- Service Mesh and API Gateways
- Tools For Evaluating Service Meshes
- Consul Service Mesh
- Linkerd Service Mesh
- Maesh Service Mesh
- Traffic Director (Google’s Service Mesh)
- Envoy Proxy Service Mesh
- Istio Service Mesh
- Open Service Mesh
- AWS App Mesh
- NGINX Service mesh
- infoq.com: Service Mesh Ultimate Guide: Managing Service-to-Service Communications in the Era of Microservices
- deloitte.com: Service Mesh en arquitecturas de microservicios
- Service meshes to the rescue: Load balancing and scaling long-lived connections in Kubernetes
- blog.christianposta.com: Do I Need an API Gateway if I Use a Service Mesh?
- thenewstack.io: Service Mesh Adds Security, Observability and Traffic Control to Kubernetes
- lucperkins.dev: Service mesh use cases
- thenewstack.io: Zero-Trust Security with Service Mesh
- solo.io: Identity Federation for Multi-Cluster Kubernetes and Service Mesh
- cncf.io: Service Mesh Is Still Hard
- medium: Part 1 — Why Red Hat Openshift Service Mesh? 🌟
- openshift.com: Introducing OpenShift Service Mesh 2.0 🌟
- weave.works: Introduction to Service Meshes on Kubernetes and Progressive Delivery 🌟
- rancher.com: Using Hybrid and Multi-Cloud Service Mesh Based Applications for Distributed Deployments Service Mesh addresses the communication requirements typical in a microservices-based application, including encrypted tunnels, health checks, circuit breakers, load balancing and traffic permission. Leaving the microservices to address these requirements leads to an expensive and time consuming development process. In this blog, we’ll provide an overview of the most common microservice communication requirements that the Service Mesh architecture pattern solves.
- thenewstack.io: Offloading Authentication and Authorization from Application Code to a Service Mesh
- thenewstack.io: How a Service Mesh Can Help DevOps Achieve Business Goals
- thenewstack.io: Mutual TLS: Securing Microservices in Service Mesh
- medium: Service Mesh with Istio
- rancher.com: Using Hybrid and Multi-Cloud Service Mesh Based Applications for Distributed Deployments. Get Hands-On with Rancher, Kong and Kong Mesh 🌟
- Service Mesh is an emerging architecture pattern gaining traction today. Along with Kubernetes, Service Mesh can form a powerful platform which addresses the technical requirements that arise in a highly distributed environment typically found on a microservices cluster and/or service infrastructure. A Service Mesh is a dedicated infrastructure layer for facilitating service-to-service communications between microservices.
- Service Mesh addresses the communication requirements typical in a microservices-based application, including encrypted tunnels, health checks, circuit breakers, load balancing and traffic permission. Leaving the microservices to address these requirements leads to an expensive and time consuming development process.
- Kong provides an enterprise-class and comprehensive service connectivity platform that includes an API gateway, a Kubernetes ingress controller and a Service Mesh implementation. The platform allows customers to deploy on multiple environments such as on premises, hybrid, multi-region and multi-cloud.
- cloudops.com: Comparing Service Meshes: Istio, Linkerd, Consul Connect, and Citrix ADC
- platform9.com: Kubernetes Service Mesh: A Comparison of Istio, Linkerd and Consul
- opensource.com: Why you should care about service mesh Service mesh provides benefits for development and operations in microservices environments.
- containerjournal.com: When Is Service Mesh Worth It?
- thenewstack.io: Service Meshes in the Cloud Native World
- koyeb.com: Service Mesh and Microservices: Improving Network Management and Observability
- thenewstack.io: Accelerate Kubernetes Adoption with a Service Mesh
- toptal.com: A Kubernetes Service Mesh Comparison 🌟
- nginx.com: How to Choose a Service Mesh 🌟
- cncf.io: Networking with a service mesh: use cases, best practices, and comparison of top mesh options
- layer5.io: The Service Mesh Landscape 🌟🌟 Comparison of Service Mesh Strengths
- blog.polymatic.systems: Service Mesh Wars, Goodbye Istio After using Istio in production for almost 2 years, we’re saying goodbye to it. Learn why, as well as the current state of the Service Mesh Wars.
- thenewstack.io: Secure Your Service Mesh: A 13-Item Checklist
- infoq.com: Adoption of Cloud Native Architecture, Part 3: Service Orchestration and Service Mesh
- infoq.com: Service Mesh Ultimate Guide - Second Edition: Next Generation Microservices Development
Service Mesh and API Gateways¶
- medium: The Roles of Service Mesh and API Gateways in Microservice Architecture 🌟
- medianova.com: Service Mesh vs. API Gateway
Tools For Evaluating Service Meshes¶
- Meshery.io: Open source tool for evaluating and contrasting service meshes
Consul Service Mesh¶
- medium: Consul in Kubernetes — Pushing to Production
- medium: HashiCorp Consul: Multi-Cloud and Multi-Platform Service Mesh
- hashicorp.com: Get Started with Consul Service Mesh on Kubernetes 🌟
- HashiCorp Consul Ingress Gateways and L7 Traffic Management in Kubernetes Learn about the advanced features of HashiCorp’s Consul service mesh that are valuable to both infrastructure operators and developers.
- hashicorp.com: HashiCorp Consul Ingress Gateways and L7 Traffic Management in Kubernetes 🌟
- learn.hashicorp.com: Consul Service Mesh on Kubernetes Design Patterns
- hashicorp.com: Disaster Recovery for HashiCorp Consul on Kubernetes 🌟 See the recovery steps to protect your data and secrets during an extended outage using Kubernetes and HashiCorp Consul.
- medium: A Practical Guide to HashiCorp Consul — Part 1 🌟
- Fabio Load Balancer 🌟 fabio is a fast, modern, zero-conf load balancing HTTP(S) and TCP router for deploying applications managed by consul. Register your services in consul, provide a health check and fabio will start routing traffic to them. No configuration required. Deployment, upgrading and refactoring has never been easier.
- hashicorp.com: Getting Started with HCP Consul: Frequently Asked Questions
Linkerd Service Mesh¶
- Announcing Linkerd 2.8: simple, secure multi-cluster Kubernetes
- cncf.io: Kubernetes network policies with Cilium and Linkerd
- cncf.io: Protocol detection and opaque ports in Linkerd
- thenewstack.io: Linkerd 2.0: The Service Mesh for Service Owners, Platform Architects, SREs
- cncf.io: Why Linkerd doesn’t use Envoy
- linkerd.io: Multi-cluster communication This guide will walk you through installing and configuring Linkerd so that two clusters can talk to services hosted on both.
- linkerd.io: Benchmarking Linkerd and Istio
- nais.io: Changing Service Mesh How we swapped Istio with Linkerd with hardly any downtime
- linkerd.io: Announcing Linkerd’s Graduation
- containerjournal.com: Linkerd’s CNCF Graduation Due to its Simplicity
“Installed @Linkerd in staging yesterday using Helm and Terraform. It was incredibly easy to setup and immediately helped me diagnose tricky latency issues between services. I have no idea why I didn’t do this sooner. Can’t wait to get this into production.”
Maesh Service Mesh¶
Traffic Director (Google’s Service Mesh)¶
- Traffic Director overview
- Google Cloud’s Traffic Director — What is it and how is it related to the Istio service-mesh?
- Google Traffic Director and the L7 Internal Load Balancer Intermingles Cloud Native and Legacy Workloads
- infoq.com: Introducing Traffic Director: Google’s Service Mesh Control Plane
- Traffic Director and gRPC—proxyless services for your service mesh
Google L7 Internal Load Balancer¶
Envoy Proxy Service Mesh¶
- Examining Load Balancing Algorithms with Envoy
- solo.io: Why the control plane matters. Control planes are different than data planes. Separating the control plane from data plane 🌟
- ekglue - Envoy/Kubernetes glue Glue the Kubernetes API to Envoy’s xDS APIs
xDS protocol (Envoy’s Discovery Service Protocol)¶
- xDS REST and gRPC protocol
- “The gRPC project is adding support for the xDS protocol, think Envoy Proxy as a library, which will provide a subset of functionality without an external proxy. 🤯 The best part, xDS based control planes such as Istio, Traffic Director, and Consul Connect should just work.” Kelsey Hightower
Istio Service Mesh¶
Open Service Mesh¶
- Kourier: A lightweight Knative Serving ingress
- https://github.com/knative/net-kourier : Kourier is an Ingress for Knative Serving. Kourier is a lightweight alternative for the Istio ingress as its deployment consists only of an Envoy proxy and a control plane for it.