Friday, October 12, 2018
TIME: 1:30 - 2:30 pm
PLACE: GHC 4303
SPEAKER: Shriram Rajagopalan, VMware
TITLE: Istio Service Mesh – A network for services, not bytes
For the last two decades, the kernel has abstracted low-level networking concepts and TCP/IP interactions from user level applications, in an attempt to simplify application layer code. However, developers today still have to deal with the network when building distributed applications. Reasoning about failures, reliability, routing, discovery and load balancing, in addition to uniform telemetry, ensuring fleet-wide security across 1000s of VMs or containers is a daunting task for any application development team. Istio, a joint effort from several companies, aims to abstract networking, security, and telemetry from applications such that applications can offload service discovery, load balancing, monitoring, resilience, and authorization/authentication to a programmable L7 substrate called the service mesh. Having control over the L7 traffic allows the mesh to do some interesting things that was previously harder to achieve in a polyglot application environment that exists today. This talk will describe some initial operational experiences and some lessons learned from the community. Towards the end, we will look at an interesting problem domains that can be tackled with the help of the service mesh: tracking sensitive data flows across services and enforcing data-centric access control policies.
Shriram Rajagopalan is a staff engineer at VMware NSX division, working on evolving the NSX fabric to higher layers of the stack. His broad research interests span distributed systems, computer networking and cloud computing. He completed his Ph.D. in Spring 2014, under the careful supervision of Prof. Andrew Warfield at the University of British Columbia, Vancouver. He was one of the founding members of the Istio project. He has had diverse experience in developing various aspects of the software stack over the last decade. He has worked on the Xen hypervisor, the Linux kernel, network function virtualization, and recently on the Istio service mesh and Lyft’s Envoy.
SDI / ISTC SEMINAR QUESTIONS?
Karen Lindenfelser, 86716, or visit www.pdl.cmu.edu/SDI/