pretoria ](+27832195400*)[ 🏥 Women's Abortion Clinic In Pre...
Abortion Pills In Pretoria ](+27832195400*)[ 🏥 Women's Abortion Clinic In Pre...Abortion Pills In Pretoria ](+27832195400*)[ 🏥 Women's Abortion Clinic In Pre...
Abortion Pills In Pretoria ](+27832195400*)[ 🏥 Women's Abortion Clinic In Pre...
Medical / Health Care (+971588192166) Mifepristone and Misoprostol tablets 200mg
 
Architecture decision records - How not to get lost in the past
Architecture decision records - How not to get lost in the pastArchitecture decision records - How not to get lost in the past
Architecture decision records - How not to get lost in the past
Papp Krisztián
 
Love witchcraft +27768521739 Binding love spell in Sandy Springs, GA |psychic...
Love witchcraft +27768521739 Binding love spell in Sandy Springs, GA |psychic...Love witchcraft +27768521739 Binding love spell in Sandy Springs, GA |psychic...
Love witchcraft +27768521739 Binding love spell in Sandy Springs, GA |psychic...
chiefasafspells
 
Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024
Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024
Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024
VictoriaMetrics
 

Kürzlich hochgeladen (20)

%in kempton park+277-882-255-28 abortion pills for sale in kempton park
%in kempton park+277-882-255-28 abortion pills for sale in kempton park %in kempton park+277-882-255-28 abortion pills for sale in kempton park
%in kempton park+277-882-255-28 abortion pills for sale in kempton park
 
What Goes Wrong with Language Definitions and How to Improve the Situation
What Goes Wrong with Language Definitions and How to Improve the SituationWhat Goes Wrong with Language Definitions and How to Improve the Situation
What Goes Wrong with Language Definitions and How to Improve the Situation
 
%+27788225528 love spells in Boston Psychic Readings, Attraction spells,Bring...
%+27788225528 love spells in Boston Psychic Readings, Attraction spells,Bring...%+27788225528 love spells in Boston Psychic Readings, Attraction spells,Bring...
%+27788225528 love spells in Boston Psychic Readings, Attraction spells,Bring...
 
AI & Machine Learning Presentation Template
AI & Machine Learning Presentation TemplateAI & Machine Learning Presentation Template
AI & Machine Learning Presentation Template
 
BUS PASS MANGEMENT SYSTEM USING PHP.pptx
BUS PASS MANGEMENT SYSTEM USING PHP.pptxBUS PASS MANGEMENT SYSTEM USING PHP.pptx
BUS PASS MANGEMENT SYSTEM USING PHP.pptx
 
%in Bahrain+277-882-255-28 abortion pills for sale in Bahrain
%in Bahrain+277-882-255-28 abortion pills for sale in Bahrain%in Bahrain+277-882-255-28 abortion pills for sale in Bahrain
%in Bahrain+277-882-255-28 abortion pills for sale in Bahrain
 
Abortion Pills In Pretoria ](+27832195400*)[ 🏥 Women's Abortion Clinic In Pre...
Abortion Pills In Pretoria ](+27832195400*)[ 🏥 Women's Abortion Clinic In Pre...Abortion Pills In Pretoria ](+27832195400*)[ 🏥 Women's Abortion Clinic In Pre...
Abortion Pills In Pretoria ](+27832195400*)[ 🏥 Women's Abortion Clinic In Pre...
 
%in Stilfontein+277-882-255-28 abortion pills for sale in Stilfontein
%in Stilfontein+277-882-255-28 abortion pills for sale in Stilfontein%in Stilfontein+277-882-255-28 abortion pills for sale in Stilfontein
%in Stilfontein+277-882-255-28 abortion pills for sale in Stilfontein
 
Architecture decision records - How not to get lost in the past
Architecture decision records - How not to get lost in the pastArchitecture decision records - How not to get lost in the past
Architecture decision records - How not to get lost in the past
 
WSO2CON 2024 - WSO2's Digital Transformation Journey with Choreo: A Platforml...
WSO2CON 2024 - WSO2's Digital Transformation Journey with Choreo: A Platforml...WSO2CON 2024 - WSO2's Digital Transformation Journey with Choreo: A Platforml...
WSO2CON 2024 - WSO2's Digital Transformation Journey with Choreo: A Platforml...
 
WSO2CON 2024 Slides - Unlocking Value with AI
WSO2CON 2024 Slides - Unlocking Value with AIWSO2CON 2024 Slides - Unlocking Value with AI
WSO2CON 2024 Slides - Unlocking Value with AI
 
%in tembisa+277-882-255-28 abortion pills for sale in tembisa
%in tembisa+277-882-255-28 abortion pills for sale in tembisa%in tembisa+277-882-255-28 abortion pills for sale in tembisa
%in tembisa+277-882-255-28 abortion pills for sale in tembisa
 
WSO2CON 2024 - Building the API First Enterprise – Running an API Program, fr...
WSO2CON 2024 - Building the API First Enterprise – Running an API Program, fr...WSO2CON 2024 - Building the API First Enterprise – Running an API Program, fr...
WSO2CON 2024 - Building the API First Enterprise – Running an API Program, fr...
 
Love witchcraft +27768521739 Binding love spell in Sandy Springs, GA |psychic...
Love witchcraft +27768521739 Binding love spell in Sandy Springs, GA |psychic...Love witchcraft +27768521739 Binding love spell in Sandy Springs, GA |psychic...
Love witchcraft +27768521739 Binding love spell in Sandy Springs, GA |psychic...
 
%in Benoni+277-882-255-28 abortion pills for sale in Benoni
%in Benoni+277-882-255-28 abortion pills for sale in Benoni%in Benoni+277-882-255-28 abortion pills for sale in Benoni
%in Benoni+277-882-255-28 abortion pills for sale in Benoni
 
WSO2CON 2024 - Navigating API Complexity: REST, GraphQL, gRPC, Websocket, Web...
WSO2CON 2024 - Navigating API Complexity: REST, GraphQL, gRPC, Websocket, Web...WSO2CON 2024 - Navigating API Complexity: REST, GraphQL, gRPC, Websocket, Web...
WSO2CON 2024 - Navigating API Complexity: REST, GraphQL, gRPC, Websocket, Web...
 
WSO2CON 2024 - Does Open Source Still Matter?
WSO2CON 2024 - Does Open Source Still Matter?WSO2CON 2024 - Does Open Source Still Matter?
WSO2CON 2024 - Does Open Source Still Matter?
 
Devoxx UK 2024 - Going serverless with Quarkus, GraalVM native images and AWS...
Devoxx UK 2024 - Going serverless with Quarkus, GraalVM native images and AWS...Devoxx UK 2024 - Going serverless with Quarkus, GraalVM native images and AWS...
Devoxx UK 2024 - Going serverless with Quarkus, GraalVM native images and AWS...
 
Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024
Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024
Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024
 
%in Rustenburg+277-882-255-28 abortion pills for sale in Rustenburg
%in Rustenburg+277-882-255-28 abortion pills for sale in Rustenburg%in Rustenburg+277-882-255-28 abortion pills for sale in Rustenburg
%in Rustenburg+277-882-255-28 abortion pills for sale in Rustenburg
 

SACON EU 2019 "API Gateways and Service Meshes: Opening the Door to Application Modernisation"

  • 1. API Gateways and Service Meshes: Opening the Door to Application Modernisation Daniel Bryant Product Architect, Datawire
  • 2. tl;dr ▪ App modernisation is often about incrementally decoupling apps from infra – An API gateway and service mesh can help with this migration ▪ API gateway handles ingress traffic ▪ Service mesh handles service-to-service comms ▪ You can decouple apps via two patterns – Outside-in, using an API gateway – Balkanization, using a service mesh on a segment of services
  • 3. Product Architect at Datawire Freelance Tech Consultant and Writer @danielbryantuk
  • 4. Why App Modernisation? ▪ Lead time ▪ Deployment frequency ▪ Mean time to restore (MTTR) ▪ Change fail percentage CIOs: “We want to go faster, and not fall over (and if it breaks we want to detect and fix it fast)”
  • 5. App Modernisation ▪ Refactoring, repurposing, or consolidation of heritage software to align it more closely with current business needs ▪ Decoupling applications from infrastructure – Moving workloads to take advantage of cloud-based (AI) services – Retiring old systems (saving infra/hosting costs) – Reducing operational burden (e.g. toil and security patching)
  • 6. App Modernisation ▪ Microservices! ▪ Cloud! ▪ Containers! ▪ Kubernetes!
  • 7. App modernisation: Not an overnight thing
  • 8. Decoupling Infrastructure Strategies ▪ Bring the cloud hardware to you ▪ Bring the cloud experience to you ▪ Bring the cloud software to you ▪ Bring the cloud traffic management to you
  • 9. Decoupling Infrastructure Strategies ▪ Bring the cloud hardware to you: – AWS Outposts; custom hardware that is fully managed by AWS. ▪ Bring the cloud experience to you: – Azure Stack; run hybrid applications across the Azure cloud and via on- premises hardware.
  • 10. Decoupling Infrastructure Strategies ▪ Bring the cloud software to you: – Google Anthos; software abstraction (VMware -> k8s/GKE, Istio, Stackdriver) ▪ Bring the cloud traffic management to you: – API gateway + service mesh; dynamically route traffic across any infrastructure (which is routable via the network)
  • 11. Software-focusedHardware-focused Small commitmentBig commitment Complete access to cloud primitives Reliance on abstractions
  • 12. Decoupling Infrastructure Strategies ▪ Bring the cloud hardware to you ▪ Bring the cloud experience to you ▪ Bring the cloud software to you ▪ Bring the cloud traffic management to you
  • 16. API Gateway: Edge proxy, ingress, ADC... ▪ Exposes internal services to end-users (often via multiple domains) ▪ Encapsulates backends: k8s, VMs, bare metal etc. ▪ Focused on managing ingress (“north-south”) traffic
  • 18. API Gateway: Edge proxy, ingress, ADC... ▪ Exposes internal services to end-users (often via multiple domains) ▪ Encapsulates backends: k8s, VMs, bare metal etc. ▪ Focused on managing ingress (“north-south”) traffic ▪ Engineer-driven product release (often) happens here ▪ You don’t control the client
  • 19. API Gateway: Self-Serve Routing & Security ▪ Self-serve routing – Traffic routing, splitting, and shaping (to dynamic backends) – Release functionality (A/B, canary, dark launch etc) ▪ Security – End-user authentication/authorization – TLS termination, rate limiting, WAF, DDoS protection, etc
  • 23. “Service mesh”, you say? https://twitter.com/cesarTronLozai/status/1175327326218915840 https://twitter.com/wm/status/1173350339946274816
  • 24. Service Mesh: Proxy mesh, Fabric model... ▪ Exposes internal services to internal consumers ▪ Encapsulates service infra: across k8s, VMs, bare metal etc ▪ Dynamic routing for service-to-service (“east-west”) traffic ▪ Ops apply “sane defaults” and top-level platform monitoring ▪ You generally control the client (or at least can influence this...)
  • 25.
  • 27. Service Mesh: Three Pillars ▪ Observability – “Golden signals”: latency, errors, traffic, saturation (USE, RED) – Both global and service-to-service ▪ Reliability – Abstracting health checks, retries, circuit breakers etc. – Providing sane default to protect system ▪ Security – Authn/z propagation, mTLS, ACLs, network segmentation
  • 28. Service Mesh: Three Pillars ▪ Observability – “Golden signals”: latency, errors, traffic, saturation (USE, RED) – Both global and service-to-service ▪ Reliability – Abstracting health checks, retries, circuit breakers etc. – Providing sane default to protect system ▪ Security – Authn/z propagation, mTLS, ACLs, network segmentation https://www.infoq.com/podcasts/
  • 33. Migration tactics ▪ Outside in – Start with an API gateway – Identify a endpoint/service ▪ Balkanization – Start with a service mesh – Identify a service segment ▪ Easy install ▪ Conceptually easy to understand ▪ Less intrusive for all platforms ▪ (Potentially) higher blast radius ▪ Less new functionality ▪ Potentially higher value functionality ▪ “Easy” to deploy in Kubernetes ▪ Can support multicluster (beta) ▪ Operationally complex ▪ (Potentially) challenging to unwind ▪ Expectation management… :-)
  • 35. Explore in your browser https://instruqt.com/hashicorp/tracks/sock-shop-tutorial
  • 36. Conclusion ▪ App modernisation is often about decoupling apps from infra – One way to do this is via an API gateway and service mesh ▪ API gateway handles ingress traffic ▪ Service mesh handles service-to-service comms ▪ You can decouple apps via two patterns – Outside-in, using an API gateway – Balkanization, using a service mesh
  • 37. References ▪ Context: – https://www.infoq.com/articles/api-gateway-service-mesh-app-modernisation/ ▪ Reference: – https://www.getambassador.io/user-guide/consul-connect-ambassador/ – https://www.getambassador.io/user-guide/consul/ – https://www.consul.io/docs/platform/k8s/ambassador.html – https://www.hashicorp.com/blog/hashicorp-consul-supports-microsoft-s-new-service-mesh-framework Experiment in an Instruqt sandbox: https://instruqt.com/hashicorp/tracks/sock-shop-tutorial Code examples: https://github.com/emojify-app
  • 38. Copyright © 2019 HashiCorp Thanks! @danielbryantuk