lakshmi sharma, director product management, networking ... · lakshmi sharma, director product...
TRANSCRIPT
![Page 1: Lakshmi Sharma, Director Product Management, Networking ... · Lakshmi Sharma, Director Product Management, Networking, Google Cloud . 2 IT must now manage across legacy on-prem,](https://reader036.vdocuments.mx/reader036/viewer/2022070710/5ec567de0e30496ba64586c1/html5/thumbnails/1.jpg)
1
Modernize, Deploy and Manage Enterprise Apps at scale in Hybrid
Lakshmi Sharma, Director Product Management, Networking, Google Cloud
![Page 2: Lakshmi Sharma, Director Product Management, Networking ... · Lakshmi Sharma, Director Product Management, Networking, Google Cloud . 2 IT must now manage across legacy on-prem,](https://reader036.vdocuments.mx/reader036/viewer/2022070710/5ec567de0e30496ba64586c1/html5/thumbnails/2.jpg)
2
IT must now manage across legacy on-prem, private-hosted, and one or more public cloud environments
On-prem legacy apps
Private-hosted apps
Threat of vendor lock in
Threat of new technology
Cloud apps
Established enterprises have built up increasingly complex software environments
![Page 3: Lakshmi Sharma, Director Product Management, Networking ... · Lakshmi Sharma, Director Product Management, Networking, Google Cloud . 2 IT must now manage across legacy on-prem,](https://reader036.vdocuments.mx/reader036/viewer/2022070710/5ec567de0e30496ba64586c1/html5/thumbnails/3.jpg)
3
1. With minimal down time
2. By re-architecting monolithic architecture into microservices
3. To lower our technical debt
4. But need a design that seamlessly manages all our business lines
5. And continue to use same tools, and APIs across
We want Hybrid with Modernization
![Page 4: Lakshmi Sharma, Director Product Management, Networking ... · Lakshmi Sharma, Director Product Management, Networking, Google Cloud . 2 IT must now manage across legacy on-prem,](https://reader036.vdocuments.mx/reader036/viewer/2022070710/5ec567de0e30496ba64586c1/html5/thumbnails/4.jpg)
4
1. Lift and shift
2. Transform
3. Greenfield
4. Hybrid approach
Migrationoptions
![Page 5: Lakshmi Sharma, Director Product Management, Networking ... · Lakshmi Sharma, Director Product Management, Networking, Google Cloud . 2 IT must now manage across legacy on-prem,](https://reader036.vdocuments.mx/reader036/viewer/2022070710/5ec567de0e30496ba64586c1/html5/thumbnails/5.jpg)
5
Legacy software development practice: An Example
New requirement to launch / scale mobile component of an existing legacy app
IT Teams build mobile backend based on existing legacy architecture
Difficult to migrate / break apart existing app due to hard dependencies in on-prem environment
At launch, unpredictable traffic spikes, causing downtime
Team decides to switch environments and replatform their app, forcing a full rewrite due to inflexibility of legacy systems
The mobile component needs to be developed, configured, secured, and scaled differently in each environment it’s deployed
![Page 6: Lakshmi Sharma, Director Product Management, Networking ... · Lakshmi Sharma, Director Product Management, Networking, Google Cloud . 2 IT must now manage across legacy on-prem,](https://reader036.vdocuments.mx/reader036/viewer/2022070710/5ec567de0e30496ba64586c1/html5/thumbnails/6.jpg)
CONTAINERIZATION
ORCHESTRATION
CI / CD
SERVICE MESH
Package applications
Run applications
Manage applications
Connect and secure applications
![Page 7: Lakshmi Sharma, Director Product Management, Networking ... · Lakshmi Sharma, Director Product Management, Networking, Google Cloud . 2 IT must now manage across legacy on-prem,](https://reader036.vdocuments.mx/reader036/viewer/2022070710/5ec567de0e30496ba64586c1/html5/thumbnails/7.jpg)
DOCKER
KUBERNETES
SPINNAKER
ISTIO+gRPC
Package applications
Run applications
Manage application
Connect and secure applications
![Page 8: Lakshmi Sharma, Director Product Management, Networking ... · Lakshmi Sharma, Director Product Management, Networking, Google Cloud . 2 IT must now manage across legacy on-prem,](https://reader036.vdocuments.mx/reader036/viewer/2022070710/5ec567de0e30496ba64586c1/html5/thumbnails/8.jpg)
8
Applications aren’ttied to underlyinginfrastructure or vendors...
...addressing issues of tight coupling
Container based methods offera flexible approach to infrastructure
![Page 9: Lakshmi Sharma, Director Product Management, Networking ... · Lakshmi Sharma, Director Product Management, Networking, Google Cloud . 2 IT must now manage across legacy on-prem,](https://reader036.vdocuments.mx/reader036/viewer/2022070710/5ec567de0e30496ba64586c1/html5/thumbnails/9.jpg)
01 Running Applications with Kubernetes
![Page 10: Lakshmi Sharma, Director Product Management, Networking ... · Lakshmi Sharma, Director Product Management, Networking, Google Cloud . 2 IT must now manage across legacy on-prem,](https://reader036.vdocuments.mx/reader036/viewer/2022070710/5ec567de0e30496ba64586c1/html5/thumbnails/10.jpg)
10
Automate deployment of applications on toany infrastructure
A portable platform on top of which developers can build applications, so that they are easily...
A portability layer hatabstracts away differences in underlying computer platforms
Kubernetes
Ported Changed Redeployed
![Page 11: Lakshmi Sharma, Director Product Management, Networking ... · Lakshmi Sharma, Director Product Management, Networking, Google Cloud . 2 IT must now manage across legacy on-prem,](https://reader036.vdocuments.mx/reader036/viewer/2022070710/5ec567de0e30496ba64586c1/html5/thumbnails/11.jpg)
GCP
VM VPC STORAGE ROUTERS FW LB IAM
API
On Prem / Cloud
VM VPC STORAGE ROUTERS FW LB IAM
KUBERNETES
Kubernetes is a declarative way to describe your applications
![Page 12: Lakshmi Sharma, Director Product Management, Networking ... · Lakshmi Sharma, Director Product Management, Networking, Google Cloud . 2 IT must now manage across legacy on-prem,](https://reader036.vdocuments.mx/reader036/viewer/2022070710/5ec567de0e30496ba64586c1/html5/thumbnails/12.jpg)
12
Containers at Google
● Google launches more than four billion containers every week globally
● Full range of Google-run applications including Search, Gmail, and YouTube.
● Inspired by Google’s Cluster Manager called Borg which enables direct software tasks across vast machine clusters.
● A culmination of Google’s experience deploying resilient applications at scale.
![Page 13: Lakshmi Sharma, Director Product Management, Networking ... · Lakshmi Sharma, Director Product Management, Networking, Google Cloud . 2 IT must now manage across legacy on-prem,](https://reader036.vdocuments.mx/reader036/viewer/2022070710/5ec567de0e30496ba64586c1/html5/thumbnails/13.jpg)
02 Managing applications with Spinnaker
![Page 14: Lakshmi Sharma, Director Product Management, Networking ... · Lakshmi Sharma, Director Product Management, Networking, Google Cloud . 2 IT must now manage across legacy on-prem,](https://reader036.vdocuments.mx/reader036/viewer/2022070710/5ec567de0e30496ba64586c1/html5/thumbnails/14.jpg)
CICD/ on Google Cloud
Build/Test
Artifact storage Deploy
Cloud Build Container Registry
Cloud Storage
Source
Source Repository
CSR Bitbucket Jenkins Circle CI quay DockerHub
jenkins Codefresh
![Page 15: Lakshmi Sharma, Director Product Management, Networking ... · Lakshmi Sharma, Director Product Management, Networking, Google Cloud . 2 IT must now manage across legacy on-prem,](https://reader036.vdocuments.mx/reader036/viewer/2022070710/5ec567de0e30496ba64586c1/html5/thumbnails/15.jpg)
Spinnaker
Spinnaker is an open-source, multi-cloud, continuous delivery platform
Application deployment Application management
![Page 16: Lakshmi Sharma, Director Product Management, Networking ... · Lakshmi Sharma, Director Product Management, Networking, Google Cloud . 2 IT must now manage across legacy on-prem,](https://reader036.vdocuments.mx/reader036/viewer/2022070710/5ec567de0e30496ba64586c1/html5/thumbnails/16.jpg)
Deployment Sequencing
Pipelines
Stages
![Page 17: Lakshmi Sharma, Director Product Management, Networking ... · Lakshmi Sharma, Director Product Management, Networking, Google Cloud . 2 IT must now manage across legacy on-prem,](https://reader036.vdocuments.mx/reader036/viewer/2022070710/5ec567de0e30496ba64586c1/html5/thumbnails/17.jpg)
Deployment Strategies
![Page 18: Lakshmi Sharma, Director Product Management, Networking ... · Lakshmi Sharma, Director Product Management, Networking, Google Cloud . 2 IT must now manage across legacy on-prem,](https://reader036.vdocuments.mx/reader036/viewer/2022070710/5ec567de0e30496ba64586c1/html5/thumbnails/18.jpg)
Safe Deployments
Execution Windows Manual Judgements Manual Rollbacks Automated Rollbacks
Trigger a pipeline that does a rollback on a failed deployment
![Page 19: Lakshmi Sharma, Director Product Management, Networking ... · Lakshmi Sharma, Director Product Management, Networking, Google Cloud . 2 IT must now manage across legacy on-prem,](https://reader036.vdocuments.mx/reader036/viewer/2022070710/5ec567de0e30496ba64586c1/html5/thumbnails/19.jpg)
03 Connecting and Securing Applications with gRPC and Istio
![Page 20: Lakshmi Sharma, Director Product Management, Networking ... · Lakshmi Sharma, Director Product Management, Networking, Google Cloud . 2 IT must now manage across legacy on-prem,](https://reader036.vdocuments.mx/reader036/viewer/2022070710/5ec567de0e30496ba64586c1/html5/thumbnails/20.jpg)
Learning from Predecessor of gRPC called Stubby at Google
Microservices at Google:
Images by Connie Zhou
O(1010) RPC per second
![Page 21: Lakshmi Sharma, Director Product Management, Networking ... · Lakshmi Sharma, Director Product Management, Networking, Google Cloud . 2 IT must now manage across legacy on-prem,](https://reader036.vdocuments.mx/reader036/viewer/2022070710/5ec567de0e30496ba64586c1/html5/thumbnails/21.jpg)
what did we learn from scaled Stubby ● Contracts between services should be strict● Common language helps● Common understanding for deadlines, cancellations, flow control messages● Common stats/tracing framework is essential for monitoring, debugging● Common framework lets uniform policy application for control and lb
Single point of integration for logging, monitoring, tracing, service discovery and load balancing makes lives much easier !
![Page 22: Lakshmi Sharma, Director Product Management, Networking ... · Lakshmi Sharma, Director Product Management, Networking, Google Cloud . 2 IT must now manage across legacy on-prem,](https://reader036.vdocuments.mx/reader036/viewer/2022070710/5ec567de0e30496ba64586c1/html5/thumbnails/22.jpg)
Android-Java Client
gRPC Stub
Ruby Client
gRPC Stub
Stubby to gRPC -> What Is gRPC?
C++ Service
gRPC Server
Proto Request
Proto Response
Proto Request
Proto Response(s)
![Page 23: Lakshmi Sharma, Director Product Management, Networking ... · Lakshmi Sharma, Director Product Management, Networking, Google Cloud . 2 IT must now manage across legacy on-prem,](https://reader036.vdocuments.mx/reader036/viewer/2022070710/5ec567de0e30496ba64586c1/html5/thumbnails/23.jpg)
gRPC Speaks Your Language
Java Service
gRPC Service
gRPC Stub
Python Service
gRPC Service
GoLang Service
gRPC Service
C++ Service
gRPC ServicegRPC
Stub
gRPC Stub
gRPC Stub
gRPC Stub
![Page 24: Lakshmi Sharma, Director Product Management, Networking ... · Lakshmi Sharma, Director Product Management, Networking, Google Cloud . 2 IT must now manage across legacy on-prem,](https://reader036.vdocuments.mx/reader036/viewer/2022070710/5ec567de0e30496ba64586c1/html5/thumbnails/24.jpg)
gRPC Runs Everywhere
Micro service architecture
3rd Party App
External
App
Internal
μService
μService
μService
μService
μService
μService
μService
μService
μService
APIs
APIs
Cloud Service
App
API
Front end
Backend & Shared Services
API
API
Internet of Things
30
API
APIAPI
![Page 25: Lakshmi Sharma, Director Product Management, Networking ... · Lakshmi Sharma, Director Product Management, Networking, Google Cloud . 2 IT must now manage across legacy on-prem,](https://reader036.vdocuments.mx/reader036/viewer/2022070710/5ec567de0e30496ba64586c1/html5/thumbnails/25.jpg)
• HTTP/2 performance: Multiplexing, Header Compression, Binary Framing
• Binary compact protos: Serialization time, size of message on wire, client and server compute time, network throughput
• Streaming is native to gRPC Service Mesh Integrations• Monitoring and Tracing
Prometheus, Zipkin, Opentracing integrations• Service Discovery
Etcd, Consul, Zookeeper as controller for gRPC-lb• Auth & Security
mTLS , Plugin auth mechanism (e.g. OAuth)• Proxies
Nginx and others
gRPC is:
PerformantExtensibleEasyWidely Adopted
![Page 26: Lakshmi Sharma, Director Product Management, Networking ... · Lakshmi Sharma, Director Product Management, Networking, Google Cloud . 2 IT must now manage across legacy on-prem,](https://reader036.vdocuments.mx/reader036/viewer/2022070710/5ec567de0e30496ba64586c1/html5/thumbnails/26.jpg)
Transparently automate application network functions.
Service Mesh
![Page 27: Lakshmi Sharma, Director Product Management, Networking ... · Lakshmi Sharma, Director Product Management, Networking, Google Cloud . 2 IT must now manage across legacy on-prem,](https://reader036.vdocuments.mx/reader036/viewer/2022070710/5ec567de0e30496ba64586c1/html5/thumbnails/27.jpg)
Separating (business Logic) applications from network functions
![Page 28: Lakshmi Sharma, Director Product Management, Networking ... · Lakshmi Sharma, Director Product Management, Networking, Google Cloud . 2 IT must now manage across legacy on-prem,](https://reader036.vdocuments.mx/reader036/viewer/2022070710/5ec567de0e30496ba64586c1/html5/thumbnails/28.jpg)
Everybody got all fired up about Kubernetes and microservices and then were like ‘Wow, what’s going on?’ Istio lets us view our entire system and find trouble spots.Anonymous early adopter
![Page 29: Lakshmi Sharma, Director Product Management, Networking ... · Lakshmi Sharma, Director Product Management, Networking, Google Cloud . 2 IT must now manage across legacy on-prem,](https://reader036.vdocuments.mx/reader036/viewer/2022070710/5ec567de0e30496ba64586c1/html5/thumbnails/29.jpg)
Istio is a service mesh. It is an open framework for connecting, securing, managing and monitoring services.
![Page 30: Lakshmi Sharma, Director Product Management, Networking ... · Lakshmi Sharma, Director Product Management, Networking, Google Cloud . 2 IT must now manage across legacy on-prem,](https://reader036.vdocuments.mx/reader036/viewer/2022070710/5ec567de0e30496ba64586c1/html5/thumbnails/30.jpg)
Secure, Monitor, Manage
Intelligent routing
● Dynamic route configuration
● A/B tests ● Canaries● Gradually upgrade
versions
Resilience
● Timeouts● Retries● Health checks● Circuit breakers
Security & policy
● Mutual TLS● Organizational policy● Access policies● Rate Limiting
Telemetry
● Service Dependencies● Traffic Flow● Distributed Tracing
![Page 31: Lakshmi Sharma, Director Product Management, Networking ... · Lakshmi Sharma, Director Product Management, Networking, Google Cloud . 2 IT must now manage across legacy on-prem,](https://reader036.vdocuments.mx/reader036/viewer/2022070710/5ec567de0e30496ba64586c1/html5/thumbnails/31.jpg)
Traffic transparently proxied —unaware of proxies
Pilot Mixer
Discovery & config data to proxies
TLS certsto proxies
Policy checks,telemetry
Proxy
Frontend
Proxy
Payments
Citadel
How Istio works
Istio Control Plane
HTTP/1.1, HTTP/2, gRPC or TCP -- with or without
mTLS
Control Plane API
![Page 32: Lakshmi Sharma, Director Product Management, Networking ... · Lakshmi Sharma, Director Product Management, Networking, Google Cloud . 2 IT must now manage across legacy on-prem,](https://reader036.vdocuments.mx/reader036/viewer/2022070710/5ec567de0e30496ba64586c1/html5/thumbnails/32.jpg)
Service architecture
AuthFrontend
Pictures Payments
Users Cloud SQL
External Payment Processor
![Page 33: Lakshmi Sharma, Director Product Management, Networking ... · Lakshmi Sharma, Director Product Management, Networking, Google Cloud . 2 IT must now manage across legacy on-prem,](https://reader036.vdocuments.mx/reader036/viewer/2022070710/5ec567de0e30496ba64586c1/html5/thumbnails/33.jpg)
Istio-enabling a service
spec: containers: - image: frontend:v2.0.17
spec: containers: - image: frontend:v2.0.17 - image: istio/proxy:v1.0
Frontend
Proxy
Frontend
![Page 34: Lakshmi Sharma, Director Product Management, Networking ... · Lakshmi Sharma, Director Product Management, Networking, Google Cloud . 2 IT must now manage across legacy on-prem,](https://reader036.vdocuments.mx/reader036/viewer/2022070710/5ec567de0e30496ba64586c1/html5/thumbnails/34.jpg)
Service architecture with Istio
Proxy
Auth
Proxy
Frontend
Users Cloud SQL
Pictures
Proxy
Payments
Proxy
External Payment ProcessorExternal Payment Processor
![Page 35: Lakshmi Sharma, Director Product Management, Networking ... · Lakshmi Sharma, Director Product Management, Networking, Google Cloud . 2 IT must now manage across legacy on-prem,](https://reader036.vdocuments.mx/reader036/viewer/2022070710/5ec567de0e30496ba64586c1/html5/thumbnails/35.jpg)
Steady state
Service
Traffic control tied to infrastructure
![Page 36: Lakshmi Sharma, Director Product Management, Networking ... · Lakshmi Sharma, Director Product Management, Networking, Google Cloud . 2 IT must now manage across legacy on-prem,](https://reader036.vdocuments.mx/reader036/viewer/2022070710/5ec567de0e30496ba64586c1/html5/thumbnails/36.jpg)
In the past
10% canariesLoad Balancing
Traffic control tied to infrastructure
Canary
Default
Default
Default
Default
Default
Default
Default
Default
Default
![Page 37: Lakshmi Sharma, Director Product Management, Networking ... · Lakshmi Sharma, Director Product Management, Networking, Google Cloud . 2 IT must now manage across legacy on-prem,](https://reader036.vdocuments.mx/reader036/viewer/2022070710/5ec567de0e30496ba64586c1/html5/thumbnails/37.jpg)
With IstioTraffic flow separated from infrastructure
Canary
Default
10% canariesIstio Load Balancing
90% of traffic
10% of traffic
![Page 38: Lakshmi Sharma, Director Product Management, Networking ... · Lakshmi Sharma, Director Product Management, Networking, Google Cloud . 2 IT must now manage across legacy on-prem,](https://reader036.vdocuments.mx/reader036/viewer/2022070710/5ec567de0e30496ba64586c1/html5/thumbnails/38.jpg)
Traffic steeringdestination: pictures.example.localmatch: httpHeaders: user-agent: regex: ^(.*?;)?(iPhone)(;.*)?$precedence: 2route:- tags: version: 2.0-alpha env: staging
pictures
version: 2.0-alpha env: staging
version: 1.5env: prod
Proxy
Frontend
Pictures
Proxy
Pictures
Proxy
![Page 39: Lakshmi Sharma, Director Product Management, Networking ... · Lakshmi Sharma, Director Product Management, Networking, Google Cloud . 2 IT must now manage across legacy on-prem,](https://reader036.vdocuments.mx/reader036/viewer/2022070710/5ec567de0e30496ba64586c1/html5/thumbnails/39.jpg)
Regular communication
Frontend Payments
![Page 40: Lakshmi Sharma, Director Product Management, Networking ... · Lakshmi Sharma, Director Product Management, Networking, Google Cloud . 2 IT must now manage across legacy on-prem,](https://reader036.vdocuments.mx/reader036/viewer/2022070710/5ec567de0e30496ba64586c1/html5/thumbnails/40.jpg)
Automatic secured Communication
Citadel
Istio Control Plane
Proxy
Frontend
Proxy
Payments
![Page 41: Lakshmi Sharma, Director Product Management, Networking ... · Lakshmi Sharma, Director Product Management, Networking, Google Cloud . 2 IT must now manage across legacy on-prem,](https://reader036.vdocuments.mx/reader036/viewer/2022070710/5ec567de0e30496ba64586c1/html5/thumbnails/41.jpg)
DOCKER
KUBERNETES
SPINNAKER
ISTIO+gRPC
Package applications
Run applications
Manage application
Connect and secure applications
![Page 42: Lakshmi Sharma, Director Product Management, Networking ... · Lakshmi Sharma, Director Product Management, Networking, Google Cloud . 2 IT must now manage across legacy on-prem,](https://reader036.vdocuments.mx/reader036/viewer/2022070710/5ec567de0e30496ba64586c1/html5/thumbnails/42.jpg)
Some important Links
https://cloud.google.com/solutions/hybrid-and-multi-cloud-patterns-and-practices
IO201-Best practices using Kubernetes, Spinnaker and Istio to Manage a Multi-cloud Environment
Best Practices from Google SRE: How You Can Use Them with GKE + Istio
https://cloud.google.com/containers/
https://cloud.google.com/kubernetes-engine/
https://cloud.google.com/istio/
![Page 43: Lakshmi Sharma, Director Product Management, Networking ... · Lakshmi Sharma, Director Product Management, Networking, Google Cloud . 2 IT must now manage across legacy on-prem,](https://reader036.vdocuments.mx/reader036/viewer/2022070710/5ec567de0e30496ba64586c1/html5/thumbnails/43.jpg)
43
Thank you