Microservices are great for DevOps, but the service-to-service communication these architectures depend on are complex to run and manage at production scale. Enter service mesh: the best way for enterprises to scale, secure and monitor apps. A service mesh is a dedicated infrastructure layer enabling service-to-service communication to be quick, secure and reliable. If you’re building cloud-native applications, you need a service mesh.
After talking to development and operations teams it became clear that microservices are great for development velocity, but the complexity and risk in these architectures lies in the service-to-service communication that microservices depend on. Service mesh is an application-first approach to provide a communication fabric for microservices, giving DevOps teams the flexibility and autonomy they desire while providing the policy, visibility and insights into their microservice environment that operations teams demand for production-grade applications.
A service mesh provides a robust microservice communication fabric to enable the best possible path to scaling containerized apps whether in the data center or in the cloud (or both). There has also been a recent emergence of enterprise-grade meshes to address the needs and complexity of enterprise production environments. A service mesh needs to do more than just scale apps; it also needs to monitor and secure them. A supported infrastructure allows DevOps teams the flexibility and autonomy they desire while providing the policy, visibility and insights into microservices that operations teams demand for production-grade applications.
Advantages of a Service Mesh
Think about your plans for microservices. Maybe you plan to have 10, 50, 100 or 1000’s of services running in your Kubernetes cluster. How do you get all of those services in your new microservice and container environments in an efficient, uniform way?
Do you know who is talking to whom and if they are allowed to? Is that communication secure? How do you debug something when it goes down? How do you add tracing or logging without touching all of your applications? Do you know what the performance or quality impacts of releasing a new version of one of those services is on the upstream and downstream services?
A service mesh helps answer those questions. As a transparent infrastructure layer that is inserted between your microservice and the network, it gives you a single point in the communication path of your applications to insert services and gather telemetry. You can do this without requiring changes to your applications.
2018: The Year of the Service Mesh
The concept of service mesh is relatively new. In fact, until 2018 was declared “The Year of the Service Mesh” at KubeCon in December 2017, most people had never heard of a service mesh. There are now several open source offerings such as Istio, and several companies building out supported meshes to take the burden out of managing microservices. It will be interesting to see how a service mesh enables organizations to further capitalize on containers and microservices.