Navigating the service mesh landscape with Istio, Consul Connect, and Linkerd

Christian Posta
Christian PostaGlobal Field CTO at Solo.io
1 | Copyright © 2019
Service-mesh options with Linkerd,
Consul, Istio and AppMesh
Christian Posta
Global Field CTO, Solo.io
OSCON 2019
2 | Copyright © 2019
CHRISTIAN POSTA
• Field CTO @ solo.io
• Author of a few books
• Contributor to many open-source projects
• Architect, blogger, speaker, mentor, leader
https://bit.ly/istio-in-action
@christianposta
christian@solo.io
https://blog.christianposta.com
https://slideshare.net/ceposta
3 | Copyright © 2019
Flow of talk
• What’s the problem we’re addressing with a service mesh?
• What is a service mesh? Previous approaches / pros / cons
• Generic service-mesh architecture
• Explore service-mesh implementations
• Guidance for service-mesh adoption
4 | Copyright © 2019
Move fast, safely
https://puppet.com/resources/whitepaper/state-of-devops-report
5 | Copyright © 2019
As we move to services architectures,
we push the complexity to the space
between our services.
6 | Copyright © 2019
Challenges in a cloudy world
• Service discovery
• Retries
• Timeouts
• Load balancing
• Rate limiting
• Thread bulk heading
• Circuit breaking
• Security
7 | Copyright © 2019
…Continued…
• Routing between services (adaptive, zone-aware)
• Deadlines
• Back pressure
• Outlier detection
• Health checking
• Traffic shaping
• Request shadowing
8 | Copyright © 2019
…Continued…
• Edge/DMZ routing
• Surgical / fine / per-request routing
• A/B rollout
• Internal releases / dark launches
• Fault injection
• Stats, metric, collection
• Logging
• Tracing
9 | Copyright © 2019
• Netflix Hystrix (circuit breaking / bulk heading)
• Netflix Zuul (edge router)
• Netflix Ribbon (client-side service discovery / load balance)
• Netflix Eureka (service discovery registry)
• Brave / Zipkin (tracing)
• Netflix spectator / atlas (metrics)
Microservices Patterns
10 | Copyright © 2019
But I’m using Spring!
• spring-cloud-netflix-hystrix
• spring-cloud-netflix-zuul
• spring-cloud-netflix-eureka-client
• spring-cloud-netflix-ribbon
• spring-cloud-netflix-atlas
• spring-cloud-netflix-spectator
• spring-cloud-netflix-hystrix-stream
• …..
• @Enable....150differentThings
11 | Copyright © 2019
But I’m using Vert.x!
• vertx-circuit-breaker
• vertx-service-discovery
• vertx-dropwizard-metrics
• vertx-zipkin?
• …..
• ......
12 | Copyright © 2019
Screw Java - I’m using NodeJS!
JavaScript is for rookies, I use Go!
But python is so pretty!
I prefer unreadability… Perl for me!
13 | Copyright © 2019
• Require specific language to bring in new services
• A single language doesn’t fit for all use cases
• How do you patch/upgrade/manage lifecycle?
• Need strict control over application library choices
Some drawbacks to this approach?
14 | Copyright © 2019
Let’s abstract this functionality and apply to all
services out of process
• Allow heterogeneous architectures
• Remove application-specific implementations of this
functionality
• Consistently enforce these properties
• Correctly enforce these properties
• Opt-in as well as safety nets
15 | Copyright © 201915 | Copyright © 2019
Foundation for a solution
16 | Copyright © 2019
Meet Envoy Proxy
http://envoyproxy.io
17 | Copyright © 2019
Envoy Proxy:
• written in C++, highly parallel, non-blocking
• L4 / L7 service proxy (HTTP1, HTTP2, gRPC, Kafka, Redis, Mongo, Dynamo, etc)
• zone aware, least request load balancing
• circuit breaking / outlier detection
• retries, retry policies
• timeout (including budgets)
• traffic shadowing
• rate limiting
• access logging, statistics collection
• dynamic configuration through standard interfaces
18 | Copyright © 2019
19 | Copyright © 2019
20 | Copyright © 2019
Deployed as a service proxy:
21 | Copyright © 2019
A service mesh is decentralized application-
networking infrastructure between your services
that provides resiliency, security, observability,
and routing control.
22 | Copyright © 201922 | Copyright © 2019
Service-mesh architecture
23 | Copyright © 2019
24 | Copyright © 2019
25 | Copyright © 2019
26 | Copyright © 2019
Service mesh technologies typically provide:
• Service discovery / Load balancing
• Secure service-to-service communication
• Traffic control / shaping / shifting
• Policy / Intention based access control
• Traffic metric collection
• Service resilience
• API / programmable interface
27 | Copyright © 201927 | Copyright © 2019
Exploring service-mesh implementations
28 | Copyright © 2019
Meet Linkerd
http://linkerd.io
29 | Copyright © 2019
Linkerd2
• Backed by Buoyant / CNCF
• Kubernetes specific
• Control plane (go) / custom data plane (rust)
• Latest release 2.4
• Strong focus on observing top-level network metrics
• Resilience, timeouts, retry budgets
• Always-on mTLS
30 | Copyright © 2019
31 | Copyright © 2019
Linkerd2
• Purpose built, Kubernetes only
• Uses CRD for configurations
• High performance characteristics
• Great user/getting-started experience
• Open, welcoming community
• Observability, basic resilience
• Secure by default
• Deployed transparently to app
Strengths
• Limited feature set (at the moment…
more to come)
• Missing traffic routing, policy
enforcement, circuit breakers
• Kubernetes-only
• Multi-cluster support
Opportunities
32 | Copyright © 2019
Meet Consul Connect
http://consul.io
33 | Copyright © 2019
Consul Connect
• Backed by HashiCorp
• Control plane (consul server) / data plane (proxies/app)
• Part of Consul 1.2 release, June 2018 (latest is 1.5.2)
• Strong focus on L4 Identity (SPIFFE)
• Easy to configure transport encryption (mTLS)
• Service segmentation, intention-based ACL policy
• Optional use of Envoy Proxy
• Native app integration for latency/performance sensitive apps
34 | Copyright © 2019
35 | Copyright © 2019
Consul Connect
• Built on Consul: stable, critical piece
of software
• Solves the identity management
challenges in dynamic applications
• Hybrid environment support
• Optional Envoy Proxy
• Multi-cluster/site foundations
• Vault support for certificate
management
Strengths
• Application config/code impact (not
transparent to app, cannot use k8s dns)
• Have to manage separate CP data
store
• does not use CRDs on k8s
• No distributed tracing
Opportunities
36 | Copyright © 2019
Meet Istio.io
http://istio.io
37 | Copyright © 2019
Istio
• Control plane / data plane (Envoy Proxy)
• 1.1 March 2019
• Collaboration between Google, IBM, Lyft, VMWare, Red Hat, et al.
• Based on Envoy proxy
• mTLS, policy based ACL, resilience, observability, traffic control
• Kubernetes native with other platform support
• Large community
38 | Copyright © 2019
39 | Copyright © 2019
Istio
• Large, vibrant community
• Backed by Google, et. al.
• Large feature set
• Based on Envoy
• Flexible deployment options
• Out of the box Ingress
• Multi-cluster support
Strengths
• Performance / overhead improvements
• Architecture improvements
• Focus on iterative adoption
• Continue improvement to
documentation
• Reduce magic
Opportunities
40 | Copyright © 2019
Meet AWS App Mesh
https://aws.amazon.com/app-mesh/
41 | Copyright © 2019
AWS App Mesh
• Backed by AWS
• Control plane (managed) / data plane (Envoy Proxy)
• Announced Nov 2018, GA March 2019
• Main functionality is around weighted traffic routing
• Supported across deployment platforms
• Continuing to add more features
42 | Copyright © 2019
43 | Copyright © 2019
AWS App Mesh
• Managed control plane
• Built on Envoy Proxy
• Supports multiple deployment
platforms (EC2, ECS, EKS,
Kubernetes)
• Focus on basic traffic shifting
• Ties in with rest of AWS infrastructure
• Free to use on AWS
Strengths
• AWS Only
• Very limited control-plane capabilities
• No visibility to control plane behavior
• No mTLS, Policy, enforcement fine-
grained traffic control
• Manually configure Envoy for metrics-
collection/CloudWatch integration
Opportunities
44 | Copyright © 201944 | Copyright © 2019
Comparisons
45 | Copyright © 2019
Anecdotal comparisons:
Benchmarking Istio and Linkerd CPU:
https://medium.com/@michael_87395/benchmarking-istio-linkerd-cpu-c36287e32781
Benchmarking Istio and Linkerd at Scale (follow up)
https://medium.com/@michael_87395/benchmarking-istio-linkerd-cpu-at-scale-5f2cfc97c7fa
46 | Copyright © 2019
Wrapping up - Ignore comparisons and anecdotes.
Focus on:
• Service mesh approach is the right approach, implementations still evolving
• Solve today’s pain with as little technology as you can
• Invest in the data plane (Envoy proxy)
• Ingress-first approach: API Gateways (like Gloo, built on Envoy) can give you service-
mesh-like capabilities with a fraction of the complexity and risk
• Iteratively adopt service-mesh capabilities (and commensurate deployment footprint)
• Abstract service-mesh implementation details, configuration, opinions
47 | Copyright © 2019
Easiest way to get started with service mesh is with…
https://supergloo.solo.io
48 | Copyright © 2019
https://supergloo.solo.io
49 | Copyright © 2019
Service Mesh Interface (SMI)
https://github.com/deislabs/smi-spec https://supergloo.solo.io
https://servicemeshhub.io
50 | Copyright © 2019
Exploring service mesh implementations
“I used SuperGloo because it was super simple to get both services meshes
bootstrapped quickly, with almost no effort on my part. We’re not using SuperGloo
in production, but it was perfect for a task like this. It was literally two commands
per mesh. I used two clusters for isolation— one for Istio, and one for Linkerd.”
https://medium.com/@michael_87395/benchmarking-istio-linkerd-cpu-c36287e32781
51 | Copyright © 2019
Additional reading
• Istio the easy way
https://medium.com/solo-io/istio-the-easy-way-de66e6eba4a1
• Linkerd vs Istio
https://medium.com/solo-io/linkerd-or-istio-6fcd2aad6e42
• SuperGloo Open API and Service Mesh Orchestration
https://medium.com/solo-io/https-medium-com-solo-io-supergloo-ff2aae1fb96f
• Follow up: Benchmarking Istio and Linkerd at Scale
• https://medium.com/@michael_87395/benchmarking-istio-linkerd-cpu-at-scale-
5f2cfc97c7fa
• Linkerd April 2019 Community Meeting
https://buoyant.io/resources/april-2019-linkerd-community-meeting-recap/
• AWS AppMesh FAQ
https://aws.amazon.com/app-mesh/faqs/
• Consul Connect Intro
https://www.hashicorp.com/resources/consul-connect-announcement-mitchell-hashimoto
• Consul Connect Roadmap
https://www.hashicorp.com/blog/roadmap-preview-what-s-next-for-consul-service-mesh
52 | Copyright © 2019
CHRISTIAN POSTA
@christianposta
christian@solo.io
https://blog.christianposta.com
https://slideshare.net/ceposta
53 | Copyright © 201953 | Copyright © 2019
@soloio_inc
1 of 53

Recommended

The Truth About the Service Mesh Data Plane by
The Truth About the Service Mesh Data PlaneThe Truth About the Service Mesh Data Plane
The Truth About the Service Mesh Data PlaneChristian Posta
2.6K views32 slides
Architecting for the Cloud using NetflixOSS - Codemash Workshop by
Architecting for the Cloud using NetflixOSS - Codemash WorkshopArchitecting for the Cloud using NetflixOSS - Codemash Workshop
Architecting for the Cloud using NetflixOSS - Codemash WorkshopSudhir Tonse
39.6K views86 slides
Multiple Sites and Disaster Recovery with Ceph: Andrew Hatfield, Red Hat by
Multiple Sites and Disaster Recovery with Ceph: Andrew Hatfield, Red HatMultiple Sites and Disaster Recovery with Ceph: Andrew Hatfield, Red Hat
Multiple Sites and Disaster Recovery with Ceph: Andrew Hatfield, Red HatOpenStack
4.4K views17 slides
Apache Kafka Architecture & Fundamentals Explained by
Apache Kafka Architecture & Fundamentals ExplainedApache Kafka Architecture & Fundamentals Explained
Apache Kafka Architecture & Fundamentals Explainedconfluent
27.6K views33 slides
Introduction of CCE and DevCloud by
Introduction of CCE and DevCloudIntroduction of CCE and DevCloud
Introduction of CCE and DevCloudOpsta
69 views94 slides
Tomcatx performance-tuning by
Tomcatx performance-tuningTomcatx performance-tuning
Tomcatx performance-tuningVladimir Khokhryakov
17.3K views51 slides

More Related Content

What's hot

Building resilient scheduling in distributed systems with Spring by
Building resilient scheduling in distributed systems with SpringBuilding resilient scheduling in distributed systems with Spring
Building resilient scheduling in distributed systems with SpringMarek Jeszka
3.2K views36 slides
Ansible Integration in Foreman by
Ansible Integration in ForemanAnsible Integration in Foreman
Ansible Integration in ForemanNikhil Kathole
3.3K views32 slides
WebSphere App Server vs JBoss vs WebLogic vs Tomcat (InterConnect 2016) by
WebSphere App Server vs JBoss vs WebLogic vs Tomcat (InterConnect 2016)WebSphere App Server vs JBoss vs WebLogic vs Tomcat (InterConnect 2016)
WebSphere App Server vs JBoss vs WebLogic vs Tomcat (InterConnect 2016)Roman Kharkovski
59.3K views64 slides
Android IPC Mechanism by
Android IPC MechanismAndroid IPC Mechanism
Android IPC MechanismNational Cheng Kung University
67.2K views82 slides
Kafka presentation by
Kafka presentationKafka presentation
Kafka presentationMohammed Fazuluddin
9.2K views18 slides
Red Hat Java Update and Quarkus Introduction by
Red Hat Java Update and Quarkus IntroductionRed Hat Java Update and Quarkus Introduction
Red Hat Java Update and Quarkus IntroductionJohn Archer
687 views41 slides

What's hot(20)

Building resilient scheduling in distributed systems with Spring by Marek Jeszka
Building resilient scheduling in distributed systems with SpringBuilding resilient scheduling in distributed systems with Spring
Building resilient scheduling in distributed systems with Spring
Marek Jeszka3.2K views
Ansible Integration in Foreman by Nikhil Kathole
Ansible Integration in ForemanAnsible Integration in Foreman
Ansible Integration in Foreman
Nikhil Kathole3.3K views
WebSphere App Server vs JBoss vs WebLogic vs Tomcat (InterConnect 2016) by Roman Kharkovski
WebSphere App Server vs JBoss vs WebLogic vs Tomcat (InterConnect 2016)WebSphere App Server vs JBoss vs WebLogic vs Tomcat (InterConnect 2016)
WebSphere App Server vs JBoss vs WebLogic vs Tomcat (InterConnect 2016)
Roman Kharkovski59.3K views
Red Hat Java Update and Quarkus Introduction by John Archer
Red Hat Java Update and Quarkus IntroductionRed Hat Java Update and Quarkus Introduction
Red Hat Java Update and Quarkus Introduction
John Archer687 views
[오픈소스컨설팅]Kafka message system 맛보기 by Chanyeol yoon
[오픈소스컨설팅]Kafka message system 맛보기 [오픈소스컨설팅]Kafka message system 맛보기
[오픈소스컨설팅]Kafka message system 맛보기
Chanyeol yoon1.4K views
Immutable Infrastructure with Packer Ansible and Terraform by Michael Peacock
Immutable Infrastructure with Packer Ansible and TerraformImmutable Infrastructure with Packer Ansible and Terraform
Immutable Infrastructure with Packer Ansible and Terraform
Michael Peacock209 views
Infrastructure as Code with Terraform and Ansible by DevOps Meetup Bern
Infrastructure as Code with Terraform and AnsibleInfrastructure as Code with Terraform and Ansible
Infrastructure as Code with Terraform and Ansible
DevOps Meetup Bern1.6K views
Kubernetes Concepts And Architecture Powerpoint Presentation Slides by SlideTeam
Kubernetes Concepts And Architecture Powerpoint Presentation SlidesKubernetes Concepts And Architecture Powerpoint Presentation Slides
Kubernetes Concepts And Architecture Powerpoint Presentation Slides
SlideTeam4K views
Containers Docker Kind Kubernetes Istio by Araf Karsh Hamid
Containers Docker Kind Kubernetes IstioContainers Docker Kind Kubernetes Istio
Containers Docker Kind Kubernetes Istio
Araf Karsh Hamid345 views
Kubernetes for Beginners: An Introductory Guide by Bytemark
Kubernetes for Beginners: An Introductory GuideKubernetes for Beginners: An Introductory Guide
Kubernetes for Beginners: An Introductory Guide
Bytemark10.7K views
Introduction to Red Hat by Albert Wong
Introduction to Red HatIntroduction to Red Hat
Introduction to Red Hat
Albert Wong9.9K views
NATS Streaming - an alternative to Apache Kafka? by Anton Zadorozhniy
NATS Streaming - an alternative to Apache Kafka?NATS Streaming - an alternative to Apache Kafka?
NATS Streaming - an alternative to Apache Kafka?
Anton Zadorozhniy4.5K views
Apache Kafka® and API Management by confluent
Apache Kafka® and API ManagementApache Kafka® and API Management
Apache Kafka® and API Management
confluent335 views
GCP - GCE, Cloud SQL, Cloud Storage, BigQuery Basic Training by Simon Su
GCP - GCE, Cloud SQL, Cloud Storage, BigQuery Basic TrainingGCP - GCE, Cloud SQL, Cloud Storage, BigQuery Basic Training
GCP - GCE, Cloud SQL, Cloud Storage, BigQuery Basic Training
Simon Su2.2K views

Similar to Navigating the service mesh landscape with Istio, Consul Connect, and Linkerd

Service-mesh options with Linkerd, Consul, Istio and AWS AppMesh by
Service-mesh options with Linkerd, Consul, Istio and AWS AppMeshService-mesh options with Linkerd, Consul, Istio and AWS AppMesh
Service-mesh options with Linkerd, Consul, Istio and AWS AppMeshChristian Posta
2.8K views55 slides
Kubernetes Ingress to Service Mesh (and beyond!) by
Kubernetes Ingress to Service Mesh (and beyond!)Kubernetes Ingress to Service Mesh (and beyond!)
Kubernetes Ingress to Service Mesh (and beyond!)Christian Posta
614 views64 slides
Do You Need A Service Mesh? by
Do You Need A Service Mesh?Do You Need A Service Mesh?
Do You Need A Service Mesh?NGINX, Inc.
788 views40 slides
Cloud Foundry and Microservices: A Mutualistic Symbiotic Relationship by
Cloud Foundry and Microservices: A Mutualistic Symbiotic RelationshipCloud Foundry and Microservices: A Mutualistic Symbiotic Relationship
Cloud Foundry and Microservices: A Mutualistic Symbiotic RelationshipVMware Tanzu
3.9K views42 slides
Cloud Foundry and Microservices: A Mutualistic Symbiotic Relationship by
Cloud Foundry and Microservices: A Mutualistic Symbiotic RelationshipCloud Foundry and Microservices: A Mutualistic Symbiotic Relationship
Cloud Foundry and Microservices: A Mutualistic Symbiotic RelationshipMatt Stine
19K views42 slides
Keynote: Architecting for Continuous Delivery (Pivotal Cloud Platform Roadshow) by
Keynote: Architecting for Continuous Delivery (Pivotal Cloud Platform Roadshow)Keynote: Architecting for Continuous Delivery (Pivotal Cloud Platform Roadshow)
Keynote: Architecting for Continuous Delivery (Pivotal Cloud Platform Roadshow)VMware Tanzu
7.4K views41 slides

Similar to Navigating the service mesh landscape with Istio, Consul Connect, and Linkerd(20)

Service-mesh options with Linkerd, Consul, Istio and AWS AppMesh by Christian Posta
Service-mesh options with Linkerd, Consul, Istio and AWS AppMeshService-mesh options with Linkerd, Consul, Istio and AWS AppMesh
Service-mesh options with Linkerd, Consul, Istio and AWS AppMesh
Christian Posta2.8K views
Kubernetes Ingress to Service Mesh (and beyond!) by Christian Posta
Kubernetes Ingress to Service Mesh (and beyond!)Kubernetes Ingress to Service Mesh (and beyond!)
Kubernetes Ingress to Service Mesh (and beyond!)
Christian Posta614 views
Do You Need A Service Mesh? by NGINX, Inc.
Do You Need A Service Mesh?Do You Need A Service Mesh?
Do You Need A Service Mesh?
NGINX, Inc.788 views
Cloud Foundry and Microservices: A Mutualistic Symbiotic Relationship by VMware Tanzu
Cloud Foundry and Microservices: A Mutualistic Symbiotic RelationshipCloud Foundry and Microservices: A Mutualistic Symbiotic Relationship
Cloud Foundry and Microservices: A Mutualistic Symbiotic Relationship
VMware Tanzu3.9K views
Cloud Foundry and Microservices: A Mutualistic Symbiotic Relationship by Matt Stine
Cloud Foundry and Microservices: A Mutualistic Symbiotic RelationshipCloud Foundry and Microservices: A Mutualistic Symbiotic Relationship
Cloud Foundry and Microservices: A Mutualistic Symbiotic Relationship
Matt Stine19K views
Keynote: Architecting for Continuous Delivery (Pivotal Cloud Platform Roadshow) by VMware Tanzu
Keynote: Architecting for Continuous Delivery (Pivotal Cloud Platform Roadshow)Keynote: Architecting for Continuous Delivery (Pivotal Cloud Platform Roadshow)
Keynote: Architecting for Continuous Delivery (Pivotal Cloud Platform Roadshow)
VMware Tanzu7.4K views
Enabling Fast IT using Containers, Microservices and DAVROS models: an overview by Cisco DevNet
Enabling Fast IT using Containers, Microservices and DAVROS models: an overviewEnabling Fast IT using Containers, Microservices and DAVROS models: an overview
Enabling Fast IT using Containers, Microservices and DAVROS models: an overview
Cisco DevNet537 views
Istio as an enabler for migrating to microservices (edition 2022) by Ahmed Misbah
Istio as an enabler for migrating to microservices (edition 2022)Istio as an enabler for migrating to microservices (edition 2022)
Istio as an enabler for migrating to microservices (edition 2022)
Ahmed Misbah394 views
Business Continuity with Microservices-Based Apps and DevOps: Learnings from ... by DevOps.com
Business Continuity with Microservices-Based Apps and DevOps: Learnings from ...Business Continuity with Microservices-Based Apps and DevOps: Learnings from ...
Business Continuity with Microservices-Based Apps and DevOps: Learnings from ...
DevOps.com218 views
NUS-ISS Learning Day 2018- Designing software to make the most of cloud platf... by NUS-ISS
NUS-ISS Learning Day 2018- Designing software to make the most of cloud platf...NUS-ISS Learning Day 2018- Designing software to make the most of cloud platf...
NUS-ISS Learning Day 2018- Designing software to make the most of cloud platf...
NUS-ISS103 views
Extending The Power Of Anypoint Platform Using Anypoint Service Mesh by AaronLieberman5
Extending The Power Of Anypoint Platform Using Anypoint Service MeshExtending The Power Of Anypoint Platform Using Anypoint Service Mesh
Extending The Power Of Anypoint Platform Using Anypoint Service Mesh
AaronLieberman5595 views
Cloud Foundry Technical Overview at IBM Interconnect 2016 by Stormy Peters
Cloud Foundry Technical Overview at IBM Interconnect 2016Cloud Foundry Technical Overview at IBM Interconnect 2016
Cloud Foundry Technical Overview at IBM Interconnect 2016
Stormy Peters801 views
Do I Need A Service Mesh.pptx by PINGXIONG3
Do I Need A Service Mesh.pptxDo I Need A Service Mesh.pptx
Do I Need A Service Mesh.pptx
PINGXIONG35 views
SYN207: Newest and coolest NetScaler features you should be jazzed about by Citrix
SYN207: Newest and coolest NetScaler features you should be jazzed aboutSYN207: Newest and coolest NetScaler features you should be jazzed about
SYN207: Newest and coolest NetScaler features you should be jazzed about
Citrix5K views
2019 04-25-agile communitymeetup-essentialcapabilitiesbehindmicroservices by Kim Kao
2019 04-25-agile communitymeetup-essentialcapabilitiesbehindmicroservices2019 04-25-agile communitymeetup-essentialcapabilitiesbehindmicroservices
2019 04-25-agile communitymeetup-essentialcapabilitiesbehindmicroservices
Kim Kao223 views
2019 04-25-agile communitymeetup-essentialcapabilitiesbehindmicroservices by solidkim
2019 04-25-agile communitymeetup-essentialcapabilitiesbehindmicroservices2019 04-25-agile communitymeetup-essentialcapabilitiesbehindmicroservices
2019 04-25-agile communitymeetup-essentialcapabilitiesbehindmicroservices
solidkim429 views
DevOps Patterns to Enable Success in Microservices by Rich Mills
DevOps Patterns to Enable Success in MicroservicesDevOps Patterns to Enable Success in Microservices
DevOps Patterns to Enable Success in Microservices
Rich Mills194 views
Multi-cluster service mesh with GlooMesh by Christian Posta
Multi-cluster service mesh with GlooMeshMulti-cluster service mesh with GlooMesh
Multi-cluster service mesh with GlooMesh
Christian Posta1.2K views
Http Services in Rust on Containers by Anton Whalley
Http Services in Rust on ContainersHttp Services in Rust on Containers
Http Services in Rust on Containers
Anton Whalley185 views
2019 03-23-2nd-meetup-essential capabilities behind microservices by Kim Kao
2019 03-23-2nd-meetup-essential capabilities behind microservices2019 03-23-2nd-meetup-essential capabilities behind microservices
2019 03-23-2nd-meetup-essential capabilities behind microservices
Kim Kao880 views

More from Christian Posta

Understanding Wireguard, TLS and Workload Identity by
Understanding Wireguard, TLS and Workload IdentityUnderstanding Wireguard, TLS and Workload Identity
Understanding Wireguard, TLS and Workload IdentityChristian Posta
263 views51 slides
Compliance and Zero Trust Ambient Mesh by
Compliance and Zero Trust Ambient MeshCompliance and Zero Trust Ambient Mesh
Compliance and Zero Trust Ambient MeshChristian Posta
143 views40 slides
Cilium + Istio with Gloo Mesh by
Cilium + Istio with Gloo MeshCilium + Istio with Gloo Mesh
Cilium + Istio with Gloo MeshChristian Posta
597 views40 slides
Multicluster Kubernetes and Service Mesh Patterns by
Multicluster Kubernetes and Service Mesh PatternsMulticluster Kubernetes and Service Mesh Patterns
Multicluster Kubernetes and Service Mesh PatternsChristian Posta
1.4K views43 slides
Cloud-Native Application Debugging with Envoy and Service Mesh by
Cloud-Native Application Debugging with Envoy and Service MeshCloud-Native Application Debugging with Envoy and Service Mesh
Cloud-Native Application Debugging with Envoy and Service MeshChristian Posta
928 views79 slides
Deep Dive: Building external auth plugins for Gloo Enterprise by
Deep Dive: Building external auth plugins for Gloo EnterpriseDeep Dive: Building external auth plugins for Gloo Enterprise
Deep Dive: Building external auth plugins for Gloo EnterpriseChristian Posta
719 views28 slides

More from Christian Posta(20)

Understanding Wireguard, TLS and Workload Identity by Christian Posta
Understanding Wireguard, TLS and Workload IdentityUnderstanding Wireguard, TLS and Workload Identity
Understanding Wireguard, TLS and Workload Identity
Christian Posta263 views
Compliance and Zero Trust Ambient Mesh by Christian Posta
Compliance and Zero Trust Ambient MeshCompliance and Zero Trust Ambient Mesh
Compliance and Zero Trust Ambient Mesh
Christian Posta143 views
Multicluster Kubernetes and Service Mesh Patterns by Christian Posta
Multicluster Kubernetes and Service Mesh PatternsMulticluster Kubernetes and Service Mesh Patterns
Multicluster Kubernetes and Service Mesh Patterns
Christian Posta1.4K views
Cloud-Native Application Debugging with Envoy and Service Mesh by Christian Posta
Cloud-Native Application Debugging with Envoy and Service MeshCloud-Native Application Debugging with Envoy and Service Mesh
Cloud-Native Application Debugging with Envoy and Service Mesh
Christian Posta928 views
Deep Dive: Building external auth plugins for Gloo Enterprise by Christian Posta
Deep Dive: Building external auth plugins for Gloo EnterpriseDeep Dive: Building external auth plugins for Gloo Enterprise
Deep Dive: Building external auth plugins for Gloo Enterprise
Christian Posta719 views
Role of edge gateways in relation to service mesh adoption by Christian Posta
Role of edge gateways in relation to service mesh adoptionRole of edge gateways in relation to service mesh adoption
Role of edge gateways in relation to service mesh adoption
Christian Posta1.1K views
Chaos Debugging for Microservices by Christian Posta
Chaos Debugging for MicroservicesChaos Debugging for Microservices
Chaos Debugging for Microservices
Christian Posta694 views
Leveraging Envoy Proxy and GraphQL to Lower the Risk of Monolith to Microserv... by Christian Posta
Leveraging Envoy Proxy and GraphQL to Lower the Risk of Monolith to Microserv...Leveraging Envoy Proxy and GraphQL to Lower the Risk of Monolith to Microserv...
Leveraging Envoy Proxy and GraphQL to Lower the Risk of Monolith to Microserv...
Christian Posta2.8K views
Intro Istio and what's new Istio 1.1 by Christian Posta
Intro Istio and what's new Istio 1.1Intro Istio and what's new Istio 1.1
Intro Istio and what's new Istio 1.1
Christian Posta852 views
API Gateways are going through an identity crisis by Christian Posta
API Gateways are going through an identity crisisAPI Gateways are going through an identity crisis
API Gateways are going through an identity crisis
Christian Posta1.8K views
KubeCon NA 2018: Evolution of Integration and Microservices with Service Mesh... by Christian Posta
KubeCon NA 2018: Evolution of Integration and Microservices with Service Mesh...KubeCon NA 2018: Evolution of Integration and Microservices with Service Mesh...
KubeCon NA 2018: Evolution of Integration and Microservices with Service Mesh...
Christian Posta1.9K views
PHX DevOps Days: Service Mesh Landscape by Christian Posta
PHX DevOps Days: Service Mesh LandscapePHX DevOps Days: Service Mesh Landscape
PHX DevOps Days: Service Mesh Landscape
Christian Posta736 views
API World: The service-mesh landscape by Christian Posta
API World: The service-mesh landscapeAPI World: The service-mesh landscape
API World: The service-mesh landscape
Christian Posta851 views
Making sense of microservices, service mesh, and serverless by Christian Posta
Making sense of microservices, service mesh, and serverlessMaking sense of microservices, service mesh, and serverless
Making sense of microservices, service mesh, and serverless
Christian Posta691 views
Evolution of integration and microservices patterns with service mesh by Christian Posta
Evolution of integration and microservices patterns with service meshEvolution of integration and microservices patterns with service mesh
Evolution of integration and microservices patterns with service mesh
Christian Posta2.6K views
Come for the traffic management, stay for the security by Christian Posta
Come for the traffic management, stay for the securityCome for the traffic management, stay for the security
Come for the traffic management, stay for the security
Christian Posta721 views
An eventful tour from enterprise integration to serverless and functions by Christian Posta
An eventful tour from enterprise integration to serverless and functionsAn eventful tour from enterprise integration to serverless and functions
An eventful tour from enterprise integration to serverless and functions
Christian Posta782 views

Recently uploaded

Advanced API Mocking Techniques by
Advanced API Mocking TechniquesAdvanced API Mocking Techniques
Advanced API Mocking TechniquesDimpy Adhikary
19 views11 slides
.NET Developer Conference 2023 - .NET Microservices mit Dapr – zu viel Abstra... by
.NET Developer Conference 2023 - .NET Microservices mit Dapr – zu viel Abstra....NET Developer Conference 2023 - .NET Microservices mit Dapr – zu viel Abstra...
.NET Developer Conference 2023 - .NET Microservices mit Dapr – zu viel Abstra...Marc Müller
38 views62 slides
Fleet Management Software in India by
Fleet Management Software in India Fleet Management Software in India
Fleet Management Software in India Fleetable
11 views1 slide
Dev-Cloud Conference 2023 - Continuous Deployment Showdown: Traditionelles CI... by
Dev-Cloud Conference 2023 - Continuous Deployment Showdown: Traditionelles CI...Dev-Cloud Conference 2023 - Continuous Deployment Showdown: Traditionelles CI...
Dev-Cloud Conference 2023 - Continuous Deployment Showdown: Traditionelles CI...Marc Müller
37 views83 slides
ict act 1.pptx by
ict act 1.pptxict act 1.pptx
ict act 1.pptxsanjaniarun08
13 views17 slides
Cycleops - Automate deployments on top of bare metal.pptx by
Cycleops - Automate deployments on top of bare metal.pptxCycleops - Automate deployments on top of bare metal.pptx
Cycleops - Automate deployments on top of bare metal.pptxThanassis Parathyras
31 views12 slides

Recently uploaded(20)

Advanced API Mocking Techniques by Dimpy Adhikary
Advanced API Mocking TechniquesAdvanced API Mocking Techniques
Advanced API Mocking Techniques
Dimpy Adhikary19 views
.NET Developer Conference 2023 - .NET Microservices mit Dapr – zu viel Abstra... by Marc Müller
.NET Developer Conference 2023 - .NET Microservices mit Dapr – zu viel Abstra....NET Developer Conference 2023 - .NET Microservices mit Dapr – zu viel Abstra...
.NET Developer Conference 2023 - .NET Microservices mit Dapr – zu viel Abstra...
Marc Müller38 views
Fleet Management Software in India by Fleetable
Fleet Management Software in India Fleet Management Software in India
Fleet Management Software in India
Fleetable11 views
Dev-Cloud Conference 2023 - Continuous Deployment Showdown: Traditionelles CI... by Marc Müller
Dev-Cloud Conference 2023 - Continuous Deployment Showdown: Traditionelles CI...Dev-Cloud Conference 2023 - Continuous Deployment Showdown: Traditionelles CI...
Dev-Cloud Conference 2023 - Continuous Deployment Showdown: Traditionelles CI...
Marc Müller37 views
Cycleops - Automate deployments on top of bare metal.pptx by Thanassis Parathyras
Cycleops - Automate deployments on top of bare metal.pptxCycleops - Automate deployments on top of bare metal.pptx
Cycleops - Automate deployments on top of bare metal.pptx
MariaDB stored procedures and why they should be improved by Federico Razzoli
MariaDB stored procedures and why they should be improvedMariaDB stored procedures and why they should be improved
MariaDB stored procedures and why they should be improved
DSD-INT 2023 Simulating a falling apron in Delft3D 4 - Engineering Practice -... by Deltares
DSD-INT 2023 Simulating a falling apron in Delft3D 4 - Engineering Practice -...DSD-INT 2023 Simulating a falling apron in Delft3D 4 - Engineering Practice -...
DSD-INT 2023 Simulating a falling apron in Delft3D 4 - Engineering Practice -...
Deltares6 views
2023-November-Schneider Electric-Meetup-BCN Admin Group.pptx by animuscrm
2023-November-Schneider Electric-Meetup-BCN Admin Group.pptx2023-November-Schneider Electric-Meetup-BCN Admin Group.pptx
2023-November-Schneider Electric-Meetup-BCN Admin Group.pptx
animuscrm13 views
Consulting for Data Monetization Maximizing the Profit Potential of Your Data... by Flexsin
Consulting for Data Monetization Maximizing the Profit Potential of Your Data...Consulting for Data Monetization Maximizing the Profit Potential of Your Data...
Consulting for Data Monetization Maximizing the Profit Potential of Your Data...
Flexsin 15 views
Neo4j y GenAI by Neo4j
Neo4j y GenAI Neo4j y GenAI
Neo4j y GenAI
Neo4j45 views
360 graden fabriek by info33492
360 graden fabriek360 graden fabriek
360 graden fabriek
info3349236 views
Roadmap y Novedades de producto by Neo4j
Roadmap y Novedades de productoRoadmap y Novedades de producto
Roadmap y Novedades de producto
Neo4j50 views
DSD-INT 2023 Leveraging the results of a 3D hydrodynamic model to improve the... by Deltares
DSD-INT 2023 Leveraging the results of a 3D hydrodynamic model to improve the...DSD-INT 2023 Leveraging the results of a 3D hydrodynamic model to improve the...
DSD-INT 2023 Leveraging the results of a 3D hydrodynamic model to improve the...
Deltares6 views
What Can Employee Monitoring Software Do?​ by wAnywhere
What Can Employee Monitoring Software Do?​What Can Employee Monitoring Software Do?​
What Can Employee Monitoring Software Do?​
wAnywhere21 views
DSD-INT 2023 - Delft3D User Days - Welcome - Day 3 - Afternoon by Deltares
DSD-INT 2023 - Delft3D User Days - Welcome - Day 3 - AfternoonDSD-INT 2023 - Delft3D User Days - Welcome - Day 3 - Afternoon
DSD-INT 2023 - Delft3D User Days - Welcome - Day 3 - Afternoon
Deltares15 views

Navigating the service mesh landscape with Istio, Consul Connect, and Linkerd

  • 1. 1 | Copyright © 2019 Service-mesh options with Linkerd, Consul, Istio and AppMesh Christian Posta Global Field CTO, Solo.io OSCON 2019
  • 2. 2 | Copyright © 2019 CHRISTIAN POSTA • Field CTO @ solo.io • Author of a few books • Contributor to many open-source projects • Architect, blogger, speaker, mentor, leader https://bit.ly/istio-in-action @christianposta christian@solo.io https://blog.christianposta.com https://slideshare.net/ceposta
  • 3. 3 | Copyright © 2019 Flow of talk • What’s the problem we’re addressing with a service mesh? • What is a service mesh? Previous approaches / pros / cons • Generic service-mesh architecture • Explore service-mesh implementations • Guidance for service-mesh adoption
  • 4. 4 | Copyright © 2019 Move fast, safely https://puppet.com/resources/whitepaper/state-of-devops-report
  • 5. 5 | Copyright © 2019 As we move to services architectures, we push the complexity to the space between our services.
  • 6. 6 | Copyright © 2019 Challenges in a cloudy world • Service discovery • Retries • Timeouts • Load balancing • Rate limiting • Thread bulk heading • Circuit breaking • Security
  • 7. 7 | Copyright © 2019 …Continued… • Routing between services (adaptive, zone-aware) • Deadlines • Back pressure • Outlier detection • Health checking • Traffic shaping • Request shadowing
  • 8. 8 | Copyright © 2019 …Continued… • Edge/DMZ routing • Surgical / fine / per-request routing • A/B rollout • Internal releases / dark launches • Fault injection • Stats, metric, collection • Logging • Tracing
  • 9. 9 | Copyright © 2019 • Netflix Hystrix (circuit breaking / bulk heading) • Netflix Zuul (edge router) • Netflix Ribbon (client-side service discovery / load balance) • Netflix Eureka (service discovery registry) • Brave / Zipkin (tracing) • Netflix spectator / atlas (metrics) Microservices Patterns
  • 10. 10 | Copyright © 2019 But I’m using Spring! • spring-cloud-netflix-hystrix • spring-cloud-netflix-zuul • spring-cloud-netflix-eureka-client • spring-cloud-netflix-ribbon • spring-cloud-netflix-atlas • spring-cloud-netflix-spectator • spring-cloud-netflix-hystrix-stream • ….. • @Enable....150differentThings
  • 11. 11 | Copyright © 2019 But I’m using Vert.x! • vertx-circuit-breaker • vertx-service-discovery • vertx-dropwizard-metrics • vertx-zipkin? • ….. • ......
  • 12. 12 | Copyright © 2019 Screw Java - I’m using NodeJS! JavaScript is for rookies, I use Go! But python is so pretty! I prefer unreadability… Perl for me!
  • 13. 13 | Copyright © 2019 • Require specific language to bring in new services • A single language doesn’t fit for all use cases • How do you patch/upgrade/manage lifecycle? • Need strict control over application library choices Some drawbacks to this approach?
  • 14. 14 | Copyright © 2019 Let’s abstract this functionality and apply to all services out of process • Allow heterogeneous architectures • Remove application-specific implementations of this functionality • Consistently enforce these properties • Correctly enforce these properties • Opt-in as well as safety nets
  • 15. 15 | Copyright © 201915 | Copyright © 2019 Foundation for a solution
  • 16. 16 | Copyright © 2019 Meet Envoy Proxy http://envoyproxy.io
  • 17. 17 | Copyright © 2019 Envoy Proxy: • written in C++, highly parallel, non-blocking • L4 / L7 service proxy (HTTP1, HTTP2, gRPC, Kafka, Redis, Mongo, Dynamo, etc) • zone aware, least request load balancing • circuit breaking / outlier detection • retries, retry policies • timeout (including budgets) • traffic shadowing • rate limiting • access logging, statistics collection • dynamic configuration through standard interfaces
  • 18. 18 | Copyright © 2019
  • 19. 19 | Copyright © 2019
  • 20. 20 | Copyright © 2019 Deployed as a service proxy:
  • 21. 21 | Copyright © 2019 A service mesh is decentralized application- networking infrastructure between your services that provides resiliency, security, observability, and routing control.
  • 22. 22 | Copyright © 201922 | Copyright © 2019 Service-mesh architecture
  • 23. 23 | Copyright © 2019
  • 24. 24 | Copyright © 2019
  • 25. 25 | Copyright © 2019
  • 26. 26 | Copyright © 2019 Service mesh technologies typically provide: • Service discovery / Load balancing • Secure service-to-service communication • Traffic control / shaping / shifting • Policy / Intention based access control • Traffic metric collection • Service resilience • API / programmable interface
  • 27. 27 | Copyright © 201927 | Copyright © 2019 Exploring service-mesh implementations
  • 28. 28 | Copyright © 2019 Meet Linkerd http://linkerd.io
  • 29. 29 | Copyright © 2019 Linkerd2 • Backed by Buoyant / CNCF • Kubernetes specific • Control plane (go) / custom data plane (rust) • Latest release 2.4 • Strong focus on observing top-level network metrics • Resilience, timeouts, retry budgets • Always-on mTLS
  • 30. 30 | Copyright © 2019
  • 31. 31 | Copyright © 2019 Linkerd2 • Purpose built, Kubernetes only • Uses CRD for configurations • High performance characteristics • Great user/getting-started experience • Open, welcoming community • Observability, basic resilience • Secure by default • Deployed transparently to app Strengths • Limited feature set (at the moment… more to come) • Missing traffic routing, policy enforcement, circuit breakers • Kubernetes-only • Multi-cluster support Opportunities
  • 32. 32 | Copyright © 2019 Meet Consul Connect http://consul.io
  • 33. 33 | Copyright © 2019 Consul Connect • Backed by HashiCorp • Control plane (consul server) / data plane (proxies/app) • Part of Consul 1.2 release, June 2018 (latest is 1.5.2) • Strong focus on L4 Identity (SPIFFE) • Easy to configure transport encryption (mTLS) • Service segmentation, intention-based ACL policy • Optional use of Envoy Proxy • Native app integration for latency/performance sensitive apps
  • 34. 34 | Copyright © 2019
  • 35. 35 | Copyright © 2019 Consul Connect • Built on Consul: stable, critical piece of software • Solves the identity management challenges in dynamic applications • Hybrid environment support • Optional Envoy Proxy • Multi-cluster/site foundations • Vault support for certificate management Strengths • Application config/code impact (not transparent to app, cannot use k8s dns) • Have to manage separate CP data store • does not use CRDs on k8s • No distributed tracing Opportunities
  • 36. 36 | Copyright © 2019 Meet Istio.io http://istio.io
  • 37. 37 | Copyright © 2019 Istio • Control plane / data plane (Envoy Proxy) • 1.1 March 2019 • Collaboration between Google, IBM, Lyft, VMWare, Red Hat, et al. • Based on Envoy proxy • mTLS, policy based ACL, resilience, observability, traffic control • Kubernetes native with other platform support • Large community
  • 38. 38 | Copyright © 2019
  • 39. 39 | Copyright © 2019 Istio • Large, vibrant community • Backed by Google, et. al. • Large feature set • Based on Envoy • Flexible deployment options • Out of the box Ingress • Multi-cluster support Strengths • Performance / overhead improvements • Architecture improvements • Focus on iterative adoption • Continue improvement to documentation • Reduce magic Opportunities
  • 40. 40 | Copyright © 2019 Meet AWS App Mesh https://aws.amazon.com/app-mesh/
  • 41. 41 | Copyright © 2019 AWS App Mesh • Backed by AWS • Control plane (managed) / data plane (Envoy Proxy) • Announced Nov 2018, GA March 2019 • Main functionality is around weighted traffic routing • Supported across deployment platforms • Continuing to add more features
  • 42. 42 | Copyright © 2019
  • 43. 43 | Copyright © 2019 AWS App Mesh • Managed control plane • Built on Envoy Proxy • Supports multiple deployment platforms (EC2, ECS, EKS, Kubernetes) • Focus on basic traffic shifting • Ties in with rest of AWS infrastructure • Free to use on AWS Strengths • AWS Only • Very limited control-plane capabilities • No visibility to control plane behavior • No mTLS, Policy, enforcement fine- grained traffic control • Manually configure Envoy for metrics- collection/CloudWatch integration Opportunities
  • 44. 44 | Copyright © 201944 | Copyright © 2019 Comparisons
  • 45. 45 | Copyright © 2019 Anecdotal comparisons: Benchmarking Istio and Linkerd CPU: https://medium.com/@michael_87395/benchmarking-istio-linkerd-cpu-c36287e32781 Benchmarking Istio and Linkerd at Scale (follow up) https://medium.com/@michael_87395/benchmarking-istio-linkerd-cpu-at-scale-5f2cfc97c7fa
  • 46. 46 | Copyright © 2019 Wrapping up - Ignore comparisons and anecdotes. Focus on: • Service mesh approach is the right approach, implementations still evolving • Solve today’s pain with as little technology as you can • Invest in the data plane (Envoy proxy) • Ingress-first approach: API Gateways (like Gloo, built on Envoy) can give you service- mesh-like capabilities with a fraction of the complexity and risk • Iteratively adopt service-mesh capabilities (and commensurate deployment footprint) • Abstract service-mesh implementation details, configuration, opinions
  • 47. 47 | Copyright © 2019 Easiest way to get started with service mesh is with… https://supergloo.solo.io
  • 48. 48 | Copyright © 2019 https://supergloo.solo.io
  • 49. 49 | Copyright © 2019 Service Mesh Interface (SMI) https://github.com/deislabs/smi-spec https://supergloo.solo.io https://servicemeshhub.io
  • 50. 50 | Copyright © 2019 Exploring service mesh implementations “I used SuperGloo because it was super simple to get both services meshes bootstrapped quickly, with almost no effort on my part. We’re not using SuperGloo in production, but it was perfect for a task like this. It was literally two commands per mesh. I used two clusters for isolation— one for Istio, and one for Linkerd.” https://medium.com/@michael_87395/benchmarking-istio-linkerd-cpu-c36287e32781
  • 51. 51 | Copyright © 2019 Additional reading • Istio the easy way https://medium.com/solo-io/istio-the-easy-way-de66e6eba4a1 • Linkerd vs Istio https://medium.com/solo-io/linkerd-or-istio-6fcd2aad6e42 • SuperGloo Open API and Service Mesh Orchestration https://medium.com/solo-io/https-medium-com-solo-io-supergloo-ff2aae1fb96f • Follow up: Benchmarking Istio and Linkerd at Scale • https://medium.com/@michael_87395/benchmarking-istio-linkerd-cpu-at-scale- 5f2cfc97c7fa • Linkerd April 2019 Community Meeting https://buoyant.io/resources/april-2019-linkerd-community-meeting-recap/ • AWS AppMesh FAQ https://aws.amazon.com/app-mesh/faqs/ • Consul Connect Intro https://www.hashicorp.com/resources/consul-connect-announcement-mitchell-hashimoto • Consul Connect Roadmap https://www.hashicorp.com/blog/roadmap-preview-what-s-next-for-consul-service-mesh
  • 52. 52 | Copyright © 2019 CHRISTIAN POSTA @christianposta christian@solo.io https://blog.christianposta.com https://slideshare.net/ceposta
  • 53. 53 | Copyright © 201953 | Copyright © 2019 @soloio_inc

Editor's Notes

  1. Get back to first principles. Focus on principles, patterns, methodologies. Tools will help, but you cannot start with tools.
  2. Get back to first principles. Focus on principles, patterns, methodologies. Tools will help, but you cannot start with tools.
  3. Get back to first principles. Focus on principles, patterns, methodologies. Tools will help, but you cannot start with tools.
  4. Get back to first principles. Focus on principles, patterns, methodologies. Tools will help, but you cannot start with tools.
  5. Get back to first principles. Focus on principles, patterns, methodologies. Tools will help, but you cannot start with tools.
  6. Get back to first principles. Focus on principles, patterns, methodologies. Tools will help, but you cannot start with tools.
  7. Get back to first principles. Focus on principles, patterns, methodologies. Tools will help, but you cannot start with tools.
  8. Get back to first principles. Focus on principles, patterns, methodologies. Tools will help, but you cannot start with tools.
  9. Get back to first principles. Focus on principles, patterns, methodologies. Tools will help, but you cannot start with tools.
  10. Get back to first principles. Focus on principles, patterns, methodologies. Tools will help, but you cannot start with tools.
  11. Get back to first principles. Focus on principles, patterns, methodologies. Tools will help, but you cannot start with tools.
  12. Get back to first principles. Focus on principles, patterns, methodologies. Tools will help, but you cannot start with tools.
  13. Get back to first principles. Focus on principles, patterns, methodologies. Tools will help, but you cannot start with tools.
  14. Get back to first principles. Focus on principles, patterns, methodologies. Tools will help, but you cannot start with tools.
  15. Get back to first principles. Focus on principles, patterns, methodologies. Tools will help, but you cannot start with tools.
  16. Get back to first principles. Focus on principles, patterns, methodologies. Tools will help, but you cannot start with tools.
  17. Get back to first principles. Focus on principles, patterns, methodologies. Tools will help, but you cannot start with tools.
  18. Get back to first principles. Focus on principles, patterns, methodologies. Tools will help, but you cannot start with tools.
  19. Get back to first principles. Focus on principles, patterns, methodologies. Tools will help, but you cannot start with tools.
  20. Get back to first principles. Focus on principles, patterns, methodologies. Tools will help, but you cannot start with tools.