Embed Size (px)
Citation preview
The Service Mesh
William Morgan, CEO, Buoyant
Past, Present, and Future
Resilience
The property of a material that enables it to resume its original shape or position after being bent, stretched, or compressed.
Stress
unpredictable load flaky hardware buggy software
Resilience
load shedding graceful failure handling provisioning & scaling
2000
Dedicated hardware, big iron,overprovisioning, buy two of ‘em
“Cloud Native”
2017
Containers
Orchestration
Microservices
The Fundamental Abstract ions Have Changed
Virtual machines
Data centers
Hardware redundancy
Servers
IP addresses, DNS
Server monitoring
Monolithic applications
TCP/IP
Containers
Orchestrated envs
Design for failure
Services
Service discovery
Service monitoring
Microservices
gRPC, REST
Service A
Service B
Service C
Runtime Communication
containers
Twitter circa 2013
Service A
serviceB
Service C
Example: Timeouts & Retr ies
timeout=400msretries=3
timeout=400msretries=2
timeout=200msretries=3
timelines
users
web
db
800ms!
600ms!
serviceA
serviceB
serviceC
What’s missing?
?
The service mesh is a dedicated layer for managing
service-to-service communication
Managed. Controlled.Monitored.
Apache Apache Apache
PHP PHP PHP PHP PHP
Mysql Mysql Mysql
LAMP
Nginx Nginx Nginx
DB DB DB
Fat clients
svc svc svcsvc svc
svc svc svcsvc svc svclibraries
Nginx Nginx Nginx
DB DB DB
The service mesh
svc svc svcsvc svc
svc svc svcsvc svc svc
service mesh
service mesh
The Linkerd service mesh
Service C
Service B
Service A
linkerd
Service C
Service B
Service A
linkerd
Service C
Service B
Service A
linkerd
application HTTPproxied HTTPmonitoring & control
Node 1 Node 2 Node 3
Service C
Service B
Service A
linkerd
Service C
Service B
Service A
linkerd
Service C
Service B
Service A
linkerd
application HTTPproxied HTTPmonitoring & control
Node 1 Node 2 Node 3
Visibility Security GovernanceReliability
If you’re building a cloud native application,you need a service mesh.
CENSORED
The future of the service mesh
✓ Load balancing, retries, circuit breaking, service discovery, deadlines…
✓ TLS (incl. mutual auth)
✓ gRPC, HTTP/2, HTTP, Thrift…
✓ Prometheus, Zipkin
✓ Kubernetes, Consul, ZooKeeper, Mesos, …
What’s next?
? How do we identify and authenticate services?
? How do we authorize communication
and apply policy?
? Per service? Per request? Per “customer”?
? How secure is the underlying mesh?
Security
The future of the service mesh
? How fast can we make this?
? How lightweight can we make the service mesh footprint?
? How predictable can we make its behavior?
Performance
The future of the service mesh
? Cross-datacenter failover?
? Multi-cloud, hybrid-cloud, failover-to-cloud?
? Multi-infrastructure (Kubernetes + Mesos + CloudFoundry) support?
Hybridization
The future of the service mesh
? How debuggable is the service mesh?
? How understandable can we make it?
? How much can we best address the separation of concerns between dev and ops?
Operations
The future of the service mesh
![arXiv:1803.07973v2 [cs.CV] 22 Sep 20184 Hang Dai, Nick Pears and William Smith where we denote a mesh by S, with S0its deformed mesh and R is a rotation. Mesh topology is determined](https://img.pdfslide.us/doc/110x75/607bc5e3b01e1d688f3e8842/arxiv180307973v2-cscv-22-sep-2018-4-hang-dai-nick-pears-and-william-smith.jpg)
