Service Mesh Agility Stability Aspen Mesh

Agility with Stability: Why You Need a Service Mesh

“Move fast and break things” may have worked for Facebook, but it's a non-starter for most companies.  Move fast? Yes. Break things? Not so much.  

You're probably working at a company that's trying to balance the ability to move quickly — responding to customer needs in an ever-changing world — with the need to provide secure, reliable services that are always there when customers need them.  You're trying to achieve agility with stability and it's why you may need a service mesh; a configurable infrastructure layer for a microservices application that helps make communication between service instances flexible, reliable, and fast.

We work with a variety of customers, from small startups to large enterprises, but they’re all deploying and operating microservices applications at scale. No matter the company size or industry, we tend to get three common requirements:

  • I need to move quickly.
  • I need to quickly identify and solve problems.
  • I need everything to be secure.

Let's explore these three needs, as we often hear about them from platform owners and DevOps leads who are building and running next generation microservices platforms.

I Need to Move Quickly

This is where it all starts. You're moving to microservices so that you can push code to your customers faster than your competition.  This is how you differentiate and win in a market where the way you interact with your customers is through applications.

To win in these markets, you want your application developers focused on solving customer problems and delivering new application value.  You don't want them thinking about how they're going to capture metrics for their app, or what library they're going to use to make it more fault tolerant, or how they're going to secure it.  This is what you want your platform team solving - at scale - across your entire engineering organization.

A service mesh enables your platform team to implement organization-wide solutions like observability, advanced developer tooling, and security. This allows your application developers to focus on pushing the new features that will help you win in the market.  Focus drives speed and a service mesh creates focus.

I Need to Be Able to Quickly Identify Problems and Solve Them

In breaking your monolith down into microservices, things get more complex.  That becomes painfully obvious the first time you need to respond to a production issue and it takes hours of trolling through log files to even figure out where the problem occurred - let alone getting to solve it.  

A service mesh can provide you with the metrics and observability you need to effectively identify, troubleshoot, and solve problems in your microservices environment.  At the most basic level, you'll get metrics, distributed tracing, and a service graph to work with. For more advanced implementations, you can visualize key configuration changes that correlate with changes in metrics and traces to rapidly identify the root causes of problems. Then you can start fixing it.  

A service mesh also makes it easy to establish and monitor SLOs and SLIs (service level objectives and indicators) so you can prioritize critical fixes and easily share system status with the team. With a service mesh, platform owners can more quickly identify the root cause and gain a better understanding of their environments. This enables more resilient architecting in the future, to prevent outages occurring at all. 

I Need Everything to Be Secure

Security is table stakes.  They may say that all publicity is good publicity, but you do not want to be in the news for a security breach.  It's an existential threat to your business and your career. Defense in depth is the way to go, and a service mesh provides a powerful set of security tools to accomplish this.

Firstly, you can encrypt all the traffic moving among your microservices with mutual TLS that’s easy to set up and manage.  That way, should an attacker compromise your perimeter defenses, they’ll find it difficult to do much in a fully encrypted environment. Client and server side encryption ensures common microservices vulnerabilities such as man-in-the-middle attacks are prevented.

Secondly, don't just monitor all the traffic that's entering and leaving your microservices environment. You need to also implement fine-grained RBAC that makes the principle of least privilege a reality in your environment.  Admission controls and secure ingress allow platform operators to ensure that developers are following secure and compliant practices, and also make it easy for applications to communicate securely to the internet.   

And thirdly, take advantage of the observability that a service mesh provides into the security posture of your microservices, so that you have confidence everything is operating as expected.

If you’re working for a company that’s trying to walk the razor’s edge of agility with stability, check out service mesh.  It provides a powerful set of tools that help you operate a platform where application developers move quickly, while relying on the platform to solve the observability, traffic management and security challenges that come with a modern microservices environment.


Uptime and Efficiency in the Application Economy

Uptime and Efficiency in the Application Economy

The High Cost of Downtime 

Modern organizations are using “application value” as a new form of currency in the software-first world. What this means is any business that delivers a product or service to its customers through an application must understand the importance of application security, reliability and feature velocity. As applications become increasingly important to enterprises, so do engineering teams. 

Access to engineering talent is now more important to companies than access to capital. 61% of executives consider this a potential threat to their business. The average developer spends more than 17 hours a week dealing with maintenance issues, such as debugging and refactoring. In addition, they spend approximately four hours a week on “bad code,” which equates to nearly $85 billion worldwide in opportunity cost lost annually. As the necessity of driving business value with applications increases, so does the importance of engineering teams. As customer demands on applications increase, enterprises have two options — increase the size and cost of engineering teams, or increase engineering efficiency. 

Couple the need to increase engineering efficiency with the challenges around growing revenue in increasingly competitive and low margin businesses - and the importance of driving value through applications is top of mind for any business that considers itself a software company. 

The Advantages and Challenges of Microservices Applications

Microservices architectures allow businesses to keep pace with the competition in their space through application scalability, resiliency and agility. Most importantly, microservices allow enterprises to more quickly deliver new features to customers to maintain customer satisfaction and increase affinity. Microservices provide a powerful way to develop modern applications but they also come with new challenges. 

A common challenge our customers face is difficulty of debugging and resolving problems in a microservices environment. It can be challenging to resolve issues in a timely manner, especially when there are cascading failures which can significantly impact user experience. As a company that maintains a microservices based SaaS platform, we understand the pain operators and developers go through while dealing with an outage. 

Making the Most Out of Modern Applications 

This is why Aspen Mesh is focused on trying to make it easy for engineering organizations to reduce MTTR through quickly identifying any configuration or application changes that are likely to have caused an outage. We try to offer  a much improved user experience both for users within that company, but more importantly, for their end-users.  

Service mesh provides observability, tracing and logging capabilities that make it easy to identify when errors occurred and pinpoint their sources. It brings all of your data together into a single source of truth, removing error-prone processes, and enabling you to get fast, reliable information around downtime, failures and outages. More uptime means more revenue, and the agility with stability that you need for a competitive edge.

Aspen Mesh was designed to allow DevOps teams to address what we consider to be the three most critical areas in providing application agility and stability:

  • Proactive anomaly detection, quick incident response and resolution, and workflows that accelerate the remediation process.
  • A unified source of multi-dimensional insights into application and infrastructure health and performance that provides context about the entire software system.
  • Line of sight into weak points in environments, enabling engineering teams to architect more resilient systems in the future. 

There are many tools that allow DevOps teams to more efficiently develop and deploy microservices applications. The beauty of service mesh is that it allows decoupling of Dev and Ops along infrastructure lines. The operators can maintain the platform and develop guardrails that ensure enforcement of security and compliance policies without burdening application developers with infrastructure concerns. 

If you or your team are running Kubernetes-based applications at scale and are seeing the advantages, but know you can get more value out of them by increasing efficiency and more quickly identifying failure root causes, it’s probably time to check out a service mesh. You can reach out to the Aspen Mesh team on how to easily get started or how to best integrate service mesh into your existing stack at hello@aspenmesh.io. Or you can get started yourself with a 30-day free trial of Aspen Mesh


Harnessing Microservices Uncertainty

Harnessing the Power of Microservices to Overcome an Uncertain Marketplace

According to PwC’s 23rd Annual Global CEO Survey, the outlook for 2020 can be summarized in one word—uncertainty. According to the survey, only 27% of CEOs are “very confident” in their prospects for revenue growth in 2020, a low level not seen since 2009. As organizations navigate their way through digital transformations, how can they leverage strategies and applications that help them overcome uncertainty, rather than causing more?

In this article, we talk with Shawn Wormke, Incubation Lead at Aspen Mesh, about how a service mesh can help companies achieve agility with stability in order to overcome uncertainty for the future and get ahead in the marketplace.  

Q: Many CEOs are feeling a sense of uncertainty. More than half of the CEOs surveyed by PwC believe the rate of global GDP growth will decline in 2020. With this concern top of mind, how can applications like service mesh drive value for organizations by addressing security challenges, skills gaps and increased complexity at scale?

A: In times of uncertainty, the potential for flat to decreasing revenues adds intense pressure for CEOs to maintain and grow their business. One of the ways they can overcome this challenge is to focus on becoming more agile and delivering more value to their customers — faster than their competitors — with new products and services. Almost every company has embraced Agile workflows and is adopting cloud and container technologies like Kubernetes to enable this, but these new complex and distributed technologies come with their own set of challenges around operations and security.

One of the patterns for addressing those challenges is service mesh, and I believe it should be at the center of a company’s approach to microservice architectures. Because service meshes, like Istio and Aspen Mesh, are inserted next to every microservice, it enables a strategic point of control for operating and securing next-generation application architectures. By moving critical operations like encryption, certificate management, policy, traffic steering, high-availability, logging and tracing out of the application and into the platform — where it belongs — you can ensure that you have your human capital adding application value rather than managing infrastructure. 

Q: What cloud native technologies and enterprise architecture modernization strategies are you seeing organizations leverage in order to thrive in a quickly evolving marketplace?

A: Microservices architectures, and the container technologies like Kubernetes that enable them, have fundamentally changed the way applications are delivered and managed. These new patterns allow companies to efficiently scale both software and engineering, reduce risk, and improve the overall quality of applications.

These technologies are new and they present challenges like most nascent technologies. But, with the amazing work of open source projects and communities like Istio, Prometheus, Jaeger, Grafana and many others, there are solutions available to help overcome these challenges.

Q: A business’s agility is what allows them to rapidly grow its revenue streams, respond to customer needs and defend against disruption. But is that enough?

A: Agility is a company’s number one business advantage. It is a business’s agility that allows them to rapidly grow revenue, respond to customer needs, and defend against disruption. It is the need for agility that drives digital transformations and causes organizations to define new ways of working, develop new application architectures, and embrace cloud and container technologies.

However, agility with stability is the critical competitive advantage. Companies that can meet evolving customer needs — while staying out of the news for downtime and security breaches — will be the winners of tomorrow.

Q: How exactly does a service mesh get you agility with stability?

A: Because a service mesh sits below the application and above the network — and has a control plane that can consume and apply policy — it enables development and platform teams to work together while focusing on their specific areas of expertise so companies can deliver solutions to their customers that are performant, secure and compliant. 

In addition, a service mesh handles encryption and provides visibility into an application's behavior like no other technology. It can see the “final product” of the application or service as an outsider and provides a unique perspective on that service’s behavior, performance and communication patterns. This allows operators to operate, manage and scale those services based on their actual needs and the end users’ experience.

Q: Service mesh is a useful tool, but when does it make sense for an organization to consider adopting one?

A: It is true that the service mesh pattern has been around for a few years, but it is still an early market for the technology and surrounding products. Specifically at Aspen Mesh, we have been working with customers in this area for over two years and realize that each organization is different in their maturity and needs when it comes to Kubernetes and microservices. A company may adopt service mesh early in order to meet compliance needs. Some organizations run into challenges in production and need visibility, while others may need to reduce errors caused by lack of engineering expertise on their development teams.

In general, you probably need a service mesh if you can no longer draw your microservices topology on a sheet of paper, or hold it in your head. This usually happens for our customers at about 15-20 microservices.

Q: What are some of the top use cases you are seeing service mesh used for?

A: Kubernetes and containers is a journey for most organizations. Along that journey, road-blocks will be encountered that must be addressed. The most common path for the organizations we talk to involves:

  • Understanding what services they have deployed and how they are communicating,
  • How they can make their platform and applications comply with either company or regulatory requirements, and
  • How they ensure they are providing the best possible user experience and reducing downtime.

Therefore, the most common use cases we see our customers implementing a service mesh for include visibility, observability, and encryption of service-to-service communication. More recently, we've seen adoption increase for operational benefits that allow them to quickly identify, diagnose and resolve customer-impacting problems.

Q: What do you see for the future of service mesh? How will it help organizations overcome the challenges associated with uncertainty?

A: Service mesh is a new frontier, and despite all the recent attention, is still a nascent market and pattern. This is due to its strategic point of control in application architectures and its ability to operate in a transparent and distributed manner. More and more companies, as they move from proof-of-concept to production with their new application architectures, will come to rely on a service mesh to provide a consistent layer in which they are able to control and manage their services while ensuring that all applications are optimally performing and meeting compliance and security requirements.

As service meshes mature, they will become a critical piece of infrastructure that enables organizations to maximize their true competitive advantage of agility with stability.

If you’re scaling microservices on Kubernetes, it's worth considering a service mesh to help you get the most out of your distributed systems. To learn more about service mesh, feel free to reach out to our team to schedule a time to meet.