The IT industry has gone through a significant transformation over the past decade. The companies have started embracing the DevOps approach, cloud-native technologies/tools, monolithic applications getting redesigned into microservices, etc. While adopting microservices has its own advantages, it also poses complexities and security risks that need to be addressed. For example, as a startup, it might seem very easy initially with the microservices architecture and small teams working on each service, but when the number of microservices grow along with the company, the inner and outer communications between services becomes complex. This is where API Gateways and service meshes come into play.
In this article, we will see both these topics in detail and try to understand the important similarities, differences, and when to use them.
API management and API Gateways were used as a primary technology for modern API use cases in data centers, services communication inside and outside, scaling of microservices, etc. API management has evolved to a great extent in recent times. When you employ microservices and when they scale, the number of application endpoints explode significantly. Every single endpoint is required to be secured and managed correctly. It is a huge task for developers and takes most of their time without APIs. API management helps in securing these endpoints appropriately.
API gateways are used to manage, transform, and secure APIs. They sit between the public-facing network and the back-end servers. The gateway can be configured to provide custom policies, authentication, logging, or monitoring for the APIs.
Consider a banking app created with various microservices working together but performing different tasks. When a user wants to see his/her account details, one microservice will search for this particular user’s data, and the other microservice shows the user’s data on the dashboard as a webpage. While both of these microservices get triggered when a user wants to see his/her account information, there needs to be an intermediary that can help this process to go in order and smoothly.
Here, an API Gateway serves as a gatekeeper that accepts the requests from outside, forwards the requests to the right microservices responsible, and sends the information back to the user.
Service mesh is an architecture that enables the management of service to service communication by implementing features like tracing, traffic management, monitoring, etc. In addition, service meshes can also provide observability for microservices architecture. In simple words, a service mesh is a protective layer for microservices in an application. It provides developers with observability and traffic management capabilities that were previously inaccessible.
Service meshes dramatically enhance service-to-service connectivity by making the network requests more robust, secure, and observable.
Even before the concept of the service mesh, the application and security teams used to implement network traffic policies, communication policies, security, observability, tracking, and error handling between microservices to enhance the connectivity of any outbound — or inbound — network requests that the application would either make or receive.
The teams used to implement these capabilities by writing more code in their services. Then different teams would write similar code to implement the same thing in different languages for compatibility. This creates more fragmentation and security risks for network connectivity. Service meshes remove these risks by completely outsourcing the network management.
When you see the overview, it looks like both do a similar job and have the same functionalities. But, the truth is they differ fundamentally in their focus, the differences we have already listed above. Even though API Gateway is still considered a most sought-after technology, service mesh technologies are suddenly evolving and are starting to take on some of the functionalities of an API gateway.
The enterprises benefit from using both API Gateway and service mesh at the same time. An API gateway can be used to simplify the way the application manages and handles external requests and traffic; a service mesh can be employed along with it in securely streamlining internal communication.
An API gateway may send a request that is coming from outside to a particular microservice, and from there, a service mesh acts upon in redirecting that request to another microservice internally in a secured fashion. Thus, having both an API Gateway and a service mesh is always a good option, so you get the best from both the world. But that doesn’t mean you have to use both of them and it is a must; you can use either of them according to your requirements. You can use either of them independently.
There are many offerings for service mesh; some of the notable ones include Istio, LinkerD, Consul Connect, Kuma, Maesh, AWS App Mesh, etc.
Microservices adoption and container technology are growing rapidly in the cloud-native space. This means the enterprises need more advanced traffic management and a secured communication mechanism between services, which is only possible with service meshes.
Service mesh becomes very important,
Which Service Mesh to use?
Although Istio is becoming a defacto standard service mesh, there are others that might easily solve your problems. Hence, there is no single and right or wrong answer to this question. Instead, you need to choose your service mesh depending on your current requirements, challenges, skills, and resources.
The cloud-native landscape is changing rapidly, service meshes have become an essential component of the modern cloud-native stack. Enterprises should invest themselves and experiment with these new technologies to solve their modern problems. Service meshes, like all other technologies, solve major issues that arise with adopting a microservices architecture. Since most organizations are embracing the microservices architecture towards their cloud-native journey, it becomes evident that service meshes will soon become a norm in every organization’s technology stack.
723
943
898
18 K
Canada
#401 68 Water Street, Vancouver, BC, V6B 1A4
4370 Dominion St, #601, Burnaby, BC, V5G 4L7
32615 S Fraser Way, #104 Office 1226, Abbotsford, BC, V2T 1X8
330 5 Ave SW Calgary Place, Suite 1800 Calgary, AB, T2P 0J4
Cloud Architecture Design
Cloud Security
Hybrid Cloud
COVID-19 Services
Cloud Migration
Cloud Consulting
2020 Copyright © by Cloud Architects, a division of Podium Catchers Consultant. all rights reserved.