So you think you can scale containers
-
Upload
lori-macvittie -
Category
Technology
-
view
50 -
download
0
Transcript of So you think you can scale containers
SO YOU THINK YOU CAN
S C A L E @F5Networks containers?
☺
Why do we scale?
=
100 Milliseconds Slower
-1% SALES -0.2% SEARCHES -2% CONVERSION
$660M $45M $244M
H/T James Urquhart, SOASTA Data: Gartner, Walmart
1 Minute of Downtime
Data: Emerson Power
Costs an average of $7300
Average total cost of downtime per year across industries
PRODUCTIVITY IT PRODUCTIVITY LOST REVENUE
$53,608$140,543 $183,724
UP OUT
How do we scale today?
But architectures and apps are changing
THEN
MONOLITHIC MICROSERVICES & APIs
NOW
And so are environments
THEN NOW
DATA CENTERS & SERVERS CLOUDS & CONTAINERS
COMMS INCREASES EXPONENTIALLY
THEN NOW
SMALLER CAPACITY MEANS MORE CLONES
THEN NOW
RAPID CHANGES MAKE SCALING HARD
NOWTWO MINUTES AGO
REVERSE PROXY
THEN NOW
FORWARD PROXY
• NATIVE CONSTRUCT• BASED ON IP TABLES• LIMITED to IP:PORT
REVERSE PROXY
• EPHEMERAL CONSTRUCT• BASED ON IP TABLES• LIMITED to IP:PORT
SIDECAR PROXY
• PLUG-IN CONSTRUCT• FORWARD PROXY• L7 CAPABLE
LAYER 1
LAYER 2
LAYER 3 (IP)
LAYER 4 (TCP)
LAYER 5
LAYER 6
LAYER 7 (HTTP)
LAYER 7.5 (TAGS)
LAYER 4.5 (MESH)
LAYER 2.5 (OVERLAY - VXLAN)
TRADITIONAL OSI STACKAssumes underlying protocols behave consistently and reliably. Relies on proper adherence to and reliability of lower order protocols.
CONTAINER OVERLAY STACKAssumes underlying protocols exist but are unreliable. Implements its own routing and reliability constructs to avoid failure of and reliance on lower order protocols.
BUILDING A SERVICE MESH
A SERVICE MESH
Circuit breakers
Auto-Retries
A network of sidecar proxies that form a reliable method of scale that includes:
Health monitoring
HTTP Routing
HTTP ROUTINGLike Google maps, but for your apps
URI & method
host
custom
Cookie
GET /path/to/my/service/with/variables
http://host.domain.xxx
request
headers
X-API-version: 1
Cookie: 09124890tlsgkq3i3KJSDLFJ)*@$#()You encrypt your cookies, right? RIGHT?!
RETRIESDO OVER! • CONGESTION
• CAPACITY • FAILURE• REJECTION
☺
CIRCUIT BREAKERSSTOP TRYING ALREADY
MONITORINGIF I’M NOT HOME, DO YOU STILL DRIVE TO MY HOUSE?
Service is unavailable
Service is slow
Service is returning errors
SCALING CONTAINERSSMARTER and FASTER : SERVICE MESH
Must be L7 (HTTP) fluent
Delegate instead of dictate
Monitoring is not optional
Collaborative not constant
THANK YOU!@F5Networks