50 Services, 2500 Network Policies: The Mesh Nobody Can Debug

Системное и сетевое администрирование

Программный комитет ещё не принял решения по этому докладу

Целевая аудитория

The primary audience consists of platform and infrastructure engineers managing Kubernetes and service mesh (Istio, Linkerd, Consul), SREs responsible for microservices reliability and incident response, network engineers managing network policies and connectivity, DevOps engineers operating microservices applications, and security engineers managing mTLS, certificates, and service-to-service authentication. Secondary audiences include engineering managers coordinating across DevOps, NetOps, and SecOps for microservices, cloud architects designing service mesh implementations, technical leads making service mesh adoption decisions, and on-call engineers debugging production connectivity issues.

Тезисы

Microservices were an application architecture decision. Then networking got involved. Fifty services. Each talks to twelve others. mTLS everywhere. Network policies per service. Service mesh handles it. Beautiful diagrams. Then an incident happens. Service A can't reach Service B. Is it a network policy? The mesh config? The certificate? The load balancer? DNS? The sidecar? Debugging requires expertise in all of them.

Your DevOps team owns the services. Your NetOps team owns the network. Your SecOps team owns the policies. The incident spans all three. Mean time to resolution is measured in hours while everyone checks their own domain. The service mesh abstracted the network. It didn't eliminate it. It moved complexity from one layer to three. Your developers don't think about networking. They shouldn't have to. But when it breaks, someone needs to understand the full stack. This person doesn't exist.

This session covers network operations at microservices scale. We'll explore observability strategies spanning application, mesh, and network layers, debugging workflows for cross-domain connectivity failures, policy management that scales without becoming unmaintained, certificate lifecycle across hundreds of services, and cross-functional incident response when nobody owns the full path.

Neeraj Pandey

Lyntcube

Neeraj is the co-founder & CTO of Lyntcube, a real estate AI platform & Vivid Climate, a climate management and DMRV platform. Over the years, he has worked on a variety of full-stack software and data-science applications, as well as computational arts, and likes the challenge of creating new tools and applications, and is an active speaker with talks and tutorials presented at multiple conferences.