Step By Step Procedure to AWS App Mesh Integration With EKS
Focus group
This post is aimed at engineers who are already familiar with microservices, Kubernetes, AWS, Amazon EKS.
Problem statement
With increasing microservices deployment on Kubernetes, Businesses will require a method of centralizing the discovery, management, and security of services independent of language, domain, or deployment model. This is the point where a service mesh comes into the picture.
Introduction to AWS Service mesh
A service mesh is a dedicated infrastructure layer that you can add to your applications. It allows you to transparently add capabilities like observability, traffic management, and security, without adding them to code. The primary goal here is to have service-to-service communication in a secure, fast, and reliable fashion.
In the above architecture, microservices frontend backend and Postgres interact with each other through envoy sidecar proxy.
Implementation of Service Mesh AWS
For the implementation, we are going to leverage Amazon EKS, AWS APP mesh.
Amazon EKS is a managed service used to run Kubernetes on AWS without any necessity for installation, operation, and maintenance for your own Kubernetes control plane or nodes.
AWS App Mesh helps to connect services, monitor the application’s network, and control the traffic flow. App Mesh standardizes how services communicate, giving end-to-end visibility and helping to ensure the high availability of your applications.
The App Mesh gives you consistent visibility and network traffic controls for every service in an application.
Overview of AWS App Mesh
Components:
- Service Mesh: Acts as a logical boundary for network traffic between the microservice that resides within it.
- Virtual Node: A virtual node acts as a logical pointer to a task group comprising ECS service or a Kubernetes deployment / EC2 instance.
- Virtual Service: Virtual services are virtual pointers of a real service provided by a virtual node directly or indirectly by means of a virtual router. One virtual service calls another virtual service by VirtualServiceName. Virtual services can have only one Virtual Node pointing to the application, or multiple Virtual Nodes pointing to different versions of the application.
- Virtual routes: Within mesh a Virtual router will handle traffic for one or more virtual services. We can have associated routes for virtual routers that direct incoming requests to different virtual nodes.
- Virtual Gateway: Allows to specify ingress rules for traffic that comes into the internal components of the mesh. Virtual gateway provides us the ability to define the path of the inbound/north-south traffic. A Virtual gateway represents an envoy proxy running in an Amazon ECS / Kubernetes service/ Amazon EC2 instances.
Architecture Diagram
The below architecture depicts a high-level representation of a sample application with integration on app mesh on EKS.
App Mesh With EKS
We are going to create AWS App Mesh components and deploy them using a sample application. After placing the sample app into a service mesh.
Application components include:
- A frontend is responsible for vending the frontend code to the browser.
- A backend that reads and writes from Postgres backend database (Postgres).
Meshify the Application
To create the App Mesh resources and add the application into a Mesh, we need to install the AWS App Mesh Controller. This controller allows configuring App Mesh resources using kubectl. Once completed, the resulting setup looks as follows:
The above architecture diagram details the step-by-step procedure of implementing Meshify the application.
To get more Kubernetes-related content please follow the blog and comment below if there are any queries related to the AWS app mesh implementation.
About CloudThat
CloudThat is a house of All-Encompassing IT Services on Cloud offering Multi-cloud Security & Compliance, Cloud Enablement Services, Cloud-Native Application Development, OTT-Video Tech Delivery Services, Training and Development, and System Integration Services,. Explore our consulting and expert advisory services here.
Informative