What the heck is Service Mesh?
A new design pattern makes communication between services easy
Microservices has been a buzzword in the tech world for many years now. If you have implemented microservices you would know it is hard to keep track of how the services interact with one other.
Service mesh is here to solve this problem. A service mesh provides an infrastructure layer to handle inter-service communication. It makes communication secure and reliable. Other capabilities include load balancing, authentication, authorization, service discovery, and many more.
How does it work?
Sidecar extends the functionality of the service with which it is attached. Service and the sidecar are loosely coupled.
An independent sidecar as in real life does not serve any purpose. In the scenario of Service Mesh, the sidecar pattern is used as a proxy to securely communicate with other services.
You offload protocols, parameters, and configurations related to communication to the sidecar. This makes the microservice independent of the protocols that are used for communication.
Changes in inter-service communication do not affect the services at all.
Functions of Service Mesh
Following are the components of Service Mesh and their functions —
Service instance Pod
A copy of a service is called an instance. A pod is an instance of a service. It could be a single container or a bunch of containers.
Container orchestration
You need a framework to do container orchestration as all the services are deployed in containers. Kubernetes is dominating this use case and is the most widely used tool for this purpose.
Sidecar
As explained earlier sidecar is the proxy that manages everything related to the communication of a service to which it is attached. All inbound and outbound traffic is managed by the sidecar.
Secure communication
There are two functions of secure communication — Encryption and Authentication and Authorization.
Service mesh has the capability to encrypt and decrypt the data transfers between the services. It also manages the timeouts and reuse of the existing connections. Existing Service meshes can be encrypted data on channels using mTLS, PKI, and other protocols.
The service mesh can also authorize and authenticate requests from the web or between the services.
Service discovery and load balancing
Service discovery helps you discover instances of service. Service mesh uses application-layer load balancing.
Service discovery helps a service discover an available instance of other services with which the service wants to interact.
Control Plane
Service mesh is a distributed system, you need a centralized control plane to manage the system. The control plane enforces the network attributes like routing tables, load balancing, service discovery, etc.
Conclusion
Companies like Netflix, Lyft, and Twitter have built several microservices for themselves. Many developers follow their designs for their applications. If you have a few microservices then the simpler architectures are good enough. Architectures like service mesh are good if you have 100s of microservices.
Like to experience Medium yourself? Consider supporting me and other writers by signing up for a membership. Membership is only $5 per month, it supports us, writers, at no extra cost. You get a chance to make money with your writing as well. If you do so, I receive a portion of the fee, and it won’t cost you more. Thank you!
