Building a Service Mesh with Envoy (Kubecon May 2018)

•

3 likes•1,458 views

This document summarizes Squarespace's transition from a monolithic architecture to a microservices architecture and their implementation of a service mesh using Envoy proxy. It describes how Squarespace grew from less than 50 engineers in 2013 to over 200 engineers in 2017, necessitating the move to microservices for scalability. It outlines their initial use of Consul for service discovery and Netflix OSS libraries. It then introduces the concept of a service mesh and how Envoy proxy deployed as a sidecar can provide advanced control, observability, and support for multiple languages. It details how Envoy uses Consul and its xDS APIs for dynamic service discovery and configuration. Finally, it discusses future work including integrating orchestration and abstracting common service

Technology

Building a Service Mesh with Envoy
Doug Jones
djones@squarespace.com
@dougfjones

Microservices: A Story of Growth
Monolith
Background Jobs
DBQueue
2013: <50 engineers
● “Whatever works”
● Build product
● Grow fast

Microservices: A Story of Growth
2014: ~75 engineers
● “Whatever works”
● Too much firefighting
● Not enough new features
● Inflexible monolith architecture
Monolith
Background Jobs
DBQueue

Microservices: A Story of Growth
Monolith
Background Jobs
DBQueue
2016: 100+ engineers
● Microservices
● Scalable + Reliable
● Developers can move faster
● Squarespace can move faster

Microservices: A Story of Growth
Monolith
Background Jobs
DBQueue
2017: 200+ engineers
● Even More Microservices
● Independent, full stack teams
● Self Service Infra with
Kubernetes
● Desire flexible, reliable infra
● Desire better tooling

Microservices at Squarespace
● Building started late 2014
● Java API Servers
● Virtual Machines
● Consul Service Discovery
● Service client based on Netflix OSS (Hystrix, Ribbon, RxNetty)
● Now in progress: migrating from VMs to Kubernetes
Microservices Platform

Consul Use Case
Consul
Service A
Service B
Client Lib
Service B
Request
Service
Instances
Load Balance
Announce
Presence

DC 2DC 1
Consul Cross DC
Consul
Service A
Service B
Service B
Consul
Service C
Service D
Service D
Cross DC Gossip

Service Mesh
● Service client functionality moves to its own process (sidecar)
○ No longer trapped in a library
● This process can be configured and updated independently of the
application it serves
● Advanced operational control through APIs
● Improved observability
● Opens the door to better support for service development in multiple
programming languages
Why Service Mesh?

Service Mesh
● Envoy proxy
○ Co-located with each service instance (sidecar)
○ Proxies ingress and egress traffic
● Dynamic configuration API
○ Provide service discovery information
○ Change routing table and circuit breaker configuration
○ Big upgrade in our capability as operators
Service Mesh with Envoy

Pod
Envoy and Consul
Consul
Service A
Service B
Service BLoad Balance
Announce
PresenceEnvoy
Mesh
Discovery
Streaming
Updates (v2
API)

Envoy V2 xDS Proto
ConsulEnvoy
Mesh
Discovery
Cluster
Discovery
(CDS)
Catalog List
Services

Envoy V2 xDS Proto
ConsulEnvoy
Mesh
Discovery
[“Service A”,
“Service B”]
VersionInfo:
123
[“Service A”,
“Service B”]
Index: 123

Envoy V2 xDS Proto
ConsulEnvoy
Mesh
Discovery
Catalog List
Services
Newer than
Index: 123
Poll Consul

Envoy V2 xDS Proto
ConsulEnvoy
Mesh
Discovery
[..., “Service
C”]
Index: 456
[..., “Service
C”]
VersionInfo:
456
Push Update

Envoy xDS Proto
● EDS -> Consul health endpoint list Nodes for Service
○ Uses same Consul index to version mapping
○ Background polling for updates
● RDS
○ Simple HTTP routing rule matching header value to cluster name
Other xDS Requests

Future
● Build orchestration features into our new discovery system
○ Harness xDS to push updates that make traffic routing changes
● APIs to abstract common service mesh operations
● Dashboard for operators
Future Work

Thank You!
squarespace.com/careers
Doug Jones
djones@squarespace.com
@dougfjones

Service mesh is a dedicated layer of a company's infrastructure which should simplify communication between services and make it reliable, secure and observable. In this talk, we'll go deep into Booking.com's case study of introducing service mesh. We will discover the reasons and objectives of the project. Why Envoy was selected as the base rather than other available options. Find out what is the setup and features of the homegrown control plane. We will expand on what service is provided for developers and how they safely deploy potentially dangerous configuration changes. Finally, we will talk about pitfalls met along the way.

Envoy @ Lyft: developer productivity (kubecon 2.0)

Jose Ulises Nino Rivera

How can infrastructure engineers empower their product developers with easy-to-use systems and processes that abstract the complexity of core infrastructure? This talk focuses on Envoy configuration management, and how the networking team at Lyft builds on top of Envoy to allow Lyft engineers to focus on business logic. I gave this talk twice and made some edits for the second time. This is the most recent version

Envoy @ Lyft: Developer Productivity

Jose Ulises Nino Rivera

A Cassandra driver from and for the Lua community

Thibault Charbonnier

Implementing Microservices with NATS

Apcera

Gatekeeper: API gateway

ChengHui Weng

Building Out Your Kafka Developer CDC Ecosystem

confluent

What’s New in NGINX Ingress Controller for Kubernetes Release 1.5.0

NGINX, Inc.

On-Demand Recording: https://www.nginx.com/resources/webinars/whats-new-nginx-ingress-controller-kubernetes-version-150/ Kubernetes is the leading orchestration platform for deploying, scaling, and managing containerized applications. Infrastructure operators constantly impose new application delivery requirements as they adopt Kubernetes for production workloads. The NGINX Ingress controller is the most popular ingress load balancer for Kubernetes, providing a complete and supported solution for delivering your containerized applications to clients. Attend this webinar to learn about the latest developments in NGINX Ingress Controller for Kubernetes Release 1.5.0.

Mariusz Richtscheid: Are you wondering about using serverless computing in your project? In this presentation, I will explain the basics of serverless architecture. I'm using an example of a real-life serverless project done at The Software House called Babelsheet (translation-management solution), and include many practical tips for any beginner starting their adventure with a serverless architecture.

Analyzing NGINX Logs with Datadog

NGINX, Inc.

On-Demand Link: https://www.nginx.com/resources/webinars/analyzing-nginx-logs-datadog/ About the Webinar Datadog is a SaaS-based monitoring and analytics platform for cloud-scale organizations. The company is an industry leader in monitoring and observability – with over 350+ vendor-supported integrations, Datadog seamlessly correlates metrics, traces, and logs across the full DevOps stack. With Datadog’s Log Management solution, you can cost-effectively collect, analyze, and archive all your logs with an easy-to-use, intuitive interface. Attend this webinar to learn how to analyze NGINX logs using Datadog to achieve business outcomes including SEO optimization, improved website performance, and detection of DDoS attacks.

Kubernetes + netflix oss

Cristiano Altmann

Mastering Microservices with Kong (DevoxxUK 2019)

Maarten Mulders

When architecting microservice solutions, you'll often find yourself struggling with cross-cutting concerns. Think security, rate limiting, access control, monitoring, location-aware routing… Things can quickly become a nightmare. The API Gateway pattern can help you solve such problems in an elegant and uniform way. Using Kong, an open source product, you can get started today. In this session we'll look at the why and how of this approach.

Kong

Troublemaker Khunpech

Envoy, Wasm and Rust - the Mighty Trio

Anton Weiss

Envoy is a lightweight modern network proxy written in C++. It has quickly become the base component in most existing service mesh implementations. With such popularity - a new, safer, more scalable extensibility model was needed. Much to our excitement - now one can extend Envoy network filtering with WebAssembly modules written (among other languages) in Rust. We'll see a live demo of building and deploying such a filter.

Greyhound - Powerful Functional Kafka Library - Devtalks reimagined

Natan Silnitsky

Wix has finally released to open-source its Kafka client SDK wrapper called Greyhound. Completely re-written using the Scala functional library ZIO. Greyhound harnesses ZIO's sophisticated async and concurrency features together with its easy composability to provide a superior experience to Kafka's own client SDKs. It offers rich functionality including: - Trivial setup of message processing parallelisation, - Various fault tolerant retry policies (for consumers AND producers), - Easy plug-ability of metrics publishing and context propagation and much more. This talk will also show how Greyhound is used by Wix developers in more than 2000 event-driven microservices.

HAProxyConf 2019: Building a Service Mesh at Criteo with Consul and HAProxy

Pierre Souchay

At Criteo, we have been working on building a tight integration between HashiCorp Consul and HAProxy. In this talk, we will explain how we provision our HAProxy instances dynamically using Consul Connect, a new service mesh technology that allows HAProxy to talk to its peers from machine-to-machine without a traditional load balancer. We explain the history of Discovery at Criteo and why we developed such service-mesh. We also explain how the OpenSource HaProxy-Connect works internally and what features from HaProxy it uses (SPOE). https://github.com/criteo/haproxy-consul-connect https://www.haproxyconf.com/agenda/building-a-service-mesh-at-criteo-with-consul-and-haproxy/

Dev309 from asgard to zuul - netflix oss-final

Ruslan Meshenberg

Greyhound - Powerful Pure Functional Kafka Library

Natan Silnitsky

Java Microservices with Netflix OSS & Spring

Conor Svensson

Exactly Once Delivery with Kafka - Kafka Tel-Aviv Meetup

Natan Silnitsky

In this talk I go over the basic theory of messaging in distributed systems, the different message delivery guarantees in Kafka and the to use them. I focus on exactly once delivery guarantees and the way Kafka implements it with transaction based messaging protocol. Including a discussion of the latency/throughput trade-offs, resource utilisation and its overall advantages and shortcomings. Finally, I show a use-case at Wix where exactly once delivery helped us solve a big problem.

Introducing the Microservices Reference Architecture Version 1.2

NGINX, Inc.

About the webinar Application development using microservices is changing very quickly, even as many organizations are gearing up to produce their first full-fledged microservices apps, or expand microservices development. Among these changes are the emergence of Kubernetes as the most widely -used approach to container management and the arrival of service mesh architectures. The Istio service mesh architecture has reached version 1.0. There is also an increasing recognition of the need for security in service-to-service communications. In the upcoming Version 1.2 of the Microservices Reference Architecture, NGINX will offer an update to its robust and flexible array of models for microservices development, giving developers much more choice and the opportunity to “right-size” the microservices model they choose to the task at hand, while preserving the opportunity for future growth.

Using an API Gateway for Microservices

NGINX, Inc.

About the webinar The use of an API gateway and the move to microservices are two of the most important trends in application development. But are they similar, or different; complementary, or contradictory? In this webinar, we discuss the advantages of an API gateway, the advantages of microservices development, and how and when they can work together. The NGINX Microservices Reference Architecture (MRA) uses three different network architectures, with service mesh as a fourth. We describe how an API gateway relates to each of these network architectures and how to reduce rework if your application needs to evolve from one architecture to another. Speakers: Charles Pretzer, Technical Architect, NGINX, Inc. Floyd Smith, Director of Content Marketing, NGINX, Inc.

Scaling and Orchestrating Microservices with OSGi - N Bartlett

mfrancis

Microservices and Container Management with NGINX Plus and Mesosphere DC/OS

NGINX, Inc.

Webinar recording: nginx.com/resources/webinars/microservices-container-management-nginx-plus-mesosphere-dcos NGINX and NGINX Plus are emerging as the standard for connecting, securing, caching, and scaling microservices. We hope you found it valuable to learn how to use Mesosphere DC/OS and containers, such as Docker containers, to create and run microservices applications in an NGINX Plus environment.

Building Micro-Services with Scala

Yardena Meymann

"Microservices" is one of the hottest buzzwords and, as usual, everyone wants them, but few know how to build them. In this talk we will offer our interpretation of microservice architecture, and show how we are implementing these ideas: using Scala, Akka, sbt and Docker, we modularized Akka applications, Spark jobs and Play servers. In the talk we will discuss design trade-offs and challenges that we faced in the process, and how we have overcome them. The focus is not on particular features of Scala language or a library, but on building modern applications using the Typesafe stack and other open-source tools.

Load Balancing in the Cloud using Nginx & Kubernetes

Lee Calcote

Using NGINX and NGINX Plus as a Kubernetes Ingress

Kevin Jones

NGINX Kubernetes Ingress Controller: Getting Started – EMEA

Aine Long

This webinar gets you started using the Kubernetes Ingress controllers for NGINX & NGINX Plus to load balance, route, and secure Kubernetes applications Join this webinar to learn: - The benefits of using Kubernetes and why it's become the de facto container scheduler - About the Kubernetes Ingress resource and Ingress controllers - How to use NGINX and NGINX Plus Ingress controllers to load balance, route traffic to, and secure applications on Kubernetes - How to monitor the NGINX Plus Ingress controller with Prometheus

MRA AMA Part 10: Kubernetes and the Microservices Reference Architecture

NGINX, Inc.

On Demand Link - https://www.nginx.com/resources/webinars/mra-ama-part-10-kubernetes-and-the-microservices-reference-architecture/ The NGINX Microservices Reference Architecture (MRA) has been a major contributor to the discussion of microservices architectures. Kubernetes has now emerged as the leading container orchestration platform, and NGINX has developed the NGINX Kubernetes Ingress controller. In this webinar, we describe and demonstrate how to use NGINX Open Source and NGINX Plus with Kubernetes and the NGINX Kubernetes Ingress controller. We relate the use of NGINX tools and Kubernetes to the MRA’s Proxy Model, Router Mesh Model, and the Fabric Model. We also briefly compare these to full-service mesh implementations such as Istio.

Api observability

Red Hat

What's hot

Serverless architecture: introduction & first steps

The Software House

Analyzing NGINX Logs with Datadog

NGINX, Inc.

Kubernetes + netflix oss

Cristiano Altmann

Mastering Microservices with Kong (DevoxxUK 2019)

Maarten Mulders

Kong

Troublemaker Khunpech

Envoy, Wasm and Rust - the Mighty Trio

Anton Weiss

Greyhound - Powerful Functional Kafka Library - Devtalks reimagined

Natan Silnitsky

HAProxyConf 2019: Building a Service Mesh at Criteo with Consul and HAProxy

Pierre Souchay

Dev309 from asgard to zuul - netflix oss-final

Ruslan Meshenberg

Greyhound - Powerful Pure Functional Kafka Library

Natan Silnitsky

Java Microservices with Netflix OSS & Spring

Conor Svensson

Exactly Once Delivery with Kafka - Kafka Tel-Aviv Meetup

Natan Silnitsky

Introducing the Microservices Reference Architecture Version 1.2

NGINX, Inc.

Using an API Gateway for Microservices

NGINX, Inc.

Scaling and Orchestrating Microservices with OSGi - N Bartlett

mfrancis

Microservices and Container Management with NGINX Plus and Mesosphere DC/OS

NGINX, Inc.

Building Micro-Services with Scala

Yardena Meymann

Load Balancing in the Cloud using Nginx & Kubernetes

Lee Calcote

Using NGINX and NGINX Plus as a Kubernetes Ingress

Kevin Jones

NGINX Kubernetes Ingress Controller: Getting Started – EMEA

Aine Long

What's hot (20)

Serverless architecture: introduction & first steps

Analyzing NGINX Logs with Datadog

Kubernetes + netflix oss

Mastering Microservices with Kong (DevoxxUK 2019)

Kong

Envoy, Wasm and Rust - the Mighty Trio

Greyhound - Powerful Functional Kafka Library - Devtalks reimagined

HAProxyConf 2019: Building a Service Mesh at Criteo with Consul and HAProxy

Dev309 from asgard to zuul - netflix oss-final

Greyhound - Powerful Pure Functional Kafka Library

Java Microservices with Netflix OSS & Spring

Exactly Once Delivery with Kafka - Kafka Tel-Aviv Meetup

Introducing the Microservices Reference Architecture Version 1.2

Using an API Gateway for Microservices

Scaling and Orchestrating Microservices with OSGi - N Bartlett

Microservices and Container Management with NGINX Plus and Mesosphere DC/OS

Building Micro-Services with Scala

Load Balancing in the Cloud using Nginx & Kubernetes

Using NGINX and NGINX Plus as a Kubernetes Ingress

NGINX Kubernetes Ingress Controller: Getting Started – EMEA

Similar to Building a Service Mesh with Envoy (Kubecon May 2018)

MRA AMA Part 10: Kubernetes and the Microservices Reference Architecture

NGINX, Inc.

Api observability

Red Hat

Microservice 4.0 Journey - From Spring NetFlix OSS to Istio Service Mesh and ...

Daniel Oh

The what, why and how of knative

Mofizur Rahman

Introduction to Istio Service Mesh

Georgios Andrianakis

2017 Microservices Practitioner Virtual Summit: Microservices at Squarespace ...

Ambassador Labs

This talk covers the past, present, and future of Microservices at Squarespace. We begin with our journey to microservices, and describe the platform that made this possible. We introduce our idea of the “Pillars of Microservices”, everything a developer needs to have a successful production service. For each pillar we describe why we think it is important and discuss the implementation and how we utilize it in our environment. Next, we look to the future evolution of our microservices environment including how we are using containerization and Kubernetes to overcome some of the problems we’ve faced with more static infrastructure.

Microservices with NGINX pdf

Katherine Bagood

Techorama 2014 - Azure API management and Service Virtualization

Sam Vanhoutte

20170209 dev day-websites_vs_cloudservices_vsservicefabric_scenarios

Ricardo González

NGINX Lunch and Learn Event: Kubernetes and the NGINX Plus Ingress controller

Katherine Bagood

Microservices: State of the Union

C4Media

Video and slides synchronized, mp3 and slide download available at URL http://bit.ly/29ZQmIx. Adrian Cockcroft discusses success/failure stories of adopting microservices, overviews what’s next with microservices and presents some of the techniques that have led to successful deployments. Filmed at qconnewyork.com. Adrian Cockcroft works at Battery where he advises the firm and its portfolio companies about technology issues and also assists with deal sourcing and due diligence. He was a founding member of eBay Research Labs, developing advanced mobile applications and even building his own homebrew phone, years before iPhone and Android launched.

Monolithic to Microservices Migration Journey of iyzico with Spring Cloud

Mustafa Can Tekir

Monolithic to microservices migration journey with spring cloud

zeynelkocak

Bridging Microservices, APIs and Integration

Kasun Indrasiri

Reference architectures shows a microservices deployed to Kubernetes

Rakesh Gujjarlapudi

Agile Integration Workshop

Judy Breedlove

[Workshop] API Management in Microservices Architecture

WSO2

[WSO2 Summit Americas 2020] Creating Smart Endpoints Using Integration Micros...

WSO2

As microservices-based applications are inherently distributed, the integration of microservices is becoming one of the hardest things when realizing microservices architecture. Rather than using a conventional centralized ESB for integrating services, microservices are integrated based on the smart-endpoints terminology, where all the smarts live at the endpoints while they are interconnected via a lightweight messaging infrastructure. These smart endpoints are often built as integration microservices on top of cloud-native integration technologies. In this deck, Kasun will explore some key integration patterns for building integration microservices.

DEVNET-1184 Microservices Patterns

Cisco DevNet

The Microservices approach is a new way of building composable, cloud-native applications. This session is designed for developers who are transforming existing applications to Microservices, or creating new Microservices style applications. The session will cover best practices, patterns including Service Registration and Discovery, and key development tools required for building distributed Microservices style applications. The session will also cover best practices for automating the operations of these applications, using container orchestration services.

All About Microservices and OpenSource Microservice Frameworks

Mohammad Asif Siddiqui

Similar to Building a Service Mesh with Envoy (Kubecon May 2018) (20)

MRA AMA Part 10: Kubernetes and the Microservices Reference Architecture

Api observability

Microservice 4.0 Journey - From Spring NetFlix OSS to Istio Service Mesh and ...

The what, why and how of knative

Introduction to Istio Service Mesh

2017 Microservices Practitioner Virtual Summit: Microservices at Squarespace ...

Microservices with NGINX pdf

Techorama 2014 - Azure API management and Service Virtualization

20170209 dev day-websites_vs_cloudservices_vsservicefabric_scenarios

NGINX Lunch and Learn Event: Kubernetes and the NGINX Plus Ingress controller

Microservices: State of the Union

Monolithic to Microservices Migration Journey of iyzico with Spring Cloud

Monolithic to microservices migration journey with spring cloud

Bridging Microservices, APIs and Integration

Reference architectures shows a microservices deployed to Kubernetes

Agile Integration Workshop

[Workshop] API Management in Microservices Architecture

[WSO2 Summit Americas 2020] Creating Smart Endpoints Using Integration Micros...

DEVNET-1184 Microservices Patterns

All About Microservices and OpenSource Microservice Frameworks

Recently uploaded

FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf

FIDO Alliance

Leading Change strategies and insights for effective change management pdf 1.pdf

OnBoard

GraphRAG is All You need? LLM & Knowledge Graph

Guy Korland

Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs. 1. Unifying Large Language Models and Knowledge Graphs: A Roadmap. https://arxiv.org/abs/2306.08302 2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs: https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/

Le nuove frontiere dell'AI nell'RPA con UiPath Autopilot™

UiPathCommunity

In questo evento online gratuito, organizzato dalla Community Italiana di UiPath, potrai esplorare le nuove funzionalità di Autopilot, il tool che integra l'Intelligenza Artificiale nei processi di sviluppo e utilizzo delle Automazioni. 📕 Vedremo insieme alcuni esempi dell'utilizzo di Autopilot in diversi tool della Suite UiPath: Autopilot per Studio Web Autopilot per Studio Autopilot per Apps Clipboard AI GenAI applicata alla Document Understanding 👨‍🏫👨‍💻 Speakers: Stefano Negro, UiPath MVPx3, RPA Tech Lead @ BSP Consultant Flavio Martinelli, UiPath MVP 2023, Technical Account Manager @UiPath Andrei Tasca, RPA Solutions Team Lead @NTT Data

Transcript: Selling digital books in 2024: Insights from industry leaders - T...

BookNet Canada

The publishing industry has been selling digital audiobooks and ebooks for over a decade and has found its groove. What’s changed? What has stayed the same? Where do we go from here? Join a group of leading sales peers from across the industry for a conversation about the lessons learned since the popularization of digital books, best practices, digital book supply chain management, and more. Link to video recording: https://bnctechforum.ca/sessions/selling-digital-books-in-2024-insights-from-industry-leaders/ Presented by BookNet Canada on May 28, 2024, with support from the Department of Canadian Heritage.

Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf

Paige Cruz

Monitoring and observability aren’t traditionally found in software curriculums and many of us cobble this knowledge together from whatever vendor or ecosystem we were first introduced to and whatever is a part of your current company’s observability stack. While the dev and ops silo continues to crumble….many organizations still relegate monitoring & observability as the purview of ops, infra and SRE teams. This is a mistake - achieving a highly observable system requires collaboration up and down the stack. I, a former op, would like to extend an invitation to all application developers to join the observability party will share these foundational concepts to build on:

FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf

FIDO Alliance

Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...

UiPathCommunity

💥 Speed, accuracy, and scaling – discover the superpowers of GenAI in action with UiPath Document Understanding and Communications Mining™: See how to accelerate model training and optimize model performance with active learning Learn about the latest enhancements to out-of-the-box document processing – with little to no training required Get an exclusive demo of the new family of UiPath LLMs – GenAI models specialized for processing different types of documents and messages This is a hands-on session specifically designed for automation developers and AI enthusiasts seeking to enhance their knowledge in leveraging the latest intelligent document processing capabilities offered by UiPath. Speakers: 👨‍🏫 Andras Palfi, Senior Product Manager, UiPath 👩‍🏫 Lenka Dulovicova, Product Program Manager, UiPath

Introduction to CHERI technology - Cybersecurity

mikeeftimakis1

Epistemic Interaction - tuning interfaces to provide information for AI support

Alan Dix

Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024 https://alandix.com/academic/papers/synergy2024-epistemic/ As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.

PHP Frameworks: I want to break free (IPC Berlin 2024)

Ralf Eggert

In this presentation, we examine the challenges and limitations of relying too heavily on PHP frameworks in web development. We discuss the history of PHP and its frameworks to understand how this dependence has evolved. The focus will be on providing concrete tips and strategies to reduce reliance on these frameworks, based on real-world examples and practical considerations. The goal is to equip developers with the skills and knowledge to create more flexible and future-proof web applications. We'll explore the importance of maintaining autonomy in a rapidly changing tech landscape and how to make informed decisions in PHP development. This talk is aimed at encouraging a more independent approach to using PHP frameworks, moving towards a more flexible and future-proof approach to PHP development.

FIDO Alliance Osaka Seminar: Overview.pdf

FIDO Alliance

De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...

Product School

Monitoring Java Application Security with JDK Tools and JFR Events

Ana-Maria Mihalceanu

Encryption in Microsoft 365 - ExpertsLive Netherlands 2024

Albert Hoitingh

PCI PIN Basics Webinar from the Controlcase Team

ControlCase

Accelerate your Kubernetes clusters with Varnish Caching

Thijs Feryn

The Future of Platform Engineering

Jemma Hussein Allen

Secstrike : Reverse Engineering & Pwnable tools for CTF.pptx

nkrafacyberclub

Key Trends Shaping the Future of Infrastructure.pdf

Cheryl Hung

Recently uploaded (20)

FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf

Leading Change strategies and insights for effective change management pdf 1.pdf

GraphRAG is All You need? LLM & Knowledge Graph

Le nuove frontiere dell'AI nell'RPA con UiPath Autopilot™

Transcript: Selling digital books in 2024: Insights from industry leaders - T...

Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf

FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf

Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...

Introduction to CHERI technology - Cybersecurity

Epistemic Interaction - tuning interfaces to provide information for AI support

PHP Frameworks: I want to break free (IPC Berlin 2024)

FIDO Alliance Osaka Seminar: Overview.pdf

De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...

Monitoring Java Application Security with JDK Tools and JFR Events

Encryption in Microsoft 365 - ExpertsLive Netherlands 2024

PCI PIN Basics Webinar from the Controlcase Team

Accelerate your Kubernetes clusters with Varnish Caching

The Future of Platform Engineering

Secstrike : Reverse Engineering & Pwnable tools for CTF.pptx

Key Trends Shaping the Future of Infrastructure.pdf

Building a Service Mesh with Envoy (Kubecon May 2018)

1. Building a Service Mesh with Envoy Doug Jones djones@squarespace.com @dougfjones

2. Microservices: A Story of Growth Monolith Background Jobs DBQueue 2013: <50 engineers ● “Whatever works” ● Build product ● Grow fast

3. Microservices: A Story of Growth 2014: ~75 engineers ● “Whatever works” ● Too much firefighting ● Not enough new features ● Inflexible monolith architecture Monolith Background Jobs DBQueue

4. Microservices: A Story of Growth Monolith Background Jobs DBQueue 2016: 100+ engineers ● Microservices ● Scalable + Reliable ● Developers can move faster ● Squarespace can move faster

5. Microservices: A Story of Growth Monolith Background Jobs DBQueue 2017: 200+ engineers ● Even More Microservices ● Independent, full stack teams ● Self Service Infra with Kubernetes ● Desire flexible, reliable infra ● Desire better tooling

6. Microservices at Squarespace ● Building started late 2014 ● Java API Servers ● Virtual Machines ● Consul Service Discovery ● Service client based on Netflix OSS (Hystrix, Ribbon, RxNetty) ● Now in progress: migrating from VMs to Kubernetes Microservices Platform

7. Consul Use Case Consul Service A Service B Client Lib Service B Request Service Instances Load Balance Announce Presence

8. DC 2DC 1 Consul Cross DC Consul Service A Service B Service B Consul Service C Service D Service D Cross DC Gossip

9. Service Mesh ● Service client functionality moves to its own process (sidecar) ○ No longer trapped in a library ● This process can be configured and updated independently of the application it serves ● Advanced operational control through APIs ● Improved observability ● Opens the door to better support for service development in multiple programming languages Why Service Mesh?

10. Service Mesh ● Envoy proxy ○ Co-located with each service instance (sidecar) ○ Proxies ingress and egress traffic ● Dynamic configuration API ○ Provide service discovery information ○ Change routing table and circuit breaker configuration ○ Big upgrade in our capability as operators Service Mesh with Envoy

11. Pod Envoy and Consul Consul Service A Service B Service BLoad Balance Announce PresenceEnvoy Mesh Discovery Streaming Updates (v2 API)

12. Envoy V2 xDS Proto ConsulEnvoy Mesh Discovery Cluster Discovery (CDS) Catalog List Services

13. Envoy V2 xDS Proto ConsulEnvoy Mesh Discovery [“Service A”, “Service B”] VersionInfo: 123 [“Service A”, “Service B”] Index: 123

14. Envoy V2 xDS Proto ConsulEnvoy Mesh Discovery Catalog List Services Newer than Index: 123 Poll Consul

15. Envoy V2 xDS Proto ConsulEnvoy Mesh Discovery [..., “Service C”] Index: 456 [..., “Service C”] VersionInfo: 456 Push Update

16. Envoy xDS Proto ● EDS -> Consul health endpoint list Nodes for Service ○ Uses same Consul index to version mapping ○ Background polling for updates ● RDS ○ Simple HTTP routing rule matching header value to cluster name Other xDS Requests

17. Observability

18. Future ● Build orchestration features into our new discovery system ○ Harness xDS to push updates that make traffic routing changes ● APIs to abstract common service mesh operations ● Dashboard for operators Future Work

19. Thank You! squarespace.com/careers Doug Jones djones@squarespace.com @dougfjones

Building a Service Mesh with Envoy (Kubecon May 2018)

Recommended

Recommended

More Related Content

What's hot

What's hot (20)

Similar to Building a Service Mesh with Envoy (Kubecon May 2018)

Similar to Building a Service Mesh with Envoy (Kubecon May 2018) (20)

Recently uploaded

Recently uploaded (20)

Building a Service Mesh with Envoy (Kubecon May 2018)