Core Components

Learn about the major components in the Grey Matter ecosystem.

Use the concepts in this document alongside our Guides when deploying Grey Matter in production.

Overview of Grey Matter's Functionality

Grey Matter is composed of Fabric, Data, and Sense. Internal to each component is a series of microservices that offers several core features. Each feature simplifies technical challenges associated with service management, such as:

  • Announcement

  • Discovery

  • Instrumentation

  • Logging

  • Tracing

  • Troubleshooting

  • Encryption

  • Access control

  • Network/micro/data-segmentation

Workload Distribution

The following diagram shows the workload distribution between Grey Matter's core components.

Grey Matter Fabric

Fabric powers the zero-trust hybrid service mesh, which consists of the Edge, Control, Security, and Sidecar. You can use Fabric to connect services regardless of language, framework, or runtime environment.

How does Fabric work?

  1. Fabric's sidecar proxies run alongside each microservice.

  2. Each proxy manages scaling, access control, and intercommunications. **

  3. The proxy layer orchestrates communications between microservices operating in the mesh to provide reliability, visibility, and security.

Secure network fabrics provide bridge points, observability, routing, policy assertion, and more between on-premise, multi-cloud, and multi-PaaS capabilities. Fabric offers workload distribution and management within a hybrid environment.

Support for Multiple Runtime Environments

Grey Matter supports multiple runtime environments with multi-mesh bridges as shown below. These environments include:

  • Multiple cloud providers (i.e. AWS and Azure)

  • Container management solutions (i.e., K8s, OpenShift and ECS)

  • On-premise infrastructure

The Grey Matter Hybrid Platform

Grey Matter gives you the flexibility to deploy the mesh to suit your environment. Learn more about our deployment options here.

OSI Model Layers

Fabric operates at OSI model layers 3 (network), 4 (transport), and 7 (application) simultaneously. Providing a powerful, performant, and unified platform to run, manage, connect, and perform distributed workloads across a hybrid architecture.

Layer 3 operates at the TCP level. Responsible for transferring data “packets” from one host to another using IP addresses, TCP ports, etc., determining which route is the most suitable from source to its destination. At this level, network-segmentation is able to be performed using ABAC, RBAC, and NGAC policies set within each sidecar. More details can be found in the Security Model section.

Layer 4 coordinates data transfer between clients and hosts. Adding load balancing, rate limiting, discovery, health checks, observability, and more built on top of TCP/IP. Layer 3 and 4 alone live within the TCP/IP space and are unable to make routing decisions based on different URLs to backend systems or services. This is where layer 7 comes into the architecture.

Layer 7 sits at the top of the OSI model, interacting directly with services and applications responsible for presenting data to users. HTTP requests and responses accessing services, webpages, images, data, etc. are layer 7 actions.

Grey Matter Fabric offers a fast, simple, and elegant model to build modern architecture while bridging legacy applications.

The following graphic shows Fabric's basic capabilities--access, routing decisions, rate limits, health checks, discoverability, observability, proxying, network and micro-segmentation--and how they leverage all features found within each of the OSI layers described above.

Grey Matter Fabric simultaneously functioning within layers 3, 4, and 7

Edge

Grey Matter Edge handles north/south traffic flowing through the mesh. Multiple edge nodes can be configured depending on throughput or regulatory requirements requiring segmented routing or security policy rules.

  • Traffic flow management in and out of the hybrid mesh.

  • Hybrid cloud jump points.

  • Load balancing and protocol control.

  • Edge OAuth security.

Note: the Grey Matter Edge and Grey Matter Sidecar are the same binary configured differently based on north/south and east/west access patterns.

Control

  • Automatic discovery throughout your hybrid mesh.

  • Templated static or dynamic sidecar configuration.

  • Telemetry and observable collection and aggregation.

  • Neural net brain.

  • API for advanced control.

Simple deployment architecture.

Security

Grey Matter Fabric offers the following security features:

  • Verifies that tokens presented by the invoking service are trusted for such operations.

  • Performs operations on behalf of a trusted third party within the Hybrid Mesh.

Sidecar

Add Grey Matter to services by deploying a sidecar proxy throughout your environment. This sidecar intercepts all network communication between microservices.

The Grey Matter Sidecar offers the following capabilities:

  • Multiple protocol support.

  • Observable events for all traffic and content streams.

  • Filter SDK.

  • Certified, Tested, Production-Ready Sidecars.

  • Native support for gRPC, HTTP/1, HTTP/2, and TCP.

gRPC Protocol Basics

  • gRPC is an RPC protocol implemented on top of HTTP/2

  • HTTP/2 is a Layer 7 (Application layer) protocol that runs on top of a TCP (Layer 4 - Transport layer) protocol

  • TCP runs on top of IP (Layer 3 - Network layer) protocol

Once you've deployed the Grey Matter Sidecar, you can configure and manage Grey Matter with its control plane functionality.

Grey Matter Control Plane Functionality

  • Automatic load balancing for HTTP, gRPC, WebSocket, and TCP traffic

  • Fine-grained control of traffic behavior with rich routing rules, retries, failovers, and fault injection

  • A policy layer and configuration API supporting access controls, rate limits and quotas

  • Automatic metrics, logs, and traces for all traffic within a cluster, including cluster ingress and egress

  • Secure service-to-service communication in a cluster with strong identity-based authentication and authorization

Example

The following diagram shows how the Grey Matter Sidecar would operate in a North/South traffic pattern.

North-South Traffic Pattern.

Grey Matter Data

Grey Matter Data is an API that enables secure and flexible access control for your microservices. Data consists of Grey Matter Data and JWT server, and includes an API Explorer to help you manage the API.

Grey Matter Data's API Explorer simplifies the user experience.

Grey Matter Sense

Grey Matter Sense consists of four primary components: Intelligence 360, SLO, Business Impact and Catalog.

Intelligence 360

Intelligence 360 is our user dashboard that paints a high-level picture of the service mesh. Intelligence 360 includes the following features:

  • Mesh Overview

    • Running state of all services

    • Search, sort and filter options

  • Historical metrics per service

    • SLA warnings/violations (powered by SLO)

    • Resource usage

    • Request traffic

    • Route usage

    • Route-level metrics

  • Real-time metrics per service instance

    • Service instance drilldown

    • Metrics explorer

  • Service configuration

    • Business impact

    • SLO

    • Sidecar settings

SLO

Grey Matter Service Level Objectives (SLOs) allows users to manage objectives towards service-level agreements. These objectives can be internal to business operations or made between a company and its customers. They are generic and are valuable in more than one use case.

Key Definition

SLOs are simply service performance objectives associated with metrics collected by the Grey Matter Sidecar, such as memory usage, request traffic (request rate, error rate, and latency).

SLOs combine with Intelligence 360 time-series charts to visualize warning and violation thresholds for targeted performance analysis. These objectives are used even further to train Sense AI for service scaling recommendations.

Business Impact

Business Impact allows users to set metadata on services with the goal of associating how critical a service is towards the operations of a company, mission, or customer. Business Impact provides a list of values (Critical, High, Medium, Low) that correlates each service's business impact. Sense lets users of Intelligence 360 configure these values themselves, which can be used to filter and search via the mesh overview.

Catalog

Grey Matter Catalog acts as an interface between the data plane (network of sidecars) of the service mesh and Intelligence 360. Catalog provides a user-focused representation of the mesh.

Learn how to use the Catalog here.

Questions?

Want to learn more about Grey Matter Sense? Contact us at info@greymatter.io to discuss your use case.

Need Help?

Create an account at Decipher Support to reach our team.