Recent discussions about service meshes have been dominated by vendors, each trying to frame the service mesh as a new technology that provides security, reliability, and observability for east-west traffic. However, just as microservices are an architectural pattern and not a specific technology, a service mesh is a new way to deploy features that in the past fell into the category of API management.
Marco Palladino discusses the service mesh as an architectural pattern, the reasons for its emergence, and the technical requirements for service mesh deployments. He covers the service mesh deployment pattern, including how in a service mesh, a proxy is deployed locally with each service in an application; each service only communicates directly with the proxy on its host; and proxies communicate with each other to pass traffic between services over the network. He also discusses the problems the pattern is designed to solve, including security, where proxies can encrypt all network traffic without services being aware of it; observability, where proxies collect metrics, logs, and tracing data from network traffic; reliability, where proxies can enforce rate limiting, retries, and handle network drops; composability, where swap or reuse services with nothing but a proxy configuration change; standardization, where east-west traffic can all be secured in the same way; and efficient development, where service developers can focus on business logic instead of interservice communication. Finally, he explains the requirements for any technology that supports this pattern, including that services can be any size, be any language, or run on any infrastructure or a mix; proxies need to be lightweight since an instance will be deployed with each service; proxies should be flexible and composable to provide security, reliability, and observability benefits; proxies should be simple to deploy and replace in containerized environments; and proxies should be self-reliant and resilient to network slowdowns and failures.
Marco Palladino is the cofounder and CTO of Kong, the most widely adopted operations support system (OSS) API and microservice gateway. Besides being a core maintainer, Marco is responsible for the design and delivery of Kong products and for providing the technical thought leadership around APIs and microservices within the company and its external community. An inventor, software developer, and internet entrepreneur based in San Francisco, California, he was also the cofounder of Mashape, which today is the largest API marketplace in the world.
©2019, O'Reilly Media, Inc. • (800) 889-8969 or (707) 827-7019 • Monday-Friday 7:30am-5pm PT • All trademarks and registered trademarks appearing on oreilly.com are the property of their respective owners. • firstname.lastname@example.org