Achieve Compliance, Zero Trust with Istio Ambient Mesh


Service Mesh for the Developer Workflow Series

February 19, 2020

The Service Mesh is often presented as a solution for network engineering and system operability, increasing security, reliability, and observability. However, service mesh is also an incredibly useful tool for developers, and understanding how to leverage this technology can dramatically simplify a developer’s day to day workflow.

This video series featuring Christian Posta and Nic Jackson takes a discussion and demo form of a workshop they jointly led at Kubecon North America.

At the end of this series, you will understand the following:

  • How to use metrics and distributed tracing effectively
  • Reliability patterns like retries, timeouts, and circuit breaking
  • How to leverage Canary deployments
  • How to effectively debug distributed systems

The videos feature cloud-native, open-source technology including: Envoy Proxy, Prometheus, Gloo, GlooShot, HashiCorp Consul Connect service mesh, Loop, Squash, Open Census and more in this

This five episode video series includes the following topics:

  • Introduction to Service Mesh for the Developer Workflow
  • API Gateways
  • Distributed Tracing
  • Canary Deployments
  • Microservice Debugging

Questions? Start a discussion on the community slack or request a meeting to discuss your use case. Subscribe to our Youtube to get the latest videos.

Episode 1: Overview and Introduction

To kick things off, our speakers discuss what is a service mesh, how it works and the changing networking patters as we evolve to microservices or cloud-native architecture. In this session we are introduced to the growing importance of APIs, north-south, and east-west traffic paths.


Episode 2: API Gateways

As application architecture evolves to distributed microserivces living alongside traditional monoliths and serverless functions, APIs become even more important for developers for integrating different services across their application. How the APIs are exposed, managed and consumed are changing as the application environments are becoming increasingly decentralized and dynamic. This episode covers how new proxy technology like Envoy are addressing that and the new control planes developed to manage the modern data plane.


Episode 3: Distributed Tracing

Distributed tracing, is a method used to profile and monitor microservices applications, to help pinpoint where failures occur and what causes poor performance. As microservices architecture can consist of potentially hundreds of application services that are loosely coupled together, distributed across systems, dynamically scaling up, down, changing, and ephemeral — the notion of traditional application monitoring no longer applies. This talk explains the principles of distributed tracing, how service mesh can enable it and demonstrates how it can be used to monitor the behavior of a distributed application.


Episode 4: Canary Deployments

The promise of microservices architecture is to continuously deploy new changes to any of the services that make up your application – and in some cases it can be hundreds of loosely coupled services. When an application environment is this dynamic, it can be challenging to diagnose and understand when a problem occurs, especially if new versions are shipped tens to hundreds of times a day. Canary deployment is a technique to control the impact of a new release until it is verified that no issue exists. This deployment technique deploys a new version of the application into production but controls the amount of end users that can access the new version while the remaining end users access the old version. Once the engineer observes that the application behavior is as designed and the end user experience is not negatively impacted, they can route the remaining traffic to the new version and retire the old version of the service.  This talk covers how service mesh can provide a networking layer to facilitate canary deployments for your microservices.

Episode 5: Debugging Microservices 

Distributed microservices are great to quickly innovate and ship new features more often but they also present new challenges because existing developer tools were not designed for this type of environment. As the application architecture evolves to be distributed, loosely coupled and ephemeral services, so must the stress testing and debugging framework. This talk covers how we could look at a service mesh as not only as a layer to facilitate service to service communication but an enabling layer for new tools to proactively test, record failures and debug issues.


Episode 6: WebAssembly

Learn more about WebAssembly and the opportunities it brings to developers to customize Envoy proxy based technology, specially how to build HTTP filters for Consul Connect service mesh with WebAssembly. WebAssembly (abbreviated Wasm) is a binary instruction format for a stack-based virtual machine. Wasm is designed as a portable target for compilation of high-level languages like C/C++/Rust, enabling deployment on the web for client and server applications.