SlideShare una empresa de Scribd logo

Modernizing Application Deployments with HashiCorp Consul on Microsoft Azure

Descargar como PPTX, PDF
Mitchell Pronschinske
Mitchell Pronschinske

Learn how to use Consul service networking automation and service mesh capabilities on Azure infrastructure services.

Software
1 de 43
© 2018 HashiCorp Consul Service Networking Made Easy A multi-cloud service networking platform to connect and secure any service across any runtime platform and public or private cloud 1
Copyright © 2018 HashiCorp ∕ ▪ The Cloud Operating Model 2
Copyright © 2018 HashiCorp ∕Copyright © 2018 HashiCorp ∕ 3 App App Networking Development Security Operations A Common Cloud Operating Model to Accelerate Application Delivery POLICY GOVERNANCE
© 2018 HashiCorp Shifting from Static to Dynamic Networking 4
© 2018 HashiCorpUSING CONSUL IN DYNAMIC INFRASTRUCTURE Market trend from monoliths to microservices Single, Physical Server Dynamic Virtual Machines Smaller, Ephemeral Containers 5
© 2018 HashiCorp Dynamic Infrastructure Service-based networking The shift from static to dynamic networking Static Infrastructure Host-based networking USING CONSUL IN DYNAMIC INFRASTRUCTURE 6
© 2018 HashiCorpUSING CONSUL IN DYNAMIC INFRASTRUCTURE Dynamic Infrastructure Service-based networking The shift from static to dynamic networking Private datacenters with static IPs, primarily north-south traffic, protected by perimeter security and coarse-grained network segments. Traditional Approach ▪ Static connectivity between services ▪ A fleet of load balancers to route traffic ▪ Ticket driven processes to update network middleware ▪ Firewall rule sprawl to constrict access and Insecure flat network zones Multiple clouds and private datacenters with dynamic IPs, dominated by east-west traffic, no clear network perimeters. Consul Approach ▪ Centralized registry to locate any service ▪ Services discovered and connected with centralized policies ▪ Network automated in service of applications ▪ Zero trust network enforced by identity- based security policies Static Infrastructure Host-based networking 7
© 2018 HashiCorp Three Competencies of a Service Mesh 8
Networking Dynamically locate any application or infrastructure service to simplify network connectivity Observability Increased visibility to gain insights into how services interact with and depend on each other at the runtime layer Reliability Building redundancy through automated failover and replication to minimize outages and downtimes
© 2018 HashiCorp CONSUL ADOPTION / / PHASE TWO Demo 10
Copyright © 2019 HashiCorp ∕ Demo Demo of AKS and Consul 11 1. Provision AKS Cluster Using Terraform 2. Deploy Consul to cluster via Helm 3. Deploy Application to cluster 4. Use SMI to manage intentions
Copyright © 2018 HashiCorp ∕ ▪ Kubernetes on Azure Overview 12
From infrastructure to innovation Responsibilities DIY with Kubernetes Managed Kubernetes on Azure Containerization Application iteration, debugging CI/CD Cluster hosting Cluster upgrade Patching Scaling Monitoring and logging Customer Microsoft Managed Kubernetes empowers you to achieve more Focus on your containers and code, not the plumbing of them
Azure Kubernetes momentum Azure Kubernetes Service usage grew 30x since it was made generally available in June 2018 Trusted by thousands of customers Dated November 2018
Manage Kubernetes with ease • Automated provisioning, upgrades, patches • High reliability, availability • Easy, secure cluster scaling • Self-healing • API server monitoring • At no charge API server Controller ManagerScheduler etcd Store Cloud Controller Self-managed master node(s) Customer VMs App/ workload definitionUser Docker Pods Docker Pods Docker Pods Docker Pods Docker Pods Schedule pods over private tunnel Kubernetes API endpoint Azure managed control plane Infrastructure automation
Manage Kubernetes with ease Azure Monitor AKS production cluster Microservices Azure Container Instances (ACI) Pods Virtual node Availability Reliability Highly available, reliable service with serverless scaling Auto scaling
Accelerate containerized development Kubernetes and DevOps better together Develop • Native containers and Kubernetes support in IDE • Remote debugging and iteration for multi- containers • Effective code merge • Automatic containerization Deliver • CI/CD pipeline with automated tasks in a few clicks • Pre-configured canary deployment strategy • In depth build and delivery process review and integration testing • Private registry with Helm support Operate • Out-of-box control plane telemetry, log aggregation, and container health • Declarative resource management • Auto scaling Inner loop Test Debug Azure DevSpaces AKS dev cluster Azure Pipelines Source code control Azure Container Registry Helm chart Container image AKS production cluster Azure Monitor Scale Terraform Develop Deliver Operate
© 2018 HashiCorp CONSUL ADOPTION / / PHASE TWO Demo 18
Copyright © 2019 HashiCorp ∕ Demo Demo of AKS and Consul 19 1. Provision AKS Cluster Using Terraform 2. Deploy Consul to cluster via Helm 3. Deploy Application to cluster 4. Use SMI to manage intentions
Copyright © 2019 HashiCorp ∕ Demo Demo of AKS and Consul 20 1. Provision AKS Cluster Using Terraform 2. Deploy Consul to cluster via Helm 3. Deploy Application to cluster 4. Use SMI to manage intentions
Copyright © 2018 HashiCorp ∕ ▪ Microsoft Service Mesh Interface (SMI) 21
Towards Service Mesh Interface Technologists who understand Kubernetes Technologists who understand Service Mesh Technologists who understand Service Mesh Interface
But that shouldn’t really be the case Technologists who understand Kubernetes expect a set of networking functionality available to them Services should have an identity and should be able to communicate securely Communication between services should be monitored and logged Traffic patterns between services should be configurable, i.e., newer service versions could be receiving less traffic, etc.
PolicyRouting Telemetry Historically, this was achieved via smart endpoints, dumb pipes This has worked for the past 25 years But with so many endpoints today, how do you manage
Service Mesh technology Smarter pipes
…and more
Service Mesh Interface (SMI) for Kubernetes In partnership with
Service Mesh Interface (SMI) for Kubernetes A Kubernetes interface that provides traffic routing, traffic telemetry, and traffic policy Apps Tooling Ecosystem Standardized Standard interface for service mesh on Kubernetes Simplified Basic feature set to address most common scenarios Extensible Support for new features as they become widely available …and more Service Mesh Interface
Service Mesh Interface Technologists who understand Kubernetes expect a set of networking functionality available to them, and now they can get that functionality through SMI Services should have an identity and should be able to communicate securely Communication between services should be monitored and logged Traffic patterns between services should be configurable, i.e., newer service versions could be receiving less traffic, etc.
This isn’t a new concept If the SMI concept sounds familiar, that’s because it is Apps Tooling Ecosystem Ingress
So, why SMI? Because it’s faster, simpler, and friendlier Get started quickly Simpler is better Ecosystem friendly
© 2018 HashiCorp CONSUL ADOPTION / / PHASE TWO Demo 32
Copyright © 2019 HashiCorp ∕ Demo Demo of AKS and Consul 33 1. Provision AKS Cluster Using Terraform 2. Deploy Consul to cluster via Helm 3. Deploy Application to cluster 4. Use SMI to manage intentions
© 2018 HashiCorp New Features L7 Observability, Routing, and Mesh Gateways 34
CHALLENGE SOLUTION RESULTS Feature: ∕ Copyright © 2018 HashiCorp ∕USE CASE: INFRASTRUCTURE AS CODE Debugging and isolating issues in a microservices environment can be challenging L7 Observability A primary microservices challenge is trying to understand how individual services being independently deployed are interacting with each other. Lack of visibility to get insights into the way services interact with and depend on each other at runtime makes it difficult to understand the performance bottlenecks and isolate any issues or incidents 35
CHALLENGE SOLUTION RESULTS ∕ Copyright © 2018 HashiCorp ∕ Feature: USE CASE: INFRASTRUCTURE AS CODE L7 Observability L7 Observability 36 Consul Connect lets users configure the observability features in Envoy proxy. Observability makes it easier to see what is happening when services interact with each other. Envoy also provides a simple way to get the same high-level metrics for all services.
CHALLENGE SOLUTION RESULTS ∕ Copyright © 2018 HashiCorp ∕ Feature: USE CASE: INFRASTRUCTURE AS CODE L7 Observability L7 Observability 37 Observability features include: Tracing: Helps with understanding the application behavior when interacting with upstream and downstream services Metrics: Gathers telemetry data from across the mesh and provide high-level application information Logging: Provides an immutable record of discrete events that helps in better fault isolation
CHALLENGE SOLUTION RESULTS ∕ Copyright © 2018 HashiCorp ∕ Feature: USE CASE: INFRASTRUCTURE AS CODE L7 Observability L7 Observability 38 Observability is achieved by integration with third party tools : Tracing: Jaeger, Zipkin, DataDog Metrics: Grafana, Prometheus, etc Logging: Splunk, ELK, Fluentd
CHALLENGE SOLUTION RESULTS Feature: ∕ Copyright © 2018 HashiCorp ∕ Consul Connect only supports L4 proxy L7 Routing Consul Connect can route traffic and set policies based on layer 4 headers, It does not support routing and redirecting requests based on L7 path, content type, runtime values, etc. Lack of L7 filtering capabilities also prevents it from enforcing fine-grained security policies based on rich HTTP headers 39
CHALLENGE SOLUTION RESULTS ∕ Copyright © 2018 HashiCorp ∕ Feature: L7 Routing and Policies L7 Routing 40 Ability to steer traffic based on header for canary testing, gradual deployment roll outs and canary releases
CHALLENGE SOLUTION RESULTS Feature: ∕ Copyright © 2018 HashiCorp ∕USE CASE: INFRASTRUCTURE AS CODE Cross service connections across multi-K8s clusters or multi- clouds is challenging Mesh Gateways Consul expects all the services to be on a flat network and routable Consul cannot solve service discovery and connectivity use cases in overlay networks Connecting services across multi-clouds requires expensive IPsec or MPLS connectivity 41
CHALLENGE SOLUTION RESULTS ∕ Copyright © 2018 HashiCorp ∕ Feature: Network Gateways Mesh Gateways 42 Network gateway, built upon Envoy, will sit on the public internet and accept L4 traffic with mTLS Network gateways will perform NAT and route the traffic to correct endpoint on the private network All the services need not be exposed on public network for cross cloud service communication
www.hashicorp.com hello@hashicorp.com Thank you 43

Recomendados

Getting Started with Kubernetes and Consul
Getting Started with Kubernetes and ConsulGetting Started with Kubernetes and Consul
Getting Started with Kubernetes and ConsulMitchell Pronschinske
 
Migrating from VMs to Kubernetes using HashiCorp Consul Service on Azure
Migrating from VMs to Kubernetes using HashiCorp Consul Service on AzureMigrating from VMs to Kubernetes using HashiCorp Consul Service on Azure
Migrating from VMs to Kubernetes using HashiCorp Consul Service on AzureMitchell Pronschinske
 
Demystifying Service Mesh
Demystifying Service MeshDemystifying Service Mesh
Demystifying Service MeshMitchell Pronschinske
 
Dynamic Azure Credentials for Applications and CI/CD Pipelines
Dynamic Azure Credentials for Applications and CI/CD PipelinesDynamic Azure Credentials for Applications and CI/CD Pipelines
Dynamic Azure Credentials for Applications and CI/CD PipelinesMitchell Pronschinske
 
Istio Service Mesh
Istio Service MeshIstio Service Mesh
Istio Service MeshLew Tucker
 
Welcome to the Multi-cloud world
Welcome to the Multi-cloud worldWelcome to the Multi-cloud world
Welcome to the Multi-cloud worldLew Tucker
 
Monitoring Security Policies for Container and OpenStack Clouds
Monitoring Security Policies for Container and OpenStack CloudsMonitoring Security Policies for Container and OpenStack Clouds
Monitoring Security Policies for Container and OpenStack CloudsPLUMgrid
 
Multi-Cloud Roadmap: Architecting Hybrid Environments for Maximum Results
Multi-Cloud Roadmap: Architecting Hybrid Environments for Maximum ResultsMulti-Cloud Roadmap: Architecting Hybrid Environments for Maximum Results
Multi-Cloud Roadmap: Architecting Hybrid Environments for Maximum ResultsRightScale
 

Recomendados

Getting Started with Kubernetes and Consul
Getting Started with Kubernetes and ConsulGetting Started with Kubernetes and Consul
Getting Started with Kubernetes and ConsulMitchell Pronschinske
 
Migrating from VMs to Kubernetes using HashiCorp Consul Service on Azure
Migrating from VMs to Kubernetes using HashiCorp Consul Service on AzureMigrating from VMs to Kubernetes using HashiCorp Consul Service on Azure
Migrating from VMs to Kubernetes using HashiCorp Consul Service on AzureMitchell Pronschinske
 
Demystifying Service Mesh
Demystifying Service MeshDemystifying Service Mesh
Demystifying Service MeshMitchell Pronschinske
 
Dynamic Azure Credentials for Applications and CI/CD Pipelines
Dynamic Azure Credentials for Applications and CI/CD PipelinesDynamic Azure Credentials for Applications and CI/CD Pipelines
Dynamic Azure Credentials for Applications and CI/CD PipelinesMitchell Pronschinske
 
Istio Service Mesh
Istio Service MeshIstio Service Mesh
Istio Service MeshLew Tucker
 
Welcome to the Multi-cloud world
Welcome to the Multi-cloud worldWelcome to the Multi-cloud world
Welcome to the Multi-cloud worldLew Tucker
 
Monitoring Security Policies for Container and OpenStack Clouds
Monitoring Security Policies for Container and OpenStack CloudsMonitoring Security Policies for Container and OpenStack Clouds
Monitoring Security Policies for Container and OpenStack CloudsPLUMgrid
 
Multi-Cloud Roadmap: Architecting Hybrid Environments for Maximum Results
Multi-Cloud Roadmap: Architecting Hybrid Environments for Maximum ResultsMulti-Cloud Roadmap: Architecting Hybrid Environments for Maximum Results
Multi-Cloud Roadmap: Architecting Hybrid Environments for Maximum ResultsRightScale
 
Design and Deploy Secure Clouds for Financial Services Use Cases
Design and Deploy Secure Clouds for Financial Services Use CasesDesign and Deploy Secure Clouds for Financial Services Use Cases
Design and Deploy Secure Clouds for Financial Services Use CasesPLUMgrid
 
Moving to a Microservice World: Leveraging Consul on Azure
Moving to a Microservice World: Leveraging Consul on AzureMoving to a Microservice World: Leveraging Consul on Azure
Moving to a Microservice World: Leveraging Consul on AzureMitchell Pronschinske
 
Cloud native microservices for systems and applications ieee rev2
Cloud native microservices for systems and applications ieee rev2Cloud native microservices for systems and applications ieee rev2
Cloud native microservices for systems and applications ieee rev2Prem Sankar Gopannan
 
The Changing Data Center Landscape
The Changing Data Center LandscapeThe Changing Data Center Landscape
The Changing Data Center LandscapeCisco Canada
 
[HashiConf 2019] "Securing Cloud Native Communication with Ambassador and Con...
[HashiConf 2019] "Securing Cloud Native Communication with Ambassador and Con...[HashiConf 2019] "Securing Cloud Native Communication with Ambassador and Con...
[HashiConf 2019] "Securing Cloud Native Communication with Ambassador and Con...Daniel Bryant
 
Keynote - Oleg Barenboim - ManageIQ Design Summit 2016
Keynote - Oleg Barenboim - ManageIQ Design Summit 2016Keynote - Oleg Barenboim - ManageIQ Design Summit 2016
Keynote - Oleg Barenboim - ManageIQ Design Summit 2016ManageIQ
 
OCP Architecture Overview
OCP Architecture OverviewOCP Architecture Overview
OCP Architecture OverviewBhaskar Ravula
 
Meetup6 microservices for the IoT
Meetup6 microservices for the IoTMeetup6 microservices for the IoT
Meetup6 microservices for the IoTFrancesco Rago
 
Istio service mesh: past, present, future (TLV meetup)
Istio service mesh: past, present, future (TLV meetup)Istio service mesh: past, present, future (TLV meetup)
Istio service mesh: past, present, future (TLV meetup)elevran
 
Unlocking the Cloud Operating Model
Unlocking the Cloud Operating ModelUnlocking the Cloud Operating Model
Unlocking the Cloud Operating ModelMitchell Pronschinske
 
Modern Network Compliance: Achieving Compliance in a Hybrid, Multi-Cloud World
Modern Network Compliance: Achieving Compliance in a Hybrid, Multi-Cloud WorldModern Network Compliance: Achieving Compliance in a Hybrid, Multi-Cloud World
Modern Network Compliance: Achieving Compliance in a Hybrid, Multi-Cloud WorldItential
 
Why nfv and digital transformation projects fail!
Why nfv and digital transformation projects fail! Why nfv and digital transformation projects fail!
Why nfv and digital transformation projects fail! Cloudify Community
 
Service Mesh - kilometer 30 in a microservice marathon
Service Mesh - kilometer 30 in a microservice marathonService Mesh - kilometer 30 in a microservice marathon
Service Mesh - kilometer 30 in a microservice marathonMichael Hofmann
 
VietOpenStack meetup 7th Kilo overview
VietOpenStack meetup 7th Kilo overviewVietOpenStack meetup 7th Kilo overview
VietOpenStack meetup 7th Kilo overviewVietnam Open Infrastructure User Group
 
Securing Your CI Pipeline with HashiCorp Vault - P2
Securing Your CI Pipeline with HashiCorp Vault - P2Securing Your CI Pipeline with HashiCorp Vault - P2
Securing Your CI Pipeline with HashiCorp Vault - P2Ashnikbiz
 
Service Mesh on Kubernetes with Istio
Service Mesh on Kubernetes with IstioService Mesh on Kubernetes with Istio
Service Mesh on Kubernetes with IstioMichelle Holley
 
Consul: Service Mesh for Microservices
Consul: Service Mesh for MicroservicesConsul: Service Mesh for Microservices
Consul: Service Mesh for MicroservicesArmonDadgar
 
ISTIO Deep Dive
ISTIO Deep DiveISTIO Deep Dive
ISTIO Deep DiveYong Feng
 
Hybrid integration platform reference architecture
Hybrid integration platform reference architectureHybrid integration platform reference architecture
Hybrid integration platform reference architectureChanaka Fernando
 
Istio a service mesh
Istio a service meshIstio a service mesh
Istio a service meshChandresh Pancholi
 
Wavefront presentation-May-2019
Wavefront presentation-May-2019Wavefront presentation-May-2019
Wavefront presentation-May-2019Anil Gupta (AJ) - vExpert
 
A New Approach to Continuous Monitoring in the Cloud
A New Approach to Continuous Monitoring in the CloudA New Approach to Continuous Monitoring in the Cloud
A New Approach to Continuous Monitoring in the CloudNETSCOUT
 

Más contenido relacionado

La actualidad más candente

Design and Deploy Secure Clouds for Financial Services Use Cases
Design and Deploy Secure Clouds for Financial Services Use CasesDesign and Deploy Secure Clouds for Financial Services Use Cases
Design and Deploy Secure Clouds for Financial Services Use CasesPLUMgrid
 
Moving to a Microservice World: Leveraging Consul on Azure
Moving to a Microservice World: Leveraging Consul on AzureMoving to a Microservice World: Leveraging Consul on Azure
Moving to a Microservice World: Leveraging Consul on AzureMitchell Pronschinske
 
Cloud native microservices for systems and applications ieee rev2
Cloud native microservices for systems and applications ieee rev2Cloud native microservices for systems and applications ieee rev2
Cloud native microservices for systems and applications ieee rev2Prem Sankar Gopannan
 
The Changing Data Center Landscape
The Changing Data Center LandscapeThe Changing Data Center Landscape
The Changing Data Center LandscapeCisco Canada
 
[HashiConf 2019] "Securing Cloud Native Communication with Ambassador and Con...
[HashiConf 2019] "Securing Cloud Native Communication with Ambassador and Con...[HashiConf 2019] "Securing Cloud Native Communication with Ambassador and Con...
[HashiConf 2019] "Securing Cloud Native Communication with Ambassador and Con...Daniel Bryant
 
Keynote - Oleg Barenboim - ManageIQ Design Summit 2016
Keynote - Oleg Barenboim - ManageIQ Design Summit 2016Keynote - Oleg Barenboim - ManageIQ Design Summit 2016
Keynote - Oleg Barenboim - ManageIQ Design Summit 2016ManageIQ
 
OCP Architecture Overview
OCP Architecture OverviewOCP Architecture Overview
OCP Architecture OverviewBhaskar Ravula
 
Meetup6 microservices for the IoT
Meetup6 microservices for the IoTMeetup6 microservices for the IoT
Meetup6 microservices for the IoTFrancesco Rago
 
Istio service mesh: past, present, future (TLV meetup)
Istio service mesh: past, present, future (TLV meetup)Istio service mesh: past, present, future (TLV meetup)
Istio service mesh: past, present, future (TLV meetup)elevran
 
Modern Network Compliance: Achieving Compliance in a Hybrid, Multi-Cloud World
Modern Network Compliance: Achieving Compliance in a Hybrid, Multi-Cloud WorldModern Network Compliance: Achieving Compliance in a Hybrid, Multi-Cloud World
Modern Network Compliance: Achieving Compliance in a Hybrid, Multi-Cloud WorldItential
 
Why nfv and digital transformation projects fail!
Why nfv and digital transformation projects fail! Why nfv and digital transformation projects fail!
Why nfv and digital transformation projects fail! Cloudify Community
 
Service Mesh - kilometer 30 in a microservice marathon
Service Mesh - kilometer 30 in a microservice marathonService Mesh - kilometer 30 in a microservice marathon
Service Mesh - kilometer 30 in a microservice marathonMichael Hofmann
 
Securing Your CI Pipeline with HashiCorp Vault - P2
Securing Your CI Pipeline with HashiCorp Vault - P2Securing Your CI Pipeline with HashiCorp Vault - P2
Securing Your CI Pipeline with HashiCorp Vault - P2Ashnikbiz
 
Service Mesh on Kubernetes with Istio
Service Mesh on Kubernetes with IstioService Mesh on Kubernetes with Istio
Service Mesh on Kubernetes with IstioMichelle Holley
 
Consul: Service Mesh for Microservices
Consul: Service Mesh for MicroservicesConsul: Service Mesh for Microservices
Consul: Service Mesh for MicroservicesArmonDadgar
 
ISTIO Deep Dive
ISTIO Deep DiveISTIO Deep Dive
ISTIO Deep DiveYong Feng
 
Hybrid integration platform reference architecture
Hybrid integration platform reference architectureHybrid integration platform reference architecture
Hybrid integration platform reference architectureChanaka Fernando
 

La actualidad más candente (20)

Design and Deploy Secure Clouds for Financial Services Use Cases
Design and Deploy Secure Clouds for Financial Services Use CasesDesign and Deploy Secure Clouds for Financial Services Use Cases
Design and Deploy Secure Clouds for Financial Services Use Cases
 
Moving to a Microservice World: Leveraging Consul on Azure
Moving to a Microservice World: Leveraging Consul on AzureMoving to a Microservice World: Leveraging Consul on Azure
Moving to a Microservice World: Leveraging Consul on Azure
 
Cloud native microservices for systems and applications ieee rev2
Cloud native microservices for systems and applications ieee rev2Cloud native microservices for systems and applications ieee rev2
Cloud native microservices for systems and applications ieee rev2
 
The Changing Data Center Landscape
The Changing Data Center LandscapeThe Changing Data Center Landscape
The Changing Data Center Landscape
 
[HashiConf 2019] "Securing Cloud Native Communication with Ambassador and Con...
[HashiConf 2019] "Securing Cloud Native Communication with Ambassador and Con...[HashiConf 2019] "Securing Cloud Native Communication with Ambassador and Con...
[HashiConf 2019] "Securing Cloud Native Communication with Ambassador and Con...
 
Keynote - Oleg Barenboim - ManageIQ Design Summit 2016
Keynote - Oleg Barenboim - ManageIQ Design Summit 2016Keynote - Oleg Barenboim - ManageIQ Design Summit 2016
Keynote - Oleg Barenboim - ManageIQ Design Summit 2016
 
OCP Architecture Overview
OCP Architecture OverviewOCP Architecture Overview
OCP Architecture Overview
 
Meetup6 microservices for the IoT
Meetup6 microservices for the IoTMeetup6 microservices for the IoT
Meetup6 microservices for the IoT
 
Istio service mesh: past, present, future (TLV meetup)
Istio service mesh: past, present, future (TLV meetup)Istio service mesh: past, present, future (TLV meetup)
Istio service mesh: past, present, future (TLV meetup)
 
Unlocking the Cloud Operating Model
Unlocking the Cloud Operating ModelUnlocking the Cloud Operating Model
Unlocking the Cloud Operating Model
 
Modern Network Compliance: Achieving Compliance in a Hybrid, Multi-Cloud World
Modern Network Compliance: Achieving Compliance in a Hybrid, Multi-Cloud WorldModern Network Compliance: Achieving Compliance in a Hybrid, Multi-Cloud World
Modern Network Compliance: Achieving Compliance in a Hybrid, Multi-Cloud World
 
Why nfv and digital transformation projects fail!
Why nfv and digital transformation projects fail! Why nfv and digital transformation projects fail!
Why nfv and digital transformation projects fail!
 
Service Mesh - kilometer 30 in a microservice marathon
Service Mesh - kilometer 30 in a microservice marathonService Mesh - kilometer 30 in a microservice marathon
Service Mesh - kilometer 30 in a microservice marathon
 
VietOpenStack meetup 7th Kilo overview
VietOpenStack meetup 7th Kilo overviewVietOpenStack meetup 7th Kilo overview
VietOpenStack meetup 7th Kilo overview
 
Securing Your CI Pipeline with HashiCorp Vault - P2
Securing Your CI Pipeline with HashiCorp Vault - P2Securing Your CI Pipeline with HashiCorp Vault - P2
Securing Your CI Pipeline with HashiCorp Vault - P2
 
Service Mesh on Kubernetes with Istio
Service Mesh on Kubernetes with IstioService Mesh on Kubernetes with Istio
Service Mesh on Kubernetes with Istio
 
Consul: Service Mesh for Microservices
Consul: Service Mesh for MicroservicesConsul: Service Mesh for Microservices
Consul: Service Mesh for Microservices
 
ISTIO Deep Dive
ISTIO Deep DiveISTIO Deep Dive
ISTIO Deep Dive
 
Hybrid integration platform reference architecture
Hybrid integration platform reference architectureHybrid integration platform reference architecture
Hybrid integration platform reference architecture
 
Istio a service mesh
Istio a service meshIstio a service mesh
Istio a service mesh
 

Similar a Modernizing Application Deployments with HashiCorp Consul on Microsoft Azure

A New Approach to Continuous Monitoring in the Cloud
A New Approach to Continuous Monitoring in the CloudA New Approach to Continuous Monitoring in the Cloud
A New Approach to Continuous Monitoring in the CloudNETSCOUT
 
Wavefront by vmware june 2019 - legraswindow
Wavefront by vmware june 2019 - legraswindowWavefront by vmware june 2019 - legraswindow
Wavefront by vmware june 2019 - legraswindowAnil Gupta (AJ) - vExpert
 
[APIdays Paris 2019] API Management in Service Mesh Using Istio and WSO2 API ...
[APIdays Paris 2019] API Management in Service Mesh Using Istio and WSO2 API ...[APIdays Paris 2019] API Management in Service Mesh Using Istio and WSO2 API ...
[APIdays Paris 2019] API Management in Service Mesh Using Istio and WSO2 API ...WSO2
 
APIs from the Edge to the Mesh
APIs from the Edge to the MeshAPIs from the Edge to the Mesh
APIs from the Edge to the MeshNordic APIs
 
Solace Singapore User Group: Sumeet Puri
Solace Singapore User Group: Sumeet PuriSolace Singapore User Group: Sumeet Puri
Solace Singapore User Group: Sumeet PuriSolace
 
Transform Enterprise IT Infrastructure with AWS DevOps
Transform Enterprise IT Infrastructure with AWS DevOpsTransform Enterprise IT Infrastructure with AWS DevOps
Transform Enterprise IT Infrastructure with AWS DevOpsAmazon Web Services
 
Microservices Design Principles.pdf
Microservices Design Principles.pdfMicroservices Design Principles.pdf
Microservices Design Principles.pdfSimform
 
APIdays Paris 2019 - Cloud native API Management for Microservices on a Servi...
APIdays Paris 2019 - Cloud native API Management for Microservices on a Servi...APIdays Paris 2019 - Cloud native API Management for Microservices on a Servi...
APIdays Paris 2019 - Cloud native API Management for Microservices on a Servi...apidays
 
Enhancing Data Security in Cloud Computation Using Addition-Composition Fully...
Enhancing Data Security in Cloud Computation Using Addition-Composition Fully...Enhancing Data Security in Cloud Computation Using Addition-Composition Fully...
Enhancing Data Security in Cloud Computation Using Addition-Composition Fully...Dr. Richard Otieno
 
Support Software Defined Networking with Dynamic Network Architecture
Support Software Defined Networking with Dynamic Network ArchitectureSupport Software Defined Networking with Dynamic Network Architecture
Support Software Defined Networking with Dynamic Network ArchitectureZivaro Inc
 
Security and Observability of Application Traffic in Kubernetes
Security and Observability of Application Traffic in KubernetesSecurity and Observability of Application Traffic in Kubernetes
Security and Observability of Application Traffic in KubernetesAkshay Mathur
 
Running Consul on Kubernetes and Beyond
Running Consul on Kubernetes and BeyondRunning Consul on Kubernetes and Beyond
Running Consul on Kubernetes and BeyondMitchell Pronschinske
 
Next Generation DDoS Services – can we do this with NFV? - CF Chui
Next Generation DDoS Services – can we do this with NFV? - CF ChuiNext Generation DDoS Services – can we do this with NFV? - CF Chui
Next Generation DDoS Services – can we do this with NFV? - CF ChuiMyNOG
 
Business Continuity with Microservices-Based Apps and DevOps: Learnings from ...
Business Continuity with Microservices-Based Apps and DevOps: Learnings from ...Business Continuity with Microservices-Based Apps and DevOps: Learnings from ...
Business Continuity with Microservices-Based Apps and DevOps: Learnings from ...DevOps.com
 
Ibm cloud forum managing heterogenousclouds_final
Ibm cloud forum managing heterogenousclouds_finalIbm cloud forum managing heterogenousclouds_final
Ibm cloud forum managing heterogenousclouds_finalMauricio Godoy
 
Who Moved My Network? Mastering Hybrid WANs with ThousandEyes and Cisco
Who Moved My Network? Mastering Hybrid WANs with ThousandEyes and CiscoWho Moved My Network? Mastering Hybrid WANs with ThousandEyes and Cisco
Who Moved My Network? Mastering Hybrid WANs with ThousandEyes and CiscoThousandEyes
 

Similar a Modernizing Application Deployments with HashiCorp Consul on Microsoft Azure (20)

Wavefront presentation-May-2019
Wavefront presentation-May-2019Wavefront presentation-May-2019
Wavefront presentation-May-2019
 
A New Approach to Continuous Monitoring in the Cloud
A New Approach to Continuous Monitoring in the CloudA New Approach to Continuous Monitoring in the Cloud
A New Approach to Continuous Monitoring in the Cloud
 
Wavefront by vmware june 2019 - legraswindow
Wavefront by vmware june 2019 - legraswindowWavefront by vmware june 2019 - legraswindow
Wavefront by vmware june 2019 - legraswindow
 
[APIdays Paris 2019] API Management in Service Mesh Using Istio and WSO2 API ...
[APIdays Paris 2019] API Management in Service Mesh Using Istio and WSO2 API ...[APIdays Paris 2019] API Management in Service Mesh Using Istio and WSO2 API ...
[APIdays Paris 2019] API Management in Service Mesh Using Istio and WSO2 API ...
 
Cloud computing
Cloud computingCloud computing
Cloud computing
 
Wavefront-by-VMware-April-2019
Wavefront-by-VMware-April-2019Wavefront-by-VMware-April-2019
Wavefront-by-VMware-April-2019
 
APIs from the Edge to the Mesh
APIs from the Edge to the MeshAPIs from the Edge to the Mesh
APIs from the Edge to the Mesh
 
Solace Singapore User Group: Sumeet Puri
Solace Singapore User Group: Sumeet PuriSolace Singapore User Group: Sumeet Puri
Solace Singapore User Group: Sumeet Puri
 
Transform Enterprise IT Infrastructure with AWS DevOps
Transform Enterprise IT Infrastructure with AWS DevOpsTransform Enterprise IT Infrastructure with AWS DevOps
Transform Enterprise IT Infrastructure with AWS DevOps
 
Microservices Design Principles.pdf
Microservices Design Principles.pdfMicroservices Design Principles.pdf
Microservices Design Principles.pdf
 
APIdays Paris 2019 - Cloud native API Management for Microservices on a Servi...
APIdays Paris 2019 - Cloud native API Management for Microservices on a Servi...APIdays Paris 2019 - Cloud native API Management for Microservices on a Servi...
APIdays Paris 2019 - Cloud native API Management for Microservices on a Servi...
 
Enhancing Data Security in Cloud Computation Using Addition-Composition Fully...
Enhancing Data Security in Cloud Computation Using Addition-Composition Fully...Enhancing Data Security in Cloud Computation Using Addition-Composition Fully...
Enhancing Data Security in Cloud Computation Using Addition-Composition Fully...
 
Support Software Defined Networking with Dynamic Network Architecture
Support Software Defined Networking with Dynamic Network ArchitectureSupport Software Defined Networking with Dynamic Network Architecture
Support Software Defined Networking with Dynamic Network Architecture
 
Cloud Customer Architecture for Hybrid Integration
Cloud Customer Architecture for Hybrid IntegrationCloud Customer Architecture for Hybrid Integration
Cloud Customer Architecture for Hybrid Integration
 
Security and Observability of Application Traffic in Kubernetes
Security and Observability of Application Traffic in KubernetesSecurity and Observability of Application Traffic in Kubernetes
Security and Observability of Application Traffic in Kubernetes
 
Running Consul on Kubernetes and Beyond
Running Consul on Kubernetes and BeyondRunning Consul on Kubernetes and Beyond
Running Consul on Kubernetes and Beyond
 
Next Generation DDoS Services – can we do this with NFV? - CF Chui
Next Generation DDoS Services – can we do this with NFV? - CF ChuiNext Generation DDoS Services – can we do this with NFV? - CF Chui
Next Generation DDoS Services – can we do this with NFV? - CF Chui
 
Business Continuity with Microservices-Based Apps and DevOps: Learnings from ...
Business Continuity with Microservices-Based Apps and DevOps: Learnings from ...Business Continuity with Microservices-Based Apps and DevOps: Learnings from ...
Business Continuity with Microservices-Based Apps and DevOps: Learnings from ...
 
Ibm cloud forum managing heterogenousclouds_final
Ibm cloud forum managing heterogenousclouds_finalIbm cloud forum managing heterogenousclouds_final
Ibm cloud forum managing heterogenousclouds_final
 
Who Moved My Network? Mastering Hybrid WANs with ThousandEyes and Cisco
Who Moved My Network? Mastering Hybrid WANs with ThousandEyes and CiscoWho Moved My Network? Mastering Hybrid WANs with ThousandEyes and Cisco
Who Moved My Network? Mastering Hybrid WANs with ThousandEyes and Cisco
 

Más de Mitchell Pronschinske

Multi-Cloud with Nomad and Consul Connect
Multi-Cloud with Nomad and Consul ConnectMulti-Cloud with Nomad and Consul Connect
Multi-Cloud with Nomad and Consul ConnectMitchell Pronschinske
 
Empowering developers and operators through Gitlab and HashiCorp
Empowering developers and operators through Gitlab and HashiCorpEmpowering developers and operators through Gitlab and HashiCorp
Empowering developers and operators through Gitlab and HashiCorpMitchell Pronschinske
 
Automate and simplify multi cloud complexity with f5 and hashi corp
Automate and simplify multi cloud complexity with f5 and hashi corpAutomate and simplify multi cloud complexity with f5 and hashi corp
Automate and simplify multi cloud complexity with f5 and hashi corpMitchell Pronschinske
 
Using new sentinel features in terraform cloud
Using new sentinel features in terraform cloudUsing new sentinel features in terraform cloud
Using new sentinel features in terraform cloudMitchell Pronschinske
 
Military Edge Computing with Vault and Consul
Military Edge Computing with Vault and ConsulMilitary Edge Computing with Vault and Consul
Military Edge Computing with Vault and ConsulMitchell Pronschinske
 
Unlocking the Cloud operating model with GitHub Actions
Unlocking the Cloud operating model with GitHub ActionsUnlocking the Cloud operating model with GitHub Actions
Unlocking the Cloud operating model with GitHub ActionsMitchell Pronschinske
 
Vault 1.4 integrated storage overview
Vault 1.4 integrated storage overviewVault 1.4 integrated storage overview
Vault 1.4 integrated storage overviewMitchell Pronschinske
 
Cisco ACI with HashiCorp Terraform (APAC)
Cisco ACI with HashiCorp Terraform (APAC)Cisco ACI with HashiCorp Terraform (APAC)
Cisco ACI with HashiCorp Terraform (APAC)Mitchell Pronschinske
 
Governance for Multiple Teams Sharing a Nomad Cluster
Governance for Multiple Teams Sharing a Nomad ClusterGovernance for Multiple Teams Sharing a Nomad Cluster
Governance for Multiple Teams Sharing a Nomad ClusterMitchell Pronschinske
 
Unlocking the Cloud Operating Model: Deployment
Unlocking the Cloud Operating Model: DeploymentUnlocking the Cloud Operating Model: Deployment
Unlocking the Cloud Operating Model: DeploymentMitchell Pronschinske
 
Keeping a Secret with HashiCorp Vault
Keeping a Secret with HashiCorp VaultKeeping a Secret with HashiCorp Vault
Keeping a Secret with HashiCorp VaultMitchell Pronschinske
 
Modern Scheduling for Modern Applications with Nomad
Modern Scheduling for Modern Applications with NomadModern Scheduling for Modern Applications with Nomad
Modern Scheduling for Modern Applications with NomadMitchell Pronschinske
 
Rapid Infrastructure in Hybrid Environments
Rapid Infrastructure in Hybrid EnvironmentsRapid Infrastructure in Hybrid Environments
Rapid Infrastructure in Hybrid EnvironmentsMitchell Pronschinske
 
Understanding Service Mesh on Azure with HashiCorp Consul
Understanding Service Mesh on Azure with HashiCorp ConsulUnderstanding Service Mesh on Azure with HashiCorp Consul
Understanding Service Mesh on Azure with HashiCorp ConsulMitchell Pronschinske
 

Más de Mitchell Pronschinske (20)

Multi-Cloud with Nomad and Consul Connect
Multi-Cloud with Nomad and Consul ConnectMulti-Cloud with Nomad and Consul Connect
Multi-Cloud with Nomad and Consul Connect
 
Code quality for Terraform
Code quality for TerraformCode quality for Terraform
Code quality for Terraform
 
Empowering developers and operators through Gitlab and HashiCorp
Empowering developers and operators through Gitlab and HashiCorpEmpowering developers and operators through Gitlab and HashiCorp
Empowering developers and operators through Gitlab and HashiCorp
 
Automate and simplify multi cloud complexity with f5 and hashi corp
Automate and simplify multi cloud complexity with f5 and hashi corpAutomate and simplify multi cloud complexity with f5 and hashi corp
Automate and simplify multi cloud complexity with f5 and hashi corp
 
Vault 1.5 Overview
Vault 1.5 OverviewVault 1.5 Overview
Vault 1.5 Overview
 
Using new sentinel features in terraform cloud
Using new sentinel features in terraform cloudUsing new sentinel features in terraform cloud
Using new sentinel features in terraform cloud
 
Military Edge Computing with Vault and Consul
Military Edge Computing with Vault and ConsulMilitary Edge Computing with Vault and Consul
Military Edge Computing with Vault and Consul
 
Unlocking the Cloud operating model with GitHub Actions
Unlocking the Cloud operating model with GitHub ActionsUnlocking the Cloud operating model with GitHub Actions
Unlocking the Cloud operating model with GitHub Actions
 
Vault 1.4 integrated storage overview
Vault 1.4 integrated storage overviewVault 1.4 integrated storage overview
Vault 1.4 integrated storage overview
 
Cisco ACI with HashiCorp Terraform (APAC)
Cisco ACI with HashiCorp Terraform (APAC)Cisco ACI with HashiCorp Terraform (APAC)
Cisco ACI with HashiCorp Terraform (APAC)
 
Governance for Multiple Teams Sharing a Nomad Cluster
Governance for Multiple Teams Sharing a Nomad ClusterGovernance for Multiple Teams Sharing a Nomad Cluster
Governance for Multiple Teams Sharing a Nomad Cluster
 
Integrating Terraform and Consul
Integrating Terraform and ConsulIntegrating Terraform and Consul
Integrating Terraform and Consul
 
Unlocking the Cloud Operating Model: Deployment
Unlocking the Cloud Operating Model: DeploymentUnlocking the Cloud Operating Model: Deployment
Unlocking the Cloud Operating Model: Deployment
 
Keeping a Secret with HashiCorp Vault
Keeping a Secret with HashiCorp VaultKeeping a Secret with HashiCorp Vault
Keeping a Secret with HashiCorp Vault
 
Modern Scheduling for Modern Applications with Nomad
Modern Scheduling for Modern Applications with NomadModern Scheduling for Modern Applications with Nomad
Modern Scheduling for Modern Applications with Nomad
 
Remote Culture at HashiCorp
Remote Culture at HashiCorpRemote Culture at HashiCorp
Remote Culture at HashiCorp
 
Rapid Infrastructure in Hybrid Environments
Rapid Infrastructure in Hybrid EnvironmentsRapid Infrastructure in Hybrid Environments
Rapid Infrastructure in Hybrid Environments
 
Vault 1.4 launch webinar
Vault 1.4 launch webinar Vault 1.4 launch webinar
Vault 1.4 launch webinar
 
Understanding Service Mesh on Azure with HashiCorp Consul
Understanding Service Mesh on Azure with HashiCorp ConsulUnderstanding Service Mesh on Azure with HashiCorp Consul
Understanding Service Mesh on Azure with HashiCorp Consul
 
From Terraform OSS to Enterprise
From Terraform OSS to EnterpriseFrom Terraform OSS to Enterprise
From Terraform OSS to Enterprise
 

Último

How to submit a standout Adobe Champion Application
How to submit a standout Adobe Champion ApplicationHow to submit a standout Adobe Champion Application
How to submit a standout Adobe Champion ApplicationBradBedford3
 
20240415 [Container Plumbing Days] Usernetes Gen2 - Kubernetes in Rootless Do...
20240415 [Container Plumbing Days] Usernetes Gen2 - Kubernetes in Rootless Do...20240415 [Container Plumbing Days] Usernetes Gen2 - Kubernetes in Rootless Do...
20240415 [Container Plumbing Days] Usernetes Gen2 - Kubernetes in Rootless Do...Akihiro Suda
 
SpotFlow: Tracking Method Calls and States at Runtime
SpotFlow: Tracking Method Calls and States at RuntimeSpotFlow: Tracking Method Calls and States at Runtime
SpotFlow: Tracking Method Calls and States at Runtimeandrehoraa
 
GOING AOT WITH GRAALVM – DEVOXX GREECE.pdf
GOING AOT WITH GRAALVM – DEVOXX GREECE.pdfGOING AOT WITH GRAALVM – DEVOXX GREECE.pdf
GOING AOT WITH GRAALVM – DEVOXX GREECE.pdfAlina Yurenko
 
Sending Calendar Invites on SES and Calendarsnack.pdf
Sending Calendar Invites on SES and Calendarsnack.pdfSending Calendar Invites on SES and Calendarsnack.pdf
Sending Calendar Invites on SES and Calendarsnack.pdf31events.com
 
React Server Component in Next.js by Hanief Utama
React Server Component in Next.js by Hanief UtamaReact Server Component in Next.js by Hanief Utama
React Server Component in Next.js by Hanief UtamaHanief Utama
 
Post Quantum Cryptography – The Impact on Identity
Post Quantum Cryptography – The Impact on IdentityPost Quantum Cryptography – The Impact on Identity
Post Quantum Cryptography – The Impact on Identityteam-WIBU
 
Cyber security and its impact on E commerce
Cyber security and its impact on E commerceCyber security and its impact on E commerce
Cyber security and its impact on E commercemanigoyal112
 
Alfresco TTL#157 - Troubleshooting Made Easy: Deciphering Alfresco mTLS Confi...
Alfresco TTL#157 - Troubleshooting Made Easy: Deciphering Alfresco mTLS Confi...Alfresco TTL#157 - Troubleshooting Made Easy: Deciphering Alfresco mTLS Confi...
Alfresco TTL#157 - Troubleshooting Made Easy: Deciphering Alfresco mTLS Confi...Angel Borroy López
 
Global Identity Enrolment and Verification Pro Solution - Cizo Technology Ser...
Global Identity Enrolment and Verification Pro Solution - Cizo Technology Ser...Global Identity Enrolment and Verification Pro Solution - Cizo Technology Ser...
Global Identity Enrolment and Verification Pro Solution - Cizo Technology Ser...Cizo Technology Services
 
英国UN学位证,北安普顿大学毕业证书1:1制作
英国UN学位证,北安普顿大学毕业证书1:1制作英国UN学位证,北安普顿大学毕业证书1:1制作
英国UN学位证,北安普顿大学毕业证书1:1制作qr0udbr0
 
Software Project Health Check: Best Practices and Techniques for Your Product...
Software Project Health Check: Best Practices and Techniques for Your Product...Software Project Health Check: Best Practices and Techniques for Your Product...
Software Project Health Check: Best Practices and Techniques for Your Product...Velvetech LLC
 
Unveiling the Future: Sylius 2.0 New Features
Unveiling the Future: Sylius 2.0 New FeaturesUnveiling the Future: Sylius 2.0 New Features
Unveiling the Future: Sylius 2.0 New FeaturesŁukasz Chruściel
 
Implementing Zero Trust strategy with Azure
Implementing Zero Trust strategy with AzureImplementing Zero Trust strategy with Azure
Implementing Zero Trust strategy with AzureDinusha Kumarasiri
 
Powering Real-Time Decisions with Continuous Data Streams
Powering Real-Time Decisions with Continuous Data StreamsPowering Real-Time Decisions with Continuous Data Streams
Powering Real-Time Decisions with Continuous Data StreamsSafe Software
 
Real-time Tracking and Monitoring with Cargo Cloud Solutions.pptx
Real-time Tracking and Monitoring with Cargo Cloud Solutions.pptxReal-time Tracking and Monitoring with Cargo Cloud Solutions.pptx
Real-time Tracking and Monitoring with Cargo Cloud Solutions.pptxRTS corp
 
SuccessFactors 1H 2024 Release - Sneak-Peek by Deloitte Germany
SuccessFactors 1H 2024 Release - Sneak-Peek by Deloitte GermanySuccessFactors 1H 2024 Release - Sneak-Peek by Deloitte Germany
SuccessFactors 1H 2024 Release - Sneak-Peek by Deloitte GermanyChristoph Pohl
 
Ahmed Motair CV April 2024 (Senior SW Developer)
Ahmed Motair CV April 2024 (Senior SW Developer)Ahmed Motair CV April 2024 (Senior SW Developer)
Ahmed Motair CV April 2024 (Senior SW Developer)Ahmed Mater
 
CRM Contender Series: HubSpot vs. Salesforce
CRM Contender Series: HubSpot vs. SalesforceCRM Contender Series: HubSpot vs. Salesforce
CRM Contender Series: HubSpot vs. SalesforceBrainSell Technologies
 

Último (20)

How to submit a standout Adobe Champion Application
How to submit a standout Adobe Champion ApplicationHow to submit a standout Adobe Champion Application
How to submit a standout Adobe Champion Application
 
20240415 [Container Plumbing Days] Usernetes Gen2 - Kubernetes in Rootless Do...
20240415 [Container Plumbing Days] Usernetes Gen2 - Kubernetes in Rootless Do...20240415 [Container Plumbing Days] Usernetes Gen2 - Kubernetes in Rootless Do...
20240415 [Container Plumbing Days] Usernetes Gen2 - Kubernetes in Rootless Do...
 
SpotFlow: Tracking Method Calls and States at Runtime
SpotFlow: Tracking Method Calls and States at RuntimeSpotFlow: Tracking Method Calls and States at Runtime
SpotFlow: Tracking Method Calls and States at Runtime
 
GOING AOT WITH GRAALVM – DEVOXX GREECE.pdf
GOING AOT WITH GRAALVM – DEVOXX GREECE.pdfGOING AOT WITH GRAALVM – DEVOXX GREECE.pdf
GOING AOT WITH GRAALVM – DEVOXX GREECE.pdf
 
Sending Calendar Invites on SES and Calendarsnack.pdf
Sending Calendar Invites on SES and Calendarsnack.pdfSending Calendar Invites on SES and Calendarsnack.pdf
Sending Calendar Invites on SES and Calendarsnack.pdf
 
React Server Component in Next.js by Hanief Utama
React Server Component in Next.js by Hanief UtamaReact Server Component in Next.js by Hanief Utama
React Server Component in Next.js by Hanief Utama
 
Post Quantum Cryptography – The Impact on Identity
Post Quantum Cryptography – The Impact on IdentityPost Quantum Cryptography – The Impact on Identity
Post Quantum Cryptography – The Impact on Identity
 
Cyber security and its impact on E commerce
Cyber security and its impact on E commerceCyber security and its impact on E commerce
Cyber security and its impact on E commerce
 
Alfresco TTL#157 - Troubleshooting Made Easy: Deciphering Alfresco mTLS Confi...
Alfresco TTL#157 - Troubleshooting Made Easy: Deciphering Alfresco mTLS Confi...Alfresco TTL#157 - Troubleshooting Made Easy: Deciphering Alfresco mTLS Confi...
Alfresco TTL#157 - Troubleshooting Made Easy: Deciphering Alfresco mTLS Confi...
 
Global Identity Enrolment and Verification Pro Solution - Cizo Technology Ser...
Global Identity Enrolment and Verification Pro Solution - Cizo Technology Ser...Global Identity Enrolment and Verification Pro Solution - Cizo Technology Ser...
Global Identity Enrolment and Verification Pro Solution - Cizo Technology Ser...
 
英国UN学位证,北安普顿大学毕业证书1:1制作
英国UN学位证,北安普顿大学毕业证书1:1制作英国UN学位证,北安普顿大学毕业证书1:1制作
英国UN学位证,北安普顿大学毕业证书1:1制作
 
Software Project Health Check: Best Practices and Techniques for Your Product...
Software Project Health Check: Best Practices and Techniques for Your Product...Software Project Health Check: Best Practices and Techniques for Your Product...
Software Project Health Check: Best Practices and Techniques for Your Product...
 
Unveiling the Future: Sylius 2.0 New Features
Unveiling the Future: Sylius 2.0 New FeaturesUnveiling the Future: Sylius 2.0 New Features
Unveiling the Future: Sylius 2.0 New Features
 
Implementing Zero Trust strategy with Azure
Implementing Zero Trust strategy with AzureImplementing Zero Trust strategy with Azure
Implementing Zero Trust strategy with Azure
 
2.pdf Ejercicios de programación competitiva
2.pdf Ejercicios de programación competitiva2.pdf Ejercicios de programación competitiva
2.pdf Ejercicios de programación competitiva
 
Powering Real-Time Decisions with Continuous Data Streams
Powering Real-Time Decisions with Continuous Data StreamsPowering Real-Time Decisions with Continuous Data Streams
Powering Real-Time Decisions with Continuous Data Streams
 
Real-time Tracking and Monitoring with Cargo Cloud Solutions.pptx
Real-time Tracking and Monitoring with Cargo Cloud Solutions.pptxReal-time Tracking and Monitoring with Cargo Cloud Solutions.pptx
Real-time Tracking and Monitoring with Cargo Cloud Solutions.pptx
 
SuccessFactors 1H 2024 Release - Sneak-Peek by Deloitte Germany
SuccessFactors 1H 2024 Release - Sneak-Peek by Deloitte GermanySuccessFactors 1H 2024 Release - Sneak-Peek by Deloitte Germany
SuccessFactors 1H 2024 Release - Sneak-Peek by Deloitte Germany
 
Ahmed Motair CV April 2024 (Senior SW Developer)
Ahmed Motair CV April 2024 (Senior SW Developer)Ahmed Motair CV April 2024 (Senior SW Developer)
Ahmed Motair CV April 2024 (Senior SW Developer)
 
CRM Contender Series: HubSpot vs. Salesforce
CRM Contender Series: HubSpot vs. SalesforceCRM Contender Series: HubSpot vs. Salesforce
CRM Contender Series: HubSpot vs. Salesforce
 

Modernizing Application Deployments with HashiCorp Consul on Microsoft Azure

  • 1. © 2018 HashiCorp Consul Service Networking Made Easy A multi-cloud service networking platform to connect and secure any service across any runtime platform and public or private cloud 1
  • 2. Copyright © 2018 HashiCorp ∕ ▪ The Cloud Operating Model 2
  • 3. Copyright © 2018 HashiCorp ∕Copyright © 2018 HashiCorp ∕ 3 App App Networking Development Security Operations A Common Cloud Operating Model to Accelerate Application Delivery POLICY GOVERNANCE
  • 4. © 2018 HashiCorp Shifting from Static to Dynamic Networking 4
  • 5. © 2018 HashiCorpUSING CONSUL IN DYNAMIC INFRASTRUCTURE Market trend from monoliths to microservices Single, Physical Server Dynamic Virtual Machines Smaller, Ephemeral Containers 5
  • 6. © 2018 HashiCorp Dynamic Infrastructure Service-based networking The shift from static to dynamic networking Static Infrastructure Host-based networking USING CONSUL IN DYNAMIC INFRASTRUCTURE 6
  • 7. © 2018 HashiCorpUSING CONSUL IN DYNAMIC INFRASTRUCTURE Dynamic Infrastructure Service-based networking The shift from static to dynamic networking Private datacenters with static IPs, primarily north-south traffic, protected by perimeter security and coarse-grained network segments. Traditional Approach ▪ Static connectivity between services ▪ A fleet of load balancers to route traffic ▪ Ticket driven processes to update network middleware ▪ Firewall rule sprawl to constrict access and Insecure flat network zones Multiple clouds and private datacenters with dynamic IPs, dominated by east-west traffic, no clear network perimeters. Consul Approach ▪ Centralized registry to locate any service ▪ Services discovered and connected with centralized policies ▪ Network automated in service of applications ▪ Zero trust network enforced by identity- based security policies Static Infrastructure Host-based networking 7
  • 8. © 2018 HashiCorp Three Competencies of a Service Mesh 8
  • 9. Networking Dynamically locate any application or infrastructure service to simplify network connectivity Observability Increased visibility to gain insights into how services interact with and depend on each other at the runtime layer Reliability Building redundancy through automated failover and replication to minimize outages and downtimes
  • 10. © 2018 HashiCorp CONSUL ADOPTION / / PHASE TWO Demo 10
  • 11. Copyright © 2019 HashiCorp ∕ Demo Demo of AKS and Consul 11 1. Provision AKS Cluster Using Terraform 2. Deploy Consul to cluster via Helm 3. Deploy Application to cluster 4. Use SMI to manage intentions
  • 12. Copyright © 2018 HashiCorp ∕ ▪ Kubernetes on Azure Overview 12
  • 13. From infrastructure to innovation Responsibilities DIY with Kubernetes Managed Kubernetes on Azure Containerization Application iteration, debugging CI/CD Cluster hosting Cluster upgrade Patching Scaling Monitoring and logging Customer Microsoft Managed Kubernetes empowers you to achieve more Focus on your containers and code, not the plumbing of them
  • 14. Azure Kubernetes momentum Azure Kubernetes Service usage grew 30x since it was made generally available in June 2018 Trusted by thousands of customers Dated November 2018
  • 15. Manage Kubernetes with ease • Automated provisioning, upgrades, patches • High reliability, availability • Easy, secure cluster scaling • Self-healing • API server monitoring • At no charge API server Controller ManagerScheduler etcd Store Cloud Controller Self-managed master node(s) Customer VMs App/ workload definitionUser Docker Pods Docker Pods Docker Pods Docker Pods Docker Pods Schedule pods over private tunnel Kubernetes API endpoint Azure managed control plane Infrastructure automation
  • 16. Manage Kubernetes with ease Azure Monitor AKS production cluster Microservices Azure Container Instances (ACI) Pods Virtual node Availability Reliability Highly available, reliable service with serverless scaling Auto scaling
  • 17. Accelerate containerized development Kubernetes and DevOps better together Develop • Native containers and Kubernetes support in IDE • Remote debugging and iteration for multi- containers • Effective code merge • Automatic containerization Deliver • CI/CD pipeline with automated tasks in a few clicks • Pre-configured canary deployment strategy • In depth build and delivery process review and integration testing • Private registry with Helm support Operate • Out-of-box control plane telemetry, log aggregation, and container health • Declarative resource management • Auto scaling Inner loop Test Debug Azure DevSpaces AKS dev cluster Azure Pipelines Source code control Azure Container Registry Helm chart Container image AKS production cluster Azure Monitor Scale Terraform Develop Deliver Operate
  • 18. © 2018 HashiCorp CONSUL ADOPTION / / PHASE TWO Demo 18
  • 19. Copyright © 2019 HashiCorp ∕ Demo Demo of AKS and Consul 19 1. Provision AKS Cluster Using Terraform 2. Deploy Consul to cluster via Helm 3. Deploy Application to cluster 4. Use SMI to manage intentions
  • 20. Copyright © 2019 HashiCorp ∕ Demo Demo of AKS and Consul 20 1. Provision AKS Cluster Using Terraform 2. Deploy Consul to cluster via Helm 3. Deploy Application to cluster 4. Use SMI to manage intentions
  • 21. Copyright © 2018 HashiCorp ∕ ▪ Microsoft Service Mesh Interface (SMI) 21
  • 22. Towards Service Mesh Interface Technologists who understand Kubernetes Technologists who understand Service Mesh Technologists who understand Service Mesh Interface
  • 23. But that shouldn’t really be the case Technologists who understand Kubernetes expect a set of networking functionality available to them Services should have an identity and should be able to communicate securely Communication between services should be monitored and logged Traffic patterns between services should be configurable, i.e., newer service versions could be receiving less traffic, etc.
  • 24. PolicyRouting Telemetry Historically, this was achieved via smart endpoints, dumb pipes This has worked for the past 25 years But with so many endpoints today, how do you manage
  • 27. Service Mesh Interface (SMI) for Kubernetes In partnership with
  • 28. Service Mesh Interface (SMI) for Kubernetes A Kubernetes interface that provides traffic routing, traffic telemetry, and traffic policy Apps Tooling Ecosystem Standardized Standard interface for service mesh on Kubernetes Simplified Basic feature set to address most common scenarios Extensible Support for new features as they become widely available …and more Service Mesh Interface
  • 29. Service Mesh Interface Technologists who understand Kubernetes expect a set of networking functionality available to them, and now they can get that functionality through SMI Services should have an identity and should be able to communicate securely Communication between services should be monitored and logged Traffic patterns between services should be configurable, i.e., newer service versions could be receiving less traffic, etc.
  • 30. This isn’t a new concept If the SMI concept sounds familiar, that’s because it is Apps Tooling Ecosystem Ingress
  • 31. So, why SMI? Because it’s faster, simpler, and friendlier Get started quickly Simpler is better Ecosystem friendly
  • 32. © 2018 HashiCorp CONSUL ADOPTION / / PHASE TWO Demo 32
  • 33. Copyright © 2019 HashiCorp ∕ Demo Demo of AKS and Consul 33 1. Provision AKS Cluster Using Terraform 2. Deploy Consul to cluster via Helm 3. Deploy Application to cluster 4. Use SMI to manage intentions
  • 34. © 2018 HashiCorp New Features L7 Observability, Routing, and Mesh Gateways 34
  • 35. CHALLENGE SOLUTION RESULTS Feature: ∕ Copyright © 2018 HashiCorp ∕USE CASE: INFRASTRUCTURE AS CODE Debugging and isolating issues in a microservices environment can be challenging L7 Observability A primary microservices challenge is trying to understand how individual services being independently deployed are interacting with each other. Lack of visibility to get insights into the way services interact with and depend on each other at runtime makes it difficult to understand the performance bottlenecks and isolate any issues or incidents 35
  • 36. CHALLENGE SOLUTION RESULTS ∕ Copyright © 2018 HashiCorp ∕ Feature: USE CASE: INFRASTRUCTURE AS CODE L7 Observability L7 Observability 36 Consul Connect lets users configure the observability features in Envoy proxy. Observability makes it easier to see what is happening when services interact with each other. Envoy also provides a simple way to get the same high-level metrics for all services.
  • 37. CHALLENGE SOLUTION RESULTS ∕ Copyright © 2018 HashiCorp ∕ Feature: USE CASE: INFRASTRUCTURE AS CODE L7 Observability L7 Observability 37 Observability features include: Tracing: Helps with understanding the application behavior when interacting with upstream and downstream services Metrics: Gathers telemetry data from across the mesh and provide high-level application information Logging: Provides an immutable record of discrete events that helps in better fault isolation
  • 38. CHALLENGE SOLUTION RESULTS ∕ Copyright © 2018 HashiCorp ∕ Feature: USE CASE: INFRASTRUCTURE AS CODE L7 Observability L7 Observability 38 Observability is achieved by integration with third party tools : Tracing: Jaeger, Zipkin, DataDog Metrics: Grafana, Prometheus, etc Logging: Splunk, ELK, Fluentd
  • 39. CHALLENGE SOLUTION RESULTS Feature: ∕ Copyright © 2018 HashiCorp ∕ Consul Connect only supports L4 proxy L7 Routing Consul Connect can route traffic and set policies based on layer 4 headers, It does not support routing and redirecting requests based on L7 path, content type, runtime values, etc. Lack of L7 filtering capabilities also prevents it from enforcing fine-grained security policies based on rich HTTP headers 39
  • 40. CHALLENGE SOLUTION RESULTS ∕ Copyright © 2018 HashiCorp ∕ Feature: L7 Routing and Policies L7 Routing 40 Ability to steer traffic based on header for canary testing, gradual deployment roll outs and canary releases
  • 41. CHALLENGE SOLUTION RESULTS Feature: ∕ Copyright © 2018 HashiCorp ∕USE CASE: INFRASTRUCTURE AS CODE Cross service connections across multi-K8s clusters or multi- clouds is challenging Mesh Gateways Consul expects all the services to be on a flat network and routable Consul cannot solve service discovery and connectivity use cases in overlay networks Connecting services across multi-clouds requires expensive IPsec or MPLS connectivity 41
  • 42. CHALLENGE SOLUTION RESULTS ∕ Copyright © 2018 HashiCorp ∕ Feature: Network Gateways Mesh Gateways 42 Network gateway, built upon Envoy, will sit on the public internet and accept L4 traffic with mTLS Network gateways will perform NAT and route the traffic to correct endpoint on the private network All the services need not be exposed on public network for cross cloud service communication