Swan(sea) Song – personal research during my six years at Swansea ... and bey...
API Days Paris 2019: Cloud native API Management for Microservices on a Service Mesh using Istio
1. API Days Paris 2019
Cloud native API Management for Microservices on a
Service Mesh using Istio
1
Stefano Negri
Director - Solution Architecture - WSO2
stefano@wso2.com
2. What a Microservices Architecture is
● Microservice architectural style is an approach to
developing a single application as a suite of small
services.
● Each running in its own process and communicating
with lightweight mechanisms.
● These services are built, around business capabilities.
● Independently deployable by fully automated
deployment machinery.
3. Why Microservices Architecture?
● Individual components. Running, testing, deploying
individually.
● Agility, flexibility and speed to market.
● Adapt microservice development for fast innovation.
● Smaller teams, agile software development life cycles
● Freedom to use heterogeneous technologies, early
feedback cycles
4. Problem with “big application” (a.k.a. “monolithic”)
Let say you have bigger application and you need to scale
it.
Why Microservices
5. Split your “bigger application” into smaller granules that can be
deployed independently
Split into Microservices. So we can implement each smaller business
function most effective way(language, platform, expertise).
Why Microservices
6. Split your “bigger application” into smaller granules that
can be deployed independently
Split into Microservices. So we can implement each
smaller business function most effective way(language,
platform, expertise).
Why Microservices
7. Scale/ Replicate each component individually. Because
each smaller service is microservice now. And they can
be deploy independently.
Why Microservices
8. ● Breaking up monoliths into microservices adds more
components.
● Easy to manage at the beginning but becomes very
complex when things scale.
Microservices Challenges
11. • Secure communication between services.
• Analytics, tracing, monitoring
• Disaggregation of architecture increases number of
endpoints.
• Communication among these endpoints will be a key
challenge.
• Service discovery.
• Network resiliency.
Challenges with Microservices
13. Service Mesh
A service mesh is a dedicated infrastructure layer that
controls service-to-service communication over a network.
It provides a method in which separate parts of an
application can communicate with each other.
source:techtarget.com
14. Service Mash
14
▪ Microservices code has to take care of all network communication and
governance of services
▪ Hence such capabilities can be offloaded to a separate layer
Microservice A
Network Stack
Service Mesh
Sidecar
Microservice B
Network Stack
Service Mesh
Sidecar
Control Plane
HTTP1.x.HTTP2.gRPC,TCP
Application Network
Functions
Business
Logic
Primitive
Network
Functions Data Plane
15. Multiple Service Mesh implementations that are available
today
● Istio
● Gloo
● AWS App mesh
● Linkerd
Service Mesh Implementations
16. Istio is an open source service mesh implementation which
provides behavioral insights and operational control over
the service mesh as a whole, offering a complete solution
to satisfy the diverse requirements of microservice
applications.
Istio
17. Istio Component Overview
• Envoy is a set of intelligent proxies deployed as sidecars
• Mixer enforces access control and usage policies across the
service mesh, and collects telemetry data from the Envoy
proxy and other services.
• Pilot provides service discovery for the Envoy sidecars,
traffic management capabilities for intelligent routing, and
resiliency.
• Citadel enables strong service-to-service and end-user
authentication with built-in identity and credential
management.
19. • When users need to expose microservices services to
outside in a secured and a controlled manner.
• When fine grained security should be enforced on APIs
exposed.
• When stats need to be collected on API usage for
monetization and billing.
• When it is required to offer a marketplace for APIs for
easy discovery and adoption.
When is API Management required in a Service Mesh