The modern application is dynamic and highly adaptive to changes in demand. It lives across multiple clusters and clouds. And it is highly distributed with hundreds of microservices servicing the requirements of rapid feature releases, high resiliency, and on demand scalability. In such a world, we simply cannot afford to continue to rely solely on the network architectures of the last decade.
Modern applications need a Modern Network—one that simplifies operations, reduces IT overhead and prioritizes user needs—such that organizations can empower users with fast, reliable and secure application access wherever and whenever they do business, regardless of the underlying infrastructure or connectivity. This requires adopting the public cloud—or even multiple public clouds—as an extension of on-premises infrastructure. What enterprises need is a common, multi-dimensional framework that provides availability, resiliency, and security for modern applications, with the ability to abstract connectivity, identity, and policy via declarative intents. These dimensions of control are paramount for modern applications – improving the visibility and control of assets that are ephemeral in nature and not directly under their purview.
A Consistent End-User Experience is a Business Imperative
An example of a policy based declarative intent is Service Level Objectives (SLOs). An SLO can deliver the desired user experience, application availability, performance and security requirements and serve as a contract between users and the organization. Meeting SLOs while keeping the organization safe requires context and awareness through the ability to identify different types of application traffic and understand how containers, Software as a Service (SaaS) platforms and legacy application platforms interact with each other. Armed with this insight, organizations can apply the appropriate policies and controls to all workloads without having to route traffic to dedicated hardware.
Achieving application SLOs and meeting user experience expectations in a distributed architecture can be complex and challenging. If latency goes up in your application because of a service load that goes up in the chain, just auto-scaling it out by deploying more instances may cause an adverse effect on the entire application due to the ripple effect. It is even more complicated when you’re doing this across multiple clouds because you need to consider cross-cloud latencies and be able to look at the health of all the services in the application service chain. It is about understanding the total resiliency posture, and when to apply auto-scaling, cloud bursting, and circuit breaking, but more importantly having the ability to declare this as a policy and have an underlying system that can deliver it.
VMware’s Modern Network Backbone
VMware Tanzu Service Mesh (TSM) and its advanced application services provides a platform for enforcing SLO requirements with an ability to create monitored and actionable SLOs where the actions can be any resiliency remediation function. It does this by automating the detection and reporting of application intent violations as well as providing advanced forensics and intelligent self-healing capabilities—such as auto-scaling and traffic management across multiple-clouds—which are able to stop disruptions before they occur.
With advanced constructs like Global Namespace (GNS), TSM allows you to stretch application boundaries across clusters and clouds (Figure 1). The application instances within GNS themselves could be either containers running on a K8s platform or VMs. GNS provides secure identity, service discovery and observability for the application and allows users to define security, SLO and traffic-management policies using a consistent framework, independent of where the application instance resides. This enables intelligent auto-scaling, high availability and application continuity in a seamless and efficient manner.
TSM’s intelligent auto-scaling capabilities (a.k.a., Predictive Response Time Controller) allow users to assign an end-to-end latency SLO policy to an application and automatically optimize and self-heal distributed microservices applications to achieve the SLO (Figure 2). As the application belongs to a GNS, TSM can scale its instances based on the SLO definition—not only within a single cluster but across multiple clusters and clouds that are members of the GNS boundary.
TSM also works with VMware NSX Advanced Load Balancer (NSX ALB) to allow application owners to define local or global load balancing policies to provide high availability (HA) within a region or disaster-recovery (DR) across multiple regions (Figure 2). Users can also secure their applications by configuring advanced features of NSX ALB – such as a web application firewall (WAF) — allowing users to define their security intent objectives.
Intelligent auto–scaling (PRTC) and integration with NSX ALB enables enterprises to deliver advanced use-cases such as cloud-bursting. This solution automatically scales applications and steers traffic across multiple clusters based on policy.
The Modern Network in Action
Let’s look at an example of how VMware enables the Modern Network. Consider a distributed application that is deployed in a hybrid cloud environment. It can be deployed on–premises and in the public cloud in a highly available mode, either within a single region or across geographically dispersed locations. Within the global namespace, users can configure auto-scaling and load balancing policy for this application that is tied to an SLO.
To start with, users can configure the application’s load balancing policy to send all the traffic to application instances residing within the on-prem cluster (Figure 3).
As traffic increases, and in response to an increase in incoming load, TSM will auto-scale application instances based on the configured auto-scale policy (which for example could be based on an end-to-end latency SLO) (Figure 4). TSM’s algorithm for scaling offers multiple modes: performance mode (always scale out), efficiency mode (scale out/in when appropriate), and scheduled mode.
If the load continues to increase and gets close to a pre-configured load limit per cluster, TSM will automatically direct NSX ALB to send a part of the traffic to the other cluster in the public cloud and continue scaling the app within the new cluster if required. If there are multiple sites, the incoming traffic is directed by TSM to the site that offers the best possible experience for that end user based on the load balancing policy (Figure 5).
As the traffic goes down, the auto-scale and load balancing policy steers all the traffic back to the preferred on-premise cluster, along with scaling down to only the required instances (Figure 6).
Enabling Powerful, Modern User Experiences
In a complex multi-cloud world running highly distributed applications, enterprise needs for end-user experience, security, availability and resiliency are evolving rapidly. Enterprises are looking for a framework that goes beyond just detecting and reporting application intent violations. They need to be able to automatically take actions to guarantee application service requirements. Tanzu Service Mesh integrates with NSX Advanced Load Balancer to help enterprises deliver on these requirements in a consistent manner, adding value to enterprise initiatives focused on application modernization.
Learn more about the Modern Network and stay tuned as I will be adding a demo walkthrough of the use case I’ve described in this blog post. In the meantime, you can also check out these Tanzu Service Mesh SLO and Auto-Scaling demos.