Grey Matter is composed of Fabric, Data, and Sense. Internal to each component is a series of microservices that offers several core features. Each feature simplifies technical challenges associated with service management, such as:
Announcement
Discovery
Instrumentation
Logging
Tracing
Troubleshooting
Encryption
Access control
Network/micro/data-segmentation
The following diagram shows the workload distribution between Grey Matter's core components.
Fabric powers the zero-trust hybrid service mesh, which consists of the Edge, Control, Security, and Sidecar. You can use Fabric to connect services regardless of language, framework, or runtime environment.
How does Fabric work?
Fabric's sidecar proxies run alongside each microservice.
Each proxy manages scaling, access control, and intercommunication. **
The proxy layer orchestrates communications between microservices operating in the mesh to provide reliability, visibility, and security.
Secure network fabrics provide bridge points, observability, routing, policy assertion, and more between on-premise, multi-cloud, and multi-PaaS capabilities. Fabric offers workload distribution and management within a hybrid environment.
Grey Matter supports multiple runtime environments with multi-mesh bridges as shown below. These environments include:
Multiple cloud providers (i.e. AWS and Azure)
Container management solutions (i.e., K8s, OpenShift and ECS)
On-premise infrastructure
Grey Matter gives you the flexibility to deploy the mesh to suit your environment. Learn more about our deployment options here.
Fabric operates at OSI model layers 3 (network), 4 (transport), and 7 (application) simultaneously. Providing a powerful, performant, and unified platform to run, manage, connect, and perform distributed workloads across a hybrid architecture.
Layer 3 operates at the TCP level. Responsible for transferring data“packets” from one host to another using IP addresses, TCP ports, etc., determining which route is the most suitable from source to its destination. At this level, network-segmentation is able to be performed using ABAC, RBAC, and NGAC policies set within each sidecar. More details can be found in the Security Model section.
Layer 4 coordinates data transfer between clients and hosts. Adding load balancing, rate limiting, discovery, health checks, observability, and more built on top of TCP/IP. Layer 3 and 4 alone live within the TCP/IP space and are unable to make routing decisions based on different URLs to backend systems or services. This is where layer 7 comes into the architecture.
Layer 7 sits at the top of the OSI model, interacting directly with services and applications responsible for presenting data to users. HTTP requests and responses accessing services, webpages, images, data, etc. are layer 7 actions.
Grey Matter Fabric offers a fast, simple, and elegant model to build modern architecture while bridging legacy applications.
The following graphic shows Fabric's basic capabilities--access, routing decisions, rate limits, health checks, discoverability, observability, proxying, network and micro-segmentation--and how they leverage all features found within each of the OSI layers described above.
Grey Matter Edge handles north/south trafficflowing through the mesh. Multiple edge nodes can be configured depending on throughput or regulatory requirements requiring segmented routing or security policy rules.
Traffic flow management in and out of the hybrid mesh.
Hybrid cloud jump points.
Load balancing and protocol control.
Edge OAuth security.
Note: the Grey Matter Edge and Grey Matter Sidecar are the same binary configured differently based on north/south and east/west access patterns.
Automatic discovery throughout your hybrid mesh.
Templated static or dynamic sidecar configuration.
Telemetry and observable collection and aggregation.
Neural net brain.
API for advanced control.
Grey Matter Fabric offers the following security features:
Verifies that tokens presented by the invoking service are trusted for such operations.
Performs operations on behalf of a trusted third party within the Hybrid Mesh.
Add Grey Matter to services by deploying a sidecar proxy throughout your environment. This sidecar intercepts all network communication between microservices.
The Grey Matter Sidecar offers the following capabilities:
Multiple protocol support.
Observable events for all traffic and content streams.
Filter SDK.
Certified, Tested, Production-Ready Sidecars.
Native support for gRPC, HTTP/1, HTTP/2, and TCP.
gRPC Protocol Basics
gRPC is an RPC protocol implemented on top of HTTP/2
HTTP/2 is a Layer 7 (Application layer) protocol that runs on top of a TCP (Layer 4 - Transport layer) protocol
TCP runs on top of IP (Layer 3 - Network layer) protocol
Once you've deployed the Grey Matter Sidecar, you can configure and manage Grey Matter with its control plane functionality.
Automatic load balancing for HTTP, gRPC, WebSocket, and TCP traffic
Fine-grained control of traffic behavior with rich routing rules, retries, failover, and fault injection
A policy layer and configuration API supporting access controls, rate limits and quotas
Automatic metrics, logs, and traces for all traffic within a cluster, including cluster ingress and egress
Secure service-to-service communication in a cluster with strong identity-based authentication and authorization
Example
The following diagram shows how the Grey Matter Sidecar would operate in a North/South traffic pattern.
Grey Matter Data is an API that enables secure and flexible access control for your microservices. Data consists of Grey Matter Data and JWT server, and includes an API Explorer to help you manage the API.
Grey Matter Sense consists of four primary components: Grey Matter application, SLO, Business Impact and Catalog.
The Grey Matter application is our user dashboard that paints a high-level picture of the service mesh. The Grey Matter application includes the following features:
Mesh Overview
Running state of all services
Search, sort and filter options
Historical metrics per service
SLA warnings/violations (powered by SLO)
Resource usage
Request traffic
Route usage
Route-level metrics
Real-time metrics per service instance
Service instance drill down
Metrics explorer
Service configuration
Business impact
SLO
Sidecar settings
Grey Matter Service Level Objectives (SLOs) allows users to manage objectives towards service-level agreements. These objectives can be internal to business operations or made between a company and its customers. They are generic and are valuable in more than one use case.
Key Definition
SLOs are simply service performance objectives associated with metrics collected by the Grey Matter Sidecar, such as memory usage, request traffic (request rate, error rate, and latency).
SLOs combine with Grey Matter application time-series charts to visualize warning and violation thresholds for targeted performance analysis. These objectives are used even further to train Sense AI for service scaling recommendations.
Business Impact allows users to set metadata on services with the goal of associating how critical a service is towards the operations of a company, mission, or customer. Business Impact provides a list of values (Critical, High, Medium, Low) that correlates each service's business impact. Sense lets users of the Grey Matter application configure these values themselves, which can be used to filter and search via the mesh overview.
Grey Matter Catalog acts as an interface between the data plane (network of sidecars) of the service mesh and the Grey Matter application. Catalog provides a user-focused representation of the mesh.
Learn how to use the Catalog here.
Want to learn more about Grey Matter Sense? Contact us at info@greymatter.io to discuss your use case.
Create an account at Grey Matter Support to reach our team.