Modal Title
Cloud Native Ecosystem Containers Edge Computing Microservices Networking Serverless Storage
A Is for OpenStack Antelope
Mar 22nd 2023 7:41am, by Steven J. Vaughan-Nichols
Grab a Snapshot of Your Container Image with Checkpoint
Mar 11th 2023 6:00am, by Jack Wallen
How to Identify Your Wasteful Processes
Mar 6th 2023 7:00am, by Sean Scott
5 Things to Consider When Building a Kubernetes Platform
Mar 2nd 2023 10:00am, by Ram Iyengar
TrueNAS SCALE Network Attached Storage Meets High Demand
Mar 2nd 2023 7:13am, by Jack Wallen
Check for Container Image Vulnerabilities with Trivy
Mar 18th 2023 6:00am, by Jack Wallen
Grab a Snapshot of Your Container Image with Checkpoint
Mar 11th 2023 6:00am, by Jack Wallen
How to Work with Containers in TrueNAS
Mar 4th 2023 6:00am, by Jack Wallen
From a Fan: On the Ascendance of PostgreSQL
Mar 3rd 2023 7:12am, by Josh Long
Analyst Report: What CTOs Must Know about Kubernetes and Containers 
Feb 28th 2023 6:14am, by Jess Lulka
Rich Harris Talks SvelteKit and What’s Next for Svelte
Mar 20th 2023 3:00am, by Loraine Lawson
The Distance from Data to You in Edge Computing
Mar 19th 2023 6:00am, by Paul Scanlon
7 Hardware Devices for Edge Computing Projects in 2023
Mar 15th 2023 6:42am, by Charles Mahler
The Need for Speed: Why Eleventy Leaves Bundlers Behind
Mar 10th 2023 8:18am, by Loraine Lawson
What the Heck Is the Edge — and Why Should You Care?
Mar 8th 2023 10:00am, by Glauber Costa
What Is Microservices Architecture?
Feb 23rd 2023 4:22am, by Eric Schabell
Java's History Could Point the Way for WebAssembly
Jan 12th 2023 3:00am, by B. Cameron Gain
Limiting the Deployment Blast Radius
Nov 15th 2022 8:14am, by Steven Lohrenz
Do ... or Do Not: Why Yoda Never Used Microservices
Oct 25th 2022 6:00am, by Samar Abbas
The Gateway API Is in the Firing Line of the Service Mesh Wars 
Oct 17th 2022 7:00am, by B. Cameron Gain
JWTs: Connecting the Dots: Why, When and How
Mar 20th 2023 7:10am, by Michal Trojanowski
Palo Alto Networks Adds AI to Automate SASE Admin Operations
Mar 17th 2023 6:00am, by Chris J. Preimesberger
TrueNAS SCALE Network Attached Storage Meets High Demand
Mar 2nd 2023 7:13am, by Jack Wallen
How Secure Is Your API Gateway?
Feb 28th 2023 5:16am, by Andrew Stiefel
Bullet-Proofing Your 5G Security Plan
Feb 24th 2023 7:24am, by Anand Oswal
Serverless WebAssembly for Browser Developers
Mar 22nd 2023 12:26pm, by Matt Butcher
ScyllaDB’s Incremental Changes: Just the Tip of the Iceberg
Mar 20th 2023 9:29am, by George Anadiotis
TriggerMesh: Open Sourcing Event-Driven Applications
Mar 13th 2023 12:14pm, by Jessica Wachtel
Ably Touts Real-Time Starter Kits for Vercel and Netlify
Mar 8th 2023 10:56am, by Loraine Lawson
Going Serverless on AWS Lambda? Recognize Potential Risks 
Mar 6th 2023 5:00am, by Sarabjeet Chugh
ScyllaDB’s Incremental Changes: Just the Tip of the Iceberg
Mar 20th 2023 9:29am, by George Anadiotis
Historical Data and Streaming: Friends, Not Foes
Mar 20th 2023 4:00am, by Michael Drogalis
Bosch IoT and the Importance of Application-Driven Analytics
Mar 9th 2023 8:30am, by Jay Runkel
How to Work with Containers in TrueNAS
Mar 4th 2023 6:00am, by Jack Wallen
From a Fan: On the Ascendance of PostgreSQL
Mar 3rd 2023 7:12am, by Josh Long
Frontend Development Software Development Typescript WebAssembly Cloud Services Data Machine Learning Security
Vercel Brings Logging, Monitoring to Its Observability Suite
Mar 22nd 2023 3:00am, by Jessica Wachtel
JavaScript Library Lets Devs Add AI Capabilities to Web
Mar 20th 2023 10:32am, by Loraine Lawson
Rich Harris Talks SvelteKit and What’s Next for Svelte
Mar 20th 2023 3:00am, by Loraine Lawson
The Distance from Data to You in Edge Computing
Mar 19th 2023 6:00am, by Paul Scanlon
Build Machine Learning Apps in Your Notebook with Tecton
Mar 15th 2023 6:00am, by Richard MacManus
Serverless WebAssembly for Browser Developers
Mar 22nd 2023 12:26pm, by Matt Butcher
Cloud Malware: Types of Attacks and How to Defend Against Them
Mar 22nd 2023 10:13am, by Faith Kilonzi
Bring Purpose to API Product Development with APIOps Cycles
Mar 22nd 2023 9:16am, by Robert Kimani
Build Software Supply Chain Trust with a DevSecOps Platform
Mar 21st 2023 8:23am, by Diego Lapiduz
Get More out of Machine Learning with Data Preprocessing
Mar 21st 2023 5:00am, by Alexander T. Williams
JavaScript or WebAssembly: Which Is More Energy Efficient and Faster?
Jan 30th 2023 9:51am, by Loraine Lawson
What TypeScript Brings to Node.js
Dec 26th 2022 3:00am, by Paul Ferrill
Improve your TypeScript Skills with Type Challenges
Nov 11th 2022 3:00am, by Danni White
TypeScript on Mars: How HubSpot Brought TypeScript to Its Product Engineers
Aug 19th 2022 10:00am, by George Kemp and Duncan Walter
PayPal Enhances JavaScript SDK with TypeScript Type Definitions
Aug 17th 2022 12:38pm, by Jessica Wachtel
Serverless WebAssembly for Browser Developers
Mar 22nd 2023 12:26pm, by Matt Butcher
MIT-Created Compiler Speeds up Python Code
Mar 14th 2023 11:38am, by Loraine Lawson
Can WebAssembly Solve Serverless's Problems?
Mar 3rd 2023 5:13am, by B. Cameron Gain
Figma Targets Developers While it Waits for Adobe Deal News
Feb 27th 2023 9:42am, by Richard MacManus
Is WebAssembly Really the Future? 
Feb 24th 2023 7:38am, by B. Cameron Gain
Unlock the Next Wave of Machine Learning with the Hybrid Cloud
Mar 22nd 2023 10:00am, by Kjell Carlsson
Getting the Most from Kubernetes Autoscaling
Mar 21st 2023 7:06am, by Brian Likosar
ScyllaDB Challenges DynamoDB on Latency and Pricing
Mar 20th 2023 9:00am, by Jessica Wachtel
Multiple Vendors Make Data and Analytics Ubiquitous
Mar 20th 2023 5:00am, by Andrew Brust
Let’s Talk about Cloud Threat Hunting 
Mar 16th 2023 7:33am, by Guilherme (Gui) Alvarenga
Get More out of Machine Learning with Data Preprocessing
Mar 21st 2023 5:00am, by Alexander T. Williams
JavaScript Library Lets Devs Add AI Capabilities to Web
Mar 20th 2023 10:32am, by Loraine Lawson
ScyllaDB’s Incremental Changes: Just the Tip of the Iceberg
Mar 20th 2023 9:29am, by George Anadiotis
ScyllaDB Challenges DynamoDB on Latency and Pricing
Mar 20th 2023 9:00am, by Jessica Wachtel
Multiple Vendors Make Data and Analytics Ubiquitous
Mar 20th 2023 5:00am, by Andrew Brust
Unlock the Next Wave of Machine Learning with the Hybrid Cloud
Mar 22nd 2023 10:00am, by Kjell Carlsson
Get More out of Machine Learning with Data Preprocessing
Mar 21st 2023 5:00am, by Alexander T. Williams
Multiple Vendors Make Data and Analytics Ubiquitous
Mar 20th 2023 5:00am, by Andrew Brust
Apache Cassandra: The Data Foundation for Real-Time AI 
Mar 17th 2023 7:00am, by Matt Kennedy
Palo Alto Networks Adds AI to Automate SASE Admin Operations
Mar 17th 2023 6:00am, by Chris J. Preimesberger
How 2 Founders Sold Their Startup to Aqua Security in a Year
Mar 22nd 2023 1:42pm, by Heather Joslyn
Cloud Malware: Types of Attacks and How to Defend Against Them
Mar 22nd 2023 10:13am, by Faith Kilonzi
Build Software Supply Chain Trust with a DevSecOps Platform
Mar 21st 2023 8:23am, by Diego Lapiduz
JWTs: Connecting the Dots: Why, When and How
Mar 20th 2023 7:10am, by Michal Trojanowski
Check for Container Image Vulnerabilities with Trivy
Mar 18th 2023 6:00am, by Jack Wallen
Platform Engineering Operations CI/CD Tech Life DevOps Kubernetes Observability Service Mesh
Build Software Supply Chain Trust with a DevSecOps Platform
Mar 21st 2023 8:23am, by Diego Lapiduz
Simplify CI/CD with a General-Purpose Software Catalog
Mar 14th 2023 6:24am, by Zohar Einy
Enabling DevOps Control for Those Who Need It Most — Developers
Mar 13th 2023 6:46am, by Venkat Thiruvengadam
Setting Kubernetes Standards with Platform Engineering
Mar 10th 2023 7:39am, by Zohar Einy
Which Features Does Your Platform Engineering Portal Need?
Mar 7th 2023 4:00am, by B. Cameron Gain
Observability — Freeing Your Load Tests from the Black Box
Mar 22nd 2023 8:26am, by Ken Hamric
Reducing the Cognitive Load Associated with Observability
Mar 22nd 2023 6:44am, by Alex Gervais
Is Your Incident Response Better Than an Energy Company’s?
Mar 21st 2023 9:04am, by Paige Cruz
Getting the Most from Kubernetes Autoscaling
Mar 21st 2023 7:06am, by Brian Likosar
Defining DORA-Like Metrics for Security Engineering
Mar 17th 2023 9:00am, by Daniel Koch
How 2 Founders Sold Their Startup to Aqua Security in a Year
Mar 22nd 2023 1:42pm, by Heather Joslyn
Simplify CI/CD with a General-Purpose Software Catalog
Mar 14th 2023 6:24am, by Zohar Einy
IBM Donates SBOM Code to OWASP
Mar 7th 2023 7:51am, by Steven J. Vaughan-Nichols
Slim.AI: Automating Vulnerability Remediation for a Shift-Left World
Feb 21st 2023 10:00am, by John Amaral
DevPod: Uber's MonoRepo-Based Remote Development Platform
Jan 26th 2023 3:00am, by Jessica Wachtel
How 2 Founders Sold Their Startup to Aqua Security in a Year
Mar 22nd 2023 1:42pm, by Heather Joslyn
Stephen Thaler Claims He's Built a Sentient AI
Mar 16th 2023 8:10am, by David Cassel
How Tech Leaders Are Managing Anxieties after SVB Failure
Mar 15th 2023 10:59am, by Heather Joslyn and Colleen Coll
Chatops: Where Automation, Collaboration and DevOps Culture Meet
Mar 15th 2023 8:19am, by Blair Rampling
What We Can Learn from Twitter's Outages
Mar 13th 2023 9:00am, by Jennifer Riggins
Historical Data and Streaming: Friends, Not Foes
Mar 20th 2023 4:00am, by Michael Drogalis
Defining DORA-Like Metrics for Security Engineering
Mar 17th 2023 9:00am, by Daniel Koch
Chatops: Where Automation, Collaboration and DevOps Culture Meet
Mar 15th 2023 8:19am, by Blair Rampling
Build Machine Learning Apps in Your Notebook with Tecton
Mar 15th 2023 6:00am, by Richard MacManus
Is Cluster API Really the Future of Kubernetes Deployment?
Mar 14th 2023 10:00am, by Steve Francis
A Is for OpenStack Antelope
Mar 22nd 2023 7:41am, by Steven J. Vaughan-Nichols
Getting the Most from Kubernetes Autoscaling
Mar 21st 2023 7:06am, by Brian Likosar
Is Cluster API Really the Future of Kubernetes Deployment?
Mar 14th 2023 10:00am, by Steve Francis
Can WebAssembly Solve Serverless's Problems?
Mar 3rd 2023 5:13am, by B. Cameron Gain
5 Things to Consider When Building a Kubernetes Platform
Mar 2nd 2023 10:00am, by Ram Iyengar
Reducing the Cognitive Load Associated with Observability
Mar 22nd 2023 6:44am, by Alex Gervais
Vercel Brings Logging, Monitoring to Its Observability Suite
Mar 22nd 2023 3:00am, by Jessica Wachtel
Is Your Incident Response Better Than an Energy Company’s?
Mar 21st 2023 9:04am, by Paige Cruz
Why Audit Logs Are Important
Mar 16th 2023 8:34am, by James Walker
5 Steps to Effective Cloud Detection and Response 
Mar 15th 2023 10:30am, by Faith Kilonzi
Ambient Mesh: Sidestepping the Sidecar
Mar 1st 2023 8:44am, by Jeff Goldman
Service Mesh Demand for Kubernetes Shifts to Security
Oct 27th 2022 11:04am, by B. Cameron Gain
AmeriSave Moved Its Microservices to the Cloud with Traefik's Dynamic Reverse Proxy
Sep 8th 2022 2:02pm, by Ann R. Thryft
Can You Now Safely Remove the Service Mesh Sidecar?
Sep 8th 2022 9:19am, by B. Cameron Gain
eBPF or Not, Sidecars are the Future of the Service Mesh
Aug 12th 2022 10:00am, by William Morgan
Cloud Native Ecosystem / Kubernetes / Service Mesh

How Service Mesh Transforms Cloud Native App Development 

Sep 23rd, 2019 1:00pm by
Featued image for: How Service Mesh Transforms Cloud Native App Development 

Brendan Burns, Distinguished Engineer, Microsoft
Brendan Burns is a Kubernetes co-founder, and now a Distinguished Engineer at Microsoft, leading development efforts for Azure Container Service (AKS), Azure Container Instances, Azure Cloud Shell and Azure Resource Manager. He lives with his family in Seattle, WA.

Kubernetes is transformative for many reasons, but one of the most important is that its API was designed with the developer in mind. Instead of infrastructure objects like machines, disks and networks, in Kubernetes you create Deployments and Services. You are still using compute, networking and storage, but the resources you create are aligned to application development.

However, running processes inside containers or Pods in Kubernetes is not the whole story. An application is more than its running code, it is also defined by its network communication. These messages and characteristics like topology, routing, metrics and access control define the distributed system as much as its container image.

Thus, it is clear that an application-oriented API that defines application communication is a critical part of the cloud native developer experience, and these APIs have come to be known generically as Service Mesh APIs. Service Mesh APIs enable application developers to express the connectivity for their distributed application using declarative resources that are developer-friendly. The concrete details of how this application connectivity is achieved is left to the specific mesh implementation like, Consul, Linkerd, Istio or Envoy.

An application is more than its running code, it is also defined by its network communication. These messages and characteristics like topology, routing, metrics and access control define the distributed system as much as its container image.

The decoupling between Service Mesh user and Service Mesh implementation is an example of a critical Kubernetes design principle. Namely modular composability and decoupled layering of infrastructure using declarative APIs. This design principle has led Kubernetes to be made up of numerous generic pluggable APIs. Examples of this include cloud-provider bindings that allow Kubernetes to work across Azure, AWS, Google and more; as well as the CNI (Container Networking Interface), CSI (Container Storage Interface) and CRI (Container Runtime Interface) which generically define how a container interacts with Compute, Networking and Storage.

The Service Mesh Interface (SMI) provides the same generic API for Service Mesh concepts. SMI is a generic interface that presents core Service Mesh concepts in an implementation neutral way. It captures the core ideas in Service Mesh but provides an abstraction above any specific Service Mesh implementation like Istio, Linkerd or Consul.

Separating API specification from implementation has created value throughout the Kubernetes ecosystem, and that same value can be realized for Service Mesh technologies. A generic API enables people to build portable applications that can be easily migrated from on-premise to cloud-based clusters, or to migrate between various public clouds. Further, standardizing our discussions on generic interfaces enables a worldwide community to discuss and, more importantly, teach the same set of concepts and resources regardless of how they are implemented. A common interface means developers can build useful tooling that can be used by the entire ecosystem.

Perhaps most importantly, a generic API future proofs newer technology like Service Mesh. When an API and implementation are tightly bound together, taking on a new API (or set of APIs) is a fraught choice. If the implementation turns out, after a time, to be unsuitable, then changing out the implementation requires major surgery and relearning of concepts and tooling since the API and implementation are joined at the hip. A generic API changes this equation, since the user is abstracted away from the implementation of the API, the implementation can be swapped with little change. This means that the success of adopting a mesh isn’t bound up in the success of any particular implementation, and that in turn means that adopting a newer technology like Service Mesh has fewer risks.

The Service Mesh Interface is designed to be a simple API that is easy to understand and implement, thus it is defined by only four concepts:

  • A Route defines a path into or out of an application via either HTTP or TCP
  • A TrafficTarget describes whether an application may call (or receive calls) on a particular set of Routes.

  • A TrafficSplit describes how traffic should be split between two (or more) Kubernetes services for the purposes of experimentation.

  • TrafficMetrics describes a generic metrics endpoint for obtaining application traffic statistics.

With this API the core application-oriented structure of an application can be defined in a developer-oriented manner.

Of course, the primary concern of such an interface is that it is a “lowest-common denominator” and thus useful to none. This is always a concern with interface APIs. The way to address it is by embracing both vendor-specific annotations, and evolution of the spec over time. Our inspiration in this evolution is OpenGL which has been successful despite similar tensions between generic API and specific graphics card capabilities. Within the SMI, APIs vendor-specific annotations will always exist and won’t be portable. However, the most popular vendor-specific features will be embraced and added to the specification over time. In this way, the evolution aspires to ensure that most users can be successful in managing their Service Meshes via the SMI API.

Kubernetes marks the beginning of the transformation to an application and developer-oriented cloud API. SMI is an important next step down this road.

Group Created with Sketch.
SHARE THIS STORY
RELATED STORIES
How to Build The Right Platform for Kubernetes How Do We Cultivate Community within Cloud Native Projects? Grab a Snapshot of Your Container Image with Checkpoint Microsoft Makes Azure Load Testing Generally Available I Need to Talk to You about Kubernetes GitOps
RELATED STORIES
5 Things to Consider When Building a Kubernetes Platform 4 Cloud Security Considerations for Financial Services Firms I Need to Talk to You about Kubernetes GitOps Choosing the Right Container Native Storage for AWS Public Cloud How Do We Cultivate Community within Cloud Native Projects?
THE NEW STACK UPDATE A newsletter digest of the week’s most important stories & analyses.