service mesh
2022-03-25 · 2 min read
Blog: https://linkerd.io/what-is-a-service-mesh/
A service mesh like linkerd is a tool for adding observability, security, and reliability features to “cloud native” applications by transparently inserting this functionality at the platform layer rather than the application layer.
- Deployed as a sidecar alongside application in each pod.
- Transparently proxies all inbound and outbound requests to the application container.
- The proxies comprise the service mesh's data plane.
- The proxies are configured and controlled by the control plane.
Pros: + Reduce complexity in application code. + Migrate common features needed by all your applications into the common service mesh layer. + Get useful features "for free" just by integrating a service mesh.
Cons:
- Added overhead from service mesh proxying all inbound and outbound requests.
- Potentially added overall complexity by adding another moving part that needs its own configuration, monitoring, etc...
Trace a request through Linkerd #
- Service Routing: Linkerd applies dynamic routing rules to determine which destination the requester actually intended.
- Should the call be routed to service on the local cluster? a remote cluster? the current service version? the canary service? failover? etc...
- Of the available destination services in (1.), do client-side load balancing to choose the "best" one (by factoring together various health metrics).'
- Manage connection pools to each service. New connections must go through mTLS (mutual auth) handshake.
- Record request latency and error metrics for each service as we send them requests.
- Expose recorded service and request metrics for collection to a central aggregator.
Related FB projects #
- Proxygen
- ServiceRouter