SlideShare a Scribd company logo

Bringing it all together - Denver JUG

M
MelissaMcKay15

You have successfully developed and deployed your microservices architecture, but you find that managing communication between your services and containers is becoming more complex and clumsy as you scale. This talk will begin with a definition of "service mesh" and what potential roles it can play in your microservices architecture. We'll explore the pros and cons of the following popular service mesh implementations: Istio, Linkerd, Conduit. I'll touch on the differences in the ease of implementation, integration with existing monitoring solutions, traffic flow, and service-to-service authentication. After this talk, you will be able to make an informed decision on the best service mesh architecture to implement in your environment.

Technology
1 of 55
Download to read offline
Melissa McKay ● Mom ● Developer/Team Lead ● Emerging Speaker ● Self appointed UNConference Advocate and Promoter: JCrete (http://www.jcrete.org/) JOnsen (http://jonsen.jp/) JSpirit (https://jspirit.org) JAlba (https://jalba.scot) LavaOne/UnVoxxed Hawaii (https://voxxeddays.com/hawaii/)
Simple Rules To maximize what you can get out of the unconference, simple rules apply. Wikipedia summarizes them nicely: 1. Whoever shows up are the right people …reminds participants that they don’t need the CEO and 100 people to get something done, you need people who care. And, absent the direction or control exerted in a traditional meeting, that’s who shows up in the various breakout sessions of an Open Space meeting. 2. Whenever it starts is the right time …reminds participants that spirit and creativity do not run on the clock. 3. Whatever happens is the only thing that could have …reminds participants that once something has happened, it’s done—and no amount of fretting, complaining or otherwise rehashing can change that. Move on. 4. Wherever it happens is the right place …reminds participants that space is opening everywhere all the time. Please be conscious and aware. 5. When it’s over, it’s over …reminds participants that we never know how long it will take to resolve an issue, once raised, but that whenever the issue or work or conversation is finished, move on to the next thing. Don’t keep rehashing just because there’s 30 minutes left in the session. Do the work, not the time. http://www.jcrete.org/what-is-an-unconference_/
Bringing it all together... An evaluation of service mesh solutions @melissajmckay
What am I going to get out of this? ● I can talk to someone else about a service mesh ● I can understand someone who talks to me about a service mesh ● I know whether or not a service mesh is something I would get value from ● I know where to get a service mesh ● I am aware of some differences between service mesh offerings
How did I get here? Some history... ● A mis-behaving service ● Missing SLAs X 100 X 1000/endpoint /endpoint
How did I get here? Some history... ● A mis-behaving service ● Missing SLAs ● Replicating the service under a load balancer did NOT solve the problem! X 1000/endpoint
How did I get here? Some history... ● A mis-behaving service ● Missing SLAs ● Replicating the service under a load balancer did NOT solve the problem! ● Analyzed, determined issue & did some research on best way to solve... X 10 X 100/endpoint /endpoint
Architectural Solution X 1000/endpoint Request Type A Request Type B
Architectural Solution X 1000/endpoint Request Type A Request Type B ?
An API Gateway? ● Filter options for routing ● Enabled rolling upgrades ● Enabled traffic shifting & rate limiting ● Ability to canary nodes ● Blue-green deployment
An API Gateway? ● Filter options for routing ● Enabled rolling upgrades ● Enabled traffic shifting & rate limiting ● Ability to canary nodes ● Blue-green deployment But what’s this?
Istio… I’ve heard of that!
How is it different? https://dzone.com/articles/api-gateway-vs-service-mesh “They can both handle service discovery, request routing, authentication, rate limiting, and monitoring, but there are differences in architectures and intentions. A service mesh's primary purpose is to manage internal service-to-service communication, while an API Gateway is primarily meant for external client-to-service communication.”
How is it different? What IS this? https://dzone.com/articles/api-gateway-vs-service-mesh “They can both handle service discovery, request routing, authentication, rate limiting, and monitoring, but there are differences in architectures and intentions. A service mesh's primary purpose is to manage internal service-to-service communication, while an API Gateway is primarily meant for external client-to-service communication.”
A service mesh is a dedicated infrastructure layer that controls service-to-service communication over a network. https://searchitoperations.techtarget.com/definition/service-mesh - Margaret Rouse, Alex Gillis, WhatIs.com (January, 2019)
A service mesh is a configurable, low‑latency infrastructure layer designed to handle a high volume of network‑based interprocess communication among application infrastructure services using application programming interfaces (APIs). https://www.nginx.com/blog/what-is-a-service-mesh/ - Floyd Smith & Owen Garrett, NGINX (April, 2018)
tl;dr: A service mesh is a dedicated infrastructure layer for making service-to-service communication safe, fast, and reliable. https://buoyant.io/2017/04/25/whats-a-service-mesh-and-why-do-i-need-one/ - William Morgan, Buoyant (April, 2017)
A service mesh brings security, resiliency, and visibility to service communications, so developers don’t have to https://www.infoworld.com/article/3402260/what-is-a-service-mesh-service-mesh-expl ained.html - Josh Fruhlinger, InfoWorld (July, 2019)
The term service mesh is used to describe the network of microservices that make up such applications and the interactions between them. https://istio.io/docs/concepts/what-is-istio/ - Istio (accessed September, 2019)
So what is a service mesh, really? A service mesh is a separately managed distributed system that handles common functions required and normally implemented by services that do not concern the business logic of the service itself. A real-life metaphor…. human circulatory system? https://en.wikipedia.org/wiki/Circulatory_system
Service Mesh Capabilities… and more coming! ● Service Discovery ● Observability ● Rate Limiting ● Circuit Breaking ● Traffic Shifting ● Load Balancing ● Authorization/Authentication ● Distributed Tracing
Service Mesh Capabilities… and more coming! ● Service Discovery ● Observability ● Rate Limiting ● Circuit Breaking ● Traffic Shifting ● Load Balancing ● Authorization/Authentication ● Distributed Tracing
Service Mesh Capabilities… and more coming! ● Service Discovery ● Observability ● Rate Limiting ● Circuit Breaking ● Traffic Shifting ● Load Balancing ● Authorization/Authentication ● Distributed Tracing
Service Mesh Capabilities… and more coming! ● Service Discovery ● Observability ● Rate Limiting ● Circuit Breaking ● Traffic Shifting ● Load Balancing ● Authorization/Authentication ● Distributed Tracing
Service Mesh Capabilities… and more coming! ● Service Discovery ● Observability ● Rate Limiting ● Circuit Breaking ● Traffic Shifting ● Load Balancing ● Authorization/Authentication ● Distributed Tracing
Service Mesh Capabilities… and more coming! ● Service Discovery ● Observability ● Rate Limiting ● Circuit Breaking ● Traffic Shifting ● Load Balancing ● Authorization/Authentication ● Distributed Tracing
Service Mesh Capabilities… and more coming! ● Service Discovery ● Observability ● Rate Limiting ● Circuit Breaking ● Traffic Shifting ● Load Balancing ● Authorization/Authentication ● Distributed Tracing
Service Mesh Capabilities… and more coming! ● Service Discovery ● Observability ● Rate Limiting ● Circuit Breaking ● Traffic Shifting ● Load Balancing ● Authorization/Authentication ● Distributed Tracing
Service Mesh Capabilities… and more coming! ● Service Discovery ● Observability ● Rate Limiting ● Circuit Breaking ● Traffic Shifting ● Load Balancing ● Authorization/Authentication ● Distributed Tracing
Service Mesh Capabilities… and more coming! ● Service Discovery ● Observability ● Rate Limiting ● Circuit Breaking ● Traffic Shifting ● Load Balancing ● Authorization/Authentication ● Distributed Tracing … legitimate solutions to all kinds of problems!
Why isn’t everyone using a service mesh??? “If you’re wondering about service mesh, you don’t need one. Period. If you’ve reached the scale and microservice maturity level that requires a service mesh, you will be actively — perhaps desperately — searching for a solution and it will be abundantly obvious that a service mesh is necessary.” https://thenewstack.io/primer-the-who-what-and-why-of-service-mesh/ - Emily Omier (May, 2019) “I think we have a tendency to chase the shiny object, in the sense that X company does Y, therefore I must do Y, even though I don’t have any of X company’s problems.” - Matt Klein
Service Mesh Capabilities… and more coming! ● Service Discovery ● Observability ● Rate Limiting ● Circuit Breaking ● Traffic Shifting ● Load Balancing ● Authorization/Authentication ● Distributed Tracing … legitimate solutions to all kinds of problems!
Back up… what problem are we trying to solve? Matt Klein - Lyft engineer who started Envoy Proxy Podcast: https://softwareengineeringdaily.com/2017/02/14/service-proxying-with-matt-klein/
Biggest Problem?: I vote for Observability & Reliability ● Large numbers of services ● Diverse/Polyglot ● Different Communication Protocols ● Service/language specific libraries ● No standardization on logging or stats
How is a service mesh implemented? DATA PLANE This is the part that touches every request in the system. Sidecar proxies. ● All service communication (ingress & egress) routed through proxies ● The proxy acts as a gateway to the service
How is a service mesh implemented? CONTROL PLANE This is the part that manages the data planes - providing them with the data and configuration needed by the system. UI, CLI or some other interface where an operator can set configuration settings.
I’m ready to try it! Where do I start? ENVOY: https://www.envoyproxy.io/learn/ LINKERD: https://linkerd.io/2/getting-started/ ISTIO: https://istio.io/docs/setup/install/kubernetes/
Prereqs to play ● Docker ● Docker Compose ● Kubernetes basics ● Helm charts/templates ● Get used to YAML if you aren’t already Pay attention to versioning, of course! Definitely up your CPUs to 4 and memory to 8 GiB if you use Docker Desktop.
https://azure.microsoft.com/en-us/resources/kubernetes-learning-path/
Istio ● Go ● Apache 2.0 license ● Designed for extensibility, but might come at the cost of complexity ● Modular, pluggable ● Supports HTTP 1.1, HTTP2, gRPC, and TCP OVER 40 EXAMPLES available to play with different features!!! ● Backed by Google, RedHat & IBM ● The quick install was easy, but choosing another type of install or configuration felt a little like choose your own adventure. ● Documentation is good, but you can find yourself in a loop if you follow it blind ● There are a TON of online tutorials, etc ISTIO: https://istio.io/docs/setup/install/kubernetes/
Istio https://istio.io/docs/concepts/what-is-istio/
Linkerd2 ● Go/Rust ● Apache 2.0 license ● Supported by Cloud-Native Computing Foundation ● Data & Control Plane tightly integrated (less modular, but smooth) ● VERY easy to install and get it up and running ● Several examples are available to try out key features ● Intended for Kubernetes currently ● Supports HTTP 1.1, HTTP2, gRPC, and TCP ● Not as feature rich as Istio, but is a very active project (weekly edge releases, 6-8 week stable releases) ● Does not have Distributed Tracing YET (This is in their roadmap for this year for 2.6 & 2.7 this year) ● Excellent documentation UPDATE: Feature adds in 2.6 (Oct) - Distributed tracing, traffic shifting (blue/green, canaries), telemetry, retries, timeouts, proxy auto-injection, mTLS on by default for all HTTP LINKERD: https://linkerd.io/2/getting-started/
Linkerd2 https://linkerd.io/2/reference/architecture/index.html
https://kinvolk.io/blog/2019/05/performance-benchmark-analysis-of-istio-and-linkerd/ https://github.com/kinvolk/service-mesh-benchmark/issues/5
Quick Compare - Istio AND Linkerd2 ● Supports Kubernetes ● Apache 2.0 license ● Side Car Pattern Deployment ● Control Plane written in Go ● Supported Protocols - HTTP1.1, HTTP2, gRPC, TCP ● Similar traffic control & monitoring features ● Helm Chart support
Quick Compare ISTIO ● Data plane: Envoy (C++), or others (Nginx) ● mTLS support ● Higher performance overhead ● Pluggable/Modular Generally more Complex Setup LINKERD2 ● Data plane: Native (Rust) ● Full mTLS support… soon! ● Lower performance overhead ● Opinionated/Tightly Coupled Generally Simple Setup
What next? EXPLORE OTHERS! This space is growing fast and getting a lot of attention - one might presume this means there is a definite need in the market, so it’s definitely worth checking out. ● Hashicorp - Consul Service Mesh ● Google - Anthos Service Mesh
Conclusion Choose a solution that addresses REAL problems you need to solve for your system. Consider your developers. Consider your codebase. Consider the performance cost. Evaluate MULTIPLE solutions - don’t simply jump on a bandwagon. The whole idea of a service mesh is pretty cool!
THANK YOU!

Recommended

Bringing it all together
Bringing it all togetherBringing it all together
Bringing it all togetherMelissaMcKay15
 
Quality of service (qo s) 2021
Quality of service (qo s) 2021Quality of service (qo s) 2021
Quality of service (qo s) 2021zulhelmanz
 
Service Mesh CTO Forum (Draft 3)
Service Mesh CTO Forum (Draft 3)Service Mesh CTO Forum (Draft 3)
Service Mesh CTO Forum (Draft 3)Rick Hightower
 
What is a Service Mesh and what can it do for your Microservices
What is a Service Mesh and what can it do for your MicroservicesWhat is a Service Mesh and what can it do for your Microservices
What is a Service Mesh and what can it do for your MicroservicesMatt Turner
 
Consul: Service-oriented at Scale
Consul: Service-oriented at ScaleConsul: Service-oriented at Scale
Consul: Service-oriented at ScaleC4Media
 
Do You Need a Service Mesh? @ London Devops, January 2019
Do You Need a Service Mesh? @ London Devops, January 2019Do You Need a Service Mesh? @ London Devops, January 2019
Do You Need a Service Mesh? @ London Devops, January 2019Matt Turner
 
Service Mesh Talk for CTO Forum
Service Mesh Talk for CTO ForumService Mesh Talk for CTO Forum
Service Mesh Talk for CTO ForumRick Hightower
 
Dubbo and Weidian's practice on micro-service architecture
Dubbo and Weidian's practice on micro-service architectureDubbo and Weidian's practice on micro-service architecture
Dubbo and Weidian's practice on micro-service architectureHuxing Zhang
 

Recommended

Bringing it all together
Bringing it all togetherBringing it all together
Bringing it all togetherMelissaMcKay15
 
Quality of service (qo s) 2021
Quality of service (qo s) 2021Quality of service (qo s) 2021
Quality of service (qo s) 2021zulhelmanz
 
Service Mesh CTO Forum (Draft 3)
Service Mesh CTO Forum (Draft 3)Service Mesh CTO Forum (Draft 3)
Service Mesh CTO Forum (Draft 3)Rick Hightower
 
What is a Service Mesh and what can it do for your Microservices
What is a Service Mesh and what can it do for your MicroservicesWhat is a Service Mesh and what can it do for your Microservices
What is a Service Mesh and what can it do for your MicroservicesMatt Turner
 
Consul: Service-oriented at Scale
Consul: Service-oriented at ScaleConsul: Service-oriented at Scale
Consul: Service-oriented at ScaleC4Media
 
Do You Need a Service Mesh? @ London Devops, January 2019
Do You Need a Service Mesh? @ London Devops, January 2019Do You Need a Service Mesh? @ London Devops, January 2019
Do You Need a Service Mesh? @ London Devops, January 2019Matt Turner
 
Service Mesh Talk for CTO Forum
Service Mesh Talk for CTO ForumService Mesh Talk for CTO Forum
Service Mesh Talk for CTO ForumRick Hightower
 
Dubbo and Weidian's practice on micro-service architecture
Dubbo and Weidian's practice on micro-service architectureDubbo and Weidian's practice on micro-service architecture
Dubbo and Weidian's practice on micro-service architectureHuxing Zhang
 
Microservices
MicroservicesMicroservices
MicroservicesNewsCred Dhaka
 
Service mesh
Service meshService mesh
Service meshArnab Mitra
 
JS Fest 2019/Autumn. Anton Cherednikov. Choreographic or orchestral architect...
JS Fest 2019/Autumn. Anton Cherednikov. Choreographic or orchestral architect...JS Fest 2019/Autumn. Anton Cherednikov. Choreographic or orchestral architect...
JS Fest 2019/Autumn. Anton Cherednikov. Choreographic or orchestral architect...JSFestUA
 
Ledingkart Meetup #1: Monolithic to microservices in action
Ledingkart Meetup #1: Monolithic to microservices in actionLedingkart Meetup #1: Monolithic to microservices in action
Ledingkart Meetup #1: Monolithic to microservices in actionMukesh Singh
 
xConf-2022-api-gateway-service-mesh.pdf
xConf-2022-api-gateway-service-mesh.pdfxConf-2022-api-gateway-service-mesh.pdf
xConf-2022-api-gateway-service-mesh.pdfWesley Reisz
 
Tef con2016 (1)
Tef con2016 (1)Tef con2016 (1)
Tef con2016 (1)ggarber
 
Microservices for performance - GOTO Chicago 2016
Microservices for performance - GOTO Chicago 2016Microservices for performance - GOTO Chicago 2016
Microservices for performance - GOTO Chicago 2016Peter Lawrey
 
Microservice Powered Orchestration
Microservice Powered OrchestrationMicroservice Powered Orchestration
Microservice Powered OrchestrationOpen Networking Summit
 
Managing Microservices With The Istio Service Mesh on Kubernetes
Managing Microservices With The Istio Service Mesh on KubernetesManaging Microservices With The Istio Service Mesh on Kubernetes
Managing Microservices With The Istio Service Mesh on KubernetesIftach Schonbaum
 
2017 Microservices Practitioner Virtual Summit: Microservices at Squarespace ...
2017 Microservices Practitioner Virtual Summit: Microservices at Squarespace ...2017 Microservices Practitioner Virtual Summit: Microservices at Squarespace ...
2017 Microservices Practitioner Virtual Summit: Microservices at Squarespace ...Ambassador Labs
 
Managing microservices with Istio Service Mesh
Managing microservices with Istio Service MeshManaging microservices with Istio Service Mesh
Managing microservices with Istio Service MeshRafik HARABI
 
Simple Solutions for Complex Problems
Simple Solutions for Complex ProblemsSimple Solutions for Complex Problems
Simple Solutions for Complex ProblemsTyler Treat
 
Service Mesh - kilometer 30 in a microservice marathon
Service Mesh - kilometer 30 in a microservice marathonService Mesh - kilometer 30 in a microservice marathon
Service Mesh - kilometer 30 in a microservice marathonMichael Hofmann
 
Simple Solutions for Complex Problems
Simple Solutions for Complex Problems Simple Solutions for Complex Problems
Simple Solutions for Complex Problems Apcera
 
Exponential-e | Cloud Revolution Seminar at the Ritz, 20th November 2014
Exponential-e | Cloud Revolution Seminar at the Ritz, 20th November 2014Exponential-e | Cloud Revolution Seminar at the Ritz, 20th November 2014
Exponential-e | Cloud Revolution Seminar at the Ritz, 20th November 2014Exponential_e
 
[WSO2 API Day Dallas 2019] Extending Service Mesh with API Management
[WSO2 API Day Dallas 2019] Extending Service Mesh with API Management[WSO2 API Day Dallas 2019] Extending Service Mesh with API Management
[WSO2 API Day Dallas 2019] Extending Service Mesh with API ManagementWSO2
 
Move fast and make things with microservices
Move fast and make things with microservicesMove fast and make things with microservices
Move fast and make things with microservicesMithun Arunan
 
Application Rollout - Istio
Application Rollout - Istio Application Rollout - Istio
Application Rollout - Istio Mandar Jog
 
Microservices: next-steps
Microservices: next-stepsMicroservices: next-steps
Microservices: next-stepsBoyan Dimitrov
 
Service-Mesh-Presentation.pdf
Service-Mesh-Presentation.pdfService-Mesh-Presentation.pdf
Service-Mesh-Presentation.pdfchanhluc2112
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century educationjfdjdjcjdnsjd
 
Manulife - Insurer Innovation Award 2024
Manulife - Insurer Innovation Award 2024Manulife - Insurer Innovation Award 2024
Manulife - Insurer Innovation Award 2024The Digital Insurer
 

More Related Content

Similar to Bringing it all together - Denver JUG

JS Fest 2019/Autumn. Anton Cherednikov. Choreographic or orchestral architect...
JS Fest 2019/Autumn. Anton Cherednikov. Choreographic or orchestral architect...JS Fest 2019/Autumn. Anton Cherednikov. Choreographic or orchestral architect...
JS Fest 2019/Autumn. Anton Cherednikov. Choreographic or orchestral architect...JSFestUA
 
Ledingkart Meetup #1: Monolithic to microservices in action
Ledingkart Meetup #1: Monolithic to microservices in actionLedingkart Meetup #1: Monolithic to microservices in action
Ledingkart Meetup #1: Monolithic to microservices in actionMukesh Singh
 
xConf-2022-api-gateway-service-mesh.pdf
xConf-2022-api-gateway-service-mesh.pdfxConf-2022-api-gateway-service-mesh.pdf
xConf-2022-api-gateway-service-mesh.pdfWesley Reisz
 
Tef con2016 (1)
Tef con2016 (1)Tef con2016 (1)
Tef con2016 (1)ggarber
 
Microservices for performance - GOTO Chicago 2016
Microservices for performance - GOTO Chicago 2016Microservices for performance - GOTO Chicago 2016
Microservices for performance - GOTO Chicago 2016Peter Lawrey
 
Managing Microservices With The Istio Service Mesh on Kubernetes
Managing Microservices With The Istio Service Mesh on KubernetesManaging Microservices With The Istio Service Mesh on Kubernetes
Managing Microservices With The Istio Service Mesh on KubernetesIftach Schonbaum
 
2017 Microservices Practitioner Virtual Summit: Microservices at Squarespace ...
2017 Microservices Practitioner Virtual Summit: Microservices at Squarespace ...2017 Microservices Practitioner Virtual Summit: Microservices at Squarespace ...
2017 Microservices Practitioner Virtual Summit: Microservices at Squarespace ...Ambassador Labs
 
Managing microservices with Istio Service Mesh
Managing microservices with Istio Service MeshManaging microservices with Istio Service Mesh
Managing microservices with Istio Service MeshRafik HARABI
 
Simple Solutions for Complex Problems
Simple Solutions for Complex ProblemsSimple Solutions for Complex Problems
Simple Solutions for Complex ProblemsTyler Treat
 
Service Mesh - kilometer 30 in a microservice marathon
Service Mesh - kilometer 30 in a microservice marathonService Mesh - kilometer 30 in a microservice marathon
Service Mesh - kilometer 30 in a microservice marathonMichael Hofmann
 
Simple Solutions for Complex Problems
Simple Solutions for Complex Problems Simple Solutions for Complex Problems
Simple Solutions for Complex Problems Apcera
 
Exponential-e | Cloud Revolution Seminar at the Ritz, 20th November 2014
Exponential-e | Cloud Revolution Seminar at the Ritz, 20th November 2014Exponential-e | Cloud Revolution Seminar at the Ritz, 20th November 2014
Exponential-e | Cloud Revolution Seminar at the Ritz, 20th November 2014Exponential_e
 
[WSO2 API Day Dallas 2019] Extending Service Mesh with API Management
[WSO2 API Day Dallas 2019] Extending Service Mesh with API Management[WSO2 API Day Dallas 2019] Extending Service Mesh with API Management
[WSO2 API Day Dallas 2019] Extending Service Mesh with API ManagementWSO2
 
Move fast and make things with microservices
Move fast and make things with microservicesMove fast and make things with microservices
Move fast and make things with microservicesMithun Arunan
 
Application Rollout - Istio
Application Rollout - Istio Application Rollout - Istio
Application Rollout - Istio Mandar Jog
 
Microservices: next-steps
Microservices: next-stepsMicroservices: next-steps
Microservices: next-stepsBoyan Dimitrov
 
Service-Mesh-Presentation.pdf
Service-Mesh-Presentation.pdfService-Mesh-Presentation.pdf
Service-Mesh-Presentation.pdfchanhluc2112
 

Similar to Bringing it all together - Denver JUG (20)

Microservices
MicroservicesMicroservices
Microservices
 
Service mesh
Service meshService mesh
Service mesh
 
JS Fest 2019/Autumn. Anton Cherednikov. Choreographic or orchestral architect...
JS Fest 2019/Autumn. Anton Cherednikov. Choreographic or orchestral architect...JS Fest 2019/Autumn. Anton Cherednikov. Choreographic or orchestral architect...
JS Fest 2019/Autumn. Anton Cherednikov. Choreographic or orchestral architect...
 
Ledingkart Meetup #1: Monolithic to microservices in action
Ledingkart Meetup #1: Monolithic to microservices in actionLedingkart Meetup #1: Monolithic to microservices in action
Ledingkart Meetup #1: Monolithic to microservices in action
 
xConf-2022-api-gateway-service-mesh.pdf
xConf-2022-api-gateway-service-mesh.pdfxConf-2022-api-gateway-service-mesh.pdf
xConf-2022-api-gateway-service-mesh.pdf
 
Tef con2016 (1)
Tef con2016 (1)Tef con2016 (1)
Tef con2016 (1)
 
Microservices for performance - GOTO Chicago 2016
Microservices for performance - GOTO Chicago 2016Microservices for performance - GOTO Chicago 2016
Microservices for performance - GOTO Chicago 2016
 
Microservice Powered Orchestration
Microservice Powered OrchestrationMicroservice Powered Orchestration
Microservice Powered Orchestration
 
Managing Microservices With The Istio Service Mesh on Kubernetes
Managing Microservices With The Istio Service Mesh on KubernetesManaging Microservices With The Istio Service Mesh on Kubernetes
Managing Microservices With The Istio Service Mesh on Kubernetes
 
2017 Microservices Practitioner Virtual Summit: Microservices at Squarespace ...
2017 Microservices Practitioner Virtual Summit: Microservices at Squarespace ...2017 Microservices Practitioner Virtual Summit: Microservices at Squarespace ...
2017 Microservices Practitioner Virtual Summit: Microservices at Squarespace ...
 
Managing microservices with Istio Service Mesh
Managing microservices with Istio Service MeshManaging microservices with Istio Service Mesh
Managing microservices with Istio Service Mesh
 
Simple Solutions for Complex Problems
Simple Solutions for Complex ProblemsSimple Solutions for Complex Problems
Simple Solutions for Complex Problems
 
Service Mesh - kilometer 30 in a microservice marathon
Service Mesh - kilometer 30 in a microservice marathonService Mesh - kilometer 30 in a microservice marathon
Service Mesh - kilometer 30 in a microservice marathon
 
Simple Solutions for Complex Problems
Simple Solutions for Complex Problems Simple Solutions for Complex Problems
Simple Solutions for Complex Problems
 
Exponential-e | Cloud Revolution Seminar at the Ritz, 20th November 2014
Exponential-e | Cloud Revolution Seminar at the Ritz, 20th November 2014Exponential-e | Cloud Revolution Seminar at the Ritz, 20th November 2014
Exponential-e | Cloud Revolution Seminar at the Ritz, 20th November 2014
 
[WSO2 API Day Dallas 2019] Extending Service Mesh with API Management
[WSO2 API Day Dallas 2019] Extending Service Mesh with API Management[WSO2 API Day Dallas 2019] Extending Service Mesh with API Management
[WSO2 API Day Dallas 2019] Extending Service Mesh with API Management
 
Move fast and make things with microservices
Move fast and make things with microservicesMove fast and make things with microservices
Move fast and make things with microservices
 
Application Rollout - Istio
Application Rollout - Istio Application Rollout - Istio
Application Rollout - Istio
 
Microservices: next-steps
Microservices: next-stepsMicroservices: next-steps
Microservices: next-steps
 
Service-Mesh-Presentation.pdf
Service-Mesh-Presentation.pdfService-Mesh-Presentation.pdf
Service-Mesh-Presentation.pdf
 

Recently uploaded

presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century educationjfdjdjcjdnsjd
 
Manulife - Insurer Innovation Award 2024
Manulife - Insurer Innovation Award 2024Manulife - Insurer Innovation Award 2024
Manulife - Insurer Innovation Award 2024The Digital Insurer
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsJoaquim Jorge
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMESafe Software
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherRemote DBA Services
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsRoshan Dwivedi
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...apidays
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoffsammart93
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MIND CTI
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingEdi Saputra
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...DianaGray10
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 

Recently uploaded (20)

presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
Manulife - Insurer Innovation Award 2024
Manulife - Insurer Innovation Award 2024Manulife - Insurer Innovation Award 2024
Manulife - Insurer Innovation Award 2024
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 

Bringing it all together - Denver JUG

  • 1. Melissa McKay ● Mom ● Developer/Team Lead ● Emerging Speaker ● Self appointed UNConference Advocate and Promoter: JCrete (http://www.jcrete.org/) JOnsen (http://jonsen.jp/) JSpirit (https://jspirit.org) JAlba (https://jalba.scot) LavaOne/UnVoxxed Hawaii (https://voxxeddays.com/hawaii/)
  • 2. Simple Rules To maximize what you can get out of the unconference, simple rules apply. Wikipedia summarizes them nicely: 1. Whoever shows up are the right people …reminds participants that they don’t need the CEO and 100 people to get something done, you need people who care. And, absent the direction or control exerted in a traditional meeting, that’s who shows up in the various breakout sessions of an Open Space meeting. 2. Whenever it starts is the right time …reminds participants that spirit and creativity do not run on the clock. 3. Whatever happens is the only thing that could have …reminds participants that once something has happened, it’s done—and no amount of fretting, complaining or otherwise rehashing can change that. Move on. 4. Wherever it happens is the right place …reminds participants that space is opening everywhere all the time. Please be conscious and aware. 5. When it’s over, it’s over …reminds participants that we never know how long it will take to resolve an issue, once raised, but that whenever the issue or work or conversation is finished, move on to the next thing. Don’t keep rehashing just because there’s 30 minutes left in the session. Do the work, not the time. http://www.jcrete.org/what-is-an-unconference_/
  • 3. Bringing it all together... An evaluation of service mesh solutions @melissajmckay
  • 4. What am I going to get out of this? ● I can talk to someone else about a service mesh ● I can understand someone who talks to me about a service mesh ● I know whether or not a service mesh is something I would get value from ● I know where to get a service mesh ● I am aware of some differences between service mesh offerings
  • 5. How did I get here? Some history... ● A mis-behaving service ● Missing SLAs X 100 X 1000/endpoint /endpoint
  • 6. How did I get here? Some history... ● A mis-behaving service ● Missing SLAs ● Replicating the service under a load balancer did NOT solve the problem! X 1000/endpoint
  • 7. How did I get here? Some history... ● A mis-behaving service ● Missing SLAs ● Replicating the service under a load balancer did NOT solve the problem! ● Analyzed, determined issue & did some research on best way to solve... X 10 X 100/endpoint /endpoint
  • 10. An API Gateway? ● Filter options for routing ● Enabled rolling upgrades ● Enabled traffic shifting & rate limiting ● Ability to canary nodes ● Blue-green deployment
  • 11. An API Gateway? ● Filter options for routing ● Enabled rolling upgrades ● Enabled traffic shifting & rate limiting ● Ability to canary nodes ● Blue-green deployment But what’s this?
  • 13. How is it different? https://dzone.com/articles/api-gateway-vs-service-mesh “They can both handle service discovery, request routing, authentication, rate limiting, and monitoring, but there are differences in architectures and intentions. A service mesh's primary purpose is to manage internal service-to-service communication, while an API Gateway is primarily meant for external client-to-service communication.”
  • 14. How is it different? What IS this? https://dzone.com/articles/api-gateway-vs-service-mesh “They can both handle service discovery, request routing, authentication, rate limiting, and monitoring, but there are differences in architectures and intentions. A service mesh's primary purpose is to manage internal service-to-service communication, while an API Gateway is primarily meant for external client-to-service communication.”
  • 15. A service mesh is a dedicated infrastructure layer that controls service-to-service communication over a network. https://searchitoperations.techtarget.com/definition/service-mesh - Margaret Rouse, Alex Gillis, WhatIs.com (January, 2019)
  • 16. A service mesh is a configurable, low‑latency infrastructure layer designed to handle a high volume of network‑based interprocess communication among application infrastructure services using application programming interfaces (APIs). https://www.nginx.com/blog/what-is-a-service-mesh/ - Floyd Smith & Owen Garrett, NGINX (April, 2018)
  • 17. tl;dr: A service mesh is a dedicated infrastructure layer for making service-to-service communication safe, fast, and reliable. https://buoyant.io/2017/04/25/whats-a-service-mesh-and-why-do-i-need-one/ - William Morgan, Buoyant (April, 2017)
  • 18. A service mesh brings security, resiliency, and visibility to service communications, so developers don’t have to https://www.infoworld.com/article/3402260/what-is-a-service-mesh-service-mesh-expl ained.html - Josh Fruhlinger, InfoWorld (July, 2019)
  • 19. The term service mesh is used to describe the network of microservices that make up such applications and the interactions between them. https://istio.io/docs/concepts/what-is-istio/ - Istio (accessed September, 2019)
  • 20. So what is a service mesh, really? A service mesh is a separately managed distributed system that handles common functions required and normally implemented by services that do not concern the business logic of the service itself. A real-life metaphor…. human circulatory system? https://en.wikipedia.org/wiki/Circulatory_system
  • 21. Service Mesh Capabilities… and more coming! ● Service Discovery ● Observability ● Rate Limiting ● Circuit Breaking ● Traffic Shifting ● Load Balancing ● Authorization/Authentication ● Distributed Tracing
  • 22. Service Mesh Capabilities… and more coming! ● Service Discovery ● Observability ● Rate Limiting ● Circuit Breaking ● Traffic Shifting ● Load Balancing ● Authorization/Authentication ● Distributed Tracing
  • 23. Service Mesh Capabilities… and more coming! ● Service Discovery ● Observability ● Rate Limiting ● Circuit Breaking ● Traffic Shifting ● Load Balancing ● Authorization/Authentication ● Distributed Tracing
  • 24. Service Mesh Capabilities… and more coming! ● Service Discovery ● Observability ● Rate Limiting ● Circuit Breaking ● Traffic Shifting ● Load Balancing ● Authorization/Authentication ● Distributed Tracing
  • 25. Service Mesh Capabilities… and more coming! ● Service Discovery ● Observability ● Rate Limiting ● Circuit Breaking ● Traffic Shifting ● Load Balancing ● Authorization/Authentication ● Distributed Tracing
  • 26. Service Mesh Capabilities… and more coming! ● Service Discovery ● Observability ● Rate Limiting ● Circuit Breaking ● Traffic Shifting ● Load Balancing ● Authorization/Authentication ● Distributed Tracing
  • 27. Service Mesh Capabilities… and more coming! ● Service Discovery ● Observability ● Rate Limiting ● Circuit Breaking ● Traffic Shifting ● Load Balancing ● Authorization/Authentication ● Distributed Tracing
  • 28. Service Mesh Capabilities… and more coming! ● Service Discovery ● Observability ● Rate Limiting ● Circuit Breaking ● Traffic Shifting ● Load Balancing ● Authorization/Authentication ● Distributed Tracing
  • 29. Service Mesh Capabilities… and more coming! ● Service Discovery ● Observability ● Rate Limiting ● Circuit Breaking ● Traffic Shifting ● Load Balancing ● Authorization/Authentication ● Distributed Tracing
  • 30. Service Mesh Capabilities… and more coming! ● Service Discovery ● Observability ● Rate Limiting ● Circuit Breaking ● Traffic Shifting ● Load Balancing ● Authorization/Authentication ● Distributed Tracing … legitimate solutions to all kinds of problems!
  • 31. Why isn’t everyone using a service mesh??? “If you’re wondering about service mesh, you don’t need one. Period. If you’ve reached the scale and microservice maturity level that requires a service mesh, you will be actively — perhaps desperately — searching for a solution and it will be abundantly obvious that a service mesh is necessary.” https://thenewstack.io/primer-the-who-what-and-why-of-service-mesh/ - Emily Omier (May, 2019) “I think we have a tendency to chase the shiny object, in the sense that X company does Y, therefore I must do Y, even though I don’t have any of X company’s problems.” - Matt Klein
  • 32. Service Mesh Capabilities… and more coming! ● Service Discovery ● Observability ● Rate Limiting ● Circuit Breaking ● Traffic Shifting ● Load Balancing ● Authorization/Authentication ● Distributed Tracing … legitimate solutions to all kinds of problems!
  • 33. Back up… what problem are we trying to solve? Matt Klein - Lyft engineer who started Envoy Proxy Podcast: https://softwareengineeringdaily.com/2017/02/14/service-proxying-with-matt-klein/
  • 34. Biggest Problem?: I vote for Observability & Reliability ● Large numbers of services ● Diverse/Polyglot ● Different Communication Protocols ● Service/language specific libraries ● No standardization on logging or stats
  • 35. How is a service mesh implemented? DATA PLANE This is the part that touches every request in the system. Sidecar proxies. ● All service communication (ingress & egress) routed through proxies ● The proxy acts as a gateway to the service
  • 36. How is a service mesh implemented? CONTROL PLANE This is the part that manages the data planes - providing them with the data and configuration needed by the system. UI, CLI or some other interface where an operator can set configuration settings.
  • 37. I’m ready to try it! Where do I start? ENVOY: https://www.envoyproxy.io/learn/ LINKERD: https://linkerd.io/2/getting-started/ ISTIO: https://istio.io/docs/setup/install/kubernetes/
  • 38. Prereqs to play ● Docker ● Docker Compose ● Kubernetes basics ● Helm charts/templates ● Get used to YAML if you aren’t already Pay attention to versioning, of course! Definitely up your CPUs to 4 and memory to 8 GiB if you use Docker Desktop.
  • 40.
  • 41.
  • 42.
  • 43.
  • 44.
  • 45.
  • 46. Istio ● Go ● Apache 2.0 license ● Designed for extensibility, but might come at the cost of complexity ● Modular, pluggable ● Supports HTTP 1.1, HTTP2, gRPC, and TCP OVER 40 EXAMPLES available to play with different features!!! ● Backed by Google, RedHat & IBM ● The quick install was easy, but choosing another type of install or configuration felt a little like choose your own adventure. ● Documentation is good, but you can find yourself in a loop if you follow it blind ● There are a TON of online tutorials, etc ISTIO: https://istio.io/docs/setup/install/kubernetes/
  • 48. Linkerd2 ● Go/Rust ● Apache 2.0 license ● Supported by Cloud-Native Computing Foundation ● Data & Control Plane tightly integrated (less modular, but smooth) ● VERY easy to install and get it up and running ● Several examples are available to try out key features ● Intended for Kubernetes currently ● Supports HTTP 1.1, HTTP2, gRPC, and TCP ● Not as feature rich as Istio, but is a very active project (weekly edge releases, 6-8 week stable releases) ● Does not have Distributed Tracing YET (This is in their roadmap for this year for 2.6 & 2.7 this year) ● Excellent documentation UPDATE: Feature adds in 2.6 (Oct) - Distributed tracing, traffic shifting (blue/green, canaries), telemetry, retries, timeouts, proxy auto-injection, mTLS on by default for all HTTP LINKERD: https://linkerd.io/2/getting-started/
  • 51. Quick Compare - Istio AND Linkerd2 ● Supports Kubernetes ● Apache 2.0 license ● Side Car Pattern Deployment ● Control Plane written in Go ● Supported Protocols - HTTP1.1, HTTP2, gRPC, TCP ● Similar traffic control & monitoring features ● Helm Chart support
  • 52. Quick Compare ISTIO ● Data plane: Envoy (C++), or others (Nginx) ● mTLS support ● Higher performance overhead ● Pluggable/Modular Generally more Complex Setup LINKERD2 ● Data plane: Native (Rust) ● Full mTLS support… soon! ● Lower performance overhead ● Opinionated/Tightly Coupled Generally Simple Setup
  • 53. What next? EXPLORE OTHERS! This space is growing fast and getting a lot of attention - one might presume this means there is a definite need in the market, so it’s definitely worth checking out. ● Hashicorp - Consul Service Mesh ● Google - Anthos Service Mesh
  • 54. Conclusion Choose a solution that addresses REAL problems you need to solve for your system. Consider your developers. Consider your codebase. Consider the performance cost. Evaluate MULTIPLE solutions - don’t simply jump on a bandwagon. The whole idea of a service mesh is pretty cool!