Discover Better Value Faster
  • Home
    • CloudNow
    • Blog
  • App Development & Modernization
  • Agile & DevOps
  • Cloud
  • Digital Transformation
  • Data & Analytics
No Result
View All Result
  • Home
    • CloudNow
    • Blog
  • App Development & Modernization
  • Agile & DevOps
  • Cloud
  • Digital Transformation
  • Data & Analytics
No Result
View All Result
Discover Better Value Faster
No Result
View All Result
Home Application Development & Modernization

Service Mesh: The best way to Encrypt East-West traffic in Kubernetes

Abdul Rahman by Abdul Rahman
3 years ago
in Application Development & Modernization, Microservices
Reading Time: 3 minutes
Service Mesh: The best way to Encrypt East-West traffic in Kubernetes
0
SHARES
1.3k
VIEWS
Share on FacebookShare on TwitterShare on WhatsappShare on LinkedIn

With their ability to simplify application processes and speed up development cycles, scale up efficiently, and provide enterprises with customizable software, organizations are increasingly migrating to microservices (Netflix and BBC being two cases in point, who moved from a monolithic to a microservices architecture).

In fact, the Cloud Microservices Market was valued at USD 831.45 million in 2020 and is expected to reach USD 2701.36 million by 2026, registering a CAGR of approximately 21.7% over the forecast period.

Related articles

How does a No-Code App Builder help enterprises?

Kubernetes 101: Introduction, Glossary, and Benefits

But although microservices are growing significantly in popularity, the architecture is complex, especially in terms of inter-service communication and security. You’ve got two types of communication or traffic here:

  • East-west traffic (which refers to the transfer of data packets between servers within a cluster or between services), which is not secured in Kubernetes by default; and
  • North-south traffic (in and out of the network or from user to cluster, usually), which is secured by API Gateway/API Management/Ingress Gateway

Now, what organizations need is ‘something’ to direct this traffic to their endpoints. The service mesh is that crucial ‘something’ that allows developers to seamlessly connect, manage, and secure networks of different microservices, regardless of platform, source, or vendor.

What is a service mesh?

A service mesh is a dedicated infrastructure layer for handling service-to-service communication and secure traffic management. It is most commonly used in Kubernetes for security, authentication, and authorization. Its components include a Control plane (the brain, which provides the configuration for the proxies) and a Data plane (made up of lightweight proxies such as sidecars and where all the action takes place).

Why do you need a service mesh?

Inside a Kubernetes cluster, you have multiple microservices, and one of the biggest challenges in developing cloud-native applications is speeding up the number of deployments. Service mesh offers shorter and more frequent deployments, which translate to reduced time-to-market and faster bug fixes.

Also, while Kubernetes can handle internal communication, it may not be as secure as Kubernetes secures communication with an SSL certificate for interacting with the cluster only, and not within the cluster. A service mesh with a Mutual TLS (mTLS) ensures that the parties at each end of a network connection are verified (usually by making use of a private key), and the internal pod communication is secure, fast, and reliable.

Another advantage of a service mesh is that since it is a dedicated layer of proxies through which service-to-service communication passes, it is uniquely positioned to monitor services.

Some service meshes also support tracing, which helps developers to troubleshoot problems like sequencing and request-specific issues.

More services mean more network traffic, but a service mesh provides the ability (and infrastructure) to secure network calls through authentication and encryption of traffic between services. Typically with K8s, you have security only at the API server when accessing the cluster (north-south security). The service mesh secures each service within the cluster also (east-west security) with identity-based authentication.

How does a service mesh work?

A service mesh architecture uses a “mesh of proxies” (called a sidecar), which attach to each application container, container orchestration unit, such as a Kubernetes pod.

The Control Plane, which is the brain of the service mesh, works as a configuration server and controls the proxies’ behavior across the mesh. The control plane is where users specify authentication policies or gather metrics. It essentially provides dynamic support and management of apps in partnership with the Kubernetes API server.

The Data Plane is the mesh of intelligent proxies or envoys that contain the actual services and data. When a namespace is labeled with the service mesh, a sidecar container is created and deployed along with the application, which will act as a frontend to mediate and control all network communication between microservices.

In short, the control plane controls how data is forwarded, while the data plane is the forwarding process.

With microservice deployment and management being critical in today’s cloud-native environment, DevOps teams need processes in place to automate deployment strategies that minimize risk and maximize uptime. CloudNow offers cloud migration and management services. Give us a call today to explore more.

Previous Post

How does a No-Code App Builder help enterprises?

Next Post

What are regular expressions, and why should you use them?

Abdul Rahman

Abdul Rahman

Abdul is a Certified AWS Solution Architect Associate at CloudNow with 5 years of experience in the cloud and DevOps domain. He is experienced in multi-cloud development across Amazon Web Services, Microsoft Azure, and Google Cloud.

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Next Post
What are regular expressions, and why should you use them?

What are regular expressions, and why should you use them?

Advantage JS: Why is JavaScript so popular?

Advantage JS: Why is JavaScript so popular?

3 important LMS features to increase team efficiency

3 important LMS features to increase team efficiency

Related Posts

How does a No-Code App Builder help enterprises?

How does a No-Code App Builder help enterprises?

by Baskar RV
3 years ago
Reading Time: 2 minutes

If you’re developing a minor application for internal use, or bootstrapping your small outward-facing app, chances are that the costs and timelines quoted by full-stack developers...

Kubernetes 101: Introduction, Glossary, and Benefits

Kubernetes 101: Introduction, Glossary, and Benefits

by Sridhar T
3 years ago
Reading Time: 3 minutes

With the widespread use of containerization, Kubernetes, an open-source container-centric management software, has seen a surge in popularity. Originally developed at Google and released as an...

What is a Service Mesh, and why do you need one?

What is a Service Mesh, and why do you need one?

by SatyaDev Addeppally
3 years ago
Reading Time: 3 minutes

Imagine a situation where you have to test a new version of your application in a microservices architecture, using canary deployment, or where you have to...

What is the difference between LMSs in a B2B and B2C context?

What is the difference between LMSs in a B2B and B2C context?

by Hareesh M
3 years ago
Reading Time: 3 minutes

With the pandemic pushing people and students to work and learn from home, the global learning management system (LMS) market size has seen tremendous growth. In...

Keycloak: an IAM solution your enterprise should consider

Keycloak: an IAM solution your enterprise should consider

by Sridhar T
3 years ago
Reading Time: 2 minutes

According to the State of Developer-Driven Security 2022 survey from Secure Code Warrior, as many as 86% of the developers interviewed do not view application security...

Newsletter

Subscribe To Our Newsletter

Join our mailing list to receive the
latest news and updates from our team.

Polls

Thanks for reading.
On which of the following topics would you like to see more content from CloudNow in the future?

View Results

Loading ... Loading ...
  • Polls Archive

Recommended Post

5 Microservices Antipatterns To Watch Out For
Application Development & Modernization

5 Microservices Antipatterns To Watch Out For

6 years ago
Integrating Google Maps API: Boost Your Business with Advanced Mapping Solutions
Google Workspace

Integrating Google Maps API: Boost Your Business with Advanced Mapping Solutions

1 year ago
Elevating Security with DevSecOps Services: A Comprehensive Guide
Others

Elevating Security with DevSecOps Services: A Comprehensive Guide

2 years ago
Traditional Vs Modern ETL – A comparison of Capabilities
Data & Analytics

Traditional Vs Modern ETL – A comparison of Capabilities

6 years ago

Solutions

  • Cloud Advisory
  • Migration & Deployment
  • Application Development & Modernization
  • DevOps
  • Testing as a Service
  • Managed Services
  • Data & Analytics
  • API Ecosystem
  • User Lifecycle Management

Industries

  • Financial Services Industry
  • Retail Industry
  • Healthcare Industry
  • Manufacturing Industry

Resources

  • Banking
  • Capital Markets
  • High Growth
  • Blogs

Company

  • Our Story
  • Why CloudNow
  • Partners
  • Careers
  • Contact Us

Contact

  • USA : +1 803 746 7178
  • IND : 044-24619130
  • info@cloudnowtech.com

© 2023 CloudNowTech

  • About
  • Privacy Policy
  • Contact
No Result
View All Result
  • All Blogs
  • Application Development & Modernization
  • Agile & DevOps
  • Cloud
  • Digital Transformation
  • Data & Analytics
  • Quality Assurance

© 2023 CloudNowTech

Subscribe To Our Newsletter

Join our mailing list to receive the
latest news and updates from our team.

Thank You

Thank you for reaching out. We have received your inquiry.
One of our team members will get in touch with you shortly.

Contact Us
Are you sure want to unlock this post?
Unlock left : 0
Are you sure want to cancel subscription?