oracle's microservices strategy · microservices. • operations is not integrated in the...
TRANSCRIPT
Copyright©2017, Oracleand/oritsaffiliates.Allrightsreserved.|
Oracle'sModernMicroservices StrategyAnOpinionatedPlatformonKubernetes
BorisMSchollVPofDevelopmentClaudioCaldatoSr.DirectorofDevelopmentOracleCloudMicroservicesOctober3rd,2017
Confidential– OracleInternal/Restricted/HighlyRestricted
Copyright©2017, Oracleand/oritsaffiliates.Allrightsreserved.|
SafeHarborStatementThefollowingisintendedtooutlineourgeneralproductdirection.Itisintendedforinformationpurposesonly,andmaynotbeincorporatedintoanycontract.Itisnotacommitmenttodeliveranymaterial,code,orfunctionality,andshouldnotberelieduponinmakingpurchasingdecisions.Thedevelopment,release,andtimingofanyfeaturesorfunctionalitydescribedforOracle’sproductsremainsatthesolediscretionofOracle.
Confidential– OracleInternal/Restricted/HighlyRestricted 2
Copyright©2017, Oracleand/oritsaffiliates.Allrightsreserved.|
ProgramAgenda
Motivation
OurStack
Demo
Roadmap
1
2
3
Confidential– OracleInternal/Restricted/HighlyRestricted 3
4
Copyright©2017, Oracleand/oritsaffiliates.Allrightsreserved.|Copyright©2017, Oracleand/oritsaffiliates.Allrightsreserved.| Confidential– OracleInternal/Restricted/HighlyRestricted 4
Motivation
Copyright©2017, Oracleand/oritsaffiliates.Allrightsreserved.|
Today’sproblemswithcontainernativedevelopment
OracleConfidential– Internal/Restricted/HighlyRestricted 5
COMMONAPIANDSERVICESCI/CD
MANAGEDKUBERNETES
JAVAMICROSERVICES
DIAG
NOSTICS
• Programmingmodelandinfrastructureareentangled,thereisnoclearseparationanddevelopersneedtounderstandtheunderneathinfrastructuretomaketheirservicework
• Lackoffocusondevelopersmakesonboardingonandoperateexistingsolutionsexpensiveandtimeconsuming
• Externalservicedependenciesneedtobewiredupmanually• ThereisnounifiedapproachforServerless andcontainer-basedMicroservices.
• Operationsisnotintegratedintheplatformmakingitanexpensiveafterthought
• Turnkeymicroservices platformslackopennessandmodularity
Copyright©2017, Oracleand/oritsaffiliates.Allrightsreserved.|
Today’sproblemswithcontainernativedevelopment
OracleConfidential– Internal/Restricted/HighlyRestricted 6
COMMONAPIANDSERVICESCI/CD
MANAGEDKUBERNETES
JAVAMICROSERVICES
DIAG
NOSTICS
• Kubernetes(K8S)providesapplicationinfrastructureformoderncloud-nativeapplications,butleavesmuchofdistributedsystemmanagementtoapplicationauthors:• Service/APIDiscovery• Backoff/RetryandIdempotency• Resiliency/CircuitBreakers• Diagnostics
• MuchasintheSOAdays,newtechnologiesareemergingtooutsourcethiscomplexityfromapplications:servicemeshes(istio/linkerd)
Copyright©2017, Oracleand/oritsaffiliates.Allrightsreserved.|Copyright©2017, Oracleand/oritsaffiliates.Allrightsreserved.| Confidential– OracleInternal/Restricted/HighlyRestricted 7
OurStack
Copyright©2017, Oracleand/oritsaffiliates.Allrightsreserved.|
Microservices Stack
OracleConfidential– Internal/Restricted/HighlyRestricted 8
COMMONAPIANDSERVICESCI/CD
MANAGEDKUBERNETES
JAVAMICROSERVICES
DIAG
NOSTICS
• WestartwithacuratedpackageofOSSlaidontopofourmanagedK8Sservice:• DiagnosticsandOperations(Zipkin/Jaeger,Vizceral)• Istio(Servicemesh)• OpenServiceBrokerAPI(LinuxFoundation),whichisthefoundationoftheK8sservicecatalog
• APICatalog(Apiary)• EventManager(Kafkabased)
• Ourvalue-addistounifyallofthis,andfliptheexperienceforthedevelopertobeAPI-first:alwaysreactive,unifiedbetweenfunctions/services• Developersgetobservabilityand“distributedmuck”forfree
Copyright©2017, Oracleand/oritsaffiliates.Allrightsreserved.|
ArchitecturalandFunctionalOverview
Confidential– OracleInternal/Restricted/HighlyRestricted 9
OKE
ISTIOServiceMesh/ISTIO
ISTIO
ISTIOServiceBroker
Kubernetes
APIRegistry+
ISTIOCLI– kubectl-oms ISTIODeveloperConsole
ISTIO
Diagno
stics/Mon
itorin
g
ISTIO
DeveloperCloud
Prometheus
• PublishandConsumeAPIsandmanagement• Generateclientlibraries• Mockservices
• RegistrationofcloudservicesanduserservicesAPIsandFn
• Configurationofserviceaccess
§ RoutingandDiscover(LB,A/Betc.)§ Resiliency(CircuitBreakeretc.)§ Servicemonitoringanddiagnostics§ InterServiceSecurityandPolicies
§ ClusterManagement/HA§ Orchestration§ Deploymentstrategies
ISTIOEventManager
RegisterEventprovidersandconsumers
CatalogService
OrderService
FooService
HighProductivityService/APIfirst
HighControlBuildonnativeK8s
Copyright©2017, Oracleand/oritsaffiliates.Allrightsreserved.|
ServiceMesh• Istio isthefoundationofouroffering;besidesofferingingresscontrol,itprovidesanapplicationdeveloperdefaultservice-to-service:– Loadbalancing– Encryption– AccessPolicy– Resiliency– Upgradesandsophisticatedrouting(e.g.,1%canaries,etc.)– DiagnosticsandTracing
• WearefundamentallygoingtoalignwithIstio,andenhanceitintheopen,notlayerontop
Confidential– OracleInternal/Restricted/HighlyRestricted 10
Copyright©2017, Oracleand/oritsaffiliates.Allrightsreserved.|
ServiceBroker• BuildingonOpenServiceBrokerAPI,wearegoingtounifyaccessto3rdpartyservicesonthemesh;developerswillbeabletoaccessserviceslikeDynamoDB/etc asifitisoneoftheirownservices• Wewillalsoenabledeveloperstoregisteruserservicesandfunctionswiththeservicebrokeronthemeshtogetthesameintegrationbenefitsmentionedabove• Every3rd partyservice,userserviceandfunctionregisteredthroughtheservicebrokerwillbeautoactivatedandaddedtotheAPIcatalog• OurservicebrokerwillregisterconnectioninformationandaccesstokenswiththeAPIcatalog;developersdonotneedtoconfiguresecureaccesstothirdpartyservicesandcanfocusonworkingwithAPIs
Confidential– OracleInternal/Restricted/HighlyRestricted 11
Copyright©2017, Oracleand/oritsaffiliates.Allrightsreserved.|
APICatalog
• Apiary’sOSScomponentsarethefoundationofourAPIcatalog,weenhancetheircurrentmockserviceandBlueprint/OpenAPIfunctionalitybyadding– ClientLibrarygeneration,wewillstartwithsupportforJavaandJavaScript– SecuritysettingsforAPIaccess– SophisticatedroutingcapabilitiestoenableA/Btesting,Canarydeploymentsetc.
• EverycomponentregisteredwiththeAPIcatalogwillbedeeplyintegratedwiththemesh;asaresultdevelopersdonotneedtoworryaboutendpoints,security,routingandresiliency.
Confidential– OracleInternal/Restricted/HighlyRestricted 12
Copyright©2017, Oracleand/oritsaffiliates.Allrightsreserved.|
Diagnosticsandoperations• TodaywearepackagingZipkin/OpenTracing/PrometheusandVizceral• Longtermasacloudproviderthisisourhugeopportunitytodifferentiatebyprovidingeasyaccessto:– Telemetry– Capacitymanagement– Securityauditing– ServiceDebugging/Introspection
• WewillbuildanoperationsUXthatenablesdeveloperstonotonlymonitor,diagnoseanddebugtheirservicesinrealtime,butalsotosetupsophisticateddeploymentandtestingscenariossuchasBlue/GreendeploymentandA/Btesting.
Confidential– OracleInternal/Restricted/HighlyRestricted 13
Copyright©2017, Oracleand/oritsaffiliates.Allrightsreserved.|Copyright©2017, Oracleand/oritsaffiliates.Allrightsreserved.| Confidential– OracleInternal/Restricted/HighlyRestricted 14
Demo
Copyright©2017, Oracleand/oritsaffiliates.Allrightsreserved.|
KeyTakeaways• OpinionatedandOpen– useofprovenCNCFcomponents– Batteriesincludedbutreplaceable
• DeveloperProductivity– Abstractionofinfrastructure– Resiliencypushedintotheplatform– Diagnosticsandmonitoringpushedintotheplatform
• DevelopmentFirst– Easytoconsumeexternalservices– APIfirstapproach– FNintegration– Supportforeventdrivenarchitectures
Confidential– OracleInternal/Restricted/HighlyRestricted 15
Copyright©2017, Oracleand/oritsaffiliates.Allrightsreserved.|
Doyouwanttotryit?• TechPreviewavailability– about4weeksafterOOW
• Pleasecontact:– [email protected]– [email protected]
Confidential– OracleInternal/Restricted/HighlyRestricted 16
Copyright©2017, Oracleand/oritsaffiliates.Allrightsreserved.| Confidential– OracleInternal/Restricted/HighlyRestricted 17