The Service Mesh Model

By: Ariful Huq 01.30.2019
The Service Mesh Model

As developers have began the move towards a microservices model, the concept of the service mesh has evolved. The service mesh is a distributed system, with multiple components. To operationalize this model, when you deploy microservices in a public network or private cloud network, you require tools that allow you to determine performance between application components (tracing components). These tools also need to give you an idea of the number of HTTP requests, latency loss, and other characteristics.

First and foremost, a service mesh helps to identify critical information surrounding a bad user experience: Where is this experience coming from? Is it my load balancer, or is it actually a problem between my microservices?

Secondly, as you also have a number of distributed components, you need to encrypt between all of these. The service mesh technologies out there allow you to enable encryption across all of your key application components.

And lastly, service meshes define the policy management: the authentication, authorization of all these components. Ultimately, they allow the developers and companies that are deploying microservices to operationalize this at scale, because these are all the problems that they encounter.

Performance and Encryption Authorization

The service mesh is often described as an application that allows for services to discover – and keep track of – each other. In addition, the service mesh also provides a performance and encryption authorization layer.

Performance comes from what is referred to as observability. This refers to the ability to visualize what’s actually happening in a complex distributed system environment and then implement authorization, as well as encryption.

Aporeto takes our authentication authorization; the principles around authentication authorization or a Zero Trust infrastructure and the policy mesh capability, and offers that across the heterogeneous environment. So, whether you have an application that’s sitting in the service mesh environment and with dependencies on any other type of environment, Aporeto is able to offer the policy management and the authentication authorization policies that you need to establish across all these.

When your information security team are responsible for managing components for these applications, this centralized way to manage policies is critical. That’s what Aporeto brings to the table.


Recent Posts Aporeto Launches New Identity Federation Capabilities for Kubernetes Pods & Istio Service Mesh, Delivering Security as Code to Accelerate DevSecOps Easy Application Network Encryption and Access Control Without Re-coding Your Application Aporeto Named to 2019 CNBC Upstart 100 List of Most Promising Start-Ups