Skip to main content

SRE Revisited: SLO in the Age of Microservices

Dotan Horovits
Logz.io

Site Reliability Engineering (SRE) practice was established by Google nearly 20 years ago and was popularized with Google's monumental SRE Book. Everyone's been attempting to follow that iconic path ever since.

What Are SLI, SLO and SLA Anyway?

SRE practice revolves around the concepts of SLO, SLI, SLA, and the related "error budget." The Google SRE Book, which laid the foundations for the practice, defines them as follows:

Service Level Indicator (SLI) is a carefully defined quantitative measure of some aspect of the level of service that is provided. Common examples include latency, error rate, request throughput and availability.

Service Level Objective (SLO) is a target value or range of values for a service level that is measured by an SLI. For example, an SLO can state that the average latency per request should be under 120 milliseconds. Many companies set SLO targets as a number of nines, for example "five nines" uptime means 99.999% uptime, which means a maximum of 5.26 minutes downtime per year.

Service Level Agreement (SLA) is an explicit or implicit contract with your users that includes consequences of meeting (or missing) the SLOs they contain. Put simply, if you've got a penalty attached to breaching an SLO — you're talking SLA.

SRE typically doesn't deal with SLA directly, as it's more commercial in nature. Rather, the SRE is concerned with meeting the SLOs that underlie the SLA.

Error budget is an important related concept, which determines the rate at which the SLOs can be missed. Error budget is an important indicator for meeting the SLO goals consistently, and SRE teams track it weekly and even daily. Error budget is also important, as it enables downtime windows that can be used for maintenance, experimenting with new features, and other innovation.

So How Is SRE Changing in the Age of Microservices?

The SRE concepts remain valid these days as they've been before. But then again, their system of reference has drastically changed.

SLOs have traditionally referred to assets such as the application's binary or other deployment artifacts. That made perfect sense when the binary encapsulated the entire application, or a major piece of it such as the business logic tier.

In the world of microservices, however, the deployed artifacts are, well — microservices. And as the name suggests, each individual micro-service executes only a tiny piece of functionality.
In such systems it makes little sense to track SLO on the individual artifacts. SLO should refer to the functionality that is meaningful to the users.

Therefore, the practice of monitoring SLO on the service binary is no longer relevant.

In microservice architecture, rather than the individual service, it is the mesh of services that needs to play well together to execute. In these systems, tens and even hundreds of services may be traversed in order to satisfy a single user request. In these systems, rather than monitoring individual services, SLI and SLO should be defined for flows and user journeys.

The complex request flows brought about the rise of Distributed Tracing discipline. It enables tracing a single request through the call chain between the different interacting microservices, by propagating context along the request path. It's typically used to pinpoint where failures occur and what causes poor performance. However, tracing can also be used to trace FinOps and business workflows.

Google Dapper is in fact one of the forefathers of modern distributed tracing, which served as inspiration for tools such as Jaeger and Zipkin. According to Ramón Medrano Llamas, a staff site reliability engineer at Google who leads the SRE team in charge of Google's identity services, "it's the closest tool we have right now for a definite observability tool."

To make things more interesting, these user journeys not only span several services, but may actually involve a few requests. Let's look for an example at the Google sign-in process: as Ramón from Google shares, what used to be a matter of three calls in the pre-microservices era, is today a full business flow, consisting of multiple steps: loading page, then putting username & password, then second factor auth. and so on. Each individual step is a request, triggering a chain of microservices to satisfy. And the overall multi-step flow isn't stateful, it depends on the end user to carry it over from step to step. Monitoring these business flows is less trivial, but that's what we need to measure to ensure the functionality we deliver to the user.

How should you go about defining SLO then?

■ Start by identifying the main flows and user journeys in your system. These should be well defined as part of the system and product specifications.

■ Then for each flow, clarify the expected end result from the user perspective, to define the SLI. This should also be a direct derivative of the product flow definition.

■ If needed, add missing instrumentation to track, collect and aggregate the relevant metrics to measure the defined SLI.

■ Make sure that the relevant flow context is propagated throughout your system. This will serve to associate a metric with the respective tenant, account or similar entities.

■ Carefully define the SLO around each SLI, to meet technical and business goals. This often involves additional stakeholders, to factor in the tradeoff between stability and velocity of innovation.

■ Start monitoring the SLI and set relevant alerting according to the threshold defined by the SLO. Track your error budget regularly to see how close you get to the SLO bar.

Dotan Horovits is Principal Developer Advocate at Logz.io
APM

Hot Topics

The Latest

64% of enterprise networking teams use internally developed software or scripts for network automation, but 61% of those teams spend six or more hours per week debugging and maintaining them, according to From Scripts to Platforms: Why Homegrown Tools Dominate Network Automation and How Vendors Can Help, my latest EMA report ...

Cloud computing has transformed how we build and scale software, but it has also quietly introduced one of the most persistent challenges in modern IT: cost visibility and control ... So why, after more than a decade of cloud adoption, are cloud costs still spiraling out of control? The answer lies not in tooling but in culture ...

CEOs are committed to advancing AI solutions across their organization even as they face challenges from accelerating technology adoption, according to the IBM CEO Study. The survey revealed that executive respondents expect the growth rate of AI investments to more than double in the next two years, and 61% confirm they are actively adopting AI agents today and preparing to implement them at scale ...

Image
IBM

 

A major architectural shift is underway across enterprise networks, according to a new global study from Cisco. As AI assistants, agents, and data-driven workloads reshape how work gets done, they're creating faster, more dynamic, more latency-sensitive, and more complex network traffic. Combined with the ubiquity of connected devices, 24/7 uptime demands, and intensifying security threats, these shifts are driving infrastructure to adapt and evolve ...

Image
Cisco

The development of banking apps was supposed to provide users with convenience, control and piece of mind. However, for thousands of Halifax customers recently, a major mobile outage caused the exact opposite, leaving customers unable to check balances, or pay bills, sparking widespread frustration. This wasn't an isolated incident ... So why are these failures still happening? ...

Cyber threats are growing more sophisticated every day, and at their forefront are zero-day vulnerabilities. These elusive security gaps are exploited before a fix becomes available, making them among the most dangerous threats in today's digital landscape ... This guide will explore what these vulnerabilities are, how they work, why they pose such a significant threat, and how modern organizations can stay protected ...

The prevention of data center outages continues to be a strategic priority for data center owners and operators. Infrastructure equipment has improved, but the complexity of modern architectures and evolving external threats presents new risks that operators must actively manage, according to the Data Center Outage Analysis 2025 from Uptime Institute ...

As observability engineers, we navigate a sea of telemetry daily. We instrument our applications, configure collectors, and build dashboards, all in pursuit of understanding our complex distributed systems. Yet, amidst this flood of data, a critical question often remains unspoken, or at best, answered by gut feeling: "Is our telemetry actually good?" ... We're inviting you to participate in shaping a foundational element for better observability: the Instrumentation Score ...

We're inching ever closer toward a long-held goal: technology infrastructure that is so automated that it can protect itself. But as IT leaders aggressively employ automation across our enterprises, we need to continuously reassess what AI is ready to manage autonomously and what can not yet be trusted to algorithms ...

Much like a traditional factory turns raw materials into finished products, the AI factory turns vast datasets into actionable business outcomes through advanced models, inferences, and automation. From the earliest data inputs to the final token output, this process must be reliable, repeatable, and scalable. That requires industrializing the way AI is developed, deployed, and managed ...

SRE Revisited: SLO in the Age of Microservices

Dotan Horovits
Logz.io

Site Reliability Engineering (SRE) practice was established by Google nearly 20 years ago and was popularized with Google's monumental SRE Book. Everyone's been attempting to follow that iconic path ever since.

What Are SLI, SLO and SLA Anyway?

SRE practice revolves around the concepts of SLO, SLI, SLA, and the related "error budget." The Google SRE Book, which laid the foundations for the practice, defines them as follows:

Service Level Indicator (SLI) is a carefully defined quantitative measure of some aspect of the level of service that is provided. Common examples include latency, error rate, request throughput and availability.

Service Level Objective (SLO) is a target value or range of values for a service level that is measured by an SLI. For example, an SLO can state that the average latency per request should be under 120 milliseconds. Many companies set SLO targets as a number of nines, for example "five nines" uptime means 99.999% uptime, which means a maximum of 5.26 minutes downtime per year.

Service Level Agreement (SLA) is an explicit or implicit contract with your users that includes consequences of meeting (or missing) the SLOs they contain. Put simply, if you've got a penalty attached to breaching an SLO — you're talking SLA.

SRE typically doesn't deal with SLA directly, as it's more commercial in nature. Rather, the SRE is concerned with meeting the SLOs that underlie the SLA.

Error budget is an important related concept, which determines the rate at which the SLOs can be missed. Error budget is an important indicator for meeting the SLO goals consistently, and SRE teams track it weekly and even daily. Error budget is also important, as it enables downtime windows that can be used for maintenance, experimenting with new features, and other innovation.

So How Is SRE Changing in the Age of Microservices?

The SRE concepts remain valid these days as they've been before. But then again, their system of reference has drastically changed.

SLOs have traditionally referred to assets such as the application's binary or other deployment artifacts. That made perfect sense when the binary encapsulated the entire application, or a major piece of it such as the business logic tier.

In the world of microservices, however, the deployed artifacts are, well — microservices. And as the name suggests, each individual micro-service executes only a tiny piece of functionality.
In such systems it makes little sense to track SLO on the individual artifacts. SLO should refer to the functionality that is meaningful to the users.

Therefore, the practice of monitoring SLO on the service binary is no longer relevant.

In microservice architecture, rather than the individual service, it is the mesh of services that needs to play well together to execute. In these systems, tens and even hundreds of services may be traversed in order to satisfy a single user request. In these systems, rather than monitoring individual services, SLI and SLO should be defined for flows and user journeys.

The complex request flows brought about the rise of Distributed Tracing discipline. It enables tracing a single request through the call chain between the different interacting microservices, by propagating context along the request path. It's typically used to pinpoint where failures occur and what causes poor performance. However, tracing can also be used to trace FinOps and business workflows.

Google Dapper is in fact one of the forefathers of modern distributed tracing, which served as inspiration for tools such as Jaeger and Zipkin. According to Ramón Medrano Llamas, a staff site reliability engineer at Google who leads the SRE team in charge of Google's identity services, "it's the closest tool we have right now for a definite observability tool."

To make things more interesting, these user journeys not only span several services, but may actually involve a few requests. Let's look for an example at the Google sign-in process: as Ramón from Google shares, what used to be a matter of three calls in the pre-microservices era, is today a full business flow, consisting of multiple steps: loading page, then putting username & password, then second factor auth. and so on. Each individual step is a request, triggering a chain of microservices to satisfy. And the overall multi-step flow isn't stateful, it depends on the end user to carry it over from step to step. Monitoring these business flows is less trivial, but that's what we need to measure to ensure the functionality we deliver to the user.

How should you go about defining SLO then?

■ Start by identifying the main flows and user journeys in your system. These should be well defined as part of the system and product specifications.

■ Then for each flow, clarify the expected end result from the user perspective, to define the SLI. This should also be a direct derivative of the product flow definition.

■ If needed, add missing instrumentation to track, collect and aggregate the relevant metrics to measure the defined SLI.

■ Make sure that the relevant flow context is propagated throughout your system. This will serve to associate a metric with the respective tenant, account or similar entities.

■ Carefully define the SLO around each SLI, to meet technical and business goals. This often involves additional stakeholders, to factor in the tradeoff between stability and velocity of innovation.

■ Start monitoring the SLI and set relevant alerting according to the threshold defined by the SLO. Track your error budget regularly to see how close you get to the SLO bar.

Dotan Horovits is Principal Developer Advocate at Logz.io
APM

Hot Topics

The Latest

64% of enterprise networking teams use internally developed software or scripts for network automation, but 61% of those teams spend six or more hours per week debugging and maintaining them, according to From Scripts to Platforms: Why Homegrown Tools Dominate Network Automation and How Vendors Can Help, my latest EMA report ...

Cloud computing has transformed how we build and scale software, but it has also quietly introduced one of the most persistent challenges in modern IT: cost visibility and control ... So why, after more than a decade of cloud adoption, are cloud costs still spiraling out of control? The answer lies not in tooling but in culture ...

CEOs are committed to advancing AI solutions across their organization even as they face challenges from accelerating technology adoption, according to the IBM CEO Study. The survey revealed that executive respondents expect the growth rate of AI investments to more than double in the next two years, and 61% confirm they are actively adopting AI agents today and preparing to implement them at scale ...

Image
IBM

 

A major architectural shift is underway across enterprise networks, according to a new global study from Cisco. As AI assistants, agents, and data-driven workloads reshape how work gets done, they're creating faster, more dynamic, more latency-sensitive, and more complex network traffic. Combined with the ubiquity of connected devices, 24/7 uptime demands, and intensifying security threats, these shifts are driving infrastructure to adapt and evolve ...

Image
Cisco

The development of banking apps was supposed to provide users with convenience, control and piece of mind. However, for thousands of Halifax customers recently, a major mobile outage caused the exact opposite, leaving customers unable to check balances, or pay bills, sparking widespread frustration. This wasn't an isolated incident ... So why are these failures still happening? ...

Cyber threats are growing more sophisticated every day, and at their forefront are zero-day vulnerabilities. These elusive security gaps are exploited before a fix becomes available, making them among the most dangerous threats in today's digital landscape ... This guide will explore what these vulnerabilities are, how they work, why they pose such a significant threat, and how modern organizations can stay protected ...

The prevention of data center outages continues to be a strategic priority for data center owners and operators. Infrastructure equipment has improved, but the complexity of modern architectures and evolving external threats presents new risks that operators must actively manage, according to the Data Center Outage Analysis 2025 from Uptime Institute ...

As observability engineers, we navigate a sea of telemetry daily. We instrument our applications, configure collectors, and build dashboards, all in pursuit of understanding our complex distributed systems. Yet, amidst this flood of data, a critical question often remains unspoken, or at best, answered by gut feeling: "Is our telemetry actually good?" ... We're inviting you to participate in shaping a foundational element for better observability: the Instrumentation Score ...

We're inching ever closer toward a long-held goal: technology infrastructure that is so automated that it can protect itself. But as IT leaders aggressively employ automation across our enterprises, we need to continuously reassess what AI is ready to manage autonomously and what can not yet be trusted to algorithms ...

Much like a traditional factory turns raw materials into finished products, the AI factory turns vast datasets into actionable business outcomes through advanced models, inferences, and automation. From the earliest data inputs to the final token output, this process must be reliable, repeatable, and scalable. That requires industrializing the way AI is developed, deployed, and managed ...