Title

AWS re:Invent 2022 - Application networking foundations (NET204)

Summary

• Presenters: Tom and Jamie, both principal solution architects at AWS.
• Focus: Definition of application networking, its building blocks, and guidance on service selection for specific use cases.
• Key Topics:
  • Application networking involves intelligent routing decisions at the transport and application layers.
  • Service discovery and service connectivity are the two main categories of application networking services.
  • AWS services covered include Route 53, Cloud Map, Network Load Balancer (NLB), Global Accelerator, Application Load Balancer (ALB), API Gateway, CloudFront, App Mesh, and the newly introduced Amazon VPC Lattice.
  • The session also touched on compute options like EC2, containers, Kubernetes, ECS, and Lambda.
  • Example architectures were provided to illustrate how these services can be integrated.
  • The session did not cover traditional networking foundations like VPC, Transit Gateway, and Peering.

Insights

• Service Discovery:

  • DNS and AWS Route 53 are used for traditional service discovery.
  • AWS CloudMap offers advanced service discovery with custom attributes and API-based discovery, which is faster and more flexible than DNS.
  • CloudMap integrates with Kubernetes for cross-cluster service discovery.

• Service Connectivity:

  • Proxies play a crucial role in service connectivity by adding functionality like TLS termination, health checking, and load balancing.
  • AWS offers various services that act as proxies/load balancers, including NLB, ALB, API Gateway, and CloudFront.
  • AWS Global Accelerator provides a global load balancing solution using Anycast IP addresses and AWS's global network.

• Application Load Balancers (ALB):

  • ALBs are suitable for HTTP/HTTPS applications and offer advanced routing capabilities based on HTTP headers, paths, and query strings.
  • ALBs can target EC2 instances, IP addresses, Lambda functions, and containers.

• API Gateway:

  • API Gateway is used for organizing and managing APIs, offering features like request validation, mutual TLS, and integration with various AWS services.
  • It can be used in conjunction with ALBs for more complex API management scenarios.

• CloudFront:

  • CloudFront is a content delivery network (CDN) that optimizes web application delivery by caching content at edge locations and using AWS's global network for dynamic content.

• Service Mesh (App Mesh):

  • App Mesh is a service mesh that manages microservices communication, offering features like traffic shaping, blue-green deployments, and observability.
  • App Mesh requires management of the control plane and proxies within containers.

• Amazon VPC Lattice:

  • VPC Lattice simplifies microservices communication by managing both the control plane and data plane, eliminating the need for developers to set up networking infrastructure like Transit Gateways or VPC peering.
  • It supports services running on different compute platforms, including Lambda, and uses IAM for authentication.

• Global Accelerator vs. CloudFront:

  • Global Accelerator is used for any TCP/UDP application and provides Anycast IP addresses, while CloudFront is focused on HTTP/HTTPS applications with caching and other web optimization features.
  • Global Accelerator is better for load balancing to AWS destinations, while CloudFront is suitable for delivering content from any origin, including on-premises.

• Example Architectures:

  • Jamie demonstrated how to evolve an architecture from a monolithic application to a modern microservices-based application using AWS services.
  • The use of App Mesh and VPC Lattice was shown to simplify service-to-service communication and reduce the complexity of networking configurations.
  • Global reach and high availability were addressed using CloudFront and Global Accelerator, showcasing how AWS services can provide resilience and performance improvements for applications with a global user base.