SlideShare a Scribd company logo

Evolution of integration and microservices patterns with service mesh

Download as PPTX, PDF
Christian Posta
Christian Posta

Cloud-native describes a way of building applications on a cloud platform to iteratively discover and deliver business value. We now have access to a lot of similar technology that the large internet companies pioneered and used to their advantage to dominate their respective markets. What challenges arise when we start building applications to take advantage of this new technology? In this mini-conference, we'll cover what it means to build applications with microservices, how cloud-native integration and concepts like service mesh have evolved to solve some of those problems, and how the next iteration of application development with Functions as a Service (FaaS) and serverless computing fit into this landscape. You'll hear from industry experts Burr Sutter and Christian Posta who recently authored a book Introducing Istio Service Mesh for Microservices about these topics. Attendees should come away from this mini-conference with the following: Understanding of what cloud-native means and how to use it to influence positive business outcomes How integration has evolved to create, connect and manage cloud-native APIs How service-mesh technology like Istio can solve the challenges introduced with cloud-native applications How the next iteration of applications deliver with FaaS and serverless computing fits in with a world of monoliths, microservices, and APIs These talks will be of value for developers, architects, operators, platform directors, and technology leaders. After the presentations, please stay and join Christian, Burr and your peers for networking, food and drinks. All attendees will also receive a copy of Christian and Burr's new book: Introducing Istio Service Mesh for Microservices.

Software
1 of 51
Evolution of integration and microservice patterns with service mesh @christianposta
Christian Posta Chief Architect, cloud application development Twitter: @christianposta Blog: http://blog.christianposta.com Email: christian@redhat.com Slides: http://slideshare.net/ceposta • Author “Microservices for Java developers” and “Introducing Istio Service Mesh” • Committer/contributor lots of open-source projects • Blogger, speaker, mentor, leader
@christianposta Innovation is admitting we don’t have all the answers Mark Schwartz – Former CIO USCIS
@christianposta Traditional user story “requirements” • As A…. <role> • I Want… <goal/desire> • So That… <receive benefit> https://barryoreilly.com/2013/10/21/how-to-implement-hypothesis-driven-development/
@christianposta Scientific method anyone? • Make observations • Formulate hypothesis • Design an experiment • State the indicators you will evaluate • Conduct the experiment • Evaluate results • Accept or reject hypothesis • Make new hypothesis and continue…
@christianposta Asking questions instead of requirements https://barryoreilly.com/2013/10/21/how-to-implement-hypothesis-driven-development/
@christianposta https://puppet.com/resources/whitepaper/state-of-devops-report
@christianposta Application safety and correctness in a distributed system is the responsibility of the application.
@christianposta The end-to-end principle: http://web.mit.edu/Saltzer/www/publications/endtoend/endtoend.pdf The function in question can completely and correctly be implemented only with the knowledge and help of the application standing at the end points of the communication system. Therefore, providing that questioned function as a feature of the communication system itself is not possible. (Sometimes an incomplete version of the function provided by the communication system may be useful as a performance enhancement.)
@christianposta
TCP adds reliable communication @christianposta
As we move to services architectures, we push the complexity to the space between our services. @christianposta
@christianposta
@christianposta
@christianposta
@christianposta
• Orchestrate calls across multiple microservices • Aggregate, combine, transform, split, on “messages” • Deal with atomicity / consistency issues • Message idempotency / message de-dupe • DDD anti-corruption layers / adapters / transformation • Tie in with existing “backend systems” • Dynamic, responsive, programmable routing Application communication (app specific) @christianposta
• Service discovery • Retries • Timeouts • Load balancing • Rate limiting • Thread bulk heading • Circuit breaking @christianposta Application networking (reliability)
Application networking (controlled deployment) • Edge/DMZ routing • Surgical / fine / per-request routing • A/B rollout • Traffic shaping • Internal releases / dark launches • Request shadowing • Fault injection @christianposta
• adaptive, zone-aware • Deadlines • Health checking • Stats, metric, collection • Logging • Distributed tracing • Security @christianposta Application networking (observability)
• Netflix Hystrix (circuit breaking / bulk heading) • Netflix Zuul (edge router) • Netflix Ribbon (client-side service discovery / load balance) • Netflix Eureka (service discovery registry) • Brave / Zipkin (tracing) • Netflix spectator / atlas (metrics) “Microservices” patterns @christianposta
http://bit.ly/application-networking@christianposta
But I’m using Spring! • spring-cloud-netflix-hystrix • spring-cloud-netflix-zuul • spring-cloud-netflix-eureka-client • spring-cloud-netflix-ribbon • spring-cloud-netflix-atlas • spring-cloud-netflix-spectator • spring-cloud-netflix-hystrix-stream • ….. • ...... • @Enable....150differentThings
But I’m using Vert.x! • vertx-circuit-breaker • vertx-service-discovery • vertx-dropwizard-metrics • vertx-zipkin? • ….. • ...... @christianposta
Screw Java - I’m using NodeJS! JavaScript is for rookies, I use Go! But python is so pretty! I prefer unreadability… Perl for me! @christianposta
• Require specific language to bring in new services • A single language doesn’t fit for all use cases • How do you patch/upgrade/manage lifecycle? • Need strict control over application library choices • Inconsistent implementations • Incorrect implementations Some drawbacks to this approach? @christianposta
In practice, operability of our services becomes a top priority very fast @christianposta
Meet Envoy Proxy http://envoyproxy.io
Envoy is… • service proxy • written in C++, highly parallel, non-blocking • L3/4 network filter • out of the box L7 filters • HTTP 2, including gRPC • baked in service discovery/health checking • advanced load balancing • stats, metrics, tracing • dynamic configuration through xDS
Envoy implements • zone aware, least request load balancing • circuit breaking • outlier detection • retries, retry policies • timeout (including budgets) • traffic shadowing • rate limiting • access logging, statistics collection • Many other features!
@christianposta
Meet Istio.io http://istio.io A control plane for service proxies
As a service-instance proxy @christianposta
A service mesh is decentralized application- networking infrastructure between your services that provides resiliency, security, observability, and routing control. A service mesh is comprised of a data plane and control plane. @christianposta Time for definitions:
What higher-order clusters semantics does Istio enable? • Request-level control • Graduated deployment and release • Service observability • Cluster reliability • Chaos testing • Policy enforcement
Resilience with timeouts, retries, budgets, circuit breakers, service discovery, etc @christianposta
Zone aware, sophisticated client-side load balancing @christianposta
Fine-grained traffic control and routing @christianposta
http://bit.ly/application-networking Traffic shadowing @christianposta
Secure transport with mTLS @christianposta
Metrics, logs, distributed tracing out of the box http://bit.ly/application-networking
Demo! http://bit.ly/istio-tutorial
Thanks! BTW: Hand drawn diagrams made with Paper by FiftyThree.com  Twitter: @christianposta Blog: http://blog.christianposta.com Email: christian@redhat.com Slides: http://slideshare.net/cepostaFollow up links: • http://launch.openshift.io • http://istio.io • http://envoyproxy.io • http://developers.redhat.com/blog • http://blog.christianposta.com/istio-workshop/slides/ • http://blog.openshift.com • https://www.redhat.com/en/open-innovation-labs

Recommended

API Gateways are going through an identity crisis
API Gateways are going through an identity crisisAPI Gateways are going through an identity crisis
API Gateways are going through an identity crisis
Christian Posta
 
KubeCon NA 2018: Evolution of Integration and Microservices with Service Mesh...
KubeCon NA 2018: Evolution of Integration and Microservices with Service Mesh...KubeCon NA 2018: Evolution of Integration and Microservices with Service Mesh...
KubeCon NA 2018: Evolution of Integration and Microservices with Service Mesh...
Christian Posta
 
Making sense of microservices, service mesh, and serverless
Making sense of microservices, service mesh, and serverlessMaking sense of microservices, service mesh, and serverless
Making sense of microservices, service mesh, and serverless
Christian Posta
 
Intro Istio and what's new Istio 1.1
Intro Istio and what's new Istio 1.1Intro Istio and what's new Istio 1.1
Intro Istio and what's new Istio 1.1
Christian Posta
 
Service-mesh options with Linkerd, Consul, Istio and AWS AppMesh
Service-mesh options with Linkerd, Consul, Istio and AWS AppMeshService-mesh options with Linkerd, Consul, Istio and AWS AppMesh
Service-mesh options with Linkerd, Consul, Istio and AWS AppMesh
Christian Posta
 
An eventful tour from enterprise integration to serverless and functions
An eventful tour from enterprise integration to serverless and functionsAn eventful tour from enterprise integration to serverless and functions
An eventful tour from enterprise integration to serverless and functions
Christian Posta
 
PHX DevOps Days: Service Mesh Landscape
PHX DevOps Days: Service Mesh LandscapePHX DevOps Days: Service Mesh Landscape
PHX DevOps Days: Service Mesh Landscape
Christian Posta
 
Leveraging Envoy Proxy and GraphQL to Lower the Risk of Monolith to Microserv...
Leveraging Envoy Proxy and GraphQL to Lower the Risk of Monolith to Microserv...Leveraging Envoy Proxy and GraphQL to Lower the Risk of Monolith to Microserv...
Leveraging Envoy Proxy and GraphQL to Lower the Risk of Monolith to Microserv...
Christian Posta
 

Recommended

API Gateways are going through an identity crisis
API Gateways are going through an identity crisisAPI Gateways are going through an identity crisis
API Gateways are going through an identity crisis
Christian Posta
 
KubeCon NA 2018: Evolution of Integration and Microservices with Service Mesh...
KubeCon NA 2018: Evolution of Integration and Microservices with Service Mesh...KubeCon NA 2018: Evolution of Integration and Microservices with Service Mesh...
KubeCon NA 2018: Evolution of Integration and Microservices with Service Mesh...
Christian Posta
 
Making sense of microservices, service mesh, and serverless
Making sense of microservices, service mesh, and serverlessMaking sense of microservices, service mesh, and serverless
Making sense of microservices, service mesh, and serverless
Christian Posta
 
Intro Istio and what's new Istio 1.1
Intro Istio and what's new Istio 1.1Intro Istio and what's new Istio 1.1
Intro Istio and what's new Istio 1.1
Christian Posta
 
Service-mesh options with Linkerd, Consul, Istio and AWS AppMesh
Service-mesh options with Linkerd, Consul, Istio and AWS AppMeshService-mesh options with Linkerd, Consul, Istio and AWS AppMesh
Service-mesh options with Linkerd, Consul, Istio and AWS AppMesh
Christian Posta
 
An eventful tour from enterprise integration to serverless and functions
An eventful tour from enterprise integration to serverless and functionsAn eventful tour from enterprise integration to serverless and functions
An eventful tour from enterprise integration to serverless and functions
Christian Posta
 
PHX DevOps Days: Service Mesh Landscape
PHX DevOps Days: Service Mesh LandscapePHX DevOps Days: Service Mesh Landscape
PHX DevOps Days: Service Mesh Landscape
Christian Posta
 
Leveraging Envoy Proxy and GraphQL to Lower the Risk of Monolith to Microserv...
Leveraging Envoy Proxy and GraphQL to Lower the Risk of Monolith to Microserv...Leveraging Envoy Proxy and GraphQL to Lower the Risk of Monolith to Microserv...
Leveraging Envoy Proxy and GraphQL to Lower the Risk of Monolith to Microserv...
Christian Posta
 
Come for the traffic management, stay for the security
Come for the traffic management, stay for the securityCome for the traffic management, stay for the security
Come for the traffic management, stay for the security
Christian Posta
 
API World: The service-mesh landscape
API World: The service-mesh landscapeAPI World: The service-mesh landscape
API World: The service-mesh landscape
Christian Posta
 
Microservices and Integration: what's next with Istio service mesh
Microservices and Integration: what's next with Istio service meshMicroservices and Integration: what's next with Istio service mesh
Microservices and Integration: what's next with Istio service mesh
Christian Posta
 
Multicluster Kubernetes and Service Mesh Patterns
Multicluster Kubernetes and Service Mesh PatternsMulticluster Kubernetes and Service Mesh Patterns
Multicluster Kubernetes and Service Mesh Patterns
Christian Posta
 
Atlanta Microservices Day: Istio Service Mesh
Atlanta Microservices Day: Istio Service MeshAtlanta Microservices Day: Istio Service Mesh
Atlanta Microservices Day: Istio Service Mesh
Christian Posta
 
Istio: solving challenges of hybrid cloud
Istio: solving challenges of hybrid cloudIstio: solving challenges of hybrid cloud
Istio: solving challenges of hybrid cloud
Christian Posta
 
Lowering the risk of monolith to microservices
Lowering the risk of monolith to microservicesLowering the risk of monolith to microservices
Lowering the risk of monolith to microservices
Christian Posta
 
Microservices Journey Fall 2017
Microservices Journey Fall 2017Microservices Journey Fall 2017
Microservices Journey Fall 2017
Christian Posta
 
Intro to Knative
Intro to KnativeIntro to Knative
Intro to Knative
Christian Posta
 
The Truth About the Service Mesh Data Plane
The Truth About the Service Mesh Data PlaneThe Truth About the Service Mesh Data Plane
The Truth About the Service Mesh Data Plane
Christian Posta
 
High Productivity Platform
High Productivity PlatformHigh Productivity Platform
High Productivity Platform
Chris Haddad
 
Eight Miles High: Build Cloud-native and Cloud-aware Systems
Eight Miles High: Build Cloud-native and Cloud-aware SystemsEight Miles High: Build Cloud-native and Cloud-aware Systems
Eight Miles High: Build Cloud-native and Cloud-aware Systems
Chris Haddad
 
Role of edge gateways in relation to service mesh adoption
Role of edge gateways in relation to service mesh adoptionRole of edge gateways in relation to service mesh adoption
Role of edge gateways in relation to service mesh adoption
Christian Posta
 
Multi-cluster service mesh with GlooMesh
Multi-cluster service mesh with GlooMeshMulti-cluster service mesh with GlooMesh
Multi-cluster service mesh with GlooMesh
Christian Posta
 
Microservice Architecture
Microservice ArchitectureMicroservice Architecture
Microservice Architecture
Rich Lee
 
A microservices journey - Round 2
A microservices journey - Round 2A microservices journey - Round 2
A microservices journey - Round 2
Christian Posta
 
Integration Microservices
Integration MicroservicesIntegration Microservices
Integration Microservices
Kasun Indrasiri
 
A Microservice Journey
A Microservice JourneyA Microservice Journey
A Microservice Journey
Christian Posta
 
Microservices for Enterprises
Microservices for Enterprises Microservices for Enterprises
Microservices for Enterprises
Kasun Indrasiri
 
Microservices Integration Patterns with Kafka
Microservices Integration Patterns with KafkaMicroservices Integration Patterns with Kafka
Microservices Integration Patterns with Kafka
Kasun Indrasiri
 
The Hardest Part of Microservices: Calling Your Services
The Hardest Part of Microservices: Calling Your ServicesThe Hardest Part of Microservices: Calling Your Services
The Hardest Part of Microservices: Calling Your Services
Christian Posta
 
Evolution of integration and microservices patterns with service mesh
Evolution of integration and microservices patterns with service meshEvolution of integration and microservices patterns with service mesh
Evolution of integration and microservices patterns with service mesh
Judy Breedlove
 

More Related Content

What's hot

Come for the traffic management, stay for the security
Come for the traffic management, stay for the securityCome for the traffic management, stay for the security
Come for the traffic management, stay for the security
Christian Posta
 
Multicluster Kubernetes and Service Mesh Patterns
Multicluster Kubernetes and Service Mesh PatternsMulticluster Kubernetes and Service Mesh Patterns
Multicluster Kubernetes and Service Mesh Patterns
Christian Posta
 
The Truth About the Service Mesh Data Plane
The Truth About the Service Mesh Data PlaneThe Truth About the Service Mesh Data Plane
The Truth About the Service Mesh Data Plane
Christian Posta
 
Eight Miles High: Build Cloud-native and Cloud-aware Systems
Eight Miles High: Build Cloud-native and Cloud-aware SystemsEight Miles High: Build Cloud-native and Cloud-aware Systems
Eight Miles High: Build Cloud-native and Cloud-aware Systems
Chris Haddad
 
Role of edge gateways in relation to service mesh adoption
Role of edge gateways in relation to service mesh adoptionRole of edge gateways in relation to service mesh adoption
Role of edge gateways in relation to service mesh adoption
Christian Posta
 

What's hot (20)

Come for the traffic management, stay for the security
Come for the traffic management, stay for the securityCome for the traffic management, stay for the security
Come for the traffic management, stay for the security
 
API World: The service-mesh landscape
API World: The service-mesh landscapeAPI World: The service-mesh landscape
API World: The service-mesh landscape
 
Microservices and Integration: what's next with Istio service mesh
Microservices and Integration: what's next with Istio service meshMicroservices and Integration: what's next with Istio service mesh
Microservices and Integration: what's next with Istio service mesh
 
Multicluster Kubernetes and Service Mesh Patterns
Multicluster Kubernetes and Service Mesh PatternsMulticluster Kubernetes and Service Mesh Patterns
Multicluster Kubernetes and Service Mesh Patterns
 
Atlanta Microservices Day: Istio Service Mesh
Atlanta Microservices Day: Istio Service MeshAtlanta Microservices Day: Istio Service Mesh
Atlanta Microservices Day: Istio Service Mesh
 
Istio: solving challenges of hybrid cloud
Istio: solving challenges of hybrid cloudIstio: solving challenges of hybrid cloud
Istio: solving challenges of hybrid cloud
 
Lowering the risk of monolith to microservices
Lowering the risk of monolith to microservicesLowering the risk of monolith to microservices
Lowering the risk of monolith to microservices
 
Microservices Journey Fall 2017
Microservices Journey Fall 2017Microservices Journey Fall 2017
Microservices Journey Fall 2017
 
Intro to Knative
Intro to KnativeIntro to Knative
Intro to Knative
 
The Truth About the Service Mesh Data Plane
The Truth About the Service Mesh Data PlaneThe Truth About the Service Mesh Data Plane
The Truth About the Service Mesh Data Plane
 
High Productivity Platform
High Productivity PlatformHigh Productivity Platform
High Productivity Platform
 
Eight Miles High: Build Cloud-native and Cloud-aware Systems
Eight Miles High: Build Cloud-native and Cloud-aware SystemsEight Miles High: Build Cloud-native and Cloud-aware Systems
Eight Miles High: Build Cloud-native and Cloud-aware Systems
 
Role of edge gateways in relation to service mesh adoption
Role of edge gateways in relation to service mesh adoptionRole of edge gateways in relation to service mesh adoption
Role of edge gateways in relation to service mesh adoption
 
Multi-cluster service mesh with GlooMesh
Multi-cluster service mesh with GlooMeshMulti-cluster service mesh with GlooMesh
Multi-cluster service mesh with GlooMesh
 
Microservice Architecture
Microservice ArchitectureMicroservice Architecture
Microservice Architecture
 
A microservices journey - Round 2
A microservices journey - Round 2A microservices journey - Round 2
A microservices journey - Round 2
 
Integration Microservices
Integration MicroservicesIntegration Microservices
Integration Microservices
 
A Microservice Journey
A Microservice JourneyA Microservice Journey
A Microservice Journey
 
Microservices for Enterprises
Microservices for Enterprises Microservices for Enterprises
Microservices for Enterprises
 
Microservices Integration Patterns with Kafka
Microservices Integration Patterns with KafkaMicroservices Integration Patterns with Kafka
Microservices Integration Patterns with Kafka
 

Similar to Evolution of integration and microservices patterns with service mesh

Role of Integration and Service Mesh in Cloud Native Architecture KubeCon 2108
Role of Integration and Service Mesh in Cloud Native Architecture KubeCon 2108Role of Integration and Service Mesh in Cloud Native Architecture KubeCon 2108
Role of Integration and Service Mesh in Cloud Native Architecture KubeCon 2108
Ballerina
 
Service Mesh CTO Forum (Draft 3)
Service Mesh CTO Forum (Draft 3)Service Mesh CTO Forum (Draft 3)
Service Mesh CTO Forum (Draft 3)
Rick Hightower
 
Techniques for scaling application with security and visibility in cloud
Techniques for scaling application with security and visibility in cloudTechniques for scaling application with security and visibility in cloud
Techniques for scaling application with security and visibility in cloud
Akshay Mathur
 
Microservices Journey NYC
Microservices Journey NYCMicroservices Journey NYC
Microservices Journey NYC
Christian Posta
 
Database@Home : Data Driven Apps - Data-driven Microservices Architecture wit...
Database@Home : Data Driven Apps - Data-driven Microservices Architecture wit...Database@Home : Data Driven Apps - Data-driven Microservices Architecture wit...
Database@Home : Data Driven Apps - Data-driven Microservices Architecture wit...
Tammy Bednar
 
From Monoliths to Services: Paying Your Technical Debt
From Monoliths to Services: Paying Your Technical DebtFrom Monoliths to Services: Paying Your Technical Debt
From Monoliths to Services: Paying Your Technical Debt
TechWell
 
Cloud-native Data
Cloud-native DataCloud-native Data
Cloud-native Data
cornelia davis
 

Similar to Evolution of integration and microservices patterns with service mesh (20)

The Hardest Part of Microservices: Calling Your Services
The Hardest Part of Microservices: Calling Your ServicesThe Hardest Part of Microservices: Calling Your Services
The Hardest Part of Microservices: Calling Your Services
 
Evolution of integration and microservices patterns with service mesh
Evolution of integration and microservices patterns with service meshEvolution of integration and microservices patterns with service mesh
Evolution of integration and microservices patterns with service mesh
 
Microservices Journey Summer 2017
Microservices Journey Summer 2017Microservices Journey Summer 2017
Microservices Journey Summer 2017
 
An evolution of application networking: service mesh
An evolution of application networking: service meshAn evolution of application networking: service mesh
An evolution of application networking: service mesh
 
Sidecars and a Microservices Mesh
Sidecars and a Microservices MeshSidecars and a Microservices Mesh
Sidecars and a Microservices Mesh
 
Role of Integration and Service Mesh in Cloud Native Architecture KubeCon 2108
Role of Integration and Service Mesh in Cloud Native Architecture KubeCon 2108Role of Integration and Service Mesh in Cloud Native Architecture KubeCon 2108
Role of Integration and Service Mesh in Cloud Native Architecture KubeCon 2108
 
Service Mesh CTO Forum (Draft 3)
Service Mesh CTO Forum (Draft 3)Service Mesh CTO Forum (Draft 3)
Service Mesh CTO Forum (Draft 3)
 
SOA to Microservices
SOA to MicroservicesSOA to Microservices
SOA to Microservices
 
MicroServices for Java Developers
MicroServices for Java Developers MicroServices for Java Developers
MicroServices for Java Developers
 
Techniques for scaling application with security and visibility in cloud
Techniques for scaling application with security and visibility in cloudTechniques for scaling application with security and visibility in cloud
Techniques for scaling application with security and visibility in cloud
 
Microservices Journey NYC
Microservices Journey NYCMicroservices Journey NYC
Microservices Journey NYC
 
Effective Service Mesh to turbocharge Cloud Resiliency
Effective Service Mesh to turbocharge Cloud ResiliencyEffective Service Mesh to turbocharge Cloud Resiliency
Effective Service Mesh to turbocharge Cloud Resiliency
 
Database@Home : Data Driven Apps - Data-driven Microservices Architecture wit...
Database@Home : Data Driven Apps - Data-driven Microservices Architecture wit...Database@Home : Data Driven Apps - Data-driven Microservices Architecture wit...
Database@Home : Data Driven Apps - Data-driven Microservices Architecture wit...
 
From Monoliths to Services: Paying Your Technical Debt
From Monoliths to Services: Paying Your Technical DebtFrom Monoliths to Services: Paying Your Technical Debt
From Monoliths to Services: Paying Your Technical Debt
 
Beyond DevOps: How Netflix Bridges the Gap?
Beyond DevOps: How Netflix Bridges the Gap?Beyond DevOps: How Netflix Bridges the Gap?
Beyond DevOps: How Netflix Bridges the Gap?
 
Do I Need A Service Mesh.pptx
Do I Need A Service Mesh.pptxDo I Need A Service Mesh.pptx
Do I Need A Service Mesh.pptx
 
170215 msa intro
170215 msa intro170215 msa intro
170215 msa intro
 
Cloud-native Data
Cloud-native DataCloud-native Data
Cloud-native Data
 
Cloud-Native-Data with Cornelia Davis
Cloud-Native-Data with Cornelia DavisCloud-Native-Data with Cornelia Davis
Cloud-Native-Data with Cornelia Davis
 
Pros & Cons of Microservices Architecture
Pros & Cons of Microservices ArchitecturePros & Cons of Microservices Architecture
Pros & Cons of Microservices Architecture
 

More from Christian Posta

Comparing Sidecar-less Service Mesh from Cilium and Istio
Comparing Sidecar-less Service Mesh from Cilium and IstioComparing Sidecar-less Service Mesh from Cilium and Istio
Comparing Sidecar-less Service Mesh from Cilium and Istio
Christian Posta
 
Understanding Wireguard, TLS and Workload Identity
Understanding Wireguard, TLS and Workload IdentityUnderstanding Wireguard, TLS and Workload Identity
Understanding Wireguard, TLS and Workload Identity
Christian Posta
 
Cloud-Native Application Debugging with Envoy and Service Mesh
Cloud-Native Application Debugging with Envoy and Service MeshCloud-Native Application Debugging with Envoy and Service Mesh
Cloud-Native Application Debugging with Envoy and Service Mesh
Christian Posta
 
Kubernetes Ingress to Service Mesh (and beyond!)
Kubernetes Ingress to Service Mesh (and beyond!)Kubernetes Ingress to Service Mesh (and beyond!)
Kubernetes Ingress to Service Mesh (and beyond!)
Christian Posta
 
Navigating the service mesh landscape with Istio, Consul Connect, and Linkerd
Navigating the service mesh landscape with Istio, Consul Connect, and LinkerdNavigating the service mesh landscape with Istio, Consul Connect, and Linkerd
Navigating the service mesh landscape with Istio, Consul Connect, and Linkerd
Christian Posta
 
Chaos Debugging for Microservices
Chaos Debugging for MicroservicesChaos Debugging for Microservices
Chaos Debugging for Microservices
Christian Posta
 

More from Christian Posta (9)

Comparing Sidecar-less Service Mesh from Cilium and Istio
Comparing Sidecar-less Service Mesh from Cilium and IstioComparing Sidecar-less Service Mesh from Cilium and Istio
Comparing Sidecar-less Service Mesh from Cilium and Istio
 
Understanding Wireguard, TLS and Workload Identity
Understanding Wireguard, TLS and Workload IdentityUnderstanding Wireguard, TLS and Workload Identity
Understanding Wireguard, TLS and Workload Identity
 
Compliance and Zero Trust Ambient Mesh
Compliance and Zero Trust Ambient MeshCompliance and Zero Trust Ambient Mesh
Compliance and Zero Trust Ambient Mesh
 
Cilium + Istio with Gloo Mesh
Cilium + Istio with Gloo MeshCilium + Istio with Gloo Mesh
Cilium + Istio with Gloo Mesh
 
Cloud-Native Application Debugging with Envoy and Service Mesh
Cloud-Native Application Debugging with Envoy and Service MeshCloud-Native Application Debugging with Envoy and Service Mesh
Cloud-Native Application Debugging with Envoy and Service Mesh
 
Kubernetes Ingress to Service Mesh (and beyond!)
Kubernetes Ingress to Service Mesh (and beyond!)Kubernetes Ingress to Service Mesh (and beyond!)
Kubernetes Ingress to Service Mesh (and beyond!)
 
Deep Dive: Building external auth plugins for Gloo Enterprise
Deep Dive: Building external auth plugins for Gloo EnterpriseDeep Dive: Building external auth plugins for Gloo Enterprise
Deep Dive: Building external auth plugins for Gloo Enterprise
 
Navigating the service mesh landscape with Istio, Consul Connect, and Linkerd
Navigating the service mesh landscape with Istio, Consul Connect, and LinkerdNavigating the service mesh landscape with Istio, Consul Connect, and Linkerd
Navigating the service mesh landscape with Istio, Consul Connect, and Linkerd
 
Chaos Debugging for Microservices
Chaos Debugging for MicroservicesChaos Debugging for Microservices
Chaos Debugging for Microservices
 

Recently uploaded

Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024
Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024
Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024
VictoriaMetrics
 
What Goes Wrong with Language Definitions and How to Improve the Situation
What Goes Wrong with Language Definitions and How to Improve the SituationWhat Goes Wrong with Language Definitions and How to Improve the Situation
What Goes Wrong with Language Definitions and How to Improve the Situation
Juha-Pekka Tolvanen
 

Recently uploaded (20)

AzureNativeQumulo_HPC_Cloud_Native_Benchmarks.pdf
AzureNativeQumulo_HPC_Cloud_Native_Benchmarks.pdfAzureNativeQumulo_HPC_Cloud_Native_Benchmarks.pdf
AzureNativeQumulo_HPC_Cloud_Native_Benchmarks.pdf
 
WSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital Transformation
WSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital TransformationWSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital Transformation
WSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital Transformation
 
WSO2CON 2024 - Cloud Native Middleware: Domain-Driven Design, Cell-Based Arch...
WSO2CON 2024 - Cloud Native Middleware: Domain-Driven Design, Cell-Based Arch...WSO2CON 2024 - Cloud Native Middleware: Domain-Driven Design, Cell-Based Arch...
WSO2CON 2024 - Cloud Native Middleware: Domain-Driven Design, Cell-Based Arch...
 
WSO2CON 2024 Slides - Open Source to SaaS
WSO2CON 2024 Slides - Open Source to SaaSWSO2CON 2024 Slides - Open Source to SaaS
WSO2CON 2024 Slides - Open Source to SaaS
 
WSO2CON 2024 - How CSI Piemonte Is Apifying the Public Administration
WSO2CON 2024 - How CSI Piemonte Is Apifying the Public AdministrationWSO2CON 2024 - How CSI Piemonte Is Apifying the Public Administration
WSO2CON 2024 - How CSI Piemonte Is Apifying the Public Administration
 
WSO2Con2024 - Low-Code Integration Tooling
WSO2Con2024 - Low-Code Integration ToolingWSO2Con2024 - Low-Code Integration Tooling
WSO2Con2024 - Low-Code Integration Tooling
 
Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024
Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024
Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024
 
What Goes Wrong with Language Definitions and How to Improve the Situation
What Goes Wrong with Language Definitions and How to Improve the SituationWhat Goes Wrong with Language Definitions and How to Improve the Situation
What Goes Wrong with Language Definitions and How to Improve the Situation
 
OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...
OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...
OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...
 
WSO2CON 2024 - How CSI Piemonte Is Apifying the Public Administration
WSO2CON 2024 - How CSI Piemonte Is Apifying the Public AdministrationWSO2CON 2024 - How CSI Piemonte Is Apifying the Public Administration
WSO2CON 2024 - How CSI Piemonte Is Apifying the Public Administration
 
Direct Style Effect Systems - The Print[A] Example - A Comprehension Aid
Direct Style Effect Systems - The Print[A] Example - A Comprehension AidDirect Style Effect Systems - The Print[A] Example - A Comprehension Aid
Direct Style Effect Systems - The Print[A] Example - A Comprehension Aid
 
WSO2CON 2024 - Architecting AI in the Enterprise: APIs and Applications
WSO2CON 2024 - Architecting AI in the Enterprise: APIs and ApplicationsWSO2CON 2024 - Architecting AI in the Enterprise: APIs and Applications
WSO2CON 2024 - Architecting AI in the Enterprise: APIs and Applications
 
WSO2CON 2024 - Freedom First—Unleashing Developer Potential with Open Source
WSO2CON 2024 - Freedom First—Unleashing Developer Potential with Open SourceWSO2CON 2024 - Freedom First—Unleashing Developer Potential with Open Source
WSO2CON 2024 - Freedom First—Unleashing Developer Potential with Open Source
 
WSO2Con2024 - GitOps in Action: Navigating Application Deployment in the Plat...
WSO2Con2024 - GitOps in Action: Navigating Application Deployment in the Plat...WSO2Con2024 - GitOps in Action: Navigating Application Deployment in the Plat...
WSO2Con2024 - GitOps in Action: Navigating Application Deployment in the Plat...
 
WSO2CON 2024 - Building a Digital Government in Uganda
WSO2CON 2024 - Building a Digital Government in UgandaWSO2CON 2024 - Building a Digital Government in Uganda
WSO2CON 2024 - Building a Digital Government in Uganda
 
WSO2CON 2024 Slides - Unlocking Value with AI
WSO2CON 2024 Slides - Unlocking Value with AIWSO2CON 2024 Slides - Unlocking Value with AI
WSO2CON 2024 Slides - Unlocking Value with AI
 
WSO2CON 2024 - Unlocking the Identity: Embracing CIAM 2.0 for a Competitive A...
WSO2CON 2024 - Unlocking the Identity: Embracing CIAM 2.0 for a Competitive A...WSO2CON 2024 - Unlocking the Identity: Embracing CIAM 2.0 for a Competitive A...
WSO2CON 2024 - Unlocking the Identity: Embracing CIAM 2.0 for a Competitive A...
 
WSO2CON 2024 - How to Run a Security Program
WSO2CON 2024 - How to Run a Security ProgramWSO2CON 2024 - How to Run a Security Program
WSO2CON 2024 - How to Run a Security Program
 
WSO2Con2024 - Simplified Integration: Unveiling the Latest Features in WSO2 L...
WSO2Con2024 - Simplified Integration: Unveiling the Latest Features in WSO2 L...WSO2Con2024 - Simplified Integration: Unveiling the Latest Features in WSO2 L...
WSO2Con2024 - Simplified Integration: Unveiling the Latest Features in WSO2 L...
 
WSO2CON 2024 - Building the API First Enterprise – Running an API Program, fr...
WSO2CON 2024 - Building the API First Enterprise – Running an API Program, fr...WSO2CON 2024 - Building the API First Enterprise – Running an API Program, fr...
WSO2CON 2024 - Building the API First Enterprise – Running an API Program, fr...
 

Evolution of integration and microservices patterns with service mesh

  • 1. Evolution of integration and microservice patterns with service mesh @christianposta
  • 2. Christian Posta Chief Architect, cloud application development Twitter: @christianposta Blog: http://blog.christianposta.com Email: christian@redhat.com Slides: http://slideshare.net/ceposta • Author “Microservices for Java developers” and “Introducing Istio Service Mesh” • Committer/contributor lots of open-source projects • Blogger, speaker, mentor, leader
  • 3.
  • 4. @christianposta Innovation is admitting we don’t have all the answers Mark Schwartz – Former CIO USCIS
  • 5. @christianposta Traditional user story “requirements” • As A…. <role> • I Want… <goal/desire> • So That… <receive benefit> https://barryoreilly.com/2013/10/21/how-to-implement-hypothesis-driven-development/
  • 6. @christianposta Scientific method anyone? • Make observations • Formulate hypothesis • Design an experiment • State the indicators you will evaluate • Conduct the experiment • Evaluate results • Accept or reject hypothesis • Make new hypothesis and continue…
  • 7. @christianposta Asking questions instead of requirements https://barryoreilly.com/2013/10/21/how-to-implement-hypothesis-driven-development/
  • 9. @christianposta Application safety and correctness in a distributed system is the responsibility of the application.
  • 10. @christianposta The end-to-end principle: http://web.mit.edu/Saltzer/www/publications/endtoend/endtoend.pdf The function in question can completely and correctly be implemented only with the knowledge and help of the application standing at the end points of the communication system. Therefore, providing that questioned function as a feature of the communication system itself is not possible. (Sometimes an incomplete version of the function provided by the communication system may be useful as a performance enhancement.)
  • 12. TCP adds reliable communication @christianposta
  • 13. As we move to services architectures, we push the complexity to the space between our services. @christianposta
  • 18. • Orchestrate calls across multiple microservices • Aggregate, combine, transform, split, on “messages” • Deal with atomicity / consistency issues • Message idempotency / message de-dupe • DDD anti-corruption layers / adapters / transformation • Tie in with existing “backend systems” • Dynamic, responsive, programmable routing Application communication (app specific) @christianposta
  • 19. • Service discovery • Retries • Timeouts • Load balancing • Rate limiting • Thread bulk heading • Circuit breaking @christianposta Application networking (reliability)
  • 20. Application networking (controlled deployment) • Edge/DMZ routing • Surgical / fine / per-request routing • A/B rollout • Traffic shaping • Internal releases / dark launches • Request shadowing • Fault injection @christianposta
  • 21. • adaptive, zone-aware • Deadlines • Health checking • Stats, metric, collection • Logging • Distributed tracing • Security @christianposta Application networking (observability)
  • 22.
  • 23.
  • 24. • Netflix Hystrix (circuit breaking / bulk heading) • Netflix Zuul (edge router) • Netflix Ribbon (client-side service discovery / load balance) • Netflix Eureka (service discovery registry) • Brave / Zipkin (tracing) • Netflix spectator / atlas (metrics) “Microservices” patterns @christianposta
  • 26. But I’m using Spring! • spring-cloud-netflix-hystrix • spring-cloud-netflix-zuul • spring-cloud-netflix-eureka-client • spring-cloud-netflix-ribbon • spring-cloud-netflix-atlas • spring-cloud-netflix-spectator • spring-cloud-netflix-hystrix-stream • ….. • ...... • @Enable....150differentThings
  • 27. But I’m using Vert.x! • vertx-circuit-breaker • vertx-service-discovery • vertx-dropwizard-metrics • vertx-zipkin? • ….. • ...... @christianposta
  • 28. Screw Java - I’m using NodeJS! JavaScript is for rookies, I use Go! But python is so pretty! I prefer unreadability… Perl for me! @christianposta
  • 29. • Require specific language to bring in new services • A single language doesn’t fit for all use cases • How do you patch/upgrade/manage lifecycle? • Need strict control over application library choices • Inconsistent implementations • Incorrect implementations Some drawbacks to this approach? @christianposta
  • 30. In practice, operability of our services becomes a top priority very fast @christianposta
  • 31.
  • 33. Envoy is… • service proxy • written in C++, highly parallel, non-blocking • L3/4 network filter • out of the box L7 filters • HTTP 2, including gRPC • baked in service discovery/health checking • advanced load balancing • stats, metrics, tracing • dynamic configuration through xDS
  • 34. Envoy implements • zone aware, least request load balancing • circuit breaking • outlier detection • retries, retry policies • timeout (including budgets) • traffic shadowing • rate limiting • access logging, statistics collection • Many other features!
  • 36. Meet Istio.io http://istio.io A control plane for service proxies
  • 37.
  • 38. As a service-instance proxy @christianposta
  • 39. A service mesh is decentralized application- networking infrastructure between your services that provides resiliency, security, observability, and routing control. A service mesh is comprised of a data plane and control plane. @christianposta Time for definitions:
  • 40.
  • 41.
  • 42. What higher-order clusters semantics does Istio enable? • Request-level control • Graduated deployment and release • Service observability • Cluster reliability • Chaos testing • Policy enforcement
  • 43. Resilience with timeouts, retries, budgets, circuit breakers, service discovery, etc @christianposta
  • 44. Zone aware, sophisticated client-side load balancing @christianposta
  • 45. Fine-grained traffic control and routing @christianposta
  • 47. Secure transport with mTLS @christianposta
  • 48. Metrics, logs, distributed tracing out of the box http://bit.ly/application-networking
  • 49.
  • 51. Thanks! BTW: Hand drawn diagrams made with Paper by FiftyThree.com  Twitter: @christianposta Blog: http://blog.christianposta.com Email: christian@redhat.com Slides: http://slideshare.net/cepostaFollow up links: • http://launch.openshift.io • http://istio.io • http://envoyproxy.io • http://developers.redhat.com/blog • http://blog.christianposta.com/istio-workshop/slides/ • http://blog.openshift.com • https://www.redhat.com/en/open-innovation-labs

Editor's Notes

  1. How many people are embarking on projects to drive innovation in their organizations? How many people think those projects will succeed? How many people can predict the future? How many people believe their organization’s executives can predict the future?
  2. Inherently unknown….
  3. …… new challenge….. Let’s come back to that…..
  4. …… new challenge….. Let’s come back to that…..
  5. One large database! We should focus on how we design our data models so that they can be sharded and distributed…. Focus on transactions, etc not 2PC
  6. One large database! We should focus on how we design our data models so that they can be sharded and distributed…. Focus on transactions, etc not 2PC
  7. One large database! We should focus on how we design our data models so that they can be sharded and distributed…. Focus on transactions, etc not 2PC
  8. One large database! We should focus on how we design our data models so that they can be sharded and distributed…. Focus on transactions, etc not 2PC
  9. One large database! We should focus on how we design our data models so that they can be sharded and distributed…. Focus on transactions, etc not 2PC
  10. One large database! We should focus on how we design our data models so that they can be sharded and distributed…. Focus on transactions, etc not 2PC
  11. Apache Camel can enable legacy backends to participate in a REST-based set of services by quickly exposing a REST service interface using its expressive DSL.. The DSL plugins right into the rest of the Apache Camel DSL allowing you to quickly expose a REST endpoint that can describe an API as well as integrate with backend services by mediating, routing, transforming and otherwise changing the shape of data or even content of a payload with enricher, resequence, and recipient list patterns.
  12. This concept of defining language, developing models to describe a domain, implementing those models, enforcing assertions, etc all happen within a certain context, and that context is vitally important in software. In common language, we are smart enough to resolve these types of language conflicts within a sentence because of its context. The computer doesn’t have this context. We have to make it explicit. And any context needs to have explicit boundaries. This model needs to be “useful” ie, it should be able to be implemented. Try to establish a model that’s both useful for discussion with the domain experts and is implementable. There are infinite ways to model/think about something. Balance both masters with the model you choose. Large complex domains may need multiple models. And really the only way to understand a language and model is within a certain context. That context should have boundaries so it doesn’t bleed or force others to bleed definitions and semantics. Bounded context: within this space, this is the context of the language. This is what it means and it’s not ambiguous. Central thing about a model is the language you create to express the prblem and solution very crisply. Need clear language and need boundaries. Anti corruption layers are translations between the different models that may exist in multiple bounded contexts. They keep an internal model consistent and pure without bleeding across the boundaries. Bounded contexts tend to be “self contained systems” themselves with a complete vertical stack of the software including UI, business logic, data models, and database. They tend to not share databases across multiple models.
  13. This concept of defining language, developing models to describe a domain, implementing those models, enforcing assertions, etc all happen within a certain context, and that context is vitally important in software. In common language, we are smart enough to resolve these types of language conflicts within a sentence because of its context. The computer doesn’t have this context. We have to make it explicit. And any context needs to have explicit boundaries. This model needs to be “useful” ie, it should be able to be implemented. Try to establish a model that’s both useful for discussion with the domain experts and is implementable. There are infinite ways to model/think about something. Balance both masters with the model you choose. Large complex domains may need multiple models. And really the only way to understand a language and model is within a certain context. That context should have boundaries so it doesn’t bleed or force others to bleed definitions and semantics. Bounded context: within this space, this is the context of the language. This is what it means and it’s not ambiguous. Central thing about a model is the language you create to express the prblem and solution very crisply. Need clear language and need boundaries. Anti corruption layers are translations between the different models that may exist in multiple bounded contexts. They keep an internal model consistent and pure without bleeding across the boundaries. Bounded contexts tend to be “self contained systems” themselves with a complete vertical stack of the software including UI, business logic, data models, and database. They tend to not share databases across multiple models.
  14. This concept of defining language, developing models to describe a domain, implementing those models, enforcing assertions, etc all happen within a certain context, and that context is vitally important in software. In common language, we are smart enough to resolve these types of language conflicts within a sentence because of its context. The computer doesn’t have this context. We have to make it explicit. And any context needs to have explicit boundaries. This model needs to be “useful” ie, it should be able to be implemented. Try to establish a model that’s both useful for discussion with the domain experts and is implementable. There are infinite ways to model/think about something. Balance both masters with the model you choose. Large complex domains may need multiple models. And really the only way to understand a language and model is within a certain context. That context should have boundaries so it doesn’t bleed or force others to bleed definitions and semantics. Bounded context: within this space, this is the context of the language. This is what it means and it’s not ambiguous. Central thing about a model is the language you create to express the prblem and solution very crisply. Need clear language and need boundaries. Anti corruption layers are translations between the different models that may exist in multiple bounded contexts. They keep an internal model consistent and pure without bleeding across the boundaries. Bounded contexts tend to be “self contained systems” themselves with a complete vertical stack of the software including UI, business logic, data models, and database. They tend to not share databases across multiple models.
  15. This concept of defining language, developing models to describe a domain, implementing those models, enforcing assertions, etc all happen within a certain context, and that context is vitally important in software. In common language, we are smart enough to resolve these types of language conflicts within a sentence because of its context. The computer doesn’t have this context. We have to make it explicit. And any context needs to have explicit boundaries. This model needs to be “useful” ie, it should be able to be implemented. Try to establish a model that’s both useful for discussion with the domain experts and is implementable. There are infinite ways to model/think about something. Balance both masters with the model you choose. Large complex domains may need multiple models. And really the only way to understand a language and model is within a certain context. That context should have boundaries so it doesn’t bleed or force others to bleed definitions and semantics. Bounded context: within this space, this is the context of the language. This is what it means and it’s not ambiguous. Central thing about a model is the language you create to express the prblem and solution very crisply. Need clear language and need boundaries. Anti corruption layers are translations between the different models that may exist in multiple bounded contexts. They keep an internal model consistent and pure without bleeding across the boundaries. Bounded contexts tend to be “self contained systems” themselves with a complete vertical stack of the software including UI, business logic, data models, and database. They tend to not share databases across multiple models.
  16. This concept of defining language, developing models to describe a domain, implementing those models, enforcing assertions, etc all happen within a certain context, and that context is vitally important in software. In common language, we are smart enough to resolve these types of language conflicts within a sentence because of its context. The computer doesn’t have this context. We have to make it explicit. And any context needs to have explicit boundaries. This model needs to be “useful” ie, it should be able to be implemented. Try to establish a model that’s both useful for discussion with the domain experts and is implementable. There are infinite ways to model/think about something. Balance both masters with the model you choose. Large complex domains may need multiple models. And really the only way to understand a language and model is within a certain context. That context should have boundaries so it doesn’t bleed or force others to bleed definitions and semantics. Bounded context: within this space, this is the context of the language. This is what it means and it’s not ambiguous. Central thing about a model is the language you create to express the prblem and solution very crisply. Need clear language and need boundaries. Anti corruption layers are translations between the different models that may exist in multiple bounded contexts. They keep an internal model consistent and pure without bleeding across the boundaries. Bounded contexts tend to be “self contained systems” themselves with a complete vertical stack of the software including UI, business logic, data models, and database. They tend to not share databases across multiple models.
  17. Get back to first principles. Focus on principles, patterns, methodologies. Tools will help, but you cannot start with tools.
  18. One large database! We should focus on how we design our data models so that they can be sharded and distributed…. Focus on transactions, etc not 2PC
  19. Get back to first principles. Focus on principles, patterns, methodologies. Tools will help, but you cannot start with tools.
  20. Get back to first principles. Focus on principles, patterns, methodologies. Tools will help, but you cannot start with tools.
  21. Get back to first principles. Focus on principles, patterns, methodologies. Tools will help, but you cannot start with tools.
  22. Get back to first principles. Focus on principles, patterns, methodologies. Tools will help, but you cannot start with tools.
  23. Get back to first principles. Focus on principles, patterns, methodologies. Tools will help, but you cannot start with tools.
  24. Get back to first principles. Focus on principles, patterns, methodologies. Tools will help, but you cannot start with tools.
  25. Get back to first principles. Focus on principles, patterns, methodologies. Tools will help, but you cannot start with tools.
  26. Get back to first principles. Focus on principles, patterns, methodologies. Tools will help, but you cannot start with tools.
  27. Get back to first principles. Focus on principles, patterns, methodologies. Tools will help, but you cannot start with tools.
  28. Get back to first principles. Focus on principles, patterns, methodologies. Tools will help, but you cannot start with tools.