SlideShare a Scribd company logo

Service Mesh Advanced Use Cases

F
Fabian Hardt

This document discusses service mesh advanced use cases and Kuma mesh. It introduces service meshes as providing reliable connectivity and managing cross-cutting concerns for microservices. Kuma mesh is presented as a platform-agnostic open source control plane that provides networking, security and observability features. The document demonstrates Kuma's multi-cluster architecture and shows how it provides consistent connectivity across clusters and edges.

Software
1 of 26
Download to read offline
© OPITZ CONSULTING 2022 / Öffentlich Service mesh advanced Use Cases 1 Nuremberg, 2022-09-22 Sven Bernhardt , Fabian Hardt SERVICE MESH ADVANCED USE CASES
© OPITZ CONSULTING 2022 / Öffentlich Service mesh advanced Use Cases 2 SERVICE MESH BASICS 01
© OPITZ CONSULTING 2022 / Öffentlich MODERN SOFTWARE ARCHITECTURES ARE LOOSLEY COUPLED AND DISTRIBUTED Service mesh advanced Use Cases 3 ¢ Single Deployment unit ¢ Single execution process ¢ Shared database ¢ Local, app-internal communication only ¢ Multiple Deployment units ¢ Exclusive execution process per service ¢ Database per Service (usually) ¢ Remote, inter-service communication UI Business Logic Persistence Traditional software architecture Modern software architecture
© OPITZ CONSULTING 2022 / Öffentlich CONNECTIVITY IS THE BACKBONE OF DIGITAL ORGANIZATIONS Service mesh advanced Use Cases 4 Centralized STATIC ON-PREM MONOLITH VIRTUAL MACHINES MANUAL CHANGE PROCESS Decentralized DYNAMIC CLOUD / MULTI-CLOUD MICROSERVICES / SERVERLESS CONTAINERS, KUBERNETES AUTOMATED CI/CD TOOL CHAIN # Services & APIs CONTROL AND VISIBILITY
© OPITZ CONSULTING 2022 / Öffentlich WHAT’S END-TO-END SERVICE CONNECTIVITY? Service mesh advanced Use Cases 5 ¢ Between applications ¢ Within applications ¢ At the edge EDGE Monolithic back end service Microservices based app Microservices exposed at edge for external consumption
© OPITZ CONSULTING 2022 / Öffentlich RELIABLE CONNECTIVITY IS A MULTIDIMENSIONAL PROBLEM Service mesh advanced Use Cases 7 App App App App Edge Cross-App In-App Monolith Services Microservices Serverless …
© OPITZ CONSULTING 2022 / Öffentlich INCREASED COMPLEXITY AND CHALLENGES WITH RESPECT TO DEVELOPMENT CONSISTENCY Service mesh advanced Use Cases 8 Security Security Logging Logging Security Tracing Metrics Routing Metrics Tracing Application AuthN/Z Rate-Limiting Routing Caching Organization Application AuthN/Z Versioning Versioning Rate-Limiting
© OPITZ CONSULTING 2022 / Öffentlich WHAT’S A SERVICE MESH? Service mesh advanced Use Cases 9 ¢ Efficient implementation of cross-cutting concerns with respect to service integration challenges ¢ Everything is a service! ¢ Cloud-native apps deployed to Kubernetes ¢ Non Cloud-native workloads ¢ Should be independent of ¢ Architecture (e.g. Monolithic or µService) ¢ Platform (e.g. VMs, Containers, Kubernetes) Dedicated infrastructure layer that makes service-to-service communication more reliable, secure and observable
© OPITZ CONSULTING 2022 / Öffentlich WHAT CAN SERVICE MESH HELP YOU WITH? Service mesh advanced Use Cases 10 API Gateway
© OPITZ CONSULTING 2022 / Öffentlich CONSISTENCE FROM THE EDGE TO THE TARGET SERVICE Service mesh advanced Use Cases 11 ¢ External Clients access an organization’s services through the API Gateway (Single Point of entry) ¢ API Gateway is integrated in the Mesh ¢ Is just another service ¢ Gateway proxy just handles outbound traffic ¢ Internal traffic routing is handeled by the Mesh
© OPITZ CONSULTING 2022 / Öffentlich Service mesh advanced Use Cases 12 KUMA MESH 02
© OPITZ CONSULTING 2022 / Öffentlich KUMA MESH Service mesh advanced Use Cases 13 ¢ Initally invented by Kong and donated to CNCF in 2020 ¢ Provides a modern distributed Control Plane ¢ Completely Envoy-based Data Plane proxies ¢ Platform agnostic open-source control plane for Service Mesh ¢ Hence Kuma is ¢ Universal ¢ Simple ¢ Scalable ¢ Flexible deployment options ¢ Standalone deployment ¢ Multi-Zone deployment Source: https://tinyurl.com/xb57bhx5
© OPITZ CONSULTING 2022 / Öffentlich KUMA STANDALONE ARCHITECTURE Service mesh advanced Use Cases 14
© OPITZ CONSULTING 2022 / Öffentlich KUMA MULTI-CLUSTER ARCHITECTURE Service mesh advanced Use Cases 15 ¢ One zone can be deployed over multiple clusters ¢ All traffic enters cluster over zone ingress ¢ One Remote (Zone) Control Plane in each cluster
© OPITZ CONSULTING 2022 / Öffentlich KUMA NETWORKING / CNI Service mesh advanced Use Cases 16 ¢ Installed as DaemonSet on all Nodes ¢ Injects label on Pods - k8s.v1.cni.cncf.io/networks: kuma-cni ¢ CNI enables Transparent Proxying – redirects all traffic through Data Plane
© OPITZ CONSULTING 2022 / Öffentlich KUMA NETWORKING / INIT-CONTAINER Service mesh advanced Use Cases 17 ¢ Injected to Pod and started individually before Data Plane ¢ Configures iptables / network routing
© OPITZ CONSULTING 2022 / Öffentlich SERVICE MESH DNS Service mesh advanced Use Cases 18 ¢ Local DNS resolution directly in Data Plane (Envoy) ¢ Names are not resolvable in complete cluster, just inside service mesh (Envoy) ¢ Resolves “.mesh“ address to pre-defined service mesh IP address ¢ IP in other zone / cluster is routed over Kuma Zone Ingress
© OPITZ CONSULTING 2022 / Öffentlich ZONE EGRESS Service mesh advanced Use Cases 19 ¢ Special Data Plane instance – like Zone Ingress ¢ All outgoing traffic is routed through this instance ¢ Usage of External Services just possible with deployed Zone Egress in the future
© OPITZ CONSULTING 2022 / Öffentlich Service mesh advanced Use Cases 20 DEMO 03
© OPITZ CONSULTING 2022 / Öffentlich DEMO: MULTI-CLOUD / MULTI-CLUSTER MESH Service mesh advanced Use Cases 21
© OPITZ CONSULTING 2022 / Öffentlich ORACLE CONTAINER ENGINE FOR KUBERNETES (OKE) Service mesh advanced Use Cases 22 Based on IaaS Oracle Compute Cloud Service Worker Nodes: VM Master Node: •Managed and maintained by Oracle •Not visible for the end user •Master nodes are free of charge Auto-scaling capabilities using Worker-Node Pools Can be provisioned using OCI Cloud Console OCI Cloud Shell OCI CLI Terraform (OCI Resource Manager)
© OPITZ CONSULTING 2022 / Öffentlich Service mesh advanced Use Cases 23 CONCLUSION 06
© OPITZ CONSULTING 2022 / Öffentlich SERVICE MESH BENEFITS Service mesh advanced Use Cases 24 ¢ Increased Developers productivity ¢ Self-service network management ¢ Reliable connectivity ¢ Zero-trust security ¢ Service Discovery ¢ Observability
© OPITZ CONSULTING 2022 / Öffentlich KEY TAKEAWAYS Service mesh advanced Use Cases 25 ¢ Service Mesh is essential for modern software architectures to tackle basic service integration challenges independent of: ¢ Level ¢ Architecture ¢ Platform ¢ Kuma as a mesh implementation provides ¢ Agnostic approach (indepent of architecture or platform) ¢ Modern, flexible architecture supporting hybrid, multi-cloud scenarios ¢ Standalone ¢ Multi-zone ¢ Multi-mesh ¢ Seamless CI / CD integration (GitOps)
© OPITZ CONSULTING 2022 / Öffentlich Service mesh advanced Use Cases 26 Q & A https://opitzcloud.canto.global/b/H0EMG
© OPITZ CONSULTING 2022 / Öffentlich Analytics meets Integration – Modern Development mit Data APIs 27 www.opitz-consulting.com KONTAKT Sven Bernhardt Senior Manager Corporate Development Sven.Bernhardt@opitz-consulting.com +49 172 2193529 https://www.xing.com/profile/Sven_Bernhardt/ https://www.linkedin.com/in/sven-bernhardt-0570b823/ Fabian Hardt Solution Architect Fabian.Hardt@opitz-consulting.com https://twitter.com/fabian_hardt https://www.xing.com/profile/Fabian_Hardt https://www.linkedin.com/in/fabian-hardt-0956b1b1

Recommended

Service integration made easy with Open Source Kuma
Service integration made easy with Open Source KumaService integration made easy with Open Source Kuma
Service integration made easy with Open Source Kuma
Sven Bernhardt
 
Build and Manage Multi-Cloud Applications Using Kuma
Build and Manage Multi-Cloud Applications Using KumaBuild and Manage Multi-Cloud Applications Using Kuma
Build and Manage Multi-Cloud Applications Using Kuma
Sven Bernhardt
 
Build and Manage Multi-Cloud Applications Using Kuma
Build and Manage Multi-Cloud Applications Using KumaBuild and Manage Multi-Cloud Applications Using Kuma
Build and Manage Multi-Cloud Applications Using Kuma
Sven Bernhardt
 
Architecture Room Stuttgart - "Cloud-native ist nur ein Teil des Spiels!"
Architecture Room Stuttgart - "Cloud-native ist nur ein Teil des Spiels!"Architecture Room Stuttgart - "Cloud-native ist nur ein Teil des Spiels!"
Architecture Room Stuttgart - "Cloud-native ist nur ein Teil des Spiels!"
OPITZ CONSULTING Deutschland
 
Modern Integration based on OCI Cloud-native Services
Modern Integration based on OCI Cloud-native ServicesModern Integration based on OCI Cloud-native Services
Modern Integration based on OCI Cloud-native Services
Sven Bernhardt
 
Cloud-native is just part of the game
Cloud-native is just part of the gameCloud-native is just part of the game
Cloud-native is just part of the game
Sven Bernhardt
 
Declarative observability management for Microservice architectures
Declarative observability management for Microservice architecturesDeclarative observability management for Microservice architectures
Declarative observability management for Microservice architectures
Sven Bernhardt
 
Analytics meets Integration – Modern Development mit Data APIs
Analytics meets Integration – Modern Development mit Data APIsAnalytics meets Integration – Modern Development mit Data APIs
Analytics meets Integration – Modern Development mit Data APIs
Fabian Hardt
 

Recommended

Service integration made easy with Open Source Kuma
Service integration made easy with Open Source KumaService integration made easy with Open Source Kuma
Service integration made easy with Open Source Kuma
Sven Bernhardt
 
Build and Manage Multi-Cloud Applications Using Kuma
Build and Manage Multi-Cloud Applications Using KumaBuild and Manage Multi-Cloud Applications Using Kuma
Build and Manage Multi-Cloud Applications Using Kuma
Sven Bernhardt
 
Build and Manage Multi-Cloud Applications Using Kuma
Build and Manage Multi-Cloud Applications Using KumaBuild and Manage Multi-Cloud Applications Using Kuma
Build and Manage Multi-Cloud Applications Using Kuma
Sven Bernhardt
 
Architecture Room Stuttgart - "Cloud-native ist nur ein Teil des Spiels!"
Architecture Room Stuttgart - "Cloud-native ist nur ein Teil des Spiels!"Architecture Room Stuttgart - "Cloud-native ist nur ein Teil des Spiels!"
Architecture Room Stuttgart - "Cloud-native ist nur ein Teil des Spiels!"
OPITZ CONSULTING Deutschland
 
Modern Integration based on OCI Cloud-native Services
Modern Integration based on OCI Cloud-native ServicesModern Integration based on OCI Cloud-native Services
Modern Integration based on OCI Cloud-native Services
Sven Bernhardt
 
Cloud-native is just part of the game
Cloud-native is just part of the gameCloud-native is just part of the game
Cloud-native is just part of the game
Sven Bernhardt
 
Declarative observability management for Microservice architectures
Declarative observability management for Microservice architecturesDeclarative observability management for Microservice architectures
Declarative observability management for Microservice architectures
Sven Bernhardt
 
Analytics meets Integration – Modern Development mit Data APIs
Analytics meets Integration – Modern Development mit Data APIsAnalytics meets Integration – Modern Development mit Data APIs
Analytics meets Integration – Modern Development mit Data APIs
Fabian Hardt
 
Cloud-native Application Development - The new normal
Cloud-native Application Development - The new normalCloud-native Application Development - The new normal
Cloud-native Application Development - The new normal
Sven Bernhardt
 
Analytics meets Integration - Modern Development with Data APIs
Analytics meets Integration - Modern Development with Data APIsAnalytics meets Integration - Modern Development with Data APIs
Analytics meets Integration - Modern Development with Data APIs
Sven Bernhardt
 
API Gateway or Service mesh - Complementary or excluding concepts
API Gateway or Service mesh - Complementary or excluding conceptsAPI Gateway or Service mesh - Complementary or excluding concepts
API Gateway or Service mesh - Complementary or excluding concepts
Sven Bernhardt
 
Cloud-native Application Development on OCI
Cloud-native Application Development on OCICloud-native Application Development on OCI
Cloud-native Application Development on OCI
Sven Bernhardt
 
Advanced Observability & Security
Advanced Observability & SecurityAdvanced Observability & Security
Advanced Observability & Security
Fabian Hardt
 
Kong 101 - Jumpstart into the world of APIs
Kong 101 - Jumpstart into the world of APIsKong 101 - Jumpstart into the world of APIs
Kong 101 - Jumpstart into the world of APIs
Sven Bernhardt
 
Cloud-native Integration in the Oracle Cloud
Cloud-native Integration in the Oracle CloudCloud-native Integration in the Oracle Cloud
Cloud-native Integration in the Oracle Cloud
Sven Bernhardt
 
Integration architectures based on Microservices, APIs and events
Integration architectures based on Microservices, APIs and eventsIntegration architectures based on Microservices, APIs and events
Integration architectures based on Microservices, APIs and events
Sven Bernhardt
 
Cloud-native Integration in the Oracle Cloud
Cloud-native Integration in the Oracle CloudCloud-native Integration in the Oracle Cloud
Cloud-native Integration in the Oracle Cloud
Sven Bernhardt
 
Flexible, hybrid API-led software architectures with Kong
Flexible, hybrid API-led software architectures with KongFlexible, hybrid API-led software architectures with Kong
Flexible, hybrid API-led software architectures with Kong
Sven Bernhardt
 
Enabling MEC as a New Telco Business Opportunity
Enabling MEC as a New Telco Business OpportunityEnabling MEC as a New Telco Business Opportunity
Enabling MEC as a New Telco Business Opportunity
Michelle Holley
 
Advanced Observability & Security
Advanced Observability & SecurityAdvanced Observability & Security
Advanced Observability & Security
Fabian Hardt
 
Effective and simple - integration architectures with Apache Camel and Quarkus
Effective and simple - integration architectures with Apache Camel and QuarkusEffective and simple - integration architectures with Apache Camel and Quarkus
Effective and simple - integration architectures with Apache Camel and Quarkus
Sven Bernhardt
 
API Gateway or Service Mesh - Complementary or excluding concepts
API Gateway or Service Mesh - Complementary or excluding conceptsAPI Gateway or Service Mesh - Complementary or excluding concepts
API Gateway or Service Mesh - Complementary or excluding concepts
Sven Bernhardt
 
Connectivity Challenges for CAVs - Athonet Group
Connectivity Challenges for CAVs - Athonet GroupConnectivity Challenges for CAVs - Athonet Group
Connectivity Challenges for CAVs - Athonet Group
techUK
 
Implementing Cloud-native apps on OCI
Implementing Cloud-native apps on OCIImplementing Cloud-native apps on OCI
Implementing Cloud-native apps on OCI
Sven Bernhardt
 
Implementing API-led Cloud-native apps on OCI
Implementing API-led Cloud-native apps on OCIImplementing API-led Cloud-native apps on OCI
Implementing API-led Cloud-native apps on OCI
Sven Bernhardt
 
Modernization options for Oracle Forms applications
Modernization options for Oracle Forms applicationsModernization options for Oracle Forms applications
Modernization options for Oracle Forms applications
Sven Bernhardt
 
Serverless architectures with Fn Project
Serverless architectures with Fn ProjectServerless architectures with Fn Project
Serverless architectures with Fn Project
Sven Bernhardt
 
Rumble in the Jungle - API Kickstart with Kong
Rumble in the Jungle - API Kickstart with KongRumble in the Jungle - API Kickstart with Kong
Rumble in the Jungle - API Kickstart with Kong
Sven Bernhardt
 
Mit APIs auf der Überholspur zur produktorientierten Organisation
Mit APIs auf der Überholspur zur produktorientierten OrganisationMit APIs auf der Überholspur zur produktorientierten Organisation
Mit APIs auf der Überholspur zur produktorientierten Organisation
Fabian Hardt
 
Data Mesh und Domain Driven Design - rücken Analytics und SD nun doch näher z...
Data Mesh und Domain Driven Design - rücken Analytics und SD nun doch näher z...Data Mesh und Domain Driven Design - rücken Analytics und SD nun doch näher z...
Data Mesh und Domain Driven Design - rücken Analytics und SD nun doch näher z...
Fabian Hardt
 

More Related Content

Similar to Service Mesh Advanced Use Cases

Cloud-native Application Development - The new normal
Cloud-native Application Development - The new normalCloud-native Application Development - The new normal
Cloud-native Application Development - The new normal
Sven Bernhardt
 
Analytics meets Integration - Modern Development with Data APIs
Analytics meets Integration - Modern Development with Data APIsAnalytics meets Integration - Modern Development with Data APIs
Analytics meets Integration - Modern Development with Data APIs
Sven Bernhardt
 
API Gateway or Service mesh - Complementary or excluding concepts
API Gateway or Service mesh - Complementary or excluding conceptsAPI Gateway or Service mesh - Complementary or excluding concepts
API Gateway or Service mesh - Complementary or excluding concepts
Sven Bernhardt
 
Cloud-native Application Development on OCI
Cloud-native Application Development on OCICloud-native Application Development on OCI
Cloud-native Application Development on OCI
Sven Bernhardt
 
Advanced Observability & Security
Advanced Observability & SecurityAdvanced Observability & Security
Advanced Observability & Security
Fabian Hardt
 
Kong 101 - Jumpstart into the world of APIs
Kong 101 - Jumpstart into the world of APIsKong 101 - Jumpstart into the world of APIs
Kong 101 - Jumpstart into the world of APIs
Sven Bernhardt
 
Cloud-native Integration in the Oracle Cloud
Cloud-native Integration in the Oracle CloudCloud-native Integration in the Oracle Cloud
Cloud-native Integration in the Oracle Cloud
Sven Bernhardt
 
Integration architectures based on Microservices, APIs and events
Integration architectures based on Microservices, APIs and eventsIntegration architectures based on Microservices, APIs and events
Integration architectures based on Microservices, APIs and events
Sven Bernhardt
 
Cloud-native Integration in the Oracle Cloud
Cloud-native Integration in the Oracle CloudCloud-native Integration in the Oracle Cloud
Cloud-native Integration in the Oracle Cloud
Sven Bernhardt
 
Flexible, hybrid API-led software architectures with Kong
Flexible, hybrid API-led software architectures with KongFlexible, hybrid API-led software architectures with Kong
Flexible, hybrid API-led software architectures with Kong
Sven Bernhardt
 
Enabling MEC as a New Telco Business Opportunity
Enabling MEC as a New Telco Business OpportunityEnabling MEC as a New Telco Business Opportunity
Enabling MEC as a New Telco Business Opportunity
Michelle Holley
 
Advanced Observability & Security
Advanced Observability & SecurityAdvanced Observability & Security
Advanced Observability & Security
Fabian Hardt
 
Effective and simple - integration architectures with Apache Camel and Quarkus
Effective and simple - integration architectures with Apache Camel and QuarkusEffective and simple - integration architectures with Apache Camel and Quarkus
Effective and simple - integration architectures with Apache Camel and Quarkus
Sven Bernhardt
 
API Gateway or Service Mesh - Complementary or excluding concepts
API Gateway or Service Mesh - Complementary or excluding conceptsAPI Gateway or Service Mesh - Complementary or excluding concepts
API Gateway or Service Mesh - Complementary or excluding concepts
Sven Bernhardt
 
Connectivity Challenges for CAVs - Athonet Group
Connectivity Challenges for CAVs - Athonet GroupConnectivity Challenges for CAVs - Athonet Group
Connectivity Challenges for CAVs - Athonet Group
techUK
 
Implementing Cloud-native apps on OCI
Implementing Cloud-native apps on OCIImplementing Cloud-native apps on OCI
Implementing Cloud-native apps on OCI
Sven Bernhardt
 
Implementing API-led Cloud-native apps on OCI
Implementing API-led Cloud-native apps on OCIImplementing API-led Cloud-native apps on OCI
Implementing API-led Cloud-native apps on OCI
Sven Bernhardt
 
Modernization options for Oracle Forms applications
Modernization options for Oracle Forms applicationsModernization options for Oracle Forms applications
Modernization options for Oracle Forms applications
Sven Bernhardt
 
Serverless architectures with Fn Project
Serverless architectures with Fn ProjectServerless architectures with Fn Project
Serverless architectures with Fn Project
Sven Bernhardt
 
Rumble in the Jungle - API Kickstart with Kong
Rumble in the Jungle - API Kickstart with KongRumble in the Jungle - API Kickstart with Kong
Rumble in the Jungle - API Kickstart with Kong
Sven Bernhardt
 

Similar to Service Mesh Advanced Use Cases (20)

Cloud-native Application Development - The new normal
Cloud-native Application Development - The new normalCloud-native Application Development - The new normal
Cloud-native Application Development - The new normal
 
Analytics meets Integration - Modern Development with Data APIs
Analytics meets Integration - Modern Development with Data APIsAnalytics meets Integration - Modern Development with Data APIs
Analytics meets Integration - Modern Development with Data APIs
 
API Gateway or Service mesh - Complementary or excluding concepts
API Gateway or Service mesh - Complementary or excluding conceptsAPI Gateway or Service mesh - Complementary or excluding concepts
API Gateway or Service mesh - Complementary or excluding concepts
 
Cloud-native Application Development on OCI
Cloud-native Application Development on OCICloud-native Application Development on OCI
Cloud-native Application Development on OCI
 
Advanced Observability & Security
Advanced Observability & SecurityAdvanced Observability & Security
Advanced Observability & Security
 
Kong 101 - Jumpstart into the world of APIs
Kong 101 - Jumpstart into the world of APIsKong 101 - Jumpstart into the world of APIs
Kong 101 - Jumpstart into the world of APIs
 
Cloud-native Integration in the Oracle Cloud
Cloud-native Integration in the Oracle CloudCloud-native Integration in the Oracle Cloud
Cloud-native Integration in the Oracle Cloud
 
Integration architectures based on Microservices, APIs and events
Integration architectures based on Microservices, APIs and eventsIntegration architectures based on Microservices, APIs and events
Integration architectures based on Microservices, APIs and events
 
Cloud-native Integration in the Oracle Cloud
Cloud-native Integration in the Oracle CloudCloud-native Integration in the Oracle Cloud
Cloud-native Integration in the Oracle Cloud
 
Flexible, hybrid API-led software architectures with Kong
Flexible, hybrid API-led software architectures with KongFlexible, hybrid API-led software architectures with Kong
Flexible, hybrid API-led software architectures with Kong
 
Enabling MEC as a New Telco Business Opportunity
Enabling MEC as a New Telco Business OpportunityEnabling MEC as a New Telco Business Opportunity
Enabling MEC as a New Telco Business Opportunity
 
Advanced Observability & Security
Advanced Observability & SecurityAdvanced Observability & Security
Advanced Observability & Security
 
Effective and simple - integration architectures with Apache Camel and Quarkus
Effective and simple - integration architectures with Apache Camel and QuarkusEffective and simple - integration architectures with Apache Camel and Quarkus
Effective and simple - integration architectures with Apache Camel and Quarkus
 
API Gateway or Service Mesh - Complementary or excluding concepts
API Gateway or Service Mesh - Complementary or excluding conceptsAPI Gateway or Service Mesh - Complementary or excluding concepts
API Gateway or Service Mesh - Complementary or excluding concepts
 
Connectivity Challenges for CAVs - Athonet Group
Connectivity Challenges for CAVs - Athonet GroupConnectivity Challenges for CAVs - Athonet Group
Connectivity Challenges for CAVs - Athonet Group
 
Implementing Cloud-native apps on OCI
Implementing Cloud-native apps on OCIImplementing Cloud-native apps on OCI
Implementing Cloud-native apps on OCI
 
Implementing API-led Cloud-native apps on OCI
Implementing API-led Cloud-native apps on OCIImplementing API-led Cloud-native apps on OCI
Implementing API-led Cloud-native apps on OCI
 
Modernization options for Oracle Forms applications
Modernization options for Oracle Forms applicationsModernization options for Oracle Forms applications
Modernization options for Oracle Forms applications
 
Serverless architectures with Fn Project
Serverless architectures with Fn ProjectServerless architectures with Fn Project
Serverless architectures with Fn Project
 
Rumble in the Jungle - API Kickstart with Kong
Rumble in the Jungle - API Kickstart with KongRumble in the Jungle - API Kickstart with Kong
Rumble in the Jungle - API Kickstart with Kong
 

More from Fabian Hardt

Mit APIs auf der Überholspur zur produktorientierten Organisation
Mit APIs auf der Überholspur zur produktorientierten OrganisationMit APIs auf der Überholspur zur produktorientierten Organisation
Mit APIs auf der Überholspur zur produktorientierten Organisation
Fabian Hardt
 
Data Mesh und Domain Driven Design - rücken Analytics und SD nun doch näher z...
Data Mesh und Domain Driven Design - rücken Analytics und SD nun doch näher z...Data Mesh und Domain Driven Design - rücken Analytics und SD nun doch näher z...
Data Mesh und Domain Driven Design - rücken Analytics und SD nun doch näher z...
Fabian Hardt
 
How Service Mesh Fits into the Modern Data Stack
How Service Mesh Fits into the Modern Data StackHow Service Mesh Fits into the Modern Data Stack
How Service Mesh Fits into the Modern Data Stack
Fabian Hardt
 
Modern Data Stack – Buzzword oder echter Game-Changer?
Modern Data Stack – Buzzword oder echter Game-Changer?Modern Data Stack – Buzzword oder echter Game-Changer?
Modern Data Stack – Buzzword oder echter Game-Changer?
Fabian Hardt
 
Persönliche Filmtipps mittels Recommender System und Chatbot
Persönliche Filmtipps mittels Recommender System und ChatbotPersönliche Filmtipps mittels Recommender System und Chatbot
Persönliche Filmtipps mittels Recommender System und Chatbot
Fabian Hardt
 
Automatisierte Provisionierung einer Data Lab Umgebung für Data Scientists
Automatisierte Provisionierung einer Data Lab Umgebung für Data ScientistsAutomatisierte Provisionierung einer Data Lab Umgebung für Data Scientists
Automatisierte Provisionierung einer Data Lab Umgebung für Data Scientists
Fabian Hardt
 
Augmented Analytics mit Amazon Alexa
Augmented Analytics mit Amazon AlexaAugmented Analytics mit Amazon Alexa
Augmented Analytics mit Amazon Alexa
Fabian Hardt
 

More from Fabian Hardt (7)

Mit APIs auf der Überholspur zur produktorientierten Organisation
Mit APIs auf der Überholspur zur produktorientierten OrganisationMit APIs auf der Überholspur zur produktorientierten Organisation
Mit APIs auf der Überholspur zur produktorientierten Organisation
 
Data Mesh und Domain Driven Design - rücken Analytics und SD nun doch näher z...
Data Mesh und Domain Driven Design - rücken Analytics und SD nun doch näher z...Data Mesh und Domain Driven Design - rücken Analytics und SD nun doch näher z...
Data Mesh und Domain Driven Design - rücken Analytics und SD nun doch näher z...
 
How Service Mesh Fits into the Modern Data Stack
How Service Mesh Fits into the Modern Data StackHow Service Mesh Fits into the Modern Data Stack
How Service Mesh Fits into the Modern Data Stack
 
Modern Data Stack – Buzzword oder echter Game-Changer?
Modern Data Stack – Buzzword oder echter Game-Changer?Modern Data Stack – Buzzword oder echter Game-Changer?
Modern Data Stack – Buzzword oder echter Game-Changer?
 
Persönliche Filmtipps mittels Recommender System und Chatbot
Persönliche Filmtipps mittels Recommender System und ChatbotPersönliche Filmtipps mittels Recommender System und Chatbot
Persönliche Filmtipps mittels Recommender System und Chatbot
 
Automatisierte Provisionierung einer Data Lab Umgebung für Data Scientists
Automatisierte Provisionierung einer Data Lab Umgebung für Data ScientistsAutomatisierte Provisionierung einer Data Lab Umgebung für Data Scientists
Automatisierte Provisionierung einer Data Lab Umgebung für Data Scientists
 
Augmented Analytics mit Amazon Alexa
Augmented Analytics mit Amazon AlexaAugmented Analytics mit Amazon Alexa
Augmented Analytics mit Amazon Alexa
 

Recently uploaded

Revolutionizing Visual Effects Mastering AI Face Swaps.pdf
Revolutionizing Visual Effects Mastering AI Face Swaps.pdfRevolutionizing Visual Effects Mastering AI Face Swaps.pdf
Revolutionizing Visual Effects Mastering AI Face Swaps.pdf
Undress Baby
 
Using Query Store in Azure PostgreSQL to Understand Query Performance
Using Query Store in Azure PostgreSQL to Understand Query PerformanceUsing Query Store in Azure PostgreSQL to Understand Query Performance
Using Query Store in Azure PostgreSQL to Understand Query Performance
Grant Fritchey
 
SMS API Integration in Saudi Arabia| Best SMS API Service
SMS API Integration in Saudi Arabia| Best SMS API ServiceSMS API Integration in Saudi Arabia| Best SMS API Service
SMS API Integration in Saudi Arabia| Best SMS API Service
Yara Milbes
 
OpenMetadata Community Meeting - 5th June 2024
OpenMetadata Community Meeting - 5th June 2024OpenMetadata Community Meeting - 5th June 2024
OpenMetadata Community Meeting - 5th June 2024
OpenMetadata
 
How to write a program in any programming language
How to write a program in any programming languageHow to write a program in any programming language
How to write a program in any programming language
Rakesh Kumar R
 
GreenCode-A-VSCode-Plugin--Dario-Jurisic
GreenCode-A-VSCode-Plugin--Dario-JurisicGreenCode-A-VSCode-Plugin--Dario-Jurisic
GreenCode-A-VSCode-Plugin--Dario-Jurisic
Green Software Development
 
Artificia Intellicence and XPath Extension Functions
Artificia Intellicence and XPath Extension FunctionsArtificia Intellicence and XPath Extension Functions
Artificia Intellicence and XPath Extension Functions
Octavian Nadolu
 
2024 eCommerceDays Toulouse - Sylius 2.0.pdf
2024 eCommerceDays Toulouse - Sylius 2.0.pdf2024 eCommerceDays Toulouse - Sylius 2.0.pdf
2024 eCommerceDays Toulouse - Sylius 2.0.pdf
Łukasz Chruściel
 
KuberTENes Birthday Bash Guadalajara - Introducción a Argo CD
KuberTENes Birthday Bash Guadalajara - Introducción a Argo CDKuberTENes Birthday Bash Guadalajara - Introducción a Argo CD
KuberTENes Birthday Bash Guadalajara - Introducción a Argo CD
rodomar2
 
Need for Speed: Removing speed bumps from your Symfony projects ⚡️
Need for Speed: Removing speed bumps from your Symfony projects ⚡️Need for Speed: Removing speed bumps from your Symfony projects ⚡️
Need for Speed: Removing speed bumps from your Symfony projects ⚡️
Łukasz Chruściel
 
What is Augmented Reality Image Tracking
What is Augmented Reality Image TrackingWhat is Augmented Reality Image Tracking
What is Augmented Reality Image Tracking
pavan998932
 
ALGIT - Assembly Line for Green IT - Numbers, Data, Facts
ALGIT - Assembly Line for Green IT - Numbers, Data, FactsALGIT - Assembly Line for Green IT - Numbers, Data, Facts
ALGIT - Assembly Line for Green IT - Numbers, Data, Facts
Green Software Development
 
Unveiling the Advantages of Agile Software Development.pdf
Unveiling the Advantages of Agile Software Development.pdfUnveiling the Advantages of Agile Software Development.pdf
Unveiling the Advantages of Agile Software Development.pdf
brainerhub1
 
Neo4j - Product Vision and Knowledge Graphs - GraphSummit Paris
Neo4j - Product Vision and Knowledge Graphs - GraphSummit ParisNeo4j - Product Vision and Knowledge Graphs - GraphSummit Paris
Neo4j - Product Vision and Knowledge Graphs - GraphSummit Paris
Neo4j
 
openEuler Case Study - The Journey to Supply Chain Security
openEuler Case Study - The Journey to Supply Chain SecurityopenEuler Case Study - The Journey to Supply Chain Security
openEuler Case Study - The Journey to Supply Chain Security
Shane Coughlan
 
Oracle Database 19c New Features for DBAs and Developers.pptx
Oracle Database 19c New Features for DBAs and Developers.pptxOracle Database 19c New Features for DBAs and Developers.pptx
Oracle Database 19c New Features for DBAs and Developers.pptx
Remote DBA Services
 
Why Choose Odoo 17 Community & How it differs from Odoo 17 Enterprise Edition
Why Choose Odoo 17 Community & How it differs from Odoo 17 Enterprise EditionWhy Choose Odoo 17 Community & How it differs from Odoo 17 Enterprise Edition
Why Choose Odoo 17 Community & How it differs from Odoo 17 Enterprise Edition
Envertis Software Solutions
 
What is Master Data Management by PiLog Group
What is Master Data Management by PiLog GroupWhat is Master Data Management by PiLog Group
What is Master Data Management by PiLog Group
aymanquadri279
 
Hand Rolled Applicative User Validation Code Kata
Hand Rolled Applicative User Validation Code KataHand Rolled Applicative User Validation Code Kata
Hand Rolled Applicative User Validation Code Kata
Philip Schwarz
 
Vitthal Shirke Java Microservices Resume.pdf
Vitthal Shirke Java Microservices Resume.pdfVitthal Shirke Java Microservices Resume.pdf
Vitthal Shirke Java Microservices Resume.pdf
Vitthal Shirke
 

Recently uploaded (20)

Revolutionizing Visual Effects Mastering AI Face Swaps.pdf
Revolutionizing Visual Effects Mastering AI Face Swaps.pdfRevolutionizing Visual Effects Mastering AI Face Swaps.pdf
Revolutionizing Visual Effects Mastering AI Face Swaps.pdf
 
Using Query Store in Azure PostgreSQL to Understand Query Performance
Using Query Store in Azure PostgreSQL to Understand Query PerformanceUsing Query Store in Azure PostgreSQL to Understand Query Performance
Using Query Store in Azure PostgreSQL to Understand Query Performance
 
SMS API Integration in Saudi Arabia| Best SMS API Service
SMS API Integration in Saudi Arabia| Best SMS API ServiceSMS API Integration in Saudi Arabia| Best SMS API Service
SMS API Integration in Saudi Arabia| Best SMS API Service
 
OpenMetadata Community Meeting - 5th June 2024
OpenMetadata Community Meeting - 5th June 2024OpenMetadata Community Meeting - 5th June 2024
OpenMetadata Community Meeting - 5th June 2024
 
How to write a program in any programming language
How to write a program in any programming languageHow to write a program in any programming language
How to write a program in any programming language
 
GreenCode-A-VSCode-Plugin--Dario-Jurisic
GreenCode-A-VSCode-Plugin--Dario-JurisicGreenCode-A-VSCode-Plugin--Dario-Jurisic
GreenCode-A-VSCode-Plugin--Dario-Jurisic
 
Artificia Intellicence and XPath Extension Functions
Artificia Intellicence and XPath Extension FunctionsArtificia Intellicence and XPath Extension Functions
Artificia Intellicence and XPath Extension Functions
 
2024 eCommerceDays Toulouse - Sylius 2.0.pdf
2024 eCommerceDays Toulouse - Sylius 2.0.pdf2024 eCommerceDays Toulouse - Sylius 2.0.pdf
2024 eCommerceDays Toulouse - Sylius 2.0.pdf
 
KuberTENes Birthday Bash Guadalajara - Introducción a Argo CD
KuberTENes Birthday Bash Guadalajara - Introducción a Argo CDKuberTENes Birthday Bash Guadalajara - Introducción a Argo CD
KuberTENes Birthday Bash Guadalajara - Introducción a Argo CD
 
Need for Speed: Removing speed bumps from your Symfony projects ⚡️
Need for Speed: Removing speed bumps from your Symfony projects ⚡️Need for Speed: Removing speed bumps from your Symfony projects ⚡️
Need for Speed: Removing speed bumps from your Symfony projects ⚡️
 
What is Augmented Reality Image Tracking
What is Augmented Reality Image TrackingWhat is Augmented Reality Image Tracking
What is Augmented Reality Image Tracking
 
ALGIT - Assembly Line for Green IT - Numbers, Data, Facts
ALGIT - Assembly Line for Green IT - Numbers, Data, FactsALGIT - Assembly Line for Green IT - Numbers, Data, Facts
ALGIT - Assembly Line for Green IT - Numbers, Data, Facts
 
Unveiling the Advantages of Agile Software Development.pdf
Unveiling the Advantages of Agile Software Development.pdfUnveiling the Advantages of Agile Software Development.pdf
Unveiling the Advantages of Agile Software Development.pdf
 
Neo4j - Product Vision and Knowledge Graphs - GraphSummit Paris
Neo4j - Product Vision and Knowledge Graphs - GraphSummit ParisNeo4j - Product Vision and Knowledge Graphs - GraphSummit Paris
Neo4j - Product Vision and Knowledge Graphs - GraphSummit Paris
 
openEuler Case Study - The Journey to Supply Chain Security
openEuler Case Study - The Journey to Supply Chain SecurityopenEuler Case Study - The Journey to Supply Chain Security
openEuler Case Study - The Journey to Supply Chain Security
 
Oracle Database 19c New Features for DBAs and Developers.pptx
Oracle Database 19c New Features for DBAs and Developers.pptxOracle Database 19c New Features for DBAs and Developers.pptx
Oracle Database 19c New Features for DBAs and Developers.pptx
 
Why Choose Odoo 17 Community & How it differs from Odoo 17 Enterprise Edition
Why Choose Odoo 17 Community & How it differs from Odoo 17 Enterprise EditionWhy Choose Odoo 17 Community & How it differs from Odoo 17 Enterprise Edition
Why Choose Odoo 17 Community & How it differs from Odoo 17 Enterprise Edition
 
What is Master Data Management by PiLog Group
What is Master Data Management by PiLog GroupWhat is Master Data Management by PiLog Group
What is Master Data Management by PiLog Group
 
Hand Rolled Applicative User Validation Code Kata
Hand Rolled Applicative User Validation Code KataHand Rolled Applicative User Validation Code Kata
Hand Rolled Applicative User Validation Code Kata
 
Vitthal Shirke Java Microservices Resume.pdf
Vitthal Shirke Java Microservices Resume.pdfVitthal Shirke Java Microservices Resume.pdf
Vitthal Shirke Java Microservices Resume.pdf
 

Service Mesh Advanced Use Cases

  • 1. © OPITZ CONSULTING 2022 / Öffentlich Service mesh advanced Use Cases 1 Nuremberg, 2022-09-22 Sven Bernhardt , Fabian Hardt SERVICE MESH ADVANCED USE CASES
  • 2. © OPITZ CONSULTING 2022 / Öffentlich Service mesh advanced Use Cases 2 SERVICE MESH BASICS 01
  • 3. © OPITZ CONSULTING 2022 / Öffentlich MODERN SOFTWARE ARCHITECTURES ARE LOOSLEY COUPLED AND DISTRIBUTED Service mesh advanced Use Cases 3 ¢ Single Deployment unit ¢ Single execution process ¢ Shared database ¢ Local, app-internal communication only ¢ Multiple Deployment units ¢ Exclusive execution process per service ¢ Database per Service (usually) ¢ Remote, inter-service communication UI Business Logic Persistence Traditional software architecture Modern software architecture
  • 4. © OPITZ CONSULTING 2022 / Öffentlich CONNECTIVITY IS THE BACKBONE OF DIGITAL ORGANIZATIONS Service mesh advanced Use Cases 4 Centralized STATIC ON-PREM MONOLITH VIRTUAL MACHINES MANUAL CHANGE PROCESS Decentralized DYNAMIC CLOUD / MULTI-CLOUD MICROSERVICES / SERVERLESS CONTAINERS, KUBERNETES AUTOMATED CI/CD TOOL CHAIN # Services & APIs CONTROL AND VISIBILITY
  • 5. © OPITZ CONSULTING 2022 / Öffentlich WHAT’S END-TO-END SERVICE CONNECTIVITY? Service mesh advanced Use Cases 5 ¢ Between applications ¢ Within applications ¢ At the edge EDGE Monolithic back end service Microservices based app Microservices exposed at edge for external consumption
  • 6. © OPITZ CONSULTING 2022 / Öffentlich RELIABLE CONNECTIVITY IS A MULTIDIMENSIONAL PROBLEM Service mesh advanced Use Cases 7 App App App App Edge Cross-App In-App Monolith Services Microservices Serverless …
  • 7. © OPITZ CONSULTING 2022 / Öffentlich INCREASED COMPLEXITY AND CHALLENGES WITH RESPECT TO DEVELOPMENT CONSISTENCY Service mesh advanced Use Cases 8 Security Security Logging Logging Security Tracing Metrics Routing Metrics Tracing Application AuthN/Z Rate-Limiting Routing Caching Organization Application AuthN/Z Versioning Versioning Rate-Limiting
  • 8. © OPITZ CONSULTING 2022 / Öffentlich WHAT’S A SERVICE MESH? Service mesh advanced Use Cases 9 ¢ Efficient implementation of cross-cutting concerns with respect to service integration challenges ¢ Everything is a service! ¢ Cloud-native apps deployed to Kubernetes ¢ Non Cloud-native workloads ¢ Should be independent of ¢ Architecture (e.g. Monolithic or µService) ¢ Platform (e.g. VMs, Containers, Kubernetes) Dedicated infrastructure layer that makes service-to-service communication more reliable, secure and observable
  • 9. © OPITZ CONSULTING 2022 / Öffentlich WHAT CAN SERVICE MESH HELP YOU WITH? Service mesh advanced Use Cases 10 API Gateway
  • 10. © OPITZ CONSULTING 2022 / Öffentlich CONSISTENCE FROM THE EDGE TO THE TARGET SERVICE Service mesh advanced Use Cases 11 ¢ External Clients access an organization’s services through the API Gateway (Single Point of entry) ¢ API Gateway is integrated in the Mesh ¢ Is just another service ¢ Gateway proxy just handles outbound traffic ¢ Internal traffic routing is handeled by the Mesh
  • 11. © OPITZ CONSULTING 2022 / Öffentlich Service mesh advanced Use Cases 12 KUMA MESH 02
  • 12. © OPITZ CONSULTING 2022 / Öffentlich KUMA MESH Service mesh advanced Use Cases 13 ¢ Initally invented by Kong and donated to CNCF in 2020 ¢ Provides a modern distributed Control Plane ¢ Completely Envoy-based Data Plane proxies ¢ Platform agnostic open-source control plane for Service Mesh ¢ Hence Kuma is ¢ Universal ¢ Simple ¢ Scalable ¢ Flexible deployment options ¢ Standalone deployment ¢ Multi-Zone deployment Source: https://tinyurl.com/xb57bhx5
  • 13. © OPITZ CONSULTING 2022 / Öffentlich KUMA STANDALONE ARCHITECTURE Service mesh advanced Use Cases 14
  • 14. © OPITZ CONSULTING 2022 / Öffentlich KUMA MULTI-CLUSTER ARCHITECTURE Service mesh advanced Use Cases 15 ¢ One zone can be deployed over multiple clusters ¢ All traffic enters cluster over zone ingress ¢ One Remote (Zone) Control Plane in each cluster
  • 15. © OPITZ CONSULTING 2022 / Öffentlich KUMA NETWORKING / CNI Service mesh advanced Use Cases 16 ¢ Installed as DaemonSet on all Nodes ¢ Injects label on Pods - k8s.v1.cni.cncf.io/networks: kuma-cni ¢ CNI enables Transparent Proxying – redirects all traffic through Data Plane
  • 16. © OPITZ CONSULTING 2022 / Öffentlich KUMA NETWORKING / INIT-CONTAINER Service mesh advanced Use Cases 17 ¢ Injected to Pod and started individually before Data Plane ¢ Configures iptables / network routing
  • 17. © OPITZ CONSULTING 2022 / Öffentlich SERVICE MESH DNS Service mesh advanced Use Cases 18 ¢ Local DNS resolution directly in Data Plane (Envoy) ¢ Names are not resolvable in complete cluster, just inside service mesh (Envoy) ¢ Resolves “.mesh“ address to pre-defined service mesh IP address ¢ IP in other zone / cluster is routed over Kuma Zone Ingress
  • 18. © OPITZ CONSULTING 2022 / Öffentlich ZONE EGRESS Service mesh advanced Use Cases 19 ¢ Special Data Plane instance – like Zone Ingress ¢ All outgoing traffic is routed through this instance ¢ Usage of External Services just possible with deployed Zone Egress in the future
  • 19. © OPITZ CONSULTING 2022 / Öffentlich Service mesh advanced Use Cases 20 DEMO 03
  • 20. © OPITZ CONSULTING 2022 / Öffentlich DEMO: MULTI-CLOUD / MULTI-CLUSTER MESH Service mesh advanced Use Cases 21
  • 21. © OPITZ CONSULTING 2022 / Öffentlich ORACLE CONTAINER ENGINE FOR KUBERNETES (OKE) Service mesh advanced Use Cases 22 Based on IaaS Oracle Compute Cloud Service Worker Nodes: VM Master Node: •Managed and maintained by Oracle •Not visible for the end user •Master nodes are free of charge Auto-scaling capabilities using Worker-Node Pools Can be provisioned using OCI Cloud Console OCI Cloud Shell OCI CLI Terraform (OCI Resource Manager)
  • 22. © OPITZ CONSULTING 2022 / Öffentlich Service mesh advanced Use Cases 23 CONCLUSION 06
  • 23. © OPITZ CONSULTING 2022 / Öffentlich SERVICE MESH BENEFITS Service mesh advanced Use Cases 24 ¢ Increased Developers productivity ¢ Self-service network management ¢ Reliable connectivity ¢ Zero-trust security ¢ Service Discovery ¢ Observability
  • 24. © OPITZ CONSULTING 2022 / Öffentlich KEY TAKEAWAYS Service mesh advanced Use Cases 25 ¢ Service Mesh is essential for modern software architectures to tackle basic service integration challenges independent of: ¢ Level ¢ Architecture ¢ Platform ¢ Kuma as a mesh implementation provides ¢ Agnostic approach (indepent of architecture or platform) ¢ Modern, flexible architecture supporting hybrid, multi-cloud scenarios ¢ Standalone ¢ Multi-zone ¢ Multi-mesh ¢ Seamless CI / CD integration (GitOps)
  • 25. © OPITZ CONSULTING 2022 / Öffentlich Service mesh advanced Use Cases 26 Q & A https://opitzcloud.canto.global/b/H0EMG
  • 26. © OPITZ CONSULTING 2022 / Öffentlich Analytics meets Integration – Modern Development mit Data APIs 27 www.opitz-consulting.com KONTAKT Sven Bernhardt Senior Manager Corporate Development Sven.Bernhardt@opitz-consulting.com +49 172 2193529 https://www.xing.com/profile/Sven_Bernhardt/ https://www.linkedin.com/in/sven-bernhardt-0570b823/ Fabian Hardt Solution Architect Fabian.Hardt@opitz-consulting.com https://twitter.com/fabian_hardt https://www.xing.com/profile/Fabian_Hardt https://www.linkedin.com/in/fabian-hardt-0956b1b1