Service Mesh. What does it mean? We have already learned Microservices and can develop complex distributed applications. Is Service Mesh something we need or is another fancy buzzword? This presentation walks through the evolution of application architecture from Monolith to Service Mesh to give an idea of what a Service Mesh is, how it is applied to existing architectures and is focused help you to understand if you really need it.

1. Service Mesh
Why? How? What?

2. Orkhan Gasimov
Digital Transformation Architect @ GlobalLogic
15 years of software engineering;
training & mentorship;
author of trainings about:
Microservices;
Spring Cloud;
Akka;
2Speaker

3. 3Agenda
What?

4. How?
4Agenda
What?

5. Why?
How?
5Agenda
What?

6. Evolution
From Monolith to Service Mesh

7. 7
App Server
Evolution
Monolith

8. 8
App Server
Module
Module
Module
Module
Evolution
Monolith

9. 9Evolution
App Server 1
Module
Module
Module
Module
App Server N
Module
Module
Module
Module
Monolith

10. 10Evolution
App Server 1
Module
Module
Module
Module
App Server N
Module
Module
Module
Module
Admin Server
Deployment & Configuration
Monolith

11. 11Evolution
Module
Module
Module
Module
Module
Module
Module
Module
Admin Server
Deployment & Configuration
Monolith

12. 12Evolution
Admin Server
Deployment & Configuration
App
App
App
App
App
App
App
App
Monolith

13. 13Evolution
App
App
App
App
App
App
App
App
Discovery & Configuration
Monolith Microservices

14. Microservices
Architecture

15. 15Monolith
Sales
Warehouse
Accounting
Discounts
Client

16. 16Service-Oriented
Sales
Warehouse
Accounting
Discounts
Client

17. Sales
Sales
17Scalability
Sales
Warehouse
Accounting
Discounts
Client

18. 18API Gateway
Sales
Sales
Sales
Warehouse
Accounting
Discounts
Client API Gateway

19. 19Service Discovery
Sales
Sales
Sales
Warehouse
Accounting
Discounts
Client API Gateway
Service
Registry

20. Users
Accounting
Warehouse
20Dynamic Coordination
Sales
Sales
Warehouse
Accounting
Discounts
Client API Gateway
Service
Registry

21. 21Evolution
App
App
App
App
App
App
App
App
Discovery & Configuration
Monolith Microservices
Discounts
Sales Warehouse
Accounting

22. 22Evolution
App
App
App
App
App
App
App
App
App
App
App App
App
App
App
App
App
App
App
App
Discovery & Configuration
Monolith Microservices

23. 23Evolution
App
App
App
App
App
App
App
App
App
App
App App
App
App
App
App
App
App
App
App
Server
Discovery & Configuration
Monolith Microservices

24. 24Evolution
App
App
App
App
App
App
App
App
App
App
App App
App
App
App
App
App
App
App
App
Server
Modules
Discovery & Configuration
Monolith Microservices

25. 25Evolution
App
App
App
App
App
App
App
App
App
App
App App
App
App
App
App
App
App
App
App
Server
Modules
Fn
Discovery & Configuration
Monolith Microservices

26. 26Evolution
App
App
App
App
App
App
App
App
App
App
App App
App
App
App
App
App
App
App
App
Server
Modules
Fn ?
Discovery & Configuration
Monolith Microservices

27. 27Evolution
App
App
App
App
App
App
App
App
App
App
App App
App
App
App
App
App
App
App
App
Server
Modules
Fn ?
Server
Modules
Fn ?
Server
Modules
Fn ?
Server
Modules
Fn ?
Server
Modules
Fn ?
Server
Modules
Fn ?
Server
Modules
Fn ?
Server
Modules
Fn ?
Discovery & Configuration
Monolith Microservices

28. 28Evolution
App
App
App
App
App
App
App
App
App
App
App App
App
App
App
App
App
App
App
App
Server
Modules
?
Server
Modules
?
Server
Modules
?
Server
Modules
?
Server
Modules
?
Server
Modules
?
Server
Modules
?
Server
Modules
?
Discovery & Configuration
Fn
Fn
Fn
Fn
Fn
Fn
Fn
Fn
Monolith Microservices

29. Data Microservices
Concept

30. 30Data Oriented
Processor

31. 31Data Oriented
Source Processor

32. 32Data Oriented
Source SinkProcessor

33. 33CQRS + Event Sourcing
Client API Gateway

34. 34CQRS + Event Sourcing
Client API Gateway
Command
Query

35. 35CQRS + Event Sourcing
Query
Command
Client API Gateway
Command
Query

36. 36CQRS + Event Sourcing
Query
Command
Client API Gateway
Service
Registry
Command
Query

37. 37CQRS + Event Sourcing
Query
Command
Client API Gateway
Service
Registry
Command
Query
DB DB

38. 38CQRS + Event Sourcing
Query
Command
Client API Gateway
Service
Registry
Command
Query
DB DB
Event
Store

39. 39CQRS + Event Sourcing
Query
Command
Client API Gateway
Service
Registry
Command
Query
DB DB
Event
Store
Event
Handler

40. 40CQRS + Event Sourcing
Query
Command
Client API Gateway
Service
Registry
Command
Query
DB
Event
Store
Event
Handler
DB
Fn Fn Fn

41. 41
Monolith
Evolution
App
App
App
App
App
App
App
App
Discovery & Configuration
Microservices
Q
u
e
r
y
C
o
m
m
a
n
d
C
l
i
e
n
t
A
P
I
G
a
t
e
w
a
y
S
e
r
v
i
c
e
R
e
g
i
s
t
r
y
C
o
m
m
a
n
d
Q
u
e
r
y
D
B
E
v
e
n
t
S
t
o
r
e
E
v
e
n
t
H
a
n
d
l
e
r
D
B
F
n
F
n
F
n

42. 42Evolution
App
App
App
App
App
App
App
App
Discovery & Configuration
Monolith Microservices

43. 43Evolution
Module
Module
Module
Module
Module
Module
Module
Module
Discovery & Configuration
Monolith PlatformMicroservices

44. 44Evolution
Module
Module
Module
Module
Module
Module
Module
Module
Discovery & Configuration
Distributed Platform
Monolith PlatformMicroservices

45. 45Evolution
Module
Module
Module
Module
Module
Module
Module
Module
Discovery & Configuration
Fn
Distributed Platform
Monolith PlatformMicroservices

46. 46Evolution
Module
Module
Module
Module
Module
Module
Module
Module
Discovery & Configuration
Fn
Client
Distributed Platform
Monolith PlatformMicroservices

47. 47Evolution
Module
Module
Module
Module
Module
Module
Module
Module
Discovery & Configuration
Fn
Client
Fn
Distributed Platform
Monolith PlatformMicroservices

48. 48Evolution
Module
Module
Module
Module
Module
Module
Module
Module
Discovery & Configuration
Fn
Client
Fn
?
Distributed Platform
Monolith PlatformMicroservices

49. 49Evolution
Module
Module
Module
Module
Module
Module
Module
Module
Discovery & Configuration
Fn
Client
Fn
?
? ?
Distributed Platform
Monolith PlatformMicroservices

50. 50Evolution
Module
Module
Module
Module
Module
Module
Module
Module
Discovery & Configuration
Fn
Client
Fn
?
? ?
HTTP
Distributed Platform
Monolith PlatformMicroservices

51. 51Evolution
Module
Module
Module
Module
Module
Module
Module
Module
Discovery & Configuration
Fn
Client
Fn
?
? ?
? ?
Distributed Platform
HTTP
Monolith PlatformMicroservices

52. 52Evolution
Module
Module
Module
Module
Module
Module
Module
Module
Discovery & Configuration
Fn
Client
Fn
?
? ?
? ?
Event
Bus
Distributed Platform
HTTP
Monolith PlatformMicroservices

53. 53Evolution
Module
Module
Module
Module
Module
Module
Module
Module
Discovery & Configuration
Fn
Client
Fn
?
? ?
? ?
Event
Bus
Distributed Platform
HTTP
Monolith PlatformMicroservices

54. 54Evolution
Module
Module
Module
Module
Module
Module
Module
Module
Discovery & Configuration
Fn
Client
Fn
?
? ?
? ?
Event
Bus
External
Apps
Distributed Platform
HTTP
Monolith PlatformMicroservices

55. 55Evolution
Module
Module
Module
Module
Module
Module
Module
Module
Discovery & Configuration
Fn
Client
Fn
?
? ?
? ?
Event
Bus
External
Apps
IoT
Distributed Platform
HTTP
Monolith PlatformMicroservices

56. 56Evolution
Module
Module
Module
Module
Module
Module
Module
Module
Discovery & Configuration
Fn
Client
Fn
?
? ?
? ?
Event
Bus
External
Apps
Cloud IoT
Distributed Platform
HTTP
Monolith PlatformMicroservices

57. 57
Monolith
Evolution
Module
Module
Module
Module
Module
Module
Module
Module
Discovery & Configuration
PlatformMicroservices
Distributed Platform
Fn
Client
Fn
?
? ?
? ?
Event
Bus
External
Apps
Polyglot
Cloud IoT
HTTP

58. Deep Dive
Development Effort

59. 59Microservices
Users
Accounting
Warehouse
Sales
Sales
Warehouse
Accounting
Discounts
Client API Gateway
Service
Registry

60. 60Cascading Calls
Sales Warehouse Accounting
Discounts

61. 61Cascading Calls
Sales Warehouse
Discounts
Accounting

62. 62Cascading Calls
Sales Warehouse
Discounts
Accounting

63. 63Circuit Breaker
Sales Warehouse
Discounts
AccountingCB
Fallback

64. 64Circuit Breaker
Sales Warehouse
Discounts
AccountingCB CB
CB

65. 65Circuit Breaker
Sales Warehouse
Discounts
AccountingCB CB
CB

66. 66Service Discovery (client side)
Sales Warehouse
Discounts
AccountingCB CB
CB
SDSDSD
SD
Service
Registry

67. 67Load Balancing (client side)
Sales Warehouse
Discounts
AccountingCB CB
CB
SDSDSD
SD
Service
Registry
LB LB

68. 68AuthN & AuthZ
Sales Warehouse
Discounts
AccountingCB CB
CB
SDSDSD
SD
Service
Registry
LB LB
Auth Server
Au Au Au
Au

69. 69Data Security
Sales Warehouse
Discounts
AccountingCB CB
CB
SDSDSD
SD
Service
Registry
LB LB
Auth Server
Au Au Au
Au
TLS TLS
TLS

70. Users
Accounting
Warehouse
70Microservices
Sales
Discounts
Sales
Warehouse
Accounting
Client API Gateway
Service
Registry
CB
CB
CB
CB
Auth Server
SD
SD
SD
SD
SD LB
LB
LB
Au
Au
Au
Au
Au

71. 71Development Effort
Au
Sales
Discounts
Warehouse
Accounting
API Gateway
Service
Registry
Auth Server
CB
LB
SD
TLS

72. 72Development + Infrastructure
Au
Sales
Discounts
Warehouse
Accounting
API Gateway
Service
Registry
Auth Server
CB
LB
SD
TLS

73. Service Mesh

74. 74Service vs Template
Sales
Sales
Instance 2
Sales
Instance 1
Sales
Instance N
...

75. 75Sidecar Proxy
Sidecar
Proxy
Service
Instance
Sidecar
Proxy
Service
Instance
Sidecar
Proxy
Service
Instance

76. 76Inter-Proxy Communication
Sidecar
Proxy
Service
Instance
Sidecar
Proxy
Service
Instance
Sidecar
Proxy
Service
Instance
Service
Instance
Sidecar
Proxy
Service
Instance
Sidecar
Proxy
Service
Instance
Sidecar
Proxy

77. 77Infrastructure Decoupling
Sidecar
Proxy
Service
Instance
Sidecar
Proxy
Service
Instance
Sidecar
Proxy
Service
Instance
Service
Instance
Sidecar
Proxy
Service
Instance
Sidecar
Proxy
Service
Instance
Sidecar
Proxy
Service
Registry
SD SD SD
SD SD SD

78. 78Infrastructure Decoupling
Sidecar
Proxy
Service
Instance
Sidecar
Proxy
Service
Instance
Sidecar
Proxy
Service
Instance
Service
Instance
Sidecar
Proxy
Service
Instance
Sidecar
Proxy
Service
Instance
Sidecar
Proxy
Service
Registry
Auth Server
SD SD SD
SD SD SD
A A A
A A A

79. 79Infrastructure Decoupling
Sidecar
Proxy
Service
Instance
Sidecar
Proxy
Service
Instance
Sidecar
Proxy
Service
Instance
Service
Instance
Sidecar
Proxy
Service
Instance
Sidecar
Proxy
Service
Instance
Sidecar
Proxy
Service
Registry
Auth Server TLS
SD SD SD
SD SD SD
A A A
A A A

80. 80Infrastructure Decoupling
Sidecar
Proxy
Service
Instance
Sidecar
Proxy
Service
Instance
Sidecar
Proxy
Service
Instance
Service
Instance
Sidecar
Proxy
Service
Instance
Sidecar
Proxy
Service
Instance
Sidecar
Proxy
Service
Registry
Auth Server TLS
CB CB CB
CB CB CB
SD SD SD
SD SD SD
A A A
A A A

81. 81Infrastructure Decoupling
Sidecar
Proxy
Service
Instance
Sidecar
Proxy
Service
Instance
Sidecar
Proxy
Service
Instance
Service
Instance
Sidecar
Proxy
Service
Instance
Sidecar
Proxy
Service
Instance
Sidecar
Proxy
Service
Registry
Auth Server TLS
CB CB CB
CB CB CB
LB LB LB
LB LB LB
A A A
A A A
SD SD SD
SD SD SD

82. 82Service Mesh
Service
Instance
Service
Instance
Service
Instance
Service
Instance
Service
Instance
Service
Instance
Service
Registry
Auth Server Service Mesh CBLBA SDT …
Sidecar Proxy Sidecar Proxy Sidecar Proxy
Sidecar Proxy Sidecar Proxy Sidecar Proxy

83. 83Service Mesh
Service
Instance
Service
Instance
Service
Instance
Service
Instance
Service
Instance
Service
Instance
Service
Registry
Auth Server Service Mesh CBLBA SDT …

84. • Resiliency
• Circuit Breaking
• Retries
• Timeouts
• Fault Handling
• Load Balancing
• Failover
84Service Mesh

85. • Resiliency
• Circuit Breaking
• Retries
• Timeouts
• Fault Handling
• Load Balancing
• Failover
• Service Discovery
85Service Mesh

86. • Resiliency
• Circuit Breaking
• Retries
• Timeouts
• Fault Handling
• Load Balancing
• Failover
• Service Discovery
• Routing
86Service Mesh

87. • Resiliency
• Circuit Breaking
• Retries
• Timeouts
• Fault Handling
• Load Balancing
• Failover
• Service Discovery
• Routing
• Security & Access Control
• TLS & key management
• Whitelists & Blacklists
87Service Mesh

88. • Resiliency
• Circuit Breaking
• Retries
• Timeouts
• Fault Handling
• Load Balancing
• Failover
• Service Discovery
• Routing
• Security & Access Control
• TLS & key management
• Whitelists & Blacklists
88Service Mesh
• Observability
• Metrics
• Monitoring
• Distributed Logging
• Distributed Tracing

89. • Resiliency
• Circuit Breaking
• Retries
• Timeouts
• Fault Handling
• Load Balancing
• Failover
• Service Discovery
• Routing
• Security & Access Control
• TLS & key management
• Whitelists & Blacklists
89Service Mesh
• Observability
• Metrics
• Monitoring
• Distributed Logging
• Distributed Tracing
• Deployment
• Container Support

90. • Resiliency
• Circuit Breaking
• Retries
• Timeouts
• Fault Handling
• Load Balancing
• Failover
• Service Discovery
• Routing
• Security & Access Control
• TLS & key management
• Whitelists & Blacklists
90Service Mesh
• Observability
• Metrics
• Monitoring
• Distributed Logging
• Distributed Tracing
• Deployment
• Container Support
• Communications
• HTTP
• WS
• gRPC
• TCP

91. Pros & Cons
Service Mesh

92. 92Pros & Cons
• Pros
• Solve common infrastructure cases
outside of the microservice code
• distributed tracing
• logging
• etc.

93. 93Pros & Cons
• Pros
• Solve common infrastructure cases
outside of the microservice code
• distributed tracing
• logging
• etc.
• Freedom of microservice tech stack
• no need to watch for libraries required for
distributed app development

94. 94Pros & Cons
• Pros
• Solve common infrastructure cases
outside of the microservice code
• distributed tracing
• logging
• etc.
• Freedom of microservice tech stack
• no need to watch for libraries required for
distributed app development
• Helps to focus on business logic

95. 95Pros & Cons
• Pros
• Solve common infrastructure cases
outside of the microservice code
• distributed tracing
• logging
• etc.
• Freedom of microservice tech stack
• no need to watch for libraries required for
distributed app development
• Helps to focus on business logic
• Cons
• Complexity & Extra Hops
• more runtime instances
• each service call has to go through sidecar

96. 96Pros & Cons
• Pros
• Solve common infrastructure cases
outside of the microservice code
• distributed tracing
• logging
• etc.
• Freedom of microservice tech stack
• no need to watch for libraries required for
distributed app development
• Helps to focus on business logic
• Cons
• Complexity & Extra Hops
• more runtime instances
• each service call has to go through sidecar
• Address a subset of problems
• still have to deal with complex cases like
complex routing, transformation and type
mapping, integration with other services
and systems

97. 97Pros & Cons
• Pros
• Solve common infrastructure cases
outside of the microservice code
• distributed tracing
• logging
• etc.
• Freedom of microservice tech stack
• no need to watch for libraries required for
distributed app development
• Helps to focus on business logic
• Cons
• Complexity & Extra Hops
• more runtime instances
• each service call has to go through sidecar
• Address a subset of problems
• still have to deal with complex cases like
complex routing, transformation and type
mapping, integration with other services
and systems
• Does not solve business logic or service
integration/composition related cases

98. 98https://kubedex.com/istio-vs-linkerd-vs-linkerd2-vs-consul/
Istio Linkerd Linkerd2 Consul Connect
Model Sidecar Node Agent Sidecar Sidecar
Platform Kubernetes Any Kubernetes Any
language Go JVM Go / Rust Go
Protocol
HTTP1.1 / HTTP2 / gRPC /
TCP
HTTP1.1 / HTTP2 / gRPC
HTTP1.1 / HTTP2 / gRPC /
TCP
TCP
Default Data Plane Envoy (supports others) Native Native Native (or Envoy)
Sidecar Injection Yes No Experimental No
Encryption Yes Yes Experimental Yes
Traffic Control
label/content based
routing, traffic shifting
Dynamic request routing,
traffic shifting, per request
routing
?
static upstream, prepared query,
http api / dns with native
integration
Resilience
timeouts, retries,
connection pools, outlier
detection
timeouts, retries, deadlines,
circuit breaking
? Pluggable
Prometheus Integration Yes Yes Yes No
Tracing Integration Jaeger Zipkin None Pluggable
Host to Host auth Service Accounts TLS Mutual Auth Experimental Consul ACL
Agent Caching Yes No No Yes
Secure connection outside
cluster
No Yes No Yes
Complexity High High Low Low
Paid Support No Yes Yes Yes
link https://istio.io/ https://linkerd.io/1/overview/ https://linkerd.io/2/overview/
https://www.consul.io/intro/getting-
started/connect.html

99. Summary
Service Mesh

100. 100Effort
Au
Sales
Discounts
Warehouse
Accounting
API Gateway
Service
Registry
Auth Server
CB
LB
SD
TLS

101. 101Effort
Au
Sales
Discounts
Warehouse
Accounting
API Gateway
Service
Registry
Auth Server
CB
LB
SD
TLS

102. 50% Dev Effort
102Service Mesh

103. 50% Dev Effort + 50% DevOps Effort
103Service Mesh

104. 50% Dev Effort + 50% DevOps Effort = 100% Distributed Effort
104Service Mesh

105. Thank You!
http://orkhan.io
http://fb.com/groups/reactive.distributed