Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Service Mesh Day Recap: Intro to Service Mesh

Service Mesh Day Recap: Intro to Service Mesh

sakajunquality

June 04, 2019
Tweet

More Decks by sakajunquality

Other Decks in Technology

Transcript

  1. Service Mesh Day Recap: Intro to Service Mesh #cloudnativejp #8

    #servicemeshday 19.06.04 @sakajunquality
  2. About me - Jun Sakata - @sakajunquality - Google Developers

    Expert, Cloud - Working at Ubie, Inc. - #ServiceMesh #DarkTheme
  3. - Service Mesh Day - Day 0: Workshop - Why

    Istio and Envoy are the future of networking for distributed systems - Envoy as the standard data plane and where its going Agenda
  4. Service Mesh Day - First Service Mesh Conference - 2019.03.29

    San Francisco - Pre Conference (Workshop + LT ) + 1 Day Full Conference - servicemeshday.com / @servicemeshday
  5. Day 0: Workshop - Zack Butcher ( @ZackButcher ), Tetrate

    - Intro to Istio and Envoy - Istio background + Istio Component + hands-on workshop on GKE - Source Codes: https://github.com/tetrateio/training
  6. - Introduction - Monitor your network - Connect and manage

    traffic - Secure your environment Day 0: Workshop
  7. - Observability - Reliability - Service Discovery - Security -

    ... Why Service Mesh? Monitor how services are communicated
  8. - Observability - Reliability - Service Discovery - Security -

    ... Why Service Mesh? How reliable the connection
  9. - Observability - Reliability - Service Discovery - Security -

    ... Why Service Mesh? Where to communicate
  10. - Observability - Reliability - Service Discovery - Security -

    ... Why Service Mesh? Communicate Securely
  11. - Observability - Reliability - Service Discovery - Security -

    ... Why Service Mesh? Modern distributed systems are sophisticated!!
  12. Why Istio and Envoy are the future of networking for

    distributed systems - Eric Brewer ( @eric_brewer ), Google - Session Video - https://www.youtube.com/watch?v=sDgAZuEzA48
  13. What is Istio? - from istio.io Istio lets you connect,

    secure, control, and observe services
  14. What is Istio? - from Louis Ryan’s talk An open

    services platform to manage service interactions across container -and VM-based workloads
  15. What is Istio? - Eric Brewer Enables 1000s of services

    Automate Security Automate Observation Automate Traffic Management ...
  16. What is Istio? - Eric Brewer’s real answer Decouples developers

    from operations Policies Infra related code ...
  17. e.g. - If ACL is defined in each applications… -

    Circuit breakers in multiple languages... Policies out of the source code
  18. e.g. - If ACL is defined in each applications… -

    Circuit breakers in multiple languages... Policies out of the source code Don’t make policies to launch service!
  19. e.g. - If ACL is defined in each applications… -

    Circuit breakers in multiple languages... Policies out of the source code Ease of Change Centralized Control
  20. Cloud Native - Moving Legacy to the right infrastructure VMs

    / Disks not a productive infrastructure ...
  21. Cloud Native - Moving Legacy to the right infrastructure What

    we wanted is the ability to do something with services and APIs.
  22. Why Istio and Envoy are the future of networking for

    distributed systems - Matt Klein ( @mattklein123 ), Lyft and the creator of Envoy - Session Video - https://www.youtube.com/watch?v=IC0eduR56DA
  23. What is envoy - L4 L7 proxy - OSS from

    Lyft - Used in Istio sidecar
  24. What is Envoy? - envoyproxy.io/docs/ The network should be transparent

    to applications. When network and application problems do occur it should be easy to determine the source of the problem.
  25. - Network should be transparent - boring network plumbing -

    L3 L4 - Developers focus on business logic - L7 The original goal of envoy project
  26. What is Envoy? - envoyproxy.io/docs/ The network should be transparent

    to applications. When network and application problems do occur it should be easy to determine the source of the problem.
  27. What is Envoy? - envoyproxy.io/docs/ The network should be transparent

    to applications. When network and application problems do occur it should be easy to determine the source of the problem. boring network plumbing
  28. Envoy as a Universal data plane - API gateway -

    Edge proxy - Service to service proxy - Middle proxy - etc... The original goal of envoy project
  29. Why Envoy? - Performance - Reliability - Modern codebase -

    Best-in-class operability - Extensibility - Configuration API - Community
  30. Modern codebase - Modern C++11 code base - Hosted in

    GitHub - https://github.com/envoyproxy/envoy
  31. Extensibility - L4 and L7 pluggable filtering - => (from

    OSS perspective…) - don't want to get overwhelmed with people having to change the core
  32. Configuration API - v.s. flat configuration file e.g. nginx, haproxy...

    - API driven configuration <= Cloud Native - xDS APIs
  33. xDS API v2 x Discovery Service - Route Discovery Service

    (RDS) - Listener Discovery Service (LDS) - Secret Discovery Service (SDS) - etc...
  34. Community - No Premium Version - 100% OSS - =>

    differentiated success - e.g. AWS AppMesh
  35. Envoy? Istio? - In another perspective - L3 things works

    well with hardware - Things might work well with eBPF - Not on general purpose CPU - It would be better if we can control L3-7 in the same yaml
  36. Why Envoy? - Performance - Reliability - Modern codebase -

    Best-in-class operability - Extensibility - Configuration API - Community
  37. Links - Service Mesh Day YouTube - https://www.youtube.com/channel/UCnz6U2P_yxM3Jx0nu5zLB_g - Lyft's

    Envoy: From Monolith to Service Mesh - Matt Klein, Lyft @Qcon - https://www.youtube.com/watch?v=RVZX4CwKhGE