Service Meshes and SMI Demystified
- Microservices are about communicating through APIs!
- A service mesh defines the communication interface between microservices.
- In an orchestrated environment (Kubernetes), containers talk to each other on top of overlay networking.
- Service mesh is a central source of truth for controlling the information flow between microservices.
- Mesh enables both the scalability benefits of microservices as well as centralized advantages of monoliths.
- Service meshes come with built-in observability (logging, metrics, and tracing) for microservices communications.
- Service meshes have built-in support for resiliency features (retries, timeouts, deadlines, and circuit breaking).
- They also have capabilities such as east-west routing, access control, mTLS, smart load balancing, etc.
- Data plane refers to the layer allowing data to move between microservices and is implemented using sidecars.
- A sidecar is an auxiliary container running side-by-side of the main container in your pod.
- Microservices (main containers) communicate to each other through these sidecar containers.
- Data plane does things like service discovery, routing, load balancing, health checking, authn and authz.
- Control plane refers to the layer defining communication rules between microservices.
- Control plane provides configurations and rules for all running data planes in the mesh.
- Service mesh interface (SMI) defines a standard API for different services meshes, so they can interoperate.
- Istio, Linkerd, and Consul are service meshes adopted widely.