Service Mesh: What is it
December 13, 2019
As we mentioned in previous articles, the IT industry is ever-changing, new technologies focus on approaches set on more functionality, efficiency, and security. So, how can service mesh improve applications?
One big change in IT is the breaking down of monolithic applications into microservices. This architecture comprises a method that allows services to be developed and maintained independently by small teams, enabling development through different technologies, allowing components to scale at different rates. microservices run on containers, which are essentially packages of code and dependencies that can be moved easily from one server to another. Yet, as communication between microservices become more and more complex, applications get larger.
The goal of a service mesh is to control how different parts of an application share and register data so it can be determined how different parts of the application interact with each other. The objective is optimization so that tasks such as programming and administrative requirements can be reduced, saving time and costs. The process is simple, as Red Hat describes it, “If a user of an online retail app wants to buy something, they need to know if the item is in stock. So, the service that communicates with the company’s inventory database needs to communicate with the product webpage, which itself needs to communicate with the user’s online shopping cart.”
Implementing a service mesh starts with a sidecar, in other words, by deploying a proxy alongside your services. The sidecar is a crucial part of the process as it removes the intricacies from the application while managing the functionalities, being traffic management, load balancing, and circuit breaking, among others. Envoy is amongst the most well-known open-source proxy available, directed to cloud-native applications. By running alongside the services, it delivers the needed features.
When it comes to a cloud-native environment, tracking traffic behavior isn’t always a walk in the park, especially when the flow is immense and elaborate. The whole journey of a message moving between layers of the infrastructure and going from pod to pod on a specific track demands an attentive approach. Through transparency, it’s possible to track in a much easier manner the behavior in which application services are provided.
A rise in microservices translates into a growth of network traffic. Although great, this translates into an opportunity for hackers to disrupt the communication process. A service mesh provides security by offering shared TLS protocol as a full-stack solution to solve service issues in authentication, encryption traffic and executing security policies.
It’s a no brainer that encryption is the cornerstone of any network. Service mesh has the advantage of managing certificates, keys and TLS configurations. Thanks to service mesh, users don’t need to worry about or device encryption or manage certificates. All of these tasks are carried from the app developer to the framework layer. In sum, a service mesh comprises of several services and functions, such as Container orchestration framework, Services and instances (Kubernetes pods), Sidecar proxy, Service discovery, load balancing, Authentication and authorization and Support for the circuit breaker pattern. As businesses are increasingly shifting to a microservice architecture, the advantages of service mesh provide additional capabilities, providing a more secure, faster and less complex approach.