Service Mesh Day Recap: Intro to Service Mesh

Transcript

1. Service Mesh Day Recap: Intro to Service Mesh #cloudnativejp #8

   #servicemeshday 19.06.04 @sakajunquality

2. About me - Jun Sakata - @sakajunquality - Google Developers

   Expert, Cloud - Working at Ubie, Inc. - #ServiceMesh #DarkTheme

3. - Service Mesh Day - Day 0: Workshop - Why

   Istio and Envoy are the future of networking for distributed systems - Envoy as the standard data plane and where its going Agenda
4. None

5. Service Mesh Day - First Service Mesh Conference - 2019.03.29

   San Francisco - Pre Conference (Workshop + LT ) + 1 Day Full Conference - servicemeshday.com / @servicemeshday

6. Day 0: Workshop

7. None

8. Day 0: Workshop - Zack Butcher ( @ZackButcher ), Tetrate

   - Intro to Istio and Envoy - Istio background + Istio Component + hands-on workshop on GKE - Source Codes: https://github.com/tetrateio/training

9. - Introduction - Monitor your network - Connect and manage

   traffic - Secure your environment Day 0: Workshop

10. - Observability - Reliability - Service Discovery - Security -

    ... Why Service Mesh?

11. - Observability - Reliability - Service Discovery - Security -

    ... Why Service Mesh? Monitor how services are communicated

12. - Observability - Reliability - Service Discovery - Security -

    ... Why Service Mesh? How reliable the connection

13. - Observability - Reliability - Service Discovery - Security -

    ... Why Service Mesh? Where to communicate

14. - Observability - Reliability - Service Discovery - Security -

    ... Why Service Mesh? Communicate Securely

15. - Observability - Reliability - Service Discovery - Security -

    ... Why Service Mesh? Modern distributed systems are sophisticated!!

16. Why Istio and Envoy are the future of networking for

    distributed systems

17. Why Istio and Envoy are the future of networking for

    distributed systems - Eric Brewer ( @eric_brewer ), Google - Session Video - https://www.youtube.com/watch?v=sDgAZuEzA48

18. What is Istio?

19. What is Istio? - from istio.io Istio lets you connect,

    secure, control, and observe services

20. What is Istio? - from Louis Ryan’s talk An open

    services platform to manage service interactions across container -and VM-based workloads

21. What is Istio? - Eric Brewer Enables 1000s of services

22. What is Istio? - Eric Brewer Enables 1000s of services

    Automate Security Automate Observation Automate Traffic Management ...

23. What is Istio? - Eric Brewer’s real answer Decouples developers

    from operations

24. What is Istio? - Eric Brewer’s real answer Decouples developers

    from operations Policies Infra related code ...

25. What is Istio? - Eric Brewer’s real answer Decouples developers

    from operations Network

26. What is Istio? - Eric Brewer’s real answer Decouples developers

    from operations Business Logic

27. e.g. - If ACL is defined in each applications… -

    Circuit breakers in multiple languages... Policies out of the source code

28. e.g. - If ACL is defined in each applications… -

    Circuit breakers in multiple languages... Policies out of the source code Don’t make policies to launch service!

29. e.g. - If ACL is defined in each applications… -

    Circuit breakers in multiple languages... Policies out of the source code Ease of Change Centralized Control

30. Cloud Native

31. Cloud Native - Moving Legacy to the right infrastructure VMs

    / Disks not a productive infrastructure ...

32. Cloud Native - Moving Legacy to the right infrastructure More

    cost effective

33. Cloud Native - Moving Legacy to the right infrastructure What

    we wanted is the ability to do something with services and APIs.

34. Services and APis - Different Languages - Different teams Works

    Independently!!

35. Services and APis - Different Languages - Different teams Istio’s

    role is to make a service work well

36. Envoy as the standard data plane and where its going

37. None

38. Why Istio and Envoy are the future of networking for

    distributed systems - Matt Klein ( @mattklein123 ), Lyft and the creator of Envoy - Session Video - https://www.youtube.com/watch?v=IC0eduR56DA
39. None

40. What is envoy - L4 L7 proxy - OSS from

    Lyft - Used in Istio sidecar

41. Envoy as a universal data plane

42. What is Envoy? - envoyproxy.io/docs/ The network should be transparent

    to applications. When network and application problems do occur it should be easy to determine the source of the problem.

43. https://eng.lyft.com/announcing-envoy-c-l7-proxy-and- communication-bus-92520b6c8191

44. https://eng.lyft.com/announcing-envoy-c-l7-proxy-and- communication-bus-92520b6c8191

45. - Network should be transparent - boring network plumbing -

    L3 L4 - Developers focus on business logic - L7 The original goal of envoy project

46. What is Envoy? - envoyproxy.io/docs/ The network should be transparent

    to applications. When network and application problems do occur it should be easy to determine the source of the problem.

47. What is Envoy? - envoyproxy.io/docs/ The network should be transparent

    to applications. When network and application problems do occur it should be easy to determine the source of the problem. boring network plumbing

48. What is Istio? - Eric Brewer’s real answer Decouples developers

    from operations

49. What is Istio? - Eric Brewer’s real answer Decouples developers

    from operations L3 L4

50. What is Istio? - Eric Brewer’s real answer Decouples developers

    from operations L7 Application

51. Envoy as a Universal data plane - API gateway -

    Edge proxy - Service to service proxy - Middle proxy - etc... The original goal of envoy project

52. The original goal of envoy project

53. Envoy Users

54. Why is Envoy?

55. Why Envoy? - Performance - Reliability - Modern codebase -

    Best-in-class operability - Extensibility - Configuration API - Community

56. High Performance - High Performance / Low Latency Code base

57. Modern codebase - Modern C++11 code base - Hosted in

    GitHub - https://github.com/envoyproxy/envoy

58. Best-in-class operability - Stats - Logging - Tracing - etc...

59. Extensibility - L4 and L7 pluggable filtering - => (from

    OSS perspective…) - don't want to get overwhelmed with people having to change the core

60. Extensibility

61. Extensibility: webassembly - KubeCon + CloudNativeCon Europe 2019 - https://www.youtube.com/watch?v=XdWmm_mtVXI

    - https://github.com/envoyproxy/envoy-wasm

62. Configuration API - v.s. flat configuration file e.g. nginx, haproxy...

    - API driven configuration <= Cloud Native - xDS APIs

63. xDS API v2 x Discovery Service - Route Discovery Service

    (RDS) - Listener Discovery Service (LDS) - Secret Discovery Service (SDS) - etc...

64. Community - No Premium Version - 100% OSS - =>

    differentiated success - e.g. AWS AppMesh

65. Future

66. Expanding Service Mesh Without Envoy https://aspenmesh.io/2019/03/expanding-service-mesh-without-envoy/

67. Envoy? Istio? - In another perspective - L3 things works

    well with hardware - Things might work well with eBPF - Not on general purpose CPU - It would be better if we can control L3-7 in the same yaml

68. Takeaways

69. Why Service Mesh / Istio? - Decouples developers from operations

70. Why Envoy? - Performance - Reliability - Modern codebase -

    Best-in-class operability - Extensibility - Configuration API - Community

71. Why Envoy? Is there xDS API compatible proxy other than

    envoy…?
72. None

73. Thank you

74. Links - Service Mesh Day YouTube - https://www.youtube.com/channel/UCnz6U2P_yxM3Jx0nu5zLB_g - Lyft's

    Envoy: From Monolith to Service Mesh - Matt Klein, Lyft @Qcon - https://www.youtube.com/watch?v=RVZX4CwKhGE