Increasing Delivery Velocity with a Service Mesh at Indeed Joshua - - PowerPoint PPT Presentation

▶

Dec 19, 2022 166 likes •871 views

Increasing Delivery Velocity with a Service Mesh at Indeed Joshua Shanks Senior Software Engineer, Indeed Indeed is the #1 job site worldwide what where Software Engineer Seattle, WA Find Jobs 60 countries 30 languages 200M unique visitors

SLIDE 1

Joshua Shanks

Increasing Delivery Velocity with a Service Mesh at Indeed

Senior Software Engineer, Indeed

SLIDE 2

Indeed is the #1 job site worldwide

SLIDE 3

SLIDE 4

Software Engineer Seattle, WA

what where

Find Jobs

SLIDE 5

60 countries 30 languages 200M unique visitors 20M jobs

SLIDE 6

About me

SLIDE 7

Agenda

What is delivery velocity
Our motivations
Service mesh features
How it helps
Your options

SLIDE 8

Delivery Velocity

SLIDE 9

Delivery Velocity

Automated Service Creation

SLIDE 10

Delivery Velocity

Automated Service Creation
Self Service VM provisioning

SLIDE 11

Delivery Velocity

Automated Service Creation
Self Service VM provisioning
Self Service DB provisioning and migration

SLIDE 12

Delivery Velocity

Automated Service Creation
Self Service VM provisioning
Self Service DB provisioning and migration
Continuous Deployment & Integration

SLIDE 13

Where We Were

SLIDE 14

Where We Were

Proprietary

SLIDE 15

Where We Were

Proprietary
Java

SLIDE 16

Where We Were

Proprietary
Java
Data center Local

SLIDE 17

Where We Were

Proprietary
Java
Data center Local
Low Latency

SLIDE 18

Where We Were

Proprietary
Java
Data center Local
Low Latency
1 request = 1 connection

SLIDE 19

Where We Wanted To Be

Open source

SLIDE 20

Where We Wanted To Be

Open source
Language agnostic

SLIDE 21

Where We Wanted To Be

Open source
Language agnostic
gRPC, HTTP2, REST

SLIDE 22

Where We Wanted To Be

Open source
Language agnostic
gRPC, HTTP2, REST
Consul integration

SLIDE 23

Where We Wanted To Be

Open source
Language agnostic
gRPC, HTTP2, REST
Consul integration
Cross data center

SLIDE 24

Where We Wanted To Be

Open source
Language agnostic
gRPC, HTTP2, REST
Consul integration
Cross data center

SLIDE 25

Where We Are

SLIDE 26

Where We Are

SLIDE 27

Where We Are

SLIDE 28

Where We Are

SLIDE 29

Where We Were

SLIDE 30

Service Mesh

+

Linkerd Consul

SLIDE 31

Big Picture

SLIDE 32

Big Picture

SLIDE 33

Service Registration

SLIDE 34

Big Picture

SLIDE 35

Service Discovery

SLIDE 36

Classifiers

Error

○ HTTP 5XX ○ gRPC non-zero

Retryable

○ HTTP GET, HEAD, OPTIONS, TRACE ○ gRPC UNAVAILABLE (14)

SLIDE 37

Load Balancing

Power of Two Choices: Least Loaded

SLIDE 38

Load Balancing

Power of Two Choices: Least Loaded

SLIDE 39

Load Balancing

Power of Two Choices: Least Loaded

SLIDE 40

Load Balancing

Power of Two Choices: Least Loaded

SLIDE 41

Circuit Breaking

SLIDE 42

Circuit Breaking

SLIDE 43

Circuit Breaking

SLIDE 44

Circuit Breaking

SLIDE 45

Retries

1st Try

SLIDE 46

Retries

2nd Try

SLIDE 47

Delivery Velocity

SLIDE 48

Where we are now

Open Source

○

khttp h2c patch from Jaye Pitzeruse
Language agnostic

○ Java & Python

HTTP2

○ 95% 2ms added latency

Consul Integration
Cross Data center

SLIDE 49

Client Implementation

SLIDE 50

Client Implementation 1. Retrieve outbound port

SLIDE 51

Client Implementation 1. Retrieve outbound port port = Env.get("egressPort");

SLIDE 52

Client Implementation 1. Retrieve outbound port port = Env.get("egressPort"); cl = Client("http://localhost:" + port);

SLIDE 53

Client Implementation 1. Retrieve outbound port 2. Inject service header port = Env.get("egressPort"); cl = Client("http://localhost:" + port);

SLIDE 54

Client Implementation 1. Retrieve outbound port 2. Inject service header port = Env.get("egressPort"); cl = Client("http://localhost:" + port); req = cl.makeFooRequest(); req.setHeader("indeed-service", "ServiceB");

SLIDE 55

Service Implementation

SLIDE 56

Service Implementation

SLIDE 57

Future Plans

SLIDE 58

Future Plans

Transparent TLS
Authentication
Authorization
Rate Limiting
Tracing
Metrics
Chaosify

SLIDE 59

Future Plans

Transparent TLS
Authentication
Authorization
Rate Limiting
Tracing
Metrics
Chaosify

SLIDE 60

Future Plans

Transparent TLS
Authentication
Authorization
Rate Limiting
Tracing
Metrics
Chaosify

SLIDE 61

Future Plans

Transparent TLS
Authentication
Authorization
Rate Limiting
Tracing
Metrics
Chaosify

SLIDE 62

Future Plans

Transparent TLS
Authentication
Authorization
Rate Limiting
Tracing
Metrics
Chaosify

SLIDE 63

Future Plans

Transparent TLS
Authentication
Authorization
Rate Limiting
Tracing
Metrics
Chaosify

SLIDE 64

Linkerd

Finagle
Cloud Native Computing Foundation
Scala
HTTP
Plugin Support

SLIDE 65

Conduit

Kubernetes
Alpha
Rust & golang
TCP
Linkerd 2

SLIDE 66

Envoy

Lyft
CNCP
C++
TCP
Extensions

SLIDE 67

Istio

IBM & Google
Envoy underneath
golang
TCP
Security

SLIDE 68

Consul Connect

HashiCorp
Beta
golang
TCP
ACLs

SLIDE 69

Joshua Shanks

Increasing Delivery Velocity with a Service Mesh at Indeed

Senior Software Engineer, Indeed

Indeed is the #1 job site worldwide

what where

60 countries 30 languages 200M unique visitors 20M jobs

About me

Agenda

Delivery Velocity

Delivery Velocity

Delivery Velocity

Delivery Velocity

Delivery Velocity

Where We Were

Where We Were

Where We Were

Where We Were

Where We Were

Where We Were

Where We Wanted To Be

Where We Wanted To Be

Where We Wanted To Be

Where We Wanted To Be

Where We Wanted To Be

Where We Wanted To Be

Where We Are

Where We Are

Where We Are

Where We Are

Where We Were

Service Mesh

+

Linkerd Consul

Big Picture

Big Picture

Service Registration

Big Picture

Service Discovery

Classifiers

○ HTTP 5XX ○ gRPC non-zero

○ HTTP GET, HEAD, OPTIONS, TRACE ○ gRPC UNAVAILABLE (14)

Load Balancing

Load Balancing

Load Balancing

Load Balancing

Circuit Breaking

Circuit Breaking

Circuit Breaking

Circuit Breaking

Retries

Retries

Delivery Velocity

Where we are now

○

○ Java & Python

○ 95% 2ms added latency

Client Implementation

Client Implementation 1. Retrieve outbound port

Client Implementation 1. Retrieve outbound port port = Env.get("egressPort");

Client Implementation 1. Retrieve outbound port port = Env.get("egressPort"); cl = Client("http://localhost:" + port);

Client Implementation 1. Retrieve outbound port 2. Inject service header port = Env.get("egressPort"); cl = Client("http://localhost:" + port);

Client Implementation 1. Retrieve outbound port 2. Inject service header port = Env.get("egressPort"); cl = Client("http://localhost:" + port); req = cl.makeFooRequest(); req.setHeader("indeed-service", "ServiceB");

Service Implementation

Service Implementation

Future Plans

Future Plans

Future Plans

Future Plans

Future Plans

Future Plans

Future Plans

Linkerd

Conduit

Envoy

Istio

Consul Connect

Thanks for coming

jshanks@indeed.com jjshanks