Discover Better Value Faster
  • Home
    • CloudNow
    • Blog
  • App Development & Modernization
  • Agile & DevOps
  • Cloud
  • Digital Transformation
  • Data & Analytics
No Result
View All Result
  • Home
    • CloudNow
    • Blog
  • App Development & Modernization
  • Agile & DevOps
  • Cloud
  • Digital Transformation
  • Data & Analytics
No Result
View All Result
Discover Better Value Faster
No Result
View All Result
Home Application Development & Modernization

What is a Service Mesh, and why do you need one?

SatyaDev Addeppally by SatyaDev Addeppally
10 months ago
in Application Development & Modernization, Microservices
Reading Time: 3 minutes
What is a Service Mesh, and why do you need one?

What is a Service Mesh, and why do you need one?

0
SHARES
453
VIEWS
Share on FacebookShare on TwitterShare on WhatsappShare on LinkedIn

Imagine a situation where you have to test a new version of your application in a microservices architecture, using canary deployment, or where you have to secure traffic between two services or have to set up a failover strategy in case one of the services is unresponsive. In these circumstances, the traditional network layer of most container orchestration engines is woefully unequipped. Wherever the network layer of these engines has to be augmented, tools such as Service Meshes come into the picture.

What is a service mesh?

A service mesh is a “dedicated infrastructure layer for facilitating service-to-service communications between services or microservices, using a proxy.”

Related articles

Service Mesh: The best way to Encrypt East-West traffic in Kubernetes

How does a No-Code App Builder help enterprises?

Let us look more closely at this definition to understand it better. 

“A service mesh is a dedicated infrastructure layer…” – A service mesh is dedicated, which means that unlike built-in network layers which only support core orchestration functionality with basic features, its main purpose is selective and focused. What is its purpose?

“…for facilitating service-to-service communications between services or microservices”. This is fairly self explanatory. But how does it do this?

“…using a proxy.” A proxy is an entity that handles a specific task on behalf of another. In our case, it refers to the data plane of the service that proxies call to and from the service itself.

Having understood what a service mesh is, let’s delve more deeply into why we need it.

Why do we need it?

From the previous section, we understand that service mesh is an infrastructure layer that primarily caters to the microservice architecture pattern, though it is not restricted to that.

Some of the most common problems faced in microservice networks are:

  1. It’s difficult to manage the vast number of microservices, their versions and so on, in and across environments.
  2. The complicated and large networks provide a larger attack vector for cybersecurity threats.
  3. There is a lack of fine-grained control over inter-service networks.
  4. It’s challenging to manage complicated firewall rules and port mappings.

As more people adopt microservices, the above problems are only compounded. This is where the service mesh steps in, to solve these problems.

Features of a service mesh

  1. Service discovery

Using a container management framework, service discovery maintains a list of instances that are ready to be discovered by other services. This helps create and maintain a topological map of the network in real-time. Enabling segregation of services into categories leads to better organization and management. Other important features related to service discovery include health checks, load balancing and failover implementation. By keeping track of healthy instances and recording the unhealthy ones, we can configure service meshes to re-route requests to healthy instances of the same application.

  1. Zero Trust Security Model

With growing adoption of tools such as Kubernetes, Nomad and others, manual configuration of networks is no longer possible. This complexity is increased especially in Kubernetes and public cloud infrastructure, where IP addresses and DNS names change unpredictably. Service mesh allows for the encryption of communication between services using mTLS and also the verification of identity. The service mesh components use proxies to control communication between local service instances and other services in the network. They also ensure that the TLS connections are verified and encrypted.

  1. Fine-grained network control

Proxies attached to services allow us to control traffic and enforce security, but they also allow us to define policies that allow more control over which service is allowed to communicate to whom. This can be done through a simple allow/deny policy. This simplifies the problem mentioned above, regarding complex firewall rules and IP address management.

Comparison between some popular service meshes in the market

Istio LinkerD Consul
Supported workloads Kubernetes and VMs Kubernetes only Kubernetes and VMs
Single point of failure No No No, but managing the High Availability version is complex
Sidecar proxy Yes Yes Yes
Per node agent No No Yes
mTLS Yes Yes Yes
Certificate management Yes Yes Yes
Authentication and Authorization Yes Yes Yes
Communication protocols supported HTTP/1.x, HTTP/2, gRPC, TCP  HTTP/1.x, HTTP/2, gRPC, TCP  HTTP/1.x, HTTP/2, gRPC, TCP 
Blue Green Deployments (Canary deployments) Yes Yes Yes
Circuit breaking Yes No Yes
Rate Limiting Yes Yes Yes
Fault injection Yes No Yes
Monitoring Prometheus Prometheus Prometheus
Multi cluster Yes No Yes
Complexity High Low Medium

When you’re working with microservices architecture and technologies like Kubernetes, it’s important to use all the tools at your disposal to simplify the process. A service mesh is an important part of this process.

Previous Post

Digital transformation: The key to all kinds of planning, whether “just in case” or “just in time”

Next Post

Kubernetes 101: Introduction, Glossary, and Benefits

SatyaDev Addeppally

SatyaDev Addeppally

Enterprising leader with an analytical bent of mind offering a proven history of success by supervising, planning & managing multifaceted projects & complex dependencies; chronicled success with 22 years of extensive experience including international experience.

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Next Post
Kubernetes 101: Introduction, Glossary, and Benefits

Kubernetes 101: Introduction, Glossary, and Benefits

Why is responsive design so important?

Why is responsive design so important?

Could TypeScript replace JavaScript?

Could TypeScript replace JavaScript?

Related Posts

Service Mesh: The best way to Encrypt East-West traffic in Kubernetes

Service Mesh: The best way to Encrypt East-West traffic in Kubernetes

by Abdul Rahman
9 months ago
Reading Time: 3 minutes

With their ability to simplify application processes and speed up development cycles, scale up efficiently, and provide enterprises with customizable software, organizations are increasingly migrating to...

How does a No-Code App Builder help enterprises?

How does a No-Code App Builder help enterprises?

by Baskar RV
9 months ago
Reading Time: 2 minutes

If you’re developing a minor application for internal use, or bootstrapping your small outward-facing app, chances are that the costs and timelines quoted by full-stack developers...

Kubernetes 101: Introduction, Glossary, and Benefits

Kubernetes 101: Introduction, Glossary, and Benefits

by Sridhar T
10 months ago
Reading Time: 3 minutes

With the widespread use of containerization, Kubernetes, an open-source container-centric management software, has seen a surge in popularity. Originally developed at Google and released as an...

What is the difference between LMSs in a B2B and B2C context?

What is the difference between LMSs in a B2B and B2C context?

by Hareesh M
11 months ago
Reading Time: 3 minutes

With the pandemic pushing people and students to work and learn from home, the global learning management system (LMS) market size has seen tremendous growth. In...

Keycloak: an IAM solution your enterprise should consider

Keycloak: an IAM solution your enterprise should consider

by Sridhar T
11 months ago
Reading Time: 2 minutes

According to the State of Developer-Driven Security 2022 survey from Secure Code Warrior, as many as 86% of the developers interviewed do not view application security...

Newsletter

Subscribe To Our Newsletter

Join our mailing list to receive the
latest news and updates from our team.

Polls

Thanks for reading.
On which of the following topics would you like to see more content from CloudNow in the future?

View Results

Loading ... Loading ...
  • Polls Archive

Recommended Post

Infrastructure Automation: What is it? What does it do?
Digital Transformation

Infrastructure Automation: What is it? What does it do?

3 years ago
4 ways to leverage digital transformation to manage your hybrid workforce
Digital Transformation

4 ways to leverage digital transformation to manage your hybrid workforce

2 years ago
How Migration to the Cloud has Enabled Banking Firms to Stay Ahead of the Curve
Cloud Migration

How Migration to the Cloud has Enabled Banking Firms to Stay Ahead of the Curve

3 years ago
Agile vs Devops
Agile & DevOps

Agile vs. DevOps: The Similarities and Differences

4 years ago

Solutions

  • Cloud Advisory
  • Migration & Deployment
  • Application Development & Modernization
  • DevOps
  • Testing as a Service
  • Managed Services
  • Data & Analytics
  • API Ecosystem
  • User Lifecycle Management

Industries

  • Financial Services Industry
  • Retail Industry
  • Healthcare Industry
  • Manufacturing Industry

Resources

  • Banking
  • Capital Markets
  • High Growth
  • Blogs

Company

  • Our Story
  • Why CloudNow
  • Partners
  • Careers
  • Contact Us

Contact

  • USA : +1 803 746 7178
  • IND : 044-24619130
  • info@cloudnowtech.com

© 2023 CloudNowTech

  • About
  • Privacy Policy
  • Contact
No Result
View All Result
  • All Blogs
  • Application Development & Modernization
  • Agile & DevOps
  • Cloud
  • Digital Transformation
  • Data & Analytics
  • Quality Assurance

© 2023 CloudNowTech

Subscribe To Our Newsletter

Join our mailing list to receive the
latest news and updates from our team.

Thank You

Thank you for reaching out. We have received your inquiry.
One of our team members will get in touch with you shortly.

Contact Us
Are you sure want to unlock this post?
Unlock left : 0
Are you sure want to cancel subscription?