SlideShare a Scribd company logo

stackconf 2021 | Stretching the Service Mesh Beyond the Clouds

NETWAYS
NETWAYS

We hear a lot about using service mesh with Kubernetes and public clouds, but what about outside the clouds? In this talk, you’ll learn creative ways to apply a service mesh across different platforms and environments to automate canary deployments, facilitate cloud migrations, and more. By combining HashiCorp Consul’s service mesh and Terraform’s infrastructure as code, you can build a more seamless operational experience across multiple environments.

Related slideshows

Cloud-native Patterns (July 4th, 2019)
Cloud-native Patterns (July 4th, 2019)Cloud-native Patterns (July 4th, 2019)
Cloud-native Patterns (July 4th, 2019)
 
Spring Boot 2.2
Spring Boot 2.2 Spring Boot 2.2
Spring Boot 2.2
 
Dynamic Azure Credentials for Applications and CI/CD Pipelines
Dynamic Azure Credentials for Applications and CI/CD PipelinesDynamic Azure Credentials for Applications and CI/CD Pipelines
Dynamic Azure Credentials for Applications and CI/CD Pipelines
 
1 of 26
Download to read offline
June 2021 | stackconf Stretching the Service Mesh Beyond the Clouds
We moved from datacenter to Amazon Web Services.
One team wants to use Microsoft Azure.
These applications should be refactored to use Kubernetes.
This application cannot run in a container.
Datacenter + AWS + Azure + Kubernetes + Virtual Machines = ???
Developer Advocate at HashiCorp she/her @joatmon08 joatmon08.github.io Rosemary Wang
01 Problem Multiple platforms & environments
DATACENTER CLOUD LOAD BALANCER MY-APPLICATION-0 MY-APPLICATION-1 MY-APPLICATION-2 MY-APPLICATION.CLOUD LOAD BALANCER MY-APPLICATION.DATACENTER MY-APPLICATION-0 MY-APPLICATION-1 MY-APPLICATION-2 MY-APPLICATION.MY-COMPANY.NET SOME INFRASTRUCTURE LAYER HERE SOME AUTOMATION HERE
Service Mesh An infrastructure layer to manage and abstract service-to-service communication
DATACENTER CONSUL SERVER (DATACENTER) PROXY PROXY UI MY-APPLICATION CLOUD PROXY MY-APPLICATION CONSUL SERVER (CLOUD)
More Service Mesh, More Problems? Some added complexity ▪ Yet another agent ▪ More to debug ▪ More to operate ▪ Point of failure
No Service Mesh, More Problems Operational responsibility for multiple clouds ▪ Minimal automation ▪ Multiple sources of truth ▪ Multiple sources of control ▪ Multiple metrics approaches
02 Solutions Service Mesh Deployment Topologies
DATACENTER CLOUD LOAD BALANCER MY-APPLICATION-0 MY-APPLICATION-1 MY-APPLICATION-2 MY-APPLICATION.CLOUD LOAD BALANCER MY-APPLICATION.DATACENTER MY-APPLICATION-0 MY-APPLICATION-1 MY-APPLICATION-2 MY-APPLICATION.MY-COMPANY.NET NETWORK AUTOMATION TO SYNCHRONIZE SERVICE MESH FOR CLOUD DIRECT CONNECT
Benefits Network Automation + Service Mesh ▪ In service mesh: – Control retries and error handling to non-service mesh – Progressive delivery techniques (canary, A/B testing, feature flagging) ▪ In non-service mesh: – Automated control – No change to existing applications
DATACENTER MY-APPLICATION-0 MY-APPLICATION-1 MY-APPLICATION-2 MY-APPLICATION.CLOUD APPLICATION LOAD BALANCER MY-APPLICATION.DATACENTER MY-APPLICATION-0 MY-APPLICATION-1 MY-APPLICATION-2 MY-APPLICATION.MY-COMPANY.NET DIRECT CONNECT CLOUD (CONSUL SERVICE MESH) 💡 Private network connectivity ❗Separate network automation ❗Multiple metrics CONSUL INGRESS GATEWAY CONSUL TERRAFORM SYNC
Consul Terraform Sync (CTS) DAEMON GETS EVENT SERVICE CHANGED TERRAFORM CONFIGURATION REFERENCES MODULE USE TEMPLATE TO CREATE TERRAFORM CONFIGURATION RUNS TERRAFORM TERRAFORM MODULE DOWNLOAD MODULE AND APPLY CHANGES
Network Automation Demo github.com/joatmon08/cloud-migration Note: • Deployed in AWS • Datacenter uses virtual machines in us-east-2 • Cloud uses Kubernetes in us-west-2 • Network automation configures an application load balancer
DATACENTER (SERVICE MESH) LOAD BALANCER MY-APPLICATION-0 MY-APPLICATION-1 MY-APPLICATION-2 MY-APPLICATION.CLOUD LOAD BALANCER MY-APPLICATION.DATACENTER MY-APPLICATION-0 MY-APPLICATION-1 MY-APPLICATION-2 MY-APPLICATION.MY-COMPANY.NET FEDERATION BETWEEN SERVICE MESHES CLOUD (SERVICE MESH)
Benefits Federated Service Mesh ▪ One place to control retries and error handling ▪ Aggregated & standardized metrics ▪ Progressive delivery across all environments & frameworks – Fully automated canary deployment – A/B testing
DATACENTER (CONSUL SERVICE MESH, SECONDARY) LOAD BALANCER MY-APPLICATION-0 MY-APPLICATION-1 MY-APPLICATION-2 MY-APPLICATION.CLOUD LOAD BALANCER MY-APPLICATION.DATACENTER MY-APPLICATION-0 MY-APPLICATION-1 MY-APPLICATION-2 MY-APPLICATION.MY-COMPANY.NET CONSUL MESH GATEWAY CONSUL MESH GATEWAY CLOUD (CONSUL SERVICE MESH, PRIMARY) 💡 Private/public network connectivity ❗Must retrofit service mesh
CONSUL SERVER (DATACENTER) PROXY PROXY UI MY-APPLICATION PROXY MY-APPLICATION CONSUL SERVER (CLOUD) PROMETHEUS USE METRICS FOR CANARY ANALYSIS CONFIGURE CONSUL SERVICE SPLITTER - 90% CONFIGURE CONSUL SERVICE SPLITTER - 10% COLLECT METRICS COLLECT METRICS
Federation Demo github.com/joatmon08/cloud-migration/tree/federated Note: • Deployed in AWS • Datacenter uses virtual machines in us-east-2 • Cloud uses Kubernetes in us-west-2 • Federation sets cloud as primary
Summary Choose your topology Network Infrastructure Automation Use what already exists. Adds layer of automation. Service Mesh Federation Abstract environment, application framework, and runtime. Adds layer of control.
References ▪ github.com/joatmon08/cloud-migration(/tree/federated) ▪ hashi.co/spinnaker-consul ▪ learn.hashicorp.com ▪ learn.hashicorp.com/tutorials/consul/consul-terraform-sync-intro ▪ consul.io/docs/connect Find these slides at joatmon08.github.io

More Related Content

stackconf 2021 | Stretching the Service Mesh Beyond the Clouds