How to right-choose a critical tech without the right expertise level

Project

Allianz Direct sees itself as a technology company with an insurance license. Behind Allianz Direct’s online insurance product is a Cloud Native, Kubernetes-based platform, that needs to meet the product’s demand.

The ever-growing number of microservices, backing more and more insurance types and markets, poses new challenges in terms of end-to-end observability, security, Continuous Delivery, and traffic management.

Allianz Direct reached out to mkdev to perform deep research and provide recommendations and training on the Service Mesh, the technology that can potentially solve those challenges.

Challenge

The DevOps team of Allianz Direct is skilled and capable of both extending and maintaining cloud infrastructure for the company. But the challenge with introducing a technology like Service Mesh is that there are just too many options to choose from, each with its own pros and cons. Cloud Native Landscape is a scary minefield.

A proper hands-on comparison of multiple alternatives takes a significant amount of time, which is always hard to find during busy workdays. Besides that, Allianz Direct was seeking an independent evaluation of potential tools. An external expert opinion is crucial in getting the full picture and making the right decision: not only in choosing the technology, but also settling on whether you need this technology at all.

Finally, when talking about such a complex subject, a lot of explanation and training is needed. Before you start using the new technology, you need to understand what this technology is. Not the easiest task when talking about the Service Mesh.

Solution

Even before the project started, Allianz Direct’s tech leadership team told us they want to work in open. As part of this project and beyond, they want to give back to the Cloud Native and DevOps community as much as possible:

At mkdev, sharing knowledge is at the core of everything we do. We were more than happy to collaborate with Allianz not only as a consultancy but also as a partner in producing and distributing educational content. As a result, everything we discovered together, we shared in the form of videos, available for everyone to learn from.

We’ve started by defining what Service Mesh is and how is it useful. The core audience we had in mind were DevOps engineers of Allianz Direct, the people who would eventually need to use this technology. What are the benefits? What are the downsides? Can we get the same functionality without Service Mesh? We’ve answered this and many other questions in our first partnered video, which is free for everyone to watch. This was the first milestone, explaining to the Allianz Direct team what they might have to deal with, and for which reasons.

The next step was to answer the question, “Which Service Mesh is the best?” Just like we don’t partner with the Big Tech, neither we partner with any particular technology provider. Instead, we partner with our customers. This gives us full independence and the ability to be fully honest and transparent about any technology we recommend using.

mkdev expert team analyzed the Service Mesh market and based on certain criteria, selected the most prominent tools. We then compared each of them, researched which setups each works best, and, most importantly, conducted thorough hands-on tests on an infrastructure that resembles the production infrastructure of Allianz Direct. The result of this comparison was presented both to the Allianz Direct team and to everyone else interested in this topic.

Having settled on the tool that ticked all the boxes, we proceeded to the training phase. If the Allianz Direct team was to introduce the Service Mesh, we need to make sure every team member can use this tool. To achieve this, we prepared a custom one-week workshop with practical labs that led the engineers from the installation of the mesh to learning how to use most of its features.

By the end of the workshop, everyone on the team got the right idea of how everything is working - and, most importantly, how some of the things are not working at all. We found out many smaller technical details that, in some areas, completely change the perception and applicability of the Service Mesh. For example, combining multiple Kubernetes CNIs, the one from the cloud provider and the one from the Service Mesh, can be extremely complex and fragile.

Another learning that the team had is that Service Mesh provides the most value, especially around mTLS, if your complete infrastructure has meshed in. If you are using the public cloud, with managed services from this cloud, then meshing in everything is impossible, and in this case the benefits of using the mesh quickly diminish. What works in the official code samples, can quickly collapse, or at least disappoint in a real environment.

Conclusion

In the modern, Cloud Native and high-velocity IT world, it’s hard to keep up with everything that is happening. Engineering teams need to focus on providing value to the business, while still dedicating time to keep things up to date and profit from the innovations. One of the primary things we do at mkdev is transfer to our customers years of experience and knowledge within just a few months, sometimes weeks.

With thorough research and quality educational content from our expert team, Allianz Direct was able not only to learn the new technology but also fully evaluate and try it out in their environment. Ultimately, this allowed Allianz Direct to make a fully informed decision and build skills in a new area in a record time.

What our team loved about this project is the sincere desire of Allianz Direct to work in open and share all the learnings with the world. Together, we were able to contribute a big chunk of knowledge around Service Mesh to the community. This fits mkdev’s philosophy “Services for businesses, knowledge for people” quite well.

Do you also realize that your infrastructure could use an improvement and your team could use more free engineering space? Give us a call and we'll discuss it!