SlideShare a Scribd company logo

Do You Need A Service Mesh?

Download as PPTX, PDF
N
NGINX, Inc.

Speaker: Owen Garrett Sr. Director, Product Management NGINX, Inc. On-Deman Link: https://www.nginx.com/resources/webinars/need-service-mesh/ About the webinar: Service mesh is one of the hottest emerging technologies. Even though it’s a nascent technology, many vendors have already released their implementation. But do you really need a service mesh? Attend this webinar to learn about the levels of maturity on the journey to modernizing your apps using microservices, and the traffic management approaches best suited to each level. We’ll help you figure out if you really need a service mesh.

Software
1 of 40
NGINX Microservices and Service Mesh
Agenda 1. Why Microservices? ◦ Best practices for extending existing applications 2. Why might we need a Service Mesh? ◦ Alternatives – how to tell when you’re ready 3. The Landscape ◦ Istio and others 4. Summary ◦ Next steps
Why Microservices? 1
Modern Apps Require a Modern Architecture From Monolithic ... ... to Dynamic Three-tier, J2EE-style architectures Complex protocols (HTML, SOAP) Persistent deployments Fixed, static Infrastructure Big-bang releases Silo’ed teams (Dev, Test, Ops) Microservices Lightweight (REST, JSON) Containers, VMs, Functions Infrastructure as Code Continuous delivery DevOps Culture
Architectural Changes: Monolith
Architectural Changes: Monolith to Microservices
Microservices "An approach to developing a single application as a suite of small services, each running in its own process and communicating with lightweight mechanisms, often an HTTP resource API”. Martin Fowler, 12-Factor App
In practice • Use the “Strangler Approach” to extend your Monolith to using Microservices: 1. Add small pieces of functionality in Microservices. 2. Repeat as needed • Organize team structure around service ownership. • Adopt DevOps mentality – automate when possible. Holiday Photos
Evolution in Action Existing Monolith Application Desktop or Web Client Your Existing Application
Evolution in Action You have New Use Cases New Applications are needed New Datasources and business processes are added How do we add the new use cases without large-scale rewrites?
Evolution in Action 11 Implement Hybrid/Strangler Pattern 1. Implement connector microservices to provide API abstractions for external dependencies
Evolution in Action 2. Implement business-logic microservices for each business process Implement Hybrid/Strangler Pattern
Evolution in Action 13 3. Implement presentation-layer microservices that are accessed externally Implement Hybrid/Strangler Pattern
Evolution in Action 14 4. Use NGINX Ingress Controller for external- internal connectivity Implement Hybrid/Strangler Pattern
Evolution in Action 15 5. Use NGINX Router Mesh for internal connectivity Implement Hybrid/Strangler Pattern
Evolution 16 Successful Hybrid/Strangler Implementation
Why do I need a Service Mesh? (and do I need one now?) 2
Modern Apps Require a Modern Architecture From Monolithic ... ... to Dynamic Three-tier, J2EE-style architectures Complex protocols (HTML, SOAP) Persistent deployments Fixed, static Infrastructure Big-bang releases Silo’ed teams (Dev, Test, Ops) Microservices Lightweight (REST, JSON) Containers, VMs, Functions Infrastructure as Code Continuous delivery DevOps Culture
Operating a distributed application is hard Static, Predictable Monolith: Dynamic, Distributed App: Fast, reliable function calls Local debugging Local profiling Calendared, big-bang upgrades ‘Integration hell’ contained in dev Slow, unreliable API calls Distributed fault finding Distributed tracing In-place dynamic updates ‘Continuous integration’ live in prod More things can go wrong, it’s harder to find the faults, everything happens live
Why do I need a Service Mesh? • In most cases, you do not need a service mesh (at least, not yet) • Your applications will go through a maturity journey: 1. Pre- or early-production applications, mature ‘mode 1’ applications 2. Single simple, business-critical production applications 3. Multiple complex, distributed applications This is where you may need a service mesh
Maturity Journey – Step 1 • Pre- and Early-Production Applications, Established Apps ◦ My applications are simple and well understood ◦ I don’t make disruptive changes in production • Kubernetes provides the capabilities you need: ◦ Service Discovery and Scaling ◦ Load Balancing and Health Checks ◦ Access Control ◦ Ingress Load Balancing For example, legacy ‘monolithic’ or 3- tier apps that have been containerized Many production applications start and finish here
Maturity Journey – Step 1 Simple Ingress Router, Kubernetes Networking Many production applications start and finish here Rely on Kubernetes for: • DNS-based Service Discovery • Scaling and reconfiguration • KubeProxy-based load balancing • Health Checks • Network Policies for Access Control Use a third-party Ingress Router
What is an Ingress Controller? Kubernetes Master API Server Scheduler Controller- Manager etcd Kubernetes Node Kubelet Kubeproxy Kubernetes Node Kubelet Kubeproxy Kubernetes Node Kubelet Kubeproxy InternalNetwork Why do you need an Ingress Controller?
Ingress Resource • Ingress: • Built-in Kubernetes resource • Configuration for an edge load balancer (or ADC) • Ingress features: • L7 routing based on the host header and URI • TLS termination apiVersion: extensions/v1beta1 kind: Ingress metadata: name: hello-ingress spec: tls: - hosts: - hello.example.com secretName: hello-secret rules: - host: hello.example.com http: paths: - path: / backend: serviceName: hello-svc servicePort: 80
Maturity Journey – Step 2 • More complex, business-critical applications ◦ Applications have multiple, distributed components ◦ Changes in production are frequent ◦ Users need more control and visibility over the app • Individual services can be enhanced with: ◦ Mutual TLS for encryption and authentication ◦ Metrics and Tracing (Prometheus, OpenTracing etc) ◦ Proxies for load balancing, rate limiting, access control, traffic management Most production apps running in containers over the last ~3 years have taken this approach
Maturity Journey – Step 2 Ingress Router, Per-Service Load Balancer, Router-mesh Load Balancer Enhance applications with: • Prometheus metrics • OpenTracing tracers • mTLS or SPIFFE ssl Use per-service proxies for specific services Use central router-mesh proxy load balancer Most production apps running in containers over the last ~3 years have taken this approach P O T S
But… this approach gets expensive to manage The operational complexity and cost of developing bespoke libraries across languages, frameworks, and runtimes is prohibitive for most organizations, especially those with heterogenous applications and polyglot programming languages. IDC Market Perspective: Vendors Stake Out Positions in Emerging Istio Service Mesh Landscape
Maturity Journey – Step 3 • Multiple interdependent applications ◦ Diverse application stacks (challenging to extend consistently) ◦ Frequent, hard-to-control changes (need rapid troubleshooting) • Service Mesh provides enhancements, invisibly ◦ Intercepts all network traffic for each service ◦ Injects security (mutual TLS) ◦ Generates metrics and traces ◦ Can support L7 policies e.g. authentication, rate limiting, traffic management A service mesh provides standard functionality and services in an invisible, universal fashion
Maturity Journey – Step 3 Every container has an embedded proxy Embed proxy into every container Proxy intercepts all traffic and applies advanced functionality Proxy implements L7 policies Requires a comprehensive control plane A service mesh provides standard functionality and services in an invisible, universal fashion
A Service Mesh sounds great….? • Service Mesh implementations are new and not yet mature. Implementations are changing rapidly and some may be obsoleted quickly. • Service Mesh has a cost, adding complexity, resource requirements and latency (network hops). ROI is not clear Don’t let the lack of a stable, mature service mesh delay your container and microservice initiatives
Find the balanceCosttooperate Complexity, Interdependencies, Speed of Change Single simple app Many complex, interdependent apps Using native Kubernetes and other services Using service mesh As service meshes mature, their cost will go down
Service Mesh Landscape 3
Istio is seen as the market leader… but… “In Istio, we see Google’s expertise in marketing perhaps taken too far. “Istio … is convincing the market that the battle for service mesh superiority is a foregone conclusion–in spite of widespread reports that Istio is currently difficult to operate and not ready for production workloads.” Eric Brewer, VP Infrastructure, Google. April 26, 2019 https://softwareengineeringdaily.com/2019/04/26/cloud-with-eric-brewer/
Current Landscape • Pure-play Service Meshes ◦ Istio, Linkerd, Consul Connect • Cloud Platform Service Meshes ◦ Amazon App Mesh, GCP Traffic Director • Meta-Meshes ◦ SMI, Solo.io SuperGloo, …
Hype CycleVisibility Time Technology Trigger Peak of Inflated Expectations Trough of Disillusionment Slope of Enlightenment Plateau of Productivity
Summary 4
SummaryCosttooperate Complexity, Interdependencies, Speed of Change Single simple app Many complex, interdependent apps Using native Kubernetes and other services Using service mesh As service meshes mature, their cost will go down • There is a tipping point, before which, a service mesh is not advised • As service meshes become easier to deploy and more mature, the tipping point gets closer • Service Mesh technology is changing rapidly – it’s very early to place a bet
Recommendations • Investigating – too early to devote significant resources • PoC – commercial Istio builds, open source Consul and Linkerd • Production – are you ready to build an F1 pit crew?
F5 and NGINX Aspen Mesh provides an easy- to-use distribution of Istio with added enterprise features. • Enterprise Service Mesh • Observability and Insights • Expert Support NGINX provides an advanced Ingress Controller, Microservices Proxy and innovative App Server: • K8s Ingress Controller • NGINX Router • Future service mesh iniatives
Do You Need A Service Mesh?

Recommended

What’s New with NGINX Controller Load Balancing Module 2.0?
What’s New with NGINX Controller Load Balancing Module 2.0?What’s New with NGINX Controller Load Balancing Module 2.0?
What’s New with NGINX Controller Load Balancing Module 2.0?
NGINX, Inc.
 
Driving success in the cloud with NGINX
Driving success in the cloud with NGINXDriving success in the cloud with NGINX
Driving success in the cloud with NGINX
NGINX, Inc.
 
Comparison of Current Service Mesh Architectures
Comparison of Current Service Mesh ArchitecturesComparison of Current Service Mesh Architectures
Comparison of Current Service Mesh Architectures
Mirantis
 
Driving Success In The Cloud With NGINX
Driving Success In The Cloud With NGINXDriving Success In The Cloud With NGINX
Driving Success In The Cloud With NGINX
NGINX, Inc.
 
Deployment Patterns for API gateways
Deployment Patterns for API gateways Deployment Patterns for API gateways
Deployment Patterns for API gateways
NGINX, Inc.
 
Modernizing Applications by Replacing F5 with the NGINX Application Delivery ...
Modernizing Applications by Replacing F5 with the NGINX Application Delivery ...Modernizing Applications by Replacing F5 with the NGINX Application Delivery ...
Modernizing Applications by Replacing F5 with the NGINX Application Delivery ...
NGINX, Inc.
 
Achieve Full API Lifecycle Management Using NGINX Controller – EMEA
Achieve Full API Lifecycle Management Using NGINX Controller – EMEAAchieve Full API Lifecycle Management Using NGINX Controller – EMEA
Achieve Full API Lifecycle Management Using NGINX Controller – EMEA
NGINX, Inc.
 
Navigating the service mesh landscape with Istio, Consul Connect, and Linkerd
Navigating the service mesh landscape with Istio, Consul Connect, and LinkerdNavigating the service mesh landscape with Istio, Consul Connect, and Linkerd
Navigating the service mesh landscape with Istio, Consul Connect, and Linkerd
Christian Posta
 

Recommended

What’s New with NGINX Controller Load Balancing Module 2.0?
What’s New with NGINX Controller Load Balancing Module 2.0?What’s New with NGINX Controller Load Balancing Module 2.0?
What’s New with NGINX Controller Load Balancing Module 2.0?
NGINX, Inc.
 
Driving success in the cloud with NGINX
Driving success in the cloud with NGINXDriving success in the cloud with NGINX
Driving success in the cloud with NGINX
NGINX, Inc.
 
Comparison of Current Service Mesh Architectures
Comparison of Current Service Mesh ArchitecturesComparison of Current Service Mesh Architectures
Comparison of Current Service Mesh Architectures
Mirantis
 
Driving Success In The Cloud With NGINX
Driving Success In The Cloud With NGINXDriving Success In The Cloud With NGINX
Driving Success In The Cloud With NGINX
NGINX, Inc.
 
Deployment Patterns for API gateways
Deployment Patterns for API gateways Deployment Patterns for API gateways
Deployment Patterns for API gateways
NGINX, Inc.
 
Modernizing Applications by Replacing F5 with the NGINX Application Delivery ...
Modernizing Applications by Replacing F5 with the NGINX Application Delivery ...Modernizing Applications by Replacing F5 with the NGINX Application Delivery ...
Modernizing Applications by Replacing F5 with the NGINX Application Delivery ...
NGINX, Inc.
 
Achieve Full API Lifecycle Management Using NGINX Controller – EMEA
Achieve Full API Lifecycle Management Using NGINX Controller – EMEAAchieve Full API Lifecycle Management Using NGINX Controller – EMEA
Achieve Full API Lifecycle Management Using NGINX Controller – EMEA
NGINX, Inc.
 
Navigating the service mesh landscape with Istio, Consul Connect, and Linkerd
Navigating the service mesh landscape with Istio, Consul Connect, and LinkerdNavigating the service mesh landscape with Istio, Consul Connect, and Linkerd
Navigating the service mesh landscape with Istio, Consul Connect, and Linkerd
Christian Posta
 
The Complete Guide to Service Mesh
The Complete Guide to Service MeshThe Complete Guide to Service Mesh
The Complete Guide to Service Mesh
Aspen Mesh
 
Replacing and Augmenting F5 BIG-IP with NGINX Plus - EMEA
Replacing and Augmenting F5 BIG-IP with NGINX Plus - EMEAReplacing and Augmenting F5 BIG-IP with NGINX Plus - EMEA
Replacing and Augmenting F5 BIG-IP with NGINX Plus - EMEA
NGINX, Inc.
 
Connecting All Abstractions with Istio
Connecting All Abstractions with IstioConnecting All Abstractions with Istio
Connecting All Abstractions with Istio
VMware Tanzu
 
Relevez les défis Kubernetes avec NGINX
Relevez les défis Kubernetes avec NGINXRelevez les défis Kubernetes avec NGINX
Relevez les défis Kubernetes avec NGINX
NGINX, Inc.
 
Fundamentals of microservices
Fundamentals of microservicesFundamentals of microservices
Fundamentals of microservices
NGINX, Inc.
 
Secure, Strengthen, Automate, and Scale Modern Workloads with Red Hat & NGINX
Secure, Strengthen, Automate, and Scale Modern Workloads with Red Hat & NGINXSecure, Strengthen, Automate, and Scale Modern Workloads with Red Hat & NGINX
Secure, Strengthen, Automate, and Scale Modern Workloads with Red Hat & NGINX
NGINX, Inc.
 
microXchg 2018: "What is a Service Mesh? Do I Need One When Developing 'Cloud...
microXchg 2018: "What is a Service Mesh? Do I Need One When Developing 'Cloud...microXchg 2018: "What is a Service Mesh? Do I Need One When Developing 'Cloud...
microXchg 2018: "What is a Service Mesh? Do I Need One When Developing 'Cloud...
Daniel Bryant
 
Microservice architecture case study
Microservice architecture case studyMicroservice architecture case study
Microservice architecture case study
Rudra Tripathy
 
Cloud native microservices for systems and applications ieee rev2
Cloud native microservices for systems and applications ieee rev2Cloud native microservices for systems and applications ieee rev2
Cloud native microservices for systems and applications ieee rev2
Prem Sankar Gopannan
 
Full lifecycle of a microservice
Full lifecycle of a microserviceFull lifecycle of a microservice
Full lifecycle of a microservice
Luigi Bennardis
 
Deep Dive: Automating the Application and Security Pipeline with NGINX and An...
Deep Dive: Automating the Application and Security Pipeline with NGINX and An...Deep Dive: Automating the Application and Security Pipeline with NGINX and An...
Deep Dive: Automating the Application and Security Pipeline with NGINX and An...
NGINX, Inc.
 
Application delivery controllers
Application delivery controllersApplication delivery controllers
Application delivery controllers
cubixtech
 
Orchestration Patterns for Microservices with Messaging by RabbitMQ
Orchestration Patterns for Microservices with Messaging by RabbitMQOrchestration Patterns for Microservices with Messaging by RabbitMQ
Orchestration Patterns for Microservices with Messaging by RabbitMQ
VMware Tanzu
 
Control Kubernetes Ingress and Egress Together with NGINX
Control Kubernetes Ingress and Egress Together with NGINXControl Kubernetes Ingress and Egress Together with NGINX
Control Kubernetes Ingress and Egress Together with NGINX
NGINX, Inc.
 
Architecting for now & the future with NGINX London April 19
Architecting for now & the future with NGINX London April 19Architecting for now & the future with NGINX London April 19
Architecting for now & the future with NGINX London April 19
NGINX, Inc.
 
Data Plane Matters! A Deep Dive and Demo on NGINX Service Mesh
Data Plane Matters! A Deep Dive and Demo on NGINX Service MeshData Plane Matters! A Deep Dive and Demo on NGINX Service Mesh
Data Plane Matters! A Deep Dive and Demo on NGINX Service Mesh
NGINX, Inc.
 
Automate Your Container Deployments Securely
Automate Your Container Deployments SecurelyAutomate Your Container Deployments Securely
Automate Your Container Deployments Securely
DevOps.com
 
Integration Microservices
Integration MicroservicesIntegration Microservices
Integration Microservices
Kasun Indrasiri
 
Istio Mesh – Managing Container Deployments at Scale
Istio Mesh – Managing Container Deployments at ScaleIstio Mesh – Managing Container Deployments at Scale
Istio Mesh – Managing Container Deployments at Scale
Mofizur Rahman
 
Monitoring NGINX Deployments with Sumo Logic
Monitoring NGINX Deployments with Sumo LogicMonitoring NGINX Deployments with Sumo Logic
Monitoring NGINX Deployments with Sumo Logic
NGINX, Inc.
 
Do I Need A Service Mesh.pptx
Do I Need A Service Mesh.pptxDo I Need A Service Mesh.pptx
Do I Need A Service Mesh.pptx
PINGXIONG3
 
Istio as an enabler for migrating to microservices (edition 2022)
Istio as an enabler for migrating to microservices (edition 2022)Istio as an enabler for migrating to microservices (edition 2022)
Istio as an enabler for migrating to microservices (edition 2022)
Ahmed Misbah
 

More Related Content

What's hot

Replacing and Augmenting F5 BIG-IP with NGINX Plus - EMEA
Replacing and Augmenting F5 BIG-IP with NGINX Plus - EMEAReplacing and Augmenting F5 BIG-IP with NGINX Plus - EMEA
Replacing and Augmenting F5 BIG-IP with NGINX Plus - EMEA
NGINX, Inc.
 
Relevez les défis Kubernetes avec NGINX
Relevez les défis Kubernetes avec NGINXRelevez les défis Kubernetes avec NGINX
Relevez les défis Kubernetes avec NGINX
NGINX, Inc.
 
microXchg 2018: "What is a Service Mesh? Do I Need One When Developing 'Cloud...
microXchg 2018: "What is a Service Mesh? Do I Need One When Developing 'Cloud...microXchg 2018: "What is a Service Mesh? Do I Need One When Developing 'Cloud...
microXchg 2018: "What is a Service Mesh? Do I Need One When Developing 'Cloud...
Daniel Bryant
 
Deep Dive: Automating the Application and Security Pipeline with NGINX and An...
Deep Dive: Automating the Application and Security Pipeline with NGINX and An...Deep Dive: Automating the Application and Security Pipeline with NGINX and An...
Deep Dive: Automating the Application and Security Pipeline with NGINX and An...
NGINX, Inc.
 
Application delivery controllers
Application delivery controllersApplication delivery controllers
Application delivery controllers
cubixtech
 
Orchestration Patterns for Microservices with Messaging by RabbitMQ
Orchestration Patterns for Microservices with Messaging by RabbitMQOrchestration Patterns for Microservices with Messaging by RabbitMQ
Orchestration Patterns for Microservices with Messaging by RabbitMQ
VMware Tanzu
 
Control Kubernetes Ingress and Egress Together with NGINX
Control Kubernetes Ingress and Egress Together with NGINXControl Kubernetes Ingress and Egress Together with NGINX
Control Kubernetes Ingress and Egress Together with NGINX
NGINX, Inc.
 
Automate Your Container Deployments Securely
Automate Your Container Deployments SecurelyAutomate Your Container Deployments Securely
Automate Your Container Deployments Securely
DevOps.com
 

What's hot (20)

The Complete Guide to Service Mesh
The Complete Guide to Service MeshThe Complete Guide to Service Mesh
The Complete Guide to Service Mesh
 
Replacing and Augmenting F5 BIG-IP with NGINX Plus - EMEA
Replacing and Augmenting F5 BIG-IP with NGINX Plus - EMEAReplacing and Augmenting F5 BIG-IP with NGINX Plus - EMEA
Replacing and Augmenting F5 BIG-IP with NGINX Plus - EMEA
 
Connecting All Abstractions with Istio
Connecting All Abstractions with IstioConnecting All Abstractions with Istio
Connecting All Abstractions with Istio
 
Relevez les défis Kubernetes avec NGINX
Relevez les défis Kubernetes avec NGINXRelevez les défis Kubernetes avec NGINX
Relevez les défis Kubernetes avec NGINX
 
Fundamentals of microservices
Fundamentals of microservicesFundamentals of microservices
Fundamentals of microservices
 
Secure, Strengthen, Automate, and Scale Modern Workloads with Red Hat & NGINX
Secure, Strengthen, Automate, and Scale Modern Workloads with Red Hat & NGINXSecure, Strengthen, Automate, and Scale Modern Workloads with Red Hat & NGINX
Secure, Strengthen, Automate, and Scale Modern Workloads with Red Hat & NGINX
 
microXchg 2018: "What is a Service Mesh? Do I Need One When Developing 'Cloud...
microXchg 2018: "What is a Service Mesh? Do I Need One When Developing 'Cloud...microXchg 2018: "What is a Service Mesh? Do I Need One When Developing 'Cloud...
microXchg 2018: "What is a Service Mesh? Do I Need One When Developing 'Cloud...
 
Microservice architecture case study
Microservice architecture case studyMicroservice architecture case study
Microservice architecture case study
 
Cloud native microservices for systems and applications ieee rev2
Cloud native microservices for systems and applications ieee rev2Cloud native microservices for systems and applications ieee rev2
Cloud native microservices for systems and applications ieee rev2
 
Full lifecycle of a microservice
Full lifecycle of a microserviceFull lifecycle of a microservice
Full lifecycle of a microservice
 
Deep Dive: Automating the Application and Security Pipeline with NGINX and An...
Deep Dive: Automating the Application and Security Pipeline with NGINX and An...Deep Dive: Automating the Application and Security Pipeline with NGINX and An...
Deep Dive: Automating the Application and Security Pipeline with NGINX and An...
 
Application delivery controllers
Application delivery controllersApplication delivery controllers
Application delivery controllers
 
Orchestration Patterns for Microservices with Messaging by RabbitMQ
Orchestration Patterns for Microservices with Messaging by RabbitMQOrchestration Patterns for Microservices with Messaging by RabbitMQ
Orchestration Patterns for Microservices with Messaging by RabbitMQ
 
Control Kubernetes Ingress and Egress Together with NGINX
Control Kubernetes Ingress and Egress Together with NGINXControl Kubernetes Ingress and Egress Together with NGINX
Control Kubernetes Ingress and Egress Together with NGINX
 
Architecting for now & the future with NGINX London April 19
Architecting for now & the future with NGINX London April 19Architecting for now & the future with NGINX London April 19
Architecting for now & the future with NGINX London April 19
 
Data Plane Matters! A Deep Dive and Demo on NGINX Service Mesh
Data Plane Matters! A Deep Dive and Demo on NGINX Service MeshData Plane Matters! A Deep Dive and Demo on NGINX Service Mesh
Data Plane Matters! A Deep Dive and Demo on NGINX Service Mesh
 
Automate Your Container Deployments Securely
Automate Your Container Deployments SecurelyAutomate Your Container Deployments Securely
Automate Your Container Deployments Securely
 
Integration Microservices
Integration MicroservicesIntegration Microservices
Integration Microservices
 
Istio Mesh – Managing Container Deployments at Scale
Istio Mesh – Managing Container Deployments at ScaleIstio Mesh – Managing Container Deployments at Scale
Istio Mesh – Managing Container Deployments at Scale
 
Monitoring NGINX Deployments with Sumo Logic
Monitoring NGINX Deployments with Sumo LogicMonitoring NGINX Deployments with Sumo Logic
Monitoring NGINX Deployments with Sumo Logic
 

Similar to Do You Need A Service Mesh?

Istio as an enabler for migrating to microservices (edition 2022)
Istio as an enabler for migrating to microservices (edition 2022)Istio as an enabler for migrating to microservices (edition 2022)
Istio as an enabler for migrating to microservices (edition 2022)
Ahmed Misbah
 
Migrating to Microservices Patterns and Technologies (edition 2023)
Migrating to Microservices Patterns and Technologies (edition 2023) Migrating to Microservices Patterns and Technologies (edition 2023)
Migrating to Microservices Patterns and Technologies (edition 2023)
Ahmed Misbah
 
Application Centric Microservices from Redhat Summit 2015
Application Centric Microservices from Redhat Summit 2015Application Centric Microservices from Redhat Summit 2015
Application Centric Microservices from Redhat Summit 2015
Ken Owens
 
Istio as an Enabler for Migrating Monolithic Applications to Microservices v1.3
Istio as an Enabler for Migrating Monolithic Applications to Microservices v1.3Istio as an Enabler for Migrating Monolithic Applications to Microservices v1.3
Istio as an Enabler for Migrating Monolithic Applications to Microservices v1.3
Ahmed Misbah
 
NGINX, Istio, and the Move to Microservices and Service Mesh
NGINX, Istio, and the Move to Microservices and Service MeshNGINX, Istio, and the Move to Microservices and Service Mesh
NGINX, Istio, and the Move to Microservices and Service Mesh
NGINX, Inc.
 

Similar to Do You Need A Service Mesh? (20)

Do I Need A Service Mesh.pptx
Do I Need A Service Mesh.pptxDo I Need A Service Mesh.pptx
Do I Need A Service Mesh.pptx
 
Istio as an enabler for migrating to microservices (edition 2022)
Istio as an enabler for migrating to microservices (edition 2022)Istio as an enabler for migrating to microservices (edition 2022)
Istio as an enabler for migrating to microservices (edition 2022)
 
Migrating to Microservices Patterns and Technologies (edition 2023)
Migrating to Microservices Patterns and Technologies (edition 2023) Migrating to Microservices Patterns and Technologies (edition 2023)
Migrating to Microservices Patterns and Technologies (edition 2023)
 
Application Centric Microservices from Redhat Summit 2015
Application Centric Microservices from Redhat Summit 2015Application Centric Microservices from Redhat Summit 2015
Application Centric Microservices from Redhat Summit 2015
 
Microservices architecture
Microservices architectureMicroservices architecture
Microservices architecture
 
[APIdays Paris 2019] API Management in Service Mesh Using Istio and WSO2 API ...
[APIdays Paris 2019] API Management in Service Mesh Using Istio and WSO2 API ...[APIdays Paris 2019] API Management in Service Mesh Using Istio and WSO2 API ...
[APIdays Paris 2019] API Management in Service Mesh Using Istio and WSO2 API ...
 
Istio as an Enabler for Migrating Monolithic Applications to Microservices v1.3
Istio as an Enabler for Migrating Monolithic Applications to Microservices v1.3Istio as an Enabler for Migrating Monolithic Applications to Microservices v1.3
Istio as an Enabler for Migrating Monolithic Applications to Microservices v1.3
 
Microservice Pattern Launguage
Microservice Pattern LaunguageMicroservice Pattern Launguage
Microservice Pattern Launguage
 
170215 msa intro
170215 msa intro170215 msa intro
170215 msa intro
 
Microservices-101
Microservices-101Microservices-101
Microservices-101
 
Disruptive Trends in Application Development
Disruptive Trends in Application DevelopmentDisruptive Trends in Application Development
Disruptive Trends in Application Development
 
APIdays Paris 2019 - Cloud native API Management for Microservices on a Servi...
APIdays Paris 2019 - Cloud native API Management for Microservices on a Servi...APIdays Paris 2019 - Cloud native API Management for Microservices on a Servi...
APIdays Paris 2019 - Cloud native API Management for Microservices on a Servi...
 
Service Mesh Talk for CTO Forum
Service Mesh Talk for CTO ForumService Mesh Talk for CTO Forum
Service Mesh Talk for CTO Forum
 
The elegant way of implementing microservices with istio
The elegant way of implementing microservices with istioThe elegant way of implementing microservices with istio
The elegant way of implementing microservices with istio
 
12월 16일 Meetup [Deep Dive] Microservice 트래픽 관리를 위한 Istio 알아보기 | 강인호 컨설턴트, 오라클
12월 16일 Meetup [Deep Dive] Microservice 트래픽 관리를 위한 Istio 알아보기 | 강인호 컨설턴트, 오라클12월 16일 Meetup [Deep Dive] Microservice 트래픽 관리를 위한 Istio 알아보기 | 강인호 컨설턴트, 오라클
12월 16일 Meetup [Deep Dive] Microservice 트래픽 관리를 위한 Istio 알아보기 | 강인호 컨설턴트, 오라클
 
NGINX, Istio, and the Move to Microservices and Service Mesh
NGINX, Istio, and the Move to Microservices and Service MeshNGINX, Istio, and the Move to Microservices and Service Mesh
NGINX, Istio, and the Move to Microservices and Service Mesh
 
Microservice Architecture
Microservice ArchitectureMicroservice Architecture
Microservice Architecture
 
Architecting for Scale
Architecting for ScaleArchitecting for Scale
Architecting for Scale
 
Technology insights: Decision Science Platform
Technology insights: Decision Science PlatformTechnology insights: Decision Science Platform
Technology insights: Decision Science Platform
 
Automating Applications with Habitat - Sydney Cloud Native Meetup
Automating Applications with Habitat - Sydney Cloud Native MeetupAutomating Applications with Habitat - Sydney Cloud Native Meetup
Automating Applications with Habitat - Sydney Cloud Native Meetup
 

More from NGINX, Inc.

Managing Kubernetes Cost and Performance with NGINX & Kubecost
Managing Kubernetes Cost and Performance with NGINX & KubecostManaging Kubernetes Cost and Performance with NGINX & Kubecost
Managing Kubernetes Cost and Performance with NGINX & Kubecost
NGINX, Inc.
 
Protecting Apps from Hacks in Kubernetes with NGINX
Protecting Apps from Hacks in Kubernetes with NGINXProtecting Apps from Hacks in Kubernetes with NGINX
Protecting Apps from Hacks in Kubernetes with NGINX
NGINX, Inc.
 
Successfully Implement Your API Strategy with NGINX
Successfully Implement Your API Strategy with NGINXSuccessfully Implement Your API Strategy with NGINX
Successfully Implement Your API Strategy with NGINX
NGINX, Inc.
 
How to Avoid the Top 5 NGINX Configuration Mistakes.pptx
How to Avoid the Top 5 NGINX Configuration Mistakes.pptxHow to Avoid the Top 5 NGINX Configuration Mistakes.pptx
How to Avoid the Top 5 NGINX Configuration Mistakes.pptx
NGINX, Inc.
 

More from NGINX, Inc. (20)

【NGINXセミナー】 Ingressを使ってマイクロサービスの運用を楽にする方法
【NGINXセミナー】 Ingressを使ってマイクロサービスの運用を楽にする方法【NGINXセミナー】 Ingressを使ってマイクロサービスの運用を楽にする方法
【NGINXセミナー】 Ingressを使ってマイクロサービスの運用を楽にする方法
 
【NGINXセミナー】 NGINXのWAFとは?その使い方と設定方法 解説セミナー
【NGINXセミナー】 NGINXのWAFとは?その使い方と設定方法 解説セミナー【NGINXセミナー】 NGINXのWAFとは?その使い方と設定方法 解説セミナー
【NGINXセミナー】 NGINXのWAFとは?その使い方と設定方法 解説セミナー
 
【NGINXセミナー】API ゲートウェイとしてのNGINX Plus活用方法
【NGINXセミナー】API ゲートウェイとしてのNGINX Plus活用方法【NGINXセミナー】API ゲートウェイとしてのNGINX Plus活用方法
【NGINXセミナー】API ゲートウェイとしてのNGINX Plus活用方法
 
Get Hands-On with NGINX and QUIC+HTTP/3
Get Hands-On with NGINX and QUIC+HTTP/3Get Hands-On with NGINX and QUIC+HTTP/3
Get Hands-On with NGINX and QUIC+HTTP/3
 
Managing Kubernetes Cost and Performance with NGINX & Kubecost
Managing Kubernetes Cost and Performance with NGINX & KubecostManaging Kubernetes Cost and Performance with NGINX & Kubecost
Managing Kubernetes Cost and Performance with NGINX & Kubecost
 
Manage Microservices Chaos and Complexity with Observability
Manage Microservices Chaos and Complexity with ObservabilityManage Microservices Chaos and Complexity with Observability
Manage Microservices Chaos and Complexity with Observability
 
Accelerate Microservices Deployments with Automation
Accelerate Microservices Deployments with AutomationAccelerate Microservices Deployments with Automation
Accelerate Microservices Deployments with Automation
 
Unit 2: Microservices Secrets Management 101
Unit 2: Microservices Secrets Management 101Unit 2: Microservices Secrets Management 101
Unit 2: Microservices Secrets Management 101
 
Unit 1: Apply the Twelve-Factor App to Microservices Architectures
Unit 1: Apply the Twelve-Factor App to Microservices ArchitecturesUnit 1: Apply the Twelve-Factor App to Microservices Architectures
Unit 1: Apply the Twelve-Factor App to Microservices Architectures
 
NGINX基本セミナー(セキュリティ編)~NGINXでセキュアなプラットフォームを実現する方法!
NGINX基本セミナー(セキュリティ編)~NGINXでセキュアなプラットフォームを実現する方法!NGINX基本セミナー(セキュリティ編)~NGINXでセキュアなプラットフォームを実現する方法!
NGINX基本セミナー(セキュリティ編)~NGINXでセキュアなプラットフォームを実現する方法!
 
Easily View, Manage, and Scale Your App Security with F5 NGINX
Easily View, Manage, and Scale Your App Security with F5 NGINXEasily View, Manage, and Scale Your App Security with F5 NGINX
Easily View, Manage, and Scale Your App Security with F5 NGINX
 
NGINXセミナー(基本編)~いまさら聞けないNGINXコンフィグなど基本がわかる!
NGINXセミナー(基本編)~いまさら聞けないNGINXコンフィグなど基本がわかる!NGINXセミナー(基本編)~いまさら聞けないNGINXコンフィグなど基本がわかる!
NGINXセミナー(基本編)~いまさら聞けないNGINXコンフィグなど基本がわかる!
 
Keep Ahead of Evolving Cyberattacks with OPSWAT and F5 NGINX
Keep Ahead of Evolving Cyberattacks with OPSWAT and F5 NGINXKeep Ahead of Evolving Cyberattacks with OPSWAT and F5 NGINX
Keep Ahead of Evolving Cyberattacks with OPSWAT and F5 NGINX
 
Install and Configure NGINX Unit, the Universal Application, Web, and Proxy S...
Install and Configure NGINX Unit, the Universal Application, Web, and Proxy S...Install and Configure NGINX Unit, the Universal Application, Web, and Proxy S...
Install and Configure NGINX Unit, the Universal Application, Web, and Proxy S...
 
Protecting Apps from Hacks in Kubernetes with NGINX
Protecting Apps from Hacks in Kubernetes with NGINXProtecting Apps from Hacks in Kubernetes with NGINX
Protecting Apps from Hacks in Kubernetes with NGINX
 
NGINX Kubernetes API
NGINX Kubernetes APINGINX Kubernetes API
NGINX Kubernetes API
 
Successfully Implement Your API Strategy with NGINX
Successfully Implement Your API Strategy with NGINXSuccessfully Implement Your API Strategy with NGINX
Successfully Implement Your API Strategy with NGINX
 
Installing and Configuring NGINX Open Source
Installing and Configuring NGINX Open SourceInstalling and Configuring NGINX Open Source
Installing and Configuring NGINX Open Source
 
Shift Left for More Secure Apps with F5 NGINX
Shift Left for More Secure Apps with F5 NGINXShift Left for More Secure Apps with F5 NGINX
Shift Left for More Secure Apps with F5 NGINX
 
How to Avoid the Top 5 NGINX Configuration Mistakes.pptx
How to Avoid the Top 5 NGINX Configuration Mistakes.pptxHow to Avoid the Top 5 NGINX Configuration Mistakes.pptx
How to Avoid the Top 5 NGINX Configuration Mistakes.pptx
 

Recently uploaded

%+27788225528 love spells in Huntington Beach Psychic Readings, Attraction sp...
%+27788225528 love spells in Huntington Beach Psychic Readings, Attraction sp...%+27788225528 love spells in Huntington Beach Psychic Readings, Attraction sp...
%+27788225528 love spells in Huntington Beach Psychic Readings, Attraction sp...
masabamasaba
 
CHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
CHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICECHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
CHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
9953056974 Low Rate Call Girls In Saket, Delhi NCR
 
AI Mastery 201: Elevating Your Workflow with Advanced LLM Techniques
AI Mastery 201: Elevating Your Workflow with Advanced LLM TechniquesAI Mastery 201: Elevating Your Workflow with Advanced LLM Techniques
AI Mastery 201: Elevating Your Workflow with Advanced LLM Techniques
VictorSzoltysek
 
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
panagenda
 
%+27788225528 love spells in Boston Psychic Readings, Attraction spells,Bring...
%+27788225528 love spells in Boston Psychic Readings, Attraction spells,Bring...%+27788225528 love spells in Boston Psychic Readings, Attraction spells,Bring...
%+27788225528 love spells in Boston Psychic Readings, Attraction spells,Bring...
masabamasaba
 
%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...
%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...
%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...
masabamasaba
 

Recently uploaded (20)

WSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital Transformation
WSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital TransformationWSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital Transformation
WSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital Transformation
 
%+27788225528 love spells in Huntington Beach Psychic Readings, Attraction sp...
%+27788225528 love spells in Huntington Beach Psychic Readings, Attraction sp...%+27788225528 love spells in Huntington Beach Psychic Readings, Attraction sp...
%+27788225528 love spells in Huntington Beach Psychic Readings, Attraction sp...
 
WSO2CON2024 - It's time to go Platformless
WSO2CON2024 - It's time to go PlatformlessWSO2CON2024 - It's time to go Platformless
WSO2CON2024 - It's time to go Platformless
 
%in Soweto+277-882-255-28 abortion pills for sale in soweto
%in Soweto+277-882-255-28 abortion pills for sale in soweto%in Soweto+277-882-255-28 abortion pills for sale in soweto
%in Soweto+277-882-255-28 abortion pills for sale in soweto
 
%in tembisa+277-882-255-28 abortion pills for sale in tembisa
%in tembisa+277-882-255-28 abortion pills for sale in tembisa%in tembisa+277-882-255-28 abortion pills for sale in tembisa
%in tembisa+277-882-255-28 abortion pills for sale in tembisa
 
CHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
CHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICECHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
CHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
 
%in kaalfontein+277-882-255-28 abortion pills for sale in kaalfontein
%in kaalfontein+277-882-255-28 abortion pills for sale in kaalfontein%in kaalfontein+277-882-255-28 abortion pills for sale in kaalfontein
%in kaalfontein+277-882-255-28 abortion pills for sale in kaalfontein
 
%in Bahrain+277-882-255-28 abortion pills for sale in Bahrain
%in Bahrain+277-882-255-28 abortion pills for sale in Bahrain%in Bahrain+277-882-255-28 abortion pills for sale in Bahrain
%in Bahrain+277-882-255-28 abortion pills for sale in Bahrain
 
Microsoft AI Transformation Partner Playbook.pdf
Microsoft AI Transformation Partner Playbook.pdfMicrosoft AI Transformation Partner Playbook.pdf
Microsoft AI Transformation Partner Playbook.pdf
 
AI Mastery 201: Elevating Your Workflow with Advanced LLM Techniques
AI Mastery 201: Elevating Your Workflow with Advanced LLM TechniquesAI Mastery 201: Elevating Your Workflow with Advanced LLM Techniques
AI Mastery 201: Elevating Your Workflow with Advanced LLM Techniques
 
Announcing Codolex 2.0 from GDK Software
Announcing Codolex 2.0 from GDK SoftwareAnnouncing Codolex 2.0 from GDK Software
Announcing Codolex 2.0 from GDK Software
 
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
 
Direct Style Effect Systems - The Print[A] Example - A Comprehension Aid
Direct Style Effect Systems - The Print[A] Example - A Comprehension AidDirect Style Effect Systems - The Print[A] Example - A Comprehension Aid
Direct Style Effect Systems - The Print[A] Example - A Comprehension Aid
 
Payment Gateway Testing Simplified_ A Step-by-Step Guide for Beginners.pdf
Payment Gateway Testing Simplified_ A Step-by-Step Guide for Beginners.pdfPayment Gateway Testing Simplified_ A Step-by-Step Guide for Beginners.pdf
Payment Gateway Testing Simplified_ A Step-by-Step Guide for Beginners.pdf
 
%+27788225528 love spells in Boston Psychic Readings, Attraction spells,Bring...
%+27788225528 love spells in Boston Psychic Readings, Attraction spells,Bring...%+27788225528 love spells in Boston Psychic Readings, Attraction spells,Bring...
%+27788225528 love spells in Boston Psychic Readings, Attraction spells,Bring...
 
%in Hazyview+277-882-255-28 abortion pills for sale in Hazyview
%in Hazyview+277-882-255-28 abortion pills for sale in Hazyview%in Hazyview+277-882-255-28 abortion pills for sale in Hazyview
%in Hazyview+277-882-255-28 abortion pills for sale in Hazyview
 
Software Quality Assurance Interview Questions
Software Quality Assurance Interview QuestionsSoftware Quality Assurance Interview Questions
Software Quality Assurance Interview Questions
 
%in kempton park+277-882-255-28 abortion pills for sale in kempton park
%in kempton park+277-882-255-28 abortion pills for sale in kempton park %in kempton park+277-882-255-28 abortion pills for sale in kempton park
%in kempton park+277-882-255-28 abortion pills for sale in kempton park
 
OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...
OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...
OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...
 
%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...
%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...
%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...
 

Do You Need A Service Mesh?

  • 2. Agenda 1. Why Microservices? ◦ Best practices for extending existing applications 2. Why might we need a Service Mesh? ◦ Alternatives – how to tell when you’re ready 3. The Landscape ◦ Istio and others 4. Summary ◦ Next steps
  • 4. Modern Apps Require a Modern Architecture From Monolithic ... ... to Dynamic Three-tier, J2EE-style architectures Complex protocols (HTML, SOAP) Persistent deployments Fixed, static Infrastructure Big-bang releases Silo’ed teams (Dev, Test, Ops) Microservices Lightweight (REST, JSON) Containers, VMs, Functions Infrastructure as Code Continuous delivery DevOps Culture
  • 7. Microservices "An approach to developing a single application as a suite of small services, each running in its own process and communicating with lightweight mechanisms, often an HTTP resource API”. Martin Fowler, 12-Factor App
  • 8. In practice • Use the “Strangler Approach” to extend your Monolith to using Microservices: 1. Add small pieces of functionality in Microservices. 2. Repeat as needed • Organize team structure around service ownership. • Adopt DevOps mentality – automate when possible. Holiday Photos
  • 9. Evolution in Action Existing Monolith Application Desktop or Web Client Your Existing Application
  • 10. Evolution in Action You have New Use Cases New Applications are needed New Datasources and business processes are added How do we add the new use cases without large-scale rewrites?
  • 11. Evolution in Action 11 Implement Hybrid/Strangler Pattern 1. Implement connector microservices to provide API abstractions for external dependencies
  • 12. Evolution in Action 2. Implement business-logic microservices for each business process Implement Hybrid/Strangler Pattern
  • 13. Evolution in Action 13 3. Implement presentation-layer microservices that are accessed externally Implement Hybrid/Strangler Pattern
  • 14. Evolution in Action 14 4. Use NGINX Ingress Controller for external- internal connectivity Implement Hybrid/Strangler Pattern
  • 15. Evolution in Action 15 5. Use NGINX Router Mesh for internal connectivity Implement Hybrid/Strangler Pattern
  • 17. Why do I need a Service Mesh? (and do I need one now?) 2
  • 18. Modern Apps Require a Modern Architecture From Monolithic ... ... to Dynamic Three-tier, J2EE-style architectures Complex protocols (HTML, SOAP) Persistent deployments Fixed, static Infrastructure Big-bang releases Silo’ed teams (Dev, Test, Ops) Microservices Lightweight (REST, JSON) Containers, VMs, Functions Infrastructure as Code Continuous delivery DevOps Culture
  • 19. Operating a distributed application is hard Static, Predictable Monolith: Dynamic, Distributed App: Fast, reliable function calls Local debugging Local profiling Calendared, big-bang upgrades ‘Integration hell’ contained in dev Slow, unreliable API calls Distributed fault finding Distributed tracing In-place dynamic updates ‘Continuous integration’ live in prod More things can go wrong, it’s harder to find the faults, everything happens live
  • 20. Why do I need a Service Mesh? • In most cases, you do not need a service mesh (at least, not yet) • Your applications will go through a maturity journey: 1. Pre- or early-production applications, mature ‘mode 1’ applications 2. Single simple, business-critical production applications 3. Multiple complex, distributed applications This is where you may need a service mesh
  • 21. Maturity Journey – Step 1 • Pre- and Early-Production Applications, Established Apps ◦ My applications are simple and well understood ◦ I don’t make disruptive changes in production • Kubernetes provides the capabilities you need: ◦ Service Discovery and Scaling ◦ Load Balancing and Health Checks ◦ Access Control ◦ Ingress Load Balancing For example, legacy ‘monolithic’ or 3- tier apps that have been containerized Many production applications start and finish here
  • 22. Maturity Journey – Step 1 Simple Ingress Router, Kubernetes Networking Many production applications start and finish here Rely on Kubernetes for: • DNS-based Service Discovery • Scaling and reconfiguration • KubeProxy-based load balancing • Health Checks • Network Policies for Access Control Use a third-party Ingress Router
  • 23. What is an Ingress Controller? Kubernetes Master API Server Scheduler Controller- Manager etcd Kubernetes Node Kubelet Kubeproxy Kubernetes Node Kubelet Kubeproxy Kubernetes Node Kubelet Kubeproxy InternalNetwork Why do you need an Ingress Controller?
  • 24. Ingress Resource • Ingress: • Built-in Kubernetes resource • Configuration for an edge load balancer (or ADC) • Ingress features: • L7 routing based on the host header and URI • TLS termination apiVersion: extensions/v1beta1 kind: Ingress metadata: name: hello-ingress spec: tls: - hosts: - hello.example.com secretName: hello-secret rules: - host: hello.example.com http: paths: - path: / backend: serviceName: hello-svc servicePort: 80
  • 25. Maturity Journey – Step 2 • More complex, business-critical applications ◦ Applications have multiple, distributed components ◦ Changes in production are frequent ◦ Users need more control and visibility over the app • Individual services can be enhanced with: ◦ Mutual TLS for encryption and authentication ◦ Metrics and Tracing (Prometheus, OpenTracing etc) ◦ Proxies for load balancing, rate limiting, access control, traffic management Most production apps running in containers over the last ~3 years have taken this approach
  • 26. Maturity Journey – Step 2 Ingress Router, Per-Service Load Balancer, Router-mesh Load Balancer Enhance applications with: • Prometheus metrics • OpenTracing tracers • mTLS or SPIFFE ssl Use per-service proxies for specific services Use central router-mesh proxy load balancer Most production apps running in containers over the last ~3 years have taken this approach P O T S
  • 27. But… this approach gets expensive to manage The operational complexity and cost of developing bespoke libraries across languages, frameworks, and runtimes is prohibitive for most organizations, especially those with heterogenous applications and polyglot programming languages. IDC Market Perspective: Vendors Stake Out Positions in Emerging Istio Service Mesh Landscape
  • 28. Maturity Journey – Step 3 • Multiple interdependent applications ◦ Diverse application stacks (challenging to extend consistently) ◦ Frequent, hard-to-control changes (need rapid troubleshooting) • Service Mesh provides enhancements, invisibly ◦ Intercepts all network traffic for each service ◦ Injects security (mutual TLS) ◦ Generates metrics and traces ◦ Can support L7 policies e.g. authentication, rate limiting, traffic management A service mesh provides standard functionality and services in an invisible, universal fashion
  • 29. Maturity Journey – Step 3 Every container has an embedded proxy Embed proxy into every container Proxy intercepts all traffic and applies advanced functionality Proxy implements L7 policies Requires a comprehensive control plane A service mesh provides standard functionality and services in an invisible, universal fashion
  • 30. A Service Mesh sounds great….? • Service Mesh implementations are new and not yet mature. Implementations are changing rapidly and some may be obsoleted quickly. • Service Mesh has a cost, adding complexity, resource requirements and latency (network hops). ROI is not clear Don’t let the lack of a stable, mature service mesh delay your container and microservice initiatives
  • 31. Find the balanceCosttooperate Complexity, Interdependencies, Speed of Change Single simple app Many complex, interdependent apps Using native Kubernetes and other services Using service mesh As service meshes mature, their cost will go down
  • 33. Istio is seen as the market leader… but… “In Istio, we see Google’s expertise in marketing perhaps taken too far. “Istio … is convincing the market that the battle for service mesh superiority is a foregone conclusion–in spite of widespread reports that Istio is currently difficult to operate and not ready for production workloads.” Eric Brewer, VP Infrastructure, Google. April 26, 2019 https://softwareengineeringdaily.com/2019/04/26/cloud-with-eric-brewer/
  • 34. Current Landscape • Pure-play Service Meshes ◦ Istio, Linkerd, Consul Connect • Cloud Platform Service Meshes ◦ Amazon App Mesh, GCP Traffic Director • Meta-Meshes ◦ SMI, Solo.io SuperGloo, …
  • 35. Hype CycleVisibility Time Technology Trigger Peak of Inflated Expectations Trough of Disillusionment Slope of Enlightenment Plateau of Productivity
  • 37. SummaryCosttooperate Complexity, Interdependencies, Speed of Change Single simple app Many complex, interdependent apps Using native Kubernetes and other services Using service mesh As service meshes mature, their cost will go down • There is a tipping point, before which, a service mesh is not advised • As service meshes become easier to deploy and more mature, the tipping point gets closer • Service Mesh technology is changing rapidly – it’s very early to place a bet
  • 38. Recommendations • Investigating – too early to devote significant resources • PoC – commercial Istio builds, open source Consul and Linkerd • Production – are you ready to build an F1 pit crew?
  • 39. F5 and NGINX Aspen Mesh provides an easy- to-use distribution of Istio with added enterprise features. • Enterprise Service Mesh • Observability and Insights • Expert Support NGINX provides an advanced Ingress Controller, Microservices Proxy and innovative App Server: • K8s Ingress Controller • NGINX Router • Future service mesh iniatives

Editor's Notes

  1. TALK ABOUT MONOLITH
  2. Don’t go too much on networking
  3. 1.  "Chief Scientist" at ThoughtWorks         - the author                 "Refactoring 1999 – describes Patterns of Enterprise Application Architecture the basis for         - 12factor.net 2. excellent primer for anyone building SW for distributed systems. 3. an approach for building an App out of…
  4. Service Discovery: https://kubernetes.io/docs/concepts/services-networking/service/#discovering-services Load Balancing: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies Health Checks: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes Access Control: https://kubernetes.io/docs/concepts/services-networking/network-policies/