Sep 7th, 2017 SERVICE MESHES The landscape
S e p 7 t h , 2 0 1 7
SERVICE MESHESThe landscape
MICROSERVICES AND CONTAINERIZATION
2
Business Domains
ServicesDocker Images
Cluster of Containers
Host
Host Host
Host
CONTAINER ORCHESTRATORS
3
THE PERFECT STORM
• The rise of microservice architectures
• Existing approaches don’t scale with large networks of services
• The issue is compounded with polyglot environments
• Kubernetes provides easy mechanisms to inject sidecars into application deployments
4
SERVICE MESHES
5
Microservice
Routing Rules
Access Control
Service Discovery Telemetry
Microservice instancesPlatform services
Sidecar Proxy
Microservice
Sidecar Proxy
Microservice
Sidecar Proxy
Microservice
Sidecar Proxy
Host / Pod
Microservice
Sidecar Proxy
Host / Pod
ARCHITECTURE - SIDECAR PROXY
Microservice
Sidecar Proxy
Control Plane
Host / Pod
ARCHITECTURE - THE CONTROL PLANE
7
Microservice
Sidecar Proxy
Host/Pod
Microservice
Sidecar Proxy
Host/Pod
Microservice
Sidecar Proxy
Control Plane
Host/Pod
Routing Rules Access Control Service DiscoveryTelemetry
ARCHITECTURE - EXTERNAL INTEGRATIONS
8
External Client External APIs
Microservice
Sidecar Proxy
Host / Pod
Microservice
Sidecar Proxy
Host / Pod
Ingress Egress
Service Mesh
SERVICE MESH CAPABILITIES
• Traffic Management
• Observability
• Policy Enforcement
• Security
9
THE LANDSCAPE - LINKERD
10
Linkerd instances form a service mesh, allowing application code to communicate reliably
THE LANDSCAPE - ISTIO
11
OPEN QUESTIONS
12
• Will service meshes coexist with traditional API management platforms?
• How will service meshes support traditional needs of IT organizations, like infosec audits and compliance regulations?
• Are there other platform services that may be pushed down to the service mesh?