Upgrade to Pro — share decks privately, control downloads, hide ads and more …

When Failure is Not an Option: Processing Real Money at Monzo with Kubernetes and Linkerd

Oliver Gould
March 29, 2017
Technology
0
710

When Failure is Not an Option: Processing Real Money at Monzo with Kubernetes and Linkerd

In this talk, we describe how Monzo processes financial transactions involving real money and real people in way that's safe, secure, and resilient. We show how combining Kubernetes with Linkerd creates a highly adaptive system, where Kubernetes provides a baseline level of protection against hardware and software failures and Linkerd layers on request-level resilience, including including latency-aware load-balancing, intelligent retries, and service-level measures of success rates and latency. We show how the resulting system is resilient to a wide variety of failures and protects the financial transactions that flow through it from failure, yet still allows for a rapid pace of feature development and iteration.

Oliver Gould

March 29, 2017
Tweet

More Decks by Oliver Gould

See All by Oliver Gould
Conduit: Open source, Ultralight Service Mesh for Kubernetes
olix0r
0
290
The service mesh: Distributed resilience for a cloud-native world
olix0r
0
190
The Service Mesh
olix0r
0
160
Freeing the Whale: How to Fail at Scale
olix0r
0
120
The once and future layer 5: Resilient, Twitter-style microservices
olix0r
2
690
The Once and Future Layer 5:
Twitter-style Microservices at Scale with Finagle and linkerd #🎩💪✨
olix0r
1
350
Finagle, linkerd, and Mesos
Magic Operability Sprinkles for Microservices
olix0r
2
730
Finagle, linkerd, and Apache Mesos: Twitter-style microservices at scale
olix0r
1
1.1k
Kubernetes meets Finagle for Resilient Microservices
olix0r
4
1.9k

Other Decks in Technology

See All in Technology
PHP"オレ"カンファレンスの告知
ysknsid25
0
360
AWS パートナー企業でテクニカルサポートに従事して2年経ったので思うところをまとめてみた
kazzpapa3
3
1.3k
NgRx Signal Store
rainerhahnekamp
0
110
Aurora MySQL v3(MySQL8.0互換)の オンラインDDLの罠挙動を全バージョンで検証した
yutakikai
1
150
〜小さく始めて大きく育てる〜データ分析基盤の開発から活用まで
kniino
0
2k
Vertex AI を中心に 生成AIのアップデートを共有します
kaz1437
0
110
Delivering Millions of Messages within seconds @ Duolingo
pelelgrino
0
320
巨大なテーブルのテーブル定義を無停止で安全に誰でも変更できるようにする / Table-definitions-for-huge-tables-can-be-modified-by-anyone-safely-and-non-disruptively
freee
1
730
TransitGatewayの基礎
toru_kubota
0
230
Databricks における 『MLOps』
databricksjapan
2
130
コンテナセキュリティの基本と脅威への対策
kyohmizu
3
690
クラウドサインにおけるプロダクトマネージャーの役割と開発プロセス / 20240410_cloudsign-PdM
bengo4com
1
680

Featured

See All Featured
It's Worth the Effort
3n
180
27k
Music & Morning Musume
bryan
41
5.6k
Side Projects
sachag
451
41k
I Don’t Have Time: Getting Over the Fear to Launch Your Podcast
jcasabona
20
1.6k
Debugging Ruby Performance
tmm1
70
11k
What's new in Ruby 2.0
geeforr
337
31k
Designing Experiences People Love
moore
136
23k
[Rails World 2023 - Day 1 Closing Keynote] - The Magic of Rails
eileencodes
1
1.3k
StorybookのUI Testing Handbookを読んだ
zakiyama
11
4.6k
Principles of Awesome APIs and How to Build Them.
keavy
120
16k
Embracing the Ebb and Flow
colly
79
4.1k
Scaling GitHub
holman
457
140k

Transcript

  1. Processing Real Money at Monzo with Kubernetes and Linkerd oliver

    beattie
 head of eng, monzo Kubecon EU, March 29, 2017 oliver gould
 creator, linkerd
 cto, buoyant inc. When Failure is Not an Option
  2. None
  3. None
  4. None

  5. Improving everyone’s relationship with their money

  6. Fast-paced tech startup but also a Regulated retail bank

  7. Extensible Efficient Resilient Secure

  8. None

  9. Reduced infrastructure spend 60% by moving to Kubernetes

  10. Host A Host B Service A Service B

  11. Load balancing Tracing Circuit breakers Retries Canarying Load shedding Error

    tracking Metrics Service discovery Logging Timeouts Expirations Security policies Back-offs Retry budgets Dynamic routing

  12. Host A Host B Service A Service B

  13. linkerd

  14. datacenter [1] physical [2] link [3] network [4] transport 


    
 kubernetes, mesos, swarm, … 
 canal, weave, … aws, azure, digitalocean, gce, … business languages, libraries [7] application rpc [5] session [6] presentation json, protobuf, thrift, … linkerd

  15. datacenter [1] physical [2] link [3] network [4] transport linkerd-tcp

    
 kubernetes, mesos, swarm, … 
 canal, weave, … aws, azure, digitalocean, gce, … business languages, libraries [7] application rpc [5] session [6] presentation json, protobuf, thrift, … linkerd

  16. Linkers and Loaders, John R. Levine, Academic Press

  17. a historical perspective: tcp/ip 1975: Internet Protocol Suite Layer 3:

    /etc/hosts Layer 4: /etc/services

  18. 
 Entire companies were formed around selling TCP/IP stacks before

    Windows 95. REMINDER

  19. a historical perspective: dns 1984: Domain Name Service /etc/hosts-as-a-service

  20. host app: b app: a app: c service: a host

    app: a app: b app: a the new world of service discovery!

  21. what would a cloud native linker do?

  22. logical naming applications refer to logical names
 requests are bound

    to concrete names
 delegations express routing /svc/users /#/io.l5d.zk/prod/users /#/io.l5d.k8s/staging/http/users /svc => /#/io.l5d.k8s/prod/http

  23. per-request routing: staging GET / HTTP/1.1
 Host: mysite.com
 l5d-dtab: /s/B

    => /s/B2

  24. per-request routing: debug proxy GET / HTTP/1.1
 Host: mysite.com
 l5d-dtab:

    /s/E => /s/P/s/E

  25. observability counters (e.g. client/users/failures) histograms (e.g. client/users/latency/p99) tracing

  26. linkerd-viz

  27. tracing

  28. timeouts & retries timelines users web db timeout=400ms retries=3 timeout=400ms

    retries=2 timeout=200ms retries=3 timelines users web db

  29. timeouts & retries timelines users web db timeout=400ms retries=3 timeout=400ms

    retries=2 timeout=200ms retries=3 timelines users web db 800ms! 600ms!

  30. deadlines timelines users web db timeout=400ms deadline=323ms deadline=210ms 77ms elapsed

    113ms elapsed

  31. retries typical: retries=3

  32. retries typical: retries=3 worst-case: 300% more load!!!

  33. budgets typical: retries=3 better:
 retryBudget=20% worst-case: 300% more load!!! worst-case:

    20% more load

  34. load shedding via cancellation timelines users web db timelines users

    web db timeout!

  35. load shedding via cancellation timelines users web db timelines users

    web db timeout!

  36. backpressure timelines users web db timelines users web db 1000

    requests 100 requests 1000 requests

  37. backpressure timelines users web db timelines users web db 1000

    failed 1000 failed

  38. backpressure timelines users web db 100 ok 100 ok 100

    ok + 900 failed/redirected/etc

  39. lb algorithms: • round-robin • fewest connections • queue depth

    • exponentially-weighted moving average (ewma) • aperture request-level load balancing

  40. github.com/linkerd/linkerd • Donated to CNCF in January 2017! • K8s

    Ingress API in the next release • gRPC and HTTP/2 battle testing • Fine-grained client policy API • Hitting 1.0 this next month! • Help us test RC1 this week

  41. github.com/linkerd/linkerd-tcp • LIghtweight, service-discovery-aware TCP LB • Supports endpoint weighting

    • Modern TLS: ALPN, SNI, forward secrecy, … • Written in Rust: native, safe, fast, & tiny! • Currently beta: get involved!

  42. linkerd.io slack.linkerd.io monzo.com/careers