Multi-cloud Service Networking For Humans

Transcript

1. Multi-cloud Service Networking For Humans

2. Paul Banks Consul Engineering Lead at HashiCorp

3. Service Mesh Service Networking

4. Why Service Mesh?

5. Agenda ▪ Growing Organizations ▪ Service Mesh Pattern ▪ Service

   Mesh Features ▪ Consul Dynamic Routing ▪ Consul Mesh Gateways

6. “organizations which design systems ... are constrained to produce designs

   which are copies of the communication structures of these organizations.” Melvin Conway, 1967

7. Communication Overhead Image: IEEE Global History Network

8. Service Mesh Pattern

9. Development Team

10. Infrastructure Team

11. Service Mesh Pattern NETWORK APPLICATION SERVICE MESH

12. Central Control Plane API Separate Sidecar Proxy Process Service Mesh

    Pattern

13. Heterogeneity

14. None

15. Service Mesh Features

16. Resiliency Patterns Observability Service Identity Dynamic Routing

17. Progressive Delivery Limit Deployment Blast Radius ▪ Canaries ▪ Feature

    Flags ▪ Regional Deployment ▪ User/Customer Segments ▪ A/B Tests ▪ Opt-In Public Betas

18. Progressive Delivery Building Blocks ▪ Dynamic Traffic Management ▪ Dynamic

    Runtime Configuration ▪ Observability ▪ Automation (API Control)

19. Dynamic Routing Progressive Delivery Observability

20. Encrypt and Authorize Everything Service Identity

21. Move Fast and Don’t Break Things Resiliency Patterns

22. Move Fast and Don’t Break Things Resiliency Patterns

23. Understand, Debug, Innovate Observability

24. ∕ Dynamic Traffic Routing

25. HTTP Routing Traffic Splitting Custom Resolution "web.service.consul"

26. HTTP Routing Traffic Splitting Custom Resolution "web.service.consul"

27. HTTP Routing Traffic Splitting Custom Resolution "web.service.consul"

28. HTTP Routing Traffic Splitting Custom Resolution "web.service.consul"

29. v1 v2 100% web

30. 5% v1 v2 95% web

31. Configuring Traffic Splitting TERMINAL > cat api-split.json { "Kind": "service-splitting",

    "Name": "api", "Splits": [ { "Weight": 99, "Service": "api", "ServiceSubset": "v1" }, { "Weight": 1, "Service": "api", "ServiceSubset": "v2" } ] } > curl -X PUT -d @api-split.json localhost:8500/v1/config/service-sp…

32. TERMINAL > cat api-split.json { "Kind": "service-splitting", "Name": "api", "Splits":

    [ { "Weight": 99, "Service": "api", "ServiceSubset": "v1" }, { "Weight": 1, "Service": "api", "ServiceSubset": "v2" } ] } > curl -X PUT -d @api-split.json localhost:8500/v1/config/service-sp… Configuring Traffic Splitting

33. TERMINAL > cat api-split.json { "Kind": "service-splitting", "Name": "api", "Splits":

    [ { "Weight": 99, "Service": "api", "ServiceSubset": "v1" }, { "Weight": 1, "Service": "api", "ServiceSubset": "v2" } ] } > curl -X PUT -d @api-split.json localhost:8500/v1/config/service-sp… Configuring Traffic Splitting
34. None
35. None

36. ∕ Mesh Gateways

37. 10.0.2.1/24 10.0.1.1/24 IP2 IP1 Web DB API X

38. 10.0.2.1/24 10.0.1.1/24 IP2 IP1 Web DB API Connect 
 Mesh

    
 Gateway Connect 
 Mesh 
 Gateway

39. 10.0.2.1/24 10.0.1.1/24 IP2 IP1 Web DB API Connect 
 Mesh

    
 Gateway Connect 
 Mesh 
 Gateway
40. None
41. None

42. v1.api.default.google.internal.bedcb37e-0e2f-9ec1-aa35-34d5c26bf3cf.consul

43. Summary ▪ Service Mesh pattern separates application and infrastructure concerns

    ▪ Service Mesh features enable advanced service delivery ▪ Consul provides service networking solutions from DNS to Service Mesh ▪ Consul runs wherever your workloads are ▪ Mesh Gateways connect services securely across network boundaries

44. 1.6.0 Beta Available Today Dynamic Routing Mesh Gateway