#IstioCon Accelerating ZOZOTOWN Modernization with Istio Yoichi Kawasaki Tech Lead, ZOZOTOWN Platform SRE @ ZOZO, inc 

© ZOZO, Inc. Agenda ● Introduction ● ZOZOTOWN application modernization ○ Migration strategy ○ Istio adoption ● Recap 2 

© ZOZO, Inc. ● The largest fashion online shopping website in Japan. ● Over 1,500 stores offering more than 8,400 brands. ● At any given time, more than 830,000 items are available for purchase, in addition of more than 2,900 new items (average) per day.(As of Dec. 31st, 2021) ● Operates ZOZOCOSME, a specialized cosmetics mall, ZOZOSHOES, a shoe-specialized mall, and ZOZOVILLA, a luxury & designer zone. ● Same day delivery services are available in limited areas within Japan. ● Gift-wrapping services. ● Deferred payment option, “Tsukebarai”. ● Since Dec. 15th, 2004 3 https://zozo.jp/
 

© ZOZO, Inc. ZOZOTOWN 4 2004 ZOZOTOWN was launched Architecture Infrastructure Monolith On Prem ID UI Search Cart Products Session Payment Favorites Membership Application 

© ZOZO, Inc. ZOZOTOWN modernization 5 2004 2018 ZOZOTOWN was launched Started Modernization Project (“ZOZOTOWN replace”) Architecture Infrastructure Monolith k8s based microservices On Prem Hybrids (OnPrem + Public Cloud) 

© ZOZO, Inc. 6 ID UI Search Cart Session Payment Favorites Membership Strangling the monolith Products API Strangler Applications PC UI 

© ZOZO, Inc. ZOZOTOWN modernization 7 2004 2018 2020 ZOZOTOWN was launched Started Modernization Project (“ZOZOTOWN replace”) Implemented API Gateway 

© ZOZO, Inc. 8 Products API UI Cart Session Payment Favorites Membership API Gateway Strangling the monolith ID Search Search API Strangler Applications PC UI Mobile App Path: /search/v1/(.+)$ 

© ZOZO, Inc. 9 Products API UI Cart Session Payment Favorites Membership API Gateway Strangling the monolith ID Search API Strangler Applications PC UI Mobile App Path: /search/v1/(.+)$ 

© ZOZO, Inc. 10 Products API UI Cart Session Payment Favorites Membership API Gateway ID API Search API Strangling the monolith ID Strangler Applications PC UI Mobile App Path: /auth/v1/(.+)$ 

© ZOZO, Inc. 11 Products API UI Cart Session Payment Favorites Membership API Gateway ID API Search API Strangling the monolith Strangler Applications PC UI Mobile App Path: /auth/v1/(.+)$ 

© ZOZO, Inc. 12 Increased operational complexity and overhead 

© ZOZO, Inc. 13 Service B API Gateway Service A Service C Service D External Service E (on-oprem) API Gateway needed to include various network-related features to meet each service’s requirements, which added developer overhead and made the gateway more complex 

© ZOZO, Inc. 14 Service B API Gateway Service A Service C Service D External Service E (on-oprem) Inconsistent service networking added both SRE and developer overheads and increases operational complexity 

© ZOZO, Inc. 15 Service B API Gateway Service A Service C Service D External Service E (on-oprem) External Service F External Service G Inconsistent service networking added both SRE and developer overheads and increases operational complexity 

© ZOZO, Inc. 16 Istio adoption 

© ZOZO, Inc. ZOZOTOWN modernization 17 2004 2018 2020 ZOZOTOWN was launched Started Modernization Project (“ZOZOTOWN replace”) Implemented API Gateway 2021 Introduced Istio 

© ZOZO, Inc. Gradual introduction of istio ● One microservice at a time ● Zero downtime deployments using Canary deployment strategy ○ ZOZO API Gateway weighted routing for microservice Pods ○ AWS ALB weighted target groups for API Gateway Pods 18 

© ZOZO, Inc. 19 API Gateway Service A Primary Service A Canary 100% 0% Enabling istio on service Pods (Static) Canary deployment leveraging ZOZO API Gateway weighted routing 

© ZOZO, Inc. 20 API Gateway Service A Primary Service A Canary 90% 10% Enabling istio on service Pods (Static) Canary deployment leveraging ZOZO API Gateway weighted routing 

© ZOZO, Inc. 21 API Gateway Service A Primary Service A Canary 0% 100% Enabling istio on service Pods (Static) Canary deployment leveraging ZOZO API Gateway weighted routing 

© ZOZO, Inc. 22 Service B API Gateway Service A Service C Service D External Service E (on-oprem) External Service F External Service G Now service-to-service and service-to-external service communication can be consistently handled by Istio! But gateway-to-service communication is still handled differently Communication handled by Istio 

© ZOZO, Inc. 23 Refactoring of ZOZO API Gateway to fit in with Istio 

© ZOZO, Inc. ZOZO API Gateway’s Original Features 2 4 API Client Auth URI path-based routing Logging (Access log) Client-based IP whitelist Membership Auth Throttling ZOZO API Gateway = ZOZO’s Go-based in-house API Gateway Retries Timeouts Weigh-based routing Gzip encoding Failover 

© ZOZO, Inc. Refactoring ZOZO API Gateway to fit in with Istio 2 5 API Client Auth URI path-based routing Logging (Access log) Client-based IP whitelist Membership Auth Throttling Gzip encoding Retries Timeouts Weight-based routing Various Istio Capabilities - Traffic Management - Security - Policy Enforcement - Observability ZOZO API Gateway Istio / Service Mesh 

© ZOZO, Inc. 26 API Gateway Primary API Gateway Canary Application Load Balancer Ingress Gateway 100% 0% Enabling istio on API Gateway Pods (Static) Canary deployment leveraging AWS ALB weighted target groups Configure ALB with AWS Load Balancer Controller https://kubernetes-sigs.github.io/aws-load-balancer-controller/ 

© ZOZO, Inc. 27 API Gateway Primary API Gateway Canary Application Load Balancer Ingress Gateway 90% 10% Enabling istio on API Gateway Pods (Static) Canary deployment leveraging AWS ALB weighted target groups Configure ALB with AWS Load Balancer Controller https://kubernetes-sigs.github.io/aws-load-balancer-controller/ 

© ZOZO, Inc. 28 API Gateway Primary API Gateway Canary Application Load Balancer Ingress Gateway 0% 100% Enabling istio on API Gateway Pods (Static) Canary deployment leveraging AWS ALB weighted target groups Configure ALB with AWS Load Balancer Controller https://kubernetes-sigs.github.io/aws-load-balancer-controller/ 

© ZOZO, Inc. 29 Service B API Gateway Service A Service C Service D External Service E (on-oprem) External Service F External Service G Ingress Gateway Consistent service networking!! ● Consistent and decentralized management ● More features can be added without developer overhead Communication handled by Istio 

© ZOZO, Inc. 30 Consistent service networking!! VirtualService DestinationRule 

© ZOZO, Inc. 31 Further Istio adoption for better resiliency and DevOps experiences ● Dynamic canary release deployment (Progressive Delivery) ● Further refactoring of ZOZO API Gateway for better fit in with Istio ● More automated and safer istio upgrade ● Expand service mesh across multiple k8s clusters 

© ZOZO, Inc. Recap ● Gradual migration from monolith to microservices with strangler application pattern ● Increased operational complexity and overhead ● Istio adoption ○ Refactoring of ZOZO API gateway to fit in with Istio ○ Gradual introduction of istio with static canary release deployment ● Further istio adoption for better resiliency and DevOps experiences 32 

#IstioCon Thank you! Yoichi Kawasaki @yokawasa 

No content