Application Security

New Relic adds SRE features and readies security offering

New Relic adds SRE features and readies security offering
Written by ga_dahmani
New Relic adds SRE features and readies security offering

As enterprises increase their emphasis on the resiliency of distributed computing systems, SRE practices play a crucial role, prompting vendors like New Relic to expand observability tools accordingly.

Service Level Management (SLM), a new feature of the New Relic One platform, became generally available this week at no charge to existing customers. Provides a framework for site reliability engineering (SRE) teams to configure service level indicators (SLIs) and service level objectives (SLOs), automatically set baselines, and track the reliability of microservices according to these performance indicators.

A company spokesman also said New Relic plans to announce a security offering this year, but did not provide further details. FutureStack, the company’s annual user conference where major product updates are usually made, is scheduled for May.

New Relic SLM beta testers said this week’s vendor update reflects how the transition to a microservices architecture has expanded the role that both observability tools and SREs play in their enterprises, and welcomed the potential adding security monitoring to that mix. SREs have also begun to play a broader role in DevSecOps environments.

Ultimately, bringing multiple types of monitoring and measurement to capture the user experience, rather than tracking the raw performance of individual infrastructure components, is what makes microservices different from monoliths, the different observability of the monitoring and SREs different from traditional sysadmins, said one of New Relic’s early SLMs. adopter

“Monitoring is very useful when you have a good understanding of failure modes, such as exhausting finite system resources like memory or threads,” said Andrew Myers, senior manager of SRE at Zip.co, an Australian online payment company. line. “Observability helps us understand the state of a distributed system by looking at all the data it generates, not just individual data. [resources].”

Observability tools enter ruthless consolidation phase

At least some companies have started to consolidate observability tools with New Relic, adding distributed logging and tracking to traditional New Relic APM tools as they evolve, as well as metrics and data aggregation from third-party tools like Prometheus, and removing gradually the tools of the competition. like Splunk and Grafana as a result.

However, some companies are making consolidation decisions that favor other vendors as well, and New Relic is catching up to cater to SREs: Two of its main competitors, Dynatrace and Datadog, have had SLI and SLO monitoring features since 2020 and 2019. , respectively.

These competitors also cover an entire category of IT security monitoring and DevSecOps that New Relic has yet to address. The observability market is ripe for further attrition and consolidation as users continue to reduce the number of IT management tools they use, including for security, and New Relic must keep pace with competitors, including in monitoring. security, for long-term success.

“[Adding application security tools] it would make sense as they continue to focus more on the software delivery lifecycle and developers,” said Stephen Elliot, an analyst at IDC. “Code scanning is an interesting area, as are vulnerability assessments for developers.”

New Relic is also coming out of a major turmoil in May 2021, when it appointed a new CEO and overhauled its product portfolio to create New Relic One, a unified observability platform. According to the company latest earnings reportits revenue has grown steadily ever since, with 14,600 customers as of its fiscal third quarter, which ended in January.

However, while navigating the innovator’s dilemma, which is also creating turmoil for enterprise IT vendors Splunk and ServiceNow, New Relic has yet to return to profitability, forecasting relatively flat revenue in its fiscal fourth quarter and not expecting profitability until well entered fiscal year. 2023.

SREs, observability create harmony out of chaos

SREs have played the role of enabler as microservices matured into an early adopter of SLM, creating a centralized observability stack with New Relic and using it to orchestrate communication between developers, platform engineers, and product teams.

“In a monolithic environment, reliability was only on the SRE team; we were the only ones who cared if something went wrong in production,” said Stefan Kolesnikowicz, director of SRE at Achievers, a Toronto-based maker of employee recognition software.

However, as Achievers’ culture and microservice implementations on Google Cloud Platform grew, “everyone became responsible for reliability,” he said. The distributed nature of microservices, by definition, forces collaboration between the teams that develop and manage them, and their complexity cannot be handled by a single team.

Achievers’ SRE team created a self-service developer portal called Abattoir, in a nod to the oft-cited “cattle vs. pets” analogy that arose with the highly automated, ephemeral infrastructure that underpins rapidly changing microservice environments.

New Relic SLM will be located in Abattoir to enable software engineers and product teams to configure and track SLIs and SLOs for the services they manage, thanks in part to a new integration with Terraform that automatically creates objects in the database. New Relic observability behind the scenes.

“We have a checkbox for that, basically the engineers just say, ‘Yes, I want this,'” Kolesnikowicz said. “All of that is then translated into YAML, where the engineers write it, and it’s pushed through Terraform, [which] it talks to the New Relic API, which creates all those objects in New Relic.”

All of this reflects how system reliability has also risen to the top of the priority list at Achievers, Kolesnikowicz said, as it has among many companies with microservices going mainstream.

“We’re trying to be more stringent, so if your bug budget is running low, that’s your top priority, increasing your reliability before we can release new features and introducing more risk to our platform,” Kolesnikowicz said. “[New Relic SLM] It will give us a better idea of ​​how a system is performing and its impact on the rest of the platform, and integrations with the product will allow them to see, ‘Hey, you’re wasting your bug budget.'”

SLI/SLO wish lists: consumption rate alerts, edge metrics

Early adopters of SLM would like to see built-in error budget alerts added to the tool in a future release. They can use the New Relic query language to set up custom alerts like error budgeting burning rates reach certain thresholds, but it would be easier if that alert came pre-packaged with SLM.

“It would also be great to have some intelligence to help teams decide on realistic targets for service levels based on the historical data we have for reference,” said Zip.co’s Myers. “That’s been something we’ve needed to train our teams internally.”

Another potential enhancement for SLM in the future would be expanded support for the Prometheus metrics that Achievers monitors on its individual Kubernetes clusters through the Istio service network, according to Kolesnikowicz. New Relic One already adds Prometheus metrics for other uses, but hasn’t been integrated into SLM yet.

“If you are familiar with the SRE book, [it says] can bring the measurement closer to the user to improve its quality,” he said, referring to the Google Site Reliability Engineering Handbook. “Today we measure [SLIs] on the server side, we want to measure it on the load balancer, which would be on our Istio instance.”

Error budget consumption rates and Prometheus metrics support are on the vendor’s near-term roadmap for SLM, a New Relic spokesperson said.

Beth Pariseau, Senior News Writer at TechTarget, is an award-winning veteran of IT journalism. She can be contacted at [email protected] or on Twitter @PariseauTT.

About the author

ga_dahmani

Leave a Comment