@rob_rich
#RSAC

Service Mess
to Service Mesh

by Rob Richardson

  @rob_rich

https://robrich.org/

About Me

Rob Richardson

Rob Richardson is a software craftsman building web properties in ASP.NET and Node, React and Vue. He's a frequent speaker at conferences, user groups, and community events, and a diligent teacher and student of high quality software development. You can find this and other talks on https://robrich.org/presentations and follow him on twitter at @rob_rich.

A Service Mesh
manages network traffic between services
in a graceful and scalable way.

Service Mesh is the answer to:

"How do I observe, control, or secure communication between microservices?"

Service Mesh

observe OBSERVE
monitor network
observe CONTROL
access policies
observe SECURE
mutual TLS

From Monlithic to Microservices

Monolith to Microservices

From North-South to East-West

  • North - South
    • Network to Container
    • Container to External Services
  • East - West
    • Between Containers
compass

The Challenge with API Gateways

API Gateway and Microservices

Service Mesh:
How Does it Work?

Service Mesh Architecture

Service Mesh

observe
OBSERVE
monitor network
observe
CONTROL
access policies
observe
SECURE
mutual TLS

More Than Just a Proxy

Network Topology
Network Topology
Service Health
Service Health
Logging
Logging

More Than Just a Proxy

Circuit Breaker
Circuit Breaker
A/B Testing
A / B Testing
Beta Channel
Beta Channel

Dashboards

Grafana Kiali

Prevent Unexpected Traffic Patterns

Bad traffic patterns

Service Meshes

  • Istio
  • Linkerd
  • Consul
  • Open Service Mesh

Linkerd

Methodology:

Linkerd focuses on simple setup and critical features

Add 3rd party components to get additional features

Linkerd

Istio

Methodology:

A kitchen sink of features to enable / disable

Istio combines third-party components:

  • Envoy Proxy
  • Prometheus events sink
  • Grafana dashboard
  • Jaeger tracing dashboard
Istio

DEMO

Service Mesh

  • Linkerd
  • Istio

In a Nutshell

Crawl
Monitoring,
Logging,
Service Health
Walk
Intelligent Routing
Run
Network Topology Diagram

Service Mesh Implementation Cost

Kubernetes Architecture + Istio Architecture

Benefits of Service Mesh

observe
OBSERVE
transparency of communication
observe
CONTROL
enhanced resilience to network disruption
observe
SECURE
abstraction without code changes