Nick Coult and Taiki Ono at Tetrate's Service Mesh Day 2019: “A Consistent Set of Envoys in Data Centers and App Mesh”
Nick Coult (AWS), fresh from going GA with App Mesh, and Tetrate’s Taiki Ono together presented the session, “Consistent Set of Envoys in Data Centers and App Mesh at Tetrate’s inaugural Service Mesh Day 2019 in San Francisco.
Coult opened with a few words about how AWS is thinking about service meshes and about application-level networking as the next generation of network. Service mesh liberates app developers from having to focus on networking issues that have nothing to do with those apps. If you’re focused on microservices architecture, iterating quickly and building applications, said Coult, what you want to focus on is your applications, how apps and services talk to each other, and how you control, secure and observe traffic. And your mesh should work across compute services.
Coult displayed an actual running mesh– an AWS X-Ray screen, to demonstrate the logical structure of the mesh, how the proxy can be configured to route a request, how the request can go to a virtual service that doesn’t really exist, and how the mesh operator can change these rules on the fly across compute platforms.
If you imagine scaling up to hundreds of thousands of services, running in different compute platforms, said Coult, then you start to have to wonder how you’ll know that you’re running the right Envoy everywhere, and that it’s an Envoy that you trust.
This is the point of Tetrate’s GetEnvoy offering, as our engineer Taiki Ono went on to describe.
GetEnvoy offers the latest, reliable daily updated pre-build Envoy binaries for multi-platform support, which means it can run with CentOs, Ubuntu, macOS, and other servers. It simplifies installation, management and upgrades for each Envoy instance, with a GetEnvoy CLI for a local development environment. For the production environment, we’re planning to offer configuration management support so that users adopting Envoy can start out with the right configuration. Consistent network communication is a key benefit of service mesh, and GetEnvoy supports consistency across Envoy instances, even in multi-cloud and hybrid environments. And Tetrate also offers support over Slack with Tetrate engineers and Envoy maintainers Lizan Zhou and Dhi Aurrahman.
App Mesh works with GetEnvoy by offering an xDS endpoint via the internet, so all we have to do is set up a proper certificate. We need an AWS IAM extension on Envoy, and to pass IAM credentials to the Envoy instance. App Mesh doesn’t now offer service discovery, so we set up DNS service discovery. And lastly, we have to set up Network Address Translation (NAT) to capture in-going and out-ground traffic from app to Envoy.
Visit GetEnvoy.io to get set up with service mesh and its network proxy, Envoy.