The document is a presentation about AWS App Mesh. It discusses microservices and the challenges they present for communication and observability across services. It introduces the concept of a service mesh to help manage these challenges. The presentation then focuses on AWS App Mesh, describing how it implements a service mesh using the Envoy proxy to provide traffic management, observability, and control plane functions across AWS services like ECS, EKS, and EC2. It provides an overview of App Mesh's current capabilities and roadmap.

1. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T
AWS App Mesh: Manage services mesh
discovery, recovery, and monitoring
Brent Langston
Sr. Developer Advocate
AWS Containers & App Mesh
Amazon Web Services
M A D 3 0 2

2. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T
Agenda
Microservices
Service Mesh
AWS App Mesh
Ecosystem

3. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T
Agenda
Microservices
What do we mean by microservices and what’s the problem?
Service Mesh
What’s a service mesh and why would we want one?
App Mesh
Orientation and demo walkthrough.
Ecosystem
Our roadmap, partners, and where to go for more info.

4. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T
Microservices
Don’t get hung up on definition
Important architectural pattern for modern cloud applications
Made pragmatic by container technology

5. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T
Microservices
Don’t get hung up on definition
Develop, deploy, maintain, and evolve parts of an application separately.
Important architectural pattern for modern cloud applications
Optimize use of self-service, on-demand compute resources.
Made pragmatic by container technology
Strong process isolation, small footprint, fast start time, and resource scheduling.

6. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T
Microservices
Good for developers
Good for enterprise

7. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T
Microservices
Good for developers
Smaller components are easier to write and debug—increases velocity.
Good for enterprise
Better developer velocity—decreases time to market.

8. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T
Microservices
Good for developers
Smaller components are easier to write and debug—increases velocity.
Good for business
Better developer velocity—decreases time to market.
Good for DevOps/infrastructure teams . . . ?
It’s complicated.

9. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T
Microservices
Good for DevOps/infrastructure teams . . . ?
It’s complicated.
Can be easier to reason about and optimize
- resource consumption
- scaling performance
Increased challenges around
- configuration of many communicating parts
- identification/resolution of many more possible points of failure

11. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T
Challenges
Controlling application-level communication across different
- compute environments
- container orchestrators
- clusters
Keeping configuration synchronized with dynamic state as
- communication circuits fail and recover
- replicas scale out and back under variable load
End-to-end observability
- logs/metrics/distributed tracing

12. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T
What you really (really) need for success (and sanity)
Reliable communication between service nodes
Ability to control routing through policy
React autonomously and responsively to dynamically changing state
Uniform, dependable, non-invasive mechanism for observability
All decoupled from application code and applied in a standardized, declarative,
and reliable fashion.

13. B
C
A
D

14. B
CA D
A
B
C D

15. B
CA D
A
B
C D
D

16. B
CA D
A
B
C D

17. B
CA D
A
B
C D

18. B
CA D
A
B
C D

19. B
CA D
A
B
C D

20. B
CA D
A
B
C

21. B
CA D
A
B
C D

22. B
CA D
A
B
C D

23. B
CA D
A
B
C D

24. B
C1
A
D
C2

25. B
c1A D
c2
A
B
c1
c2
D

26. B
A D
c2
A
B
c2
D

27. B
A D
c2
A
B
c2
D

28. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T
The sidecar proxy pattern
All service-to-service traffic
(“east-west”) routed to out-
of-process sidecar proxy
Proxy
Microservice
All service ingress/egress
traffic flows through the
proxy

29. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T
The sidecar proxy pattern
Proxy
Microservice
Proxy
Discovery
Routing
Monitoring
Microservice
App logic

30. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T
The sidecar proxy pattern
with containers
Proxy
Microservice
Task or Pod

31. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T
Why sidecar proxy vs. libraries or app code ?
Overall—migrate to microservices safer and faster
Reduce work required by
developers
Follow best practices Use any language
or platform
Simplify visibility,
troubleshooting, and
deployments

32. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T
Sidecar proxy—foundation of a service mesh
In general
sidecar proxies are used as a common building block for implementing a service
mesh.
Enables service-to-service communication control and observability
as a dedicated function outside of the application layer.

33. B
A D
c2
A
B
c2
D

34. B
C1
A
D
C2

35. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T
This is what App Mesh does

36. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T
And it does it continuously

37. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T
App Mesh uses Envoy proxy
OSS community project
Wide community support, numerous integrations
Stable and production-proven
Graduated project in Cloud Native Computing Foundation
Started at Lyft in 2016

38. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T
Why App Mesh?
http/tcp
Service
team A
Service
team B
Common need: Manage inter-service traffic
How to generate uniform logs,
metrics, and traces
How to load balance traffic
How to shift traffic between
deployments
How to decouple service teams
How to minimize impact to
application code

39. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T
Why App Mesh?
HTTP / TCP
Service
team A
Service
team B
Control plane
Translates logical intent to proxy config
Distributes proxy config
Proxy
Sits between all services
Manages and observes traffic
Control plane

40. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T
App Mesh: Application-level communication across AWS
Amazon Elastic Container
Service (Amazon ECS)
AWS Fargate
Amazon Elastic Kubernetes
Service (Amazon EKS)
Amazon Elastic Compute
Cloud (Amazon EC2)
AWS App Mesh
Kubernetes on EC2

41. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T
App Mesh—application observability
Logging
HTTP access logging
Amazon CloudWatch Logs
Available as container logs on Amazon
ECS, Amazon EKS,
Fargate
Metrics
CloudWatch metrics
StatsD (with tags)
Prometheus
Tracing
AWS X-Ray
Other Envoy tracing drivers

42. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T
App Mesh—client-side traffic management
Traffic shaping
Load balancing
Weight targets
Service discovery (DNS + AWS Cloud Map)
Health checks
Retries*
Timeouts*
Circuit breakers*
Routing controls
Protocols support (HTTP, TCP, gRPC*)
Path-based
Header-based*
Cookie-based*
Host-based*
*Coming soon

43. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T
App Mesh is generally available worldwide
Observability and traffic control
Easily export logs, metrics, and traces
Client-side load balancing, routing
AWS container services compatibility
Amazon ECS
Amazon EKS
Fargate
EC2 compatibility
Integrate with services running directly on EC2 instances

44. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T

45. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T
Demo notes
Mesh
Virtual node
Virtual router and routes
Virtual service
Create and manage these in App Mesh
API, CLI, SDK, or
AWS Management Console
Proxies
Services
Service discovery
Configure and run proxies and services
on Amazon ECS, Fargate, Amazon EKS,
Amazon EC2
Service discovery with
AWS Cloud Map

46. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T

47. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T
Partners

48. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T

49. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T
Roadmap
Today
Client-side load balancing
Path-based routing
Egress traffic
AWS Cloud Map service discovery
App Mesh console
X-Ray tracing
Envoy-supported tracing
CloudWatch Logs, metrics
StatsD, Prometheus metrics
Amazon ECS, Fargate integration
Amazon EKS integration
Amazon EC2 integration
Near term
AWS PrivateLink
AWS Cloud Map selectors
gRPC routing
Header-based routing
Cookie-based routing
Host-based routing
Timeout policy
Retry policy
Circuit breaker policy
End-to-end encryption
Longer term
mTLS
Mesh peering
Global rate limiting
Managed ingress
Other protocols

50. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T
Getting started
Product overview
https://aws.amazon.com/app-mesh
Documentation
https://docs.aws.amazon.com/app-mesh/index.html
Examples
https://github.com/aws/aws-app-mesh-examples
Issues, roadmap, beta channel
https://github.com/aws/aws-app-mesh-roadmap

51. Thank you!
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T
Brent Langston
@brentContained