More Related Content Similar to Introducing AWS App Mesh - MAD303 - Santa Clara AWS Summit (20) More from Amazon Web Services (20) Introducing AWS App Mesh - MAD303 - Santa Clara AWS Summit1. © 2019, Amazon Web Services, Inc. orits affiliates. All rights reserved.S UM M I T
Introducing AWS App Mesh
Nick Coult
Principal product manager
AWS
M A D 3 0 3
2. © 2019, Amazon Web Services, Inc. orits affiliates. All rights reserved.S UM M I T
Agenda
Some whys …
Why a service mesh?
Why App Mesh?
And some hows …
App Mesh constructs
Integrating App Mesh with services
Demo
Roadmap
Partners
3. © 2019, Amazon Web Services, Inc. orits affiliates. All rights reserved.S UM M I T
App Mesh: Application-level communication across AWS
Communicating between instances
Fixed endpoints at specific addresses
Firewall to allow or block connection attempts
Service discovery
Real-time map of service availability
Applications accept or reject calls
4. © 2019, Amazon Web Services, Inc. orits affiliates. All rights reserved.S UM M I T
App Mesh works across compute services
Amazon ECS
AWS Fargate
Amazon EKS
Amazon EC2
AWS App Mesh
Kubernetes on EC2
5. S UM M I T © 2019, Amazon Web Services, Inc. orits affiliates. All rights reserved.
Nitin Mahajan
Executive Director, Service Engineering
Edmunds.com
6. © 2019, Amazon Web Services, Inc. orits affiliates. All rights reserved.S UM M I T
Our platform
MajorCar Manufacturers
20 MILLION
MonthlyCar Shoppers
10K Dealer
Partners
7. © 2019, Amazon Web Services, Inc. orits affiliates. All rights reserved.S UM M I T
8. © 2019, Amazon Web Services, Inc. orits affiliates. All rights reserved.S UM M I T
9. © 2019, Amazon Web Services, Inc. orits affiliates. All rights reserved.S UM M I T
10. © 2019, Amazon Web Services, Inc. orits affiliates. All rights reserved.S UM M I T
“Being challenged in life is inevitable, being defeated is optional.”
Roger Crawford
11. © 2019, Amazon Web Services, Inc. orits affiliates. All rights reserved.S UM M I T
12. © 2019, Amazon Web Services, Inc. orits affiliates. All rights reserved.S UM M I T
MODERNSOFTWARE
DEVELOPMENT
ARCHITECTURE : MICROSERVICES
SMALL CROSS FUNCTIONAL TEAMS CONTINUOUS DEPLOYMENT
13. © 2019, Amazon Web Services, Inc. orits affiliates. All rights reserved.S UM M I T
Loosely Coupled & High Cohesion
14. © 2019, Amazon Web Services, Inc. orits affiliates. All rights reserved.S UM M I T
15. © 2019, Amazon Web Services, Inc. orits affiliates. All rights reserved.S UM M I T
Business Capability
Subdomain
16. © 2019, Amazon Web Services, Inc. orits affiliates. All rights reserved.S UM M I T
Node.js
Database
JavaNode.is
Java
Infrastructure team
Product
teams
Platform
teams
Java
Service Teams
Java
Java
Java
Database
Database
Database
Product
teams
17. © 2019, Amazon Web Services, Inc. orits affiliates. All rights reserved.S UM M I T
18. © 2019, Amazon Web Services, Inc. orits affiliates. All rights reserved.S UM M I T
Challenges with Microservices
Control Over Service to Service Communication
Visibility into Service to Service Communicationi.e., Observability
Create a culture of innovationby organizing into small DevOps teams
Ensure trust by automating security and compliance
19. © 2019, Amazon Web Services, Inc. orits affiliates. All rights reserved.S UM M I T
What is needed
Consistentcommunications
management
Complete visibility Failure isolation
and protection
Fine-grained deployment
controls
20. S UM M I T © 2019, Amazon Web Services, Inc. orits affiliates. All rights reserved.
21. © 2019, Amazon Web Services, Inc. orits affiliates. All rights reserved.S UM M I T
Why App Mesh?
http/tcp
Service
team A
Service
team B
Common need: Manage inter-service traffic
How to generate uniform logs,
metrics and traces
How to load balance traffic
How to shift traffic between
deployments
How to decouple service teams
How to minimize impact to
application code
22. © 2019, Amazon Web Services, Inc. orits affiliates. All rights reserved.S UM M I T
Why App Mesh?
http/tcp
Service
team A
Service
team B
Proxy
Sits between all services
Manages and observes traffic
Control plane
Translates intent to proxy config
Distributes proxy config
Control plane
23. © 2019, Amazon Web Services, Inc. orits affiliates. All rights reserved.S UM M I T
Proxy
Why a side-car proxy?
Configurable: Separates
business logic from operations
Minimizes inconsistencies
Decouples install/upgrade
24. © 2019, Amazon Web Services, Inc. orits affiliates. All rights reserved.S UM M I T
Side-car proxy with containers
Proxy runs
as a container
Task or pod
External traffic
Application
code
25. © 2019, Amazon Web Services, Inc. orits affiliates. All rights reserved.S UM M I T
OSS project
Wide community support, numerous integrations
Stable and production-proven
Graduated Project in Cloud Native Computing Foundation
Started at Lyft in 2016
App Mesh uses Envoy Proxy
26. © 2019, Amazon Web Services, Inc. orits affiliates. All rights reserved.S UM M I T
App Mesh control plane configures every proxy
27. © 2019, Amazon Web Services, Inc. orits affiliates. All rights reserved.S UM M I T
App Mesh control plane configures every proxy
28. © 2019, Amazon Web Services, Inc. orits affiliates. All rights reserved.S UM M I T
Logging
HTTP access logging
Amazon CloudWatch Logs
Available as container logs on Amazon
ECS, AmazonEKS,
AWS Fargate
Metrics
CloudWatch metrics
StatsD (with tags)
Prometheus
Tracing
AWS X-Ray
Other Envoy tracing drivers
Application observability
29. © 2019, Amazon Web Services, Inc. orits affiliates. All rights reserved.S UM M I T
Traffic shaping
Load balancing
Weight targets
Service discovery (DNS + AWS Cloud Map)
Health checks
Retries*
Timeouts*
Circuit breakers*
Routing controls
Protocols support (HTTP, TCP, gRPC*)
Path-based
Header-based*
Cookie-based*
Host-based*
*Coming soon
Client-side traffic management
30. © 2019, Amazon Web Services, Inc. orits affiliates. All rights reserved.S UM M I T
Today, App Mesh is generally available worldwide
Observability and traffic control
Easily export logs, metrics, and traces
Client-side load balancing, routing
AWS container services compatibility
Amazon Elastic Container Service (AmazonECS)
Amazon Elastic Container Service for Kubernetes (Amazon EKS)
AWS Fargate
EC2 compatibility
Integrate with services running directly on EC2 instances
31. S UM M I T © 2019, Amazon Web Services, Inc. orits affiliates. All rights reserved.
32. © 2019, Amazon Web Services, Inc. orits affiliates. All rights reserved.S UM M I T
App Mesh constructs
Mesh
Virtual node
Virtual router and routes
Virtual service
Create and manage these in App Mesh
API, CLI, SDK, or
AWS Management Console
Proxies
Services
Service discovery
Configure and run proxies and services
on Amazon ECS, Fargate, Amazon EKS,
Amazon EC2
Service discovery with
AWS Cloud Map
33. © 2019, Amazon Web Services, Inc. orits affiliates. All rights reserved.S UM M I T
Colorteller: app.colortellerdemo.com
Gateway
container
Gateway task
Colorteller
container
Colorteller task
http
Gateway
GET /color returns a color
Uses Colorteller to retrieve the color
Colorteller
Returns a pre-set color
Configured in service discovery as colorteller.local
http
34. © 2019, Amazon Web Services, Inc. orits affiliates. All rights reserved.S UM M I T
Colorteller app “meshified”: app.colortellerdemo.com
Gateway
container
Gateway
http Colorteller
container
Colorteller
httphttp
Gateway
Proxy applies routing rules (e.g., path matching)
Proxy does the load balancingif there is more than one
Colorteller task running
Proxy does metrics, logging, and tracing
Colorteller
Proxy also does metrics, logging, and tracing
http
35. S UM M I T © 2019, Amazon Web Services, Inc. orits affiliates. All rights reserved.
36. © 2019, Amazon Web Services, Inc. orits affiliates. All rights reserved.S UM M I T
Partners
37. S UM M I T © 2019, Amazon Web Services, Inc. orits affiliates. All rights reserved.
38. © 2019, Amazon Web Services, Inc. orits affiliates. All rights reserved.S UM M I T
Roadmap
Today
Client-side load balancing
Path-based routing
Egress traffic
AWS Cloud Map service discovery
App Mesh console
AWS X-Ray tracing
Envoy supported tracing
CloudWatch Logs, metrics
StatsD, Prometheus metrics
Amazon ECS, Fargate integration
Amazon EKS integration
Amazon EC2 integration
Near term
AWS PrivateLink
AWS Cloud Map selectors
gRPC routing
Header-based routing
Cookie-based routing
Host-based routing
Timeout policy
Retry policy
Circuit breaker policy
End-to-end encryption
Longer term
mTLS
Mesh peering
Global rate limiting
Managed ingress
Other protocols
39. © 2019, Amazon Web Services, Inc. orits affiliates. All rights reserved.S UM M I T
Getting started
Product overview
https://aws.amazon.com/app-mesh
Documentation
https://docs.aws.amazon.com/app-mesh/index.html
Examples
https://github.com/aws/aws-app-mesh-examples
Issues, roadmap, beta channel
https://github.com/aws/aws-app-mesh-roadmap
40. Thank you!
S UM M I T © 2019, Amazon Web Services, Inc. orits affiliates. All rights reserved.
Nick Coult
Principal product manager
AWS
41. S UM M I T © 2019, Amazon Web Services, Inc. orits affiliates. All rights reserved.