Learn the differences between Envoy, Istio, Conduit, Linkerd and other service meshes and their components. Watch the recording including demo at: https://info.mirantis.com/service-mesh-webinar
Service meshes are relatively new, extremely powerful and can be complex. There’s a lot of information out there on what a service mesh is and what it can do, but it’s a lot to sort through. Sometimes, it’s helpful to have a guide. If you’ve been asking questions like “What is a service mesh?” “Why would I use one?” “What benefits can it provide?” or “How did people even come up with the idea for service mesh?” then The Complete Guide to Service Mesh is for you.
The concept of service mesh is one of the new technologies that have grown up around the container and micro-service model over the last couple of years, and Istio is the latest entry into this space. As Istio was recently included as an incubated project in the CNCF, many companies are now looking to it to provide a set of key functions to accelerate their micro-service application management model. Istio enables bi-directional authentication and security of service communication via TLS based authentication and encryption, and at the same time is able to capture application level communication statistics, improving the application development team's visibility into the otherwise difficult to track communication patterns. In this way, Istio acts like an application level network, riding across the underlying capabilities of Kubernetes CNI based networks and network policy. We will implement Istio on a GKE kubernetes cluster, and instrument a simple application to get better insight into how Istio provides its capabilities.
Speaker Bio:
With over 20 years of experience as a systems reliability engineer, and a focus on automating not only application deployments but the underlying infrastructure as well, Robert Starmer brings a wealth of knowledge to the full application enablement stack. He has applied this knowledge in fields from high-performance computing to high-frequency trading environments, and everything in between. Robert also holds patents in network, data center, and application performance and scale enhancements. He is a Founder and the CTO at Kumulus Technologies, a DevOps, Systems Reliability Engineering and cloud computing consultancy. Additionally, Robert is an incurable photography nerd and has been known to stay up until dawn in remote locations to capture celestial time-lapses.
Presentation in IBM Cloud Meet-up of Toronto
https://www.meetup.com/IBM-Cloud-Toronto/events/253903913/?_xtd=gatlbWFpbF9jbGlja9oAJGU3NmM3ZjdmLWE2NzgtNGVlNC1iNGZiLTBlZGE5ZWM0NDZjOQ
A brief overview of the significance of API Gateways in microservices architecture by providing Kong as an example.
Slide 2: Monolith Vs Microservices
Monolith:
Pros-
Simple to implement
Less integration test - easy to test
Easy to ship
Fast development
Cons-
Violates Open-Close principle
Nightmare when it comes to managing the code
Difficult to enhance
Bigger artifacts
Hard to replace individual components like DB, Logger etc.
Microservices-
Pros-
Easy to manage
One reason to change
Dynamic scaling
Single responsibility
Cons-
Multiple points of failure
Hard to test - rich integration tests required
Heterogeneity in infrastructure
Slide 3: API Gateway Pattern
It is microservices design pattern.
An API gateway is a service which is the entry point into the application from the outside world. It’s responsible for request routing, API composition, and other functions, such as authentication.
There are a lot of issues when client is talking to multiple components to get the job done. These include multiple proxies at client side, different logic to handle different calls, client needs to know the implementation details of server.
A much better approach is for a client to make a single request to what’s known as an API gateway. An API gateway is a service which is the single entry-point for API requests into an application. It’s similar to the Facade pattern from object-oriented design. Like a facade, an API gateway encapsulates the application’s internal architecture and provides an API to its clients. It might also have other responsibilities, such as authentication, monitoring, and rate limiting.
These are also termed as BFF - Backend For Frontend
Slide 4: API Gateway in Action
It acts as a “backend for the frontend”. The clients do not know which services they are talking to. They communicate with a single interface - API Gateway. The gateway resolves the client requests and distributes them to respective services.
Slide 7: Kong Architecture
Kong is a cloud-native, fast, scalable, and distributed Microservice Abstraction Layer (also known as an API Gateway, API Middleware or in some cases Service Mesh). Made available as an open-source project in 2015, its core values are high performance and extensibility.
Actively maintained, Kong is widely used in production at companies ranging from startups to Global 5000 as well as government organizations.
Service meshes are relatively new, extremely powerful and can be complex. There’s a lot of information out there on what a service mesh is and what it can do, but it’s a lot to sort through. Sometimes, it’s helpful to have a guide. If you’ve been asking questions like “What is a service mesh?” “Why would I use one?” “What benefits can it provide?” or “How did people even come up with the idea for service mesh?” then The Complete Guide to Service Mesh is for you.
The concept of service mesh is one of the new technologies that have grown up around the container and micro-service model over the last couple of years, and Istio is the latest entry into this space. As Istio was recently included as an incubated project in the CNCF, many companies are now looking to it to provide a set of key functions to accelerate their micro-service application management model. Istio enables bi-directional authentication and security of service communication via TLS based authentication and encryption, and at the same time is able to capture application level communication statistics, improving the application development team's visibility into the otherwise difficult to track communication patterns. In this way, Istio acts like an application level network, riding across the underlying capabilities of Kubernetes CNI based networks and network policy. We will implement Istio on a GKE kubernetes cluster, and instrument a simple application to get better insight into how Istio provides its capabilities.
Speaker Bio:
With over 20 years of experience as a systems reliability engineer, and a focus on automating not only application deployments but the underlying infrastructure as well, Robert Starmer brings a wealth of knowledge to the full application enablement stack. He has applied this knowledge in fields from high-performance computing to high-frequency trading environments, and everything in between. Robert also holds patents in network, data center, and application performance and scale enhancements. He is a Founder and the CTO at Kumulus Technologies, a DevOps, Systems Reliability Engineering and cloud computing consultancy. Additionally, Robert is an incurable photography nerd and has been known to stay up until dawn in remote locations to capture celestial time-lapses.
Presentation in IBM Cloud Meet-up of Toronto
https://www.meetup.com/IBM-Cloud-Toronto/events/253903913/?_xtd=gatlbWFpbF9jbGlja9oAJGU3NmM3ZjdmLWE2NzgtNGVlNC1iNGZiLTBlZGE5ZWM0NDZjOQ
A brief overview of the significance of API Gateways in microservices architecture by providing Kong as an example.
Slide 2: Monolith Vs Microservices
Monolith:
Pros-
Simple to implement
Less integration test - easy to test
Easy to ship
Fast development
Cons-
Violates Open-Close principle
Nightmare when it comes to managing the code
Difficult to enhance
Bigger artifacts
Hard to replace individual components like DB, Logger etc.
Microservices-
Pros-
Easy to manage
One reason to change
Dynamic scaling
Single responsibility
Cons-
Multiple points of failure
Hard to test - rich integration tests required
Heterogeneity in infrastructure
Slide 3: API Gateway Pattern
It is microservices design pattern.
An API gateway is a service which is the entry point into the application from the outside world. It’s responsible for request routing, API composition, and other functions, such as authentication.
There are a lot of issues when client is talking to multiple components to get the job done. These include multiple proxies at client side, different logic to handle different calls, client needs to know the implementation details of server.
A much better approach is for a client to make a single request to what’s known as an API gateway. An API gateway is a service which is the single entry-point for API requests into an application. It’s similar to the Facade pattern from object-oriented design. Like a facade, an API gateway encapsulates the application’s internal architecture and provides an API to its clients. It might also have other responsibilities, such as authentication, monitoring, and rate limiting.
These are also termed as BFF - Backend For Frontend
Slide 4: API Gateway in Action
It acts as a “backend for the frontend”. The clients do not know which services they are talking to. They communicate with a single interface - API Gateway. The gateway resolves the client requests and distributes them to respective services.
Slide 7: Kong Architecture
Kong is a cloud-native, fast, scalable, and distributed Microservice Abstraction Layer (also known as an API Gateway, API Middleware or in some cases Service Mesh). Made available as an open-source project in 2015, its core values are high performance and extensibility.
Actively maintained, Kong is widely used in production at companies ranging from startups to Global 5000 as well as government organizations.
Istio is a service mesh—a modernized service networking layer that provides a transparent and language-independent way to flexibly and easily automate application network functions. Istio is designed to run in a variety of environments: on-premise, cloud-hosted, in Kubernetes containers.
Microservices, Kubernetes and Istio - A Great Fit!Animesh Singh
Microservices and containers are now influencing application design and deployment patterns. Sixty percent of all new applications will use cloud-enabled continuous delivery microservice architectures and containers. Service discovery, registration, and routing are fundamental tenets of microservices. Kubernetes provides a platform for running microservices. Kubernetes can be used to automate the deployment of Microservices and leverage features such as Kube-DNS, Config Maps, and Ingress service for managing those microservices. This configuration works fine for deployments up to a certain size. However, with complex deployments consisting of a large fleet of microservices, additional features are required to augment Kubernetes.
CSI – IT2020, IIT Mumbai, October 6th 2017
Computer Society of India, Mumbai Chapter
The presentation focuses on Microservices architecture and the comparison between MicroService with Standard Monolithic Apps and SOA based Apps. It also gives a quick outline of Domain Driven Design, Event Sourcing and CQRS, Functional Reactive Programming and comparison of SAGA pattern with 2 Phase Commit.
http://www.csimumbai.org/it2020-17/index.html
Cloud Native Bern 05.2023 — Zero Trust VisibilityRaphaël PINSON
As the adoption of Kubernetes continues to grow, so does the need for securing containerized applications and their data. One effective security model that has gained popularity is Zero Trust Networking, which assumes that all resources, devices and users are untrusted, and access to resources is granted only after proper authentication and authorization. However, implementing Zero Trust Networking in Kubernetes can be challenging, given the dynamic nature of containerized workloads and the complexity of network policies.
In this presentation, we will explore how to implement Zero Trust Networking in Kubernetes using Cilium, Hubble & Grafana. We will start by setting up Cilium on a Kubernetes cluster, which provides network security by enforcing identity-based access control policies using eBPF. Next, we will export Network Policy Verdict metrics using Hubble, which allows us to visualize network policies and track security events in real-time. Finally, we will use a Grafana dashboard to visualize these metrics and demonstrate how to secure a Kubernetes namespace without affecting existing traffic in the namespace.
By the end of this presentation, attendees will have a good understanding of the importance of Zero Trust Networking in Kubernetes and how to implement it using Cilium, Hubble & Grafana. They will also learn how to secure a Kubernetes namespace and monitor network policies using a Grafana dashboard.
Kubernetes Introduction. The concepts you need to understand to effectively develop and run applications in a Kubernetes environment. Focusing primarily on application developers, but it also provides an overview of managing applications from the operational perspective. It’s meant for anyone interested in running and managing containerized applications on more than just a single server.
SCS 4120 - Software Engineering IV
BACHELOR OF SCIENCE HONOURS IN COMPUTER SCIENCE
BACHELOR OF SCIENCE HONOURS IN SOFTWARE ENGINEERING
All in One Place Lecture Notes
Distribution Among Friends Only
All copyrights belong to their respective owners
Viraj Brian Wijesuriya
vbw@ucsc.cmb.ac.lk
The presentation from our online webinar "Design patterns for microservice architecture".
Full video from webinar available here: https://www.youtube.com/watch?v=826aAmG06KM
If you’re a CTO or a Lead Developer and you’re planning to design service-oriented architecture, it’s definitely a webinar tailored to your needs. Adrian Zmenda, our Lead Dev, will explain:
- when microservice architecture is a safe bet and what are some good alternatives
- what are the pros and cons of the most popular design patterns (API Gateway, Backend for Frontend and more)
- how to ensure that the communication between services is done right and what to do in case of connection issues
- why we’ve decided to use a monorepo (monolithic repository)
- what we’ve learned from using the remote procedure call framework gRPC
- how to monitor the efficiency of individual services and whole SOA-based systems.
Kevin Huang: AWS San Francisco Startup Day, 9/7/17
Architecture: When, how, and if to adopt microservices - Microservices are not for everyone! If you're a small shop, a monolith provides a great amount of value and reduces the complexities involved. However as your company grows, this monolith becomes more difficult to maintain. We’ll look at how microservices allow you to easily deploy and debug atomic pieces of infrastructure which allows for increased velocity in reliable, tested, and consistent deploys. We’ll look into key metrics you can use to identify the right time to begin the transition from monolith to microservices.
[APIdays Paris 2019] API Management in Service Mesh Using Istio and WSO2 API ...WSO2
Stefano discusses how to augment service mesh functionality with API management capabilities, so you can create an end-to-end solution for your entire business functionality — from microservices, to APIs, to end-user applications.
Istio is a service mesh—a modernized service networking layer that provides a transparent and language-independent way to flexibly and easily automate application network functions. Istio is designed to run in a variety of environments: on-premise, cloud-hosted, in Kubernetes containers.
Microservices, Kubernetes and Istio - A Great Fit!Animesh Singh
Microservices and containers are now influencing application design and deployment patterns. Sixty percent of all new applications will use cloud-enabled continuous delivery microservice architectures and containers. Service discovery, registration, and routing are fundamental tenets of microservices. Kubernetes provides a platform for running microservices. Kubernetes can be used to automate the deployment of Microservices and leverage features such as Kube-DNS, Config Maps, and Ingress service for managing those microservices. This configuration works fine for deployments up to a certain size. However, with complex deployments consisting of a large fleet of microservices, additional features are required to augment Kubernetes.
CSI – IT2020, IIT Mumbai, October 6th 2017
Computer Society of India, Mumbai Chapter
The presentation focuses on Microservices architecture and the comparison between MicroService with Standard Monolithic Apps and SOA based Apps. It also gives a quick outline of Domain Driven Design, Event Sourcing and CQRS, Functional Reactive Programming and comparison of SAGA pattern with 2 Phase Commit.
http://www.csimumbai.org/it2020-17/index.html
Cloud Native Bern 05.2023 — Zero Trust VisibilityRaphaël PINSON
As the adoption of Kubernetes continues to grow, so does the need for securing containerized applications and their data. One effective security model that has gained popularity is Zero Trust Networking, which assumes that all resources, devices and users are untrusted, and access to resources is granted only after proper authentication and authorization. However, implementing Zero Trust Networking in Kubernetes can be challenging, given the dynamic nature of containerized workloads and the complexity of network policies.
In this presentation, we will explore how to implement Zero Trust Networking in Kubernetes using Cilium, Hubble & Grafana. We will start by setting up Cilium on a Kubernetes cluster, which provides network security by enforcing identity-based access control policies using eBPF. Next, we will export Network Policy Verdict metrics using Hubble, which allows us to visualize network policies and track security events in real-time. Finally, we will use a Grafana dashboard to visualize these metrics and demonstrate how to secure a Kubernetes namespace without affecting existing traffic in the namespace.
By the end of this presentation, attendees will have a good understanding of the importance of Zero Trust Networking in Kubernetes and how to implement it using Cilium, Hubble & Grafana. They will also learn how to secure a Kubernetes namespace and monitor network policies using a Grafana dashboard.
Kubernetes Introduction. The concepts you need to understand to effectively develop and run applications in a Kubernetes environment. Focusing primarily on application developers, but it also provides an overview of managing applications from the operational perspective. It’s meant for anyone interested in running and managing containerized applications on more than just a single server.
SCS 4120 - Software Engineering IV
BACHELOR OF SCIENCE HONOURS IN COMPUTER SCIENCE
BACHELOR OF SCIENCE HONOURS IN SOFTWARE ENGINEERING
All in One Place Lecture Notes
Distribution Among Friends Only
All copyrights belong to their respective owners
Viraj Brian Wijesuriya
vbw@ucsc.cmb.ac.lk
The presentation from our online webinar "Design patterns for microservice architecture".
Full video from webinar available here: https://www.youtube.com/watch?v=826aAmG06KM
If you’re a CTO or a Lead Developer and you’re planning to design service-oriented architecture, it’s definitely a webinar tailored to your needs. Adrian Zmenda, our Lead Dev, will explain:
- when microservice architecture is a safe bet and what are some good alternatives
- what are the pros and cons of the most popular design patterns (API Gateway, Backend for Frontend and more)
- how to ensure that the communication between services is done right and what to do in case of connection issues
- why we’ve decided to use a monorepo (monolithic repository)
- what we’ve learned from using the remote procedure call framework gRPC
- how to monitor the efficiency of individual services and whole SOA-based systems.
Kevin Huang: AWS San Francisco Startup Day, 9/7/17
Architecture: When, how, and if to adopt microservices - Microservices are not for everyone! If you're a small shop, a monolith provides a great amount of value and reduces the complexities involved. However as your company grows, this monolith becomes more difficult to maintain. We’ll look at how microservices allow you to easily deploy and debug atomic pieces of infrastructure which allows for increased velocity in reliable, tested, and consistent deploys. We’ll look into key metrics you can use to identify the right time to begin the transition from monolith to microservices.
[APIdays Paris 2019] API Management in Service Mesh Using Istio and WSO2 API ...WSO2
Stefano discusses how to augment service mesh functionality with API management capabilities, so you can create an end-to-end solution for your entire business functionality — from microservices, to APIs, to end-user applications.
The NECOS project addresses the limitations of current cloud computing infrastructures to respond to the demand of new services, as presented in two use-cases, that will drive the whole execution of the project.
The NECOS platform will be based on state of the art open software platforms, which will be carefully selected, rather than start from scratch. This baseline platform will be enhanced with the management and orchestration algorithms and the APIs that will constitute the research activity of the project. Finally, the NECOS platform will be validated, in the context of the two proposed use cases, using the 5TONIC and FIBRE testing frameworks.
Open Source Networking Days- Service MeshCloudOps2005
At the Linux Foundation's 2018 Open Source Networking Days, Syed Ahmed compared service mesh options (Istio, Linkerd, and Consul Connect) and spoke about how they diverge from many complications traditionally found in monolithic applications.
WSO2Con ASIA 2016: Understanding Microservice ArchitectureWSO2
Today many organizations are leveraging microservice architecture (MSA), which is becoming increasingly popular because of its many potential advantages. MSA itself is divided into two areas – inner and outer architectures – which require separate attention. Moreover, MSA requires a certain level of developer and devops experience too. This talk will be an awareness session about MSA and will also discuss WSO2′s strategic initiatives in both the platform level and WSO2 MSF4J framework level.
Slides from the October 2016 meetup presentation of the Massachusetts Microservices Meetup group.
Kenzan
Twitter: @kenzanmedia
Linkedin: www.linkedin.com/company/kenzan-media
Blog: techblog.kenzan.com
Facebook: www.facebook.com/kenzanmedia/
Speaker:
Owen Garrett
Sr. Director, Product Management
NGINX, Inc.
On-Deman Link: https://www.nginx.com/resources/webinars/need-service-mesh/
About the webinar:
Service mesh is one of the hottest emerging technologies. Even though it’s a nascent technology, many vendors have already released their implementation. But do you really need a service mesh?
Attend this webinar to learn about the levels of maturity on the journey to modernizing your apps using microservices, and the traffic management approaches best suited to each level. We’ll help you figure out if you really need a service mesh.
Fundamental and Practice.
Explain about microservices characters and pattern. And also how to be good build microservices. And also additional the scale cube and CAP theory.
Microservices design principles establish some standard practices for planning, developing, and implementing a distributed architecture for your application. Read about some of the most common characteristics of design principles, its examples, and implementations carried out by various companies worldwide.
Building Cloud-Native App Series - Part 5 of 11
Microservices Architecture Series
Microservices Architecture,
Monolith Migration Patterns
- Strangler Fig
- Change Data Capture
- Split Table
Infrastructure Design Patterns
- API Gateway
- Service Discovery
- Load Balancer
Similar to Comparison of Current Service Mesh Architectures (20)
How to Accelerate Your Application Delivery Process on Top of Kubernetes Usin...Mirantis
Learn how to ease the burden of Kubernetes operational challenges with DevOpsCare, powered by Lens. Get seamless visibility into monitoring, managing and security your cloud native apps. Automate in CI/CD and find out policy-based best practices so developers can go back to building applications.
Are you worried about granting too much access to resources on your Kubernetes cluster? With the extensible framework of Kubernetes, there is scarcely a day without a new tool popping up. In order to ensure the tools, users, and applications have appropriate security policies, a streamlined onboarding process is required.
Using Kubernetes to make cellular data plans cheaper for 50M usersMirantis
Use case of Kubernetes based NFV infrastructure used in production to run an open source evolved packet core. Presented by Facebook Connectivity and Mirantis at KubeCon + CloudNativeCon Europe 2020.
Slides from webinar by Mirantis about how to build a basic edge cloud using surveillance cameras. Watch the webinar recording at: https://bit.ly/mirantis-edge-cloud
OpenStack and the IoT: Where we are, where we're going, what we need to get t...Mirantis
OpenStack Austin discussion from Spring, 2016, with Sean Collins, Niki Acosta, Nick Chase, Xiaoping Chen, Alexander Adamov discussing issues such as security, architecture, and other technical and social issues.
Boris Renski: OpenStack Summit Keynote Austin 2016Mirantis
We tend to split the cloud world today into just two paradigms - public and private. Public works. Private doesn’t…. Or so says Gartner. Let’s compare side by side.
Digital Disciplines: Attaining Market Leadership through the CloudMirantis
Keynote by Joe Weinman, author of Cloudonomics and Digital Disciplines, at OpenStack Silicon Valley 2015.
Joe wraps the event by delineating four generic strategies used by leading tech companies and traditional blue chips to leverage a variety of information technologies: information excellence, i.e., better processes; solution leadership, i.e., cloud-connected smart, digital products and services; collective intimacy, i.e., big-data-based algorithms to enhance customer relationships; and accelerated innovation through open source, challenges, and innovation networks.
Decomposing Lithium's Monolith with Kubernetes and OpenStackMirantis
Keynote by Lachlan Evenson, Team Lead of Cloud Platform Engineering at Lithium Technologies, at OpenStack Silicon Valley 2015.
Application developers are rapidly moving to container-based models for dynamic service delivery and efficient cluster management. In this session, we will discuss a OpenStack production environment that is rapidly evolving to leverage a hybrid cloud platform to deliver containerized micro services in a SaaS Development/Continuous Integration environment. Kubernetes is being used to simplify and automate the service delivery model across the public/private (OpenStack, AWS, GCE) environments and is being introduced in a way that eliminates extra overhead and engineering effort. Lithium is actively contributing to key open source upstream projects and working closely with its engineering/development teams to optimize software efficiency with an elastic cloud architecture that delivers on the benefits of cloud automation.
OpenStack: Changing the Face of Service DeliveryMirantis
Keynote by Lew Tucker, VP and CTO of Cloud Computing at Cisco, at OpenStack Silicon Valley 2015.
As more companies move to software-driven infrastructures, OpenStack opens up new possibilities for traditional network service providers, media production, and content providers. Micro-services, and carrier-grade service delivery become the new watchwords for those companies looking to disrupt traditional players with virtualized services running on OpenStack.
Keynote by Diane Bryant, SVP and GM of the Data Center Group at Intel, at OpenStack Silicon Valley 2015.
Cloud computing provides tremendous agility and efficiency to organizations are the driver of the digital service economy. In her keynote, Diane Bryant will discuss how Intel was an early leader in adoption of cloud computing under her tenure as CIO and how this experience has shaped broader strategy to deliver tens of thousands of new clouds across the enterprise with Intel’s new Cloud for All Initiative. Attendees can expect to learn about OpenStack’s critical role in shaping the future of the enterprise data center and learn more about key industry efforts to drive enterprise readiness to the OpenStack platform.
Containers for the Enterprise: It's Not That SimpleMirantis
Keynote by Alex Polvi, CEO of CoreOS, at OpenStack Silicon Valley 2015.
Containers are rapidly finding their way into enterprise data centers. But enterprises like to consume complete products. How do technologies like containers make their way from hyperscale ubiquity to enterprise nirvana? Alex offers some clues.
Protecting Yourself from the Container ShakeoutMirantis
Keynote by Boris Renski, Co-Founder and CMO of Mirantis, and Lachlan Evenson, Team Lead of Cloud Platform Engineering at Lithium Technologies, at OpenStack Silicon Valley 2015.
The Docker-fueled container craze is much less of a threat to VMs or OpenStack than it is to PaaS vendors. The story of “do it the way Google does it” is proving just as tough to monetize with enterprises as commodity cloud was. Boris will talk about OpenStack as a “safe harbor” from the coming container shakeout, leveraging the project’s maturity as a place to try various container strategies until the winner emerges.
Lachlan Evenson of Lithium will join Boris to share how Lithium deployed Kubernetes on OpenStack.
Keynote by James Staten, Chief Strategist of the Cloud + Enterprise division of Microsoft, at OpenStack Silicon Valley 2015.
Clinton campaign manager James Carville reminded his team often that driving change came through winning the hearts and minds of the people and where government affects them the most: “It’s the economy, stupid.” In helping enterprises make the shift to cloud, the biggest issue isn’t the technology but the process change organizations have to go through that determine success. In this session, James Staten, chief strategist for the Microsoft Cloud+Enterprise division, and former lead cloud analyst at Forrester Research will share his findings and recommendations for helping enterprise organizations, particularly IT Orgs, successfully navigate a change to the cloud.
Keynote by OpenStack Foundation Executive Director Jonathan Bryce at OpenStack Silicon Valley 2015.
Hundreds of companies are running millions of cores in production with OpenStack. The work continues, but the platform is mature. Now, the community is evolving OpenStack into a platform for innovation—a reliable environment in which to test, try and adopt new technologies as they prove themselves.
Amit Tank of DIRECTV will join Jonathan Bryce to discuss his organization's plans for using OpenStack as the one platform for integration of VMs, containers and emergent technologies down the road.
Transcript: Selling digital books in 2024: Insights from industry leaders - T...BookNet Canada
The publishing industry has been selling digital audiobooks and ebooks for over a decade and has found its groove. What’s changed? What has stayed the same? Where do we go from here? Join a group of leading sales peers from across the industry for a conversation about the lessons learned since the popularization of digital books, best practices, digital book supply chain management, and more.
Link to video recording: https://bnctechforum.ca/sessions/selling-digital-books-in-2024-insights-from-industry-leaders/
Presented by BookNet Canada on May 28, 2024, with support from the Department of Canadian Heritage.
UiPath Test Automation using UiPath Test Suite series, part 3DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 3. In this session, we will cover desktop automation along with UI automation.
Topics covered:
UI automation Introduction,
UI automation Sample
Desktop automation flow
Pradeep Chinnala, Senior Consultant Automation Developer @WonderBotz and UiPath MVP
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...UiPathCommunity
💥 Speed, accuracy, and scaling – discover the superpowers of GenAI in action with UiPath Document Understanding and Communications Mining™:
See how to accelerate model training and optimize model performance with active learning
Learn about the latest enhancements to out-of-the-box document processing – with little to no training required
Get an exclusive demo of the new family of UiPath LLMs – GenAI models specialized for processing different types of documents and messages
This is a hands-on session specifically designed for automation developers and AI enthusiasts seeking to enhance their knowledge in leveraging the latest intelligent document processing capabilities offered by UiPath.
Speakers:
👨🏫 Andras Palfi, Senior Product Manager, UiPath
👩🏫 Lenka Dulovicova, Product Program Manager, UiPath
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Jeffrey Haguewood
Sidekick Solutions uses Bonterra Impact Management (fka Social Solutions Apricot) and automation solutions to integrate data for business workflows.
We believe integration and automation are essential to user experience and the promise of efficient work through technology. Automation is the critical ingredient to realizing that full vision. We develop integration products and services for Bonterra Case Management software to support the deployment of automations for a variety of use cases.
This video focuses on the notifications, alerts, and approval requests using Slack for Bonterra Impact Management. The solutions covered in this webinar can also be deployed for Microsoft Teams.
Interested in deploying notification automations for Bonterra Impact Management? Contact us at sales@sidekicksolutionsllc.com to discuss next steps.
Search and Society: Reimagining Information Access for Radical FuturesBhaskar Mitra
The field of Information retrieval (IR) is currently undergoing a transformative shift, at least partly due to the emerging applications of generative AI to information access. In this talk, we will deliberate on the sociotechnical implications of generative AI for information access. We will argue that there is both a critical necessity and an exciting opportunity for the IR community to re-center our research agendas on societal needs while dismantling the artificial separation between the work on fairness, accountability, transparency, and ethics in IR and the rest of IR research. Instead of adopting a reactionary strategy of trying to mitigate potential social harms from emerging technologies, the community should aim to proactively set the research agenda for the kinds of systems we should build inspired by diverse explicitly stated sociotechnical imaginaries. The sociotechnical imaginaries that underpin the design and development of information access technologies needs to be explicitly articulated, and we need to develop theories of change in context of these diverse perspectives. Our guiding future imaginaries must be informed by other academic fields, such as democratic theory and critical theory, and should be co-developed with social science scholars, legal scholars, civil rights and social justice activists, and artists, among others.
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered QualityInflectra
In this insightful webinar, Inflectra explores how artificial intelligence (AI) is transforming software development and testing. Discover how AI-powered tools are revolutionizing every stage of the software development lifecycle (SDLC), from design and prototyping to testing, deployment, and monitoring.
Learn about:
• The Future of Testing: How AI is shifting testing towards verification, analysis, and higher-level skills, while reducing repetitive tasks.
• Test Automation: How AI-powered test case generation, optimization, and self-healing tests are making testing more efficient and effective.
• Visual Testing: Explore the emerging capabilities of AI in visual testing and how it's set to revolutionize UI verification.
• Inflectra's AI Solutions: See demonstrations of Inflectra's cutting-edge AI tools like the ChatGPT plugin and Azure Open AI platform, designed to streamline your testing process.
Whether you're a developer, tester, or QA professional, this webinar will give you valuable insights into how AI is shaping the future of software delivery.
Key Trends Shaping the Future of Infrastructure.pdfCheryl Hung
Keynote at DIGIT West Expo, Glasgow on 29 May 2024.
Cheryl Hung, ochery.com
Sr Director, Infrastructure Ecosystem, Arm.
The key trends across hardware, cloud and open-source; exploring how these areas are likely to mature and develop over the short and long-term, and then considering how organisations can position themselves to adapt and thrive.
DevOps and Testing slides at DASA ConnectKari Kakkonen
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Comparison of Current Service Mesh Architectures
1.
2. 2
Introduction
Bruce Basil Mathews
Sr. Solutions Architect at Mirantis
Bruce has been a Senior Solutions Architect in the computer industry for 40+ years,
working at multiple technology companies including Mirantis, HP, Oracle, Sun
Microsystems and others.
View the webinar recording, including demo, at:
https://info.mirantis.com/service-mesh-webinar
3. 3
● What is service mesh, its capabilities and benefits?
● Types of service mesh architectures
● Service meshes comparisons: features, visualization, performance
○ Open source
○ Commercial
● Service mesh pros and cons
● Demo
● Q&A
Agenda
4. 4
A service mesh is:
● A configurable infrastructure layer for a microservices application
● Makes communication between service instances flexible, reliable,
and fast
● Provides a whole bunch of capabilities to relieve the developer
from having to provide them each time uniquely.
What is a Service Mesh?
5. 5
● Service Discovery - Allows the different services to “discover” each other when needed. The
Kubernetes framework keeps a list of instances that are healthy and ready to receive requests.
● Load Balancing - Places the least busy instances at the top of the stack, so that busier
instances can get the most service without starving the least busy instances’ needs.
● Encryption - Instead of having each of the services provide their own encryption/decryption,
the service mesh can encrypt and decrypt requests and responses instead.
● Authentication and authorization. The service mesh can validate requests BEFORE they are
sent to the service instances.
● Support for the circuit breaker pattern. The service mesh can support the circuit breaker
pattern, which can stop requests from ever being sent to an unhealthy instance. We will discuss
this specific feature later.
What Capabilities Does a Service Mesh Provide?
6. 6
The combined use of the features and capabilities listed on the previous slide provides
the means for traffic shaping or QoS:
● Traffic shaping, (a.k.a. packet shaping), is a type of network bandwidth management for the
manipulation and prioritization of network traffic to reduce the impact of heavy use cases from
affecting other users.
● QoS provides a uniform way to connect, secure, manage and monitor microservices and
provides traffic shaping between microservices while capturing the telemetry of the traffic flow
for prioritizing network traffic.
Key Benefits of a Service Mesh
7. 7
Circuit-breaking helps to guard against partial or total cascading network
communication failures of application service instances by maintaining a status of the
health and viability of each service instance:
● The Service Mesh’s circuit-breaker feature determines whether traffic should continue to be
routed to a given service instance.
NOTE: The application developer must determine what to do as a design consideration when
the service instance has been marked as not accepting requests.
Enterprises can create application features using modular software development
across disparate teams of developers.
● Faster development, testing and deployment of applications.
Key Benefits of a Service Mesh
8. 8
Library
● Needed services are sitting in a Library that your microservices applications import
and use.
Node Agent
● The services are provided by a Node Agent or daemon. The daemon services all of
the containers on a particular node/machine.
Sidecar
● The services are provided in a Sidecar container that runs alongside your
application container.
Service Mesh Architectures
10. 10
The Library Architecture
Examples:
Twitter Finagle
Netflix Hystrix
Netflix Ribbon
Each of the microservices carries a copy of
the library that contains all of the desired
Service Mesh functions.
The Library architectural approach was:
● The first architecture to be adopted
● Simplest method to implement
● Has some drawbacks in performance
● More difficult to maintain
Separate copies are distributed with every
microservice, which results in:
● Potential for version control issues in
multi-cluster implementations
● Conflicting demand and performance is
harder to determine and resolve quickly.
11. 11
The Node Agent Architecture
Examples:
Linkerd/Conduit
Consul
The Node Agent architecture is easier to manage and
maintain than the Library architecture:
● It distributes one copy of the configuration to each node,
rather than one copy of the configuration to each pod on
each node.
In the Node Agent service mesh architecture, a separate
agent is running on every worker node of a cluster:
● Node Agent, usually running in user process space,
services the heterogeneous mix of workloads hosted on
that worker node.
● This architectural model emphasizes work resource
sharing. This method can provide a great deal more
efficiency than the Library model, but leaves a door open
for resource abuse.
● Resource requests for memory and other components
can be demanded and fulfilled immediately, starving
other microservices. It is left up to the application
developer to play nicely with others.
12. 12
The Sidecar Architecture
Examples:
Istio
Aspen Mesh
Sidecar is the latest method developed for service meshing:
● The Sidecar service mesh deploys one adjacent container
for every application container.
● The sidecar container handles all the network traffic in and
out of the application container.
● To eliminate the potential for a network based attack, the
sidecar has the same privileges as the application to which
it is attached.
● Most Sidecar implementations, founded on security
best-practices, limit the scope of the authorities necessary
to complete the required intercommunication and then
end their own process.
● The Sidecar acts in closely secured proximity to the
application, almost like a function call from a Library rather
than having to traverse the network to an external Node
Agent for each intercommunication.
16. 16
Envoy’s Sidecar Architecture
Envoy is a high performance C++ distributed proxy designed for
single services and applications:
● Originally designed by Lyft
● Proxy architecture provides two key pieces missing in most stacks
transitioning from legacy systems to a more Software Oriented
Architecture (SOA.)
● Envoy’s two features:
○ Robust observability
○ Easy debugging
● Envoy uses gRPC bridge to unlock Python gevent clients
But the primary focus of Envoy is raw PERFORMANCE! To do this,
Envoy broke its threading model down into three categories:
● MAIN: The main thread coordinates all the most critical process
functionality
● WORKER: Each worker thread spawned processes all IO for the
connection’s it accepts for the lifetime of the connection
● FILE FLUSHER: Worker writes to files are buffered to memory and
then physically written by the file flush process thread.
17. 17
Istio’s Sidecar Architecture and Integration with Envoy
Istio provides a uniform way to connect, secure, manage and monitor microservices
and provides traffic shaping between microservices in a multi-cluster scenario:
● Originally developed by Netflix,
● includes the capability of circuit-breaking to the app development process.
● Guards against partial or total cascading network communication failures by
maintaining a status of the health and viability of all service instances
● Envoy is integrated as the backend proxy for Istio
The Istio components and their functions are listed below:
Control plane:
● Istio-Manager: provides routing rules & service discovery information to the Envoy
proxies.
● Mixer: collects telemetry from each Envoy proxy and enforces access control policies.
● Istio-Auth: provides “service to service” and “user to service” authentication. This
component also converts unencrypted traffic to TLS based traffic between services,
as needed.
Data plane:
● Envoy: a feature rich proxy managed by control plane components. Envoy intercepts
traffic to and from the service, applying routing and access policies following the
rules set in the control plane.
18. 18
Linkerd 1.0 Node Agent/Sidecar Architecture
In the per-host deployment model for
Linkerd, one Linkerd instance is deployed
per host (whether physical or virtual):
● Originally developed by Buoyant.
● All app service instances on that host route
traffic through the single instance.
● This model is useful for deployments that are
primarily host-based.
● Each service instance on the host can address
its corresponding Linkerd instance at a fixed
location (typically, localhost:4140)
● Eliminates the need for any significant
client-side logic.
● Since this model requires high concurrency of
Linkerd instances, a larger resource profile is
usually appropriate.
● In this model, the loss of an individual Linkerd
instance is equivalent to
losing the host itself.
Note: Could be implemented as either,
but the weight of the Java engine was so
heavy, it made it more resource effective
as a node agent deployment.
19. 19
Linkerd2 / Conduit Sidecar Architecture
Linkerd 2 transitioned to deploying a sidecar
methodology that eliminates the single point
of failure per host.
Linkerd 2 has three basic components:
● User Interface
● Control Plane
● Data Plane
The control plane is made up of four
components:
● Controller - In multiple containers
● Web - Dashboard for telemetry data display
● Prometheus - Telemetry data storage
● Grafana - Used to display the Dashboard
The data plane consists of the sidecar Proxy
processes injected into each Pod
The Dashboard UI provides telemetry and
QoS data for each service
21. 21
Consul Node Agent Architecture
Consul is an ideal service to support control
plane service mesh activities, whether you
employ a “dumb pipe” or a “smart network”:
● Originally developed by Hashicorp
● The Consul architecture ensures it is highly
available, and extends beyond a single
data center.
● Consul provides service discovery for both
Dumb Pipe and Smart Network scenarios.
● Applications can use Consul’s key-value
store to store retries, timeouts and circuit
breaking settings and request them when
needed.
● The Consul K/V store can be used for
persistent state storage such as network
policies as well.
22. 22
Aspen Mesh Sidecar Architecture & Integration with Istio
Aspen Mesh is built on Istio and includes all the
features you get with Istio plus:
● Intuitive UI
● Multi Cluster and Hybrid Cloud
● Analytics and Alerting
● Pre-configured Canary Testing
● Advanced Policy Management
● Isolated Management Platform with SLA
● A fully tested and hardened version
● Enterprise-level Support
23. 23
Kong Enterprise Monolith, Microservice, Service Mesh, &
Serverless Architecture
kong Mesh Sidecar Architecture and Integration with
Istio
Kong Ingress Controller is a dynamic and highly available Ingress
Controller which configures Kong using Ingress resources created
in your Kubernetes cluster:
● Kong can configure plugins, load balancing, health checking on
your services running in Kubernetes.
● Kong Ingress Controller is a Go application that listens to events
from the API-server of your Kubernetes cluster
● The Ingress Controller sets up Kong to handle your configuration
accordingly. You never have to configure Kong manually.
● The controller can configure any Kong cluster via a Kong node
running either in a control-plane mode or running both, control
and data planes.
● Kong's state is stored in Postgres or Cassandra.
○ The database should be deployed as a StatefulSet.
○ All Kong nodes in your Kubernetes cluster should be able to
connect to it.
● If Kong is deployed in Control-plane and Data-plane mode, then
Kong proxy can be scaled
24. 24
AWS APP MESH Sidecar Architecture & Integration with Envoy
AWS App Mesh is a service mesh based on the Envoy proxy
that makes it easy to monitor and control microservices:
● App Mesh standardizes how your microservices
communicate: End-to-end visibility
● Helps to ensure high-availability
● App Mesh is made up of the following components:
○ Service mesh
○ Virtual services
○ Virtual nodes
○ Envoy proxy
○ Virtual routers
○ Routes
To use App Mesh, you must have an existing application
running on AWS Fargate, Amazon ECS, Amazon EKS,
Kubernetes on AWS, or Amazon EC2.
26. 26
● Envoy
○ Low p99 tail latencies at scale when running under load,
○ Acts as a L3/L4 filter at its core with many L7 filters provided out of the box,
○ Support for gRPC, and HTTP/2 (upstream/downstream),
○ API-driven, dynamic configuration, hot reloads,
○ Strong focus on metric collection, tracing, and overall observability.
● Istio
○ Security features including identity, key management, and RBAC,
○ Fault injection,
○ Support for gRPC, HTTP/2, HTTP/1.x, WebSockets, and all TCP traffic,
○ Sophisticated policy, quota, and rate limiting,
○ Multi-platform, hybrid deployment.
Some Service Mesh Feature Comparative Data
27. 27
Linkerd was rewritten from Java to Rust - Data Plane / Go - Control plane about 1 ½ years ago.
They are striving to reach feature parity between the two versions and are currently very close:
Linkerd and Linkerd2/Conduit Features
○ Support for multiple platforms (Docker, Kubernetes, DC/OS, Amazon ECS, or any stand-alone
machine),
○ Built-in service discovery abstractions to unite multiple systems,
○ Support for gRPC, HTTP/2, and HTTP/1.x requests + all TCP traffic.
Some Service Mesh Feature Comparative Data (Continued)
Note: Linkerd 2 is much faster than Linkerd as the Data Plane Proxy was rewritten in Rust.
Conduit was folded into the Linkerd Project to form the basis for Linkerd 2! Conduit’s
lightning-fast Rust proxies are ~10mb per instance, have sub-millisecond p99 latencies, and
support HTTP/1.x, HTTP/2, and gRPC.
28. 28
Linkerd 1 and Linkerd 2/Conduit Feature Comparison
Linkerd 1.x (latest: 1.6.2.1) Linkerd 2.x (latest: 2.3)
Theme Powerful, highly configurable, “industrial strength” Lightweight, minimalist, zero config
Observability Automatic, non-aggregated Automatic, aggregated, live, per-path
Reliability Load balancing, retries, circuit breaking Load balancing, retries, circuit breaking*, rate limiting*
Security TLS, cert validation TLS, cert validation, cert management, policy enforcement*
Protocol support HTTP/1.x, HTTP/2, gRPC, Thrift HTTP/1.x, HTTP/2, gRPC
Installation Cluster-wide Per service, per namespace or cluster-wide (incremental)
Resource footprint 100--150mb per proxy <10mb per proxy
Latency introduced <5ms p99 <1ms p99
License, building blocks CNCF, Apache v2, Finagle, Netty, Scala CNCF, Apache v2, Rust, Go
Supported platforms Kubernetes, DC/OS, Mesos, bare metal, ECS, ... Just Kubernetes… for now! (*roadmap)
29. 29
● Consul
○ Consul is a single binary providing both server and client capabilities
○ includes all functionality for service catalog
○ Includes configuration capabilities, TLS certificates, Authorization
○ Consul optionally supports external systems such as Vault to augment behavior
○ No additional systems are required to deploy Consul
● Aspen Mesh
○ Provides an intuitive UI that brings the most important information to the forefront
○ Easy-to-understand real-time status information
○ Allows for the display of multiple clusters in a single pane of glass
○ Helps the user to monitor their entire architecture in one place
○ Allows the user to sort, search and drill into individual services details
Some Service Mesh Feature Comparative Data (Continued)
30. 30
● Kong Enterprise 1.0
○ Engineers can make a change in a centralised location that will be reflected across multiple Kong clusters
○ Includes an implementation of the Plugin Development Kit (PDK)
○ All Kong plugins require a standard set of functionality, which the PDK provides out of the box
○ PDK based on the ngx_lua API
○ A Kong cluster deployment requires the installation of a Cassandra of PostgreSQL to act as the datastore
● AWS App Mesh
○ App Mesh separates the logic for monitoring and controlling communications into a proxy that manages
all network traffic for each service
○ App Mesh uses the open source Envoy proxy to manage all traffic into and out of a service’s containers
○ Integrated with Amazon CloudWatch – monitoring & logging service for complete visibility of resources
and applications.
○ Developers configure services to connect directly to each other instead of requiring code within the
application or using a load balancer
○ App Mesh works with services managed by Amazon ECS, Amazon EKS, AWS Fargate, Kubernetes
running on EC2, and services running directly on EC2
Some Service Mesh Feature Comparative Data (Continued)
32. 32
Most Service Meshes use Prometheus with Grafana
NOTE: Commercial offerings provide a greater variety of templates
and statistics to choose from for traffic shaping analysis.
34. 34
● Control Plane performance factors include:
○ The rate of deployment changes.
○ The rate of configuration changes.
○ The number of proxies connecting to the service gateway.
● Data Plane performance factors include:
○ Number of client connections
○ Target request rate
○ Request size and Response size
○ Number of proxy worker threads
○ Protocol
○ CPU cores
○ Number and types of proxy filters
● Benchmarking Tools:
○ fortio.org - a constant throughput load testing tool.
○ blueperf - a realistic cloud native application.
Some Service Mesh Performance Factors
35. 35
● Load Balancing Throughput and Latency
○ One of the key features of a service mesh is to provide a load balancing capability.
○ Some of the more popular load balancers that can be integrated with the Service
Meshes compared in this presentation are:
■ NGINX
■ HAProxy
■ Envoy
■ Traefik
■ Amazon Application Load Balancer (ALB)
Some Service Mesh Comparative Performance Data
36. 36
Load Balancer Requests-per-Second Performance Data
Data found here: https://www.loggly.com/blog/benchmarking-5-popular-load-balancers-nginx-haproxy-envoy-traefik-and-alb/
37. 37
Load Balancer Latency and Concurrency Performance Data
Data found here: https://www.loggly.com/blog/benchmarking-5-popular-load-balancers-nginx-haproxy-envoy-traefik-and-alb/
38. 38
Load Balancer CPU and Latency and Concurrency
Performance Data - Disagreement
Data found here: https://medium.com/@ihcsim/linkerd-2-0-and-istio-performance-benchmark-df290101c2bb
The latency observed in the Linkerd2-meshed setup ranged from 11.0 ms to almost 14.0 ms.
The latency observed in Istio-meshed setup ranged from 36.0 ms to 45.0 ms.
39. 39
Consul vs Istio:
● https://www.consul.io/intro/vs/istio.html
Consul vs Istio vs. Linkerd/Conduit:
● https://stackshare.io/stackups/consul-vs-istio-vs-linkerd
Linkerd2/Conduit vs Istio:
● https://kinvolk.io/blog/2019/05/performance-benchmark-analysis-of-istio-and-linkerd/
● https://glasnostic.com/blog/comparing-service-meshes-linkerd-vs-istio
● https://www.aquasec.com/wiki/display/containers/Linkerd+vs+Istio
Additional Performance Data
41. 41
Service Meshes Architecture Pros and Cons
Library Architecture
Advantages:
● Resources are locally accounted for
each and every service
● Self-service adoption for developers
Disadvantages:
● Strong coupling is a significant
drawback
● Non-uniform; upgrades are
challenging in large environments
Node Agent Architecture
Advantages:
● Less overhead (especially memory)
for things that could be shared
across a node
● Easier to scale distribution of
configuration information than it is
with sidecar proxies (if you’re not
using a control plane)
● This model is useful for
deployments that are primarily
physical or virtual server based.
Good for large monolithic apps
Disadvantages:
● Coarse support for encryption of
service-to-service communication,
instead host-to-host encryption and
authentication policies
● Blast radius of a proxy failure
includes all applications on the
node, which is essentially equivalent
to losing the node itself
● Not a transparent entity, services
must be aware of its existence
Sidecar Architecture
Advantages:
● Granular encryption of
service-to-service
communication
● Can be gradually added to an
existing cluster without central
coordination
● App-to-sidecar communication is
easier to secure than
app-to-node proxy
● Resources consumed for a
service are attributed to that
service
● Blast radius of a proxy failure is
limited to the sidecar app
Disadvantages:
● Lack of central coordination.
Difficult to scale operationally
● Sidecar footprint—per
service overhead of
running a service
proxy sidecar
42. 42
● Istio was presented to the CNCF Technical Oversight Committee in November 2017.
This represented an early step for the project to join CNCF.
○ We suspect they will become a full project member in 2019.
○ Linkerd is already a member of CNCF.
● There are both fully Open Source and Commercial implementations of Istio available
○ This will be a key to widespread adoption which will be key to the long-term success of Istio
● The following question will be answered in 2019: “What are the real world benefits I will
receive by adopting service mesh as a standard?”
○ The answer will come from use cases stimulating adoption.
Service Mesh Comparison Final Thoughts
43. 43
Bottom Line:
● A service mesh will be mandatory by 2020 for any organization running
microservices in production.
○ If you’re currently using a service mesh, you already know the value it brings.
○ If you’re considering using a service mesh, make sure you stay in tune with
what is going on with this technology!
○ If your company has not yet decided on whether you need a service mesh or
not, read the recent industry reports on microservices!
Service Mesh Comparison Final Thoughts