More and more articles and videos are popping up over the internet around micro-services. It’s almost like discovering a new hobby. It’s still fairly common to see monolith applications though. A monolith is not always a bad situation depending on the code quality/maintenance and the personnel (especially on the developers and operations side).
Tired of solving the same problems?
In micro-services projects, there are always general common problems (scalability, security, etc.) and there many options, from integrating existing components/libraries/platforms or doing it yourself.
A service mesh could help with those “general considerations” that you pretty much deal with constantly.
To put it in simple words, a service mesh allows leveraging a platform for things that you would either code or import into your applications/infrastructure (logging, discovery, authentication, metrics, etc.).
“new micro-service project -> similar general problems to solve, but variations around infrastructure, software and architecture decisions”
Enter Istio, a service mesh
Istio is “an open platform to connect, manage and secure micro-services”. I experimented with Istio early this year on Minikube. The documentation was more or less OK and I managed to try what I needed. In the future, accordingly to the project and the team, Istio could be a strong candidate on my list for a service mesh, within a Kubernetes environment. There are still several corporations using their own in-house solutions that will never be open-sourced, for big software companies it’s no big deal.
Towards simpler approaches
While there are alternatives to Istio, from easier to more complex (Linkerd, etc.), I think that service mesh implementations should aim to be “dead simple”. Flexibility and pluggability is often the key.
Often, I prefer flexibility over features, especially when I encounter “good” features that I cannot customize declaratively or via hooks over a simple protocol. As long as I can “register” my own “component” via some API (REST, grpc or whatever) without being forced to write some Go code, I’m a happy customer. Built-in features are sometimes limited to simplistic use-cases, “perceived as useful and fairly common”.
Presentation
Sometimes you may not need/want a full blown service mesh. In this Youtube video, I’m showing a possible evolution of a sidecar “authentication component”, acting as a security proxy for a micro-service.
