Service Mesh Day Recap:
Intro to Service Mesh
#cloudnativejp #8 #servicemeshday
19.06.04 @sakajunquality
Slide 2
Slide 2 text
About me
- Jun Sakata
- @sakajunquality
- Google Developers Expert, Cloud
- Working at Ubie, Inc.
- #ServiceMesh #DarkTheme
Slide 3
Slide 3 text
- Service Mesh Day
- Day 0: Workshop
- Why Istio and Envoy are the future of networking for distributed systems
- Envoy as the standard data plane and where its going
Agenda
Slide 4
Slide 4 text
No content
Slide 5
Slide 5 text
Service Mesh Day
- First Service Mesh Conference
- 2019.03.29 San Francisco
- Pre Conference (Workshop + LT ) + 1 Day Full Conference
- servicemeshday.com / @servicemeshday
Slide 6
Slide 6 text
Day 0: Workshop
Slide 7
Slide 7 text
No content
Slide 8
Slide 8 text
Day 0: Workshop
- Zack Butcher ( @ZackButcher ), Tetrate
- Intro to Istio and Envoy
- Istio background + Istio Component + hands-on workshop on GKE
- Source Codes: https://github.com/tetrateio/training
Slide 9
Slide 9 text
- Introduction
- Monitor your network
- Connect and manage traffic
- Secure your environment
Day 0: Workshop
Slide 10
Slide 10 text
- Observability
- Reliability
- Service Discovery
- Security
- ...
Why Service Mesh?
Slide 11
Slide 11 text
- Observability
- Reliability
- Service Discovery
- Security
- ...
Why Service Mesh?
Monitor how services are
communicated
Slide 12
Slide 12 text
- Observability
- Reliability
- Service Discovery
- Security
- ...
Why Service Mesh?
How reliable the connection
Slide 13
Slide 13 text
- Observability
- Reliability
- Service Discovery
- Security
- ...
Why Service Mesh?
Where to communicate
Slide 14
Slide 14 text
- Observability
- Reliability
- Service Discovery
- Security
- ...
Why Service Mesh?
Communicate Securely
Slide 15
Slide 15 text
- Observability
- Reliability
- Service Discovery
- Security
- ...
Why Service Mesh?
Modern distributed systems
are sophisticated!!
Slide 16
Slide 16 text
Why Istio and Envoy are the future of
networking for distributed systems
Slide 17
Slide 17 text
Why Istio and Envoy are the future of networking for distributed systems
- Eric Brewer ( @eric_brewer ), Google
- Session Video
- https://www.youtube.com/watch?v=sDgAZuEzA48
Slide 18
Slide 18 text
What is Istio?
Slide 19
Slide 19 text
What is Istio? - from istio.io
Istio lets you connect, secure, control, and observe
services
Slide 20
Slide 20 text
What is Istio? - from Louis Ryan’s talk
An open services platform to manage service
interactions across container -and VM-based
workloads
Slide 21
Slide 21 text
What is Istio? - Eric Brewer
Enables 1000s of services
Slide 22
Slide 22 text
What is Istio? - Eric Brewer
Enables 1000s of services
Automate Security
Automate Observation
Automate Traffic Management
...
Slide 23
Slide 23 text
What is Istio? - Eric Brewer’s real answer
Decouples developers from operations
Slide 24
Slide 24 text
What is Istio? - Eric Brewer’s real answer
Decouples developers from operations
Policies
Infra related code
...
Slide 25
Slide 25 text
What is Istio? - Eric Brewer’s real answer
Decouples developers from operations
Network
Slide 26
Slide 26 text
What is Istio? - Eric Brewer’s real answer
Decouples developers from operations
Business Logic
Slide 27
Slide 27 text
e.g.
- If ACL is defined in each applications…
- Circuit breakers in multiple languages...
Policies out of the source code
Slide 28
Slide 28 text
e.g.
- If ACL is defined in each applications…
- Circuit breakers in multiple languages...
Policies out of the source code
Don’t make policies to launch service!
Slide 29
Slide 29 text
e.g.
- If ACL is defined in each applications…
- Circuit breakers in multiple languages...
Policies out of the source code
Ease of Change
Centralized Control
Slide 30
Slide 30 text
Cloud Native
Slide 31
Slide 31 text
Cloud Native
- Moving Legacy to the right infrastructure
VMs / Disks
not a productive infrastructure
...
Slide 32
Slide 32 text
Cloud Native
- Moving Legacy to the right infrastructure
More cost effective
Slide 33
Slide 33 text
Cloud Native
- Moving Legacy to the right infrastructure
What we wanted is the ability to do something with
services and APIs.
Slide 34
Slide 34 text
Services and APis
- Different Languages
- Different teams
Works Independently!!
Slide 35
Slide 35 text
Services and APis
- Different Languages
- Different teams
Istio’s role is to make a service work well
Slide 36
Slide 36 text
Envoy as the standard data plane and
where its going
Slide 37
Slide 37 text
No content
Slide 38
Slide 38 text
Why Istio and Envoy are the future of networking for distributed systems
- Matt Klein ( @mattklein123 ), Lyft and the creator of Envoy
- Session Video
- https://www.youtube.com/watch?v=IC0eduR56DA
Slide 39
Slide 39 text
No content
Slide 40
Slide 40 text
What is envoy
- L4 L7 proxy
- OSS from Lyft
- Used in Istio sidecar
Slide 41
Slide 41 text
Envoy as a universal data plane
Slide 42
Slide 42 text
What is Envoy? - envoyproxy.io/docs/
The network should be transparent to applications.
When network and application problems do occur it
should be easy to determine the source of the
problem.
- Network should be transparent
- boring network plumbing
- L3 L4
- Developers focus on business logic
- L7
The original goal of envoy project
Slide 46
Slide 46 text
What is Envoy? - envoyproxy.io/docs/
The network should be transparent to applications.
When network and application problems do occur it
should be easy to determine the source of the
problem.
Slide 47
Slide 47 text
What is Envoy? - envoyproxy.io/docs/
The network should be transparent to applications.
When network and application problems do occur it
should be easy to determine the source of the
problem.
boring network plumbing
Slide 48
Slide 48 text
What is Istio? - Eric Brewer’s real answer
Decouples developers from operations
Slide 49
Slide 49 text
What is Istio? - Eric Brewer’s real answer
Decouples developers from operations
L3 L4
Slide 50
Slide 50 text
What is Istio? - Eric Brewer’s real answer
Decouples developers from operations
L7
Application
Slide 51
Slide 51 text
Envoy as a Universal data plane
- API gateway
- Edge proxy
- Service to service proxy
- Middle proxy
- etc...
The original goal of envoy project
Slide 52
Slide 52 text
The original goal of envoy project
Slide 53
Slide 53 text
Envoy Users
Slide 54
Slide 54 text
Why is Envoy?
Slide 55
Slide 55 text
Why Envoy?
- Performance
- Reliability
- Modern codebase
- Best-in-class operability
- Extensibility
- Configuration API
- Community
Slide 56
Slide 56 text
High Performance
- High Performance / Low Latency Code base
Slide 57
Slide 57 text
Modern codebase
- Modern C++11 code base
- Hosted in GitHub
- https://github.com/envoyproxy/envoy
Configuration API
- v.s. flat configuration file e.g. nginx, haproxy...
- API driven configuration <= Cloud Native
- xDS APIs
Slide 63
Slide 63 text
xDS API v2
x Discovery Service
- Route Discovery Service (RDS)
- Listener Discovery Service (LDS)
- Secret Discovery Service (SDS)
- etc...
Slide 64
Slide 64 text
Community
- No Premium Version
- 100% OSS
- => differentiated success
- e.g. AWS AppMesh
Slide 65
Slide 65 text
Future
Slide 66
Slide 66 text
Expanding Service Mesh Without Envoy
https://aspenmesh.io/2019/03/expanding-service-mesh-without-envoy/
Slide 67
Slide 67 text
Envoy? Istio?
- In another perspective
- L3 things works well with hardware
- Things might work well with eBPF
- Not on general purpose CPU
- It would be better if we can control L3-7 in the same yaml
Slide 68
Slide 68 text
Takeaways
Slide 69
Slide 69 text
Why Service Mesh / Istio?
- Decouples developers from operations
Slide 70
Slide 70 text
Why Envoy?
- Performance
- Reliability
- Modern codebase
- Best-in-class operability
- Extensibility
- Configuration API
- Community
Slide 71
Slide 71 text
Why Envoy?
Is there xDS API compatible proxy other than envoy…?
Slide 72
Slide 72 text
No content
Slide 73
Slide 73 text
Thank you
Slide 74
Slide 74 text
Links
- Service Mesh Day YouTube
- https://www.youtube.com/channel/UCnz6U2P_yxM3Jx0nu5zLB_g
- Lyft's Envoy: From Monolith to Service Mesh - Matt Klein, Lyft @Qcon
- https://www.youtube.com/watch?v=RVZX4CwKhGE