Shulou(Shulou.com)06/01 Report--

I would like to share with you an example analysis of the comparison of six major service grid tools on the Internet. I believe most people don't know much about it, so share this article for your reference. I hope you will learn a lot after reading this article. Let's take a look at it!

Service grid (Service mesh) is not a new concept, but it implements the connection of micro-services running on Kubernetes as a containerization platform, which makes the idea of service grid more popular. If there is no service grid, each microservice needs to be configured to receive (or send) connections to other microservices that need to communicate with it, but the service grid completely changes that.

Instead of manually configuring and investing a lot of time and effort to maintain connections between microservices, developers can now create a grid that allows microservices to communicate reliably, controllably, and securely. Kubernetes and service grid interact with each other, mainly because using service grid can implement more complex containerization architecture without increasing workload.

Therefore, there are many ways to build a service grid at the top level of Kubernetes. In this article, we will compare some of the tools you can use to build a service grid, and you can learn about their strengths and weaknesses and choose the one that works best for you.

Perfect fit with AWS environment: AWS App Mesh

Official website: https://aws.amazon.com/app-mesh/

Since many Kubernetes-based applications and microservices now run in the Amazon Web Services environment, it's hard not to talk about AWS App Mesh. As the name implies, AWS App Mesh is Amazon's own service grid used to create a service grid layer for Amazon services.

As an Amazon product, AWS App Mesh uses proprietary technology that combines Envoy as its service agent. AWS App Mesh connects services in the same namespace by creating virtual services. Every microservice in your AWS environment can find a virtual service and use it to communicate with other microservices.

The seamless integration of AWS App Mesh with other services, such as EKS, Fargate, and EC2, is its strongest advantage, but there are some limitations in using App Mesh. First of all, you cannot migrate App Mesh externally or use this service in a multi-cloud setting.

App Mesh also uses CloudWatch and AWS X-Ray to manage the service grid, which means you can have complete control of the layer without leaving the motherboard. Features such as support for mTLS and advanced load balancing are also available in App Mesh, but it does not support authentication rules.

The most popular service grid tool: Istio

Official website: https://istio.io/latest/zh/

Istio is probably the most popular Kubernetes services grid tool, originally developed by Lyft but later developed jointly by Lyft, Google, and IBM. Given that the company behind Kubernetes is Google, it's not surprising that Istio is widely used in many deployment types.

Like App Mesh, Istio uses Envoy as its service proxy, but it does not restrict you to use Envoy as the only ingress controller. What makes Istio unique is that it provides great flexibility. You can use Istio for other containerized platforms, but its seamless interface with Kubernetes makes it more useful.

For example, Istio supports mesh extensions and multi-cloud grids, both of which are not available in App Mesh and other service grid tools. Istio can also handle traffic access control and load balancing as if it were built to perform these tasks. It even supports fault injection and delay injection.

The only drawback to using Istio is that you may be overwhelmed by the functionality it provides. If you have enough resources to use Istio to process the service grid layer, this tool has the potential to simplify the most complex micro-service architecture through its functionality.

Independent service grid tool: Linkerd

Official website: https://linkerd.io/

When Linkerd released version 2.x, it was already a very popular service grid tool. The new version has been welcomed by the Kubernetes community, and its 2.7.1 stable version has been released by mid-April 2020. It is built entirely as an independent service grid tool, so it does not rely on third-party tools such as Envoy to manage, and it even includes linkerd-proxy as a service proxy.

Recent upgrades also include improvements to dashboard and visualization of traffic splits deployed for canaries. This makes it an excellent tool for real-time monitoring and orchestration of canary and blue-green deployments.

While remaining independent, Linkerd also maintains a high degree of compatibility with Ingress controller. In fact, Linkerd can work with any Ingress controller you use, making it the most flexible in this respect. A simple linkerd inject command allows the service grid to integrate with your application.

Linkerd2 is also highly optimized and takes only 60 seconds to install. If you are looking for a service grid tool that will bring the best performance, then Linkerd is something you can consider trying. As a non-intrusive service grid tool, Linkerd does not require a lot of optimization after deployment. Out-of-the-box configurations are sufficient to support complex micro-service architectures and prevent major tools. Linkerd enhances the security of the application through mutual TLS (mTLS) encryption.

Linkerd is also a tool developed specifically for Kubernetes. It may not support the creation of multi-cloud and multi-cluster grids, but this does not diminish its ability to serve as a service grid layer for Kubernetes instances. In addition, it can also be used with OpenCensus, making tracking and management very easy.

The youngest service grid tool: Kuma

Official website: https://kuma.io/

Kuma uses Envoy as a service proxy and supports any ingress controller. This is very similar to Consul Connect (a tool we'll cover later), but Kuma also has its own refreshing features. And these new ideas may be because Kuma is the latest tool in this list.

Don't be fooled by the young age of Kuma, which is not only ready for production, but also has the functionality of the service grid tool you expect. It supports all OpenTracing-compatible backends and allows you to use external CA certificates when needed. However, there are some imperfections in this tool-some functions are missing.

At present, there is no way to segment traffic based on path or request header in Kuma. It also does not support features such as traffic access control and metrics. These features may be introduced in subsequent releases, but now you have to manually create proxy templates to make up for the lack of these features.

However, Kuma is very promising as a service grid tool. Although it is only version 0.4.0 at present, its developers pay close attention to the opinions of the community and are willing to meet the requirements of users. From this dimension, this tool is undoubtedly very competitive.

The most suitable service grid for Consul environment: Consul Connect

Official website: https://www.consul.io/

Consul Connect, introduced by HashiCorp, can work with Envoy and various other service agents, as well as with any ingress controller, making it one of the easiest tools to integrate into existing Kubernetes clusters.

Consul Connect can work seamlessly in any Consul environment, but it can only work in a Consul environment. Although the service grid tool provides many convenient features, it is designed to be used with other HashiCorp products. However, these tools are widely used.

Everything from TCP to gRPC is supported, and this tool can be used along with Kubernetes, VM, and even Nomads. Grid extension is also fully supported, so you can have an environment that spans multiple cloud services and clusters, and still have a powerful service grid layer that supports micro-services.

One aspect of Consul Connect that needs to be improved is monitoring. However, you can also integrate other monitoring tools to get logs and metrics for each route. You can even integrate tools such as Prometheus and Grafana to visualize your monitoring data. Then you just need to extract the data from your service agent.

Envoy Proxy

These service mesh tools are basically designed as Envoy as service proxies. Compared with other edge proxy tools, Envoy does have some advantages, of which advanced load balancing is the most prominent advantage.

Automatic retry, regional local load balancing, request shadowing and other features allow you to configure traffic load balancing for maximum performance. On the other hand, high observability makes Envoy the perfect solution for maintaining networks that support powerful architectures.

Of course, these tools have a main goal: to create a cloud architecture in which microservices can communicate with each other in a reliable and secure manner. The good news is that no matter which tool you use, you can achieve this goal.

The above is all the contents of the article "sample Analysis of the comparison of six Service Grid tools on the Internet". Thank you for reading! I believe we all have a certain understanding, hope to share the content to help you, if you want to learn more knowledge, welcome to follow the industry information channel!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.