SlideShare a Scribd company logo

NYC Kubernetes Meetup: Ambassador and Istio - Flynn, Datawire

Ambassador Labs
Ambassador Labs

1. The document discusses microservices architecture and the challenges of managing independent microservices, including issues like latency, failures, and lack of visibility. 2. It introduces service meshes like Istio and Envoy as a way to automate operational tasks across microservices and reduce friction, as well as API gateways like Ambassador that can provide routing, authentication, and other capabilities for microservices. 3. Ambassador is presented as a self-service API gateway that uses Envoy and can work both standalone and with Istio to provide capabilities like routing, TLS termination, and authentication in a way that reduces operational overhead for development teams.

Software
1 of 24
Download to read offline
1 Ambassador and Istio Flynn flynn@datawire.io
2
3 Development in Interesting Times Massively increased leverage FOSS Devops Microservice architecture
4 Interesting Times: Microservices Ditch your Monolith No more huge apps where you build everything into one binary Instead, split up your app into tiny, single-function microservices Each microservice team does development - and release! - totally independently
5 The good Velocity, Velocity, Velocity Ownership Freedom Velocity The bad Lots of cats to herd independent releases and deployments Inherently a distributed system! Fragility, latency, nonobservability, cascading failures… Interesting Times: Microservices
6 Interesting Times: Microservices The ugly Fixing “the bad” is really hard. Example: retry on network failure Sounds simple but there are a lot of details! Not too quickly, not too many times, should often do exponential backoff… It’s just not feasible for all devs to independently get it right.
7 What Do We Do About This? Reduce operational friction Automate or eliminate needless operational touchpoint Move the Hard Stuff™ down into your infrastructure layer Get it right once Let everyone use it This is the concept of a service mesh
8
9 Service Mesh Service mesh is about collecting services into an application Give dev & ops the experience they had with a single host Visibility, resiliency, control, security, policy Envoy (from Lyft) and Istio (from IBM & Google) manage this pretty well
10 Envoy C++ L4/L7 reverse proxy Built at Lyft, and brutally battle-tested hundreds of services, tens of thousands of VMs, millions of requests per second includes support for many mesh features increasingly active community HTTP/2 & gRPC Zone-aware load balancing w/ failover Health checks, circuit breakers, timeouts, retry budgets No hot reloads - API driven config updates
11 Istio “Network for services instead of bytes” Built by IBM and Google using Envoy 2003 GitHub stars, 40+ engineers 😀 rather than having libraries, just put an Envoy sidecar next to each service load balancing retries rate limiting telemetry and monitoring
12 API Gateway API gateways are also about collecting services into an application Gives the application as a whole consistency for clients & devs Put critical things like authentication, routing, TLS termination in one central place
13
14 Ambassador Self-service API gateway Also built on Envoy Built for Kubernetes Built for microservices Supports standalone or Istio Provides routing, TLS termination, authentication Early days yet – more to come
15 Ambassador: Routing Self-service routing, TLS, and authentication Understands HTTP(s) URLs route resource to service “resource” identified by URL path prefix “service” is… a Kubernetes service routes all HTTP methods
16 Ambassador: Self Service Self-service routing, TLS, and authentication Developer can route resources to their service on their own Simple REST interface for routing control “Move fast and make things” reduce friction, so no ops gate for a new release …but also no ops gate for a rollback!
17 Ambassador: TLS Self-service routing, TLS, and authentication Ambassador can terminate TLS Tell Ambassador about certificates Ambassador will accept HTTPS connections Currently cleartext to services Watch this space! TLS client-certificate authentication, too
18 Ambassador: Custom Authentication Self-service routing, TLS, and authentication REST API to outboard authentication service: auth service gets HTTP request headers return HTTP status code Applies to all microservices if a microservice gets a connection, auth said OK of course, the auth service could allow public access to some microservices! Supplied auth service for HTTP Basic Auth
19 Ambassador and Istio Natural fit, though still early days of working together Istio provides service mesh Ambassador provides a control mechanism for ingress, etc. Again, watch this space.
20 Ambassador Roadmap Ambassador under active development Better integration with Istio still support standalone ops First-class custom filters embedded interpreter Rate limiting, authorization, etc. http://getambassador.io/ for more
21
22
23
24 Demo and Q&A http://getambassador.io/ Watch This!

Recommended

Don't Assume Your API Gateway is Ready for Microservices
Don't Assume Your API Gateway is Ready for MicroservicesDon't Assume Your API Gateway is Ready for Microservices
Don't Assume Your API Gateway is Ready for Microservices
Ambassador Labs
 
Your Developers Can Be Heroes on Kubernetes
Your Developers Can Be Heroes on KubernetesYour Developers Can Be Heroes on Kubernetes
Your Developers Can Be Heroes on Kubernetes
Ambassador Labs
 
2017 Microservices Practitioner Virtual Summit: Microservices at Squarespace ...
2017 Microservices Practitioner Virtual Summit: Microservices at Squarespace ...2017 Microservices Practitioner Virtual Summit: Microservices at Squarespace ...
2017 Microservices Practitioner Virtual Summit: Microservices at Squarespace ...
Ambassador Labs
 
2017 Microservices Practitioner Virtual Summit - Opening Keynote: Trends in M...
2017 Microservices Practitioner Virtual Summit - Opening Keynote: Trends in M...2017 Microservices Practitioner Virtual Summit - Opening Keynote: Trends in M...
2017 Microservices Practitioner Virtual Summit - Opening Keynote: Trends in M...
Ambassador Labs
 
2017 Microservices Practitioner Virtual Summit: The Mechanics of Deploying En...
2017 Microservices Practitioner Virtual Summit: The Mechanics of Deploying En...2017 Microservices Practitioner Virtual Summit: The Mechanics of Deploying En...
2017 Microservices Practitioner Virtual Summit: The Mechanics of Deploying En...
Ambassador Labs
 
An Open-Source Platform to Connect, Manage, and Secure Microservices
An Open-Source Platform to Connect, Manage, and Secure MicroservicesAn Open-Source Platform to Connect, Manage, and Secure Microservices
An Open-Source Platform to Connect, Manage, and Secure Microservices
DoiT International
 
2017 Microservices Practitioner Virtual Summit: Ancestry's Journey towards Mi...
2017 Microservices Practitioner Virtual Summit: Ancestry's Journey towards Mi...2017 Microservices Practitioner Virtual Summit: Ancestry's Journey towards Mi...
2017 Microservices Practitioner Virtual Summit: Ancestry's Journey towards Mi...
Ambassador Labs
 
KubeCon NA 2017: Ambassador and Envoy (Envoy Salon)
KubeCon NA 2017: Ambassador and Envoy (Envoy Salon)KubeCon NA 2017: Ambassador and Envoy (Envoy Salon)
KubeCon NA 2017: Ambassador and Envoy (Envoy Salon)
Ambassador Labs
 

Recommended

Don't Assume Your API Gateway is Ready for Microservices
Don't Assume Your API Gateway is Ready for MicroservicesDon't Assume Your API Gateway is Ready for Microservices
Don't Assume Your API Gateway is Ready for Microservices
Ambassador Labs
 
Your Developers Can Be Heroes on Kubernetes
Your Developers Can Be Heroes on KubernetesYour Developers Can Be Heroes on Kubernetes
Your Developers Can Be Heroes on Kubernetes
Ambassador Labs
 
2017 Microservices Practitioner Virtual Summit: Microservices at Squarespace ...
2017 Microservices Practitioner Virtual Summit: Microservices at Squarespace ...2017 Microservices Practitioner Virtual Summit: Microservices at Squarespace ...
2017 Microservices Practitioner Virtual Summit: Microservices at Squarespace ...
Ambassador Labs
 
2017 Microservices Practitioner Virtual Summit - Opening Keynote: Trends in M...
2017 Microservices Practitioner Virtual Summit - Opening Keynote: Trends in M...2017 Microservices Practitioner Virtual Summit - Opening Keynote: Trends in M...
2017 Microservices Practitioner Virtual Summit - Opening Keynote: Trends in M...
Ambassador Labs
 
2017 Microservices Practitioner Virtual Summit: The Mechanics of Deploying En...
2017 Microservices Practitioner Virtual Summit: The Mechanics of Deploying En...2017 Microservices Practitioner Virtual Summit: The Mechanics of Deploying En...
2017 Microservices Practitioner Virtual Summit: The Mechanics of Deploying En...
Ambassador Labs
 
An Open-Source Platform to Connect, Manage, and Secure Microservices
An Open-Source Platform to Connect, Manage, and Secure MicroservicesAn Open-Source Platform to Connect, Manage, and Secure Microservices
An Open-Source Platform to Connect, Manage, and Secure Microservices
DoiT International
 
2017 Microservices Practitioner Virtual Summit: Ancestry's Journey towards Mi...
2017 Microservices Practitioner Virtual Summit: Ancestry's Journey towards Mi...2017 Microservices Practitioner Virtual Summit: Ancestry's Journey towards Mi...
2017 Microservices Practitioner Virtual Summit: Ancestry's Journey towards Mi...
Ambassador Labs
 
KubeCon NA 2017: Ambassador and Envoy (Envoy Salon)
KubeCon NA 2017: Ambassador and Envoy (Envoy Salon)KubeCon NA 2017: Ambassador and Envoy (Envoy Salon)
KubeCon NA 2017: Ambassador and Envoy (Envoy Salon)
Ambassador Labs
 
Empower Your Docker Containers with Watson - DockerCon 2017 Austin
Empower Your Docker Containers with Watson - DockerCon 2017 AustinEmpower Your Docker Containers with Watson - DockerCon 2017 Austin
Empower Your Docker Containers with Watson - DockerCon 2017 Austin
Phil Estes
 
Microservice 4.0 Journey - From Spring NetFlix OSS to Istio Service Mesh and ...
Microservice 4.0 Journey - From Spring NetFlix OSS to Istio Service Mesh and ...Microservice 4.0 Journey - From Spring NetFlix OSS to Istio Service Mesh and ...
Microservice 4.0 Journey - From Spring NetFlix OSS to Istio Service Mesh and ...
Daniel Oh
 
Application Rollout - Istio
Application Rollout - Istio Application Rollout - Istio
Application Rollout - Istio
Mandar Jog
 
Ambassador Kubernetes-Native API Gateway
Ambassador Kubernetes-Native API GatewayAmbassador Kubernetes-Native API Gateway
Ambassador Kubernetes-Native API Gateway
Ambassador Labs
 
The elegant way of implementing microservices with istio
The elegant way of implementing microservices with istioThe elegant way of implementing microservices with istio
The elegant way of implementing microservices with istio
Inho Kang
 
2017 Microservices Practitioner Virtual Summit: Move Fast, Make Things: how d...
2017 Microservices Practitioner Virtual Summit: Move Fast, Make Things: how d...2017 Microservices Practitioner Virtual Summit: Move Fast, Make Things: how d...
2017 Microservices Practitioner Virtual Summit: Move Fast, Make Things: how d...
Ambassador Labs
 
Communication Amongst Microservices: Kubernetes, Istio, and Spring Cloud - An...
Communication Amongst Microservices: Kubernetes, Istio, and Spring Cloud - An...Communication Amongst Microservices: Kubernetes, Istio, and Spring Cloud - An...
Communication Amongst Microservices: Kubernetes, Istio, and Spring Cloud - An...
VMware Tanzu
 
Connecting All Abstractions with Istio
Connecting All Abstractions with IstioConnecting All Abstractions with Istio
Connecting All Abstractions with Istio
VMware Tanzu
 
Dark launching with Consul at Hootsuite - Bill Monkman
Dark launching with Consul at Hootsuite - Bill MonkmanDark launching with Consul at Hootsuite - Bill Monkman
Dark launching with Consul at Hootsuite - Bill Monkman
Ambassador Labs
 
MA Microservices Meetup: Move fast and make things
MA Microservices Meetup: Move fast and make thingsMA Microservices Meetup: Move fast and make things
MA Microservices Meetup: Move fast and make things
Ambassador Labs
 
Ambassador: Building a Control Plane for Envoy
Ambassador: Building a Control Plane for Envoy Ambassador: Building a Control Plane for Envoy
Ambassador: Building a Control Plane for Envoy
Ambassador Labs
 
Webinar: Introduction to CloudBees Jenkins Platform
Webinar: Introduction to CloudBees Jenkins PlatformWebinar: Introduction to CloudBees Jenkins Platform
Webinar: Introduction to CloudBees Jenkins Platform
Kiratech
 
Istio : Service Mesh
Istio : Service MeshIstio : Service Mesh
Istio : Service Mesh
Knoldus Inc.
 
Microservices with Spring Cloud and Netflix OSS
Microservices with Spring Cloud and Netflix OSSMicroservices with Spring Cloud and Netflix OSS
Microservices with Spring Cloud and Netflix OSS
Denis Danov
 
Service mesh with istio
Service mesh with istioService mesh with istio
Service mesh with istio
WisnuPrabowo20
 
Istio Mesh – Managing Container Deployments at Scale
Istio Mesh – Managing Container Deployments at ScaleIstio Mesh – Managing Container Deployments at Scale
Istio Mesh – Managing Container Deployments at Scale
Mofizur Rahman
 
DockerCon SF 2015: Faster, Cheaper, Safer
DockerCon SF 2015: Faster, Cheaper, SaferDockerCon SF 2015: Faster, Cheaper, Safer
DockerCon SF 2015: Faster, Cheaper, Safer
Docker, Inc.
 
Microservices Practitioner Summit Jan '15 - Maximizing Developer Productivity...
Microservices Practitioner Summit Jan '15 - Maximizing Developer Productivity...Microservices Practitioner Summit Jan '15 - Maximizing Developer Productivity...
Microservices Practitioner Summit Jan '15 - Maximizing Developer Productivity...
Ambassador Labs
 
Embracing Observability in CI/CD with OpenTelemetry
Embracing Observability in CI/CD with OpenTelemetryEmbracing Observability in CI/CD with OpenTelemetry
Embracing Observability in CI/CD with OpenTelemetry
Cyrille Le Clerc
 
The Good, the Bad and the Ugly of Migrating Hundreds of Legacy Applications ...
The Good, the Bad and the Ugly of Migrating Hundreds of Legacy Applications ... The Good, the Bad and the Ugly of Migrating Hundreds of Legacy Applications ...
The Good, the Bad and the Ugly of Migrating Hundreds of Legacy Applications ...
Josef Adersberger
 
Service Meshes Made Easy
Service Meshes Made EasyService Meshes Made Easy
Service Meshes Made Easy
Todd Radel
 
Scaling micro services at gilt
Scaling micro services at giltScaling micro services at gilt
Scaling micro services at gilt
Adrian Trenaman
 

More Related Content

What's hot

Webinar: Introduction to CloudBees Jenkins Platform
Webinar: Introduction to CloudBees Jenkins PlatformWebinar: Introduction to CloudBees Jenkins Platform
Webinar: Introduction to CloudBees Jenkins Platform
Kiratech
 
Embracing Observability in CI/CD with OpenTelemetry
Embracing Observability in CI/CD with OpenTelemetryEmbracing Observability in CI/CD with OpenTelemetry
Embracing Observability in CI/CD with OpenTelemetry
Cyrille Le Clerc
 
The Good, the Bad and the Ugly of Migrating Hundreds of Legacy Applications ...
The Good, the Bad and the Ugly of Migrating Hundreds of Legacy Applications ... The Good, the Bad and the Ugly of Migrating Hundreds of Legacy Applications ...
The Good, the Bad and the Ugly of Migrating Hundreds of Legacy Applications ...
Josef Adersberger
 

What's hot (20)

Empower Your Docker Containers with Watson - DockerCon 2017 Austin
Empower Your Docker Containers with Watson - DockerCon 2017 AustinEmpower Your Docker Containers with Watson - DockerCon 2017 Austin
Empower Your Docker Containers with Watson - DockerCon 2017 Austin
 
Microservice 4.0 Journey - From Spring NetFlix OSS to Istio Service Mesh and ...
Microservice 4.0 Journey - From Spring NetFlix OSS to Istio Service Mesh and ...Microservice 4.0 Journey - From Spring NetFlix OSS to Istio Service Mesh and ...
Microservice 4.0 Journey - From Spring NetFlix OSS to Istio Service Mesh and ...
 
Application Rollout - Istio
Application Rollout - Istio Application Rollout - Istio
Application Rollout - Istio
 
Ambassador Kubernetes-Native API Gateway
Ambassador Kubernetes-Native API GatewayAmbassador Kubernetes-Native API Gateway
Ambassador Kubernetes-Native API Gateway
 
The elegant way of implementing microservices with istio
The elegant way of implementing microservices with istioThe elegant way of implementing microservices with istio
The elegant way of implementing microservices with istio
 
2017 Microservices Practitioner Virtual Summit: Move Fast, Make Things: how d...
2017 Microservices Practitioner Virtual Summit: Move Fast, Make Things: how d...2017 Microservices Practitioner Virtual Summit: Move Fast, Make Things: how d...
2017 Microservices Practitioner Virtual Summit: Move Fast, Make Things: how d...
 
Communication Amongst Microservices: Kubernetes, Istio, and Spring Cloud - An...
Communication Amongst Microservices: Kubernetes, Istio, and Spring Cloud - An...Communication Amongst Microservices: Kubernetes, Istio, and Spring Cloud - An...
Communication Amongst Microservices: Kubernetes, Istio, and Spring Cloud - An...
 
Connecting All Abstractions with Istio
Connecting All Abstractions with IstioConnecting All Abstractions with Istio
Connecting All Abstractions with Istio
 
Dark launching with Consul at Hootsuite - Bill Monkman
Dark launching with Consul at Hootsuite - Bill MonkmanDark launching with Consul at Hootsuite - Bill Monkman
Dark launching with Consul at Hootsuite - Bill Monkman
 
MA Microservices Meetup: Move fast and make things
MA Microservices Meetup: Move fast and make thingsMA Microservices Meetup: Move fast and make things
MA Microservices Meetup: Move fast and make things
 
Ambassador: Building a Control Plane for Envoy
Ambassador: Building a Control Plane for Envoy Ambassador: Building a Control Plane for Envoy
Ambassador: Building a Control Plane for Envoy
 
Webinar: Introduction to CloudBees Jenkins Platform
Webinar: Introduction to CloudBees Jenkins PlatformWebinar: Introduction to CloudBees Jenkins Platform
Webinar: Introduction to CloudBees Jenkins Platform
 
Istio : Service Mesh
Istio : Service MeshIstio : Service Mesh
Istio : Service Mesh
 
Microservices with Spring Cloud and Netflix OSS
Microservices with Spring Cloud and Netflix OSSMicroservices with Spring Cloud and Netflix OSS
Microservices with Spring Cloud and Netflix OSS
 
Service mesh with istio
Service mesh with istioService mesh with istio
Service mesh with istio
 
Istio Mesh – Managing Container Deployments at Scale
Istio Mesh – Managing Container Deployments at ScaleIstio Mesh – Managing Container Deployments at Scale
Istio Mesh – Managing Container Deployments at Scale
 
DockerCon SF 2015: Faster, Cheaper, Safer
DockerCon SF 2015: Faster, Cheaper, SaferDockerCon SF 2015: Faster, Cheaper, Safer
DockerCon SF 2015: Faster, Cheaper, Safer
 
Microservices Practitioner Summit Jan '15 - Maximizing Developer Productivity...
Microservices Practitioner Summit Jan '15 - Maximizing Developer Productivity...Microservices Practitioner Summit Jan '15 - Maximizing Developer Productivity...
Microservices Practitioner Summit Jan '15 - Maximizing Developer Productivity...
 
Embracing Observability in CI/CD with OpenTelemetry
Embracing Observability in CI/CD with OpenTelemetryEmbracing Observability in CI/CD with OpenTelemetry
Embracing Observability in CI/CD with OpenTelemetry
 
The Good, the Bad and the Ugly of Migrating Hundreds of Legacy Applications ...
The Good, the Bad and the Ugly of Migrating Hundreds of Legacy Applications ... The Good, the Bad and the Ugly of Migrating Hundreds of Legacy Applications ...
The Good, the Bad and the Ugly of Migrating Hundreds of Legacy Applications ...
 

Similar to NYC Kubernetes Meetup: Ambassador and Istio - Flynn, Datawire

Service Discovery and Registration in a Microservices Architecture
Service Discovery and Registration in a Microservices ArchitectureService Discovery and Registration in a Microservices Architecture
Service Discovery and Registration in a Microservices Architecture
PLUMgrid
 
Service Mesh CTO Forum (Draft 3)
Service Mesh CTO Forum (Draft 3)Service Mesh CTO Forum (Draft 3)
Service Mesh CTO Forum (Draft 3)
Rick Hightower
 
Microservices - Hitchhiker's guide to cloud native applications
Microservices - Hitchhiker's guide to cloud native applicationsMicroservices - Hitchhiker's guide to cloud native applications
Microservices - Hitchhiker's guide to cloud native applications
Stijn Van Den Enden
 
Decomposing applications for deployability and scalability(SpringSource webinar)
Decomposing applications for deployability and scalability(SpringSource webinar)Decomposing applications for deployability and scalability(SpringSource webinar)
Decomposing applications for deployability and scalability(SpringSource webinar)
Chris Richardson
 

Similar to NYC Kubernetes Meetup: Ambassador and Istio - Flynn, Datawire (20)

Service Meshes Made Easy
Service Meshes Made EasyService Meshes Made Easy
Service Meshes Made Easy
 
Scaling micro services at gilt
Scaling micro services at giltScaling micro services at gilt
Scaling micro services at gilt
 
Think Small To Go Big - Introduction To Microservices
Think Small To Go Big - Introduction To MicroservicesThink Small To Go Big - Introduction To Microservices
Think Small To Go Big - Introduction To Microservices
 
Do You Need A Service Mesh?
Do You Need A Service Mesh?Do You Need A Service Mesh?
Do You Need A Service Mesh?
 
Service Discovery and Registration in a Microservices Architecture
Service Discovery and Registration in a Microservices ArchitectureService Discovery and Registration in a Microservices Architecture
Service Discovery and Registration in a Microservices Architecture
 
Microservice Pattern Launguage
Microservice Pattern LaunguageMicroservice Pattern Launguage
Microservice Pattern Launguage
 
Service Mesh CTO Forum (Draft 3)
Service Mesh CTO Forum (Draft 3)Service Mesh CTO Forum (Draft 3)
Service Mesh CTO Forum (Draft 3)
 
GeeCON Microservices 2015 scaling micro services at gilt
GeeCON Microservices 2015 scaling micro services at giltGeeCON Microservices 2015 scaling micro services at gilt
GeeCON Microservices 2015 scaling micro services at gilt
 
Do I Need A Service Mesh.pptx
Do I Need A Service Mesh.pptxDo I Need A Service Mesh.pptx
Do I Need A Service Mesh.pptx
 
Microservices - Hitchhiker's guide to cloud native applications
Microservices - Hitchhiker's guide to cloud native applicationsMicroservices - Hitchhiker's guide to cloud native applications
Microservices - Hitchhiker's guide to cloud native applications
 
Microservices in a Streaming World
Microservices in a Streaming WorldMicroservices in a Streaming World
Microservices in a Streaming World
 
The Why and How of Applications with APIs and microservices
The Why and How of Applications with APIs and microservicesThe Why and How of Applications with APIs and microservices
The Why and How of Applications with APIs and microservices
 
Docebo: history of a journey from legacy to serverless
Docebo: history of a journey from legacy to serverlessDocebo: history of a journey from legacy to serverless
Docebo: history of a journey from legacy to serverless
 
Why Microservice
Why Microservice Why Microservice
Why Microservice
 
Decomposing applications for deployability and scalability(SpringSource webinar)
Decomposing applications for deployability and scalability(SpringSource webinar)Decomposing applications for deployability and scalability(SpringSource webinar)
Decomposing applications for deployability and scalability(SpringSource webinar)
 
A Connector, A Container and an API Walk into a Bar… Microservices Edition
A Connector, A Container and an API Walk into a Bar… Microservices EditionA Connector, A Container and an API Walk into a Bar… Microservices Edition
A Connector, A Container and an API Walk into a Bar… Microservices Edition
 
A Connector, A Container and an API Walk into a Bar… Microservices Edition
A Connector, A Container and an API Walk into a Bar… Microservices EditionA Connector, A Container and an API Walk into a Bar… Microservices Edition
A Connector, A Container and an API Walk into a Bar… Microservices Edition
 
DevOps and Microservice
DevOps and MicroserviceDevOps and Microservice
DevOps and Microservice
 
Service mesh in action with onap
Service mesh in action with onapService mesh in action with onap
Service mesh in action with onap
 
Consul: Service-oriented at Scale
Consul: Service-oriented at ScaleConsul: Service-oriented at Scale
Consul: Service-oriented at Scale
 

More from Ambassador Labs

Building Microservice Systems Without Cooking Your Laptop: Going “Remocal” wi...
Building Microservice Systems Without Cooking Your Laptop: Going “Remocal” wi...Building Microservice Systems Without Cooking Your Laptop: Going “Remocal” wi...
Building Microservice Systems Without Cooking Your Laptop: Going “Remocal” wi...
Ambassador Labs
 
Cloud native development without the toil
Cloud native development without the toilCloud native development without the toil
Cloud native development without the toil
Ambassador Labs
 
Webinar: Accelerate Your Inner Dev Loop for Kubernetes Services
Webinar: Accelerate Your Inner Dev Loop for Kubernetes Services Webinar: Accelerate Your Inner Dev Loop for Kubernetes Services
Webinar: Accelerate Your Inner Dev Loop for Kubernetes Services
Ambassador Labs
 
[QCon London 2020] The Future of Cloud Native API Gateways - Richard Li
[QCon London 2020] The Future of Cloud Native API Gateways - Richard Li[QCon London 2020] The Future of Cloud Native API Gateways - Richard Li
[QCon London 2020] The Future of Cloud Native API Gateways - Richard Li
Ambassador Labs
 
What's New in the Ambassador Edge Stack 1.0?
What's New in the Ambassador Edge Stack 1.0? What's New in the Ambassador Edge Stack 1.0?
What's New in the Ambassador Edge Stack 1.0?
Ambassador Labs
 
[KubeCon NA 2018] Effective Kubernetes Develop: Turbocharge Your Dev Loop - P...
[KubeCon NA 2018] Effective Kubernetes Develop: Turbocharge Your Dev Loop - P...[KubeCon NA 2018] Effective Kubernetes Develop: Turbocharge Your Dev Loop - P...
[KubeCon NA 2018] Effective Kubernetes Develop: Turbocharge Your Dev Loop - P...
Ambassador Labs
 

More from Ambassador Labs (20)

Building Microservice Systems Without Cooking Your Laptop: Going “Remocal” wi...
Building Microservice Systems Without Cooking Your Laptop: Going “Remocal” wi...Building Microservice Systems Without Cooking Your Laptop: Going “Remocal” wi...
Building Microservice Systems Without Cooking Your Laptop: Going “Remocal” wi...
 
Ambassador Developer Office Hours: Summer of Kubernetes Ship Week 1: Intro to...
Ambassador Developer Office Hours: Summer of Kubernetes Ship Week 1: Intro to...Ambassador Developer Office Hours: Summer of Kubernetes Ship Week 1: Intro to...
Ambassador Developer Office Hours: Summer of Kubernetes Ship Week 1: Intro to...
 
Cloud native development without the toil
Cloud native development without the toilCloud native development without the toil
Cloud native development without the toil
 
Webinar: Accelerate Your Inner Dev Loop for Kubernetes Services
Webinar: Accelerate Your Inner Dev Loop for Kubernetes Services Webinar: Accelerate Your Inner Dev Loop for Kubernetes Services
Webinar: Accelerate Your Inner Dev Loop for Kubernetes Services
 
[Confoo Montreal 2020] From Grief to Growth: The 7 Stages of Observability - ...
[Confoo Montreal 2020] From Grief to Growth: The 7 Stages of Observability - ...[Confoo Montreal 2020] From Grief to Growth: The 7 Stages of Observability - ...
[Confoo Montreal 2020] From Grief to Growth: The 7 Stages of Observability - ...
 
[Confoo Montreal 2020] Build Your Own Serverless with Knative - Alex Gervais
[Confoo Montreal 2020] Build Your Own Serverless with Knative - Alex Gervais[Confoo Montreal 2020] Build Your Own Serverless with Knative - Alex Gervais
[Confoo Montreal 2020] Build Your Own Serverless with Knative - Alex Gervais
 
[QCon London 2020] The Future of Cloud Native API Gateways - Richard Li
[QCon London 2020] The Future of Cloud Native API Gateways - Richard Li[QCon London 2020] The Future of Cloud Native API Gateways - Richard Li
[QCon London 2020] The Future of Cloud Native API Gateways - Richard Li
 
What's New in the Ambassador Edge Stack 1.0?
What's New in the Ambassador Edge Stack 1.0? What's New in the Ambassador Edge Stack 1.0?
What's New in the Ambassador Edge Stack 1.0?
 
Webinar: Effective Management of APIs and the Edge when Adopting Kubernetes
Webinar: Effective Management of APIs and the Edge when Adopting Kubernetes Webinar: Effective Management of APIs and the Edge when Adopting Kubernetes
Webinar: Effective Management of APIs and the Edge when Adopting Kubernetes
 
Telepresence - Fast Development Workflows for Kubernetes
Telepresence - Fast Development Workflows for KubernetesTelepresence - Fast Development Workflows for Kubernetes
Telepresence - Fast Development Workflows for Kubernetes
 
[KubeCon NA 2018] Telepresence Deep Dive Session - Rafael Schloming & Luke Sh...
[KubeCon NA 2018] Telepresence Deep Dive Session - Rafael Schloming & Luke Sh...[KubeCon NA 2018] Telepresence Deep Dive Session - Rafael Schloming & Luke Sh...
[KubeCon NA 2018] Telepresence Deep Dive Session - Rafael Schloming & Luke Sh...
 
[KubeCon NA 2018] Effective Kubernetes Develop: Turbocharge Your Dev Loop - P...
[KubeCon NA 2018] Effective Kubernetes Develop: Turbocharge Your Dev Loop - P...[KubeCon NA 2018] Effective Kubernetes Develop: Turbocharge Your Dev Loop - P...
[KubeCon NA 2018] Effective Kubernetes Develop: Turbocharge Your Dev Loop - P...
 
The rise of Layer 7, microservices, and the proxy war with Envoy, NGINX, and ...
The rise of Layer 7, microservices, and the proxy war with Envoy, NGINX, and ...The rise of Layer 7, microservices, and the proxy war with Envoy, NGINX, and ...
The rise of Layer 7, microservices, and the proxy war with Envoy, NGINX, and ...
 
The Simply Complex Task of Implementing Kubernetes Ingress - Velocity NYC
The Simply Complex Task of Implementing Kubernetes Ingress - Velocity NYCThe Simply Complex Task of Implementing Kubernetes Ingress - Velocity NYC
The Simply Complex Task of Implementing Kubernetes Ingress - Velocity NYC
 
Micro xchg 2018 - What is a Service Mesh?
Micro xchg 2018 - What is a Service Mesh? Micro xchg 2018 - What is a Service Mesh?
Micro xchg 2018 - What is a Service Mesh?
 
Webinar: Code Faster on Kubernetes
Webinar: Code Faster on KubernetesWebinar: Code Faster on Kubernetes
Webinar: Code Faster on Kubernetes
 
QCon SF 2017 - Microservices: Service-Oriented Development
QCon SF 2017 - Microservices: Service-Oriented DevelopmentQCon SF 2017 - Microservices: Service-Oriented Development
QCon SF 2017 - Microservices: Service-Oriented Development
 
Montreal Kubernetes Meetup: Developer-first workflows (for microservices) on ...
Montreal Kubernetes Meetup: Developer-first workflows (for microservices) on ...Montreal Kubernetes Meetup: Developer-first workflows (for microservices) on ...
Montreal Kubernetes Meetup: Developer-first workflows (for microservices) on ...
 
O'Reilly Software Architecture Conference London 2017: Building Resilient Mic...
O'Reilly Software Architecture Conference London 2017: Building Resilient Mic...O'Reilly Software Architecture Conference London 2017: Building Resilient Mic...
O'Reilly Software Architecture Conference London 2017: Building Resilient Mic...
 
Velocity NYC 2017: Building Resilient Microservices with Kubernetes, Docker, ...
Velocity NYC 2017: Building Resilient Microservices with Kubernetes, Docker, ...Velocity NYC 2017: Building Resilient Microservices with Kubernetes, Docker, ...
Velocity NYC 2017: Building Resilient Microservices with Kubernetes, Docker, ...
 

Recently uploaded

Introducing Microsoft’s new Enterprise Work Management (EWM) Solution
Introducing Microsoft’s new Enterprise Work Management (EWM) SolutionIntroducing Microsoft’s new Enterprise Work Management (EWM) Solution
Introducing Microsoft’s new Enterprise Work Management (EWM) Solution
OnePlan Solutions
 
TECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service providerTECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service provider
mohitmore19
 
The title is not connected to what is inside
The title is not connected to what is insideThe title is not connected to what is inside
The title is not connected to what is inside
shinachiaurasa2
 
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
Health
 
Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time ApplicationsUnveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Alberto González Trastoy
 
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
panagenda
 
Sector 18, Noida Call girls :8448380779 Model Escorts | 100% verified
Sector 18, Noida Call girls :8448380779 Model Escorts | 100% verifiedSector 18, Noida Call girls :8448380779 Model Escorts | 100% verified
Sector 18, Noida Call girls :8448380779 Model Escorts | 100% verified
Delhi Call girls
 
The Top App Development Trends Shaping the Industry in 2024-25 .pdf
The Top App Development Trends Shaping the Industry in 2024-25 .pdfThe Top App Development Trends Shaping the Industry in 2024-25 .pdf
The Top App Development Trends Shaping the Industry in 2024-25 .pdf
ayushiqss
 
AI Mastery 201: Elevating Your Workflow with Advanced LLM Techniques
AI Mastery 201: Elevating Your Workflow with Advanced LLM TechniquesAI Mastery 201: Elevating Your Workflow with Advanced LLM Techniques
AI Mastery 201: Elevating Your Workflow with Advanced LLM Techniques
VictorSzoltysek
 

Recently uploaded (20)

Introducing Microsoft’s new Enterprise Work Management (EWM) Solution
Introducing Microsoft’s new Enterprise Work Management (EWM) SolutionIntroducing Microsoft’s new Enterprise Work Management (EWM) Solution
Introducing Microsoft’s new Enterprise Work Management (EWM) Solution
 
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
 
TECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service providerTECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service provider
 
%in tembisa+277-882-255-28 abortion pills for sale in tembisa
%in tembisa+277-882-255-28 abortion pills for sale in tembisa%in tembisa+277-882-255-28 abortion pills for sale in tembisa
%in tembisa+277-882-255-28 abortion pills for sale in tembisa
 
Exploring the Best Video Editing App.pdf
Exploring the Best Video Editing App.pdfExploring the Best Video Editing App.pdf
Exploring the Best Video Editing App.pdf
 
%in kempton park+277-882-255-28 abortion pills for sale in kempton park
%in kempton park+277-882-255-28 abortion pills for sale in kempton park %in kempton park+277-882-255-28 abortion pills for sale in kempton park
%in kempton park+277-882-255-28 abortion pills for sale in kempton park
 
Payment Gateway Testing Simplified_ A Step-by-Step Guide for Beginners.pdf
Payment Gateway Testing Simplified_ A Step-by-Step Guide for Beginners.pdfPayment Gateway Testing Simplified_ A Step-by-Step Guide for Beginners.pdf
Payment Gateway Testing Simplified_ A Step-by-Step Guide for Beginners.pdf
 
Pharm-D Biostatistics and Research methodology
Pharm-D Biostatistics and Research methodologyPharm-D Biostatistics and Research methodology
Pharm-D Biostatistics and Research methodology
 
The title is not connected to what is inside
The title is not connected to what is insideThe title is not connected to what is inside
The title is not connected to what is inside
 
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
 
Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time ApplicationsUnveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
 
How To Troubleshoot Collaboration Apps for the Modern Connected Worker
How To Troubleshoot Collaboration Apps for the Modern Connected WorkerHow To Troubleshoot Collaboration Apps for the Modern Connected Worker
How To Troubleshoot Collaboration Apps for the Modern Connected Worker
 
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
 
Sector 18, Noida Call girls :8448380779 Model Escorts | 100% verified
Sector 18, Noida Call girls :8448380779 Model Escorts | 100% verifiedSector 18, Noida Call girls :8448380779 Model Escorts | 100% verified
Sector 18, Noida Call girls :8448380779 Model Escorts | 100% verified
 
The Top App Development Trends Shaping the Industry in 2024-25 .pdf
The Top App Development Trends Shaping the Industry in 2024-25 .pdfThe Top App Development Trends Shaping the Industry in 2024-25 .pdf
The Top App Development Trends Shaping the Industry in 2024-25 .pdf
 
%in ivory park+277-882-255-28 abortion pills for sale in ivory park
%in ivory park+277-882-255-28 abortion pills for sale in ivory park %in ivory park+277-882-255-28 abortion pills for sale in ivory park
%in ivory park+277-882-255-28 abortion pills for sale in ivory park
 
Software Quality Assurance Interview Questions
Software Quality Assurance Interview QuestionsSoftware Quality Assurance Interview Questions
Software Quality Assurance Interview Questions
 
%in kaalfontein+277-882-255-28 abortion pills for sale in kaalfontein
%in kaalfontein+277-882-255-28 abortion pills for sale in kaalfontein%in kaalfontein+277-882-255-28 abortion pills for sale in kaalfontein
%in kaalfontein+277-882-255-28 abortion pills for sale in kaalfontein
 
LEVEL 5 - SESSION 1 2023 (1).pptx - PDF 123456
LEVEL 5 - SESSION 1 2023 (1).pptx - PDF 123456LEVEL 5 - SESSION 1 2023 (1).pptx - PDF 123456
LEVEL 5 - SESSION 1 2023 (1).pptx - PDF 123456
 
AI Mastery 201: Elevating Your Workflow with Advanced LLM Techniques
AI Mastery 201: Elevating Your Workflow with Advanced LLM TechniquesAI Mastery 201: Elevating Your Workflow with Advanced LLM Techniques
AI Mastery 201: Elevating Your Workflow with Advanced LLM Techniques
 

NYC Kubernetes Meetup: Ambassador and Istio - Flynn, Datawire

  • 2. 2
  • 3. 3 Development in Interesting Times Massively increased leverage FOSS Devops Microservice architecture
  • 4. 4 Interesting Times: Microservices Ditch your Monolith No more huge apps where you build everything into one binary Instead, split up your app into tiny, single-function microservices Each microservice team does development - and release! - totally independently
  • 5. 5 The good Velocity, Velocity, Velocity Ownership Freedom Velocity The bad Lots of cats to herd independent releases and deployments Inherently a distributed system! Fragility, latency, nonobservability, cascading failures… Interesting Times: Microservices
  • 6. 6 Interesting Times: Microservices The ugly Fixing “the bad” is really hard. Example: retry on network failure Sounds simple but there are a lot of details! Not too quickly, not too many times, should often do exponential backoff… It’s just not feasible for all devs to independently get it right.
  • 7. 7 What Do We Do About This? Reduce operational friction Automate or eliminate needless operational touchpoint Move the Hard Stuff™ down into your infrastructure layer Get it right once Let everyone use it This is the concept of a service mesh
  • 8. 8
  • 9. 9 Service Mesh Service mesh is about collecting services into an application Give dev & ops the experience they had with a single host Visibility, resiliency, control, security, policy Envoy (from Lyft) and Istio (from IBM & Google) manage this pretty well
  • 10. 10 Envoy C++ L4/L7 reverse proxy Built at Lyft, and brutally battle-tested hundreds of services, tens of thousands of VMs, millions of requests per second includes support for many mesh features increasingly active community HTTP/2 & gRPC Zone-aware load balancing w/ failover Health checks, circuit breakers, timeouts, retry budgets No hot reloads - API driven config updates
  • 11. 11 Istio “Network for services instead of bytes” Built by IBM and Google using Envoy 2003 GitHub stars, 40+ engineers 😀 rather than having libraries, just put an Envoy sidecar next to each service load balancing retries rate limiting telemetry and monitoring
  • 12. 12 API Gateway API gateways are also about collecting services into an application Gives the application as a whole consistency for clients & devs Put critical things like authentication, routing, TLS termination in one central place
  • 13. 13
  • 14. 14 Ambassador Self-service API gateway Also built on Envoy Built for Kubernetes Built for microservices Supports standalone or Istio Provides routing, TLS termination, authentication Early days yet – more to come
  • 15. 15 Ambassador: Routing Self-service routing, TLS, and authentication Understands HTTP(s) URLs route resource to service “resource” identified by URL path prefix “service” is… a Kubernetes service routes all HTTP methods
  • 16. 16 Ambassador: Self Service Self-service routing, TLS, and authentication Developer can route resources to their service on their own Simple REST interface for routing control “Move fast and make things” reduce friction, so no ops gate for a new release …but also no ops gate for a rollback!
  • 17. 17 Ambassador: TLS Self-service routing, TLS, and authentication Ambassador can terminate TLS Tell Ambassador about certificates Ambassador will accept HTTPS connections Currently cleartext to services Watch this space! TLS client-certificate authentication, too
  • 18. 18 Ambassador: Custom Authentication Self-service routing, TLS, and authentication REST API to outboard authentication service: auth service gets HTTP request headers return HTTP status code Applies to all microservices if a microservice gets a connection, auth said OK of course, the auth service could allow public access to some microservices! Supplied auth service for HTTP Basic Auth
  • 19. 19 Ambassador and Istio Natural fit, though still early days of working together Istio provides service mesh Ambassador provides a control mechanism for ingress, etc. Again, watch this space.
  • 20. 20 Ambassador Roadmap Ambassador under active development Better integration with Istio still support standalone ops First-class custom filters embedded interpreter Rate limiting, authorization, etc. http://getambassador.io/ for more
  • 21. 21
  • 22. 22
  • 23. 23